$vars->{'flag_types'} = $flag_types;
$vars->{'any_flags_requesteeble'} =
grep { $_->is_requestable && $_->is_requesteeble } @$flag_types;
- $vars->{'token'} = issue_session_token('create_attachment:');
+ $vars->{'token'} = issue_session_token('create_attachment');
print $cgi->header();
# Detect if the user already used the same form to submit an attachment
my $token = trim($cgi->param('token'));
- if ($token) {
- my ($creator_id, $date, $old_attach_id) = Bugzilla::Token::GetTokenData($token);
- unless ($creator_id
- && ($creator_id == $user->id)
- && ($old_attach_id =~ "^create_attachment:"))
- {
- # The token is invalid.
- ThrowUserError('token_does_not_exist');
- }
-
- $old_attach_id =~ s/^create_attachment://;
-
- if ($old_attach_id) {
- $vars->{'bugid'} = $bugid;
- $vars->{'attachid'} = $old_attach_id;
- print $cgi->header();
- $template->process("attachment/cancel-create-dupe.html.tmpl", $vars)
- || ThrowTemplateError($template->error());
- exit;
- }
- }
+ check_token_data($token, 'create_attachment', 'index.cgi');
# Check attachments the user tries to mark as obsolete.
my @obsolete_attachments;
mimetype => $content_type,
});
+ # Delete the token used to create this attachment.
+ delete_token($token);
+
foreach my $obsolete_attachment (@obsolete_attachments) {
$obsolete_attachment->set_is_obsolete(1);
$obsolete_attachment->update($timestamp);
}
$bug->update($timestamp);
- if ($token) {
- trick_taint($token);
- $dbh->do('UPDATE tokens SET eventdata = ? WHERE token = ?', undef,
- ("create_attachment:" . $attachment->id, $token));
- }
-
$dbh->bz_commit_transaction;
# Define the variables and functions that will be passed to the UI template.
+++ /dev/null
-[%# The contents of this file are subject to the Mozilla Public
- # License Version 1.1 (the "License"); you may not use this file
- # except in compliance with the License. You may obtain a copy of
- # the License at http://www.mozilla.org/MPL/
- #
- # Software distributed under the License is distributed on an "AS
- # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
- # implied. See the License for the specific language governing
- # rights and limitations under the License.
- #
- # The Original Code is the Bugzilla Bug Tracking System.
- #
- # The Initial Developer of the Original Code is Olav Vitters.
- #
- # Contributor(s): Olav Vitters <olav@bkor.dhs.org>
- # David Lawrence <dkl@redhat.com>
- #%]
-
-[%# INTERFACE:
- # bugid: integer. ID of the bug report that this attachment relates to.
- # attachid: integer. ID of the previous attachment recently created.
- #%]
-
-[% PROCESS "global/field-descs.none.tmpl" %]
-
-[% PROCESS global/header.html.tmpl
- title = "Already filed attachment"
-%]
-
-[% USE Bugzilla %]
-
-<table cellpadding="20">
- <tr>
- <td bgcolor="#ff0000">
- <font size="+2">
- You already used the form to file
- <a href="[% urlbase FILTER html %]attachment.cgi?id=[% attachid FILTER uri %]&action=edit">attachment [% attachid FILTER uri %]</a>.
- </font>
- </td>
- </tr>
-</table>
-
-<p>
- You can either <a href="[% urlbase FILTER html %]attachment.cgi?bugid=[% bugid FILTER uri %]&action=enter">
- create a new attachment</a> or [% "go back to $terms.bug $bugid" FILTER bug_link(bugid) FILTER none %].
-<p>
-
-[% PROCESS global/footer.html.tmpl %]
projects / thirdparty / bugzilla.git / commitdiff
