From e21288c20121183bf1fea3747279242ebbee4f52 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sat, 14 May 2005 21:13:46 +0000 Subject: [PATCH] r134: - Fixed a problem where the bug fetcher would fetch the wrong bug because of a wrong ID passed from the $attachment[] array - Added edit/update attachment methods --- attachment.php | 29 ++++++++++++++++++++++++----- templates/default/editattach.tpl | 16 ++++++++++++++++ 2 files changed, 40 insertions(+), 5 deletions(-) create mode 100644 templates/default/editattach.tpl diff --git a/attachment.php b/attachment.php index bbeb0b2..61e915b 100755 --- a/attachment.php +++ b/attachment.php @@ -12,7 +12,7 @@ $fetchtemplates = array( 'newattach', - //'editattach' + 'editattach' ); require_once('./global.php'); @@ -27,7 +27,7 @@ if (isset($bugsys->in['attachmentid'])) } } -$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid'])); +$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : intval($bugsys->in['bugid']))); if (!$bug) { echo 'alert: bad bug'; @@ -79,7 +79,7 @@ if ($_POST['do'] == 'insert') exit; } - // put some MIME-type validation here + // #*# put some MIME-type validation here if (!$bugsys->in['description']) { @@ -166,14 +166,33 @@ if ($_REQUEST['do'] == 'add') if ($_POST['do'] == 'update') { - // run code to update item in database + if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach')))) + { + echo 'alert: no permssion'; + exit; + } + + $db->query(" + UPDATE " . TABLE_PREFIX . "attachment + SET description = '" . $bugsys->in['description'] . "', + obsolete = " . intval($bugsys->in['obsolete']) . " + WHERE attachmentid = " . intval($bugsys->in['attachmentid']) + ); + + echo "attachment updated"; } // ################################################################### if ($_REQUEST['do'] == 'edit') { - // display form to edit item + if (!(can_perform('caneditattach') OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach')))) + { + echo 'alert: no permssion'; + exit; + } + + eval('$template->flush("' . $template->fetch('editattach') . '");'); } /*=====================================================================*\ diff --git a/templates/default/editattach.tpl b/templates/default/editattach.tpl new file mode 100644 index 0000000..e185c18 --- /dev/null +++ b/templates/default/editattach.tpl @@ -0,0 +1,16 @@ +
+ + + +
Attachment: View [$attachment[filename]]
+ +
Bug: $bug[summary] (bugid: $bug[bugid])
+ +
Description:
+ +
Obsolete: checked="checked" />
+ + + + +
\ No newline at end of file -- 2.43.5