<?php
/*
This script is the AJAX callback that deletes a user's saved search
*/
define('IN_FS', true);
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
$user = new User(Cookie::val('flyspray_userid'));
$user->check_account_ok();
$db->Query('DELETE FROM {searches} WHERE id = ? AND user_id = ?', array(Get::num('id'), $user->id));
}
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Remove the folder ' . DIRECTORY_SEPARATOR . 'setup</a> before you start using Flyspray</p>
');
}
// Any "do" mode that accepts a task_id or id field should be added here.
if (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) {
if (Req::num('task_id')) {
$result = $db->Query('SELECT project_id
FROM {tasks} WHERE task_id = ?', array(Req::num('task_id')));
$project_id = $db->FetchOne($result);
}
}
if (!isset($project_id)) {
// Determine which project we want to see
if (($project_id = Cookie::val('flyspray_project')) == '') {
$project_id = $fs->prefs['default_project'];
}
$project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);
# no more project cookie!
#$proj->setCookie();
} elseif (Req::has('show') || Req::has('switch') && $do == 'details' || $do == 'newtask' && Req::val('project') == '0') {
$do = 'index';
} elseif (Req::has('code')) {
$_SESSION['oauth_provider'] = 'microsoft';
$do = 'oauth';
} elseif (Req::has('do') && Req::val('do') == 'tasklist') {
$do = 'index';
}
// supertask_id for add new sub-task
$supertask_id = 0;
if (Req::has('supertask')) {
$supertask_id = Req::val('supertask');
}
/* permission stuff */
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
$user = new User(Cookie::val('flyspray_userid'), $proj);
$user->check_account_ok();
$user->save_search($do);
} else {
$user = new User(0, $proj);
}
if (Get::val('getfile')) {
// If a file was requested, deliver it
$result = $db->Query("SELECT t.project_id,\n a.orig_name, a.file_name, a.file_type, t.*\n FROM {attachments} a\n INNER JOIN {tasks} t ON a.task_id = t.task_id\n WHERE attachment_id = ?", array(Get::val('getfile')));
$task = $db->FetchRow($result);
list($proj_id, $orig_name, $file_name, $file_type) = $task;
// Check if file exists, and user permission to access it!
if (!is_file(BASEDIR . "/attachments/{$file_name}")) {
header('HTTP/1.1 410 Gone');
echo 'File does not exist anymore.';
exit;
public function check_account_ok()
{
global $conf, $baseurl;
// Anon users are always OK
if ($this->isAnon()) {
return;
}
$saltedpass = crypt($this->infos['user_pass'], $conf['general']['cookiesalt']);
if (Cookie::val('flyspray_passhash') !== $saltedpass || !$this->infos['account_enabled'] || !$this->perms('group_open', 0)) {
$this->logout();
Flyspray::Redirect($baseurl);
}
}
$project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);
// reset do for default project level entry page
if (!in_array($do, $modes)) {
$do = $do ? Req::enum('do', $modes, $proj->prefs['default_entry']) : $proj->prefs['default_entry'];
}
$proj->setCookie();
$user = new User($uid = 0);
// verify and initiate user
$auth = new FlysprayAuth();
if (Post::val('user_name') && Post::has('password')) {
$uid = $auth->checkLogin(Post::val('user_name'), Post::val('password'));
if (is_array($uid)) {
FlysprayDo::error($uid);
}
} else {
if (Cookie::val('flyspray_userid') && $auth->checkCookie(Cookie::val('flyspray_userid'), Cookie::val('flyspray_passhash'))) {
$uid = Cookie::val('flyspray_userid');
}
}
$user = new User($uid);
// Load translations
load_translations();
function debuglog($str)
{
$file = fopen("debug.log", "a+");
fwrite($file, $str . "\n");
fflush($file);
fclose($file);
}
