public function getIssueIDs($options)
{
// Build the Sphinx client
$this->sphinx->SetSortMode(SPH_SORT_RELEVANCE);
// $this->sphinx->SetWeights(array(1, 1));
$this->sphinx->SetLimits(0, 500, 100000);
$this->sphinx->SetArrayResult(true);
if (empty($options['match_mode'])) {
$options['match_mode'] = SPH_MATCH_ALL;
}
$this->sphinx->SetMatchMode($options['match_mode']);
$this->sphinx->SetFilter('prj_id', array(Auth::getCurrentProject()));
// TODO: Add support for selecting indexes to search
$indexes = implode('; ', $this->getIndexes(Auth::getCurrentRole() > User::ROLE_CUSTOMER));
if (isset($options['customer_id']) && !empty($options['customer_id'])) {
$this->sphinx->SetFilter('customer_id', array($options['customer_id']));
}
$this->keywords = $options['keywords'];
$this->match_mode = $options['match_mode'];
$res = $this->sphinx->Query($options['keywords'], $indexes);
// TODO: report these somehow back to the UI
// probably easy to do with Logger framework (add new handler?)
if (method_exists($this->sphinx, 'IsConnectError') && $this->sphinx->IsConnectError()) {
Logger::app()->error('sphinx_fulltext_search: Network Error');
}
if ($this->sphinx->GetLastWarning()) {
Logger::app()->warning('sphinx_fulltext_search: ' . $this->sphinx->GetLastWarning());
}
if ($this->sphinx->GetLastError()) {
Logger::app()->error('sphinx_fulltext_search: ' . $this->sphinx->GetLastError());
}
$issue_ids = array();
if (isset($res['matches'])) {
foreach ($res['matches'] as $match_details) {
// Variable translation
$match_id = $match_details['id'];
$issue_id = $match_details['attrs']['issue_id'];
$weight = $match_details['weight'];
$index_id = $match_details['attrs']['index_id'];
// if sphinx returns 0 as a weight, make it one because it
// did find a match in the result set
if ($weight <= 0) {
$weight = 1;
}
$index_name = $this->getIndexNameByID($index_id);
$this->matches[$issue_id][] = array('weight' => $weight, 'index' => $index_name, 'match_id' => $match_id);
$issue_ids[] = $issue_id;
}
}
return $issue_ids;
}
/**
* Method used to get the list of changes made against a specific issue.
*
* @param integer $iss_id The issue ID
* @param string $order_by The order to sort the history
* @return array The list of changes
*/
public static function getListing($iss_id, $order_by = 'DESC')
{
$order_by = DB_Helper::orderBy($order_by);
$stmt = "SELECT\n *\n FROM\n {{%issue_history}},\n {{%history_type}}\n WHERE\n htt_id = his_htt_id AND\n his_is_hidden != 1 AND\n his_iss_id=? AND\n his_min_role <= ?\n ORDER BY\n his_id {$order_by}";
$params = array($iss_id, Auth::getCurrentRole());
try {
$res = DB_Helper::getInstance()->getAll($stmt, $params);
} catch (DbException $e) {
return '';
}
foreach ($res as &$row) {
$row['his_summary'] = Misc::processTokens(ev_gettext($row['his_summary']), $row['his_context']);
}
return $res;
}
/**
* Returns the columns that should be displayed for the specified page.
* This method will remove columns that should not be displayed, due to
* lack of customer integration or insufficient role.
*
* @param integer $prj_id The ID of the project.
* @param string $page The page to return columns for.
* @return array An array of columns that should be displayed.
*/
public static function getColumnsToDisplay($prj_id, $page)
{
static $returns;
// poor man's caching system
if (!empty($returns[$prj_id][$page])) {
return $returns[$prj_id][$page];
}
$current_role = Auth::getCurrentRole();
$data = self::getSelectedColumns($prj_id, $page);
$has_customer_integration = CRM::hasCustomerIntegration($prj_id);
$only_with_customers = array('iss_customer_id', 'support_level');
// remove groups if there are no groups in the system.
if (count(Group::getAssocList($prj_id)) < 1) {
unset($data['iss_grp_id']);
}
// remove category column if there are no categories in the system
if (count(Category::getAssocList($prj_id)) < 1) {
unset($data['prc_title']);
}
// remove custom fields column if there are no custom fields
if (count(Custom_Field::getFieldsToBeListed($prj_id)) < 1) {
unset($data['custom_fields']);
}
// remove customer field if user has a role of customer
if ($current_role == User::getRoleID('Customer')) {
unset($data['iss_customer_id']);
}
foreach ($data as $field => $info) {
// remove fields based on role
if ($info['min_role'] > $current_role) {
unset($data[$field]);
continue;
}
// remove fields based on customer integration
if (!$has_customer_integration && in_array($field, $only_with_customers)) {
unset($data[$field]);
continue;
}
// get title
$data[$field] = self::getColumnInfo($page, $field);
if (!isset($data[$field]['width'])) {
$data[$field]['width'] = '';
}
}
$returns[$prj_id][$page] = $data;
return $data;
}
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to: |
// | |
// | Free Software Foundation, Inc. |
// | 51 Franklin Street, Suite 330 |
// | Boston, MA 02110-1301, USA. |
// +----------------------------------------------------------------------+
// | Authors: Bryan Alsdorf <*****@*****.**> |
// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('select_partners.tpl.html');
Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true);
$issue_id = @$_POST['issue_id'] ? $_POST['issue_id'] : $_GET['iss_id'];
if (!Access::canViewDrafts($issue_id, Auth::getUserID()) || Auth::getCurrentRole() <= User::getRoleID('Standard User')) {
$tpl = new Template_Helper();
$tpl->setTemplate('permission_denied.tpl.html');
$tpl->displayTemplate();
exit;
}
$prj_id = Issue::getProjectID($issue_id);
if (@$_POST['cat'] == 'update') {
$res = Partner::selectPartnersForIssue($_POST['issue_id'], @$_POST['partners']);
$tpl->assign('update_result', $res);
}
$tpl->assign(array('issue_id' => $issue_id, 'enabled_partners' => Partner::getPartnersByProject($prj_id), 'partners' => Partner::getPartnersByIssue($issue_id), 'current_user_prefs' => Prefs::get(Auth::getUserID())));
$tpl->displayTemplate();
/**
* Method used to remove specific custom filters.
*
* @return integer 1 if the removals worked properly, any other value otherwise
*/
public static function remove()
{
foreach ($_POST['item'] as $cst_id) {
$stmt = 'DELETE FROM
{{%custom_filter}}
WHERE';
$params = array();
if (self::isGlobal($cst_id)) {
if (Auth::getCurrentRole() >= User::ROLE_MANAGER) {
$stmt .= ' cst_is_global=1 AND ';
} else {
$stmt .= '
cst_is_global=1 AND
cst_usr_id=? AND ';
$params[] = Auth::getUserID();
}
} else {
$stmt .= ' cst_usr_id=? AND ';
$params[] = Auth::getUserID();
}
$stmt .= '
cst_prj_id=? AND
cst_id=?';
$params[] = Auth::getCurrentProject();
$params[] = $cst_id;
try {
DB_Helper::getInstance()->query($stmt, $params);
} catch (DbException $e) {
return -1;
}
}
return 1;
}
/**
* Method used to get the full listing of notes associated with
* a specific issue.
*
* @param integer $issue_id The issue ID
* @return array The list of notes
*/
public static function getListing($issue_id)
{
$stmt = 'SELECT
not_id,
not_created_date,
not_title,
not_usr_id,
not_unknown_user,
not_has_attachment,
not_is_blocked AS has_blocked_message,
usr_full_name
FROM
{{%note}},
{{%user}}
WHERE
not_usr_id=usr_id AND
not_iss_id=? AND
not_removed = 0
ORDER BY
not_created_date ASC';
try {
$res = DB_Helper::getInstance()->getAll($stmt, array($issue_id));
} catch (DbException $e) {
return '';
}
// only show the internal notes for users with the appropriate permission level
$role_id = Auth::getCurrentRole();
$user_role_id = User::ROLE_USER;
$t = array();
foreach ($res as &$row) {
if ($role_id < $user_role_id) {
continue;
}
// Display not_unknown_user instead of usr_full_name if not null.
// This is so the original sender of a blocked email is displayed on the note.
if (!empty($row['not_unknown_user'])) {
$row['usr_full_name'] = $row['not_unknown_user'];
}
$t[] = $row;
unset($row);
}
return $t;
}
/**
* Selects a mail queue entry from the table and returns the contents.
*
* @param string $id The mail queue entry ID.
* @return A string containing the body.
*/
function getMailQueue($id)
{
if (Auth::getCurrentRole() < User::getRoleID('Developer')) {
return;
}
$res = Mail_Queue::getEntry($id);
if (!empty($_GET["ec_id"])) {
return Link_Filter::processText(Auth::getCurrentProject(), nl2br(htmlspecialchars($_GET["ec_id"] . ":" . $id . ":" . $res["maq_headers"] . "\n" . $res["maq_body"])));
} else {
return $res["maq_body"];
}
}
/**
* Method used to remove specific custom filters.
*
* @access public
* @return integer 1 if the removals worked properly, any other value otherwise
*/
function remove()
{
global $HTTP_POST_VARS;
$items = implode(", ", Misc::escapeInteger($HTTP_POST_VARS["item"]));
foreach ($HTTP_POST_VARS["item"] as $cst_id) {
$stmt = "DELETE FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "custom_filter\n WHERE";
if (Filter::isGlobal($cst_id)) {
if (Auth::getCurrentRole() >= User::getRoleID('Manager')) {
$stmt .= " cst_is_global=1 AND ";
} else {
$stmt .= " \n cst_is_global=1 AND\n cst_usr_id=" . Auth::getUserID() . " AND ";
}
} else {
$stmt .= " cst_usr_id=" . Auth::getUserID() . " AND ";
}
$stmt .= "\n cst_prj_id=" . Auth::getCurrentProject() . " AND\n cst_id={$cst_id}";
$res = $GLOBALS["db_api"]->dbh->query($stmt);
if (PEAR::isError($res)) {
Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__);
return -1;
}
}
return 1;
}
if (CRM::hasCustomerIntegration($prj_id)) {
$sender_email = Mail_Helper::getEmailAddress($email_details['sup_from']);
try {
$contact = $crm->getContactByEmail($sender_email);
$tpl->assign('contact_details', $contact->getDetails());
} catch (CRMException $e) {
}
}
}
}
}
$tpl->assign(array('cats' => Category::getAssocList($prj_id), 'priorities' => Priority::getAssocList($prj_id), 'severities' => Severity::getList($prj_id), 'users' => Project::getUserAssocList($prj_id, 'active', User::getRoleID('Customer')), 'releases' => Release::getAssocList($prj_id), 'custom_fields' => Custom_Field::getListByProject($prj_id, 'report_form'), 'max_attachment_size' => Attachment::getMaxAttachmentSize(), 'max_attachment_bytes' => Attachment::getMaxAttachmentSize(true), 'field_display_settings' => Project::getFieldDisplaySettings($prj_id), 'groups' => Group::getAssocList($prj_id), 'products' => Product::getList(false)));
$prefs = Prefs::get($usr_id);
$tpl->assign('user_prefs', $prefs);
$tpl->assign('zones', Date_Helper::getTimezoneList());
if (Auth::getCurrentRole() == User::getRoleID('Customer')) {
$crm = CRM::getInstance(Auth::getCurrentProject());
$customer_contact_id = User::getCustomerContactID($usr_id);
$contact = $crm->getContact($customer_contact_id);
$customer_id = Auth::getCurrentCustomerID();
$customer = $crm->getCustomer($customer_id);
// TODOCRM: Pull contacts via ajax when user selects contract
$tpl->assign(array('customer_id' => $customer_id, 'contact_id' => $customer_contact_id, 'customer' => $customer, 'contact' => $contact));
}
$clone_iss_id = isset($_GET['clone_iss_id']) ? (int) $_GET['clone_iss_id'] : null;
if ($clone_iss_id && Access::canCloneIssue($clone_iss_id, $usr_id)) {
$tpl->assign(Issue::getCloneIssueTemplateVariables($clone_iss_id));
} else {
$tpl->assign('defaults', $_REQUEST);
}
$tpl->displayTemplate();
function formatValue($value, $fld_id, $issue_id, $functional = false)
{
if (!trim($value)) {
return '';
}
$admin_folder = '';
$roll_id = Auth::getCurrentRole();
if ($roll_id >= User::getRoleID('manager')) {
$admin_folder = 'admin/';
}
$href = "../" . $admin_folder . "viewTransaction.php?ref={$value}&hide_header=1&nolink=1";
if ($roll_id <= User::getRoleID('reporter')) {
return $value;
}
if (!$functional) {
return "<a href='{$href}' target='_top' >{$value}</a>";
}
$text = "<a href='javascript:td_showtrans(\"{$href}\");' >{$value}</a> <input type='button' value='Route to Merchant' class='button' onClick='javascript:mercAssign({$issue_id});'> <BR>";
return $text;
}
/**
* Selects a mail queue entry from the table and returns the contents.
*
* @param string $id The mail queue entry ID.
* @return A string containing the body.
*/
function getMailQueue($id)
{
if (Auth::getCurrentRole() < User::getRoleID('Developer')) {
return;
}
$res = Mail_Queue::getEntry($id);
if (!Issue::canAccess($res['maq_iss_id'], $GLOBALS['usr_id'])) {
return '';
}
if (empty($_GET['ec_id'])) {
return $res['maq_body'];
}
return Link_Filter::processText(Auth::getCurrentProject(), nl2br(htmlspecialchars($res['maq_headers'] . "\n" . $res['maq_body'])));
}
$_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE] = $_REQUEST['hide_closed'];
}
if (isset($_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE])) {
$hide_closed = $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE];
} else {
$hide_closed = 0;
}
$tpl->assign('hide_closed', $hide_closed);
if ($role_id == User::getRoleID('customer')) {
$crm = CRM::getInstance($prj_id);
// need the activity dashboard here
$contact_id = User::getCustomerContactID($usr_id);
$customer_id = Auth::getCurrentCustomerID();
$tpl->assign(array('contact' => $crm->getContact($contact_id), 'customer' => $crm->getCustomer($customer_id)));
} else {
if (Auth::getCurrentRole() <= User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id)) {
$tpl->assign('hide_stats', true);
} else {
$tpl->assign('hide_stats', false);
$tpl->assign('status', Stats::getStatus());
$tpl->assign('releases', Stats::getRelease($hide_closed));
$tpl->assign('categories', Stats::getCategory($hide_closed));
$tpl->assign('priorities', Stats::getPriority($hide_closed));
$tpl->assign('users', Stats::getUser($hide_closed));
$tpl->assign('emails', Stats::getEmailStatus($hide_closed));
$tpl->assign('pie_chart', Stats::getPieChart($hide_closed));
}
}
if (@$_REQUEST['hide_closed'] == '') {
$Stats_Search_Profile = Search_Profile::getProfile($usr_id, $prj_id, 'stats');
if (!empty($Stats_Search_Profile)) {
$tpl->setTemplate("reports/stalled_issues.tpl.html");
Auth::checkAuthentication(APP_COOKIE);
if (Auth::getCurrentRole() <= User::getRoleID("Customer")) {
echo "Invalid role";
exit;
}
$prj_id = Auth::getCurrentProject();
if (count(@$_REQUEST['before']) < 1) {
$before = date("Y-m-d", time() - MONTH);
} else {
$before = join('-', $_REQUEST['before']);
}
if (count(@$_REQUEST['after']) < 1) {
$after = date("Y-m-d", time() - YEAR);
} else {
$after = join('-', $_REQUEST['after']);
}
if (empty($_REQUEST['sort_order'])) {
$_REQUEST['sort_order'] = 'ASC';
}
$data = Report::getStalledIssuesByUser($prj_id, @$_REQUEST['developers'], @$_REQUEST['status'], $before, $after, $_REQUEST['sort_order']);
$groups = Group::getAssocList($prj_id);
$assign_options = array();
if (count($groups) > 0 && Auth::getCurrentRole() > User::getRoleID("Customer")) {
foreach ($groups as $grp_id => $grp_name) {
$assign_options["grp:{$grp_id}"] = "Group: " . $grp_name;
}
}
$assign_options += Project::getUserAssocList($prj_id, 'active', User::getRoleID('Standard User'));
$tpl->assign(array("users" => $assign_options, "before_date" => $before, "after_date" => $after, "data" => $data, "developers" => @$_REQUEST['developers'], "status_list" => Status::getAssocStatusList($prj_id), "status" => @$_REQUEST['status'], "sort_order" => $_REQUEST['sort_order']));
$tpl->displayTemplate();
/**
* Method to return the names of the fields which should be displayed on the list issues page.
*
* @access public
* @param integer $prj_id The ID of the project.
* @return array An array of custom field names.
*/
function getFieldsToBeListed($prj_id)
{
$sql = "SELECT\n fld_id,\n fld_title\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "custom_field,\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "project_custom_field\n WHERE\n fld_id = pcf_fld_id AND\n pcf_prj_id = " . Misc::escapeInteger($prj_id) . " AND\n fld_list_display = 1 AND\n fld_min_role <= " . Auth::getCurrentRole() . "\n ORDER BY\n fld_rank ASC";
$res = $GLOBALS["db_api"]->dbh->getAssoc($sql);
if (PEAR::isError($res)) {
Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__);
return array();
} else {
return $res;
}
}
/**
* Method used to get the list of changes made against a specific issue.
*
* @access public
* @param integer $iss_id The issue ID
* @param string $order_by The order to sort the history
* @return array The list of changes
*/
function getListing($iss_id, $order_by = 'DESC')
{
$stmt = "SELECT\n *\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue_history,\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "history_type\n WHERE\n htt_id = his_htt_id AND\n his_is_hidden != 1 AND\n his_iss_id=" . Misc::escapeInteger($iss_id) . " AND\n htt_role <= " . Auth::getCurrentRole() . "\n ORDER BY\n his_id {$order_by}";
$res = $GLOBALS["db_api"]->dbh->getAll($stmt, DB_FETCHMODE_ASSOC);
if (PEAR::isError($res)) {
Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__);
return "";
} else {
for ($i = 0; $i < count($res); $i++) {
$res[$i]["his_created_date"] = Date_API::getFormattedDate($res[$i]["his_created_date"]);
$res[$i]["his_summary"] = Mime_Helper::fixEncoding($res[$i]["his_summary"]);
}
return $res;
}
}
/**
* Method used to get the full listing of notes associated with
* a specific issue.
*
* @access public
* @param integer $issue_id The issue ID
* @return array The list of notes
*/
function getListing($issue_id)
{
$issue_id = Misc::escapeInteger($issue_id);
$stmt = "SELECT\n not_id,\n not_created_date,\n not_title,\n not_usr_id,\n not_unknown_user,\n not_has_attachment,\n IF(LENGTH(not_blocked_message) > 0, 1, 0) AS has_blocked_message,\n usr_full_name\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "note,\n " . ETEL_USER_TABLE . "\n WHERE\n not_usr_id=usr_id AND\n not_iss_id={$issue_id} AND\n not_removed = 0\n ORDER BY\n not_created_date ASC";
$res = $GLOBALS["db_api"]->dbh->getAll($stmt, DB_FETCHMODE_ASSOC);
if (PEAR::isError($res)) {
Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__);
return "";
} else {
// only show the internal notes for users with the appropriate permission level
$role_id = Auth::getCurrentRole();
$t = array();
for ($i = 0; $i < count($res); $i++) {
if ($role_id < User::getRoleID('standard user')) {
continue;
}
// Display not_unknown_user instead of usr_full_name if not null.
// This is so the original sender of a blocked email is displayed on the note.
if (!empty($res[$i]["not_unknown_user"])) {
$res[$i]["usr_full_name"] = $res[$i]["not_unknown_user"];
}
$res[$i]["not_created_date"] = Date_API::getFormattedDate($res[$i]["not_created_date"]);
$t[] = $res[$i];
}
return $t;
}
}
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to: |
// | |
// | Free Software Foundation, Inc. |
// | 51 Franklin Street, Suite 330 |
// | Boston, MA 02110-1301, USA. |
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**> |
// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('add_phone_entry.tpl.html');
Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true);
$issue_id = @$_POST['issue_id'] ? $_POST['issue_id'] : $_GET['iss_id'];
if (!Issue::canAccess($issue_id, Auth::getUserID()) || Auth::getCurrentRole() <= User::getRoleID('Customer')) {
$tpl = new Template_Helper();
$tpl->setTemplate('permission_denied.tpl.html');
$tpl->displayTemplate();
exit;
}
if (@$_POST['cat'] == 'add_phone') {
$res = Phone_Support::insert();
$tpl->assign('add_phone_result', $res);
}
$prj_id = Issue::getProjectID($issue_id);
$usr_id = Auth::getUserID();
$tpl->assign(array('issue_id' => $issue_id, 'phone_categories' => Phone_Support::getCategoryAssocList($prj_id), 'current_user_prefs' => Prefs::get($usr_id)));
$tpl->displayTemplate();
$res = Support::removeEmails();
$tpl->assign('remove_email_result', $res);
} elseif ($cat == 'clear_duplicate') {
$res = Issue::clearDuplicateStatus($iss_id);
$tpl->assign('clear_duplicate_result', $res);
} elseif ($cat == 'delete_phone') {
$res = Phone_Support::remove($id);
$tpl->assign('delete_phone_result', $res);
} elseif ($cat == 'new_status') {
$res = Issue::setStatus($iss_id, $status_id, true);
if ($res == 1) {
History::add($iss_id, $usr_id, 'status_changed', "Issue manually set to status '{status}' by {user}", array('status' => Status::getStatusTitle($status_id), 'user' => User::getFullName($usr_id)));
}
$tpl->assign('new_status_result', $res);
} elseif ($cat == 'authorize_reply') {
$res = Authorized_Replier::addUser($iss_id, $usr_id);
$tpl->assign('authorize_reply_result', $res);
} elseif ($cat == 'remove_quarantine') {
if (Auth::getCurrentRole() > User::getRoleID('Developer')) {
$res = Issue::setQuarantine($iss_id, 0);
$tpl->assign('remove_quarantine_result', $res);
}
} elseif ($cat == 'selfnotify') {
if (Issue::canAccess($iss_id, $usr_id)) {
$res = Notification::subscribeUser($usr_id, $iss_id, $usr_id, Notification::getDefaultActions($iss_id));
$tpl->assign('selfnotify_result', $res);
}
}
$tpl->assign('current_user_prefs', Prefs::get($usr_id));
$tpl->assign('cat', $cat);
$tpl->displayTemplate();
/**
* TODO: merge use of $options and $email arrays to just $email
*
* @param int $issue_id
* @param string $type type of email
* @param string $from
* @param string $to
* @param string $cc
* @param string $subject
* @param string $body
* @param array $options optional parameters
* - (int) parent_sup_id
* - (array) iaf_ids attachment file ids
* - (bool) add_unknown
* - (int) ema_id
* @return int 1 if it worked, -1 otherwise
*/
public static function sendEmail($issue_id, $type, $from, $to, $cc, $subject, $body, $options = array())
{
$parent_sup_id = $options['parent_sup_id'];
$iaf_ids = $options['iaf_ids'];
$add_unknown = $options['add_unknown'];
$ema_id = $options['ema_id'];
$current_usr_id = Auth::getUserID();
$prj_id = Issue::getProjectID($issue_id);
// if we are replying to an existing email, set the In-Reply-To: header accordingly
$in_reply_to = $parent_sup_id ? self::getMessageIDByID($parent_sup_id) : false;
// get ID of whoever is sending this.
$sender_usr_id = User::getUserIDByEmail(Mail_Helper::getEmailAddress($from)) ?: false;
// remove extra 'Re: ' from subject
$subject = Mail_Helper::removeExcessRe($subject, true);
$internal_only = false;
$message_id = Mail_Helper::generateMessageID();
// process any files being uploaded
// from ajax upload, attachment file ids
if ($iaf_ids) {
// FIXME: is it correct to use sender from post data?
$attach_usr_id = $sender_usr_id ?: $current_usr_id;
Attachment::attachFiles($issue_id, $attach_usr_id, $iaf_ids, false, 'Attachment originated from outgoing email');
}
// hack needed to get the full headers of this web-based email
$full_email = self::buildFullHeaders($issue_id, $message_id, $from, $to, $cc, $subject, $body, $in_reply_to, $iaf_ids);
// email blocking should only be done if this is an email about an associated issue
if ($issue_id) {
$user_info = User::getNameEmail($current_usr_id);
// check whether the current user is allowed to send this email to customers or not
if (!self::isAllowedToEmail($issue_id, $user_info['usr_email'])) {
// add the message body as a note
$note = Mail_Helper::getCannedBlockedMsgExplanation() . $body;
$note_options = array('full_message' => $full_email, 'is_blocked' => true);
Note::insertNote($current_usr_id, $issue_id, $subject, $note, $note_options);
$email_details = array('from' => $from, 'to' => $to, 'cc' => $cc, 'subject' => $subject, 'body' => &$body, 'message' => &$body, 'title' => $subject);
Workflow::handleBlockedEmail($prj_id, $issue_id, $email_details, 'web');
return 1;
}
}
// only send a direct email if the user doesn't want to add the Cc'ed people to the notification list
if (($add_unknown || Workflow::shouldAutoAddToNotificationList($prj_id)) && $issue_id) {
// add the recipients to the notification list of the associated issue
$recipients = array($to);
$recipients = array_merge($recipients, self::getRecipientsCC($cc));
foreach ($recipients as $address) {
if ($address && !Notification::isIssueRoutingSender($issue_id, $address)) {
$actions = Notification::getDefaultActions($issue_id, $address, 'add_unknown_user');
Notification::subscribeEmail($current_usr_id, $issue_id, Mail_Helper::getEmailAddress($address), $actions);
}
}
} else {
// Usually when sending out emails associated to an issue, we would
// simply insert the email in the table and call the Notification::notifyNewEmail() method,
// but on this case we need to actually send the email to the recipients that are not
// already in the notification list for the associated issue, if any.
// In the case of replying to an email that is not yet associated with an issue, then
// we are always directly sending the email, without using any notification list
// functionality.
if ($issue_id) {
// send direct emails only to the unknown addresses, and leave the rest to be
// catched by the notification list
$from = Notification::getFixedFromHeader($issue_id, $from, 'issue');
// build the list of unknown recipients
if ($to) {
$recipients = array($to);
$recipients = array_merge($recipients, self::getRecipientsCC($cc));
} else {
$recipients = self::getRecipientsCC($cc);
}
$unknowns = array();
foreach ($recipients as $address) {
if (!Notification::isSubscribedToEmails($issue_id, $address)) {
$unknowns[] = $address;
}
}
if ($unknowns) {
$to2 = array_shift($unknowns);
$cc2 = implode('; ', $unknowns);
// send direct emails
self::sendDirectEmail($issue_id, $from, $to2, $cc2, $subject, $body, $_FILES['attachment'], $message_id, $sender_usr_id);
}
} else {
// send direct emails to all recipients, since we don't have an associated issue
$project_info = Project::getOutgoingSenderAddress(Auth::getCurrentProject());
// use the project-related outgoing email address, if there is one
if (!empty($project_info['email'])) {
$from = Mail_Helper::getFormattedName(User::getFullName($current_usr_id), $project_info['email']);
} else {
// otherwise, use the real email address for the current user
$from = User::getFromHeader($current_usr_id);
}
// send direct emails
self::sendDirectEmail($issue_id, $from, $to, $cc, $subject, $body, $_FILES['attachment'], $message_id);
}
}
$email = array('customer_id' => 'NULL', 'issue_id' => $issue_id, 'ema_id' => $ema_id, 'message_id' => $message_id, 'date' => Date_Helper::getCurrentDateGMT(), 'from' => $from, 'to' => $to, 'cc' => $cc, 'subject' => $subject, 'body' => $body, 'full_email' => $full_email);
// associate this new email with a customer, if appropriate
if (Auth::getCurrentRole() == User::getRoleID('Customer')) {
if ($issue_id) {
$crm = CRM::getInstance($prj_id);
try {
$contact = $crm->getContact(User::getCustomerContactID($current_usr_id));
$issue_contract = $crm->getContract(Issue::getContractID($issue_id));
if ($contact->canAccessContract($issue_contract)) {
$email['customer_id'] = $issue_contract->getCustomerID();
}
} catch (CRMException $e) {
}
} else {
$customer_id = User::getCustomerID($current_usr_id);
if ($customer_id && $customer_id != -1) {
$email['customer_id'] = $customer_id;
}
}
}
$email['has_attachment'] = $iaf_ids ? 1 : 0;
$structure = Mime_Helper::decode($full_email, true, false);
$email['headers'] = $structure->headers;
self::insertEmail($email, $structure, $sup_id);
if ($issue_id) {
// need to send a notification
Notification::notifyNewEmail($current_usr_id, $issue_id, $email, $internal_only, false, $type, $sup_id);
// mark this issue as updated
$has_customer = $email['customer_id'] && $email['customer_id'] != 'NULL';
if ($has_customer && (!$current_usr_id || User::getRoleByUser($current_usr_id, $prj_id) == User::getRoleID('Customer'))) {
Issue::markAsUpdated($issue_id, 'customer action');
} else {
if ($sender_usr_id && User::getRoleByUser($sender_usr_id, $prj_id) > User::getRoleID('Customer')) {
Issue::markAsUpdated($issue_id, 'staff response');
} else {
Issue::markAsUpdated($issue_id, 'user response');
}
}
History::add($issue_id, $current_usr_id, 'email_sent', 'Outgoing email sent by {user}', array('user' => User::getFullName($current_usr_id)));
}
return 1;
}
/**
* Method used to bulk update a list of issues
*
* @return boolean
*/
public static function bulkUpdate()
{
// check if user performing this chance has the proper role
if (Auth::getCurrentRole() < User::ROLE_MANAGER) {
return -1;
}
$items = (array) $_POST['item'];
$new_status_id = (int) $_POST['status'];
$new_release_id = (int) $_POST['release'];
$new_priority_id = (int) $_POST['priority'];
$new_category_id = (int) $_POST['category'];
foreach ($items as $issue_id) {
$issue_id = (int) $issue_id;
if (!self::canAccess($issue_id, Auth::getUserID())) {
continue;
}
if (self::getProjectID($issue_id) != Auth::getCurrentProject()) {
// make sure issue is not in another project
continue;
}
$issue_details = self::getDetails($issue_id);
$updated_fields = array();
// update assignment
if (count(@$_POST['users']) > 0) {
$users = (array) $_POST['users'];
// get who this issue is currently assigned too
$stmt = 'SELECT
isu_usr_id,
usr_full_name
FROM
{{%issue_user}},
{{%user}}
WHERE
isu_usr_id = usr_id AND
isu_iss_id = ?';
try {
$current_assignees = DB_Helper::getInstance()->getPair($stmt, array($issue_id));
} catch (DbException $e) {
return -1;
}
foreach ($current_assignees as $usr_id => $usr_name) {
if (!in_array($usr_id, $users)) {
self::deleteUserAssociation($issue_id, $usr_id, false);
}
}
$new_user_names = array();
$new_assignees = array();
foreach ($users as $usr_id) {
$usr_id = (int) $usr_id;
$new_user_names[$usr_id] = User::getFullName($usr_id);
// check if the issue is already assigned to this person
$stmt = 'SELECT
COUNT(*) AS total
FROM
{{%issue_user}}
WHERE
isu_iss_id=? AND
isu_usr_id=?';
$total = DB_Helper::getInstance()->getOne($stmt, array($issue_id, $usr_id));
if ($total > 0) {
continue;
} else {
$new_assignees[] = $usr_id;
// add the assignment
self::addUserAssociation(Auth::getUserID(), $issue_id, $usr_id, false);
Notification::subscribeUser(Auth::getUserID(), $issue_id, $usr_id, Notification::getAllActions());
}
}
$prj_id = Auth::getCurrentProject();
$usr_ids = self::getAssignedUserIDs($issue_id);
Workflow::handleAssignmentChange($prj_id, $issue_id, Auth::getUserID(), $issue_details, $usr_ids, false);
Notification::notifyNewAssignment($new_assignees, $issue_id);
$updated_fields['Assignment'] = History::formatChanges(implode(', ', $current_assignees), implode(', ', $new_user_names));
}
// update status
if ($new_status_id) {
$old_status_id = self::getStatusID($issue_id);
$res = self::setStatus($issue_id, $new_status_id, false);
if ($res == 1) {
$updated_fields['Status'] = History::formatChanges(Status::getStatusTitle($old_status_id), Status::getStatusTitle($new_status_id));
}
}
// update release
if ($new_release_id) {
$old_release_id = self::getRelease($issue_id);
$res = self::setRelease($issue_id, $new_release_id);
if ($res == 1) {
$updated_fields['Release'] = History::formatChanges(Release::getTitle($old_release_id), Release::getTitle($new_release_id));
}
}
// update priority
if ($new_priority_id) {
$old_priority_id = self::getPriority($issue_id);
$res = self::setPriority($issue_id, $new_priority_id);
if ($res == 1) {
$updated_fields['Priority'] = History::formatChanges(Priority::getTitle($old_priority_id), Priority::getTitle($new_priority_id));
}
}
// update category
if ($new_category_id) {
$old_category_id = self::getCategory($issue_id);
$res = self::setCategory($issue_id, $new_category_id);
if ($res == 1) {
$updated_fields['Category'] = History::formatChanges(Category::getTitle($old_category_id), Category::getTitle($new_category_id));
}
}
if (count($updated_fields) > 0) {
// log the changes
$changes = '';
$k = 0;
foreach ($updated_fields as $key => $value) {
if ($k > 0) {
$changes .= '; ';
}
$changes .= "{$key}: {$value}";
$k++;
}
$usr_id = Auth::getUserID();
History::add($issue_id, $usr_id, 'issue_bulk_updated', 'Issue updated ({changes}) by {user}', array('changes' => $changes, 'user' => User::getFullName(Auth::getUserID())));
}
// close if request
if (isset($_REQUEST['closed_status']) && !empty($_REQUEST['closed_status'])) {
self::close(Auth::getUserID(), $issue_id, true, 0, $_REQUEST['closed_status'], $_REQUEST['closed_message'], $_REQUEST['notification_list']);
}
}
return true;
}
// | it under the terms of the GNU General Public License as published by |
// | the Free Software Foundation; either version 2 of the License, or |
// | (at your option) any later version. |
// | |
// | This program is distributed in the hope that it will be useful, |
// | but WITHOUT ANY WARRANTY; without even the implied warranty of |
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
// | GNU General Public License for more details. |
// | |
// | You should have received a copy of the GNU General Public License |
// | along with this program; if not, write to: |
// | |
// | Free Software Foundation, Inc. |
// | 59 Temple Place - Suite 330 |
// | Boston, MA 02111-1307, USA. |
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**> |
// +----------------------------------------------------------------------+
//
// @(#) $Id: s.index.php 1.1 03/09/16 23:01:42-00:00 jpradomaia $
//
include_once "../config.inc.php";
include_once APP_INC_PATH . "class.template.php";
include_once APP_INC_PATH . "db_access.php";
Auth::checkAuthentication(APP_COOKIE);
if (Auth::getCurrentRole() <= User::getRoleID("Customer")) {
Auth::redirect("../main.php");
}
$tpl = new Template_API();
$tpl->setTemplate("reports/index.tpl.html");
$tpl->displayTemplate();
// | Boston, MA 02110-1301, USA. |
// +----------------------------------------------------------------------+
// | Authors: João Prado Maia <*****@*****.**> |
// +----------------------------------------------------------------------+
require_once dirname(__FILE__) . '/../init.php';
$usr_id = Auth::getUserID();
$prj_id = Auth::getCurrentProject();
$tpl = new Template_Helper();
$tpl->setTemplate('view_email.tpl.html');
Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true);
$issue_id = Support::getIssueFromEmail($_GET['id']);
if ($issue_id != 0 && !Issue::canAccess($issue_id, $usr_id) || $issue_id == 0 && User::getRoleByUser($usr_id, $prj_id) < User::ROLE_USER) {
$tpl->setTemplate('permission_denied.tpl.html');
$tpl->displayTemplate();
exit;
}
$email = Support::getEmailDetails($_GET['ema_id'], $_GET['id']);
$email['seb_body'] = str_replace('&nbsp;', ' ', $email['seb_body']);
$tpl->assign(array('email' => $email, 'issue_id' => $issue_id, 'extra_title' => ev_gettext('Issue #%1$s Email #%3$s: %2$s', $issue_id, $email['sup_subject'], Support::getSequenceByID($_GET['id'])), 'email_accounts' => Email_Account::getAssocList(array_keys(Project::getAssocList(Auth::getUserID())), true), 'recipients' => Mail_Queue::getMessageRecipients(array('customer_email', 'other_email'), $_GET['id'])));
if (@$_GET['cat'] == 'list_emails') {
$sides = Support::getListingSides($_GET['id']);
$tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next']));
} elseif (@$_GET['cat'] == 'move_email' && Auth::getCurrentRole() >= User::getRoleID('Standard User')) {
$res = Support::moveEmail(@$_GET['id'], @$_GET['ema_id'], @$_GET['new_ema_id']);
$tpl->assign('move_email_result', $res);
$tpl->assign('current_user_prefs', Prefs::get(Auth::getUserID()));
} else {
$sides = Support::getIssueSides($issue_id, $_GET['id']);
$tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next']));
}
$tpl->displayTemplate();
/**
* Plot various stats charts
*
* @param string $plotType
* @param bool $hide_closed
* @return bool return false if no data is available
*/
public function StatsChart($plotType, $hide_closed)
{
// don't bother if user has no access
$prj_id = Auth::getCurrentProject();
if (Auth::getCurrentRole() <= User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id)) {
return false;
}
$colors = array();
switch ($plotType) {
case 'status':
$data = Stats::getAssocStatus($hide_closed);
$graph_title = ev_gettext('Issues by Status');
// use same colors as defined for statuses
foreach ($data as $sta_title => $trash) {
$sta_id = Status::getStatusID($sta_title);
$status_details = Status::getDetails($sta_id);
$colors[] = $status_details['sta_color'];
}
break;
case 'release':
$data = Stats::getAssocRelease($hide_closed);
$graph_title = ev_gettext('Issues by Release');
break;
case 'priority':
$data = Stats::getAssocPriority($hide_closed);
$graph_title = ev_gettext('Issues by Priority');
break;
case 'user':
$data = Stats::getAssocUser($hide_closed);
$graph_title = ev_gettext('Issues by Assignment');
break;
case 'category':
$data = Stats::getAssocCategory($hide_closed);
$graph_title = ev_gettext('Issues by Category');
break;
default:
return false;
}
// check the values coming from the database and if they are all empty, then
// output a pre-generated 'No Data Available' picture
if (!Stats::hasData($data)) {
return false;
}
$plot = $this->create(360, 200);
$plot->SetImageBorderType('plain');
$plot->SetTitle($graph_title);
$plot->SetPlotType('pie');
$plot->SetDataType('text-data-single');
if ($colors) {
$plot->SetDataColors($colors);
}
$legend = $dataValue = array();
foreach ($data as $label => $count) {
$legend[] = $label . ' (' . $count . ')';
$dataValue[] = array($label, $count);
}
$plot->SetDataValues($dataValue);
foreach ($legend as $label) {
$plot->SetLegend($label);
}
return $plot->DrawGraph();
}
/**
* Method used to send an email from the user interface.
*
* @access public
* @return integer 1 if it worked, -1 otherwise
*/
function sendEmail($parent_sup_id = FALSE)
{
global $HTTP_POST_VARS, $HTTP_SERVER_VARS;
// if we are replying to an existing email, set the In-Reply-To: header accordingly
if ($parent_sup_id) {
$in_reply_to = Support::getMessageIDByID($parent_sup_id);
} else {
$in_reply_to = false;
}
// get ID of whoever is sending this.
$sender_usr_id = User::getUserIDByEmail(Mail_API::getEmailAddress($HTTP_POST_VARS["from"]));
if (empty($sender_usr_id)) {
$sender_usr_id = false;
}
// get type of email this is
if (!empty($HTTP_POST_VARS['type'])) {
$type = $HTTP_POST_VARS['type'];
} else {
$type = '';
}
// remove extra 'Re: ' from subject
$HTTP_POST_VARS['subject'] = Mail_API::removeExcessRe($HTTP_POST_VARS['subject'], true);
$internal_only = false;
$message_id = Mail_API::generateMessageID();
// hack needed to get the full headers of this web-based email
$full_email = Support::buildFullHeaders($HTTP_POST_VARS["issue_id"], $message_id, $HTTP_POST_VARS["from"], $HTTP_POST_VARS["to"], $HTTP_POST_VARS["cc"], $HTTP_POST_VARS["subject"], $HTTP_POST_VARS["message"], $in_reply_to);
// email blocking should only be done if this is an email about an associated issue
if (!empty($HTTP_POST_VARS['issue_id'])) {
$user_info = User::getNameEmail(Auth::getUserID());
// check whether the current user is allowed to send this email to customers or not
if (!Support::isAllowedToEmail($HTTP_POST_VARS["issue_id"], $user_info['usr_email'])) {
// add the message body as a note
$HTTP_POST_VARS['blocked_msg'] = $full_email;
$HTTP_POST_VARS['title'] = $HTTP_POST_VARS["subject"];
$HTTP_POST_VARS['note'] = Mail_API::getCannedBlockedMsgExplanation() . $HTTP_POST_VARS["message"];
Note::insert(Auth::getUserID(), $HTTP_POST_VARS["issue_id"]);
Workflow::handleBlockedEmail(Issue::getProjectID($HTTP_POST_VARS['issue_id']), $HTTP_POST_VARS['issue_id'], $HTTP_POST_VARS, 'web');
return 1;
}
}
// only send a direct email if the user doesn't want to add the Cc'ed people to the notification list
if (@$HTTP_POST_VARS['add_unknown'] == 'yes') {
if (!empty($HTTP_POST_VARS['issue_id'])) {
// add the recipients to the notification list of the associated issue
$recipients = array($HTTP_POST_VARS['to']);
$recipients = array_merge($recipients, Support::getRecipientsCC($HTTP_POST_VARS['cc']));
for ($i = 0; $i < count($recipients); $i++) {
if (!empty($recipients[$i]) && !Notification::isIssueRoutingSender($HTTP_POST_VARS["issue_id"], $recipients[$i])) {
Notification::subscribeEmail(Auth::getUserID(), $HTTP_POST_VARS["issue_id"], Mail_API::getEmailAddress($recipients[$i]), array('emails'));
}
}
}
} else {
// Usually when sending out emails associated to an issue, we would
// simply insert the email in the table and call the Notification::notifyNewEmail() method,
// but on this case we need to actually send the email to the recipients that are not
// already in the notification list for the associated issue, if any.
// In the case of replying to an email that is not yet associated with an issue, then
// we are always directly sending the email, without using any notification list
// functionality.
if (!empty($HTTP_POST_VARS['issue_id'])) {
// send direct emails only to the unknown addresses, and leave the rest to be
// catched by the notification list
$from = Notification::getFixedFromHeader($HTTP_POST_VARS['issue_id'], $HTTP_POST_VARS['from'], 'issue');
// build the list of unknown recipients
if (!empty($HTTP_POST_VARS['to'])) {
$recipients = array($HTTP_POST_VARS['to']);
$recipients = array_merge($recipients, Support::getRecipientsCC($HTTP_POST_VARS['cc']));
} else {
$recipients = Support::getRecipientsCC($HTTP_POST_VARS['cc']);
}
$unknowns = array();
for ($i = 0; $i < count($recipients); $i++) {
if (!Notification::isSubscribedToEmails($HTTP_POST_VARS['issue_id'], $recipients[$i])) {
$unknowns[] = $recipients[$i];
}
}
if (count($unknowns) > 0) {
$to = array_shift($unknowns);
$cc = implode('; ', $unknowns);
// send direct emails
Support::sendDirectEmail($HTTP_POST_VARS['issue_id'], $from, $to, $cc, $HTTP_POST_VARS['subject'], $HTTP_POST_VARS['message'], $message_id, $sender_usr_id);
}
} else {
// send direct emails to all recipients, since we don't have an associated issue
$project_info = Project::getOutgoingSenderAddress(Auth::getCurrentProject());
// use the project-related outgoing email address, if there is one
if (!empty($project_info['email'])) {
$from = Mail_API::getFormattedName(User::getFullName(Auth::getUserID()), $project_info['email']);
} else {
// otherwise, use the real email address for the current user
$from = User::getFromHeader(Auth::getUserID());
}
// send direct emails
Support::sendDirectEmail($HTTP_POST_VARS['issue_id'], $from, $HTTP_POST_VARS['to'], $HTTP_POST_VARS['cc'], $HTTP_POST_VARS['subject'], $HTTP_POST_VARS['message'], $message_id);
}
}
$t = array('customer_id' => 'NULL', 'issue_id' => $HTTP_POST_VARS["issue_id"] ? $HTTP_POST_VARS["issue_id"] : 0, 'ema_id' => $HTTP_POST_VARS['ema_id'], 'message_id' => $message_id, 'date' => Date_API::getCurrentDateGMT(), 'from' => $HTTP_POST_VARS['from'], 'to' => $HTTP_POST_VARS['to'], 'cc' => @$HTTP_POST_VARS['cc'], 'subject' => @$HTTP_POST_VARS['subject'], 'body' => $HTTP_POST_VARS['message'], 'full_email' => $full_email, 'has_attachment' => 0);
// associate this new email with a customer, if appropriate
if (Auth::getCurrentRole() == User::getRoleID('Customer')) {
$customer_id = User::getCustomerID(Auth::getUserID());
if (!empty($customer_id) && $customer_id != -1) {
$t['customer_id'] = $customer_id;
}
}
$structure = Mime_Helper::decode($full_email, true, false);
$t['headers'] = $structure->headers;
$res = Support::insertEmail($t, $structure, $sup_id);
if (!empty($HTTP_POST_VARS["issue_id"])) {
// need to send a notification
Notification::notifyNewEmail(Auth::getUserID(), $HTTP_POST_VARS["issue_id"], $t, $internal_only, false, $type, $sup_id);
// mark this issue as updated
if (!empty($t['customer_id']) && $t['customer_id'] != 'NULL') {
Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'customer action');
} else {
if (!empty($sender_usr_id) && User::getRoleByUser($sender_usr_id, Issue::getProjectID($HTTP_POST_VARS['issue_id'])) > User::getRoleID('Customer')) {
Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'staff response');
} else {
Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'user response');
}
}
// save a history entry for this
History::add($HTTP_POST_VARS["issue_id"], Auth::getUserID(), History::getTypeID('email_sent'), 'Outgoing email sent by ' . User::getFullName(Auth::getUserID()));
// also update the last_response_date field for the associated issue
if (Auth::getCurrentRole() > User::getRoleID('Customer')) {
$stmt = "UPDATE\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue\n SET\n iss_last_response_date='" . Date_API::getCurrentDateGMT() . "'\n WHERE\n iss_id=" . Misc::escapeInteger($HTTP_POST_VARS["issue_id"]);
$GLOBALS["db_api"]->dbh->query($stmt);
$stmt = "UPDATE\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue\n SET\n iss_first_response_date='" . Date_API::getCurrentDateGMT() . "'\n WHERE\n iss_first_response_date IS NULL AND\n iss_id=" . Misc::escapeInteger($HTTP_POST_VARS["issue_id"]);
$GLOBALS["db_api"]->dbh->query($stmt);
}
}
return 1;
}
/**
* Method to return the names of the fields which should be displayed on the list issues page.
*
* @param integer $prj_id The ID of the project.
* @return array An array of custom field names.
*/
public static function getFieldsToBeListed($prj_id)
{
$sql = 'SELECT
fld_id,
fld_title
FROM
{{%custom_field}},
{{%project_custom_field}}
WHERE
fld_id = pcf_fld_id AND
pcf_prj_id = ? AND
fld_list_display = 1 AND
fld_min_role <= ?
ORDER BY
fld_rank ASC';
try {
$res = DB_Helper::getInstance()->getPair($sql, array($prj_id, Auth::getCurrentRole()));
} catch (DbException $e) {
return array();
}
return $res;
}
<?php
include_once "../../config.inc.php";
include_once APP_INC_PATH . "class.auth.php";
include_once APP_INC_PATH . "class.lock.php";
include_once APP_INC_PATH . "db_access.php";
Auth::checkAuthentication(APP_COOKIE);
if (Auth::getCurrentRole() < User::getRoleID("Developer")) {
echo "Invalid role";
exit;
}
$process_id = Lock::getProcessID('irc_bot');
echo "Existing process ID: {$process_id}<br />\n";
if (!empty($process_id)) {
// kill current process
$kill = `kill {$process_id}`;
if (!empty($kill)) {
echo "Killed: {$kill}<br />\n";
}
}
Lock::release('irc_bot');
$start = `cd /var/www/html/eventum/misc/irc/;php -q bot.php > /dev/null &`;
if (!empty($start)) {
echo "Error: {$start}<br />\n";
}
?>
<hr>
If there are no error messages above, the bot should have been successfully restarted.
/**
* Method to determine if user can access a particular issue
*
* @param integer $issue_id The ID of the issue.
* @param integer $usr_id The ID of the user
* @return boolean If the user can access the issue
*/
public static function canAccessIssue($issue_id, $usr_id)
{
static $access;
if (empty($issue_id)) {
return false;
}
if (isset($access[$issue_id . '-' . $usr_id])) {
return $access[$issue_id . '-' . $usr_id];
}
$details = Issue::getDetails($issue_id);
if (empty($details)) {
return true;
}
$usr_details = User::getDetails($usr_id);
$usr_role = User::getRoleByUser($usr_id, $details['iss_prj_id']);
$prj_id = $details['iss_prj_id'];
$can_access_contract = false;
if (CRM::hasCustomerIntegration($prj_id)) {
$crm = CRM::getInstance($prj_id);
try {
if (!empty($usr_details['usr_customer_contact_id']) && !empty($details['iss_customer_contract_id'])) {
$contact = $crm->getContact($usr_details['usr_customer_contact_id']);
$can_access_contract = $contact->canAccessContract($crm->getContract($details['iss_customer_contract_id']));
}
} catch (CRMException $e) {
// TODOCRM: Log exception?
}
}
if (empty($usr_role)) {
// check if they are even allowed to access the project
$return = false;
} elseif (CRM::hasCustomerIntegration($details['iss_prj_id']) && $usr_role == User::getRoleID('Customer') && $can_access_contract === false) {
// check customer permissions
$return = false;
} elseif (!empty($usr_details['usr_par_code']) && !Partner::isPartnerEnabledForIssue($usr_details['usr_par_code'], $issue_id)) {
// check if the user is a partner
$return = false;
} elseif ($details['iss_private'] == 1) {
// check if the issue is even private
// check role, reporter, assignment and group
if ($usr_role > User::getRoleID('Developer')) {
$return = true;
} elseif ($details['iss_usr_id'] == $usr_id) {
$return = true;
} elseif (Issue::isAssignedToUser($issue_id, $usr_id)) {
$return = true;
} elseif (!empty($details['iss_grp_id']) && !empty($usr_details['usr_grp_id']) && $details['iss_grp_id'] == $usr_details['usr_grp_id']) {
$return = true;
} elseif (Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
$return = true;
} else {
$return = false;
}
} elseif (Auth::getCurrentRole() == User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id) && $details['iss_usr_id'] != $usr_id && !Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) {
return false;
} else {
$return = true;
}
$access[$issue_id . '-' . $usr_id] = $return;
return $return;
}
/**
* Method used to remove attachments from the database.
*
* @param integer $iat_id attachment_id.
* @param boolean $add_history whether to add history entry.
* @return integer Numeric code used to check for any errors
*/
public static function remove($iat_id, $add_history = true)
{
$usr_id = Auth::getUserID();
$stmt = 'SELECT
iat_iss_id
FROM
{{%issue_attachment}}
WHERE
iat_id=?';
$params = array($iat_id);
if (Auth::getCurrentRole() < User::ROLE_MANAGER) {
$stmt .= ' AND
iat_usr_id=?';
$params[] = $usr_id;
}
try {
$res = DB_Helper::getInstance()->getOne($stmt, $params);
} catch (DbException $e) {
return -1;
}
if (empty($res)) {
return -2;
}
$issue_id = $res;
$files = self::getFileList($iat_id);
$stmt = 'DELETE FROM
{{%issue_attachment}}
WHERE
iat_id=? AND
iat_iss_id=?';
try {
DB_Helper::getInstance()->query($stmt, array($iat_id, $issue_id));
} catch (DbException $e) {
return -1;
}
foreach ($files as $file) {
self::removeFile($file['iaf_id']);
}
if ($add_history) {
Issue::markAsUpdated($usr_id);
// need to save a history entry for this
History::add($issue_id, $usr_id, 'attachment_removed', 'Attachment removed by {user}', array('user' => User::getFullName($usr_id)));
}
return 1;
}
/*
* This file is part of the Eventum (Issue Tracking System) package.
*
* @copyright (c) Eventum Team
* @license GNU General Public License, version 2 or later (GPL-2+)
*
* For the full copyright and license information,
* please see the COPYING and AUTHORS files
* that were distributed with this source code.
*/
require_once __DIR__ . '/../../init.php';
$tpl = new Template_Helper();
$tpl->setTemplate('manage/time_tracking.tpl.html');
Auth::checkAuthentication();
$role_id = Auth::getCurrentRole();
if ($role_id < User::ROLE_MANAGER) {
Misc::setMessage(ev_gettext('Sorry, you are not allowed to access this page.'), Misc::MSG_ERROR);
$tpl->displayTemplate();
exit;
}
$prj_id = isset($_POST['prj_id']) ? (int) $_POST['prj_id'] : (int) $_GET['prj_id'];
$cat = isset($_POST['cat']) ? (string) $_POST['cat'] : null;
$tpl->assign('project', Project::getDetails($prj_id));
if ($cat == 'new') {
$title = $_POST['title'];
$res = Time_Tracking::insertCategory($prj_id, $title);
Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the time tracking category was added successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to add the new time tracking category.'), Misc::MSG_INFO), -2 => array(ev_gettext('Please enter the title for this new time tracking category.'), Misc::MSG_ERROR)));
} elseif ($cat == 'update') {
$title = (string) $_POST['title'];
$prj_id = (int) $_POST['prj_id'];
$tpl->setTemplate('reports/stalled_issues.tpl.html');
Auth::checkAuthentication();
if (!Access::canAccessReports(Auth::getUserID())) {
echo 'Invalid role';
exit;
}
$prj_id = Auth::getCurrentProject();
if (count(@$_REQUEST['before']) < 1) {
$before = date('Y-m-d', time() - Date_Helper::MONTH);
} else {
$before = implode('-', $_REQUEST['before']);
}
if (count(@$_REQUEST['after']) < 1) {
$after = date('Y-m-d', time() - Date_Helper::YEAR);
} else {
$after = implode('-', $_REQUEST['after']);
}
if (empty($_REQUEST['sort_order'])) {
$_REQUEST['sort_order'] = 'ASC';
}
$data = Report::getStalledIssuesByUser($prj_id, @$_REQUEST['developers'], @$_REQUEST['status'], $before, $after, $_REQUEST['sort_order']);
$groups = Group::getAssocList($prj_id);
$assign_options = array();
if (count($groups) > 0 && Auth::getCurrentRole() > User::ROLE_CUSTOMER) {
foreach ($groups as $grp_id => $grp_name) {
$assign_options["grp:{$grp_id}"] = 'Group: ' . $grp_name;
}
}
$assign_options += Project::getUserAssocList($prj_id, 'active', User::ROLE_USER);
$tpl->assign(array('users' => $assign_options, 'before_date' => $before, 'after_date' => $after, 'data' => $data, 'developers' => @$_REQUEST['developers'], 'status_list' => Status::getAssocStatusList($prj_id), 'status' => @$_REQUEST['status'], 'sort_order' => $_REQUEST['sort_order']));
$tpl->displayTemplate();