From: <vb...@us...> - 2003-01-29 00:53:08
|
Update of /cvsroot/mantisbt/mantisbt/core In directory sc8-pr-cvs1:/tmp/cvs-serv27660/core Modified Files: file_api.php Log Message: Fix for 2884: attachments on closed bugs can be deleted. M core/file_api.php (file_list_attachments): Only display [delete] link if the user has handler access level + the bug status is below the resolved threshold. Index: file_api.php =================================================================== RCS file: /cvsroot/mantisbt/mantisbt/core/file_api.php,v retrieving revision 1.20 retrieving revision 1.21 diff -u -d -r1.20 -r1.21 --- file_api.php 25 Jan 2003 18:21:08 -0000 1.20 +++ file_api.php 29 Jan 2003 00:53:04 -0000 1.21 @@ -37,6 +37,10 @@ WHERE bug_id='$c_bug_id'"; $result = db_query( $query ); + $t_bug = bug_get( $c_bug_id, false ); + $t_can_delete = ( $t_bug->status < config_get( 'bug_resolved_status_threshold' ) ) && + access_level_check_greater_or_equal( config_get( 'handle_bug_threshold' ) ); + $num_files = db_num_rows( $result ); for ( $i = 0 ; $i < $num_files ; $i++ ) { $row = db_fetch_array( $result ); @@ -47,7 +51,7 @@ echo "<a href=\"file_download.php?file_id=$v_id&type=bug\">".file_get_display_name($v_filename)."</a> ($v_filesize bytes) <span class=\"italic\">$v_date_added</span>"; - if ( access_level_check_greater_or_equal( config_get( 'handle_bug_threshold' ) ) ) { + if ( $t_can_delete ) { echo " [<a class=\"small\" href=\"bug_file_delete.php?file_id=$v_id\">" . lang_get('delete_link') . '</a>]'; } |