Ejemplo n.º 1
0
?>
</textarea>
	</td>
</tr>
<tr class="row-1">
	<th class="category">
		<?php 
echo lang_get('filename');
?>
	</th>
	<td>
		<?php 
$t_href = '<a href="file_download.php?file_id=' . $v_id . '&amp;type=doc">';
echo $t_href;
print_file_icon($v_filename);
echo '</a>&#160;' . $t_href . file_get_display_name($v_filename) . '</a>';
?>
	</td>
</tr>
<tr class="row-2">
	<td class="category">
		<?php 
echo lang_get('select_file');
?>
<br />
		<?php 
// FIXME: hard coded "k" in here.
?>
		<span class="small"><?php 
echo lang_get('max_file_size_label') . lang_get('word_separator') . number_format($t_max_file_size / 1000);
?>
Ejemplo n.º 2
0
/**
 * Copies all attachments from the source bug to the destination bug
 *
 * Does not perform history logging and does not perform access checks.
 *
 * @param integer $p_source_bug_id Source Bug.
 * @param integer $p_dest_bug_id   Destination Bug.
 * @return void
 */
function file_copy_attachments($p_source_bug_id, $p_dest_bug_id)
{
    $t_query = 'SELECT * FROM {bug_file} WHERE bug_id = ' . db_param();
    $t_result = db_query($t_query, array($p_source_bug_id));
    $t_count = db_num_rows($t_result);
    $t_project_id = bug_get_field($p_source_bug_id, 'project_id');
    for ($i = 0; $i < $t_count; $i++) {
        $t_bug_file = db_fetch_array($t_result);
        # prepare the new diskfile name and then copy the file
        $t_source_file = $t_bug_file['folder'] . $t_bug_file['diskfile'];
        if (config_get('file_upload_method') == DISK) {
            $t_source_file = file_normalize_attachment_path($t_source_file, $t_project_id);
            $t_file_path = dirname($t_source_file) . DIRECTORY_SEPARATOR;
        } else {
            $t_file_path = $t_bug_file['folder'];
        }
        $t_new_diskfile_name = file_generate_unique_name($t_file_path);
        $t_new_diskfile_location = $t_file_path . $t_new_diskfile_name;
        $t_new_file_name = file_get_display_name($t_bug_file['filename']);
        if (config_get('file_upload_method') == DISK) {
            # Skip copy operation if file does not exist (i.e. target bug will have missing attachment)
            # @todo maybe we should trigger an error instead in this case ?
            if (file_exists($t_source_file)) {
                copy($t_source_file, $t_new_diskfile_location);
                chmod($t_new_diskfile_location, config_get('attachments_file_permissions'));
            }
        }
        $t_query = 'INSERT INTO {bug_file} (
				bug_id, title, description, diskfile, filename, folder,
				filesize, file_type, date_added, user_id, content
			)
			VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ')';
        db_query($t_query, array($p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_file_path, $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['user_id'], $t_bug_file['content']));
    }
}
Ejemplo n.º 3
0
    case 'doc':
        # Check if project documentation feature is enabled.
        if (OFF == config_get('enable_project_documentation')) {
            access_denied();
        }
        access_ensure_project_level(config_get('view_proj_doc_threshold'), $v_project_id);
        break;
}
# flush output buffer to protect download
@ob_end_clean();
# Make sure that IE can download the attachments under https.
header('Pragma: public');
header('Content-Type: ' . $v_file_type);
header('Content-Length: ' . $v_filesize);
# Added Quotes (") around file name.
header('Content-Disposition: attachment; filename="' . file_get_display_name($v_filename) . '"');
header('Content-Description: Download Data');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', db_unixtimestamp($v_date_added)));
# To fix an IE bug which causes problems when downloading
# attached files via HTTPS, we disable the "Pragma: no-cache"
# command when IE is used over HTTPS.
global $g_allow_file_cache;
if (isset($_SERVER["HTTPS"]) && "on" == $_SERVER["HTTPS"] && preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
    # Suppress "Pragma: no-cache" header.
} else {
    if (!isset($g_allow_file_cache)) {
        header('Pragma: no-cache');
    }
}
header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
# dump file content to the connection.
Ejemplo n.º 4
0
# Make sure that IE can download the attachments under https.
header('Pragma: public');
# To fix an IE bug which causes problems when downloading
# attached files via HTTPS, we disable the "Pragma: no-cache"
# command when IE is used over HTTPS.
global $g_allow_file_cache;
if (http_is_protocol_https() && is_browser_internet_explorer()) {
    # Suppress "Pragma: no-cache" header.
} else {
    if (!isset($g_allow_file_cache)) {
        header('Pragma: no-cache');
    }
}
header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', $v_date_added));
$t_filename = file_get_display_name($v_filename);
# For Internet Explorer 8 as per http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
# Don't let IE second guess our content-type!
header('X-Content-Type-Options: nosniff');
http_content_disposition_header($t_filename, $f_show_inline);
header('Content-Length: ' . $v_filesize);
# If finfo is available (always true for PHP >= 5.3.0) we can use it to determine the MIME type of files
$finfo = finfo_get_if_available();
$t_content_type = $v_file_type;
$t_content_type_override = file_get_content_type_override($t_filename);
# dump file content to the connection.
switch (config_get('file_upload_method')) {
    case DISK:
        $t_local_disk_file = file_normalize_attachment_path($v_diskfile, $t_project_id);
        if (file_exists($t_local_disk_file)) {
            if ($finfo) {
Ejemplo n.º 5
0
/**
 *
 * Copies all attachments from the source bug to the destination bug
 *
 * <p>Does not perform history logging and does not perform access checks.</p>
 *
 * @param int $p_source_bug_id
 * @param int $p_dest_bug_id
 */
function file_copy_attachments($p_source_bug_id, $p_dest_bug_id)
{
    $t_mantis_bug_file_table = db_get_table('bug_file');
    $query = 'SELECT * FROM ' . $t_mantis_bug_file_table . ' WHERE bug_id = ' . db_param();
    $result = db_query_bound($query, array($p_source_bug_id));
    $t_count = db_num_rows($result);
    $t_bug_file = array();
    for ($i = 0; $i < $t_count; $i++) {
        $t_bug_file = db_fetch_array($result);
        # prepare the new diskfile name and then copy the file
        $t_file_path = dirname($t_bug_file['folder']);
        $t_new_diskfile_name = $t_file_path . file_generate_unique_name('bug-' . $t_bug_file['filename'], $t_file_path);
        $t_new_file_name = file_get_display_name($t_bug_file['filename']);
        if (config_get('file_upload_method') == DISK) {
            copy($t_bug_file['diskfile'], $t_new_diskfile_name);
            chmod($t_new_diskfile_name, config_get('attachments_file_permissions'));
        }
        $query = "INSERT INTO {$t_mantis_bug_file_table}\n    \t\t\t\t\t\t( bug_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content )\n    \t\t\t\t\t\tVALUES ( " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ",\n    \t\t\t\t\t\t\t\t " . db_param() . ");";
        db_query_bound($query, array($p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_bug_file['folder'], $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['content']));
    }
}
Ejemplo n.º 6
0
/**
 * Copy a bug from one project to another. Also make copies of issue notes, attachments, history,
 * email notifications etc.
 * @todo Not managed FTP file upload
 * @param array p_bug_id integer representing bug id
 * @param int p_target_project_id
 * @param bool p_copy_custom_fields
 * @param bool p_copy_relationships
 * @return int representing the new bugid
 * @access public
 */
function bug_copy($p_bug_id, $p_target_project_id = null, $p_copy_custom_fields = false, $p_copy_relationships = false, $p_copy_history = false, $p_copy_attachments = false, $p_copy_bugnotes = false, $p_copy_monitoring_users = false)
{
    global $g_db;
    $t_mantis_custom_field_string_table = db_get_table('custom_field_string');
    $t_mantis_bug_file_table = db_get_table('bug_file');
    $t_mantis_bugnote_table = db_get_table('bugnote');
    $t_mantis_bugnote_text_table = db_get_table('bugnote_text');
    $t_mantis_bug_history_table = db_get_table('bug_history');
    $t_mantis_db = $g_db;
    $t_bug_id = db_prepare_int($p_bug_id);
    $t_target_project_id = db_prepare_int($p_target_project_id);
    $t_bug_data = bug_get($t_bug_id, true);
    # retrieve the project id associated with the bug
    if ($p_target_project_id == null || is_blank($p_target_project_id)) {
        $t_target_project_id = $t_bug_data->project_id;
    }
    $t_bug_data->project_id = $t_target_project_id;
    $t_new_bug_id = $t_bug_data->create();
    # MASC ATTENTION: IF THE SOURCE BUG HAS TO HANDLER THE bug_create FUNCTION CAN TRY TO AUTO-ASSIGN THE BUG
    # WE FORCE HERE TO DUPLICATE THE SAME HANDLER OF THE SOURCE BUG
    # @todo VB: Shouldn't we check if the handler in the source project is also a handler in the destination project?
    bug_set_field($t_new_bug_id, 'handler_id', $t_bug_data->handler_id);
    bug_set_field($t_new_bug_id, 'duplicate_id', $t_bug_data->duplicate_id);
    bug_set_field($t_new_bug_id, 'status', $t_bug_data->status);
    bug_set_field($t_new_bug_id, 'resolution', $t_bug_data->resolution);
    bug_set_field($t_new_bug_id, 'projection', $t_bug_data->projection);
    bug_set_field($t_new_bug_id, 'date_submitted', $t_bug_data->date_submitted);
    bug_set_field($t_new_bug_id, 'last_updated', $t_bug_data->last_updated);
    bug_set_field($t_new_bug_id, 'eta', $t_bug_data->eta);
    bug_set_field($t_new_bug_id, 'fixed_in_version', $t_bug_data->fixed_in_version);
    bug_set_field($t_new_bug_id, 'target_version', $t_bug_data->target_version);
    bug_set_field($t_new_bug_id, 'sponsorship_total', 0);
    bug_set_field($t_new_bug_id, 'sticky', 0);
    bug_set_field($t_new_bug_id, 'due_date', $t_bug_data->due_date);
    # COPY CUSTOM FIELDS
    if ($p_copy_custom_fields) {
        $query = "SELECT field_id, bug_id, value\n\t\t\t\t\t   FROM {$t_mantis_custom_field_string_table}\n\t\t\t\t\t   WHERE bug_id=" . db_param();
        $result = db_query_bound($query, array($t_bug_id));
        $t_count = db_num_rows($result);
        for ($i = 0; $i < $t_count; $i++) {
            $t_bug_custom = db_fetch_array($result);
            $c_field_id = db_prepare_int($t_bug_custom['field_id']);
            $c_new_bug_id = db_prepare_int($t_new_bug_id);
            $c_value = $t_bug_custom['value'];
            $query = "INSERT INTO {$t_mantis_custom_field_string_table}\n\t\t\t\t\t\t   ( field_id, bug_id, value )\n\t\t\t\t\t\t   VALUES (" . db_param() . ', ' . db_param() . ', ' . db_param() . ')';
            db_query_bound($query, array($c_field_id, $c_new_bug_id, $c_value));
        }
    }
    # Copy Relationships
    if ($p_copy_relationships) {
        relationship_copy_all($t_bug_id, $t_new_bug_id);
    }
    # Copy bugnotes
    if ($p_copy_bugnotes) {
        $query = "SELECT *\n\t\t\t\t\t  FROM {$t_mantis_bugnote_table}\n\t\t\t\t\t  WHERE bug_id=" . db_param();
        $result = db_query_bound($query, array($t_bug_id));
        $t_count = db_num_rows($result);
        for ($i = 0; $i < $t_count; $i++) {
            $t_bug_note = db_fetch_array($result);
            $t_bugnote_text_id = $t_bug_note['bugnote_text_id'];
            $query2 = "SELECT *\n\t\t\t\t\t\t   FROM {$t_mantis_bugnote_text_table}\n\t\t\t\t\t\t   WHERE id=" . db_param();
            $result2 = db_query_bound($query2, array($t_bugnote_text_id));
            $t_count2 = db_num_rows($result2);
            $t_bugnote_text_insert_id = -1;
            if ($t_count2 > 0) {
                $t_bugnote_text = db_fetch_array($result2);
                $query2 = "INSERT INTO {$t_mantis_bugnote_text_table}\n\t\t\t\t\t\t\t   ( note )\n\t\t\t\t\t\t\t   VALUES ( " . db_param() . ' )';
                db_query_bound($query2, array($t_bugnote_text['note']));
                $t_bugnote_text_insert_id = db_insert_id($t_mantis_bugnote_text_table);
            }
            $query2 = "INSERT INTO {$t_mantis_bugnote_table}\n\t\t\t\t\t\t   ( bug_id, reporter_id, bugnote_text_id, view_state, date_submitted, last_modified )\n\t\t\t\t\t\t   VALUES ( " . db_param() . ",\n\t\t\t\t\t\t   \t\t\t" . db_param() . ",\n\t\t\t\t\t\t   \t\t\t" . db_param() . ",\n\t\t\t\t\t\t   \t\t\t" . db_param() . ",\n\t\t\t\t\t\t   \t\t\t" . db_param() . ",\n\t\t\t\t\t\t   \t\t\t" . db_param() . ')';
            db_query_bound($query2, array($t_new_bug_id, $t_bug_note['reporter_id'], $t_bugnote_text_insert_id, $t_bug_note['view_state'], $t_bug_note['date_submitted'], $t_bug_note['last_modified']));
        }
    }
    # Copy attachments
    if ($p_copy_attachments) {
        $query = 'SELECT * FROM ' . $t_mantis_bug_file_table . ' WHERE bug_id = ' . db_param();
        $result = db_query_bound($query, array($t_bug_id));
        $t_count = db_num_rows($result);
        $t_bug_file = array();
        for ($i = 0; $i < $t_count; $i++) {
            $t_bug_file = db_fetch_array($result);
            # prepare the new diskfile name and then copy the file
            $t_file_path = dirname($t_bug_file['folder']);
            $t_new_diskfile_name = $t_file_path . file_generate_unique_name('bug-' . $t_bug_file['filename'], $t_file_path);
            $t_new_file_name = file_get_display_name($t_bug_file['filename']);
            if (config_get('file_upload_method') == DISK) {
                copy($t_bug_file['diskfile'], $t_new_diskfile_name);
                chmod($t_new_diskfile_name, config_get('attachments_file_permissions'));
            }
            $query = "INSERT INTO {$t_mantis_bug_file_table}\n\t\t\t\t\t\t( bug_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content )\n\t\t\t\t\t\tVALUES ( " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ");";
            db_query_bound($query, array($t_new_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_bug_file['folder'], $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['content']));
        }
    }
    # Copy users monitoring bug
    if ($p_copy_monitoring_users) {
        bug_monitor_copy($t_bug_id, $t_new_bug_id);
    }
    # COPY HISTORY
    history_delete($t_new_bug_id);
    # should history only be deleted inside the if statement below?
    if ($p_copy_history) {
        $query = "SELECT *\n\t\t\t\t\t  FROM {$t_mantis_bug_history_table}\n\t\t\t\t\t  WHERE bug_id = " . db_param();
        $result = db_query_bound($query, array($t_bug_id));
        $t_count = db_num_rows($result);
        for ($i = 0; $i < $t_count; $i++) {
            $t_bug_history = db_fetch_array($result);
            $query = "INSERT INTO {$t_mantis_bug_history_table}\n\t\t\t\t\t\t  ( user_id, bug_id, date_modified, field_name, old_value, new_value, type )\n\t\t\t\t\t\t  VALUES ( " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . ",\n\t\t\t\t\t\t  \t\t   " . db_param() . " );";
            db_query_bound($query, array($t_bug_history['user_id'], $t_new_bug_id, $t_bug_history['date_modified'], $t_bug_history['field_name'], $t_bug_history['old_value'], $t_bug_history['new_value'], $t_bug_history['type']));
        }
    }
    return $t_new_bug_id;
}
Ejemplo n.º 7
0
function file_delete($p_file_id, $p_table = 'bug')
{
    $t_upload_method = config_get('file_upload_method');
    $c_file_id = db_prepare_int($p_file_id);
    $t_filename = file_get_field($p_file_id, 'filename', $p_table);
    $t_diskfile = file_get_field($p_file_id, 'diskfile', $p_table);
    if (DISK == $t_upload_method || FTP == $t_upload_method) {
        if (FTP == $t_upload_method) {
            $ftp = file_ftp_connect();
            file_ftp_delete($ftp, $t_diskfile);
            file_ftp_disconnect($ftp);
        }
        if (file_exists($t_diskfile)) {
            file_delete_local($t_diskfile);
        }
    }
    if ('bug' == $p_table) {
        # log file deletion
        $t_bug_id = file_get_field($p_file_id, 'bug_id', 'bug');
        history_log_event_special($t_bug_id, FILE_DELETED, file_get_display_name($t_filename));
    }
    $t_file_table = config_get('mantis_' . $p_table . '_file_table');
    $query = "DELETE FROM {$t_file_table}\n\t\t\t\tWHERE id='{$c_file_id}'";
    db_query($query);
    return true;
}
Ejemplo n.º 8
0
function file_delete($p_file_id, $p_table = 'bug')
{
    $t_upload_method = config_get('file_upload_method');
    $c_file_id = db_prepare_int($p_file_id);
    $t_filename = file_get_field($p_file_id, 'filename', $p_table);
    $t_diskfile = file_get_field($p_file_id, 'diskfile', $p_table);
    if ($p_table == 'bug') {
        $t_bug_id = file_get_field($p_file_id, 'bug_id', $p_table);
        $t_project_id = bug_get_field($t_bug_id, 'project_id');
    } else {
        $t_project_id = file_get_field($p_file_id, 'project_id', $p_table);
    }
    if (DISK == $t_upload_method || FTP == $t_upload_method) {
        if (FTP == $t_upload_method) {
            $ftp = file_ftp_connect();
            file_ftp_delete($ftp, $t_diskfile);
            file_ftp_disconnect($ftp);
        }
        $t_local_disk_file = file_normalize_attachment_path($t_diskfile, $t_project_id);
        if (file_exists($t_local_disk_file)) {
            file_delete_local($t_local_disk_file);
        }
    }
    if ('bug' == $p_table) {
        # log file deletion
        history_log_event_special($t_bug_id, FILE_DELETED, file_get_display_name($t_filename));
    }
    $t_file_table = db_get_table($p_table . '_file');
    $query = "DELETE FROM {$t_file_table}\n\t\t\t\tWHERE id=" . db_param();
    db_query_bound($query, array($c_file_id));
    return true;
}