function session_pagestart($user_ip, $thispage_id) { global $db, $lang, $board_config; global $HTTP_COOKIE_VARS, $HTTP_GET_VARS, $SID; $cookiename = $board_config['cookie_name']; $cookiepath = $board_config['cookie_path']; $cookiedomain = $board_config['cookie_domain']; $cookiesecure = $board_config['cookie_secure']; $current_time = time(); unset($userdata); if (isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) || isset($HTTP_COOKIE_VARS[$cookiename . '_data'])) { $sessiondata = isset($HTTP_COOKIE_VARS[$cookiename . '_data']) ? unserialize(stripslashes($HTTP_COOKIE_VARS[$cookiename . '_data'])) : array(); $session_id = isset($HTTP_COOKIE_VARS[$cookiename . '_sid']) ? $HTTP_COOKIE_VARS[$cookiename . '_sid'] : ''; $sessionmethod = SESSION_METHOD_COOKIE; } else { $sessiondata = array(); $session_id = isset($HTTP_GET_VARS['sid']) ? $HTTP_GET_VARS['sid'] : ''; $sessionmethod = SESSION_METHOD_GET; } // if (!preg_match('/^[A-Za-z0-9]*$/', $session_id)) { $session_id = ''; } $thispage_id = (int) $thispage_id; // // Does a session exist? // if (!empty($session_id)) { // // session_id exists so go ahead and attempt to grab all // data in preparation // $sql = "SELECT u.*, s.*\n\t\t\tFROM " . SESSIONS_TABLE . " s, " . USERS_TABLE . " u\n\t\t\tWHERE s.session_id = '{$session_id}'\n\t\t\t\tAND u.user_id = s.session_user_id"; if (!($result = $db->sql_query($sql))) { message_die(CRITICAL_ERROR, 'Error doing DB query userdata row fetch', '', __LINE__, __FILE__, $sql); } $userdata = $db->sql_fetchrow($result); // // Did the session exist in the DB? // if (isset($userdata['user_id'])) { // Added by FAI // Find Public Whip user id $logged_into_pw = user_isloggedin(); global $user_name; // Look it up in PHPBB user account list $result = $db->sql_query("select user_id from phpbb_users where username = '******'"); if ($result) { $row = $db->sql_fetchrow($result); $user_id_for_phpbb = $row['user_id']; } $url = !empty($HTTP_POST_VARS['redirect']) ? str_replace('&', '&', htmlspecialchars($HTTP_POST_VARS['redirect'])) : str_replace("/forum/", "", $_SERVER['REQUEST_URI']); if ($logged_into_pw) { // If user id is wrong, log into it if ($user_id_for_phpbb && $user_id_for_phpbb != $userdata['user_id']) { if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); } $session_id = session_begin($user_id_for_phpbb, $user_ip, PAGE_INDEX, FALSE, TRUE); redirect(append_sid($url, true)); exit; } // Otherwise make new account if (!$user_id_for_phpbb) { // Log out first if logged in if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); exit; } $sql = "SELECT MAX(user_id) AS total FROM " . USERS_TABLE; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } if (!($row = $db->sql_fetchrow($result))) { message_die(GENERAL_ERROR, 'Could not obtain next user_id information', '', __LINE__, __FILE__, $sql); } $user_id = $row['total'] + 1; $notifyreply = 1; $sql = "INSERT INTO " . USERS_TABLE . "\t \nVALUES ('" . mysql_escape_string($user_id) . "',1,'" . mysql_escape_string($user_name) . "','NEVER***',0,0,0," . time() . ",0,0,0.00,1,'english','D M d, Y g:i a',0,0,0,NULL,0,1,1,1,1,1,1,1,1,1,1,0,'',0,'" . mysql_escape_string(user_getemail()) . "','','','','','','','','','','','',NULL,0,0)"; /* VALUES ($user_id, '" . str_replace("\'", "''", $user_name) . "', " . time() . ", '" . str_replace("\'", "''", "NOT VALID ***") . "', '" . str_replace("\'", "''", user_getemail()) . "', '" . str_replace("\'", "''", $icq) . "', '" . str_replace("\'", "''", $website) . "', '" . str_replace("\'", "''", $occupation) . "', '" . str_replace("\'", "''", $location) . "', '" . str_replace("\'", "''", $interests) . "', '" . str_replace("\'", "''", $signature) . "', '$signature_bbcode_uid', $avatar_sql, $viewemail, '" . str_replace("\'", "''", str_replace(' ', '+', $aim)) . "', '" . str_replace("\'", "''", $yim) . "', '" . str_replace("\'", "''", $msn) . "', $attachsig, $allowsmilies, $allowhtml, $allowbbcode, $allowviewonline, $notifyreply, $notifypm, $popup_pm, $user_timezone, '" . str_replace("\'", "''", $user_dateformat) . "', '" . str_replace("\'", "''", $user_lang) . "', $user_style, 0, 1, "; */ if (!($result = $db->sql_query($sql, BEGIN_TRANSACTION))) { message_die(GENERAL_ERROR, 'Could not insert data into users table', '', __LINE__, __FILE__, $sql); } $sql = "INSERT INTO " . GROUPS_TABLE . " (group_name, group_description, group_single_user, group_moderator)\n\t\t\t\tVALUES ('', 'Personal User', 1, 0)"; if (!($result = $db->sql_query($sql))) { message_die(GENERAL_ERROR, 'Could not insert data into groups table', '', __LINE__, __FILE__, $sql); } $group_id = $db->sql_nextid(); $sql = "INSERT INTO " . USER_GROUP_TABLE . " (user_id, group_id, user_pending)\n\t\t\t\tVALUES ({$user_id}, {$group_id}, 0)"; if (!($result = $db->sql_query($sql, END_TRANSACTION))) { message_die(GENERAL_ERROR, 'Could not insert data into user_group table', '', __LINE__, __FILE__, $sql); } $session_id = session_begin($user_id, $user_ip, PAGE_INDEX, FALSE, TRUE); redirect(append_sid($url, true)); exit; } } else { if ($userdata['user_id'] > 0) { session_end($userdata['session_id'], $userdata['user_id']); redirect(append_sid($url, true)); exit; } } // End added by FAI // // Do not check IP assuming equivalence, if IPv4 we'll check only first 24 // bits ... I've been told (by vHiker) this should alleviate problems with // load balanced et al proxies while retaining some reliance on IP security. // $ip_check_s = substr($userdata['session_ip'], 0, 6); $ip_check_u = substr($user_ip, 0, 6); if ($ip_check_s == $ip_check_u) { $SID = $sessionmethod == SESSION_METHOD_GET || defined('IN_ADMIN') ? 'sid=' . $session_id : ''; // // Only update session DB a minute or so after last update // if ($current_time - $userdata['session_time'] > 60) { // A little trick to reset session_admin on session re-usage $update_admin = !defined('IN_ADMIN') && $current_time - $userdata['session_time'] > $board_config['session_length'] + 60 ? ', session_admin = 0' : ''; $sql = "UPDATE " . SESSIONS_TABLE . " \n\t\t\t\t\t\tSET session_time = {$current_time}, session_page = {$thispage_id}{$update_admin}\n\t\t\t\t\t\tWHERE session_id = '" . $userdata['session_id'] . "'"; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } if ($userdata['user_id'] != ANONYMOUS) { $sql = "UPDATE " . USERS_TABLE . " \n\t\t\t\t\t\t\tSET user_session_time = {$current_time}, user_session_page = {$thispage_id}\n\t\t\t\t\t\t\tWHERE user_id = " . $userdata['user_id']; if (!$db->sql_query($sql)) { message_die(CRITICAL_ERROR, 'Error updating sessions table', '', __LINE__, __FILE__, $sql); } } session_clean($userdata['session_id']); setcookie($cookiename . '_data', serialize($sessiondata), $current_time + 31536000, $cookiepath, $cookiedomain, $cookiesecure); setcookie($cookiename . '_sid', $session_id, 0, $cookiepath, $cookiedomain, $cookiesecure); } // Add the session_key to the userdata array if it is set if (isset($sessiondata['autologinid']) && $sessiondata['autologinid'] != '') { $userdata['session_key'] = $sessiondata['autologinid']; } return $userdata; } } } // // If we reach here then no (valid) session exists. So we'll create a new one, // using the cookie user_id if available to pull basic user prefs. // $user_id = isset($sessiondata['userid']) ? intval($sessiondata['userid']) : ANONYMOUS; if (!($userdata = session_begin($user_id, $user_ip, $thispage_id, TRUE))) { message_die(CRITICAL_ERROR, 'Error creating user session', '', __LINE__, __FILE__, $sql); } return $userdata; }
function session_require($req) { global $Language; /* Codendi admins always return true */ if (user_is_super_user()) { return true; } if (isset($req['group']) && $req['group']) { $query = "SELECT user_id FROM user_group WHERE user_id=" . user_getid() . " AND group_id=" . db_ei($req['group']); if (isset($req['admin_flags']) && $req['admin_flags']) { $query .= " AND admin_flags = '" . db_escape_string($req['admin_flags']) . "'"; } if (db_numrows(db_query($query)) < 1 || !$req['group']) { exit_error($Language->getText('include_session', 'insufficient_g_access'), $Language->getText('include_session', 'no_perm_to_view')); } } elseif (isset($req['user']) && $req['user']) { if (user_getid() != $req['user']) { exit_error($Language->getText('include_session', 'insufficient_u_access'), $Language->getText('include_session', 'no_perm_to_view')); } } elseif (isset($req['isloggedin']) && $req['isloggedin']) { if (!user_isloggedin()) { exit_error($Language->getText('include_session', 'required_login'), $Language->getText('include_session', 'login')); } } else { exit_error($Language->getText('include_session', 'insufficient_access'), $Language->getText('include_session', 'no_access')); } }
function user_isadministrator() { if (user_isloggedin() and session_is_registered('type') and $_SESSION['type'] == 0) { return true; } return false; }
function commits_header($params) { global $group_id, $Language; $params['toptab'] = 'cvs'; $params['group'] = $group_id; $pm = ProjectManager::instance(); $project = $pm->getProject($group_id); if (!$project->usesCVS()) { exit_error($Language->getText('global', 'error'), $Language->getText('cvs_commit_utils', 'error_off')); } echo site_project_header($params); echo '<P><B><A HREF="/cvs/?func=info&group_id=' . $group_id . '">' . $Language->getText('cvs_commit_utils', 'menu_info') . '</A>'; if ($project->isPublic() || user_isloggedin()) { $uri = session_make_url('/cvs/viewvc.php/?root=' . $project->getUnixName(false) . '&roottype=cvs'); echo ' | <A HREF="' . $uri . '">' . $Language->getText('cvs_commit_utils', 'menu_browse') . '</A>'; } if (user_isloggedin()) { echo ' | <A HREF="/cvs/?func=browse&group_id=' . $group_id . '&set=my">' . $Language->getText('cvs_commit_utils', 'menu_my') . '</A>'; echo ' | <A HREF="/cvs/?func=browse&group_id=' . $group_id . '">' . $Language->getText('cvs_commit_utils', 'menu_query') . '</A>'; } if (user_ismember($group_id, 'A')) { echo ' | <A HREF="/cvs/?func=admin&group_id=' . $group_id . '">' . $Language->getText('cvs_commit_utils', 'menu_admin') . '</A>'; } if (!isset($params['help'])) { $params['help'] = "cvs.html"; } echo ' | ' . help_button($params['help'], false, $Language->getText('global', 'help')); echo '</B>'; echo ' <hr width="300" size="1" align="left" noshade>'; }
function user_isadministrator() { if (user_isloggedin() and isset($_SESSION['type']) and $_SESSION['type'] == 0) { return true; } return false; }
function patch_header($params) { global $group_id, $DOCUMENT_ROOT; $params['toptab'] = 'patch'; $params['group'] = $group_id; //only projects can use the bug tracker, and only if they have it turned on $project = project_get_object($group_id); if (!$project->isProject()) { exit_error('Error', 'Only Projects Can Use The Patch Manager'); } if (!$project->usesPatch()) { exit_error('Error', 'This Project Has Turned Off The Patch Manager'); } site_project_header($params); echo '<P><B><A HREF="/patch/?func=addpatch&group_id=' . $group_id . '">Submit A Patch</A>'; if (user_isloggedin()) { echo ' | <A HREF="/patch/?func=browse&group_id=' . $group_id . '&set=my">My Patches</A>'; } echo ' | <A HREF="/patch/?func=browse&group_id=' . $group_id . '&set=open">Open Patches</A>'; if (user_isloggedin()) { echo ' | <A HREF="/patch/reporting/?group_id=' . $group_id . '">Reporting</A>'; } echo ' | <A HREF="/patch/admin/?group_id=' . $group_id . '">Admin</A>'; echo '</B>'; }
function bug_header($params) { global $group_id, $is_bug_page, $DOCUMENT_ROOT; //used so the search box will add the necessary element to the pop-up box $is_bug_page = 1; //required params for site_project_header(); $params['group'] = $group_id; $params['toptab'] = 'bugs'; $project = project_get_object($group_id); //only projects can use the bug tracker, and only if they have it turned on if (!$project->isProject()) { exit_error('Error', 'Only Projects Can Use The Bug Tracker'); } if (!$project->usesBugs()) { exit_error('Error', 'This Project Has Turned Off The Bug Tracker'); } echo site_project_header($params); echo '<P><B><A HREF="/bugs/?func=addbug&group_id=' . $group_id . '">Submit A Bug</A> | <A HREF="/bugs/?func=browse&group_id=' . $group_id . '&set=open">Open Bugs</A>'; if (user_isloggedin()) { echo ' | <A HREF="/bugs/?func=browse&group_id=' . $group_id . '&set=my">My Bugs</A>'; echo ' | <A HREF="/bugs/?func=modfilters&group_id=' . $group_id . '">Filters</A>'; echo ' | <A HREF="/bugs/reporting/?group_id=' . $group_id . '">Reporting</A>'; } echo ' | <A HREF="/bugs/admin/?group_id=' . $group_id . '">Admin</A></B>'; }
function feature_header($params) { global $group_id, $DOCUMENT_ROOT; //required by new site_project_header $params['group'] = $group_id; $params['toptab'] = 'feature'; //only projects can use the bug tracker, and only if they have it turned on $project = project_get_object($group_id); if (!$project->isProject()) { exit_error('Error', 'Only Projects Can Use The Feature Request Manager'); } if (!$project->usesFeature()) { exit_error('Error', 'This Project Has Turned Off The Feature Request Manager'); } site_project_header($params); echo '<P><B><A HREF="/feature/?func=addfeature&group_id=' . $group_id . '">Submit A Feature Request</A>'; if (user_isloggedin()) { echo ' | <A HREF="/feature/?func=browse&group_id=' . $group_id . '&set=my">My Feature Requests</A>'; } echo ' | <A HREF="/feature/?func=browse&group_id=' . $group_id . '&set=open">Open Feature Requests</A>'; if (user_isloggedin()) { echo ' | <A HREF="/feature/reporting/?group_id=' . $group_id . '">Reporting</A>'; } echo ' | <A HREF="/feature/admin/?group_id=' . $group_id . '">Admin</A>'; echo '</B><P>'; }
function support_header($params) { global $group_id, $DOCUMENT_ROOT; //required by new site_project_header $params['group'] = $group_id; $params['toptab'] = 'support'; //only projects can use the bug tracker, and only if they have it turned on $project = project_get_object($group_id); if (!$project->isProject()) { exit_error('Error', 'Only Projects Can Use The Tech Support Manager'); } if (!$project->usesSupport()) { exit_error('Error', 'This Project Has Turned Off The Tech Support Manager'); } site_project_header($params); echo '<P><B><A HREF="/support/?func=addsupport&group_id=' . $group_id . '">Submit A Request</A>'; if (user_isloggedin()) { echo ' | <A HREF="/support/?func=browse&group_id=' . $group_id . '&set=my">My Requests</A>'; } echo ' | <A HREF="/support/?func=browse&group_id=' . $group_id . '&set=open">Open Requests</A>'; if (user_isloggedin()) { echo ' | <A HREF="/support/reporting/?group_id=' . $group_id . '">Reporting</A>'; } echo ' | <A HREF="/support/admin/?group_id=' . $group_id . '">Admin</A>'; echo '</B>'; echo '<HR NoShade SIZE="1" SIZE="300">'; }
function svn_header($params) { global $group_id, $Language, $there_are_specific_permissions; $params['toptab'] = 'svn'; $params['group'] = $group_id; $project = ProjectManager::instance()->getProject($group_id); $service = $project->getService('svn'); if (!$service) { exit_error($Language->getText('global', 'error'), $Language->getText('svn_utils', 'svn_off')); } $toolbar = array(); $toolbar[] = array('title' => $Language->getText('svn_utils', 'svn_info'), 'url' => '/svn/?func=info&group_id=' . $group_id); if ($project->isPublic() || user_isloggedin()) { $toolbar[] = array('title' => $Language->getText('svn_utils', 'browse_tree'), 'url' => '/svn/viewvc.php/?roottype=svn&root=' . $project->getUnixName(false)); } if (user_isloggedin()) { $toolbar[] = array('title' => $Language->getText('svn_utils', 'my_ci'), 'url' => '/svn/?func=browse&group_id=' . $group_id . '&set=my'); $toolbar[] = array('title' => $Language->getText('svn_utils', 'svn_query'), 'url' => '/svn/?func=browse&group_id=' . $group_id); } if (user_ismember($group_id, 'A') || user_ismember($group_id, 'SVN_ADMIN')) { $toolbar[] = array('title' => $Language->getText('svn_utils', 'svn_admin'), 'url' => '/svn/admin/?group_id=' . $group_id); if (isset($params['path']) && !empty($params['path'])) { // TODO: Validate the path $toolbar[] = array('title' => $Language->getText('svn_utils', 'notif'), 'url' => '/svn/admin/?group_id=' . $group_id . '&func=notification&path=' . $params['path']); } } if (!isset($params['help']) || !$params['help']) { $params['help'] = "svn.html"; } $toolbar[] = array('title' => $Language->getText('global', 'help'), 'url' => 'javascript:help_window(\'' . get_server_url() . '/doc/' . UserManager::instance()->getCurrentUser()->getShortLocale() . '/user-guide/' . $params['help'] . '\');'); $service->displayHeader($params['title'], array(array('title' => $params['title'], 'url' => '/svn/?group_id=' . $group_id)), $toolbar); }
/** * return a resultset of Group for the current user * * @return resultset */ function getMemberGroups() { global $Language; if (!user_isloggedin()) { $this->setError($Language->getText('include_exit', 'perm_denied')); return false; } $sql = "SELECT g.group_id,g.group_name " . "FROM groups g, user_group ug " . "WHERE g.group_id <> 100 AND g.status = 'A' AND g.group_id = ug.group_id " . "AND ug.user_id=" . user_getid() . " " . "ORDER BY g.group_name ASC"; //echo $sql; $result = db_query($sql); $rows = db_numrows($result); if (!$result || $rows < 1) { $this->setError($Language->getText('include_common_groupfactory', 'none_found', db_error())); return false; } return $result; }
function pm_header($params) { global $group_id, $is_pm_page, $words, $group_project_id, $DOCUMENT_ROOT, $order; //required by site_project_header $params['group'] = $group_id; $params['toptab'] = 'pm'; //only projects can use the bug tracker, and only if they have it turned on $project = project_get_object($group_id); if (!$project->isProject()) { exit_error('Error', 'Only Projects Can Use The Task Manager'); } if (!$project->usesPm()) { exit_error('Error', 'This Project Has Turned Off The Task Manager'); } site_project_header($params); echo "<P><B>"; echo "<A HREF=\"/pm/?group_id={$group_id}\">Subproject List</A>"; $need_bar = 1; if ($group_project_id) { if (user_isloggedin()) { if ($need_bar) { echo ' | '; } echo "<A HREF=\"/pm/task.php?group_id={$group_id}&group_project_id={$group_project_id}&func=addtask\">Add Task</A>"; echo " | <A HREF=\"/pm/task.php?group_id={$group_id}&group_project_id={$group_project_id}&func=browse&set=my\">My Tasks</A>"; $need_bar = 1; } if ($need_bar) { echo ' | '; } echo "<A HREF=\"/pm/task.php?group_id={$group_id}&group_project_id={$group_project_id}&func=browse&set=open\">Browse Open Tasks</A>"; $need_bar = 1; } if (user_isloggedin()) { if ($need_bar) { echo ' | '; } echo '<A HREF="/pm/reporting/?group_id=' . $group_id . '">Reporting</A>'; $need_bar = 1; } if ($need_bar) { echo ' | '; } echo " <A HREF=\"/pm/admin/?group_id={$group_id}\">Admin</A>"; echo "</B>"; }
function people_add_to_skill_inventory($skill_id, $skill_level_id, $skill_year_id) { global $feedback, $Language; if (user_isloggedin()) { //check if they've already added this skill $sql = "SELECT * FROM people_skill_inventory WHERE user_id='" . user_getid() . "' AND skill_id='{$skill_id}'"; $result = db_query($sql); if (!$result || db_numrows($result) < 1) { //skill not already in inventory $sql = "INSERT INTO people_skill_inventory (user_id,skill_id,skill_level_id,skill_year_id) " . "VALUES ('" . user_getid() . "','{$skill_id}','{$skill_level_id}','{$skill_year_id}')"; $result = db_query($sql); if (!$result || db_affected_rows($result) < 1) { $feedback .= ' ' . $Language->getText('people_utils', 'error_inserting') . ' '; echo db_error(); } else { $feedback .= ' ' . $Language->getText('people_utils', 'added_skill') . ' '; } } else { $feedback .= ' ' . $Language->getText('people_utils', 'error_skill_already') . ' '; } } else { echo '<H1>' . $Language->getText('people_utils', 'must_be_loggin') . '</H1>'; } }
/** * Display the artifact * * @param ro: read only parameter - Display mode or update mode * @param pv: printer version * * @return void */ function displayCopy($ro, $pv) { global $art_field_fact, $art_fieldset_fact, $sys_max_size_attachment, $Language; $hp = Codendi_HTMLPurifier::instance(); $fields_per_line = 2; // the column number is the number of field per line * 2 (label + value) // + the number of field per line -1 (a blank column between each pair "label-value" to give more space) $columns_number = $fields_per_line * 2 + ($fields_per_line - 1); $max_size = 40; $group = $this->ArtifactType->getGroup(); $group_artifact_id = $this->ArtifactType->getID(); $group_id = $group->getGroupId(); $result_fields = $art_field_fact->getAllUsedFields(); $result_fieldsets = $art_fieldset_fact->getAllFieldSetsContainingUsedFields(); // Display submit informations if any if ($this->ArtifactType->getSubmitInstructions()) { echo $hp->purify(util_unconvert_htmlspecialchars($this->ArtifactType->getSubmitInstructions()), CODENDI_PURIFIER_FULL); } // Beginning of the submission form with fixed fields echo '<FORM ACTION="" METHOD="POST" enctype="multipart/form-data" NAME="artifact_form"> <INPUT TYPE="hidden" name="MAX_FILE_SIZE" value="' . $sys_max_size_attachment . '"> <INPUT TYPE="HIDDEN" NAME="func" VALUE="postcopy"> <INPUT TYPE="HIDDEN" NAME="group_id" VALUE="' . (int) $group_id . '"> <INPUT TYPE="HIDDEN" NAME="group_artifact_id" VALUE="' . (int) $group_artifact_id . '"> <INPUT TYPE="HIDDEN" NAME="atid" VALUE="' . (int) $group_artifact_id . '">'; echo '<TABLE><TR><TD class="artifact">'; $summary = $this->getValue('summary'); echo "<TABLE width='100%'><TR><TD>"; echo "<H2>[ " . $hp->purify($Language->getText('tracker_include_artifact', 'copy_of', $this->ArtifactType->getItemName() . " #" . $this->getID()) . " ] " . $summary, CODENDI_PURIFIER_CONVERT_HTML) . "</H2>"; echo "</TD></TR></TABLE>"; $html = ''; $pm = ProjectManager::instance(); $html .= ' <table width="100%"> <tr><td colspan="' . (int) $columns_number . '"><B>' . $Language->getText('tracker_include_artifact', 'group') . ':</B> ' . $hp->purify(util_unconvert_htmlspecialchars($pm->getProject($group_id)->getPublicName()), CODENDI_PURIFIER_CONVERT_HTML) . '</TD></tr>'; // Now display the variable part of the field list (depend on the project) foreach ($result_fieldsets as $fieldset_id => $result_fieldset) { // this variable will tell us if we have to display the fieldset or not (if there is at least one field to display or not) $display_fieldset = false; $fieldset_html = ''; $i = 0; $fields_in_fieldset = $result_fieldset->getAllUsedFields(); while (list($key, $field) = each($fields_in_fieldset)) { $field_html = new ArtifactFieldHtml($field); //echo $field_html->dumpStandard()."<br>"; // if the field is a special field (except summary and details) // then skip it. if ($field->userCanSubmit($group_id, $group_artifact_id) && (!$field->isSpecial() || $field->getName() == 'summary' || $field->getName() == 'details')) { // display the artifact field // if field size is greatest than max_size chars then force it to // appear alone on a new line or it won't fit in the page $display_fieldset = true; // For multi select box, we need to retrieve all the values if ($field->isMultiSelectBox()) { $field_value = $field->getValues($this->getID()); } else { if ($field->getName() == 'summary') { $field_value = '[' . $Language->getText('tracker_include_artifact', 'copy') . '] ' . $this->getValue($field->getName()); } else { $field_value = $this->getValue($field->getName()); } } list($sz, ) = explode("/", $field->getDisplaySize()); $label = $field_html->labelDisplay(false, false, !$ro); $value = $field_html->display($this->ArtifactType->getID(), $field_value, false, false, $ro); $star = $field->isEmptyOk() ? '' : '<span class="highlight"><big>*</big></b></span>'; // Details field must be on one row if ($sz > $max_size || $field->getName() == 'details') { $fieldset_html .= "\n<TR>" . '<TD valign="middle">' . $label . $star . '</td>' . '<TD valign="middle" colspan="' . ($columns_number - 1) . '">' . $value . '</TD>' . "\n</TR>"; $i = 0; } else { $fieldset_html .= $i % $fields_per_line ? '' : "\n<TR>"; $fieldset_html .= '<TD valign="middle">' . $label . $star . '</td>' . '<TD valign="middle">' . $value . '</TD>'; $i++; $fieldset_html .= $i % $fields_per_line ? '<td class="artifact_spacer"> </td>' : "\n</TR>"; } } } // while // We display the fieldset only if there is at least one field inside that we can display if ($display_fieldset) { $html .= '<TR><TD COLSPAN="' . (int) $columns_number . '"> </TD></TR>'; $html .= '<TR class="boxtitle"><TD class="left" COLSPAN="' . (int) $columns_number . '"> <span title="' . $hp->purify(SimpleSanitizer::unsanitize($result_fieldset->getDescriptionText()), CODENDI_PURIFIER_CONVERT_HTML) . '">' . $hp->purify(SimpleSanitizer::unsanitize($result_fieldset->getLabel()), CODENDI_PURIFIER_CONVERT_HTML) . '</span></TD></TR>'; $html .= $fieldset_html; } } $html .= '</TABLE>'; echo $this->_getSection('artifact_section_details', $Language->getText('tracker_include_artifact', 'details'), $html, true); // // Followups comments // $html = ''; $html .= '<div>'; if (!$ro) { if (db_numrows($this->ArtifactType->getCannedResponses())) { $html .= '<p><b>' . $Language->getText('tracker_include_artifact', 'use_canned') . '</b> '; $html .= $this->ArtifactType->cannedResponseBox(); $html .= '</p>'; } $field = $art_field_fact->getFieldFromName('comment_type_id'); if ($field && $field->isUsed() && db_numrows($field->getFieldPredefinedValues($group_artifact_id)) > 1) { $field_html = new ArtifactFieldHtml($field); $html .= '<P><B>' . $Language->getText('tracker_include_artifact', 'comment_type') . '</B>' . $field_html->fieldBox('', $group_artifact_id, $field->getDefaultValue(), true, $Language->getText('global', 'none')) . '<BR>'; } // This div id used just to show the toggle of html format $html .= '<DIV ID="follow_up_comment_label"></DIV>'; $html .= '<TEXTAREA NAME="follow_up_comment" id="tracker_artifact_comment" ROWS="10" style="width:700px;" WRAP="SOFT">'; $html .= $hp->purify($Language->getText('tracker_include_artifact', 'is_copy', array($this->ArtifactType->getItemName(), $this->ArtifactType->getItemName() . ' #' . $this->getID())), CODENDI_PURIFIER_CONVERT_HTML); $html .= '</TEXTAREA>'; } else { if ($pv == 0) { $html .= '<b>' . $Language->getText('tracker_include_artifact', 'add_comment') . '</b>'; $html .= '<DIV ID="follow_up_comment_label"></DIV>'; $html .= '<TEXTAREA NAME="follow_up_comment" id="tracker_artifact_comment" ROWS="10" style="width:700px;" WRAP="SOFT">' . $hp->purify($Language->getText('tracker_include_artifact', 'is_copy', array($this->ArtifactType->getItemName(), $this->ArtifactType->getItemName() . ' #' . $this->getID())), CODENDI_PURIFIER_CONVERT_HTML) . '</TEXTAREA>'; } } if (!user_isloggedin() && $pv == 0) { $html .= $Language->getText('tracker_include_artifact', 'not_logged_in', '/account/login.php?return_to=' . urlencode($_SERVER['REQUEST_URI'])); $html .= '<br><input type="text" name="email" maxsize="100" size="50"/><p>'; } $html .= '</div>'; $html .= "<br />"; $title = $Language->getText('tracker_include_artifact', 'follow_ups') . ' '; $title .= help_button('tracker-v3.html#comments'); echo $this->_getSection('artifact_section_followups', $title, $html, true); // // CC List // $html = ''; $html .= $Language->getText('tracker_include_artifact', 'fill_cc_list_msg'); $html .= $Language->getText('tracker_include_artifact', 'fill_cc_list_lbl'); $html .= '<textarea type="text" name="add_cc" id="tracker_cc" rows="2" cols="60" wrap="soft"></textarea>'; $html .= '<B> ' . $Language->getText('tracker_include_artifact', 'fill_cc_list_cmt') . ": </b>"; $html .= '<input type="text" name="cc_comment" size="40" maxlength="255">'; echo $this->_getSection('artifact_section_cc', $Language->getText('tracker_include_artifact', 'cc_list') . ' ' . help_button('tracker-v3.html#cc-list'), $html, true); // // File attachments // $html = ''; $html .= '<input type="file" name="input_file" size="40">'; $html .= $Language->getText('tracker_include_artifact', 'upload_file_msg', formatByteToMb($sys_max_size_attachment)); $html .= $Language->getText('tracker_include_artifact', 'upload_file_desc'); $html .= '<input type="text" name="file_description" size="60" maxlength="255">'; echo $this->_getSection('artifact_section_attachments', $Language->getText('tracker_include_artifact', 'attachment') . ' ' . help_button('tracker-v3.html#artifact-attachments'), $html, true); // // Artifact dependencies // $html = ' <P><B>' . $Language->getText('tracker_include_artifact', 'dependent_on') . '</B><BR> <P>'; if (!$ro) { $html .= ' <B>' . $Language->getText('tracker_include_artifact', 'aids') . '</B> <input type="text" name="artifact_id_dependent" size="20" maxlength="255" value="' . (int) $this->getID() . '"> <span style="color:#666">' . $Language->getText('tracker_include_artifact', 'fill') . '</span><p>'; } echo $this->_getSection('artifact_section_dependencies', $Language->getText('tracker_include_artifact', 'dependencies') . ' ' . help_button('tracker-v3.html#artifact-dependencies'), $html, true); // // Final submit button // echo '<p><B><span class="highlight">' . $Language->getText('tracker_include_artifact', 'check_already_submitted') . '</b></p>'; echo '<div style="text-align:center"><INPUT CLASS="btn btn-primary" TYPE="SUBMIT" NAME="SUBMIT" VALUE="' . $Language->getText('tracker_include_artifact', 'submit') . '"></div>'; echo '</td></tr>'; echo '</table>'; echo '</form>'; }
function outerTabs($params) { global $Language; $TABS_DIRS[] = '/'; $TABS_TITLES[] = $Language->getText('menu', 'home'); if (user_isloggedin()) { $TABS_DIRS[] = '/my/'; $TABS_TITLES[] = $Language->getText('menu', 'my_personal_page'); } if ($GLOBALS['sys_use_trove'] != 0) { $TABS_DIRS[] = '/softwaremap/'; $TABS_TITLES[] = $Language->getText('menu', 'projectree'); } if ($GLOBALS['sys_use_snippet'] != 0) { $TABS_DIRS[] = '/snippet/'; $TABS_TITLES[] = $Language->getText('menu', 'code_snippet'); } if (user_ismember(1, 'A')) { $TABS_DIRS[] = '/admin/'; $TABS_TITLES[] = $Language->getText('menu', 'admin'); } $TABS_DIRS[] = '/site/'; $TABS_TITLES[] = $Language->getText('include_layout', 'Help'); /* if (user_ismember($GLOBALS['sys_stats_group'])) { $TABS_DIRS[]='/reporting/'; $TABS_TITLES[]=$Language->getText('menu','reporting'); } */ $selected_top_tab = isset($params['selected_top_tab']) ? $params['selected_top_tab'] : ''; if (isset($params['group']) && $params['group']) { // get group info using the common result set $pm = ProjectManager::instance(); $project = $pm->getProject($params['group']); if ($project && is_object($project)) { if ($project->isError()) { } else { $selected = array_search("/softwaremap/", $TABS_DIRS); } } } else { if (strstr(getStringFromServer('REQUEST_URI'), '/my/') || strstr(getStringFromServer('REQUEST_URI'), '/themes/') || strstr(getStringFromServer('REQUEST_URI'), '/account/')) { $selected = array_search("/my/", $TABS_DIRS); } elseif (strstr(getStringFromServer('REQUEST_URI'), 'softwaremap')) { $selected = array_search("/softwaremap/", $TABS_DIRS); } elseif (strstr(getStringFromServer('REQUEST_URI'), '/snippet/')) { $selected = array_search("/snippet/", $TABS_DIRS); } elseif (strstr(getStringFromServer('REQUEST_URI'), '/site/')) { $selected = array_search("/site/", $TABS_DIRS); } elseif (strstr(getStringFromServer('REQUEST_URI'), '/reporting/')) { $selected = array_search('/reporting/', $TABS_DIRS); } elseif ((strstr(getStringFromServer('REQUEST_URI'), '/admin/') || $selected_top_tab == 'admin') && user_ismember(1, 'A')) { $selected = array_search('/admin/', $TABS_DIRS); } elseif ($selected_top_tab && array_search($selected_top_tab, $TABS_DIRS) !== FALSE) { $selected = array_search($selected_top_tab, $TABS_DIRS); } else { $selected = 0; } } echo $this->tabGenerator($TABS_DIRS, $TABS_TITLES, false, $selected, null, '100%'); }
/** * Format the changes * * @param changes: array of changes * @param $field_perm an array with the permission associated to each field. false to no check perms * @param $visible_change only needed when using permissions. Returns true if there is any change * that the user has permission to see * * @return string */ function formatChanges($changes, $field_perm, &$visible_change) { global $art_field_fact, $Language; $visible_change = false; $out_hdr = ''; $out = ''; $out_com = ''; $out_att = ''; reset($changes); $fmt = "%20s | %-25s | %s" . $GLOBALS['sys_lf']; if ($this->hasFieldPermission($field_perm, 'assigned_to') || $this->hasFieldPermission($field_perm, 'multi_assigned_to') || !isset($field_perm['assigned_to']) && !isset($field_perm['multi_assigned_to'])) { if (user_isloggedin()) { $user_id = user_getid(); $out_hdr = $Language->getText('tracker_include_artifact', 'changes_by') . ' ' . user_getrealname($user_id) . ' <' . user_getemail($user_id) . ">" . $GLOBALS['sys_lf'] . ""; $out_hdr .= $Language->getText('tracker_import_utils', 'date') . ': ' . format_date($GLOBALS['Language']->getText('system', 'datefmt'), time()) . ' (' . user_get_timezone() . ')'; } else { $out_hdr = $Language->getText('tracker_include_artifact', 'changes_by') . ' ' . $Language->getText('tracker_include_artifact', 'anon_user') . ' ' . $Language->getText('tracker_import_utils', 'date') . ': ' . format_date($GLOBALS['Language']->getText('system', 'datefmt'), time()); } } //Process special cases first: follow-up comment if (array_key_exists('comment', $changes) && $changes['comment']) { $visible_change = true; $out_com = $GLOBALS['sys_lf'] . $GLOBALS['sys_lf'] . "--------------- " . $Language->getText('tracker_include_artifact', 'add_flup_comment') . " ----------------" . $GLOBALS['sys_lf'] . ""; if (isset($changes['comment']['type']) && $changes['comment']['type'] != $Language->getText('global', 'none') && $changes['comment']['type'] != '') { $out_com .= "[" . $changes['comment']['type'] . "]" . $GLOBALS['sys_lf']; } $out_com .= $this->formatFollowUp(null, $changes['comment']['format'], $changes['comment']['add'], self::OUTPUT_MAIL_TEXT); unset($changes['comment']); } //Process special cases first: file attachment if (array_key_exists('attach', $changes) && $changes['attach']) { $visible_change = true; $out_att = "" . $GLOBALS['sys_lf'] . $GLOBALS['sys_lf'] . "--------------- " . $Language->getText('tracker_include_artifact', 'add_attachment') . " -----------------" . $GLOBALS['sys_lf'] . ""; $out_att .= sprintf($Language->getText('tracker_include_artifact', 'file_name') . " %-30s " . $Language->getText('tracker_include_artifact', 'size') . ":%d KB" . $GLOBALS['sys_lf'] . "", $changes['attach']['name'], intval($changes['attach']['size'] / 1024)); $out_att .= $changes['attach']['description'] . $GLOBALS['sys_lf'] . $changes['attach']['href']; unset($changes['attach']); } // All the rest of the fields now reset($changes); while (list($field_name, $h) = each($changes)) { // If both removed and added items are empty skip - Sanity check if ((isset($h['del']) && $h['del'] || isset($h['add']) && $h['add']) && $this->hasFieldPermission($field_perm, $field_name)) { $visible_change = true; $label = $field_name; $field = $art_field_fact->getFieldFromName($field_name); if ($field) { $label = $field->getLabel(); if (isset($h['del'])) { $h['del'] = SimpleSanitizer::unsanitize(util_unconvert_htmlspecialchars($h['del'])); } if (isset($h['add'])) { $h['add'] = SimpleSanitizer::unsanitize(util_unconvert_htmlspecialchars($h['add'])); } } $out .= sprintf($fmt, SimpleSanitizer::unsanitize($label), isset($h['del']) ? $h['del'] : "", isset($h['add']) ? $h['add'] : ""); } } // while if ($out) { $out = $GLOBALS['sys_lf'] . $GLOBALS['sys_lf'] . sprintf($fmt, $Language->getText('tracker_include_artifact', 'what') . ' ', $Language->getText('tracker_include_artifact', 'removed'), $Language->getText('tracker_include_artifact', 'added')) . "------------------------------------------------------------------" . $GLOBALS['sys_lf'] . $out; } return $out_hdr . $out . $out_com . $out_att; }
<?php // // SourceForge: Breaking Down the Barriers to Open Source Development // Copyright 1999-2000 (c) The SourceForge Crew // http://sourceforge.net // // $Id: edit_question.php,v 1.3 2003/11/27 15:05:42 helix Exp $ require 'pre.php'; require '../survey_utils.php'; $is_admin_page = 'y'; if ($group_id && $question_id) { if (!user_isloggedin() || !user_ismember($group_id, 'A')) { exit_permission_denied(); exit; } survey_header(array('title' => 'Edit A Question')); if ($post_changes) { $sql = "UPDATE survey_questions SET question='" . htmlspecialchars($question) . "', question_type='{$question_type}' where question_id='{$question_id}' AND group_id='{$group_id}'"; $result = db_query($sql); if (db_affected_rows($result) < 1) { $feedback .= ' UPDATE FAILED '; } else { $feedback .= ' UPDATE SUCCESSFUL '; } } $sql = "SELECT * FROM survey_questions WHERE question_id='{$question_id}' AND group_id='{$group_id}'"; $result = db_query($sql); if ($result) { $question = db_result($result, 0, "question"); $question_type = db_result($result, 0, "question_type");
function _getProjectTabs($toptab, &$project) { global $sys_default_domain; $pm = ProjectManager::instance(); $tabs = array(); $group_id = $project->getGroupId(); $user = UserManager::instance()->getCurrentUser(); if ($this->restrictedMemberIsNotProjectMember($user, $group_id)) { $allowed_services = array('summary'); $this->getEventManager()->processEvent(Event::GET_SERVICES_ALLOWED_FOR_RESTRICTED, array('allowed_services' => &$allowed_services)); } foreach ($project->getServicesData() as $short_name => $service_data) { if ((string) $short_name == "admin") { // for the admin service, we will check if the user is allowed to use the service // it means : 1) to be a super user, or // 2) to be project admin if (!user_is_super_user()) { if (!user_isloggedin()) { continue; // we don't include the service in the $tabs } else { if (!user_ismember($group_id, 'A')) { continue; // we don't include the service in the $tabs } } } } $permissions_overrider = PermissionsOverrider_PermissionsOverriderManager::instance(); if (!$this->isProjectSuperPublic($group_id) && $this->restrictedMemberIsNotProjectMember($user, $group_id) && !$permissions_overrider->doesOverriderAllowUserToAccessProject($user, $project)) { if (!in_array($short_name, $allowed_services)) { continue; } } if (!$service_data['is_used']) { continue; } if (!$service_data['is_active']) { continue; } $hp = Codendi_HTMLPurifier::instance(); // Get URL, and eval variables //$project->services[$short_name]->getUrl(); <- to use when service will be fully served by satellite if ($service_data['is_in_iframe']) { $link = '/service/?group_id=' . $group_id . '&id=' . $service_data['service_id']; } else { $link = $hp->purify($service_data['link']); } if ($group_id == 100) { if (strstr($link, '$projectname')) { // NOTE: if you change link variables here, change them also in src/common/project/RegisterProjectStep_Confirmation.class.php and src/www/project/admin/servicebar.php // Don't check project name if not needed. // When it is done here, the service bar will not appear updated on the current page $link = str_replace('$projectname', $pm->getProject($group_id)->getUnixName(), $link); } $link = str_replace('$sys_default_domain', $GLOBALS['sys_default_domain'], $link); if ($GLOBALS['sys_force_ssl']) { $sys_default_protocol = 'https'; } else { $sys_default_protocol = 'http'; } $link = str_replace('$sys_default_protocol', $sys_default_protocol, $link); $link = str_replace('$group_id', $group_id, $link); } $enabled = is_numeric($toptab) && $toptab == $service_data['service_id'] || $short_name && $toptab == $short_name; if ($short_name == 'summary') { $label = '<span>'; if (ForgeConfig::get('sys_display_project_privacy_in_service_bar')) { // Add a default tab to explain project privacy if ($project->isPublic()) { $privacy = 'public'; } else { $privacy = 'private'; } $privacy_text = $GLOBALS['Language']->getText('project_privacy', 'tooltip_' . $this->getProjectPrivacy($project)); $label .= '<span class="project-title-container project_privacy_' . $privacy . '" data-content="' . $privacy_text . '" data-placement="bottom">['; $label .= $GLOBALS['Language']->getText('project_privacy', $privacy); $label .= ']</span>'; $label .= ' '; } $label .= $hp->purify(util_unconvert_htmlspecialchars($project->getPublicName()), CODENDI_PURIFIER_CONVERT_HTML) . ' »</span>'; } else { $label = '<span title="' . $hp->purify($service_data['description']) . '">'; $label .= $hp->purify($service_data['label']) . '</span>'; } $name = $hp->purify($service_data['label']); $icon = $this->getServiceIcon($short_name); if (isset($service_data['icon'])) { $icon = $service_data['icon']; } $tabs[] = array('link' => $link, 'icon' => $icon, 'name' => $name, 'label' => $label, 'enabled' => $enabled, 'description' => $hp->purify($service_data['description']), 'id' => $hp->purify('sidebar-' . $short_name)); } return $tabs; }
<?php // // Copyright (c) Xerox Corporation, Codendi Team, 2001-2009. All rights reserved // // // // // Written for Codendi by Stephane Bouhet // //require_once('common/tracker/ArtifactFactory.class.php'); require_once 'include/ArtifactRulesManagerHtml.class.php'; // Check if a user can submit a new without loggin if (!user_isloggedin() && !$ath->allowsAnon()) { exit_not_logged_in(); return; } // Check if this tracker is valid (not deleted) if (!$ath->isValid()) { exit_error($Language->getText('global', 'error'), $Language->getText('tracker_add', 'invalid')); } // // make sure this person has permission to add artifacts // if (!$ath->userCanSubmit()) { exit_permission_denied(); } // Display the menus $ath->header(array('title' => $Language->getText('tracker_add', 'add_a') . " " . $ath->getCapsItemName(), 'titlevals' => array($ath->getName()), 'pagename' => 'tracker_browse', 'atid' => $ath->getID(), 'sectionvals' => array($group->getPublicName()), 'help' => 'ArtifactSubmission.html')); echo '<div id="tracker_toolbar_clear"></div>'; // Display the artifact items according to all the parameters
function isAvailable() { return user_isloggedin() ? true : false; }
<?php // ## export patches for a specific project include "pre.php"; header("Content-Type: text/plain"); print "<?xml version=\"1.0\"?>\n<!DOCTYPE bs_patches SYSTEM \"http://{$sys_default_host}/export/bs_patches_0.1.dtd\">\n<patches>\n"; if (!isset($group_id)) { print "\t<error>Group ID Not Set</error>\n"; } else { $project = group_get_object($group_id); if (!user_isloggedin()) { if (isset($login) && isset($passwd)) { $success = session_login_valid(strtolower($login), $passwd); if (!$success) { print " <error>Invalid Login and/or Password</error>\n"; print "</tasks>\n"; exit; } } else { print " <error>Login and/or Password missing</error>\n"; print "</tasks>\n"; exit; } } if (!$project->userIsAdmin()) { print " <error>You are not an administrator for this project</error>\n"; print "</bugs>\n"; exit; } $query = "SELECT \n\t\t\t\tp.*\n\t\t\t FROM \n\t\t\t\tpatch p\n\t\t\t WHERE \n\t\t\t\tp.group_id='{$group_id}'"; $res = db_query($query);
/** * session_require() - Convenience function to easily enforce permissions * * Calling page will terminate with error message if current user * fails checks. * * @param array Associative array specifying criteria * @return does not return if check is failed * */ function session_require($req) { if (!user_isloggedin()) { exit_not_logged_in(); //exit_permission_denied(); } if ($req['group']) { $group =& group_get_object($req['group']); if (!$group || !is_object($group)) { exit_error(_('Error'), _('Error creating group object')); } else { if ($group->isError()) { exit_error(_('Error'), $group->getErrorMessage()); } } $perm =& $group->getPermission(session_get_user()); if (!$perm || !is_object($perm)) { exit_error(_('Error'), _('Error creating permission object')); } else { if ($perm->isError()) { exit_error(_('Error'), $perm->getErrorMessage()); } } if ($req['admin_flags']) { //$query .= " AND admin_flags = '$req[admin_flags]'"; if (!$perm->isAdmin()) { exit_permission_denied(); } } else { if (!$perm->isMember()) { exit_permission_denied(); } } } else { if ($req['isloggedin']) { //no need to check as long as the check is present at top of function } else { exit_permission_denied(); } } }
function session_loggedin() { return user_isloggedin(); }
/** * Hook to admin graphic reports * Used in www/tracker/admin/index.php * * @param params:hook parameters */ function tracker_graphic_report_admin($params) { $request = HTTPRequest::instance(); if ($request->valid(new Valid_WhiteList('func', array('reportgraphic'))) && $request->valid(new Valid_UInt('atid'))) { $func = $request->get('func'); $atid = $request->get('atid'); if ($func == 'reportgraphic') { require_once 'html-generators/GraphicEngineHtml.class.php'; require_once 'data-access/GraphOnTrackers_Report.class.php'; if (!user_isloggedin()) { exit_not_logged_in(); return; } $user_id = UserManager::instance()->getCurrentUser()->getId(); $geh = new graphicEngineHtml($atid, $user_id, $this->getThemePath()); if ($request->exist('create_report_graphic') && $request->get('rep_name')) { if ($GLOBALS['ath']->userIsAdmin() && $request->valid(new Valid_WhiteList('rep_scope', array('P', 'I')))) { $rep_scope = $request->get('rep_scope'); } else { $rep_scope = 'I'; } if ($report = GraphOnTrackers_Report::create($atid, $user_id, $request->get('rep_name'), $request->get('rep_desc'), $rep_scope)) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'new_created_report')); $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $report->getGroupId() . '&atid=' . $report->getAtid() . '&report_graphic_id=' . $report->getId()); } } else { $report_graphic_id = $request->getValidated('report_graphic_id', 'uint', 0); $gr = new GraphOnTrackers_Report($report_graphic_id); if ($gr->getScope() != 'P' || $GLOBALS['ath']->userIsAdmin()) { if ($request->exist('update_report')) { if ($request->valid(new Valid_String('rep_name')) && $request->valid(new Valid_String('rep_desc')) && $request->valid(new Valid_WhiteList('rep_scope', array('I', 'P')))) { $rep_name = $request->get('rep_name'); $rep_desc = $request->get('rep_desc'); $rep_scope = $request->get('rep_scope'); if ($rep_name != $gr->getName() || $rep_desc != $gr->getDescription() || $rep_scope != $gr->getScope()) { $gr->setName($rep_name); $gr->setDescription($rep_desc); $gr->setScope($rep_scope); $gr->setUserId(UserManager::instance()->getCurrentUser()->getId()); if ($gr->update()) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report')); } else { $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'not_updated_report') . ': ' . $gr->getErrorMessage()); } } } } else { if (is_array($request->get('delete_chart'))) { $chart_id_to_delete = (int) key($request->get('delete_chart')); $gr->deleteChart($chart_id_to_delete); $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report')); $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $gr->getGroupId() . '&atid=' . $gr->getAtid() . '&report_graphic_id=' . $gr->getId()); } else { if ($request->exist('update_chart') && is_array($request->get('chart'))) { $row = $request->get('chart'); if (isset($row['id'])) { $chart_to_edit = $gr->getChart($row['id']); if ($chart_to_edit->update($row)) { $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'updated_report')); } } } else { if ($request->exist('edit_chart')) { $chart_to_edit = $gr->getChart((int) $request->get('edit_chart')); } else { if ($request->exist('add_chart')) { if ($chart = $gr->createChart($request->get('add_chart'))) { $GLOBALS['Response']->redirect('/tracker/admin/?func=reportgraphic&group_id=' . $gr->getGroupId() . '&atid=' . $gr->getAtid() . '&report_graphic_id=' . $gr->getId() . '&edit_chart=' . (int) $chart->getId()); } } else { if ($request->exist('delete_report_graphic')) { $gr->delete(); $report_graphic_id = null; $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'report_deleted')); } } } } } } } } $GLOBALS['ath']->adminHeader(array('title' => $GLOBALS['Language']->getText('plugin_graphontrackers_include_report', 'report_mgmt'), 'help' => 'TrackerAdministration.html#GraphTrackerReportSetting')); if ($request->exist('new_report_graphic')) { $geh->createReportForm(); } else { if ($report_graphic_id) { if (isset($chart_to_edit)) { $geh->showChartForm($chart_to_edit); } else { $geh->showReportForm($report_graphic_id); } } else { // Front page $reports = $geh->grf->getReportsAvailable($atid, user_getid()); $geh->showAvailableReports($reports); } } $GLOBALS['ath']->footer(null); exit; } } }
<?php // // SourceForge: Breaking Down the Barriers to Open Source Development // Copyright 1999-2000 (c) The SourceForge Crew // http://sourceforge.net // // $Id: index.php,v 1.3 2004/01/13 13:15:24 helix Exp $ require 'pre.php'; require '../forum/forum_utils.php'; if ($group_id) { forum_header(array('title' => 'Forums for ' . group_getname($group_id))); if (user_isloggedin() && user_ismember($group_id)) { $public_flag = '0,1'; } else { $public_flag = '1'; } $sql = "SELECT g.group_forum_id,g.forum_name, g.description, count(*) as total " . " FROM forum_group_list g " . " LEFT JOIN forum f USING (group_forum_id) " . " WHERE g.group_id='{$group_id}' AND g.is_public IN ({$public_flag})" . " group by g.group_forum_id, g.forum_name, g.description"; //echo "<p>$sql\n"; $result = db_query($sql); $rows = db_numrows($result); if (!$result || $rows < 1) { echo '<H1>No forums found for ' . group_getname($group_id) . '</H1>'; echo db_error(); forum_footer(array()); exit; } echo '<H2>Discussion Forums</H2> <P>Choose a forum and you can browse, search, and post messages.<P>'; /* Put the result set (list of forums for this group) into a column with folders
//require_once('common/include/Error.class.php'); //require_once('common/tracker/ArtifactField.class.php'); //require_once('include/ArtifactFieldHtml.class.php'); //require_once('common/tracker/ArtifactFieldFactory.class.php'); require_once 'include/ArtifactRulesManagerHtml.class.php'; // Check if this tracker is valid (not deleted) if (!$ath->isValid()) { exit_error($Language->getText('global', 'error'), $Language->getText('tracker_add', 'invalid')); } // Create factories $art_field_fact = new ArtifactFieldFactory($ath); $art_fieldset_fact = new ArtifactFieldSetFactory($ath); // Printer version ? if (!$request->exist('pv')) { $pv = false; $ro = !user_isloggedin(); } else { $pv = $request->get('pv'); if ($pv) { $ro = true; } } $GLOBALS['HTML']->addFeed($group->getPublicName() . ' ' . $ath->getName() . ' #' . $ah->getId() . ' - ' . html_entity_decode($ah->getValue('summary'), ENT_QUOTES) . ' - ' . $Language->getText('tracker_include_artifact', 'follow_ups'), '/tracker/?func=rss&aid=' . (int) $ah->getId() . '&atid=' . (int) $ath->getID() . '&group_id=' . (int) $group->getGroupId()); $params = array('title' => $group->getPublicName() . ' ' . $ath->getName() . ' #' . $ah->getID() . ' - \'' . $ah->getSummary() . '\'', 'pagename' => 'tracker', 'atid' => $ath->getID(), 'sectionvals' => array($group->getPublicName()), 'pv' => $pv, 'help' => 'tracker-v3.html#new-artifact-submission'); $ath->header($params); // artifact object (and field values) initialized in script above (index.php) $ah->display($ro, $pv, user_getid()); echo '<script type="text/javascript">' . "\n"; $armh = new ArtifactRulesManagerHtml($ath); $armh->displayRulesAsJavascript(); echo "Event.observe(window, 'load', function() {\n if (\$('tracker_details')) {\n new com.xerox.codendi.FieldEditor('tracker_details', {\n edit: '" . addslashes($Language->getText('tracker_fieldeditor', 'edit')) . "',\n preview: '" . addslashes($Language->getText('tracker_fieldeditor', 'preview')) . "',\n warning: '" . addslashes($Language->getText('tracker_fieldeditor', 'warning')) . "',\n group_id:" . (int) $ath->getGroupId() . "\n });\n }\n});";
<?php require_once "../common.inc"; # $Id: addpolicy.php,v 1.15 2006/10/23 17:16:38 publicwhip Exp $ # The Public Whip, Copyright (C) 2003 Francis Irving and Julian Todd # This is free software, and you are welcome to redistribute it under # certain conditions. However, it comes with ABSOLUTELY NO WARRANTY. # For details see the file LICENSE.html in the top level of the source. require_once "../database.inc"; require_once "user.inc"; require_once "../db.inc"; require_once "../cache-tools.inc"; require_once "../dream.inc"; $just_logged_in = do_login_screen(); if (user_isloggedin()) { $name = db_scrub($_POST["name"]); $description = db_scrub($_POST["description"]); $submit = db_scrub($_POST["submit"]); $ok = false; if ($submit && !$just_logged_in) { if ($name == "" or $description == "") { $feedback = "Please name your policy, and give a definition."; } else { $db = new DB(); $ret = $db->query_errcheck("insert into pw_dyn_dreammp (name, user_id, description, private) values\n ('{$name}', '" . user_getid() . "', '{$description}', 2)"); if ($ret) { $new_dreamid = mysql_insert_id(); $ok = true; $feedback = "Successfully made new policy <a href=\"/policy.php?id={$new_dreamid}\">" . html_scrub($name) . "</a>. To \n select votes for your new policy, <a href=\"../search.php\">search</a> or\n <a href=\"../divisions.php\">browse</a> for divisions. On the page for\n each division you can choose how somebody supporting your policy would have voted."; if (user_getid()) { $db->query("update pw_dyn_user set active_policy_id = {$new_dreamid} where user_id = " . user_getid());
<?php // // SourceForge: Breaking Down the Barriers to Open Source Development // Copyright 1999-2000 (c) The SourceForge Crew // http://sourceforge.net // // require_once 'pre.php'; require_once '../svn/svn_data.php'; $vFunc = new Valid_WhiteList('func', array('detailrevision', 'browse', 'info')); $vGroupId = new Valid_UInt('group_id'); $vGroupId->required(); $there_are_specific_permissions = true; if ($request->valid($vGroupId)) { $pm = ProjectManager::instance(); $obj = $pm->getProject($request->get('group_id')); $group_name = $obj->getUnixName(false); } if ($request->valid($vFunc) && $request->get('func') === 'detailrevision' && user_isloggedin()) { $there_are_specific_permissions = svn_utils_is_there_specific_permission($group_name); require './detail_revision.php'; } else { if (user_isloggedin() && ($request->valid($vFunc) && $request->get('func') === 'browse' || $request->existAndNonEmpty('rev_id'))) { $there_are_specific_permissions = svn_utils_is_there_specific_permission($group_name); require './browse_revision.php'; } else { require './svn_intro.php'; } }
/** * create - create a new item in the database. * * @para string Filename of the item. * @param string Item filetype. * @param string Item filesize. * @param binary Binary item data. * @param string Item description. * @return id on success / false on failure. */ function create($filename, $filetype, $filesize, $bin_data, $description = false, &$changes) { global $Language; if (!$description) { $description = $Language->getText('global', 'none'); } $old_value = $this->Artifact->getAttachedFileNames(); // Some browsers don't supply mime type if they don't know it if (!$filetype) { // Let's be on safe side? $filetype = 'application/octet-stream'; } // // data validation // if (!$filename || !$filetype || !$filesize || !$bin_data) { $GLOBALS['Response']->addFeedback('error', '<P>|' . $filename . '|' . $filetype . '|' . $filesize . '|' . $bin_data . '|'); $this->setError('ArtifactFile: ' . $Language->getText('tracker_common_file', 'name_requ')); return false; } if (user_isloggedin()) { $userid = user_getid(); } else { $userid = 100; } $res = db_query("INSERT INTO artifact_file\n\t\t\t(artifact_id,description,bin_data,filename,filesize,filetype,adddate,submitted_by)\n\t\t\tVALUES \n\t\t\t('" . db_ei($this->Artifact->getID()) . "','" . db_es($description) . "','" . db_es($bin_data) . "','" . db_es($filename) . "',\n\t\t\t'" . db_ei($filesize) . "','" . db_es($filetype) . "','" . time() . "','" . db_ei($userid) . "')"); $id = db_insertid($res, 'artifact_file', 'id'); if (!$res || !$id) { $this->setError('ArtifactFile: ' . db_error()); return false; } else { $this->clearError(); $changes['attach']['description'] = $description; $changes['attach']['name'] = $filename; $changes['attach']['size'] = $filesize; if ($old_value == '') { $new_value = $filename; } else { $new_value = $old_value . "," . $filename; } $this->Artifact->addHistory('attachment', $old_value, $new_value); $changes['attach']['href'] = get_server_url() . "/tracker/download.php?artifact_id=" . $this->Artifact->getID() . "&id={$id}"; return $id; } }
function outerTabs($params) { global $Language, $sys_use_trove, $sys_use_snippet; $selected_top_tab = ''; if (isset($params['selected_top_tab'])) { $selected_top_tab = $params['selected_top_tab']; } $menuTree = new TreeNode(); $sthSelected = false; $menuTree->addChild(new TreeNode(array('link' => '/', 'title' => $Language->getText('menu', 'home')))); // We need to keep a reference on this node in order to set the // selected value in the data. See bottom of this function. $homeNode =& $menuTree->getChild(0); if (user_isloggedin()) { $selected = isset($params['selected_top_tab']) && $params['selected_top_tab'] == '/my/' || strstr(getStringFromServer('REQUEST_URI'), '/my/') || strstr(getStringFromServer('REQUEST_URI'), '/account/'); $sthSelected = $sthSelected || $selected; $mynode = new TreeNode(array('link' => '/my/', 'title' => $Language->getText('menu', 'my_personal_page'), 'selected' => $selected)); if ($selected) { $selected = isset($params['selected_top_tab']) && $params['selected_top_tab'] == '/my/' || (bool) strstr(getStringFromServer('REQUEST_URI'), '/my/'); $mynode->addChild(new TreeNode(array('link' => '/my/', 'title' => $Language->getText('my_index', 'my_dashboard'), 'selected' => $selected))); $selected = (bool) strstr(getStringFromServer('REQUEST_URI'), '/account/'); $mynode->addChild(new TreeNode(array('link' => '/account/', 'title' => $Language->getText('my_index', 'account_maintenance'), 'selected' => $selected))); } $menuTree->addChild($mynode); } else { $selected = (bool) strstr(getStringFromServer('REQUEST_URI'), '/my/'); $sthSelected = $sthSelected || $selected; $menuTree->addChild(new TreeNode(array('link' => '/my/', 'title' => $Language->getText('menu', 'my_personal_page'), 'selected' => $selected))); } if ($GLOBALS['sys_use_trove'] != 0 || isset($params['group']) && $params['group']) { $selected = false; if (isset($params['group']) && $params['group']) { // get group info using the common result set $pm = ProjectManager::instance(); $project = $pm->getProject($params['group']); if ($project && is_object($project)) { if ($project->isError()) { die('is error'); } else { $sthSelected = true; $projTree = $this->project_tabs($params['toptab'], $params['group']); $projTree->setData(array('link' => '/softwaremap/', 'title' => $Language->getText('menu', 'projectree'), 'selected' => true)); //'link'=>'/projects/'.$project->getUnixName().'/' //,'title'=>$project->getPublicName() //,'selected' => true)); $menuTree->addChild($projTree); } } } else { $selected = (bool) strstr(getStringFromServer('REQUEST_URI'), 'softwaremap'); $sthSelected = $sthSelected || $selected; $menuTree->addChild(new TreeNode(array('link' => '/softwaremap/', 'title' => $Language->getText('menu', 'projectree'), 'selected' => $selected))); } } if ($GLOBALS['sys_use_snippet'] != 0) { $selected = (bool) strstr(getStringFromServer('REQUEST_URI'), '/snippet/'); $sthSelected = $sthSelected || $selected; $menuTree->addChild(new TreeNode(array('link' => '/snippet/', 'title' => $Language->getText('menu', 'code_snippet'), 'selected' => $selected))); } if (user_ismember(1, 'A')) { $selected = strpos(getStringFromServer('REQUEST_URI'), '/admin/') === 0 || $selected_top_tab === 'admin'; $sthSelected = $sthSelected || $selected; $menuTree->addChild(new TreeNode(array('link' => '/admin/', 'title' => $Language->getText('menu', 'admin'), 'selected' => $selected))); } $selected = (bool) (strstr(getStringFromServer('REQUEST_URI'), '/site/') || $selected_top_tab === 'site'); $sthSelected = $sthSelected || $selected; $menuTree->addChild(new TreeNode(array('link' => '/site/', 'title' => $Language->getText('include_layout', 'Help'), 'selected' => $selected))); $additional_tabs = array(); include $GLOBALS['Language']->getContent('layout/extra_tabs', null, null, '.php'); foreach ($additional_tabs as $t) { $sthSelected = $sthSelected || $t['selected']; $menuTree->addChild(new TreeNode($t)); } // Set selected value for 'home' link (this is the selected tab // if no other was previously selected) $homeNodeData =& $homeNode->getData(); $homeNodeData['selected'] = !$sthSelected; $buildMenuVisitor = new BuildMenuVisitor(); $menuTree->accept($buildMenuVisitor); echo $buildMenuVisitor->getHtml(); }