diff --git a/app/Http/Controllers/SubmissionController.php b/app/Http/Controllers/SubmissionController.php index 79b4e5c346..46bf5bd6e7 100644 --- a/app/Http/Controllers/SubmissionController.php +++ b/app/Http/Controllers/SubmissionController.php @@ -150,21 +150,23 @@ private function submitProcess(): Response // We can't use the usual $this->setProjectByName() function here because the auth token we have might not allow // full access to the project. E.g., it might be a submit-only token. $this->project = new Project(); - $this->project->FindByName($projectname); - // Remove some old builds if the project has too many. - $this->project->CheckForTooManyBuilds(); + if (!$this->project->FindByName($projectname)) { + Storage::delete("inbox/{$filename}"); + Log::info("Rejected submission with invalid project name: $projectname"); + $this->failProcessing($filename, Response::HTTP_NOT_FOUND, 'The requested project does not exist.'); + } // Check for valid authentication token if this project requires one. if ($this->project->AuthenticateSubmissions && !AuthTokenUtil::checkToken($authtoken_hash, $this->project->Id)) { Storage::delete("inbox/{$filename}"); Log::info('Rejected submission with invalid authentication token'); $this->failProcessing(null, Response::HTTP_FORBIDDEN, 'Invalid Token'); - } elseif ((int) $this->project->Id < 1) { - Log::info("Rejected submission with invalid project name: $projectname"); - $this->failProcessing($filename, Response::HTTP_NOT_FOUND, 'The requested project does not exist.'); } + // Remove some old builds if the project has too many. + $this->project->CheckForTooManyBuilds(); + // Figure out what type of XML file this is. $stored_filename = 'inbox/' . $filename; $xml_info = SubmissionUtils::get_xml_type(Storage::readStream($stored_filename), $stored_filename);