function bugs_has_access($bug_id, $bug, $pw, $user_flags)
{
global $auth_user;
if ($bug['private'] != 'Y') {
return true;
}
// When the bug is private, only the submitter, trusted devs, security devs and assigned dev
// should see the report info
if ($user_flags & (BUGS_SECURITY_DEV | BUGS_TRUSTED_DEV)) {
// trusted and security dev
return true;
} else {
if ($user_flags == BUGS_NORMAL_USER && $pw != '' && verify_bug_passwd($bug_id, bugs_get_hash($pw))) {
// The submitter
return true;
} else {
if ($user_flags & BUGS_DEV_USER && $bug['reporter_name'] != '' && strtolower($bug['reporter_name']) == strtolower($auth_user->handle)) {
// The submitter (php developer)
return true;
} else {
if ($user_flags & BUGS_DEV_USER && $bug['assign'] != '' && strtolower($bug['assign']) == strtolower($auth_user->handle)) {
// The assigned dev
return true;
}
}
}
}
return false;
}
mark_related_bugs($_POST['in']['commentemail'], $_POST['in']['name'], $ncomment);
} while (false);
$from = spam_protect($_POST['in']['commentemail'], 'text');
} else {
$from = '';
}
} elseif (isset($_POST['ncomment']) && isset($_POST['preview']) && $edit == 3) {
$ncomment = trim($_POST['ncomment']);
// primitive spam detection
if (is_spam($ncomment)) {
$errors[] = "Please do not SPAM our bug system.";
}
$from = $_POST['in']['commentemail'];
} elseif (isset($_POST['in']) && !isset($_POST['preview']) && $edit == 2) {
// Edits submitted by original reporter for old bugs
if (!$show_bug_info || !verify_bug_passwd($bug_id, bugs_get_hash($pw))) {
$errors[] = 'The password you supplied was incorrect.';
}
// Bug is private (just should be available to trusted developers, original reporter and assigned dev)
if (!$show_bug_info && $bug['private'] == 'Y') {
response_header('Private report');
display_bug_error("The bug #{$bug_id} is not available to public");
response_footer();
exit;
}
// Just trusted dev can change the package name of a Security related bug to another package
if ($bug['private'] == 'Y' && !$is_security_developer && $bug['bug_type'] == 'Security' && $_POST['in']['bug_type'] != $bug['bug_type']) {
$errors[] = 'You cannot change the bug type of a Security bug!';
}
$ncomment = trim($_POST['ncomment']);
if (!$ncomment) {
INSERT INTO bugdb (
package_name,
bug_type,
email,
sdesc,
ldesc,
php_version,
php_os,
passwd,
reporter_name,
status,
ts1,
private,
visitor_ip
) VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, "Open", NOW(), ?, INET_ATON(?))
')->execute(array($package_name, $_POST['in']['bug_type'], $_POST['in']['email'], $_POST['in']['sdesc'], $fdesc, $_POST['in']['php_version'], $_POST['in']['php_os'], bugs_get_hash($_POST['in']['passwd']), $_POST['in']['reporter_name'], $_POST['in']['private'], $_SERVER['REMOTE_ADDR']));
if (PEAR::isError($res)) {
echo "<pre>";
var_dump($_POST['in'], $fdesc, $package_name);
die($res->getMessage());
}
$cid = $dbh->lastInsertId();
$redirectToPatchAdd = false;
if (!empty($_POST['in']['patchname']) && $_POST['in']['patchname']) {
require_once "{$ROOT_DIR}/include/classes/bug_patchtracker.php";
$tracker = new Bug_Patchtracker();
PEAR::staticPushErrorHandling(PEAR_ERROR_RETURN);
$patchrevision = $tracker->attach($cid, 'patchfile', $_POST['in']['patchname'], $_POST['in']['handle'], array());
PEAR::staticPopErrorHandling();
if (PEAR::isError($patchrevision)) {
$redirectToPatchAdd = true;
// Try to find the email and the password
if (empty($errors)) {
$query = "SELECT email, passwd FROM bugdb WHERE id = '{$bug_id}'";
// Run the query
$row = $dbh->prepare($query)->execute()->fetchRow(MDB2_FETCHMODE_ASSOC);
if (is_null($row)) {
$errors[] = "Invalid bug id provided: #{$bug_id}";
} else {
if (empty($row['passwd'])) {
$errors[] = "No password found for #{$bug_id} bug report, sorry.";
} else {
$new_passwd = bugs_gen_passwd();
$dbh->prepare('UPDATE bugdb
SET passwd = ?
WHERE id = ?
')->execute(array(bugs_get_hash($new_passwd), $bug_id));
$resp = bugs_mail($row['email'], "Password for {$siteBig} bug report #{$bug_id}", "The password for {$siteBig} bug report #{$bug_id} has been set to: {$new_passwd}", 'From: noreply@php.net');
if ($resp) {
$success = "The password for bug report #{$bug_id} has been sent to " . spam_protect($row['email'], 'text');
} else {
$errors[] = 'Sorry. Mail can not be sent at this time, please try again later.';
}
}
}
}
}
response_header('Bug Report Password Finder');
echo "<h1>Bug Report Password Finder</h1>\n";
display_bug_error($errors);
if ($success) {
display_bug_success($success);
