Patch bugsweb-security.diff for Website problem Bug #60989

Patch version 2012-05-06 19:03 UTC

Obsoleted by patches:

• bugsweb-security.diff, revision 2012-05-07 20:59 UTC

Obsolete patches:

• bugsweb-security.diff, revision 2012-05-05 20:25 UTC
• bugsweb-security.diff, revision 2012-05-05 20:28 UTC

• 2012-05-07 20:59 UTC [diff to current]
• 2012-05-06 19:03 UTC [diff to current]
• 2012-05-05 20:28 UTC [diff to current]
• 2012-05-05 20:25 UTC [diff to current]

Developer: tyrael@php.net

diff --git a/include/functions.php b/include/functions.php
index 30f0af7..ae9597b 100644
--- a/include/functions.php
+++ b/include/functions.php
@@ -117,6 +117,10 @@ function bugs_has_access ($bug_id, $bug, $pw, $user_flags)
 	} else if (($user_flags == BUGS_NORMAL_USER) && $pw != '' && verify_bug_passwd($bug_id, $pw)) {
 		// The submitter
 		return true;
+	} else if (($user_flags & BUGS_DEV_USER) && $bug['reporter_name'] != '' &&
+		strtolower($bug['reporter_name']) == strtolower($auth_user->handle)) {
+		// The submitter (php developer)
+		return true;
 	} else if (($user_flags & BUGS_DEV_USER) && $bug['assign'] != '' &&
 		strtolower($bug['assign']) == strtolower($auth_user->handle)) {
 		// The assigned dev
diff --git a/www/bug.php b/www/bug.php
index 5d37606..6e6bb3c 100644
--- a/www/bug.php
+++ b/www/bug.php
@@ -605,6 +605,9 @@ switch ($thanks)
 
 display_bug_error($errors);
 
+if (!$show_bug_info) {
+	echo '<div id="bugheader"></div>';
+} else{
 ?>
 <div id="bugheader">
 	<table id="details">
@@ -668,7 +671,9 @@ display_bug_error($errors);
 	</table>
 </div>
 
-<?php if ($bug_id !== 'PREVIEW') {
+<?php
+}
+if ($bug_id !== 'PREVIEW') {
 	echo '<div class="controls">', "\n",
 		control(0, 'View'),
 		($bug['private'] == 'N' ? control(3, 'Add Comment') : ''),
@@ -750,7 +755,10 @@ if ($edit == 1 || $edit == 2) { ?>
 <form id="update" action="bug.php?id=<?php echo $bug_id; ?>&amp;edit=<?php echo $edit; ?>" method="post">
 
 <?php if ($edit == 2) {
-		if (!isset($_POST['in']) && $pw && verify_bug_passwd($bug['id'], bugs_get_hash($pw))) {
+		if ($logged_in && $show_bug_info) {
+			// do nothing if the user is logged in and has access to the bug
+
+		} elseif (!isset($_POST['in']) && $pw && verify_bug_passwd($bug['id'], bugs_get_hash($pw))) {
 			$show_bug_info = true;	?>
 			<div class="explain">
 				Welcome back! Since you opted to store your bug's password in a
@@ -811,7 +819,7 @@ if ($edit == 1 || $edit == 2) { ?>
 ?>
 	<table>
 
-<?php if ($edit == 1) { /* Developer Edit Form */ ?>
+<?php if ($edit == 1 && $show_bug_info) { /* Developer Edit Form */ ?>
 		<tr>
 			<th class="details"><label for="in" accesskey="c">Qui<span class="accesskey">c</span>k Fix:</label></th>
 			<td colspan="3">
@@ -1013,7 +1021,6 @@ if (!$logged_in) {
 // Display original report
 if ($bug['ldesc']) {
 	if (!$show_bug_info) {
-		echo '<input type="checkbox" name="in[private]" value="Y" '.($is_private == 'Y' ? 'checked="checked"' : '').' /> ';
 		echo 'This bug report is marked as private.';
 	} else if ($bug['status'] !== 'Spam') {
 		output_note(0, $bug['submitted'], $bug['email'], $bug['ldesc'], 'comment', $bug['reporter_name'], false);