if (!$logged_in) { require_once 'Text/CAPTCHA/Numeral.php'; $numeralCaptcha = new Text_CAPTCHA_Numeral(); } // Handle input if (isset($_POST['in'])) { $errors = incoming_details_are_valid($_POST['in'], 1, $logged_in); // Check if session answer is set, then compare it with the post captcha value. // If it's not the same, then it's an incorrect password. if (!$logged_in) { if (!isset($_SESSION['answer'])) { $errors[] = 'Please enable cookies so the Captcha system can work'; } elseif ($_POST['captcha'] != $_SESSION['answer']) { $errors[] = 'Incorrect Captcha'; } if (is_spam($_POST['in']['ldesc']) || is_spam($_POST['in']['expres']) || is_spam($_POST['in']['repcode'])) { $errors[] = 'Spam detected'; } } // Set auto-generated password when not supplied or logged in if ($logged_in || $_POST['in']['passwd'] == '') { $_POST['in']['passwd'] = uniqid(); } // try to verify the user $_POST['in']['email'] = $auth_user->email; $package_name = $_POST['in']['package_name']; if (!$errors) { // When user submits a report, do a search and display the results before allowing them to continue. if (!isset($_POST['preview']) && empty($_POST['in']['did_luser_search'])) { $_POST['in']['did_luser_search'] = 1; $where_clause = "WHERE package_name != 'Feature/Change Request'";
response_header('Private report'); display_bug_error("The bug #{$bug_id} is not available to public"); response_footer(); exit; } if ($logged_in != 'developer') { $errors[] = 'You have to login first in order to edit the bug report.'; } $comment_name = $auth_user->name; if (empty($_POST['ncomment'])) { $ncomment = ''; } else { $ncomment = trim($_POST['ncomment']); } // primitive spam detection if ($ncomment && is_spam($ncomment)) { $errors[] = "Please do not SPAM our bug system."; } // Just trusted dev can set CVE-ID if ($is_security_developer && !empty($_POST['in']['cve_id'])) { // Remove the CVE- prefix $_POST['in']['cve_id'] = preg_replace('/^\\s*CVE-/i', '', $_POST['in']['cve_id']); } if (empty($_POST['in']['cve_id'])) { $_POST['in']['cve_id'] = $bug['cve_id']; } if ($bug['private'] == 'N' && $bug['private'] != $is_private) { if ($_POST['in']['bug_type'] != 'Security') { $errors[] = 'Only Security bugs can be marked as private.'; } }