function account_register_new($unix_name, $realname, $password1, $password2, $email, $language, $timezone, $mail_site, $mail_va, $language_id, $timezone)
{
global $feedback;
if (db_numrows(db_query("SELECT user_id FROM users WHERE user_name LIKE '{$unix_name}'")) > 0) {
$feedback .= "That username already exists.";
return false;
}
// Check that username is not identical with an existing unix groupname (groups) helix 22.06.2001
if (db_numrows(db_query("SELECT unix_group_name FROM groups WHERE unix_group_name LIKE '{$unix_name}'")) > 0) {
$feedback .= "That username is identical with the unixname of an existing group.";
return false;
}
// End of change helix 22.06.2001
if (!$unix_name) {
$feedback .= "You must supply a username.";
return false;
}
if (!$password1) {
$feedback .= "You must supply a password.";
return false;
}
if ($password1 != $password2) {
$feedback .= "Passwords do not match.";
return false;
}
if (!account_pwvalid($password1)) {
$feedback .= ' Password must be at least 6 characters. ';
return false;
}
if (!account_namevalid($unix_name)) {
$feedback .= ' Invalid Unix Name ';
return false;
}
if (!validate_email($email)) {
$feedback .= ' Invalid Email Address ';
return false;
}
// if we got this far, it must be good
$confirm_hash = substr(md5($session_hash . $HTTP_POST_VARS['form_pw'] . time()), 0, 16);
$result = db_query("INSERT INTO users (user_name,user_pw,unix_pw,realname,email,add_date," . "status,confirm_hash,mail_siteupdates,mail_va,language,timezone) " . "VALUES ('{$unix_name}'," . "'" . md5($password1) . "'," . "'" . account_genunixpw($password1) . "'," . "'" . "{$realname}'," . "'{$email}'," . "'" . time() . "'," . "'P'," . "'{$confirm_hash}'," . "'" . ($mail_site ? "1" : "0") . "'," . "'" . ($mail_va ? "1" : "0") . "'," . "'{$language_id}'," . "'{$timezone}')");
$user_id = db_insertid($result, 'users', 'user_id');
if (!$result || !$user_id) {
$feedback .= ' Insert Failed ' . db_error();
return false;
} else {
// send mail
$message = "Thank you for registering on the " . $GLOBALS['sys_default_name'] . " web site. In order\n" . "to complete your registration, visit the following url: \n\n" . "https://" . $GLOBALS['HTTP_HOST'] . "/account/verify.php?confirm_hash={$confirm_hash}\n\n" . "Enjoy the site.\n\n" . " -- the " . $GLOBALS['sys_default_name'] . " staff\n";
mail($email, $GLOBALS['sys_default_name'] . " Account Registration", $message, "From: noreply@" . $GLOBALS['sys_default_domain']);
return $user_id;
}
}
function create(&$request)
{
$content_id = false;
$vId = new Valid_Uint($this->widget_id . '_job_id');
$vId->setErrorMessage("Can't add empty job id");
$vId->required();
if ($request->valid($vId)) {
$job_id = $request->get($this->widget_id . '_job_id');
$sql = 'INSERT INTO plugin_hudson_widget (widget_name, owner_id, owner_type, job_id) VALUES ("' . $this->id . '", ' . $this->owner_id . ", '" . $this->owner_type . "', " . db_escape_int($job_id) . " )";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
/**
*
* Copy all the reports informations from a tracker to another.
*
* @param atid_source: source tracker
* @param atid_dest: destination tracker
*
* @return boolean
*/
function copyReports($atid_source, $atid_dest)
{
global $Language;
$report_mapping = array(100 => 100);
//The system report 'Default' (sic)
//
// Copy artifact_report records which are not individual/personal
//
$sql = "SELECT report_id,user_id,name,description,scope,is_default " . "FROM artifact_report " . "WHERE group_artifact_id='" . db_ei($atid_source) . "'" . "AND scope != 'I'";
//echo $sql;
$res = db_query($sql);
while ($report_array = db_fetch_array($res)) {
$sql_insert = 'INSERT INTO artifact_report (group_artifact_id,user_id,name,description,scope,is_default) VALUES (' . db_ei($atid_dest) . ',' . db_ei($report_array["user_id"]) . ',"' . db_es($report_array["name"]) . '","' . db_es($report_array["description"]) . '","' . db_es($report_array["scope"]) . '","' . db_es($report_array["is_default"]) . '")';
$res_insert = db_query($sql_insert);
if (!$res_insert || db_affected_rows($res_insert) <= 0) {
$this->setError($Language->getText('tracker_common_reportfactory', 'ins_err', array($report_array["report_id"], $atid_dest, db_error())));
return false;
}
$report_id = db_insertid($res_insert, 'artifact_report', 'report_id');
$report_mapping[$report_array["report_id"]] = $report_id;
//
// Copy artifact_report_field records
//
$sql_fields = 'SELECT field_name,show_on_query,show_on_result,place_query,place_result,col_width ' . 'FROM artifact_report_field ' . 'WHERE report_id=' . db_ei($report_array["report_id"]);
//echo $sql_fields;
$res_fields = db_query($sql_fields);
while ($field_array = db_fetch_array($res_fields)) {
$show_on_query = $field_array["show_on_query"] == "" ? "null" : $field_array["show_on_query"];
$show_on_result = $field_array["show_on_result"] == "" ? "null" : $field_array["show_on_result"];
$place_query = $field_array["place_query"] == "" ? "null" : $field_array["place_query"];
$place_result = $field_array["place_result"] == "" ? "null" : $field_array["place_result"];
$col_width = $field_array["col_width"] == "" ? "null" : $field_array["col_width"];
$sql_insert = 'INSERT INTO artifact_report_field VALUES (' . db_ei($report_id) . ',"' . db_es($field_array["field_name"]) . '",' . db_ei($show_on_query) . ',' . db_ei($show_on_result) . ',' . db_ei($place_query) . ',' . db_ei($place_result) . ',' . db_ei($col_width) . ')';
//echo $sql_insert;
$res_insert = db_query($sql_insert);
if (!$res_insert || db_affected_rows($res_insert) <= 0) {
$this->setError($Language->getText('tracker_common_reportfactory', 'f_ind_err', array($report_array["report_id"], $field_array["field_name"], db_error())));
return false;
}
}
// while
}
// while
return $report_mapping;
}
function create($label, $languageId)
{
global $Language;
if (strlen($label) == 0) {
// set error
return false;
}
$sql = 'INSERT INTO trove_category_labels ' . '(category_id, label, language_id) VALUES (' . $this->category->getId() . ', ' . "'" . $label . "'," . "'" . $languageId . "')";
db_begin();
$result = db_query($sql);
echo db_error();
if (!$result) {
db_rollback();
return false;
}
$this->labelId = db_insertid($result, 'trove_category_labels', 'label_id');
$this->fetchData($this->labelId);
db_commit();
}
/**
* GetKeysArray
* Form aray of primary keys and their values for audit
* @param {array} $arr array of inserting values
* @param {bool} $searchId - find last inserted id or not
* @return {array} array of keys and their values
*/
function GetKeysArray($arr, $searchId = false)
{
global $conn;
$keyfields = GetTableKeys();
$aKeys = array();
if (count($keyfields)) {
foreach ($keyfields as $kfield) {
if (array_key_exists($kfield, $arr)) {
$aKeys[$kfield] = $arr[$kfield];
}
}
if (count($aKeys) == 0 && searchId) {
$lastId = db_insertid($conn);
if ($lastId > 0) {
$aKeys[$keyfields[0]] = $lastId;
}
}
}
return $aKeys;
}
if ($group_id && user_ismember($group_id, 'A')) {
if ($add_job) {
/*
create a new job
*/
if (!$title || !$description || $category_id == 100) {
//required info
exit_error('error - missing info', 'Fill in all required fields');
}
$sql = "INSERT INTO people_job (group_id,created_by,title,description,date,status_id,category_id) " . "VALUES ('{$group_id}','" . user_getid() . "','{$title}','{$description}','" . time() . "','1','{$category_id}')";
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= ' JOB insert FAILED ';
echo db_error();
} else {
$job_id = db_insertid($result, 'people_job', 'job_id');
$feedback .= ' JOB inserted successfully ';
}
} else {
if ($update_job) {
/*
update the job's description, status, etc
*/
if (!$title || !$description || $category_id == 100 || $status_id == 100 || !$job_id) {
//required info
exit_error('error - missing info', 'Fill in all required fields');
}
$sql = "UPDATE people_job SET title='{$title}',description='{$description}',status_id='{$status_id}',category_id='{$category_id}' " . "WHERE job_id='{$job_id}' AND group_id='{$group_id}'";
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$feedback .= ' JOB update FAILED ';
function create(&$request)
{
$content_id = false;
$vId = new Valid_Uint('chart_id');
$vId->setErrorMessage("Can't add empty chart id");
$vId->required();
if ($request->validInArray('chart', $vId)) {
$chart = $request->get('chart');
$sql = 'INSERT INTO plugin_graphontrackersv5_widget_chart (owner_id, owner_type, title, chart_id) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($chart['title']) . "', " . db_escape_int($chart['chart_id']) . ")";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
/**
* insertmsg - inserts the message into the main table (forum)
* @param string The subject of the message.
* @param string The body of the message.
* @param int The thread_id of the message, if known.
* @param int The message_id of the parent message, if any.
* @param int The id of the user that is posting the message
* @param boolean Whether the message has an attach associated. Defaults to false
* @return boolean success.
*/
function insertmsg($subject, $body, $thread_id = '', $is_followup_to = '', $user_id, $has_attach = false)
{
if (!$thread_id) {
$thread_id = $this->Forum->getNextThreadID();
$is_followup_to = 0;
if (!$thread_id) {
$this->setError('ForumMessage::create() ' . _('Getting next thread_id failed'));
db_rollback();
return false;
}
} else {
//
// increment the parent's followup count if necessary
//
$res4 = db_query("UPDATE forum SET most_recent_date='" . time() . "' \n\t\t\t\tWHERE thread_id='{$thread_id}' AND is_followup_to='0'");
if (!$res4 || db_affected_rows($res4) < 1) {
$this->setError(_('Couldn\'t Update Master Thread parent with current time'));
db_rollback();
return false;
} else {
//
// mark the parent with followups as an optimization later
//
$res3 = db_query("UPDATE forum SET has_followups='1',most_recent_date='" . time() . "' \n\t\t\t\t\tWHERE msg_id='{$is_followup_to}'");
if (!$res3) {
$this->setError(_('Could Not Update Parent'));
db_rollback();
return false;
}
}
}
$sql = "INSERT INTO forum (group_forum_id,posted_by,subject,\n\t\t\tbody,post_date,is_followup_to,thread_id,most_recent_date) \n\t\t\tVALUES ('" . $this->Forum->getID() . "', '{$user_id}', '" . htmlspecialchars($subject) . "', \n\t\t\t'" . $body . "', '" . time() . "','{$is_followup_to}','{$thread_id}','" . time() . "')";
$result = db_query($sql);
if (!$result || db_affected_rows($result) < 1) {
$this->setError(_('ForumMessage::create() Posting Failed') . ' ' . db_error());
db_rollback();
return false;
}
$msg_id = db_insertid($result, 'forum', 'msg_id');
if (!$this->fetchData($msg_id)) {
db_rollback();
return false;
}
if (!$msg_id) {
db_rollback();
$this->setError(_('ForumMessage::create() Unable to get new message id'));
return false;
}
if (!$this->sendNotice($has_attach)) {
db_rollback();
return false;
}
//echo "Committing";
db_commit();
//echo "db_error()".db_error();
$this->awaits_moderation = false;
return true;
}
/**
* Add a entry in the DataBase for a Tracker associated to a commit
*
* @param array $Config Config
* @param string $GroupId The GroupId to insert it into
* @param string $Num The tracker_id
*
* @return array Returns 'check'=true if check passed, group, group_id
*/
function addTaskLog($Config, $GroupId, $Num)
{
$return = array();
$Query = "SELECT * from project_task,project_group_list WHERE " . "project_task.group_project_id=" . "project_group_list.group_project_id " . "AND project_task.project_task_id='" . $Num . "' AND " . " project_group_list.group_id='" . $GroupId . "'";
var_dump($Query);
$Result = db_query($Query);
$Rows = db_numrows($Result);
if ($Rows == 0) {
$return['Error'] .= "Task:{$Num} Not Found.";
}
if ($Rows == 1) {
db_begin();
$Query = "INSERT INTO plugin_svntracker_data_artifact " . "(kind, project_task_id) VALUES " . "('1', '" . $Num . "')";
$DBRes = db_query($Query);
$HolderID = db_insertid($DBRes, 'plugin_svntracker_data_artifact', 'id');
if (!$DBRes || !$HolderID) {
$return['Error'] = 'Problems with Task $Num: ' . db_error($DBRes);
db_rollback();
} else {
$Query = "INSERT INTO plugin_svntracker_data_master " . "(holder_id, svn_date, log_text, file, prev_version, " . "actual_version, author)" . " VALUES ('" . $HolderID . "','" . $Config['SvnDate'] . "','" . $Config['Log'] . "','" . $Config['FileName'] . "','" . $Config['PrevVersion'] . "','" . $Config['ActualVersion'] . "','" . $Config['UserName'] . "')";
$DBRes = db_query($Query);
if (!$DBRes) {
db_rollback();
} else {
db_commit();
}
}
}
if ($Rows > 1) {
$return['Error'] .= "Unknown problem adding Task:{$Num}.";
}
return $return;
}
/**
* create - create a row in the table that stores a saved query for * a tracker.
*
* @param string Name of the saved query.
* @return true on success / false on failure.
*/
function create($name, $status, $assignee, $moddaterange, $sort_col, $sort_ord, $extra_fields, $opendaterange = 0, $closedaterange = 0)
{
//
// data validation
//
if (!$name) {
$this->setMissingParamsError();
return false;
}
if (!session_loggedin()) {
$this->setError('Must Be Logged In');
return false;
}
if ($this->Exist(htmlspecialchars($name))) {
$this->setError(_('Query already exists'));
return false;
}
$sql = "INSERT INTO artifact_query (group_artifact_id,query_name,user_id) \n\t\t\tVALUES ('" . $this->ArtifactType->getID() . "','" . htmlspecialchars($name) . "','" . user_getid() . "')";
db_begin();
$result = db_query($sql);
if ($result && db_affected_rows($result) > 0) {
$this->clearError();
$id = db_insertid($result, 'artifact_query', 'artifact_query_id');
if (!$id) {
$this->setError('Error getting id ' . db_error());
db_rollback();
return false;
} else {
if (!$this->insertElements($id, $status, $assignee, $moddaterange, $sort_col, $sort_ord, $extra_fields, $opendaterange, $closedaterange)) {
db_rollback();
return false;
}
}
} else {
$this->setError(db_error());
db_rollback();
return false;
}
//
// Now set up our internal data structures
//
if ($this->fetchData($id)) {
db_commit();
return true;
} else {
db_rollback();
return false;
}
}
/**
* create - use this to create a new Report in the database.
*
* @param string The report name.
* @param string The report description.
* @return id on success, false on failure.
*/
public static function create($atid, $user_id, $name, $description, $scope)
{
$sql = sprintf("INSERT INTO plugin_graphontrackers_report_graphic \n (group_artifact_id,user_id,name,description,scope) \n VALUES (%d,%d,'%s','%s','%s')", db_ei($atid), db_ei($user_id), db_es($name), db_es($description), db_es($scope));
$res = db_query($sql);
$report = null;
if ($res && db_affected_rows($res)) {
$report = new GraphOnTrackers_Report(db_insertid($res));
}
return $report;
}
/**
* create - construct a new Artifact in the database.
*
* @param string The artifact summary.
* @param string Details of the artifact.
* @param int The ID of the user to which this artifact is to be assigned.
* @param int The artifacts priority.
* @param array Array of extra fields like: array(15=>'foobar',22=>'1');
* @return id on success / false on failure.
*/
function create($summary, $details, $assigned_to = 100, $priority = 3, $extra_fields = array())
{
//
// make sure this person has permission to add artifacts
//
if (!$this->ArtifactType->isPublic()) {
//
// Only admins can post/modify private artifacts
//
if (!$this->ArtifactType->userIsAdmin()) {
$this->setError(_('Artifact: Only Artifact Admins Can Modify Private ArtifactTypes'));
return false;
}
}
//
// get the user_id
//
if (session_loggedin()) {
$user = user_getid();
} else {
if ($this->ArtifactType->allowsAnon()) {
$user = 100;
} else {
$this->setError(_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
return false;
}
}
//
// data validation
//
if (!$summary) {
$this->setError(_('Artifact: Message Summary Is Required'));
return false;
}
if (!$details) {
$this->setError(_('Artifact: Message Body Is Required'));
return false;
}
if (!$assigned_to) {
$assigned_to = 100;
}
if (!$priority) {
$priority = 3;
}
// if (!$status_id) {
$status_id = 1;
// on creation, status is set to "open"
// }
//
// They may be using an extra field "status" box so we have to remap
// the status_id based on the extra field - this keeps the counters
// accurate
//
$status_id = $this->ArtifactType->remapStatus($status_id, $extra_fields);
if (!$status_id) {
$this->setError(_('Artifact: Error remapping status'));
return false;
}
db_begin();
$sql = "INSERT INTO artifact \n\t\t\t(group_artifact_id,status_id,priority,\n\t\t\tsubmitted_by,assigned_to,open_date,summary,details) \n\t\t\tVALUES \n\t\t\t('" . $this->ArtifactType->getID() . "','{$status_id}','{$priority}',\n\t\t\t'{$user}','{$assigned_to}','" . time() . "','" . htmlspecialchars($summary) . "','" . htmlspecialchars($details) . "')";
$res = db_query($sql);
if (!$res) {
$this->setError('Artifact: ' . db_error());
db_rollback();
return false;
}
$artifact_id = db_insertid($res, 'artifact', 'artifact_id');
if (!$res || !$artifact_id) {
$this->setError('Artifact: ' . db_error());
db_rollback();
return false;
} else {
//
// Now set up our internal data structures
//
if (!$this->fetchData($artifact_id)) {
db_rollback();
return false;
} else {
// the changes to the extra fields will be logged in this array.
// (we won't use it however)
$extra_field_changes = array();
if (!$this->updateExtraFields($extra_fields, $extra_field_changes)) {
db_rollback();
return false;
}
}
//
// now send an email if appropriate
//
$this->mailFollowup(1);
db_commit();
return $artifact_id;
}
}
//create a new release of this package
//see if this package belongs to this project
$res1 = db_query("SELECT * FROM frs_package WHERE package_id='{$package_id}' AND group_id='{$group_id}'");
if (!$res1 || db_numrows($res1) < 1) {
$feedback .= ' | Package Doesn\'t Exist Or Isn\'t Yours ';
echo db_error();
} else {
//package_id was fine - now insert the release
$res = db_query("INSERT INTO frs_release (package_id,name,notes,changes,status_id,release_date,released_by) " . "VALUES ('{$package_id}','{$release_name}','{$release_notes}','{$release_changes}','{$status_id}','" . time() . "','" . user_getid() . "')");
if (!$res) {
$feedback .= ' | Adding Release Failed ';
echo db_error();
//insert failed - go back to definition screen
} else {
//release added - now show the detail page for this new release
$release_id = db_insertid($res, 'frs_release', 'release_id');
$feedback .= ' Added Release <BR>';
}
}
/*
Add a file to this release
First, make sure this release belongs to this group
iterate the following for each file:
Second see if the filename is legal
Third see if they already have a file by the same name
Fourth if file actually exists, physically move the file on garbage to the new location
Fifth insert it into the database
*/
/**
* create - use this function to create a survey
*
* @param string The survey title
* @param int array The question numbers to be added
* @param is_active 1: Active, 0: Inactive
* For future options
* @param is_public 0: Admins Only, 1: Group Members, 2: Gforge user, 3:Every body
* @param is_result_public 0: Admins Only, 1: Group Members, 2: Gforge user, 3:voted user 4:Every body
* @param double_vote Allow double vote if it is 1
* @return boolean success.
*/
function create($survey_title, $add_questions, $is_active = 0, $is_public = 1, $is_result_public = 0, $double_vote = 0)
{
if (!$survey_title) {
$this->setError(_('UPDATE FAILED: Survey Title Required'));
return false;
/* We need at least one survey question at this point */
} else {
if (!$add_questions || !is_array($add_questions) || count($add_questions) < 1) {
$this->setError(_('UPDATE FAILED: Survey Questions Required'));
return false;
}
}
$group_id = $this->Group->GetID();
/* Make old style survey string from array: 1, 2, 3, ..., n */
$survey_questions = $this->_makeQuestionString(array_reverse($add_questions));
$sql = "INSERT INTO surveys (survey_title,group_id,survey_questions,is_active) VALUES ('" . htmlspecialchars($survey_title) . "','{$group_id}','{$survey_questions}','{$is_active}')";
$result = db_query($sql);
if (!$result) {
$this->setError(_('Insert Error') . db_error());
return false;
}
/* Load question to data array */
$survey_id = db_insertid($res, 'surveys', 'survey_id');
return $this->fetchData($survey_id);
}
/**
* create_project
*
* Create a new project
*
* @param data
*/
function create_project($data, $do_not_exit = false)
{
srand((double) microtime() * 1000000);
$random_num = rand(0, 1000000);
// Make sure default project privacy status is defined. If not
// then default to "public"
if (!isset($GLOBALS['sys_is_project_public'])) {
$GLOBALS['sys_is_project_public'] = 1;
}
if (isset($GLOBALS['sys_disable_subdomains']) && $GLOBALS['sys_disable_subdomains']) {
$http_domain = $GLOBALS['sys_default_domain'];
} else {
$http_domain = $data['project']['form_unix_name'] . '.' . $GLOBALS['sys_default_domain'];
}
//Verify if the approbation of the new project is automatic or not
$auto_approval = ForgeConfig::get('sys_project_approval', 1) ? PROJECT_APPROVAL_BY_ADMIN : PROJECT_APPROVAL_AUTO;
if (isset($data['project']['is_public'])) {
$access = $data['project']['is_public'] ? Project::ACCESS_PUBLIC : Project::ACCESS_PRIVATE;
} else {
$access = ForgeConfig::get('sys_is_project_public') ? Project::ACCESS_PUBLIC : Project::ACCESS_PRIVATE;
}
// make group entry
$insert_data = array('group_name' => "'" . htmlspecialchars(mysql_real_escape_string($data['project']['form_full_name'])) . "'", 'access' => "'" . $access . "'", 'unix_group_name' => "'" . db_es($data['project']['form_unix_name']) . "'", 'http_domain' => "'" . db_es($http_domain) . "'", 'status' => "'P'", 'unix_box' => "'shell1'", 'cvs_box' => "'cvs1'", 'license' => "'" . htmlspecialchars(mysql_real_escape_string($data['project']['form_license'])) . "'", 'license_other' => "'" . htmlspecialchars(mysql_real_escape_string($data['project']['form_license_other'])) . "'", 'short_description' => "'" . htmlspecialchars(mysql_real_escape_string($data['project']['form_short_description'])) . "'", 'register_time' => time(), 'rand_hash' => "'" . md5($random_num) . "'", 'built_from_template' => db_ei($data['project']['built_from_template']), 'type' => $data['project']['is_test'] ? 3 : 1);
$sql = 'INSERT INTO groups(' . implode(', ', array_keys($insert_data)) . ') VALUES (' . implode(', ', array_values($insert_data)) . ')';
$result = db_query($sql);
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'upd_fail', array($GLOBALS['sys_email_admin'], db_error())));
} else {
$group_id = db_insertid($result);
// insert descriptions
$descfieldsinfos = getProjectsDescFieldsInfos();
for ($i = 0; $i < sizeof($descfieldsinfos); $i++) {
if (isset($data['project']["form_" . $descfieldsinfos[$i]["group_desc_id"]]) && $data['project']["form_" . $descfieldsinfos[$i]["group_desc_id"]] != '') {
$sql = "INSERT INTO group_desc_value (group_id, group_desc_id, value) VALUES ('" . db_ei($group_id) . "','" . db_ei($descfieldsinfos[$i]["group_desc_id"]) . "','" . db_escape_string(trim($data['project']["form_" . $descfieldsinfos[$i]["group_desc_id"]])) . "')";
$result = db_query($sql);
if (!$result) {
list($host, $port) = explode(':', $GLOBALS['sys_default_domain']);
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'ins_desc_fail', array($host, db_error())));
}
}
}
// insert trove categories
if (isset($data['project']['trove'])) {
foreach ($data['project']['trove'] as $root => $values) {
foreach ($values as $value) {
db_query("INSERT INTO trove_group_link (trove_cat_id,trove_cat_version," . "group_id,trove_cat_root) VALUES (" . db_ei($value) . "," . time() . "," . db_ei($group_id) . "," . db_ei($root) . ")");
}
}
}
// define a module
$project_manager = ProjectManager::instance();
$result = db_query("INSERT INTO filemodule (group_id,module_name) VALUES ('{$group_id}','" . $project_manager->getProject($group_id)->getUnixName() . "')");
if (!$result) {
list($host, $port) = explode(':', $GLOBALS['sys_default_domain']);
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'ins_file_fail', array($host, db_error())));
}
// make the current user a project admin as well as admin
// on all Codendi services
$result = db_query("INSERT INTO user_group (user_id,group_id,admin_flags,bug_flags,forum_flags,project_flags,patch_flags,support_flags,doc_flags,file_flags,wiki_flags,svn_flags,news_flags) VALUES (" . user_getid() . "," . $group_id . "," . "'A'," . "2," . "2," . "2," . "2," . "2," . "2," . "2," . "2," . "2," . "2)");
// news_flags
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'set_owner_fail', array($GLOBALS['sys_email_admin'], db_error())));
}
// clear the user data to take into account this new group.
$user = UserManager::instance()->getCurrentUser();
$user->clearGroupData();
// Instanciate all services from the project template that are 'active'
$group = $project_manager->getProject($group_id);
if (!$group || !is_object($group)) {
exit_no_group();
}
//set up the group_id
$_REQUEST['group_id'] = $_GET['group_id'] = $group_id;
$request =& HTTPRequest::instance();
$request->params['group_id'] = $_REQUEST['group_id'];
$template_id = $group->getTemplate();
$template_group = $project_manager->getProject($template_id);
if (!$template_group || !is_object($template_group) || $template_group->isError()) {
exit_no_group();
}
$system_template = $template_group->getStatus() == 's' || $template_group->getStatus() == 'S';
if (!$system_template) {
$template_name = $template_group->getUnixName();
}
$sql = "SELECT * FROM service WHERE group_id={$template_id} AND is_active=1";
$result = db_query($sql);
while ($arr = db_fetch_array($result)) {
if (isset($data['project']['services'][$arr['service_id']]['is_used'])) {
$is_used = $data['project']['services'][$arr['service_id']]['is_used'];
} else {
$is_used = '0';
if ($arr['short_name'] == 'admin' || $arr['short_name'] == 'summary') {
$is_used = '1';
}
}
$server_id = isset($data['project']['services'][$arr['service_id']]['server_id']) && $data['project']['services'][$arr['service_id']]['server_id'] ? $data['project']['services'][$arr['service_id']]['server_id'] : 'null';
if (!service_create_service($arr, $group_id, array('system' => $system_template, 'name' => $system_template ? '' : $template_name, 'id' => $template_id, 'is_used' => $is_used, 'server_id' => $server_id))) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_create_service') . '<br>' . db_error());
}
}
//Add the import of the message to requester from the parent project if defined
$dar = $project_manager->getMessageToRequesterForAccessProject($template_id);
if ($dar && !$dar->isError() && $dar->rowCount() == 1) {
$row = $dar->getRow();
$result = $project_manager->setMessageToRequesterForAccessProject($group_id, $row['msg_to_requester']);
} else {
$result = $project_manager->setMessageToRequesterForAccessProject($group_id, 'member_request_delegation_msg_to_requester');
}
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_copy_msg_to_requester'));
}
//Copy forums from template project
$sql = "SELECT forum_name, is_public, description FROM forum_group_list WHERE group_id={$template_id} ";
$result = db_query($sql);
while ($arr = db_fetch_array($result)) {
$fid = forum_create_forum($group_id, $arr['forum_name'], $arr['is_public'], 1, $arr['description'], $need_feedback = false);
if ($fid != -1) {
forum_add_monitor($fid, user_getid());
}
}
//copy cvs infos
$sql = "SELECT cvs_tracker, cvs_watch_mode, cvs_preamble, cvs_is_private FROM groups WHERE group_id={$template_id} ";
$result = db_query($sql);
$arr = db_fetch_array($result);
$query = "UPDATE groups \n SET cvs_tracker='" . db_ei($arr['cvs_tracker']) . "',\n cvs_watch_mode='" . db_ei($arr['cvs_watch_mode']) . "' ,\n cvs_preamble='" . db_escape_string($arr['cvs_preamble']) . "',\n cvs_is_private = " . db_escape_int($arr['cvs_is_private']) . "\n WHERE group_id = '{$group_id}'";
$result = db_query($query);
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_copy_cvs_infos'));
}
//copy svn infos
$current_timestamp = db_escape_int($_SERVER['REQUEST_TIME']);
$sql = "INSERT INTO svn_accessfile_history (version_number, group_id, version_date)\n VALUES (1, {$group_id}, {$current_timestamp})";
$result = db_query($sql);
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_copy_svn_infos'));
}
$sql = "SELECT svn_tracker, svn_preamble, svn_mandatory_ref, svn_commit_to_tag_denied FROM groups WHERE group_id={$template_id} ";
$result = db_query($sql);
$arr = db_fetch_array($result);
$query = "UPDATE groups, svn_accessfile_history\n SET svn_tracker='" . db_ei($arr['svn_tracker']) . "',\n svn_mandatory_ref='" . db_ei($arr['svn_mandatory_ref']) . "',\n svn_preamble='" . db_escape_string($arr['svn_preamble']) . "',\n svn_commit_to_tag_denied='" . db_ei($arr['svn_commit_to_tag_denied']) . "',\n svn_accessfile_version_id = svn_accessfile_history.id\n WHERE groups.group_id = {$group_id}\n AND groups.group_id = svn_accessfile_history.group_id";
$result = db_query($query);
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_copy_svn_infos'));
}
// Activate other system references not associated with any service
$reference_manager =& ReferenceManager::instance();
$reference_manager->addSystemReferencesWithoutService($template_id, $group_id);
//Copy ugroups
$ugroup_mapping = array();
ugroup_copy_ugroups($template_id, $group_id, $ugroup_mapping);
$sql_ugroup_mapping = ' ugroup_id ';
if (is_array($ugroup_mapping) && count($ugroup_mapping)) {
$sql_ugroup_mapping = ' CASE ugroup_id ';
foreach ($ugroup_mapping as $key => $val) {
$sql_ugroup_mapping .= ' WHEN ' . $key . ' THEN ' . $val;
}
$sql_ugroup_mapping .= ' ELSE ugroup_id END ';
}
//Copy packages from template project
$sql = "SELECT package_id, name, status_id, rank, approve_license FROM frs_package WHERE group_id = {$template_id}";
if ($result = db_query($sql)) {
while ($p_data = db_fetch_array($result)) {
$template_package_id = $p_data['package_id'];
$sql = sprintf("INSERT INTO frs_package(group_id, name, status_id, rank, approve_license) VALUES (%s, '%s', %s, %s, %s)", $group_id, db_escape_string($p_data['name']), db_ei($p_data['status_id']), db_ei($p_data['rank']), db_ei($p_data['approve_license']));
$rid = db_query($sql);
if ($rid) {
$package_id = db_insertid($rid);
$sql = "INSERT INTO permissions(permission_type, object_id, ugroup_id) \n SELECT permission_type, {$package_id}, {$sql_ugroup_mapping}\n FROM permissions\n WHERE permission_type = 'PACKAGE_READ'\n AND object_id = {$template_package_id}";
db_query($sql);
}
}
}
//Set up some mailing lists
//will be done at some point. needs to communicate with geocrawler
// TBD
// Generic Trackers Creation
$tracker_mapping = array();
$report_mapping = array();
if (TrackerV3::instance()->available()) {
$atf = new ArtifactTypeFactory($template_group);
//$tracker_error = "";
// Add all trackers from template project (tracker templates) that need to be instanciated for new trackers.
$res = $atf->getTrackerTemplatesForNewProjects();
while ($arr_template = db_fetch_array($res)) {
$ath_temp = new ArtifactType($template_group, $arr_template['group_artifact_id']);
$report_mapping_for_this_tracker = array();
$new_at_id = $atf->create($group_id, $template_id, $ath_temp->getID(), db_escape_string($ath_temp->getName()), db_escape_string($ath_temp->getDescription()), $ath_temp->getItemName(), $ugroup_mapping, $report_mapping_for_this_tracker);
if (!$new_at_id) {
$GLOBALS['Response']->addFeedback('error', $atf->getErrorMessage());
} else {
$report_mapping = $report_mapping + $report_mapping_for_this_tracker;
$tracker_mapping[$ath_temp->getID()] = $new_at_id;
// Copy all the artifacts from the template tracker to the new tracker
$ath_new = new ArtifactType($group, $new_at_id);
// not now. perhaps one day
//if (!$ath_new->copyArtifacts($ath_temp->getID()) ) {
//$GLOBALS['Response']->addFeedback('info', $ath_new->getErrorMessage());
//}
// Create corresponding reference
$ref = new Reference(0, strtolower($ath_temp->getItemName()), $GLOBALS['Language']->getText('project_reference', 'reference_art_desc_key'), '/tracker/?func=detail&aid=$1&group_id=$group_id', 'P', 'tracker', ReferenceManager::REFERENCE_NATURE_ARTIFACT, '1', $group_id);
$result = $reference_manager->createReference($ref, true);
// Force reference creation because default trackers use reserved keywords
}
}
}
// Clone wiki from the template
$clone = new WikiCloner($template_id, $group_id);
// check if the template project has a wiki initialised
if ($clone->templateWikiExists() and $clone->newWikiIsUsed()) {
//clone wiki.
$clone->CloneWiki();
}
//Create the summary page
$lm = new WidgetLayoutManager();
$lm->createDefaultLayoutForProject($group_id, $template_id);
//Create project specific references if template is not default site template
if (!$system_template) {
$reference_manager =& ReferenceManager::instance();
$reference_manager->addProjectReferences($template_id, $group_id);
}
// Copy Truncated email option
$sql = "UPDATE groups AS g1\n JOIN groups AS g2\n ON g2.group_id = " . db_ei($template_id) . "\n SET g1.truncated_emails = g2.truncated_emails\n WHERE g1.group_id = " . db_ei($group_id);
db_query($sql);
$result = db_query($query);
if (!$result) {
exit_error($GLOBALS['Language']->getText('global', 'error'), $GLOBALS['Language']->getText('register_confirmation', 'cant_copy_truncated_emails'));
}
// Raise an event for plugin configuration
$em =& EventManager::instance();
$em->processEvent('register_project_creation', array('reportMapping' => $report_mapping, 'trackerMapping' => $tracker_mapping, 'ugroupsMapping' => $ugroup_mapping, 'group_id' => $group_id, 'template_id' => $template_id));
if ($auto_approval == PROJECT_APPROVAL_AUTO) {
$project_manager->activate($group);
}
return $group_id;
}
}
/**
* create() - Create a new user.
*
* @param string The unix username.
* @param string The real firstname.
* @param string The real lastname.
* @param string The first password.
* @param string The confirmation password.
* @param string The users email address.
* @param string The users preferred default language.
* @param string The users preferred default timezone.
* @param string The users preference for receiving site updates by email.
* @param string The users preference for receiving community updates by email.
* @param int The ID of the language preference.
* @param string The users preferred timezone.
* @param string The users Jabber address.
* @param int The users Jabber preference.
* @param int The users theme_id.
* @param string The users unix_box.
* @param string The users address.
* @param string The users address part 2.
* @param string The users phone.
* @param string The users fax.
* @param string The users title.
* @param char(2) The users ISO country_code.
* @param bool Whether to send an email or not
* @returns The newly created user ID
*
*/
function create($unix_name, $firstname, $lastname, $password1, $password2, $email, $mail_site, $mail_va, $language_id, $timezone, $jabber_address, $jabber_only, $theme_id, $unix_box = 'shell', $address = '', $address2 = '', $phone = '', $fax = '', $title = '', $ccode = 'US', $send_mail = true)
{
if (!$theme_id) {
$this->setError(_('You must supply a theme'));
return false;
}
if (!$unix_name) {
$this->setError(_('You must supply a username'));
return false;
}
if (!$firstname) {
$this->setError(_('You must supply a first name'));
return false;
}
if (!$lastname) {
$this->setError(_('You must supply a last name'));
return false;
}
if (!$password1) {
$this->setError(_('You must supply a password'));
return false;
}
if ($password1 != $password2) {
$this->setError(_('Passwords do not match'));
return false;
}
if (!account_pwvalid($password1)) {
$this->setError(_('Invalid Password:'******'Invalid Unix Name.'));
return false;
}
if (!validate_email($email)) {
$this->setError(_('Invalid Email Address'));
return false;
}
if ($jabber_address && !validate_email($jabber_address)) {
$this->setError(_('Invalid Jabber Address'));
return false;
}
if (!$jabber_only) {
$jabber_only = 0;
} else {
$jabber_only = 1;
}
if (db_numrows(db_query("SELECT user_id FROM users WHERE user_name LIKE '{$unix_name}'")) > 0) {
$this->setError(_('That username already exists.'));
return false;
}
if ($GLOBALS['sys_require_unique_email']) {
if (db_numrows(db_query("SELECT user_id FROM users WHERE email='{$email}'")) > 0) {
$this->setError(_('User with this email already exists - use people search to recover your login.'));
return false;
}
}
// if we got this far, it must be good
$confirm_hash = substr(md5($password1 . rand() . microtime()), 0, 16);
db_begin();
$sql = "INSERT INTO users (user_name,user_pw,unix_pw,realname,firstname,lastname,email,add_date,\n\t\t\tstatus,confirm_hash,mail_siteupdates,mail_va,language,timezone,jabber_address,jabber_only,\n\t\t\tunix_box,address,address2,phone,fax,title,ccode,theme_id) \n\t\t\tVALUES ('{$unix_name}',\n\t\t\t'" . md5($password1) . "',\n\t\t\t'" . account_genunixpw($password1) . "',\n\t\t\t'" . htmlspecialchars($firstname . ' ' . $lastname) . "',\n\t\t\t'" . htmlspecialchars($firstname) . "',\n\t\t\t'" . htmlspecialchars($lastname) . "',\n\t\t\t'{$email}',\n\t\t\t'" . time() . "',\n\t\t\t'P',\n\t\t\t'{$confirm_hash}',\n\t\t\t'" . ($mail_site ? "1" : "0") . "',\n\t\t\t'" . ($mail_va ? "1" : "0") . "',\n\t\t\t'{$language_id}',\n\t\t\t'{$timezone}',\n\t\t\t'{$jabber_address}',\n\t\t\t'{$jabber_only}',\n\t\t\t'{$unix_box}',\n\t\t\t'" . htmlspecialchars($address) . "',\n\t\t\t'" . htmlspecialchars($address2) . "',\n\t\t\t'" . htmlspecialchars($phone) . "',\n\t\t\t'" . htmlspecialchars($fax) . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'{$ccode}',\n\t\t\t'{$theme_id}')";
$result = db_query($sql);
if (!$result) {
$this->setError(_('Insert Failed') . db_error() . $sql);
db_rollback();
return false;
} else {
$id = db_insertid($result, 'users', 'user_id');
if (!$id) {
$this->setError('Could Not Get USERID: ' . db_error());
db_rollback();
return false;
}
// send mail
if (!$this->fetchData($id)) {
db_rollback();
return false;
}
$hook_params = array();
$hook_params['user'] = $this;
$hook_params['user_id'] = $this->getID();
$hook_params['user_name'] = $unix_name;
$hook_params['user_password'] = $password1;
plugin_hook("user_create", $hook_params);
if ($send_mail) {
setup_gettext_from_lang_id($language_id);
$this->sendRegistrationEmail();
setup_gettext_from_browser();
}
db_commit();
return $id;
}
}
/** copy ugoup ugroup_id with corresponding users to belong
* to $to_group
*/
function ugroup_copy_ugroup($ugroup_id, $to_group, &$ugid)
{
$ugid = 0;
$err = false;
$result = db_query("INSERT INTO ugroup (name,description,group_id) " . "SELECT name,description," . db_ei($to_group) . " FROM ugroup " . " WHERE ugroup_id='" . db_ei($ugroup_id) . "'");
if ($result && db_affected_rows($result) > 0) {
$ugid = db_insertid($result);
} else {
return db_error();
}
$result = db_query("INSERT INTO ugroup_user (ugroup_id,user_id) " . "SELECT {$ugid},user_id " . "FROM ugroup_user " . "WHERE ugroup_id='" . db_ei($ugroup_id) . "'");
if (!$result) {
return db_error();
}
$sql = sprintf('INSERT INTO ugroup_mapping (to_group_id, src_ugroup_id, dst_ugroup_id)' . ' VALUES (%d, %d, %d)', db_ei($to_group), db_ei($ugroup_id), db_ei($ugid));
$result = db_query($sql);
if (!$result || db_affected_rows($result) <= 0) {
return db_error();
}
return $err;
}
function create($request)
{
$content_id = false;
$vUrl = new Valid_String('url');
$vUrl->setErrorMessage("Can't add empty rss url");
$vUrl->required();
if ($request->validInArray('rss', $vUrl)) {
$rss = $request->get('rss');
$vTitle = new Valid_String('title');
$vTitle->required();
if (!$request->validInArray('rss', $vTitle)) {
require_once 'common/rss/libs/SimplePie/simplepie.inc';
if (!is_dir($GLOBALS['codendi_cache_dir'] . '/rss')) {
mkdir($GLOBALS['codendi_cache_dir'] . '/rss');
}
$rss_reader = new SimplePie($rss['url'], $GLOBALS['codendi_cache_dir'] . '/rss', null, $GLOBALS['sys_proxy']);
$rss['title'] = $rss_reader->get_title();
}
$sql = 'INSERT INTO widget_rss (owner_id, owner_type, title, url) VALUES (' . $this->owner_id . ", '" . $this->owner_type . "', '" . db_escape_string($rss['title']) . "', '" . db_escape_string($rss['url']) . "')";
$res = db_query($sql);
$content_id = db_insertid($res);
}
return $content_id;
}
/**
* create - create a row in the table that stores box names for a
* a tracker. This function is only used to create rows for boxes
* configured by the admin.
*
* @param string Name of the extra field.
* @param int The type of field - radio, select, text, textarea
* @param int Attribute1 - for text (size) and textarea (rows)
* @param int Attribute2 - for text (maxlength) and textarea (cols)
* @param int is_required - true or false whether this is a required field or not.
* @param string alias - alias for this extra field (optional)
* @return true on success / false on failure.
*/
function create($name, $field_type, $attribute1, $attribute2, $is_required = 0, $alias = '')
{
//
// data validation
//
if (!$name) {
$this->setError(_('a field name is required'));
return false;
}
if (!$this->ArtifactType->userIsAdmin()) {
$this->setPermissionDeniedError();
return false;
}
if ($is_required) {
$is_required = 1;
} else {
$is_required = 0;
}
if (!($alias = $this->generateAlias($alias, $name))) {
return false;
}
$sql = "INSERT INTO artifact_extra_field_list (group_artifact_id,field_name,\n\t\t\tfield_type,attribute1,attribute2,is_required,alias) \n\t\t\tVALUES ('" . $this->ArtifactType->getID() . "','" . htmlspecialchars($name) . "',\n\t\t\t'{$field_type}','{$attribute1}','{$attribute2}','{$is_required}','{$alias}')";
db_begin();
$result = db_query($sql);
if ($result && db_affected_rows($result) > 0) {
$this->clearError();
$id = db_insertid($result, 'artifact_extra_field_list', 'extra_field_id');
//
// Now set up our internal data structures
//
if (!$this->fetchData($id)) {
db_rollback();
return false;
}
if ($field_type == ARTIFACT_EXTRAFIELDTYPE_STATUS) {
if (!$this->ArtifactType->setCustomStatusField($id)) {
db_rollback();
return false;
} else {
//
// Must insert some default statuses for each artifact
//
$reso = db_query("INSERT INTO artifact_extra_field_elements(extra_field_id,element_name,status_id) \n\t\t\t\t\t\tvalues ('{$id}','Open','1')");
if (!$reso) {
echo db_error();
} else {
$resoid = db_insertid($reso, 'artifact_extra_field_elements', 'element_id');
db_query("INSERT INTO artifact_extra_field_data(artifact_id,field_data,extra_field_id) \n\t\t\t\t\t\t\tSELECT artifact_id,{$resoid},{$id} FROM artifact \n\t\t\t\t\t\t\tWHERE group_artifact_id='" . $this->ArtifactType->getID() . "'\n\t\t\t\t\t\t\tAND status_id=1");
}
$resc = db_query("INSERT INTO artifact_extra_field_elements(extra_field_id,element_name,status_id)\n\t\t\t\t\t\tvalues ('{$id}','Closed','2')");
if (!$resc) {
echo db_error();
} else {
$rescid = db_insertid($resc, 'artifact_extra_field_elements', 'element_id');
db_query("INSERT INTO artifact_extra_field_data(artifact_id,field_data,extra_field_id) \n\t\t\t\t\t\t\tSELECT artifact_id,{$rescid},{$id} FROM artifact \n\t\t\t\t\t\t\tWHERE group_artifact_id='" . $this->ArtifactType->getID() . "'\n\t\t\t\t\t\t\tAND status_id != 1");
}
}
} elseif (strstr(ARTIFACT_EXTRAFIELD_FILTER_INT, $field_type) !== false) {
//
// Must insert some default 100 rows for the data table so None queries will work right
//
$resdefault = db_query("INSERT INTO artifact_extra_field_data(artifact_id,field_data,extra_field_id) \n\t\t\t\t\tSELECT artifact_id,100,{$id} FROM artifact WHERE group_artifact_id='" . $this->ArtifactType->getID() . "'");
if (!$resdefault) {
echo db_error();
}
}
db_commit();
return $id;
} else {
$this->setError(db_error());
db_rollback();
return false;
}
}
function insertMessage($structure, $body, $ctype = "")
{
$this->mail = $structure;
if (isset($structure["in-reply-to"])) {
// special case: 'in-reply-to' header may contain "Message from ... "
if (preg_match('/^Message from.*$/', $structure["in-reply-to"])) {
$arr = explode(" ", $structure["in-reply-to"]);
$reply_to = $arr[count($structure["in-reply-to"]) - 1];
} else {
$reply_to = $structure["in-reply-to"];
}
} else {
if (isset($structure["references"])) {
// special case: 'in-reply-to' header is not set, but 'references' - which contain list of parent messages ids - is set
$ref_arr = explode(" ", $structure["references"]);
$reply_to = $ref_arr[count($structure["references"]) - 1];
} else {
$reply_to = "";
}
}
// Message date
// Cannot rely on server's date because it might be different
// and it doesn't work when it comes to load mail archives!
$messageDate = strtotime($structure['date']);
$id_parent = 0;
// If the current message is an answer
if ($reply_to != "") {
$id_parent = $this->getParentMessageFromHeader($reply_to);
}
if ($id_parent != 0) {
$this->updateParentDate($id_parent, $messageDate);
}
$sql = sprintf('INSERT INTO plugin_forumml_message' . ' (id_message, id_list, id_parent, body, last_thread_update, msg_type)' . ' VALUES (%d, %d, %d, "%s", %d, "%s")', "", db_ei($this->id_list), db_ei($id_parent), db_es($body), db_ei($messageDate), db_es($ctype));
$res = db_query($sql);
$this->id_message = db_insertid($res);
// All headers of the current mail are stored in the forumml_messageheader table
$k = 0;
foreach ($structure as $header => $value_header) {
$k++;
if ($k != 1) {
if ($header != "received") {
$id_header = $this->insertHeader($header);
if (is_array($value_header)) {
$value_header = implode(",", $value_header);
}
$this->insertMessageHeader($id_header, $value_header);
}
}
}
return $this->id_message;
}
create the snippet package version
*/
$sql = "INSERT INTO snippet_package_version " . "(snippet_package_id,changes,version,submitted_by,date) " . "VALUES ('{$snippet_package_id}','" . htmlspecialchars($changes) . "','" . htmlspecialchars($version) . "','" . user_getid() . "','" . time() . "')";
$result = db_query($sql);
if (!$result) {
//error in database
$feedback .= ' ' . $Language->getText('snippet_addversion', 'error_insert') . ' ';
snippet_header(array('title' => $Language->getText('snippet_addversion', 'submit_p')));
echo db_error();
snippet_footer(array());
exit;
} else {
//so far so good - now add snippets to the package
$feedback .= ' ' . $Language->getText('snippet_addversion', 'p_add_success') . ' ';
//id for this snippet_package_version
$snippet_package_version_id = db_insertid($result);
snippet_header(array('title' => $Language->getText('snippet_addversion', 'add')));
/*
This raw HTML allows the user to add snippets to the package
*/
echo '
<SCRIPT LANGUAGE="JavaScript">
<!--
function show_add_snippet_box() {
newWindow = open("","occursDialog","height=500,width=300,scrollbars=yes,resizable=yes");
newWindow.location=(\'/snippet/add_snippet_to_package.php?suppress_nav=1&snippet_package_version_id=' . $snippet_package_version_id . '\');
}
// -->
</script>
<BODY onLoad="show_add_snippet_box()">
/**
* create - use this function to create a new entry in the database.
*
* @param string The name of the mailing list
* @param string The description of the mailing list
* @param int Pass (1) if it should be public (0) for private.
*
* @return boolean success.
*/
function create($listName, $description, $isPublic = MAIL__MAILING_LIST_IS_PUBLIC, $creator_id = false)
{
//
// During the group creation, the current user_id will not match the admin's id
//
if (!$creator_id) {
$creator_id = user_getid();
if (!$this->userIsAdmin()) {
$this->setPermissionDeniedError();
return false;
}
}
if (!$listName || strlen($listName) < MAIL__MAILING_LIST_NAME_MIN_LENGTH) {
$this->setError(_('Must Provide List Name That Is 4 or More Characters Long'));
return false;
}
$realListName = strtolower($this->Group->getUnixName() . '-' . $listName);
if (!validate_email($realListName . '@' . $GLOBALS['sys_lists_host'])) {
$this->setError(_('Invalid List Name') . ': ' . $realListName . '@' . $GLOBALS['sys_lists_host']);
return false;
}
$result = db_query('SELECT 1 FROM mail_group_list WHERE lower(list_name)=\'' . $realListName . '\'');
if (db_numrows($result) > 0) {
$this->setError(_('List Already Exists'));
return false;
}
$result_forum_samename = db_query('SELECT 1 FROM forum_group_list WHERE forum_name=\'' . $listName . '\' AND group_id=' . $this->Group->getID() . '');
if (db_numrows($result_forum_samename) > 0) {
$this->setError(_('Forum exists with the same name'));
return false;
}
$listPassword = substr(md5($GLOBALS['session_hash'] . time() . rand(0, 40000)), 0, 16);
$sql = 'INSERT INTO mail_group_list ' . '(group_id, list_name, is_public, password, list_admin, status, description) VALUES (' . $this->Group->getID() . ', ' . "'" . $realListName . "'," . "'" . $isPublic . "'," . "'" . $listPassword . "'," . "'" . $creator_id . "'," . "'" . MAIL__MAILING_LIST_IS_REQUESTED . "'," . "'" . $description . "')";
db_begin();
$result = db_query($sql);
if (!$result) {
db_rollback();
$this->setError(sprintf(_('Error Creating %1$s'), _('Error Creating %1$s')) . db_error());
return false;
}
$this->groupMailingListId = db_insertid($result, 'mail_group_list', 'group_list_id');
$this->fetchData($this->groupMailingListId);
$user =& user_get_object($creator_id);
$userEmail = $user->getEmail();
if (empty($userEmail) || !validate_email($userEmail)) {
db_rollback();
$this->setInvalidEmailError();
return false;
} else {
$mailBody = stripcslashes(sprintf(_('A mailing list will be created on %1$s in 6-24 hours
and you are the list administrator.
This list is: %3$s@%2$s .
Your mailing list info is at:
%4$s .
List administration can be found at:
%5$s .
Your list password is: %6$s .
You are encouraged to change this password as soon as possible.
Thank you for registering your project with %1$s.
-- the %1$s staff
'), $GLOBALS['sys_name'], $GLOBALS['sys_lists_host'], $realListName, $this->getExternalInfoUrl(), $this->getExternalAdminUrl(), $listPassword));
$mailSubject = sprintf(_('%1$s New Mailing List'), $GLOBALS['sys_name']);
util_send_message($userEmail, $mailSubject, $mailBody, 'admin@' . $GLOBALS['sys_default_domain']);
}
db_commit();
return true;
}
create the snippet package version
*/
$sql = "INSERT INTO snippet_package_version " . "(snippet_package_id,changes,version,submitted_by,post_date) " . "VALUES ('{$snippet_package_id}','" . htmlspecialchars($changes) . "','" . htmlspecialchars($version) . "','" . user_getid() . "','" . time() . "')";
$result = db_query($sql);
if (!$result) {
//error in database
$feedback .= _('ERROR DOING SNIPPET PACKAGE VERSION INSERT!');
snippet_header(array('title' => _('New snippet package')));
echo db_error();
snippet_footer(array());
exit;
} else {
//so far so good - now add snippets to the package
$feedback .= _('Snippet Package Version Added Successfully.');
//id for this snippet_package_version
$snippet_package_version_id = db_insertid($result, 'snippet_package_version', 'snippet_package_version_id');
snippet_header(array('title' => _('Add snippet to package')));
/*
This raw HTML allows the user to add snippets to the package
*/
?>
<script type="text/javascript">
<!--
function show_add_snippet_box() {
newWindow = open("","occursDialog","height=500,width=300,scrollbars=yes,resizable=yes");
newWindow.location=('/snippet/add_snippet_to_package.php?snippet_package_version_id=<?php
echo $snippet_package_version_id;
?>
');
}
//
// $Id: projectname.php,v 1.3 2004/10/11 15:03:49 helix Exp $
require "pre.php";
// Initial db and session library, opens session
session_require(array('isloggedin' => '1'));
require "account.php";
// push received vars
if ($insert_purpose && $form_purpose) {
srand((double) microtime() * 1000000);
$random_num = rand(0, 1000000);
// make group entry
$result = db_query("INSERT INTO groups (group_name,is_public,unix_group_name,http_domain,homepage,status," . "unix_box,cvs_box,license,register_purpose,register_time,license_other,rand_hash) VALUES (" . "'__{$random_num}'," . "1," . "'__{$random_num}'," . "'__{$random_num}'," . "'__{$random_num}'," . "'I'," . "'unicorn'," . "'cvs'," . "'__{$random_num}'," . "'" . htmlspecialchars($form_purpose) . "'," . time() . "," . "'__{$random_num}','__" . md5($random_num) . "')");
if (!$result) {
exit_error('ERROR', 'INSERT QUERY FAILED. Please notify admin@' . $GLOBALS['sys_default_domain']);
} else {
$group_id = db_insertid($result, 'groups', 'group_id');
}
} else {
exit_error('Error', 'Missing Information. <B>PLEASE</B> fill in all required information.');
}
$HTML->header(array('title' => 'Project Name'));
?>
<H2>Step 4: Project Name</H2>
<P><B>Project Name</B>
<P>We now need some basic technical information for your project.
There are two types of names that will be associated with this project.
/**
* create - use this function to create a new entry in the database.
*
* @param string The filename of this document. Can be a URL.
* @param string The filetype of this document. If filename is URL, this should be 'URL';
* @param string The contents of this document (should be addslashes()'d before entry).
* @param int The doc_group id of the doc_groups table.
* @param string The title of this document.
* @param int The language id of the supported_languages table.
* @param string The description of this document.
* @return boolean success.
*/
function create($filename, $filetype, $data, $doc_group, $title, $language_id, $description)
{
if (strlen($title) < 5) {
$this->setError(_('Title Must Be At Least 5 Characters'));
return false;
}
if (strlen($description) < 10) {
$this->setError(_('Document Description Must Be At Least 10 Characters'));
return false;
}
/*
$perm =& $this->Group->getPermission( session_get_user() );
if (!$perm || !is_object($perm) || !$perm->isDocEditor()) {
$this->setPermissionDeniedError();
return false;
}
*/
$user_id = session_loggedin() ? user_getid() : 100;
$doc_initstatus = '3';
// If Editor - uploaded Documents are ACTIVE
if (session_loggedin()) {
$perm =& $this->Group->getPermission(session_get_user());
if ($perm && is_object($perm) && $perm->isDocEditor()) {
$doc_initstatus = '1';
}
}
// If $filetype is "text/plain", $body convert UTF-8 encoding.
if (strcasecmp($filetype, "text/plain") === 0 && function_exists('mb_convert_encoding') && function_exists('mb_detect_encoding')) {
$data = mb_convert_encoding($data, 'UTF-8', mb_detect_encoding($data));
}
$data1 = $data;
// key words for in-document search
$kw = new Parsedata($this->engine_path);
$kwords = $kw->get_parse_data(stripslashes($data1), htmlspecialchars($title1), htmlspecialchars($description), $filetype);
// $kwords = "";
$filesize = strlen($data);
$sql = "INSERT INTO doc_data (group_id,title,description,createdate,doc_group,\n\t\t\tstateid,language_id,filename,filetype,filesize,data,data_words,created_by)\n\t\t\tVALUES ('" . $this->Group->getId() . "',\n\t\t\t'" . htmlspecialchars($title) . "',\n\t\t\t'" . htmlspecialchars($description) . "',\n\t\t\t'" . time() . "',\n\t\t\t'{$doc_group}',\n\t\t\t'{$doc_initstatus}',\n\t\t\t'{$language_id}',\n\t\t\t'{$filename}',\n\t\t\t'{$filetype}',\n\t\t\t'{$filesize}',\n\t\t\t'" . base64_encode(stripslashes($data)) . "',\n\t\t\t'{$kwords}',\n\t\t\t'{$user_id}')";
db_begin();
$result = db_query($sql);
if (!$result) {
$this->setError('Error Adding Document: ' . db_error());
db_rollback();
return false;
}
$docid = db_insertid($result, 'doc_data', 'docid');
if (!$this->fetchData($docid)) {
db_rollback();
return false;
}
$this->sendNotice(true);
db_commit();
return true;
}
/**
* create - create a new item in the database.
*
* @param string Body.
* @param string email of submitter (obsolete?).
* @return id on success / false on failure.
*/
function create($body, $by = false)
{
if (!$body) {
$this->setMissingParamsError();
return false;
}
if (session_loggedin()) {
$user_id = user_getid();
$user =& user_get_object($user_id);
if (!$user || !is_object($user)) {
$this->setError('ERROR - Logged In User Bug Could Not Get User Object');
return false;
}
$body = _('Logged In: YES') . " \nuser_id={$user_id}\n\n" . $body;
// we'll store this email even though it will likely never be used -
// since we have their correct user_id, we can join the USERS table to get email
$by = $user->getEmail();
} else {
$body = _('Logged In: NO') . " \n\n" . $body;
$user_id = 100;
if (!$by || !validate_email($by)) {
$this->setMissingParamsError();
return false;
}
}
$sql = "insert into artifact_message (artifact_id,submitted_by,from_email,adddate,body) \n\t\t\tVALUES ('" . $this->Artifact->getID() . "','{$user_id}','{$by}','" . time() . "','" . htmlspecialchars($body) . "')";
$res = db_query($sql);
if (!$res) {
$this->setError(db_error());
return false;
} else {
$id = db_insertid($res, 'artifact_message', 'id');
}
//
// Now set up our internal data structures
//
if (!$this->fetchData($id)) {
return false;
}
return $id;
}
function GetMySQLLastInsertID()
{
global $conn;
// select LAST_INSERT_ID() for ASP
return db_insertid($conn);
}
/**
* create - create a new FRSPackage in the database.
*
* @param string The name of this package.
* @param boolean Whether it's public or not. 1=public 0=private.
* @return boolean success.
*/
function create($name, $is_public = 1)
{
global $sys_apache_user, $sys_apache_group;
if (strlen($name) < 3) {
$this->setError(_('FRSPackage Name Must Be At Least 3 Characters'));
return false;
}
if (!util_is_valid_filename($name)) {
$this->setError(_('FRSPackage::Update: Package Name can only be alphanumeric'));
}
$perm =& $this->Group->getPermission(session_get_user());
if (!$perm || !is_object($perm) || !$perm->isReleaseTechnician()) {
$this->setPermissionDeniedError();
return false;
}
$res = db_query("SELECT * FROM frs_package WHERE group_id='" . $this->Group->getID() . "'\n\t\t\tAND name='" . htmlspecialchars($name) . "'");
if (db_numrows($res)) {
$this->setError('FRSPackage::create() Error Adding Package: Name Already Exists');
return false;
}
$sql = "INSERT INTO frs_package(group_id,name,status_id,is_public)\n\t\t\tVALUES ('" . $this->Group->getId() . "','" . htmlspecialchars($name) . "','1','{$is_public}')";
db_begin();
$result = db_query($sql);
if (!$result) {
db_rollback();
$this->setError('FRSPackage::create() Error Adding Package: ' . db_error());
return false;
}
$this->package_id = db_insertid($result, 'frs_package', 'package_id');
if (!$this->fetchData($this->package_id)) {
db_rollback();
return false;
} else {
//make groupdir if it doesn't exist
$groupdir = $GLOBALS['sys_upload_dir'] . '/' . $this->Group->getUnixName();
if (!is_dir($groupdir)) {
@mkdir($groupdir);
}
$newdirlocation = $GLOBALS['sys_upload_dir'] . '/' . $this->Group->getUnixName() . '/' . $this->getFileName();
exec("/bin/mkdir {$newdirlocation}", $out);
// this 2 should normally silently fail (because it´s called with the apache user) but if it´s root calling the create() method, then the owner and group for the directory should be changed
@chown($newdirlocation, $sys_apache_user);
@chgrp($newdirlocation, $sys_apache_group);
db_commit();
return true;
}
}
/**
* create - create a new item in the database.
*
* @para string Filename of the item.
* @param string Item filetype.
* @param string Item filesize.
* @param binary Binary item data.
* @param string Item description.
* @return id on success / false on failure.
*/
function create($filename, $filetype, $filesize, $bin_data, $description = false, &$changes)
{
global $Language;
if (!$description) {
$description = $Language->getText('global', 'none');
}
$old_value = $this->Artifact->getAttachedFileNames();
// Some browsers don't supply mime type if they don't know it
if (!$filetype) {
// Let's be on safe side?
$filetype = 'application/octet-stream';
}
//
// data validation
//
if (!$filename || !$filetype || !$filesize || !$bin_data) {
$GLOBALS['Response']->addFeedback('error', '<P>|' . $filename . '|' . $filetype . '|' . $filesize . '|' . $bin_data . '|');
$this->setError('ArtifactFile: ' . $Language->getText('tracker_common_file', 'name_requ'));
return false;
}
if (user_isloggedin()) {
$userid = user_getid();
} else {
$userid = 100;
}
$res = db_query("INSERT INTO artifact_file\n\t\t\t(artifact_id,description,bin_data,filename,filesize,filetype,adddate,submitted_by)\n\t\t\tVALUES \n\t\t\t('" . db_ei($this->Artifact->getID()) . "','" . db_es($description) . "','" . db_es($bin_data) . "','" . db_es($filename) . "',\n\t\t\t'" . db_ei($filesize) . "','" . db_es($filetype) . "','" . time() . "','" . db_ei($userid) . "')");
$id = db_insertid($res, 'artifact_file', 'id');
if (!$res || !$id) {
$this->setError('ArtifactFile: ' . db_error());
return false;
} else {
$this->clearError();
$changes['attach']['description'] = $description;
$changes['attach']['name'] = $filename;
$changes['attach']['size'] = $filesize;
if ($old_value == '') {
$new_value = $filename;
} else {
$new_value = $old_value . "," . $filename;
}
$this->Artifact->addHistory('attachment', $old_value, $new_value);
$changes['attach']['href'] = get_server_url() . "/tracker/download.php?artifact_id=" . $this->Artifact->getID() . "&id={$id}";
return $id;
}
}
/**
* create - create a new file in this FRSFileRelease/FRSPackage.
*
* @param string The name of this file.
* @param string The location of this file in the local file system.
* @param int The type_id of this file from the frs-file-types table.
* @param int The processor_id of this file from the frs-processor-types table.
* @param int The release_date of this file in unix time (seconds).
* @return boolean success.
*/
function create($name, $file_location, $type_id, $processor_id, $release_time = false)
{
if (strlen($name) < 3) {
$this->setError(_('FRSFile Name Must Be At Least 3 Characters'));
return false;
}
if (!util_is_valid_filename($name)) {
$this->setError(_('Filename can only be alphanumeric and "-" "_" "." characters.'));
return false;
}
//
// Can't really use is_uploaded_file() or move_uploaded_file()
// since we want this to be generalized code
// This is potentially exploitable if you do not validate
// before calling this function
//
if (!is_file($file_location) || !file_exists($file_location)) {
$this->setError(_('FRSFile Appears to be invalid'));
return false;
}
$perm =& $this->FRSRelease->FRSPackage->Group->getPermission(session_get_user());
if (!$perm || !is_object($perm) || !$perm->isReleaseTechnician()) {
$this->setPermissionDeniedError();
return false;
}
//
// Filename must be unique in this release
//
$resfile = db_query("SELECT filename \n\t\t\tFROM frs_file\n\t\t\tWHERE \n\t\t\tfilename='{$name}'\n\t\t\tAND release_id='" . $this->FRSRelease->getId() . "'");
if (!$resfile || db_numrows($resfile) > 0) {
$this->setError(_('That filename already exists in this project space') . ' ' . db_error());
return false;
}
$path_name = $GLOBALS['sys_upload_dir'] . '/' . $this->FRSRelease->FRSPackage->Group->getUnixName();
if (!is_dir($path_name)) {
mkdir($path_name, 0755);
} else {
if (fileperms($path_name) != 0x4755) {
chmod($path_name, 0755);
}
}
$path_name = $path_name . '/' . $this->FRSRelease->FRSPackage->getFileName();
if (!is_dir($path_name)) {
mkdir($path_name, 0755);
} else {
if (fileperms($path_name) != 0x4755) {
chmod($path_name, 0755);
}
}
$path_name = $path_name . '/' . $this->FRSRelease->getFileName();
if (!is_dir($path_name)) {
mkdir($path_name, 0755);
} else {
if (fileperms($path_name) != 0x4755) {
chmod($path_name, 0755);
}
}
$file_location = escapeshellcmd($file_location);
$newfilelocation = $GLOBALS['sys_upload_dir'] . '/' . $this->FRSRelease->FRSPackage->Group->getUnixName() . '/' . $this->FRSRelease->FRSPackage->getFileName() . '/' . $this->FRSRelease->getFileName() . '/';
//exec("/bin/mkdir $newfilelocation",$out);
//print_r($out);
//exec("/bin/mkdir $newfilelocation",$out);
//print_r($out);
$cmd = "/bin/mv {$file_location} {$newfilelocation}{$name}";
exec($cmd, $out);
//echo $cmd;
//print_r($out);
if (!file_exists("{$newfilelocation}{$name}")) {
$this->setError(_('File cannot be moved to the permanent location') . ': ' . $newfilelocation . $name);
return false;
}
if (!$release_time) {
$release_time = time();
}
$file_size = filesize("{$newfilelocation}{$name}");
$sql = "INSERT INTO frs_file(release_id,filename,release_time,\n\t\t\t\ttype_id,processor_id,file_size,post_date)\n\t\t\tVALUES ('" . $this->FRSRelease->getId() . "','{$name}','{$release_time}',\n\t\t\t\t'{$type_id}','{$processor_id}','{$file_size}','" . time() . "')";
db_begin();
$result = db_query($sql);
if (!$result) {
db_rollback();
$this->setError('FRSFile::create() Error Adding Release: ' . db_error());
return false;
}
$this->file_id = db_insertid($result, 'frs_file', 'file_id');
if (!$this->fetchData($this->file_id)) {
return false;
} else {
db_commit();
return true;
}
}