Commit: d04d379e7c8f808dea32f68ea77c9f2264945720 Author: Kalle Sommer Nielsen <[email protected]> Mon, 24 Jul 2017 20:12:01 +0200 Parents: 95cdd4429e8da797bd6e6c36cb7ecf6a728743a0 Branches: master
Link: http://git.php.net/?p=web/bugs.git;a=commitdiff;h=d04d379e7c8f808dea32f68ea77c9f2264945720 Log: Authenticate before each call to the header, this should probably be done in the header function anyway. Fixes some navigational links only showing on certain pages Changed paths: M www/bug-pwd-finder.php M www/bugs-generating-backtrace-win32.php M www/bugs-generating-backtrace.php M www/bugs-getting-valgrind-log.php M www/error.php M www/fix.php M www/gh-pull-add.php M www/how-to-report.php M www/index.php M www/patch-add.php M www/patch-display.php M www/quick-fix-desc.php M www/rpc.php M www/search-howto.php M www/stats.php M www/vote.php Diff: diff --git a/www/bug-pwd-finder.php b/www/bug-pwd-finder.php index d8112fa..74df811 100644 --- a/www/bug-pwd-finder.php +++ b/www/bug-pwd-finder.php @@ -59,6 +59,9 @@ if (isset($_POST['captcha']) && $bug_id != '') { } } +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Bug Report Password Finder'); echo "<h1>Bug Report Password Finder</h1>\n"; diff --git a/www/bugs-generating-backtrace-win32.php b/www/bugs-generating-backtrace-win32.php index 852ff8d..4487597 100644 --- a/www/bugs-generating-backtrace-win32.php +++ b/www/bugs-generating-backtrace-win32.php @@ -1,5 +1,9 @@ <?php require_once '../include/prepend.php'; + +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Generating a backtrace on Win32'); ?> diff --git a/www/bugs-generating-backtrace.php b/www/bugs-generating-backtrace.php index 69c3129..11817e3 100644 --- a/www/bugs-generating-backtrace.php +++ b/www/bugs-generating-backtrace.php @@ -1,5 +1,9 @@ <?php require_once '../include/prepend.php'; + +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Generating a gdb backtrace'); ?> diff --git a/www/bugs-getting-valgrind-log.php b/www/bugs-getting-valgrind-log.php index 71fd706..2ff0b9f 100644 --- a/www/bugs-getting-valgrind-log.php +++ b/www/bugs-getting-valgrind-log.php @@ -1,5 +1,9 @@ <?php require_once '../include/prepend.php'; + +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Generating a valgrind log'); ?> diff --git a/www/error.php b/www/error.php index b6a66af..ac46e81 100644 --- a/www/error.php +++ b/www/error.php @@ -11,6 +11,9 @@ if ($id) { redirect("bug.php?id={$id}"); } +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Bugs :: 404 Not Found'); ?> diff --git a/www/fix.php b/www/fix.php index 7bce681..62947ca 100644 --- a/www/fix.php +++ b/www/fix.php @@ -10,6 +10,9 @@ if (!$bug_id) { redirect('index.php'); } +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + // fetch info about the bug into $bug $bug = bugs_get_bug($bug_id); @@ -23,8 +26,6 @@ if (!is_array($bug)) { // If bug exists, continue.. $RESOLVE_REASONS = $FIX_VARIATIONS = $errors = array(); -bugs_authenticate($user, $pwd, $logged_in, $user_flags); - $is_trusted_developer = ($user_flags & BUGS_TRUSTED_DEV); if ($logged_in != 'developer') { diff --git a/www/gh-pull-add.php b/www/gh-pull-add.php index f89af8f..e90a33a 100644 --- a/www/gh-pull-add.php +++ b/www/gh-pull-add.php @@ -6,6 +6,9 @@ require_once '../include/prepend.php'; session_start(); $canpatch = true; +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + /// Input vars $bug_id = !empty($_REQUEST['bug']) ? (int) $_REQUEST['bug'] : 0; if (empty($bug_id)) { diff --git a/www/how-to-report.php b/www/how-to-report.php index 45ead84..8deac70 100644 --- a/www/how-to-report.php +++ b/www/how-to-report.php @@ -1,5 +1,9 @@ <?php require_once '../include/prepend.php'; + +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('How to Report a Bug'); ?> diff --git a/www/index.php b/www/index.php index 801dd57..bfe93df 100644 --- a/www/index.php +++ b/www/index.php @@ -21,6 +21,9 @@ if($_SERVER['REQUEST_URI'] == '/random') { redirect("bug.php?id={$id[0]}"); } +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Bugs'); ?> diff --git a/www/patch-add.php b/www/patch-add.php index ad546a1..428e29b 100644 --- a/www/patch-add.php +++ b/www/patch-add.php @@ -5,6 +5,9 @@ require_once '../include/prepend.php'; session_start(); +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + $canpatch = true; /// Input vars @@ -29,8 +32,6 @@ if (!($buginfo = bugs_get_bug($bug_id))) { $package_name = $buginfo['package_name']; -// Authenticate -bugs_authenticate($user, $pw, $logged_in, $user_flags); $is_trusted_developer = ($user_flags & BUGS_TRUSTED_DEV); // captcha is not necessary if the user is logged in diff --git a/www/patch-display.php b/www/patch-display.php index 4ef9683..5c05942 100644 --- a/www/patch-display.php +++ b/www/patch-display.php @@ -2,6 +2,9 @@ session_start(); +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + // Obtain common includes require_once '../include/prepend.php'; @@ -12,9 +15,6 @@ if (!isset($_GET['bug_id']) && !isset($_GET['bug'])) { exit; } -// Authenticate -bugs_authenticate($user, $pw, $logged_in, $user_flags); - $is_trusted_developer = ($user_flags & BUGS_TRUSTED_DEV); $canpatch = ($logged_in == 'developer'); diff --git a/www/quick-fix-desc.php b/www/quick-fix-desc.php index 00d1b62..99c019f 100644 --- a/www/quick-fix-desc.php +++ b/www/quick-fix-desc.php @@ -1,10 +1,15 @@ <?php +session_start(); + // Obtain common includes require_once '../include/prepend.php'; list($RESOLVE_REASONS, $FIX_VARIATIONS) = get_resolve_reasons($site); +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Quick Fix Descriptions'); ?> diff --git a/www/rpc.php b/www/rpc.php index e67a005..df891bc 100644 --- a/www/rpc.php +++ b/www/rpc.php @@ -1,5 +1,7 @@ <?php +session_start(); + $bug_id = (int) $_REQUEST['id']; if (!$bug_id) { diff --git a/www/search-howto.php b/www/search-howto.php index 8b23638..52bbc3a 100755 --- a/www/search-howto.php +++ b/www/search-howto.php @@ -3,6 +3,10 @@ session_start(); require '../include/prepend.php'; + +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header("How to search the bug database"); ?> diff --git a/www/stats.php b/www/stats.php index 0a14c9f..e05cef1 100644 --- a/www/stats.php +++ b/www/stats.php @@ -5,6 +5,9 @@ session_start(); // Obtain common includes require_once '../include/prepend.php'; +// Authenticate +bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('Bugs Stats'); $titles = array( diff --git a/www/vote.php b/www/vote.php index 3ffa35e..358ee99 100644 --- a/www/vote.php +++ b/www/vote.php @@ -21,6 +21,11 @@ $samever = isset($_POST['samever']) ? (int) $_POST['samever'] : 0; $sameos = isset($_POST['sameos']) ? (int) $_POST['sameos'] : 0; if (!$dbh->prepare("SELECT id FROM bugdb WHERE id= ? LIMIT 1")->execute(array($id))->fetchOne()) { + session_start(); + + // Authenticate + bugs_authenticate($user, $pw, $logged_in, $user_flags); + response_header('No such bug.'); display_bug_error("No such bug #{$id}"); response_footer(); -- PHP Webmaster List Mailing List (http://www.php.net/) To unsubscribe, visit: http://www.php.net/unsub.php
