function email_queue_add($p_email_data)
{
$t_email_data = email_queue_prepare_db($p_email_data);
# email cannot be blank
if (is_blank($t_email_data->email)) {
error_parameters(lang_get('email'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# subject cannot be blank
if (is_blank($t_email_data->subject)) {
error_parameters(lang_get('subject'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# body cannot be blank
if (is_blank($t_email_data->body)) {
error_parameters(lang_get('body'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_email_table = config_get('mantis_email_table');
$c_email = $t_email_data->email;
$c_subject = $t_email_data->subject;
$c_body = $t_email_data->body;
$c_metadata = serialize($t_email_data->metadata);
$query = "INSERT INTO {$t_email_table}\r\n\t\t\t\t ( email,\r\n\t\t\t\t subject,\r\n\t\t\t\t\t body,\r\n\t\t\t\t\t submitted,\r\n\t\t\t\t\t metadata)\r\n\t\t\t\t VALUES\r\n\t\t\t\t ( '{$c_email}',\r\n\t\t\t\t '{$c_subject}',\r\n\t\t\t\t '{$c_body}',\r\n\t\t\t\t\t " . db_now() . ",\r\n\t\t\t\t\t '{$c_metadata}'\r\n\t\t\t\t\t)";
db_query($query);
return db_insert_id($t_email_table);
}
/**
* あしあとを付ける
*/
function db_ashiato_insert_c_ashiato($c_member_id_to, $c_member_id_from)
{
// 同一人物の場合は記録しない
if ($c_member_id_to == $c_member_id_from) {
return false;
}
// 一定時間以内の連続アクセスは記録しない
$wait = date('Y-m-d H:i:s', strtotime('-5 minute'));
$sql = 'SELECT c_ashiato_id FROM c_ashiato WHERE r_datetime > ?' . ' AND c_member_id_to = ? AND c_member_id_from = ?';
$params = array($wait, intval($c_member_id_to), intval($c_member_id_from));
if (db_get_one($sql, $params, 'main')) {
return false;
}
// 忍び足
if (USE_SHINOBIASHI) {
if (db_member_is_shinobiashi($c_member_id_from)) {
return false;
}
}
$data = array('c_member_id_from' => intval($c_member_id_from), 'c_member_id_to' => intval($c_member_id_to), 'r_datetime' => db_now(), 'r_date' => db_now());
if (!db_insert('c_ashiato', $data)) {
return false;
}
if ($ashiato_mail_num = db_ashiato_ashiato_mail_num4c_member_id($c_member_id_to)) {
//総足あと数を取得
$ashiato_num = db_ashiato_c_ashiato_num4c_member_id($c_member_id_to);
//あしあとお知らせメールを送る
if ($ashiato_num == $ashiato_mail_num) {
do_common_send_ashiato_mail($c_member_id_to, $c_member_id_from);
}
}
return true;
}
/**
* Add to email queue
* @param EmailData $p_email_data
* @return int
*/
function email_queue_add($p_email_data)
{
$t_email_data = email_queue_prepare_db($p_email_data);
# email cannot be blank
if (is_blank($t_email_data->email)) {
error_parameters(lang_get('email'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# subject cannot be blank
if (is_blank($t_email_data->subject)) {
error_parameters(lang_get('subject'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# body cannot be blank
if (is_blank($t_email_data->body)) {
error_parameters(lang_get('body'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_email_table = db_get_table('mantis_email_table');
$c_email = $t_email_data->email;
$c_subject = $t_email_data->subject;
$c_body = $t_email_data->body;
$c_metadata = serialize($t_email_data->metadata);
$query = "INSERT INTO {$t_email_table}\n\t\t\t\t ( email,\n\t\t\t\t subject,\n\t\t\t\t\t body,\n\t\t\t\t\t submitted,\n\t\t\t\t\t metadata)\n\t\t\t\t VALUES\n\t\t\t\t ( " . db_param() . ",\n\t\t\t\t " . db_param() . ",\n\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . "\n\t\t\t\t\t)";
db_query_bound($query, array($c_email, $c_subject, $c_body, db_now(), $c_metadata));
$t_id = db_insert_id($t_email_table, 'email_id');
log_event(LOG_EMAIL, "message #{$t_id} queued");
return $t_id;
}
/**
* log the changes
* events should be logged *after* the modification
* These are special case logs (new bug, deleted bugnote, etc.)
* @param int $p_bug_id
* @param int $p_type
* @param string $p_optional
* @param string $p_optional2
* @return null
*/
function history_log_event_special($p_bug_id, $p_type, $p_optional = '', $p_optional2 = '')
{
$c_bug_id = db_prepare_int($p_bug_id);
$c_type = db_prepare_int($p_type);
$c_optional = $p_optional;
$c_optional2 = $p_optional2;
$t_user_id = auth_get_current_user_id();
$t_mantis_bug_history_table = db_get_table('mantis_bug_history_table');
$query = "INSERT INTO {$t_mantis_bug_history_table}\n\t\t\t\t\t( user_id, bug_id, date_modified, type, old_value, new_value, field_name )\n\t\t\t\tVALUES\n\t\t\t\t\t( " . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ',' . db_param() . ', ' . db_param() . ')';
$result = db_query_bound($query, array($t_user_id, $c_bug_id, db_now(), $c_type, $c_optional, $c_optional2, ''));
}
function history_log_event_special($p_bug_id, $p_type, $p_optional = '', $p_optional2 = '')
{
$c_bug_id = db_prepare_int($p_bug_id);
$c_type = db_prepare_int($p_type);
$c_optional = db_prepare_string($p_optional);
$c_optional2 = db_prepare_string($p_optional2);
$t_user_id = auth_get_current_user_id();
$t_mantis_bug_history_table = config_get('mantis_bug_history_table');
$query = "INSERT INTO {$t_mantis_bug_history_table}\n\t\t\t\t\t( user_id, bug_id, date_modified, type, old_value, new_value, field_name )\n\t\t\t\tVALUES\n\t\t\t\t\t( '{$t_user_id}', '{$c_bug_id}', " . db_now() . ", '{$c_type}', '{$c_optional}', '{$c_optional2}', '' )";
$result = db_query($query);
}
/**
* Add a new revision to a bug history.
* @param int $p_bug_id Bug ID
* @param int $p_user_id User ID
* @param int $p_type Revision Type
* @param string $p_value Value
* @param int $p_bugnote_id Bugnote ID
* @param int $p_timestamp Timestamp(int)
* @return int Revision ID
*/
function bug_revision_add( $p_bug_id, $p_user_id, $p_type, $p_value, $p_bugnote_id=0, $p_timestamp = null ) {
if ( $p_type <= REV_ANY ) {
return null;
}
$t_bug_rev_table = db_get_table( 'bug_revision' );
$t_last = bug_revision_last( $p_bug_id, $p_type );
# Don't save a revision twice if nothing has changed
if ( !is_null( $t_last ) &&
$p_value == $t_last['value'] ) {
return $t_last['id'];
}
if ( $p_timestamp === null ) {
$t_timestamp = db_now();
} else {
$t_timestamp = $p_timestamp;
}
$t_query = "INSERT INTO $t_bug_rev_table (
bug_id,
bugnote_id,
user_id,
timestamp,
type,
value
) VALUES ( " .
db_param() . ', ' .
db_param() . ', ' .
db_param() . ', ' .
db_param() . ', ' .
db_param() . ', ' .
db_param() .
' )';
db_query_bound( $t_query, array(
$p_bug_id,
$p_bugnote_id,
$p_user_id,
$t_timestamp,
$p_type,
$p_value
) );
return db_insert_id( $t_bug_rev_table );
}
require_api('config_api.php');
require_api('constant_inc.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('helper_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('user_api.php');
form_security_validate('manage_user_prune');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_user_threshold'));
# Delete the users who have never logged in and are older than 1 week
$t_days_old = (int) 7 * SECONDS_PER_DAY;
$t_query = 'SELECT id, access_level FROM {user}
WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND ' . '( protected = 0 ) AND ' . db_helper_compare_time(db_param(), '>', 'date_created', $t_days_old);
$t_result = db_query($t_query, array(db_now()));
if (!$t_result) {
trigger_error(ERROR_GENERIC, ERROR);
}
$t_count = db_num_rows($t_result);
if ($t_count > 0) {
helper_ensure_confirmed(lang_get('confirm_account_pruning'), lang_get('prune_accounts_button'));
}
for ($i = 0; $i < $t_count; $i++) {
$t_row = db_fetch_array($t_result);
# Don't prune accounts with a higher global access level than the current user
if (access_has_global_level($t_row['access_level'])) {
user_delete($t_row['id']);
}
}
form_security_purge('manage_user_prune');
/**
* returns the number of bugs resolved in the last X days (default is 1 day) for the current project
*
* @param integer $p_num_days Anumber of days.
* @return integer
*/
function summary_resolved_bug_count_by_date($p_num_days = 1)
{
$t_resolved = config_get('bug_resolved_status_threshold');
$c_time_length = (int) $p_num_days * SECONDS_PER_DAY;
$t_project_id = helper_get_current_project();
$t_specific_where = helper_project_specific_where($t_project_id);
if (' 1<>1' == $t_specific_where) {
return 0;
}
$t_query = 'SELECT COUNT(DISTINCT(b.id))
FROM {bug} b
LEFT JOIN {bug_history} h
ON b.id = h.bug_id
AND h.type = ' . NORMAL_TYPE . '
AND h.field_name = \'status\'
WHERE b.status >= ' . db_param() . '
AND h.old_value < ' . db_param() . '
AND h.new_value >= ' . db_param() . '
AND ' . db_helper_compare_time(db_param(), '<=', 'date_modified', $c_time_length) . '
AND ' . $t_specific_where;
$t_result = db_query($t_query, array($t_resolved, $t_resolved, $t_resolved, db_now()));
return db_result($t_result, 0);
}
function mci_file_add($p_id, $p_name, $p_content, $p_file_type, $p_table, $p_title = '', $p_desc = '', $p_user_id = null)
{
if (!file_type_check($p_name)) {
return new soap_fault('Client', '', 'File type not allowed.');
}
if (!file_is_name_unique($p_name, $p_id)) {
return new soap_fault('Client', '', 'Duplicate filename.');
}
$t_file_size = strlen($p_content);
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
return new soap_fault('Client', '', 'File is too big.');
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_id, 'project_id');
$t_issue_id = bug_format_id($p_id);
} else {
$t_project_id = $p_id;
$t_issue_id = 0;
}
# prepare variables for insertion
$c_issue_id = db_prepare_int($t_issue_id);
$c_project_id = db_prepare_int($t_project_id);
$c_file_type = db_prepare_string($p_file_type);
$c_title = db_prepare_string($p_title);
$c_desc = db_prepare_string($p_desc);
if ($p_user_id === null) {
$c_user_id = auth_get_current_user_id();
} else {
$c_user_id = (int) $p_user_id;
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if ($t_file_path == '') {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$c_file_path = db_prepare_string($t_file_path);
$c_new_file_name = db_prepare_string($p_name);
$t_file_hash = $t_issue_id;
$t_disk_file_name = $t_file_path . file_generate_unique_name($t_file_hash . '-' . $p_name, $t_file_path);
$c_disk_file_name = db_prepare_string($t_disk_file_name);
$t_file_size = strlen($p_content);
$c_file_size = db_prepare_int($t_file_size);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case FTP:
case DISK:
if (!file_exists($t_file_path) || !is_dir($t_file_path) || !is_writable($t_file_path) || !is_readable($t_file_path)) {
return new soap_fault('Server', '', "Upload folder '{$t_file_path}' doesn't exist.");
}
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
mci_file_write_local($t_disk_file_name, $p_content);
if (FTP == $t_method) {
$conn_id = file_ftp_connect();
file_ftp_put($conn_id, $t_disk_file_name, $t_disk_file_name);
file_ftp_disconnect($conn_id);
file_delete_local($t_disk_file_name);
} else {
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
}
$c_content = "''";
}
break;
case DATABASE:
$c_content = db_prepare_binary_string($p_content);
break;
}
$t_file_table = db_get_table($p_table . '_file');
$c_id = 'bug' == $p_table ? $c_issue_id : $c_project_id;
$query = "INSERT INTO {$t_file_table}\n\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\tVALUES\n\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_disk_file_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
db_query($query);
# get attachment id
$t_attachment_id = db_insert_id($t_file_table);
if ('bug' == $p_table) {
# updated the last_updated date
$result = bug_update_date($c_issue_id);
# log new bug
history_log_event_special($c_issue_id, FILE_ADDED, $c_new_file_name);
}
return $t_attachment_id;
}
/**
* Add to email queue
* @param EmailData $p_email_data
* @return int
*/
function email_queue_add( $p_email_data ) {
$t_email_data = email_queue_prepare_db( $p_email_data );
# email cannot be blank
if( is_blank( $t_email_data->email ) ) {
error_parameters( lang_get( 'email' ) );
trigger_error( ERROR_EMPTY_FIELD, ERROR );
}
# subject cannot be blank
if( is_blank( $t_email_data->subject ) ) {
error_parameters( lang_get( 'subject' ) );
trigger_error( ERROR_EMPTY_FIELD, ERROR );
}
# body cannot be blank
if( is_blank( $t_email_data->body ) ) {
error_parameters( lang_get( 'body' ) );
trigger_error( ERROR_EMPTY_FIELD, ERROR );
}
$t_email_table = db_get_table( 'email' );
$c_email = $t_email_data->email;
$c_subject = $t_email_data->subject;
$c_body = $t_email_data->body;
$c_metadata = serialize( $t_email_data->metadata );
$query = "INSERT INTO $t_email_table
( email,
subject,
body,
submitted,
metadata)
VALUES
( " . db_param() . ",
" . db_param() . ",
" . db_param() . ",
" . db_param() . ",
" . db_param() . "
)";
db_query_bound( $query, Array( $c_email, $c_subject, $c_body, db_now(), $c_metadata ) );
return db_insert_id( $t_email_table, 'email_id' );
}
function user_update_last_visit($p_user_id)
{
$c_user_id = db_prepare_int($p_user_id);
$t_user_table = config_get('mantis_user_table');
$query = "UPDATE {$t_user_table}\n\t\t\t\t SET last_visit= " . db_now() . "\n\t\t\t\t WHERE id='{$c_user_id}'";
db_query($query);
user_clear_cache($p_user_id);
# db_query() errors on failure so:
return true;
}
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id The bug id (should be 0 when adding project doc).
* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().
* @param string $p_table Either 'bug' or 'project' depending on attachment type.
* @param string $p_title File title.
* @param string $p_desc File description.
* @param integer $p_user_id User id (defaults to current user).
* @param integer $p_date_added Date added.
* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
* @return void
*/
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
if (!file_is_name_unique($t_file_name, $p_bug_id)) {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_id = (int) $p_bug_id;
$t_bug_id = bug_format_id($p_bug_id);
} else {
$t_project_id = helper_get_current_project();
$t_id = $t_project_id;
$t_bug_id = 0;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($p_date_added <= 0) {
$p_date_added = db_now();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_unique_name = file_generate_unique_name($t_file_path);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case DISK:
file_ensure_valid_upload_path($t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
if (!file_exists($t_disk_file_name)) {
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
$t_file_path = '';
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . '_id';
$t_query = 'INSERT INTO ' . $t_file_table . ' ( ' . $t_id_col . ', title, description, diskfile, filename, folder,
filesize, file_type, date_added, user_id )
VALUES
( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )';
db_query($t_query, array($t_id, $p_title, $p_desc, $t_unique_name, $t_file_name, $t_file_path, $t_file_size, $p_file['type'], $p_date_added, (int) $p_user_id));
$t_attachment_id = db_insert_id($t_file_table);
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, 'diskfile=\'$t_unique_name\'');
} else {
$t_query = 'UPDATE ' . $t_file_table . ' SET content=' . db_param() . ' WHERE id = ' . db_param();
db_query($t_query, array($c_content, $t_attachment_id));
}
if ('bug' == $p_table) {
# update the last_updated date
if (!$p_skip_bug_update) {
bug_update_date($p_bug_id);
}
# log file added to bug history
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Add a version to the project
* @param int $p_project_id
* @param string $p_version
* @param int $p_released
* @param string $p_description
* @param int $p_date_order
* @param bool $p_obsolete
* @return int
*/
function version_add($p_project_id, $p_version, $p_released = VERSION_FUTURE, $p_description = '', $p_date_order = null, $p_obsolete = false)
{
$c_project_id = db_prepare_int($p_project_id);
$c_released = db_prepare_int($p_released);
$c_obsolete = db_prepare_bool($p_obsolete);
if (null === $p_date_order) {
$c_date_order = db_now();
} else {
$c_date_order = $p_date_order;
}
version_ensure_unique($p_version, $p_project_id);
$t_project_version_table = db_get_table('project_version');
$query = "INSERT INTO {$t_project_version_table}\n\t\t\t\t\t( project_id, version, date_order, description, released, obsolete )\n\t\t\t\t VALUES\n\t\t\t\t\t(" . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )';
db_query_bound($query, array($c_project_id, $p_version, $c_date_order, $p_description, $c_released, $c_obsolete));
# db_query errors on failure so:
return db_insert_id($t_project_version_table);
}
if ($t_page_count < 1) {
$t_page_count = 1;
}
# Make sure $p_page_number isn't past the last page.
if ($f_page_number > $t_page_count) {
$f_page_number = $t_page_count;
}
# Make sure $p_page_number isn't before the first page
if ($f_page_number < 1) {
$f_page_number = 1;
}
if (0 == $c_hide_inactive) {
$query = "SELECT *\n\t\t\t\tFROM {$t_user_table}\n\t\t\t\tWHERE {$t_where}\n\t\t\t\t{$t_show_disabled_cond}\n\t\t\t\tORDER BY {$c_sort} {$c_dir}";
$result = db_query_bound($query, $t_where_params, $p_per_page, $t_offset);
} else {
$query = "SELECT *\n\t\t\t\tFROM {$t_user_table}\n\t\t\t\tWHERE {$t_where} AND " . db_helper_compare_days("" . db_now() . "", "last_visit", "< {$days_old}") . "\n\t\t\t\t{$t_show_disabled_cond}\n\t\t\t\tORDER BY {$c_sort} {$c_dir}";
$result = db_query_bound($query, $t_where_params, $p_per_page, $t_offset);
}
$user_count = db_num_rows($result);
?>
<br />
<table class="width100" cellspacing="1">
<tr>
<td class="form-title" colspan="5">
<?php
echo lang_get('manage_accounts_title');
?>
[<?php
echo $total_user_count;
?>
]
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id the bug id
* @param array $p_file the uploaded file info, as retrieved from gpc_get_file()
*/
function file_add($p_bug_id, $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
if (!file_is_name_unique($t_file_name, $p_bug_id)) {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_bug_id = bug_format_id($p_bug_id);
} else {
$t_project_id = helper_get_current_project();
$t_bug_id = 0;
}
if ($p_user_id === null) {
$c_user_id = auth_get_current_user_id();
} else {
$c_user_id = (int) $p_user_id;
}
# prepare variables for insertion
$c_bug_id = db_prepare_int($p_bug_id);
$c_project_id = db_prepare_int($t_project_id);
$c_file_type = db_prepare_string($p_file['type']);
$c_title = db_prepare_string($p_title);
$c_desc = db_prepare_string($p_desc);
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$c_file_path = db_prepare_string($t_file_path);
$c_new_file_name = db_prepare_string($t_file_name);
$t_file_hash = 'bug' == $p_table ? $t_bug_id : config_get('document_files_prefix') . '-' . $t_project_id;
$t_unique_name = file_generate_unique_name($t_file_hash . '-' . $t_file_name, $t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
$c_unique_name = db_prepare_string($t_unique_name);
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
$c_file_size = db_prepare_int($t_file_size);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case FTP:
case DISK:
file_ensure_valid_upload_path($t_file_path);
if (!file_exists($t_disk_file_name)) {
if (FTP == $t_method) {
$conn_id = file_ftp_connect();
file_ftp_put($conn_id, $t_disk_file_name, $t_tmp_file);
file_ftp_disconnect($conn_id);
}
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = "''";
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table('mantis_' . $p_table . '_file_table');
$c_id = 'bug' == $p_table ? $c_bug_id : $c_project_id;
$query = "INSERT INTO {$t_file_table}\n\t\t\t\t\t\t(" . $p_table . "_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content, user_id)\n\t\t\t\t\t VALUES\n\t\t\t\t\t\t({$c_id}, '{$c_title}', '{$c_desc}', '{$c_unique_name}', '{$c_new_file_name}', '{$c_file_path}', {$c_file_size}, '{$c_file_type}', '" . db_now() . "', {$c_content}, {$c_user_id})";
db_query($query);
if ('bug' == $p_table) {
# updated the last_updated date
$result = bug_update_date($p_bug_id);
# log new bug
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
/**
* Attach a tag to a bug.
* @param integer Tag ID
* @param integer Bug ID
* @param integer User ID
*/
function tag_bug_attach($p_tag_id, $p_bug_id, $p_user_id = null)
{
access_ensure_bug_level(config_get('tag_attach_threshold'), $p_bug_id, $p_user_id);
tag_ensure_exists($p_tag_id);
if (tag_bug_is_attached($p_tag_id, $p_bug_id)) {
trigger_error(TAG_ALREADY_ATTACHED, ERROR);
}
if (null == $p_user_id) {
$p_used_id = auth_get_current_user_id();
} else {
user_ensure_exists($p_user_id);
}
$c_tag_id = db_prepare_int($p_tag_id);
$c_bug_id = db_prepare_int($p_bug_id);
$c_user_id = db_prepare_int($p_user_id);
$t_bug_tag_table = db_get_table('bug_tag');
$query = "INSERT INTO {$t_bug_tag_table}\n\t\t\t\t\t( tag_id,\n\t\t\t\t\t bug_id,\n\t\t\t\t\t user_id,\n\t\t\t\t\t date_attached\n\t\t\t\t\t)\n\t\t\t\t\tVALUES\n\t\t\t\t\t( " . db_param() . ",\n\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . "\n\t\t\t\t\t)";
db_query_bound($query, array($c_tag_id, $c_bug_id, $c_user_id, db_now()));
$t_tag_name = tag_get_field($p_tag_id, 'name');
history_log_event_special($p_bug_id, TAG_ATTACHED, $t_tag_name);
# updated the last_updated date
bug_update_date($p_bug_id);
return true;
}
/**
* Gets a limited set of news rows to be viewed on one page based on the criteria
* defined in the configuration file.
*
* @param integer $p_offset Offset.
* @param integer $p_project_id A project identifier.
* @return array
*/
function news_get_limited_rows($p_offset, $p_project_id = null)
{
if ($p_project_id === null) {
$p_project_id = helper_get_current_project();
}
$c_offset = (int) $p_offset;
$t_projects = current_user_get_all_accessible_subprojects($p_project_id);
$t_projects[] = (int) $p_project_id;
if (ALL_PROJECTS != $p_project_id) {
$t_projects[] = ALL_PROJECTS;
}
$t_news_view_limit = config_get('news_view_limit');
$t_news_view_limit_days = config_get('news_view_limit_days') * SECONDS_PER_DAY;
switch (config_get('news_limit_method')) {
case 0:
db_param_push();
# BY_LIMIT - Select the news posts
$t_query = 'SELECT * FROM {news}';
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$t_query .= ' WHERE project_id=' . db_param();
$t_params = array($c_project_id);
} else {
$t_query .= ' WHERE project_id IN (' . join($t_projects, ',') . ')';
$t_params = null;
}
$t_query .= ' ORDER BY announcement DESC, id DESC';
$t_result = db_query($t_query, $t_params, $t_news_view_limit, $c_offset);
break;
case 1:
db_param_push();
# BY_DATE - Select the news posts
$t_query = 'SELECT * FROM {news} WHERE
( ' . db_helper_compare_time(db_param(), '<', 'date_posted', $t_news_view_limit_days) . '
OR announcement = ' . db_param() . ' ) ';
$t_params = array(db_now(), 1);
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$t_query .= ' AND project_id=' . db_param();
$t_params[] = $c_project_id;
} else {
$t_query .= ' AND project_id IN (' . join($t_projects, ',') . ')';
}
$t_query .= ' ORDER BY announcement DESC, id DESC';
$t_result = db_query($t_query, $t_params, $t_news_view_limit, $c_offset);
break;
}
$t_rows = array();
while ($t_row = db_fetch_array($t_result)) {
array_push($t_rows, $t_row);
}
return $t_rows;
}
}
$t_index_links .= '<td>' . $t_link . '</td>';
}
$t_index_links .= '</tr></table></center>';
echo $t_index_links;
if ($f_prefix === 'ALL') {
$t_where = '(1 = 1)';
} else {
$c_prefix = db_prepare_string($f_prefix);
$t_where = "(username like '{$c_prefix}%')";
}
# Get the user data in $c_sort order
if (0 == $c_hide) {
$query = "SELECT *\n\t\t\t\tFROM {$t_user_table}\n\t\t\t\tWHERE {$t_where}\n\t\t\t\tORDER BY {$c_sort} {$c_dir}";
} else {
$query = "SELECT *\n\t\t\t\tFROM {$t_user_table}\n\t\t\t\tWHERE (" . db_helper_compare_days(db_now(), "last_visit", "< '{$days_old}'") . ") AND {$t_where}\n\t\t\t\tORDER BY {$c_sort} {$c_dir}";
}
$result = db_query($query);
$user_count = db_num_rows($result);
?>
<br />
<table class="width100" cellspacing="1">
<tr>
<td class="form-title" colspan="5">
<?php
echo lang_get('manage_accounts_title');
?>
[<?php
echo $user_count;
?>
]
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: manage_user_prune.php,v 1.11.2.1 2007-10-13 22:33:57 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
# helper_ensure_post();
auth_reauthenticate();
access_ensure_global_level(config_get('manage_user_threshold'));
$t_user_table = config_get('mantis_user_table');
# Delete the users who have never logged in and are older than 1 week
$days_old = 7;
$days_old = (int) $days_old;
$date_calc = db_helper_compare_days(db_now(), "date_created", "> {$days_old}");
$query = "SELECT id\n\t\t\tFROM {$t_user_table}\n\t\t\tWHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND {$date_calc}";
$result = db_query($query);
if (!$result) {
trigger_error(ERROR_GENERIC, ERROR);
}
$count = db_num_rows($result);
if ($count > 0) {
helper_ensure_confirmed(lang_get('confirm_account_pruning'), lang_get('prune_accounts_button'));
}
for ($i = 0; $i < $count; $i++) {
$row = db_fetch_array($result);
user_delete($row['id']);
}
$t_redirect_url = 'manage_user_page.php';
print_header_redirect($t_redirect_url);
/**
* あしあとを付ける
*
* @param int $c_member_id_to あしあとをつけるメンバーのID
* @param int $c_member_id_from あしあとをつけられるメンバーのID
* @return bool
*/
function op_ashiato_insert_c_ashiato($c_member_id_to, $c_member_id_from)
{
$data = array('c_member_id_from' => intval($c_member_id_from), 'c_member_id_to' => intval($c_member_id_to), 'r_datetime' => db_now(), 'r_date' => db_now());
if (!db_insert('c_ashiato', $data)) {
return false;
}
if ($ashiato_mail_num = OP::op_ashiato_ashiato_mail_num4c_member_id($c_member_id_to)) {
//総足あと数を取得
$ashiato_num = OP::op_ashiato_c_ashiato_num4c_member_id($c_member_id_to);
//あしあとお知らせメールを送る
if ($ashiato_num == $ashiato_mail_num) {
do_common_send_ashiato_mail($c_member_id_to, $c_member_id_from);
}
}
return true;
}
/**
* Add a file to the system using the configured storage method
*
* @param integer $p_bug_id The bug id (should be 0 when adding project doc).
* @param array $p_file The uploaded file info, as retrieved from gpc_get_file().
* @param string $p_table Either 'bug' or 'project' depending on attachment type.
* @param string $p_title File title.
* @param string $p_desc File description.
* @param integer $p_user_id User id (defaults to current user).
* @param integer $p_date_added Date added.
* @param boolean $p_skip_bug_update Skip bug last modification update (useful when importing bug attachments).
* @return void
*/
function file_add($p_bug_id, array $p_file, $p_table = 'bug', $p_title = '', $p_desc = '', $p_user_id = null, $p_date_added = 0, $p_skip_bug_update = false)
{
file_ensure_uploaded($p_file);
$t_file_name = $p_file['name'];
$t_tmp_file = $p_file['tmp_name'];
if (!file_type_check($t_file_name)) {
trigger_error(ERROR_FILE_NOT_ALLOWED, ERROR);
}
$t_org_filename = $t_file_name;
$t_suffix_id = 1;
while (!file_is_name_unique($t_file_name, $p_bug_id)) {
$t_suffix_id++;
$t_dot_index = strripos($t_org_filename, '.');
if ($t_dot_index === false) {
$t_file_name = $t_org_filename . '-' . $t_suffix_id;
} else {
$t_extension = substr($t_org_filename, $t_dot_index, strlen($t_org_filename) - $t_dot_index);
$t_file_name = substr($t_org_filename, 0, $t_dot_index) . '-' . $t_suffix_id . $t_extension;
}
}
antispam_check();
$t_file_size = filesize($t_tmp_file);
if (0 == $t_file_size) {
trigger_error(ERROR_FILE_NO_UPLOAD_FAILURE, ERROR);
}
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
if ($t_file_size > $t_max_file_size) {
trigger_error(ERROR_FILE_TOO_BIG, ERROR);
}
if ('bug' == $p_table) {
$t_project_id = bug_get_field($p_bug_id, 'project_id');
$t_id = (int) $p_bug_id;
} else {
$t_project_id = helper_get_current_project();
$t_id = $t_project_id;
}
if ($p_user_id === null) {
$p_user_id = auth_get_current_user_id();
}
if ($p_date_added <= 0) {
$p_date_added = db_now();
}
if ($t_project_id == ALL_PROJECTS) {
$t_file_path = config_get('absolute_path_default_upload_folder');
} else {
$t_file_path = project_get_field($t_project_id, 'file_path');
if (is_blank($t_file_path)) {
$t_file_path = config_get('absolute_path_default_upload_folder');
}
}
$t_unique_name = file_generate_unique_name($t_file_path);
$t_method = config_get('file_upload_method');
switch ($t_method) {
case DISK:
file_ensure_valid_upload_path($t_file_path);
$t_disk_file_name = $t_file_path . $t_unique_name;
if (!file_exists($t_disk_file_name)) {
if (!move_uploaded_file($t_tmp_file, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
} else {
trigger_error(ERROR_FILE_DUPLICATE, ERROR);
}
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($t_tmp_file, 'rb'), $t_file_size));
$t_file_path = '';
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
$t_file_table = db_get_table($p_table . '_file');
$t_id_col = $p_table . '_id';
$t_param = array($t_id_col => $t_id, 'title' => $p_title, 'description' => $p_desc, 'diskfile' => $t_unique_name, 'filename' => $t_file_name, 'folder' => $t_file_path, 'filesize' => $t_file_size, 'file_type' => $p_file['type'], 'date_added' => $p_date_added, 'user_id' => (int) $p_user_id);
# Oracle has to update BLOBs separately
if (!db_is_oracle()) {
$t_param['content'] = $c_content;
}
$t_query_param = db_param();
for ($i = 1; $i < count($t_param); $i++) {
$t_query_param .= ', ' . db_param();
}
$t_query = 'INSERT INTO ' . $t_file_table . '
( ' . implode(', ', array_keys($t_param)) . ' )
VALUES
( ' . $t_query_param . ' )';
db_query($t_query, array_values($t_param));
if (db_is_oracle()) {
db_update_blob($t_file_table, 'content', $c_content, "diskfile='{$t_unique_name}'");
}
if ('bug' == $p_table) {
# update the last_updated date
if (!$p_skip_bug_update) {
bug_update_date($p_bug_id);
}
# log file added to bug history
history_log_event_special($p_bug_id, FILE_ADDED, $t_file_name);
}
}
function news_get_limited_rows($p_offset, $p_project_id = null)
{
if ($p_project_id === null) {
$p_project_id = helper_get_current_project();
}
$c_offset = db_prepare_int($p_offset);
$t_projects = current_user_get_all_accessible_subprojects($p_project_id);
$t_projects[] = (int) $p_project_id;
if (ALL_PROJECTS != $p_project_id) {
$t_projects[] = ALL_PROJECTS;
}
$t_news_table = db_get_table('mantis_news_table');
$t_news_view_limit = config_get('news_view_limit');
$t_news_view_limit_days = config_get('news_view_limit_days') * SECONDS_PER_DAY;
switch (config_get('news_limit_method')) {
case 0:
# BY_LIMIT - Select the news posts
$query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table}";
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$query .= " WHERE project_id='{$c_project_id}'";
} else {
$query .= ' WHERE project_id IN (' . join($t_projects, ',') . ')';
}
$query .= ' ORDER BY announcement DESC, id DESC';
$result = db_query($query, $t_news_view_limit, $c_offset);
break;
case 1:
# BY_DATE - Select the news posts
$query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table} WHERE\n\t\t\t\t\t\t( " . db_helper_compare_days(0, 'date_posted', "< {$t_news_view_limit_days}") . "\n\t\t\t\t\t\t OR announcement = " . db_param() . " ) ";
$t_params = array(db_now(), 1);
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$query .= " AND project_id=" . db_param();
$t_params[] = $c_project_id;
} else {
$query .= ' AND project_id IN (' . join($t_projects, ',') . ')';
}
$query .= " ORDER BY announcement DESC, id DESC";
$result = db_query_bound($query, $t_params, $t_news_view_limit, $c_offset);
break;
}
# end switch
$t_row_count = db_num_rows($result);
$t_rows = array();
for ($i = 0; $i < $t_row_count; $i++) {
$row = db_fetch_array($result);
array_push($t_rows, $row);
}
return $t_rows;
}
/**
* Update the last_visited field to be now
*
* @param integer $p_user_id A valid user identifier.
* @return boolean always true
*/
function user_update_last_visit($p_user_id)
{
$c_user_id = (int) $p_user_id;
$c_value = db_now();
$t_query = 'UPDATE {user} SET last_visit=' . db_param() . ' WHERE id=' . db_param();
db_query($t_query, array($c_value, $c_user_id));
user_update_cache($c_user_id, 'last_visit', $c_value);
return true;
}
/**
* Update the last_modified field of the bugnote
* @param int $p_bugnote_id bugnote id
* @return bool
* @access public
*/
function bugnote_date_update($p_bugnote_id)
{
$c_bugnote_id = db_prepare_int($p_bugnote_id);
$t_bugnote_table = db_get_table('mantis_bugnote_table');
$query = "UPDATE {$t_bugnote_table}\n\t\t\t\t\tSET last_modified=" . db_param() . "\n\t\t\t\t\tWHERE id=" . db_param();
db_query_bound($query, array(db_now(), $c_bugnote_id));
# db_query errors if there was a problem so:
return true;
}
/**
* Purge all expired tokens.
* @param integer Token type
* @return always true.
*/
function token_purge_expired($p_token_type = null)
{
global $g_tokens_purged;
$t_tokens_table = db_get_table('mantis_tokens_table');
$t_query = "DELETE FROM {$t_tokens_table} WHERE " . db_param() . " > expiry";
if (!is_null($p_token_type)) {
$c_token_type = db_prepare_int($p_token_type);
$t_query .= " AND type=" . db_param();
db_query_bound($t_query, array(db_now(), $c_token_type));
} else {
db_query_bound($t_query, array(db_now()));
}
$g_tokens_purged = true;
return true;
}
/**
* Counts the number of changes done by the specified user within specified time window.
* @param integer $p_duration_in_seconds The time window in seconds.
* @param [type] $p_user_id The user id or null for logged in user.
* @return integer The number of changes done by user in the specified time window.
*/
function history_count_user_recent_events($p_duration_in_seconds, $p_user_id = null)
{
$t_user_id = null === $p_user_id ? auth_get_current_user_id() : $p_user_id;
$t_params = array(db_now() - $p_duration_in_seconds, $t_user_id);
$t_query = 'SELECT count(*) as event_count FROM {bug_history} WHERE date_modified > ' . db_param() . ' AND user_id = ' . db_param();
$t_result = db_query($t_query, $t_params);
$t_row = db_fetch_array($t_result);
return $t_row['event_count'];
}
/**
* メッセージの下書きを更新
*/
function db_message_update_message_to_is_save($c_message_id, $subject, $body, $is_send = 0)
{
// タイトルと本文中に書いてあるURLがSNS内でありセッションパラメータを含んでいた場合は削除
$subject = db_ktai_delete_url_session_parameter($subject);
$body = db_ktai_delete_url_session_parameter($body);
$data = array('subject' => $subject, 'body' => $body, 'r_datetime' => db_now(), 'is_send' => (bool) $is_send);
$where = array('c_message_id' => intval($c_message_id));
db_update('c_message', $data, $where);
}
/**
* Update the last_visited field to be now
*
* @param int $p_user_id User ID
* @return bool always true
*/
function user_update_last_visit($p_user_id)
{
$c_user_id = (int) $p_user_id;
$c_value = db_now();
$t_user_table = db_get_table('user');
$query = "UPDATE {$t_user_table}\n\t\t\t\t SET last_visit= " . db_param() . "\n\t\t\t\t WHERE id=" . db_param();
db_query_bound($query, array($c_value, $c_user_id));
user_update_cache($p_user_id, 'last_visit', $c_value);
return true;
}
form_security_validate( 'manage_user_prune' );
auth_reauthenticate();
access_ensure_global_level( config_get( 'manage_user_threshold' ) );
$t_user_table = db_get_table( 'user' );
# Delete the users who have never logged in and are older than 1 week
$days_old = (int)7 * SECONDS_PER_DAY;
$query = "SELECT id, access_level
FROM $t_user_table
WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" );
$result = db_query_bound($query, Array( db_now() ) );
if ( !$result ) {
trigger_error( ERROR_GENERIC, ERROR );
}
$count = db_num_rows( $result );
if ( $count > 0 ) {
helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ),
lang_get( 'prune_accounts_button' ) );
}
for ($i=0; $i < $count; $i++) {
$row = db_fetch_array( $result );
# Don't prune accounts with a higher global access level than the current user
}
if (!move_uploaded_file($v_tmp_name, $t_disk_file_name)) {
trigger_error(ERROR_FILE_MOVE_FAILED, ERROR);
}
chmod($t_disk_file_name, config_get('attachments_file_permissions'));
$c_content = '';
break;
case DATABASE:
$c_content = db_prepare_binary_string(fread(fopen($v_tmp_name, 'rb'), $v_size));
break;
default:
/** @todo Such errors should be checked in the admin checks */
trigger_error(ERROR_GENERIC, ERROR);
}
$query = "UPDATE {$t_project_file_table}\n\t\t\tSET title=" . db_param() . ", description=" . db_param() . ", date_added=" . db_param() . ",\n\t\t\t\tfilename=" . db_param() . ", filesize=" . db_param() . ", file_type=" . db_param() . ", content=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_title, $c_description, db_now(), $c_file_name, $c_file_size, $c_file_type, $c_content, $c_file_id));
} else {
$query = "UPDATE {$t_project_file_table}\n\t\t\t\tSET title=" . db_param() . ", description=" . db_param() . "\n\t\t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_title, $c_description, $c_file_id));
}
if (!$result) {
trigger_error(ERROR_GENERIC, ERROR);
}
form_security_purge('proj_doc_update');
$t_redirect_url = 'proj_doc_page.php';
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
