<?php /* This script is the AJAX callback that deletes a user's saved search */ define('IN_FS', true); require_once '../../header.php'; $baseurl = dirname(dirname($baseurl)) . '/'; if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { $user = new User(Cookie::val('flyspray_userid')); $user->check_account_ok(); $user->save_search(); }
} elseif (Req::has('code')) { $_SESSION['oauth_provider'] = 'microsoft'; $do = 'oauth'; } elseif (Req::has('do') && Req::val('do') == 'tasklist') { $do = 'index'; } // supertask_id for add new sub-task $supertask_id = 0; if (Req::has('supertask')) { $supertask_id = Req::val('supertask'); } /* permission stuff */ if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { $user = new User(Cookie::val('flyspray_userid'), $proj); $user->check_account_ok(); $user->save_search($do); } else { $user = new User(0, $proj); } if (Get::val('getfile')) { // If a file was requested, deliver it $result = $db->Query("SELECT t.project_id,\n a.orig_name, a.file_name, a.file_type, t.*\n FROM {attachments} a\n INNER JOIN {tasks} t ON a.task_id = t.task_id\n WHERE attachment_id = ?", array(Get::val('getfile'))); $task = $db->FetchRow($result); list($proj_id, $orig_name, $file_name, $file_type) = $task; // Check if file exists, and user permission to access it! if (!is_file(BASEDIR . "/attachments/{$file_name}")) { header('HTTP/1.1 410 Gone'); echo 'File does not exist anymore.'; exit; } if ($user->can_view_task($task)) {