/**
* Ensure that the specified user has billing reporting access to the specified project.
*
* @param integer $p_project_id The project id or null for current project.
* @param integer $p_user_id The user id or null for logged in user.
*/
function billing_ensure_reporting_access($p_project_id = null, $p_user_id = null)
{
if (config_get('time_tracking_enabled') == OFF) {
trigger_error(ERROR_ACCESS_DENIED, ERROR);
}
access_ensure_project_level(config_get('time_tracking_reporting_threshold'), $p_project_id, $p_user_id);
}
function bugCreateHelper($reproducibility, $severity, $priority, $summary, $description, $project_id, $reporter_id)
{
# Change this path to point to the Mantis installation core.php file
require_once '../core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'bug_api.php';
access_ensure_project_level(config_get('report_bug_threshold'));
$t_bug_data = new BugData();
$t_bug_data->view_state = config_get('default_bug_view_status');
$t_bug_data->reproducibility = $reproducibility;
$t_bug_data->severity = $severity;
$t_bug_data->priority = $priority;
$t_bug_data->summary = $summary;
$t_bug_data->description = $description;
$t_bug_data->project_id = $project_id;
$t_bug_data->reporter_id = user_get_id_by_name($reporter_id);
if ($t_bug_data->reporter_id == "") {
$tmp = "Reported by: " . $reporter_id . "\n---------------------------------------------------\n\n";
$tmp .= $t_bug_data->description;
$t_bug_data->description = $tmp;
}
$t_bug_data->summary = trim($t_bug_data->summary);
# Create the bug
$t_bug_id = bug_create($t_bug_data);
email_new_bug($t_bug_id);
return $t_bug_id;
}
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier or ALL_PROJECTS.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
db_param_push();
if (ALL_PROJECTS != $p_project_id) {
access_ensure_project_level(config_get('view_bug_threshold'), $p_project_id);
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_ids = user_get_all_accessible_projects();
$t_project_where = ' AND b.project_id in (' . implode(', ', $t_project_ids) . ')';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.project_id project_id, c.name bug_category, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt, {category} c
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id AND c.id=b.category_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
$t_access_level_required = config_get('time_tracking_view_threshold');
while ($t_row = db_fetch_array($t_result)) {
if (!access_has_bugnote_level($t_access_level_required, $t_row['id'])) {
continue;
}
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
$t_dst_project_id = $f_other_project_id;
} else {
trigger_error(ERROR_GENERIC, ERROR);
}
}
# only admins can set global defaults.for ALL_PROJECT
if ($f_manage_page && $t_dst_project_id == ALL_PROJECTS && !current_user_is_administrator()) {
access_denied();
}
# only MANAGERS can set global defaults.for a project
if ($f_manage_page && $t_dst_project_id != ALL_PROJECTS) {
access_ensure_project_level(MANAGER, $t_dst_project_id);
}
# user should only be able to set columns for a project that is accessible.
if ($t_dst_project_id != ALL_PROJECTS) {
access_ensure_project_level(VIEWER, $t_dst_project_id);
}
# Calculate the user id to set the configuration for.
if ($f_manage_page) {
$t_user_id = NO_USER;
} else {
$t_user_id = auth_get_current_user_id();
}
$t_all_columns = columns_get_all();
$t_default = null;
$t_view_issues_page_columns = config_get('view_issues_page_columns', $t_default, $t_user_id, $t_src_project_id);
$t_view_issues_page_columns = columns_remove_invalid($t_view_issues_page_columns, $t_all_columns);
$t_print_issues_page_columns = config_get('print_issues_page_columns', $t_default, $t_user_id, $t_src_project_id);
$t_print_issues_page_columns = columns_remove_invalid($t_print_issues_page_columns, $t_all_columns);
$t_csv_columns = config_get('csv_columns', $t_default, $t_user_id, $t_src_project_id);
$t_csv_columns = columns_remove_invalid($t_csv_columns, $t_all_columns);
* @uses news_api.php
* @uses print_api.php
* @uses string_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('news_api.php');
require_api('print_api.php');
require_api('string_api.php');
news_ensure_enabled();
access_ensure_project_level(VIEWER);
html_page_top();
?>
<br />
<?php
# Select the news posts
$rows = news_get_rows(helper_get_current_project());
$t_count = count($rows);
if ($t_count > 0) {
?>
<ul><?php
# Loop through results
for ($i = 0; $i < $t_count; $i++) {
extract($rows[$i], EXTR_PREFIX_ALL, 'v');
if (VS_PRIVATE == $v_view_state && !access_has_project_level(config_get('private_news_threshold'), $v_project_id)) {
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
form_security_validate('manage_proj_subproj_delete');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_subproject_id = gpc_get_int('subproject_id');
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
project_hierarchy_remove($f_subproject_id, $f_project_id);
form_security_purge('manage_proj_subproj_delete');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom();
require_once 'core.php';
$t_core_path = config_get('core_path');
# helper_ensure_post();
$f_user_id = gpc_get_int('user_id');
$f_project_id = gpc_get_int('project_id');
$f_config_option = gpc_get_string('config_option');
$f_type = gpc_get_string('type');
$f_value = gpc_get_string('value');
if (is_blank($f_config_option)) {
error_parameters('config_option');
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
if ($f_project_id == ALL_PROJECTS) {
access_ensure_global_level(config_get('set_configuration_threshold'));
} else {
access_ensure_project_level(config_get('set_configuration_threshold'), $f_project_id);
}
# make sure that configuration option specified is a valid one.
$t_not_found_value = '***CONFIG OPTION NOT FOUND***';
if (config_get_global($f_config_option, $t_not_found_value) === $t_not_found_value) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_NOT_FOUND, ERROR);
}
# make sure that configuration option specified can be stored in the database
if (!config_can_set_in_database($f_config_option)) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_CANT_BE_SET_IN_DB, ERROR);
}
if ($f_type === 'default') {
$t_config_global_value = config_get_global($f_config_option);
if (is_string($t_config_global_value)) {
function helper_project_specific_where($p_project_id, $p_user_id = null)
{
if (null === $p_user_id) {
$p_user_id = auth_get_current_user_id();
}
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
foreach ($t_topprojects as $t_project) {
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
}
$t_project_ids = array_unique($t_project_ids);
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
$t_project_ids = array_map('db_prepare_int', $t_project_ids);
if (0 == count($t_project_ids)) {
$t_project_filter = ' 1<>1';
} elseif (1 == count($t_project_ids)) {
$t_project_filter = ' project_id=' . $t_project_ids[0];
} else {
$t_project_filter = ' project_id IN (' . join(',', $t_project_ids) . ')';
}
return $t_project_filter;
}
* @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*
* @uses core.php
* @uses access_api.php
* @uses config_api.php
* @uses constant_inc.php
* @uses html_api.php
* @uses lang_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('html_api.php');
require_api('lang_api.php');
if (!config_get('time_tracking_enabled')) {
trigger_error(ERROR_ACCESS_DENIED, ERROR);
}
access_ensure_project_level(config_get('time_tracking_reporting_threshold'));
html_page_top(lang_get('time_tracking_billing_link'));
?>
<br />
<?php
# Work break-down
define('BILLING_INC_ALLOW', true);
include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'billing_inc.php';
html_page_bottom();
* @uses lang_api.php
* @uses print_api.php
* @uses string_api.php
* @uses utility_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
require_api('utility_api.php');
html_page_top();
access_ensure_project_level(config_get('create_permalink_threshold'));
$f_url = string_sanitize_url(gpc_get_string('url'));
?>
<div>
<p>
<?php
echo lang_get('filter_permalink'), '<br />';
$t_safe_url = string_display_line($f_url);
echo "<a href=\"{$t_safe_url}\">{$t_safe_url}</a></p>";
$t_create_short_url = config_get('create_short_url');
if (!is_blank($t_create_short_url)) {
print_bracket_link(sprintf($t_create_short_url, $f_url), lang_get('create_short_link'), true);
}
?>
</div>
<?php
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
# Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net
# This program is distributed under the terms and conditions of the GPL
# See the README and LICENSE files for details
# --------------------------------------------------------
# $Id: manage_proj_ver_delete.php,v 1.22 2004/12/14 20:37:07 marcelloscata Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'version_api.php';
$f_version_id = gpc_get_int('version_id');
$t_version_info = version_get($f_version_id);
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $t_version_info->project_id;
access_ensure_project_level(config_get('manage_project_threshold'), $t_version_info->project_id);
# Confirm with the user
helper_ensure_confirmed(lang_get('version_delete_sure') . '<br/>' . lang_get('version') . ': ' . $t_version_info->version, lang_get('delete_version_button'));
version_remove($f_version_id);
html_page_top1();
html_meta_redirect($t_redirect_url);
html_page_top2();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
foreach ($t_topprojects as $t_project) {
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
}
$t_project_ids = array_unique($t_project_ids);
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
return $t_project_ids;
}
<?php
# Copyright (c) 2012 John Reese
# Licensed under the MIT license
access_ensure_project_level(plugin_config_get('update_threshold'));
$f_changeset_id = gpc_get_int('id');
$t_changeset = SourceChangeset::load($f_changeset_id);
$t_repos = SourceRepo::load_by_changesets($t_changeset);
if (count($t_repos) < 1) {
trigger_error(ERROR_GENERIC, ERROR);
}
$t_repo = array_shift($t_repos);
$t_repo->load_branches();
if (plugin_config_get('enable_porting')) {
$f_ported = gpc_get_string('ported', '');
if (0 == $f_ported || in_array($f_ported, $t_repo->branches)) {
$t_changeset->ported = $f_ported;
}
}
$t_changeset->save();
print_successful_redirect(plugin_page('view', true) . '&id=' . $t_changeset->id);
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'email_api.php';
form_security_validate('manage_config_email_set');
auth_reauthenticate();
$t_can_change_level = min(config_get_access('notify_flags'), config_get_access('default_notify_flags'));
access_ensure_project_level($t_can_change_level);
$t_redirect_url = 'manage_config_email_page.php';
$t_project = helper_get_current_project();
$f_flags = gpc_get('flag', array());
$f_thresholds = gpc_get('flag_threshold', array());
$f_actions_access = gpc_get_int('notify_actions_access');
html_page_top(lang_get('manage_email_config'), $t_redirect_url);
$t_access = current_user_get_access_level();
$t_can_change_flags = $t_access >= config_get_access('notify_flags');
$t_can_change_defaults = $t_access >= config_get_access('default_notify_flags');
# build a list of the possible actions and flags
$t_valid_actions = array('owner', 'reopened', 'deleted', 'bugnote');
if (config_get('enable_sponsorship') == ON) {
$t_valid_actions[] = 'sponsor';
}
$t_valid_actions[] = 'relation';
require_api('constant_inc.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('news_api.php');
require_api('print_api.php');
news_ensure_enabled();
$f_news_id = gpc_get_int('news_id', null);
html_page_top();
?>
<?php
if ($f_news_id !== null) {
$t_project_id = news_get_field($f_news_id, 'project_id');
if (news_is_private($f_news_id)) {
access_ensure_project_level(config_get('private_news_threshold'), $t_project_id);
} else {
access_ensure_project_level(config_get('view_bug_threshold', null, null, $t_project_id), $t_project_id);
}
print_news_string_by_news_id($f_news_id);
}
?>
<div id="news-menu">
<?php
print_bracket_link('news_list_page.php', lang_get('archives'));
?>
</div>
<?php
html_page_bottom();
/**
* retun an array of sub-project IDs of all project to which the user has access
* @param integer $p_user_id A valid user identifier.
* @param integer $p_project_id A valid project identifier.
* @return array
*/
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = user_get_accessible_projects($p_user_id);
# Cover the case for PHP < 5.4 where array_combine() returns
# false and triggers warning if arrays are empty (see #16187)
if (empty($t_topprojects)) {
return array();
}
# Create a combined array where key = value
$t_project_ids = array_combine($t_topprojects, $t_topprojects);
# Add all subprojects user has access to
foreach ($t_topprojects as $t_project) {
$t_subprojects_ids = user_get_all_accessible_subprojects($p_user_id, $t_project);
foreach ($t_subprojects_ids as $t_id) {
$t_project_ids[$t_id] = $t_id;
}
}
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
return $t_project_ids;
}
* @uses gpc_api.php
* @uses print_api.php
* @uses project_api.php
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
require_api('project_api.php');
form_security_validate('manage_proj_user_add');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_user_id = gpc_get_int_array('user_id', array());
$f_access_level = gpc_get_int('access_level');
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('project_user_threshold'), $f_project_id);
# Add user(s) to the current project
foreach ($f_user_id as $t_user_id) {
project_add_user($f_project_id, $t_user_id, $f_access_level);
}
form_security_purge('manage_proj_user_add');
print_header_redirect('manage_proj_edit_page.php?project_id=' . $f_project_id);
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: news_delete.php,v 1.23.18.1 2007-10-13 22:34:02 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'news_api.php';
form_security_validate('news_delete');
$f_news_id = gpc_get_int('news_id');
$row = news_get_row($f_news_id);
# This check is to allow deleting of news items that were left orphan due to bug #3723
if (project_exists($row['project_id'])) {
access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']);
}
helper_ensure_confirmed(lang_get('delete_news_sure_msg'), lang_get('delete_news_item_button'));
news_delete($f_news_id);
form_security_purge('news_delete');
$t_redirect_url = 'news_menu_page.php';
html_page_top1();
html_meta_redirect($t_redirect_url);
html_page_top2();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
require_api('user_api.php');
form_security_validate('manage_proj_user_remove');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_user_id = gpc_get_int('user_id', 0);
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('project_user_threshold'), $f_project_id);
if (0 == $f_user_id) {
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button'));
project_remove_all_users($f_project_id, access_get_project_level($f_project_id));
} else {
# Don't allow removal of users from the project who have a higher access level than the current user
access_ensure_project_level(access_get_project_level($f_project_id, $f_user_id), $f_project_id);
$t_user = user_get_row($f_user_id);
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('username_label') . lang_get('word_separator') . $t_user['username'], lang_get('remove_user_button'));
project_remove_user($f_project_id, $f_user_id);
}
form_security_purge('manage_proj_user_remove');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
html_operation_successful($t_redirect_url);
html_page_bottom();
$result = db_query($query);
$row = db_fetch_array($result);
extract($row, EXTR_PREFIX_ALL, 'v');
# Check access rights
switch ($f_type) {
case 'bug':
if (!file_can_download_bug_attachments($v_bug_id)) {
access_denied();
}
break;
case 'doc':
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation')) {
access_denied();
}
access_ensure_project_level(config_get('view_proj_doc_threshold'), $v_project_id);
break;
}
# flush output buffer to protect download
@ob_end_clean();
# Make sure that IE can download the attachments under https.
header('Pragma: public');
header('Content-Type: ' . $v_file_type);
header('Content-Length: ' . $v_filesize);
# Added Quotes (") around file name.
header('Content-Disposition: attachment; filename="' . file_get_display_name($v_filename) . '"');
header('Content-Description: Download Data');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', db_unixtimestamp($v_date_added)));
# To fix an IE bug which causes problems when downloading
# attached files via HTTPS, we disable the "Pragma: no-cache"
# command when IE is used over HTTPS.
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'news_api.php';
require_once 'print_api.php';
news_ensure_enabled();
form_security_validate('news_add');
access_ensure_project_level(config_get('manage_news_threshold'));
$f_view_state = gpc_get_int('view_state');
$f_headline = gpc_get_string('headline');
$f_announcement = gpc_get_bool('announcement');
$f_body = gpc_get_string('body');
$t_news_id = news_create(helper_get_current_project(), auth_get_current_user_id(), $f_view_state, $f_announcement, $f_headline, $f_body);
form_security_purge('news_add');
$t_news_row = news_get_row($t_news_id);
html_page_top();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link('news_menu_page.php', lang_get('proceed'));
* @uses config_api.php
* @uses constant_inc.php
* @uses helper_api.php
* @uses html_api.php
* @uses lang_api.php
* @uses string_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('string_api.php');
access_ensure_project_level(config_get('manage_configuration_threshold'));
html_page_top(lang_get('permissions_summary_report'));
print_manage_menu('adm_permissions_report.php');
print_manage_config_menu('adm_permissions_report.php');
/**
* return html for start of administration report section
* @param string $p_section_name Section name.
* @return string
*/
function get_section_begin_apr($p_section_name)
{
$t_access_levels = MantisEnum::getValues(config_get('access_levels_enum_string'));
$t_output = '<div class="table-container">';
$t_output .= '<table>';
$t_output .= '<thead>';
$t_output .= '<tr><td class="form-title-caps" colspan="' . (count($t_access_levels) + 1) . '">' . $p_section_name . '</td></tr>' . "\n";
* @uses lang_api.php
* @uses utility_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('file_api.php');
require_api('form_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('utility_api.php');
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled() || !file_allow_project_upload()) {
access_denied();
}
access_ensure_project_level(config_get('upload_project_file_threshold'));
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
html_page_top();
?>
<br />
<div>
<form method="post" enctype="multipart/form-data" action="proj_doc_add.php">
<?php
echo form_security_field('proj_doc_add');
?>
<table class="width75" cellspacing="1">
<tr>
<td class="form-title">
<?php
echo lang_get('upload_file_title');
<?php
access_ensure_project_level(plugin_config_get('serials_view_threshold'));
header('Content-Type: application/json');
$g_mantis_serials_customer = plugin_table('customer');
$g_mantis_serials_assembly = plugin_table('assembly');
$g_mantis_serials_format = plugin_table('format');
$g_mantis_serials_serial = plugin_table('serial');
$p_assembly_id = gpc_get_string('assembly_id');
function get_format($p_assembly_id)
{
$t_assembly_id = $p_assembly_id;
global $g_mantis_serials_format;
$query = "SELECT format, format_id, format_example\n\t\t\t\tFROM {$g_mantis_serials_format}\n\t\t\t\tWHERE assembly_id='{$t_assembly_id}'";
$result = mysql_query($query) or die(mysql_error());
//Create an array
$json_response = array();
while ($row = mysql_fetch_array($result, MYSQL_ASSOC)) {
$row_array['format'] = $row['format'];
$row_array['format_id'] = $row['format_id'];
$row_array['format_example'] = $row['format_example'];
//push the values in the array
array_push($json_response, $row_array);
}
$jsonString = json_encode($json_response);
echo $jsonString;
}
echo get_format($p_assembly_id);
# If all projects, use default project if set
$t_default_project = user_pref_get_pref(auth_get_current_user_id(), 'default_project');
if (ALL_PROJECTS == $t_project_id && ALL_PROJECTS != $t_default_project) {
$t_project_id = $t_default_project;
}
if ((ALL_PROJECTS == $t_project_id || project_exists($t_project_id)) && $t_project_id != $t_current_project) {
helper_set_current_project($t_project_id);
# Reloading the page is required so that the project browser
# reflects the new current project
print_header_redirect($_SERVER['REQUEST_URI'], true, false, true);
}
# New issues cannot be reported for the 'All Project' selection
if (ALL_PROJECTS == $t_current_project) {
print_header_redirect('login_select_proj_page.php?ref=bug_report_page.php');
}
access_ensure_project_level(config_get('report_bug_threshold'));
$f_build = gpc_get_string('build', '');
$f_platform = gpc_get_string('platform', '');
$f_os = gpc_get_string('os', '');
$f_os_build = gpc_get_string('os_build', '');
$f_product_version = gpc_get_string('product_version', '');
$f_target_version = gpc_get_string('target_version', '');
$f_profile_id = gpc_get_int('profile_id', 0);
$f_handler_id = gpc_get_int('handler_id', 0);
$f_category_id = gpc_get_int('category_id', 0);
$f_reproducibility = gpc_get_int('reproducibility', (int) config_get('default_bug_reproducibility'));
$f_eta = gpc_get_int('eta', (int) config_get('default_bug_eta'));
$f_severity = gpc_get_int('severity', (int) config_get('default_bug_severity'));
$f_priority = gpc_get_int('priority', (int) config_get('default_bug_priority'));
$f_summary = gpc_get_string('summary', '');
$f_description = gpc_get_string('description', '');
<?php
require "faq_api.php";
require "css_faq.php";
html_page_top1();
html_page_top2();
access_ensure_project_level(DEVELOPER);
$f_id = gpc_get_int('f_id');
# Delete the faq entry
$result = faq_delete_query($f_id);
$t_redirect_url = $g_faq_menu_page;
if ($result) {
?>
<div align="center">
<?php
print lang_get('operation_successful') . '<p>';
} else {
print_mantis_error(ERROR_GENERIC);
}
if (ON == plugin_config_get('faq_view_window')) {
?>
<a href="javascript:window.opener='x';window.close();">Close Window</a>
<?php
} else {
print_bracket_link($g_faq_menu_page, lang_get('proceed'));
}
?>
</div>
<?php
html_page_bottom1();
#
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'Period.php';
require_once 'graph_api.php';
access_ensure_project_level(config_get('view_summary_threshold'));
$f_width = gpc_get_int('width', 600);
$t_ar = plugin_config_get('bar_aspect');
$t_interval = new Period();
$t_interval->set_period_from_selector('interval');
$f_show_as_table = gpc_get_bool('show_table', FALSE);
$f_summary = gpc_get_bool('summary', FALSE);
$t_interval_days = $t_interval->get_elapsed_days();
if ($t_interval_days <= 14) {
$t_incr = 60 * 60;
// less than 14 days, use hourly
} else {
if ($t_interval_days <= 92) {
$t_incr = 24 * 60 * 60;
// less than three months, use daily
} else {
if (OFF == config_get('rss_enabled')) {
access_denied();
}
# authenticate the user
if ($f_username !== null) {
if (!rss_login($f_username, $f_key)) {
access_denied();
}
} else {
if (OFF == config_get('allow_anonymous_login')) {
access_denied();
}
}
# Make sure that the current user has access to the selected project (if not ALL PROJECTS).
if ($f_project_id != ALL_PROJECTS) {
access_ensure_project_level(VIEWER, $f_project_id);
}
if ($f_sort === 'update') {
$c_sort_field = 'last_updated';
} else {
$c_sort_field = 'date_submitted';
}
$t_path = config_get('path');
# construct rss file
$encoding = 'utf-8';
$about = $t_path;
$title = config_get('window_title');
$image_link = $t_path . 'images/mantis_logo_button.gif';
# only rss 2.0
$category = project_get_name($f_project_id);
if ($f_project_id !== 0) {
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'custom_field_api.php';
form_security_validate('manage_proj_custom_field_update');
auth_reauthenticate();
$f_field_id = gpc_get_int('field_id');
$f_project_id = gpc_get_int('project_id');
$f_sequence = gpc_get_int('sequence');
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id);
custom_field_set_sequence($f_field_id, $f_project_id, $f_sequence);
form_security_purge('manage_proj_custom_field_update');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom();
* @uses print_api.php
* @uses project_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
form_security_validate('manage_user_proj_delete');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_user_id = gpc_get_int('user_id');
user_ensure_exists($f_user_id);
$t_user = user_get_row($f_user_id);
access_ensure_project_level(config_get('project_user_threshold'), $f_project_id);
access_ensure_project_level($t_user['access_level'], $f_project_id);
$t_project_name = project_get_name($f_project_id);
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('project_name_label') . lang_get('word_separator') . $t_project_name, lang_get('remove_user_button'));
project_remove_user($f_project_id, $f_user_id);
form_security_purge('manage_user_proj_delete');
$t_redirect_url = 'manage_user_edit_page.php?user_id=' . $f_user_id;
html_page_top(null, $t_redirect_url);
html_operation_successful($t_redirect_url);
html_page_bottom();
