get_capability_row(lang_get('delete_own_bugnotes'), 'bugnote_user_delete_threshold');
get_capability_row(lang_get('view_private_notes'), 'private_bugnote_threshold');
get_capability_row(lang_get('change_view_state_own_bugnotes'), 'bugnote_user_change_view_state_threshold');
get_section_end();
# Others
get_section_begin_mcwt(lang_get('others'));
get_capability_row(lang_get('view') . ' ' . lang_get('changelog_link'), 'view_changelog_threshold');
get_capability_row(lang_get('view') . ' ' . lang_get('assigned_to'), 'view_handler_threshold');
get_capability_row(lang_get('view') . ' ' . lang_get('bug_history'), 'view_history_threshold');
get_capability_row(lang_get('send_reminders'), 'bug_reminder_threshold');
get_section_end();
if ($t_show_submit) {
echo "<input type=\"submit\" class=\"button\" value=\"" . lang_get('change_configuration') . "\" />\n";
}
echo "</form>\n";
if ($t_show_submit && 0 < count($t_overrides)) {
echo "<div class=\"right\"><form name=\"threshold_config_action\" method=\"post\" action=\"manage_config_revert.php\">\n";
echo form_security_field('manage_config_revert');
echo "<input name=\"revert\" type=\"hidden\" value=\"" . implode(',', $t_overrides) . "\"></input>";
echo "<input name=\"project\" type=\"hidden\" value=\"{$t_project_id}\"></input>";
echo "<input name=\"return\" type=\"hidden\" value=\"" . form_action_self() . "\"></input>";
echo "<input type=\"submit\" class=\"button\" value=\"";
if (ALL_PROJECTS == $t_project_id) {
echo lang_get('revert_to_system');
} else {
echo lang_get('revert_to_all_project');
}
echo "\" />\n";
echo "</form></div>\n";
}
html_page_bottom();
/**
* Generate the intermediate authentication page.
* @param integer User ID
* @param string Username
* @return bool
* @access public
*/
function auth_reauthenticate_page($p_user_id, $p_username)
{
$t_error = false;
if (true == gpc_get_bool('_authenticate')) {
$f_password = gpc_get_string('password', '');
if (auth_attempt_login($p_username, $f_password)) {
auth_set_tokens($p_user_id);
return true;
} else {
$t_error = true;
}
}
html_page_top();
?>
<div align="center">
<p>
<?php
echo lang_get('reauthenticate_message');
if ($t_error != false) {
echo '<br/><font color="red">', lang_get('login_error'), '</font>';
}
?>
</p>
<form name="reauth_form" method="post" action="<?php
echo form_action_self();
?>
">
<?php
# CSRF protection not required here - user needs to enter password
# (confirmation step) before the form is accepted.
print_hidden_inputs(gpc_strip_slashes($_POST));
print_hidden_inputs(gpc_strip_slashes($_GET));
?>
<input type="hidden" name="_authenticate" value="1" />
<table class="width50 center">
<tr>
<td class="form-title" colspan="2"><?php
echo lang_get('reauthenticate_title');
?>
</td>
</tr>
<tr class="row-1">
<th class="category"><?php
echo lang_get('username');
?>
</th>
<td><input type="text" disabled="disabled" size="32" maxlength="<?php
echo USERLEN;
?>
" value="<?php
echo string_attribute($p_username);
?>
" /></td>
</tr>
<tr class="row-2">
<th class="category"><?php
echo lang_get('password');
?>
</th>
<td><input type="password" name="password" size="16" maxlength="<?php
echo PASSLEN;
?>
" class="autofocus" /></td>
</tr>
<tr>
<td class="center" colspan="2"><input type="submit" class="button" value="<?php
echo lang_get('login_button');
?>
" /></td>
</tr>
</table>
</form>
</div>
<?php
html_page_bottom();
exit;
}
}
get_capability_row_for_email(lang_get('email_on_relationship_changed'), 'relation');
$t_statuses = MantisEnum::getAssocArrayIndexedByValues(config_get('status_enum_string'));
foreach ($t_statuses as $t_status => $t_label) {
get_capability_row_for_email(lang_get('status_changed_to') . ' \'' . get_enum_element('status', $t_status) . '\'', $t_label);
}
get_section_end_for_email();
if ($g_can_change_flags || $g_can_change_defaults) {
echo '<p>' . lang_get('notify_actions_change_access') . "\n";
echo '<select name="notify_actions_access">' . "\n";
print_enum_string_option_list('access_levels', config_get_access('notify_flags'));
echo "\n</select></p>";
echo '<input type="submit" class="button" value="' . lang_get('change_configuration') . '" />' . "\n";
echo "</form>\n";
echo '<div class="right">' . "\n";
echo '<form id="mail_config_action" method="post" action="manage_config_revert.php">' . "\n";
echo form_security_field('manage_config_revert') . "\n";
echo '<input name="revert" type="hidden" value="notify_flags,default_notify_flags" />' . "\n";
echo '<input name="project" type="hidden" value="' . $t_project . '" />' . "\n";
echo '<input name="return" type="hidden" value="' . string_attribute(form_action_self()) . '" />' . "\n";
echo '<input type="submit" class="button" value="';
if (ALL_PROJECTS == $t_project) {
echo lang_get('revert_to_system');
} else {
echo lang_get('revert_to_all_project');
}
echo '" />' . "\n";
echo "</form></div>\n";
}
}
html_page_bottom();
get_capability_row_for_email(lang_get('email_on_sponsorship_changed'), 'sponsor');
}
get_capability_row_for_email(lang_get('email_on_relationship_changed'), 'relation');
$t_statuses = MantisEnum::getAssocArrayIndexedByValues(config_get('status_enum_string'));
foreach ($t_statuses as $t_status => $t_label) {
get_capability_row_for_email(lang_get('status_changed_to') . ' \'' . get_enum_element('status', $t_status) . '\'', $t_label);
}
get_section_end_for_email();
if ($t_can_change_flags || $t_can_change_defaults) {
echo '<p>' . lang_get('notify_actions_change_access');
echo '<select name="notify_actions_access">';
print_enum_string_option_list('access_levels', config_get_access('notify_flags'));
echo '</select> </p>';
echo "<input type=\"submit\" class=\"button\" value=\"" . lang_get('change_configuration') . "\" />\n";
echo "</form>\n";
echo "<div class=\"right\"><form name=\"mail_config_action\" method=\"post\" action=\"manage_config_revert.php\">\n";
echo form_security_field('manage_config_revert');
echo "<input name=\"revert\" type=\"hidden\" value=\"notify_flags,default_notify_flags\"></input>";
echo "<input name=\"project\" type=\"hidden\" value=\"{$t_project}\"></input>";
echo "<input name=\"return\" type=\"hidden\" value=\"" . string_attribute(form_action_self()) . "\"></input>";
echo "<input type=\"submit\" class=\"button\" value=\"";
if (ALL_PROJECTS == $t_project) {
echo lang_get('revert_to_system');
} else {
echo lang_get('revert_to_all_project');
}
echo "\" />\n";
echo "</form></div>\n";
}
}
html_page_bottom();
$t_bugnote_stats_to_y = gpc_get_int('end_year', $t_bugnote_stats_to_def_y);
$f_get_bugnote_stats_button = gpc_get_string('get_bugnote_stats_button', '');
# Retrieve the cost as a string and convert to floating point
$f_bugnote_cost = floatval(gpc_get_string('bugnote_cost', ''));
$f_project_id = helper_get_current_project();
if (ON == config_get('time_tracking_with_billing')) {
$t_cost_col = true;
} else {
$t_cost_col = false;
}
# Time tracking date range input form
# CSRF protection not required here - form does not result in modifications
?>
<form method="post" action="<?php
echo string_attribute(form_action_self());
?>
">
<input type="hidden" name="id" value="<?php
echo isset($f_bug_id) ? $f_bug_id : 0;
?>
" />
<table border="0" class="width100" cellspacing="0">
<tr>
<td class="form-title" colspan="4">
<?php
collapse_icon('bugnotestats');
echo lang_get('time_tracking');
?>
</td>
</tr>
/**
* Check whether the user has confirmed this action.
*
* If the user has not confirmed the action, generate a page which asks
* the user to confirm and then submits a form back to the current page
* with all the GET and POST data and an additional field called _confirmed
* to indicate that confirmation has been done.
* @param string $p_message
* @param string $p_button_label
* @return bool
* @todo improve this formatting - to only be about 50% of the screen width so that it doesn't become hard to read.
*/
function helper_ensure_confirmed($p_message, $p_button_label)
{
if (true == gpc_get_bool('_confirmed')) {
return true;
}
html_page_top();
echo "<br />\n<div align=\"center\">\n";
print_hr();
echo "\n{$p_message}\n";
echo '<form method="post" action="' . string_attribute(form_action_self()) . "\">\n";
# CSRF protection not required here - user needs to confirm action
# before the form is accepted.
print_hidden_inputs(gpc_strip_slashes($_POST));
print_hidden_inputs(gpc_strip_slashes($_GET));
echo "<input type=\"hidden\" name=\"_confirmed\" value=\"1\" />\n";
echo '<br /><br /><input type="submit" class="button" value="' . $p_button_label . '" />';
echo "\n</form>\n";
print_hr();
echo "</div>\n";
html_page_bottom();
exit;
}
$t_bugnote_stats_from_y = gpc_get_string('start_year', $t_bugnote_stats_from_def_y);
$t_bugnote_stats_to_def = date("d:m:Y");
$t_bugnote_stats_to_def_ar = explode(":", $t_bugnote_stats_to_def);
$t_bugnote_stats_to_def_d = $t_bugnote_stats_to_def_ar[0];
$t_bugnote_stats_to_def_m = $t_bugnote_stats_to_def_ar[1];
$t_bugnote_stats_to_def_y = $t_bugnote_stats_to_def_ar[2];
$t_bugnote_stats_to_d = gpc_get_string('end_day', $t_bugnote_stats_to_def_d);
$t_bugnote_stats_to_m = gpc_get_string('end_month', $t_bugnote_stats_to_def_m);
$t_bugnote_stats_to_y = gpc_get_string('end_year', $t_bugnote_stats_to_def_y);
$f_get_bugnote_stats_button = gpc_get_string('get_bugnote_stats_button', '');
# Time tracking date range input form
# CSRF protection not required here - form does not result in modifications
?>
<form method="post" action="<?php
echo string_attribute(form_action_self() . '#bugnotestats');
?>
">
<input type="hidden" name="id" value="<?php
echo $f_bug_id;
?>
" />
<table border=0 class="width100" cellspacing="0">
<tr>
<td class="form-title" colspan="4">
<?php
collapse_icon('bugnotestats');
echo lang_get('time_tracking');
?>
</td>
</tr>
$t_bugnote_stats_to_def_m = $t_bugnote_stats_to_def_ar[1];
$t_bugnote_stats_to_def_y = $t_bugnote_stats_to_def_ar[2];
$t_bugnote_stats_to_d = gpc_get_int('end_day', $t_bugnote_stats_to_def_d);
$t_bugnote_stats_to_m = gpc_get_int('end_month', $t_bugnote_stats_to_def_m);
$t_bugnote_stats_to_y = gpc_get_int('end_year', $t_bugnote_stats_to_def_y);
$f_get_bugnote_stats_button = gpc_get_string('get_bugnote_stats_button', '');
$f_bugnote_cost = gpc_get_int('bugnote_cost', '');
$f_project_id = helper_get_current_project();
if (ON == config_get('time_tracking_with_billing')) {
$t_cost_col = true;
} else {
$t_cost_col = false;
}
?>
<form method="post" action="<?php
echo form_action_self();
?>
">
<?php
# CSRF protection not required here - form does not result in modifications
?>
<input type="hidden" name="id" value="<?php
echo isset($f_bug_id) ? $f_bug_id : 0;
?>
" />
<table border="0" class="width100" cellspacing="0">
<tr>
<td class="form-title" colspan="4">
<?php
collapse_icon('bugnotestats');
?>
