Closed
Bug 718097
Opened 12 years ago
Closed 11 years ago
Uploading image to gallery with specific title can prevent other users from ever uploading again
Categories
(support.mozilla.org :: Knowledge Base Software, task)
support.mozilla.org
Knowledge Base Software
Tracking
(Not tracked)
RESOLVED
FIXED
People
(Reporter: tgavankar, Assigned: mgoodwin)
Details
(Whiteboard: [site:support.mozilla.org])
If you go to gallery and upload an image and title it "Draft for user tgavankar" where you change tgavankar to any nickname, the ajax upload no longer works for the gallery page for the user who's username you put there (until that uploaded/saved image is deleted). The upload causes a MySQL error: IntegrityError: (1062, "Duplicate entry 'en-US-Draft for user tgavankar' for key 'gallery_image_locale_title'"). This can also happen by accident and affect a single user because if the user leaves after selecting an image (ajax upload goes through) but never hits save on the popup dialogue, when they return to the upload box, it is autopopulated with the autosaved draft text (that causes this bug). STR: 1. Log in as User1 2. Go to en-US/gallery 3. Click upload new media link. 4. Add some image and set the title to "Draft for user User2", description to "Autosaved draft" 5. Save image. 6. Log in as User2 and notice that you are unable to upload images from the gallery upload page.
Comment 1•12 years ago
|
||
The current draft system for uploaded images is... not great. It was an expedient solution to the problem at the time. I think it's worth investing in fixing it properly.
Updated•12 years ago
|
Group: core-security → websites-security
Updated•11 years ago
|
Whiteboard: [site:support.mozilla.org]
Comment 2•11 years ago
|
||
Can we verify that this still happens?
Updated•11 years ago
|
Assignee: nobody → mgoodwin
Assignee | ||
Comment 3•11 years ago
|
||
(In reply to James Socol [:jsocol, :james] from comment #2) > Can we verify that this still happens? Apparently this is now fixed.
Status: NEW → RESOLVED
Closed: 11 years ago
Resolution: --- → FIXED
Comment 4•8 years ago
|
||
These bugs are all resolved, so I'm removing the security flag from them.
Group: websites-security
You need to log in
before you can comment on or make changes to this bug.
Description
•