From 18e93f46330e29c0dd8defc196c026adbed50c2f Mon Sep 17 00:00:00 2001
From: Robert Sesek <rsesek@bluestatic.org>
Date: Sat, 14 May 2005 00:52:39 +0000
Subject: [PATCH] r123: Attachment viewing code has been moved to
 viewattachment.php so we don't get it confuzzeled with the insert/update/kill
 code.

---
 attachment.php                              | 45 ++---------------
 templates/default/showreport_attachment.tpl |  2 +-
 viewattachment.php                          | 53 +++++++++++++++++++++
 3 files changed, 58 insertions(+), 42 deletions(-)
 create mode 100755 viewattachment.php

diff --git a/attachment.php b/attachment.php
index d5539db..a4f6c22 100755
--- a/attachment.php
+++ b/attachment.php
@@ -29,20 +29,11 @@ if (isset($bugsys->in['attachmentid']))
 	}
 }
 
-// ###################################################################
-
-if (empty($_REQUEST['do']))
-{
-	$_REQUEST['do'] = 'modify';
-}
-else
+$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
+if (!$bug)
 {
-	$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
-	if (!$bug)
-	{
-		echo 'alert: bad bug';
-		exit;
-	}
+	echo 'alert: bad bug';
+	exit;
 }
 
 // ###################################################################
@@ -187,34 +178,6 @@ if ($_REQUEST['do'] == 'edit')
 	// display form to edit item
 }
 
-// ###################################################################
-
-if ($_REQUEST['do'] == 'modify')
-{
-	if (!can_perform('cangetattach'))
-	{
-		echo 'alert: no permission';
-		exit;
-	}
-	
-	ob_clean();
-	ob_end_clean();
-		
-	if ($funct->fetch_extension($attachment['filename']) != 'txt')
-	{
-		header("Content-Disposition: inline; filename=$attachment[filename]");
-		header("Content-transfer-encoding: binary");
-	}
-	else
-	{
-		header("Content-Disposition: attachment; filename=$attachment[filename]");
-	}
-	header("Content-Length: " . strlen($attachment['attachment']));
-	header("Content-Type: $attachment[mimetype]");
-	
-	print($attachment['attachment']);
-}
-
 /*=====================================================================*\
 || ###################################################################
 || # $HeadURL$
diff --git a/templates/default/showreport_attachment.tpl b/templates/default/showreport_attachment.tpl
index 83596a4..77473d0 100644
--- a/templates/default/showreport_attachment.tpl
+++ b/templates/default/showreport_attachment.tpl
@@ -1,6 +1,6 @@
 	<tr>
 		<td>
-			<strong><a href="attachment.php?attachmentid=$attachment[attachmentid]" target="_blank"<if condition="$attachment['obsolete']"> style="text-decoration: line-through"</if>>$attachment[filename]</a></strong> posted by $attachment[user] ($attachment[date])
+			<strong><a href="viewattachment.php?attachmentid=$attachment[attachmentid]" target="_blank"<if condition="$attachment['obsolete']"> style="text-decoration: line-through"</if>>$attachment[filename]</a></strong> posted by $attachment[user] ($attachment[date])
 			<div style="font-size: 11px; font-color: grey">$attachment[description]</div>
 		</td>
 	</tr>
\ No newline at end of file
diff --git a/viewattachment.php b/viewattachment.php
new file mode 100755
index 0000000..ffac1df
--- /dev/null
+++ b/viewattachment.php
@@ -0,0 +1,53 @@
+<?php
+/*=====================================================================*\
+|| ################################################################### ||
+|| # BugStrike [#]version[#]
+|| # --------------------------------------------------------------- # ||
+|| # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
+|| # This file may not be reproduced in any way without permission.  # ||
+|| # --------------------------------------------------------------- # ||
+|| # User License Agreement at http://www.iris-studios.com/license/  # ||
+|| ################################################################### ||
+\*=====================================================================*/
+
+ob_start();
+
+require_once('./global.php');
+
+$attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . intval($bugsys->in['attachmentid']));
+if (!$attachment)
+{
+	echo 'alert: bad attachment';
+	exit;
+}
+
+if (!can_perform('cangetattach'))
+{
+	echo 'alert: no permission';
+	exit;
+}
+
+ob_clean();
+ob_end_clean();
+	
+if ($funct->fetch_extension($attachment['filename']) != 'txt')
+{
+	header("Content-Disposition: inline; filename=$attachment[filename]");
+	header("Content-transfer-encoding: binary");
+}
+else
+{
+	header("Content-Disposition: attachment; filename=$attachment[filename]");
+}
+header("Content-Length: " . strlen($attachment['attachment']));
+header("Content-Type: $attachment[mimetype]");
+
+print($attachment['attachment']);
+
+/*=====================================================================*\
+|| ###################################################################
+|| # $HeadURL$
+|| # $Id$
+|| ###################################################################
+\*=====================================================================*/
+?>
\ No newline at end of file
-- 
2.22.5