php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  login
Return to Bug #60989
Patch bugsweb-security.diff revision 2012-05-07 20:59 UTC by tyrael@php.net
revision 2012-05-06 19:03 UTC by tyrael@php.net
revision 2012-05-05 20:28 UTC by tyrael@php.net
revision 2012-05-05 20:25 UTC by tyrael@php.net

Patch bugsweb-security.diff for Website problem Bug #60989

Patch version 2012-05-05 20:28 UTC

Return to Bug #60989 | Download this patch
This patch is obsolete

Obsoleted by patches:

This patch renders other patches obsolete

Obsolete patches:

Patch Revisions: 2012-05-07 20:59 UTC | 2012-05-06 19:03 UTC | 2012-05-05 20:28 UTC | 2012-05-05 20:25 UTC

Developer: tyrael@php.net



  diff --git a/include/functions.php b/include/functions.php
 index 30f0af7..ae9597b 100644
 index 30f0af7..6a6f5c4 100644
  --- a/include/functions.php
  +++ b/include/functions.php
  @@ -117,6 +117,10 @@ function bugs_has_access ($bug_id, $bug, $pw, $user_flags)
   	} else if (($user_flags == BUGS_NORMAL_USER) && $pw != '' && verify_bug_passwd($bug_id, $pw)) {
   		// The submitter
   		return true;
 +	} else if (($user_flags & BUGS_DEV_USER) && $bug['reporter_name'] != '' &&
 +	} else if (($user_flags == BUGS_DEV_USER) && $bug['reporter_name'] != '' &&
  +		strtolower($bug['reporter_name']) == strtolower($auth_user->handle)) {
  +		// The submitter (php developer)
  +		return true;
   	} else if (($user_flags & BUGS_DEV_USER) && $bug['assign'] != '' &&
   		strtolower($bug['assign']) == strtolower($auth_user->handle)) {
   		// The assigned dev
  diff --git a/www/bug.php b/www/bug.php
 index 5d37606..6e6bb3c 100644
 index 5d37606..03cb7c4 100644
  --- a/www/bug.php
  +++ b/www/bug.php
  @@ -605,6 +605,9 @@ switch ($thanks)
   


  +<?php if ($edit == 1 && $show_bug_info) { /* Developer Edit Form */ ?>
   		<tr>
   			<th class="details"><label for="in" accesskey="c">Qui<span class="accesskey">c</span>k Fix:</label></th>
   			<td colspan="3">
 @@ -1013,7 +1021,7 @@ if (!$logged_in) {
  // Display original report
  if ($bug['ldesc']) {
  	if (!$show_bug_info) {
 -		echo '<input type="checkbox" name="in[private]" value="Y" '.($is_private == 'Y' ? 'checked="checked"' : '').' /> ';
 +		//echo '<input type="checkbox" name="in[private]" value="Y" '.($is_private == 'Y' ? 'checked="checked"' : '').' /> ';
  		echo 'This bug report is marked as private.';
  	} else if ($bug['status'] !== 'Spam') {
  		output_note(0, $bug['submitted'], $bug['email'], $bug['ldesc'], 'comment', $bug['reporter_name'], false);
 
PHP Copyright © 2001-2024 The PHP Group
All rights reserved.
Last updated: Sat Jun 15 21:01:28 2024 UTC