use Bugzilla::Product;
use Bugzilla::Classification;
use Bugzilla::Keyword;
+use Bugzilla::Token;
require "globals.pl";
use vars qw(
$vars->{'cloned_bug_id'} = $cloned_bug_id;
+$vars->{'token'} = Bugzilla::Token::IssueSessionToken('createbug:');
+
if ($cloned_bug_id) {
$default{'component_'} = $cloned_bug->{'component'};
use Bugzilla::Field;
use Bugzilla::Product;
use Bugzilla::Keyword;
+use Bugzilla::Token;
# Shut up misguided -w warnings about "used only once". For some reason,
# "use vars" chokes on me when I try it here.
# Main Script
######################################################################
+# Detect if the user already used the same form to submit a bug
+my $token = trim($cgi->param('token'));
+if ($token) {
+ my ($creator_id, $date, $old_bug_id) = Bugzilla::Token::GetTokenData($token);
+ unless ($creator_id
+ && ($creator_id == $user->id)
+ && ($old_bug_id =~ "^createbug:"))
+ {
+ # The token is invalid.
+ ThrowUserError('token_inexistent');
+ }
+
+ $old_bug_id =~ s/^createbug://;
+
+ if ($old_bug_id && (!$cgi->param('ignore_token')
+ || ($cgi->param('ignore_token') != $old_bug_id)))
+ {
+ $vars->{'bugid'} = $old_bug_id;
+ $vars->{'allow_override'} = defined $cgi->param('ignore_token') ? 0 : 1;
+
+ print $cgi->header();
+ $template->process("bug/create/confirm-create-dupe.html.tmpl", $vars)
+ || ThrowTemplateError($template->error());
+ exit;
+ }
+}
+
# do a match on the fields if applicable
&Bugzilla::User::match_field ($cgi, {
$vars->{'bug_list'} = \@bug_list;
$vars->{'use_keywords'} = 1 if Bugzilla::Keyword::keyword_count();
+if ($token) {
+ trick_taint($token);
+ $dbh->do('UPDATE tokens SET eventdata = ? WHERE token = ?', undef,
+ ("createbug:$id", $token));
+}
+
print $cgi->header();
$template->process("bug/create/created.html.tmpl", $vars)
|| ThrowTemplateError($template->error());
--- /dev/null
+[%# 1.0@bugzilla.org %]
+[%# The contents of this file are subject to the Mozilla Public
+ # License Version 1.1 (the "License"); you may not use this file
+ # except in compliance with the License. You may obtain a copy of
+ # the License at http://www.mozilla.org/MPL/
+ #
+ # Software distributed under the License is distributed on an "AS
+ # IS" basis, WITHOUT WARRANTY OF ANY KIND, either express or
+ # implied. See the License for the specific language governing
+ # rights and limitations under the License.
+ #
+ # The Original Code is the Bugzilla Bug Tracking System.
+ #
+ # The Initial Developer of the Original Code is Olav Vitters.
+ #
+ # Contributor(s): Olav Vitters <olav@bkor.dhs.org>
+ #%]
+
+[%# INTERFACE:
+ # bugid: integer. ID of the bug previously used to create a bug.
+ # allow_override: boolean int. Is 1 if the user may submit the bug again.
+ #%]
+
+[% PROCESS "global/field-descs.none.tmpl" %]
+
+[% PROCESS global/header.html.tmpl
+ title = "Already filed $terms.bug"
+%]
+
+<table cellpadding="20">
+ <tr>
+ <td bgcolor="#ff0000">
+ <font size="+2">
+ You already used the form to file [% "$terms.bug $bugid" FILTER bug_link(bugid) FILTER none %].
+ </font>
+ </td>
+ </tr>
+</table>
+
+<p><font size="big">You are highly encouraged to visit [% "$terms.bug $bugid"
+FILTER bug_link(bugid) FILTER none %].</font></p>
+
+[% IF allow_override %]
+ <p>If you are sure you used the same form to submit a new [% terms.bug %],
+ click 'File [% terms.bug %] again'.<p>
+
+ <form name="create" id="create" method="post" action="post_bug.cgi">
+ [% PROCESS "global/hidden-fields.html.tmpl"
+ exclude="^(Bugzilla_login|Bugzilla_password|ignore_token)$" %]
+ <input type="hidden" name="ignore_token" value="[% bugid FILTER html %]">
+ <input type="submit" value="File [% terms.bug %] again">
+ </form>
+[% END %]
+
+[% PROCESS global/footer.html.tmpl %]
value="[% default.priority FILTER html %]">
<input type="hidden" name="version"
value="[% default.version FILTER html %]">
+ <input type="hidden" name="token" value="[% token FILTER html %]">
<table valign="top" cellpadding="5" cellspacing="5" border="0">
<form name="Create" id="Create" method="post" action="post_bug.cgi">
<input type="hidden" name="product" value="[% product FILTER html %]">
+<input type="hidden" name="token" value="[% token FILTER html %]">
<table cellspacing="2" cellpadding="0" border="0">
projects / thirdparty / bugzilla.git / commitdiff
