/** * Create a new profile for the user, return the ID of the new profile * @param integer $p_user_id A valid user identifier. * @param string $p_platform Value for profile platform. * @param string $p_os Value for profile operating system. * @param string $p_os_build Value for profile operation system build. * @param string $p_description Description of profile. * @return integer */ function profile_create($p_user_id, $p_platform, $p_os, $p_os_build, $p_description) { $p_user_id = (int) $p_user_id; if (ALL_USERS != $p_user_id) { user_ensure_unprotected($p_user_id); } # platform cannot be blank if (is_blank($p_platform)) { error_parameters(lang_get('platform')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os cannot be blank if (is_blank($p_os)) { error_parameters(lang_get('os')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # os_build cannot be blank if (is_blank($p_os_build)) { error_parameters(lang_get('version')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } # Add profile db_param_push(); $t_query = 'INSERT INTO {user_profile} ( user_id, platform, os, os_build, description ) VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )'; db_query($t_query, array($p_user_id, $p_platform, $p_os, $p_os_build, $p_description)); return db_insert_id(db_get_table('user_profile')); }
/** * Add a news item * * @param integer $p_project_id A project identifier. * @param integer $p_poster_id The user id of poster. * @param integer $p_view_state View state. * @param boolean $p_announcement Whether article is an announcement. * @param string $p_headline News Headline. * @param string $p_body News Body. * @return integer news article id */ function news_create($p_project_id, $p_poster_id, $p_view_state, $p_announcement, $p_headline, $p_body) { if (is_blank($p_headline)) { error_parameters(lang_get('headline')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } if (is_blank($p_body)) { error_parameters(lang_get('body')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } db_param_push(); $t_query = 'INSERT INTO {news} ( project_id, poster_id, date_posted, last_modified, view_state, announcement, headline, body ) VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )'; db_query($t_query, array((int) $p_project_id, (int) $p_poster_id, db_now(), db_now(), (int) $p_view_state, $p_announcement, $p_headline, $p_body)); $t_news_id = db_insert_id(db_get_table('news')); return $t_news_id; }
function renderIssues($status) { $content = array(); $t_bug_table = db_get_table('mantis_bug_table'); $t_user_id = auth_get_current_user_id(); $specific_where = helper_project_specific_where($this->project_id, $t_user_id); if ($this->severity) { $severityCond = '= ' . $this->severity; } else { $severityCond = '> -1'; } if ($this->version) { $versionCon = '= ' . $this->version; } else { $versionCon = '> -1'; } $query = "SELECT *\n\t\t\tFROM {$t_bug_table}\n\t\t\tWHERE {$specific_where}\n\t\t\tAND status = {$status}\n\t\t\tAND severity {$severityCond}\n AND version {$versionCon}\n\t\t\tORDER BY last_updated DESC\n\t\t\tLIMIT 20"; $result = db_query_bound($query); $category_count = db_num_rows($result); for ($i = 0; $i < $category_count; $i++) { $row = db_fetch_array($result); $content[] = '<div class="portlet ui-helper-clearfix" id="' . $row['id'] . '"> <div class="portlet-header">' . icon_get_status_icon($row['priority']) . ' ' . string_get_bug_view_link($row['id']) . ': ' . $row['summary'] . '</div> <div class="portlet-content">' . ($row['handler_id'] ? '<strong>Assigned:</strong> ' . user_get_name($row['handler_id']) . BR : '') . '</div></div>'; } if ($row) { //pre_var_dump(array_keys($row)); } return $content; }
function get_bug_id_from_artas_id($t_artas_id) { # ATR or ACP if (substr($t_artas_id, 0, 3) == "ATR") { $t_cstm_field = 55; $t_artas_id = str_replace("ATR", "", $t_artas_id); } else { if (substr($t_artas_id, 0, 3) == "ACP") { $t_cstm_field = 56; $t_artas_id = str_replace("ACP", "", $t_artas_id); } else { return "null"; } } list($t_artas_id_number, $t_version) = split("-", $t_artas_id); $t_version = str_replace("_", " ", $t_version); $t_custom_table = db_get_table('mantis_custom_field_string_table'); $t_bug_table = db_get_table('mantis_bug_table'); $query = 'SELECT bug_id FROM ' . $t_custom_table . ',' . $t_bug_table . ' WHERE ' . $t_custom_table . '.bug_id = ' . $t_bug_table . '.id and field_id = ' . $t_cstm_field . ' AND value = ' . $t_artas_id_number . ' and version = "' . $t_version . '"'; $result = db_query_bound($query, null); $rows = array(); $i = 0; while ($row = db_fetch_array($result)) { $rows[] = $row['bug_id']; $i++; } if ($i == 1) { return $rows[0]; } else { return "null"; } }
function getUserStorySprintHistory($bug_id) { $t_mantis_bug_history_table = db_get_table('mantis_bug_history_table'); $t_sql = "SELECT date_modified \n\t\t\t\t\tFROM {$t_mantis_bug_history_table} \n\t\t\t\t\tWHERE bug_id = " . db_param(0) . " \n\t\t\t\t\tAND field_name = 'Sprint' \n\t\t\t\t\tORDER BY date_modified DESC"; $t_params = array($bug_id); $sprint = $this->executeQuery($t_sql, $t_params); return $sprint[0]['date_modified']; }
/** * @param $table * @return string */ private function get_mantis_plugin_table($table) { if ($this->get_mantis_version() == '1.2.') { $mantis_plugin_table = plugin_table($table, 'SpecManagement'); } else { $mantis_plugin_table = db_get_table('plugin_SpecManagement_' . $table); } return $mantis_plugin_table; }
/** * Gets a specific mantis database table * * @param $table * @return string */ private function get_mantis_table($table) { if ($this->get_mantis_version() == '1.2.') { $mantis_table = db_get_table('mantis_' . $table . '_table'); } else { $mantis_table = db_get_table($table); } return $mantis_table; }
function getNumberOfUserStories($project_id, $version) { $t_mantis_custom_field_string_table = db_get_table('mantis_custom_field_string_table'); $t_mantis_bug_table = db_get_table('mantis_bug_table'); $this->getAdditionalProjectFields(); $t_sql = "SELECT count(*) AS userstories \n\t\t\t\t\tFROM {$t_mantis_bug_table} \n\t\t\t\t\tINNER JOIN {$t_mantis_custom_field_string_table} ON id = bug_id \n\t\t\t\t\tWHERE project_id=" . db_param(0) . " \n\t\t\t\t\tAND target_version = " . db_param(1) . " \n\t\t\t\t\tAND status < 80 \n\t\t\t\t\tAND field_id=" . db_param(2) . " \n\t\t\t\t\tAND value != ''" . " \n\t\t\t\t\tGROUP BY field_id"; $t_params = array($project_id, $version, $this->pb); $total = $this->executeQuery($t_sql, $t_params); return 0 + $total[0]['userstories']; }
function profile_exists($p_platform, $p_os, $p_os_build) { $t_user_profile_table = db_get_table('mantis_user_profile_table'); $query_where = 'platform = ' . db_param() . ' and os = ' . db_param() . ' and os_build = ' . db_param(); $query = "SELECT *\n\t\t\t\t FROM {$t_user_profile_table}\n\t\t\t\t WHERE {$query_where}\n\t\t\t\t ORDER BY platform, os, os_build LIMIT 0,1"; $result = db_query_bound($query, array($p_platform, $p_os, $p_os_build)); $result = db_fetch_array($result); if ($result === false) { return false; } return $result['id']; }
function bug_get_attachments($p_bug_id) { $c_bug_id = db_prepare_int($p_bug_id); $t_bug_file_table = db_get_table('mantis_bug_file_table'); $query = "SELECT id, title, diskfile, filename, filesize, file_type, date_added, user_id\n FROM {$t_bug_file_table}\n WHERE bug_id=" . db_param() . "\n ORDER BY date_added"; $db_result = db_query_bound($query, array($c_bug_id)); $num_files = db_num_rows($db_result); $t_result = array(); for ($i = 0; $i < $num_files; $i++) { $t_result[] = db_fetch_array($db_result); } return $t_result; }
function update_bug_summary_by_version($t_version, $map_file) { $db_table = db_get_table('mantis_bug_table'); $query = "SELECT `id`, `summary`, `project_id` FROM {$db_table} WHERE `version` = '" . mysql_real_escape_string($t_version) . "'"; $result = db_query_bound($query); $rows = array(); while (true) { $row = db_fetch_array($result); if ($row == false) { break; } $rows[] = $row; } if (count($rows) === 0) { return; } require_once "ProjectAcraExt.php"; $app_packages = get_project_package_list($rows[0]['project_id']); foreach ($rows as $row) { $bug_id = $row['id']; $stacktrace = bug_get_text_field($bug_id, 'description'); $info = get_stack_map($stacktrace); $exception = $info->exception; $method = ""; $suffix = ""; $size = count($info->stack); if ($size > 0) { foreach ($info->stack as $entry) { $func = $entry->method; foreach ($app_packages as $pack => $len) { if (strncmp($func, $pack, $len) === 0) { $method = $entry->method; $suffix = $entry->suffix; break; } } if (strlen($method) > 0) { break; } } } if (strlen($exception) > 0) { $line = build_summary_text($exception, $method . $suffix); } else { $line = 'Acra report crash ' . $method . $suffix; } $line = mysql_real_escape_string($line); $query = "UPDATE `{$db_table}` SET `summary` = '{$line}' WHERE `id` = {$bug_id}; "; db_query_bound($query); } }
/** * Get username. */ function get_username($user_id) { $user_table = db_get_table('mantis_user_table'); $query_rep_user_name = "SELECT realname, username FROM {$user_table} WHERE id = {$user_id};"; $res_rep_user_name = db_query($query_rep_user_name); while ($row_rep_user_name = db_fetch_array($res_rep_user_name)) { if ($row_rep_user_name['realname'] == '') { $user_name = $row_rep_user_name['username']; } else { $user_name = $row_rep_user_name['realname']; } } return $user_name; }
/** * Returns an array of time tracking stats * @param int $p_project_id project id * @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored. * @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored. * @return array array of bugnote stats * @access public */ function plugin_TimeTracking_stats_get_project_array($p_project_id, $p_from, $p_to) { $c_project_id = db_prepare_int($p_project_id); $c_to = "'" . date("Y-m-d", strtotime("{$p_to}") + SECONDS_PER_DAY - 1) . "'"; $c_from = "'" . $p_from . "'"; //strtotime( $p_from ) if ($c_to === false || $c_from === false) { error_parameters(array($p_form, $p_to)); trigger_error(ERROR_GENERIC, ERROR); } $t_timereport_table = plugin_table('data', 'TimeTracking'); $t_bug_table = db_get_table('mantis_bug_table'); $t_user_table = db_get_table('mantis_user_table'); $t_project_table = db_get_table('mantis_project_table'); if (!is_blank($c_from)) { $t_from_where = " AND expenditure_date >= {$c_from}"; } else { $t_from_where = ''; } if (!is_blank($c_to)) { $t_to_where = " AND expenditure_date <= {$c_to}"; } else { $t_to_where = ''; } if (ALL_PROJECTS != $c_project_id) { $t_project_where = " AND b.project_id = '{$c_project_id}' "; } else { $t_project_where = ''; } if (!access_has_global_level(plugin_config_get('view_others_threshold'))) { $t_user_id = auth_get_current_user_id(); $t_user_where = " AND user = '******' "; } else { $t_user_where = ''; } $t_results = array(); $query = "SELECT u.username, p.name as project_name, bug_id, expenditure_date, hours, timestamp, info \nFROM {$t_timereport_table} tr, {$t_bug_table} b, {$t_user_table} u, {$t_project_table} p\nWHERE tr.bug_id=b.id and tr.user=u.id AND p.id = b.project_id\n{$t_project_where} {$t_from_where} {$t_to_where} {$t_user_where}\nORDER BY user, expenditure_date, bug_id"; $result = db_query($query); while ($row = db_fetch_array($result)) { $t_results[] = $row; } return $t_results; }
/** * Add a new revision to a bug history. * @param integer $p_bug_id A bug identifier. * @param integer $p_user_id User ID. * @param integer $p_type Revision Type. * @param string $p_value Value. * @param integer $p_bugnote_id A Bugnote ID. * @param integer $p_timestamp Integer Timestamp. * @return int Revision ID */ function bug_revision_add($p_bug_id, $p_user_id, $p_type, $p_value, $p_bugnote_id = 0, $p_timestamp = null) { if ($p_type <= REV_ANY) { return null; } $t_last = bug_revision_last($p_bug_id, $p_type); # Don't save a revision twice if nothing has changed if (!is_null($t_last) && $p_value == $t_last['value']) { return $t_last['id']; } if ($p_timestamp === null) { $t_timestamp = db_now(); } else { $t_timestamp = $p_timestamp; } $t_query = 'INSERT INTO {bug_revision} ( bug_id, bugnote_id, user_id, timestamp, type, value ) VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )'; db_query($t_query, array($p_bug_id, $p_bugnote_id, $p_user_id, $t_timestamp, $p_type, $p_value)); return db_insert_id(db_get_table('bug_revision')); }
function print_users_in_group_option_list($usergroup_id) { if (plugin_config_get('assign_to_groups', '') == 1 && plugin_config_get('assign_group_threshold', '') <= user_get_access_level(auth_get_current_user_id())) { $show_groups = 1; } else { $show_groups = 0; } $t_table_users = plugin_table('users'); $t_user_table = db_get_table('mantis_user_table'); $query = "SELECT * FROM ("; $query .= " SELECT u.id, u.username, u.realname, ug.group_user_id"; $query .= " FROM {$t_user_table} AS u"; $query .= " LEFT JOIN {$t_table_users} AS ug ON (u.id=ug.user)"; //if( plugin_config_get('assign_to_groups', '') == 0 || plugin_config_get('assign_group_threshold','') > user_get_access_level( auth_get_current_user_id() ) ) if ($show_groups == 0) { $query .= " WHERE u.username NOT LIKE " . db_param(); } $query .= ") AS t1 WHERE group_user_id=" . db_param() . " OR group_user_id IS NULL ORDER BY username ASC"; if ($show_groups == 0) { $result = db_query_bound($query, array(plugin_config_get('group_prefix') . '%', (int) $usergroup_id)); } else { $result = db_query_bound($query, array((int) $usergroup_id)); } $count = db_num_rows($result); for ($i = 0; $i < $count; $i++) { $row = db_fetch_array($result); if ($row['id'] == $usergroup_id) { continue; //usergroup must not be nested with itself } echo '<option value="' . $row['id'] . '" '; if (!is_null($row['group_user_id'])) { echo 'selected="selected"'; } else { echo ''; } echo '>' . $row['username'] . '</option>'; } }
function getBugsInfoJSONPResponse($bugsString) { $t_bug_table = db_get_table('mantis_bug_table'); $t_statuses = MantisEnum::getAssocArrayIndexedByValues(config_get('status_enum_string')); $statuses = ''; foreach ($t_statuses as $t_state => $t_label) { $statuses .= '"' . $t_label . '": "' . get_status_color($t_state) . '", '; } $bugs_list = array_unique(str_split($bugsString, 7)); $bugs_list = "'" . implode("', '", $bugs_list) . "'"; $query = "SELECT id, status, summary\r\n\t\t\t FROM `" . $t_bug_table . "`\r\n\t\t\t WHERE id IN (" . $bugs_list . ")\r\n\t\t\t ORDER BY FIELD(id, " . $bugs_list . ")"; $results = db_query_bound($query); if ($results) { $json = ''; while ($row = db_fetch_array($results)) { $id = $row['id']; $statusId = $row['status']; $summary = $row['summary']; $json .= '"' . $id . '": { "status": "' . $t_statuses[$statusId] . '", "summary": "' . htmlspecialchars($summary) . '" }, '; } } header("Content-Type: application/javascript; charset=utf-8"); echo 'bugtrackerConnection_callback( { "offset": "' . $_REQUEST['offset'] . '", "length": "' . $_REQUEST['length'] . '", "statuses": { ' . substr($statuses, 0, -2) . ' }, "bugsInfo" : { ' . substr($json, 0, -2) . ' } } );'; }
* @uses print_api.php */ /** @ignore */ define('PLUGINS_DISABLED', true); require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('database_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); form_security_validate('manage_plugin_update'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_plugin_threshold')); $t_plugin_table = db_get_table('plugin'); $t_query = "SELECT basename FROM {$t_plugin_table}"; $t_result = db_query_bound($t_query); while ($t_row = db_fetch_array($t_result)) { $t_basename = $t_row['basename']; $f_change = gpc_get_bool('change_' . $t_basename, 0); if (!$f_change) { continue; } $f_priority = gpc_get_int('priority_' . $t_basename, 3); $f_protected = gpc_get_bool('protected_' . $t_basename, 0); $t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param(); db_query_bound($t_query, array($f_priority, $f_protected, $t_basename)); } form_security_purge('manage_plugin_update'); print_successful_redirect('manage_plugin_page.php');
require_api( 'config_api.php' ); require_api( 'constant_inc.php' ); require_api( 'database_api.php' ); require_api( 'form_api.php' ); require_api( 'helper_api.php' ); require_api( 'lang_api.php' ); require_api( 'print_api.php' ); require_api( 'user_api.php' ); form_security_validate( 'manage_user_prune' ); auth_reauthenticate(); access_ensure_global_level( config_get( 'manage_user_threshold' ) ); $t_user_table = db_get_table( 'user' ); # Delete the users who have never logged in and are older than 1 week $days_old = (int)7 * SECONDS_PER_DAY; $query = "SELECT id, access_level FROM $t_user_table WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" ); $result = db_query_bound($query, Array( db_now() ) ); if ( !$result ) { trigger_error( ERROR_GENERIC, ERROR ); } $count = db_num_rows( $result );
function cfdef_prepare_list_distinct_values($p_field_def) { $t_custom_field_table = db_get_table('custom_field'); $query = "SELECT possible_values\n\t\t\t FROM {$t_custom_field_table}\n\t\t\t WHERE id=" . db_param(); $result = db_query_bound($query, array($p_field_def['id'])); $t_row_count = db_num_rows($result); if (0 == $t_row_count) { return false; } $row = db_fetch_array($result); $t_possible_values = custom_field_prepare_possible_values($row['possible_values']); $t_values_arr = explode('|', $t_possible_values); $t_return_arr = array(); foreach ($t_values_arr as $t_option) { array_push($t_return_arr, $t_option); } return $t_return_arr; }
/** * Prints the preview of a text file attachment. * @param array $p_attachment An attachment arrray from within the array returned by the file_get_visible_attachments() function */ function print_bug_attachment_preview_text($p_attachment) { if (!$p_attachment['exists']) { return; } echo "\n<pre class=\"bug-attachment-preview-text\">"; switch (config_get('file_upload_method')) { case DISK: if (file_exists($p_attachment['diskfile'])) { $t_content = file_get_contents($p_attachment['diskfile']); } break; case FTP: if (file_exists($p_attachment['diskfile'])) { $t_content = file_get_contents($p_attachment['diskfile']); } else { $t_ftp = file_ftp_connect(); file_ftp_get($t_ftp, $p_attachment['diskfile'], $p_attachment['diskfile']); file_ftp_disconnect($t_ftp); if (file_exists($p_attachment['diskfile'])) { $t_content = file_get_contents($p_attachment['diskfile']); } } break; default: $t_bug_file_table = db_get_table('bug_file'); $c_attachment_id = db_prepare_int($p_attachment['id']); $t_query = "SELECT * FROM {$t_bug_file_table} WHERE id=" . db_param(); $t_result = db_query_bound($t_query, array($c_attachment_id)); $t_row = db_fetch_array($t_result); $t_content = $t_row['content']; } echo htmlspecialchars($t_content); echo '</pre>'; }
} $f_page_number = 1; $t_per_page = -1; $t_bug_count = null; $t_page_count = 0; $t_filter = current_user_get_bug_filter(); $t_filter['_view_type'] = 'advanced'; $t_filter['show_status'] = array(META_FILTER_ANY); $t_filter['sort'] = ''; $rows = filter_get_bug_rows($f_page_number, $t_per_page, $t_page_count, $t_bug_count, $t_filter, null, null, true); if (count($rows) == 0) { // no data to graph exit; } $t_bug_table = db_get_table('mantis_bug_table'); $t_bug_hist_table = db_get_table('mantis_bug_history_table'); $t_marker = array(); $t_data = array(); $t_ptr = 0; $t_end = $t_interval->get_end_timestamp(); $t_start = $t_interval->get_start_timestamp(); if ($t_end == false || $t_start == false) { return; } // grab all status levels $t_status_arr = MantisEnum::getAssocArrayIndexedByValues(config_get('status_enum_string')); $t_status_labels = MantisEnum::getAssocArrayIndexedByValues(lang_get('status_enum_string')); $t_default_bug_status = config_get('bug_submit_status'); $t_bug = array(); $t_view_status = array(); // walk through all issues and grab their status for 'now'
/** * Retrieve a list of changes to a bug of the same type as the * given revision ID. * @param int $p_rev_id Revision ID * @return array|null Array of Revision rows */ function bug_revision_like( $p_rev_id ) { $t_bug_rev_table = db_get_table( 'bug_revision' ); $t_query = "SELECT bug_id, bugnote_id, type FROM $t_bug_rev_table WHERE id=" . db_param(); $t_result = db_query_bound( $t_query, array( $p_rev_id ) ); if ( db_num_rows( $t_result ) < 1 ) { trigger_error( ERROR_BUG_REVISION_NOT_FOUND, ERROR ); } $t_row = db_fetch_array( $t_result ); $t_bug_id = $t_row['bug_id']; $t_bugnote_id = $t_row['bugnote_id']; $t_type = $t_row['type']; $t_params = array( $t_bug_id ); $t_query = "SELECT * FROM $t_bug_rev_table WHERE bug_id=" . db_param(); if ( REV_ANY < $t_type ) { $t_query .= ' AND type=' . db_param(); $t_params[] = $t_type; } if ( $t_bugnote_id > 0 ) { $t_query .= ' AND bugnote_id=' . db_param(); $t_params[] = $t_bugnote_id; } else { $t_query .= ' AND bugnote_id=0'; } $t_query .= ' ORDER BY timestamp ASC'; $t_result = db_query_bound( $t_query, $t_params ); $t_revisions = array(); while( $t_row = db_fetch_array( $t_result ) ) { $t_revisions[$t_row['id']] = $t_row; } return $t_revisions; }
/** * retrieves and returns access matrix for a user from cache or caching if required. * @param int $p_user_id integer representing user id * @return array returns an array of projects->accesslevel for the given user * @access private */ function access_cache_matrix_user($p_user_id) { global $g_cache_access_matrix, $g_cache_access_matrix_user_ids; if (!in_array((int) $p_user_id, $g_cache_access_matrix_user_ids)) { $t_project_user_list_table = db_get_table('project_user_list'); $t_query = "SELECT project_id, access_level\n\t\t\t\t\t FROM {$t_project_user_list_table}\n\t\t\t\t\t WHERE user_id=" . db_param(); $t_result = db_query_bound($t_query, array((int) $p_user_id)); # make sure we always have an array to return $g_cache_access_matrix[(int) $p_user_id] = array(); while ($t_row = db_fetch_array($t_result)) { $g_cache_access_matrix[(int) $p_user_id][(int) $t_row['project_id']] = (int) $t_row['access_level']; } $g_cache_access_matrix_user_ids[] = (int) $p_user_id; } return $g_cache_access_matrix[(int) $p_user_id]; }
function print_bug_attachments_list($p_bug_id) { $t_attachments = file_get_visible_attachments($p_bug_id); $t_attachments_count = count($t_attachments); $i = 0; $image_previewed = false; foreach ($t_attachments as $t_attachment) { $t_file_display_name = string_display_line($t_attachment['display_name']); $t_filesize = number_format($t_attachment['size']); $t_date_added = date(config_get('normal_date_format'), $t_attachment['date_added']); if ($image_previewed) { $image_previewed = false; echo '<br />'; } if ($t_attachment['can_download']) { $t_href_start = '<a href="' . string_attribute($t_attachment['download_url']) . '">'; $t_href_end = '</a>'; $t_href_clicket = " [<a href=\"file_download.php?file_id={$t_attachment['id']}&type=bug\" target=\"_blank\">^</a>]"; } else { $t_href_start = ''; $t_href_end = ''; $t_href_clicket = ''; } if (!$t_attachment['exists']) { print_file_icon($t_file_display_name); echo ' <span class="strike">' . $t_file_display_name . '</span>' . lang_get('word_separator') . '(' . lang_get('attachment_missing') . ')'; } else { echo $t_href_start; print_file_icon($t_file_display_name); echo $t_href_end . ' ' . $t_href_start . $t_file_display_name . $t_href_end . $t_href_clicket . ' (' . $t_filesize . ' ' . lang_get('bytes') . ') ' . '<span class="italic">' . $t_date_added . '</span>'; } if ($t_attachment['can_delete']) { echo ' ['; print_link('bug_file_delete.php?file_id=' . $t_attachment['id'] . form_security_param('bug_file_delete'), lang_get('delete_link'), false, 'small'); echo ']'; } if ($t_attachment['exists']) { if (FTP == config_get('file_upload_method') && $t_attachment['exists']) { echo ' (' . lang_get('cached') . ')'; } if ($t_attachment['preview'] && $t_attachment['type'] == 'text') { $c_id = db_prepare_int($t_attachment['id']); $t_bug_file_table = db_get_table('mantis_bug_file_table'); echo "<script type=\"text/javascript\" language=\"JavaScript\">\n<!--\nfunction swap_content( span ) {\ndisplayType = ( document.getElementById( span ).style.display == 'none' ) ? '' : 'none';\ndocument.getElementById( span ).style.display = displayType;\n}\n\n -->\n </script>"; echo " <span id=\"hideSection_{$c_id}\">[<a class=\"small\" href='#' id='attmlink_" . $c_id . "' onclick='swap_content(\"hideSection_" . $c_id . "\");swap_content(\"showSection_" . $c_id . "\");return false;'>" . lang_get('show_content') . "</a>]</span>"; echo " <span style='display:none' id=\"showSection_{$c_id}\">[<a class=\"small\" href='#' id='attmlink_" . $c_id . "' onclick='swap_content(\"hideSection_" . $c_id . "\");swap_content(\"showSection_" . $c_id . "\");return false;'>" . lang_get('hide_content') . "</a>]"; echo "<pre>"; /** @todo Refactor into a method that gets contents for download / preview. */ switch (config_get('file_upload_method')) { case DISK: if ($t_attachment['exists']) { $v_content = file_get_contents($t_attachment['diskfile']); } break; case FTP: if (file_exists($t_attachment['exists'])) { file_get_contents($t_attachment['diskfile']); } else { $ftp = file_ftp_connect(); file_ftp_get($ftp, $t_attachment['diskfile'], $t_attachment['diskfile']); file_ftp_disconnect($ftp); $v_content = file_get_contents($t_attachment['diskfile']); } break; default: $query = "SELECT *\n\t \t\t\t\t\tFROM {$t_bug_file_table}\n\t\t\t\t \t\t\tWHERE id=" . db_param(); $result = db_query_bound($query, array($c_id)); $row = db_fetch_array($result); $v_content = $row['content']; } echo htmlspecialchars($v_content); echo "</pre></span>\n"; } if ($t_attachment['can_download'] && $t_attachment['preview'] && $t_attachment['type'] == 'image') { $t_preview_style = 'border: 0;'; $t_max_width = config_get('preview_max_width'); if ($t_max_width > 0) { $t_preview_style .= ' max-width:' . $t_max_width . 'px;'; } $t_max_height = config_get('preview_max_height'); if ($t_max_height > 0) { $t_preview_style .= ' max-height:' . $t_max_height . 'px;'; } $t_preview_style = 'style="' . $t_preview_style . '"'; $t_title = file_get_field($t_attachment['id'], 'title'); $t_image_url = $t_attachment['download_url'] . '&show_inline=1' . form_security_param('file_show_inline'); echo "\n<br />{$t_href_start}<img alt=\"{$t_title}\" {$t_preview_style} src=\"{$t_image_url}\" />{$t_href_end}"; $image_previewed = true; } } if ($i != $t_attachments_count - 1) { echo "<br />\n"; $i++; } } }
/** * delete all preferences for a project for all users (part of deleting the project) * returns true if the prefs were successfully deleted * * It is far more efficient to delete them all in one query than to * call user_pref_delete() for each one and the code is short so that's * what we do * @param $p_project_id * @return true */ function user_pref_delete_project( $p_project_id ) { $c_project_id = db_prepare_int( $p_project_id ); $t_user_pref_table = db_get_table( 'user_pref' ); $query = 'DELETE FROM ' . $t_user_pref_table . ' WHERE project_id=' . db_param(); db_query_bound( $query, Array( $c_project_id ) ); # db_query errors on failure so: return true; }
require_api('form_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); require_api('utility_api.php'); # Check if project documentation feature is enabled. if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled() || !file_allow_project_upload()) { access_denied(); } $f_file_id = gpc_get_int('file_id'); $c_file_id = db_prepare_int($f_file_id); $t_project_id = file_get_field($f_file_id, 'project_id', 'project'); access_ensure_project_level(config_get('upload_project_file_threshold'), $t_project_id); $t_proj_file_table = db_get_table('project_file'); $query = "SELECT *\n\t\tFROM {$t_proj_file_table}\n\t\tWHERE id=" . db_param(); $result = db_query_bound($query, array($c_file_id)); $row = db_fetch_array($result); extract($row, EXTR_PREFIX_ALL, 'v'); $v_title = string_attribute($v_title); $v_description = string_textarea($v_description); $t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size')); html_page_top(); ?> <br /> <div> <form method="post" enctype="multipart/form-data" action="proj_doc_update.php"> <?php echo form_security_field('proj_doc_update');
/** * Returns the attachment contents * * @param int $p_file_id * @param string $p_type The file type, bug or doc * @param int $p_user_id * @return string|soap_fault the string contents, or a soap_fault */ function mci_file_get($p_file_id, $p_type, $p_user_id) { # we handle the case where the file is attached to a bug # or attached to a project as a project doc. $query = ''; switch ($p_type) { case 'bug': $t_bug_file_table = db_get_table('bug_file'); $query = "SELECT *\n\t\t\t\tFROM {$t_bug_file_table}\n\t\t\t\tWHERE id='{$p_file_id}'"; break; case 'doc': $t_project_file_table = db_get_table('project_file'); $query = "SELECT *\n\t\t\t\tFROM {$t_project_file_table}\n\t\t\t\tWHERE id='{$p_file_id}'"; break; default: return new soap_fault('Server', '', 'Invalid file type ' . $p_type . ' .'); } $result = db_query($query); if ($result->EOF) { return new soap_fault('Client', '', 'Unable to find an attachment with type ' . $p_type . ' and id ' . $p_file_id . ' .'); } $row = db_fetch_array($result); if ($p_type == 'doc') { $t_project_id = $row['project_id']; } else { if ($p_type == 'bug') { $t_bug_id = $row['bug_id']; $t_project_id = bug_get_field($t_bug_id, 'project_id'); } } $t_diskfile = file_normalize_attachment_path($row['diskfile'], $t_project_id); $t_content = $row['content']; # Check access rights switch ($p_type) { case 'bug': if (!mci_file_can_download_bug_attachments($t_bug_id, $p_user_id)) { return mci_soap_fault_access_denied($p_user_id); } break; case 'doc': # Check if project documentation feature is enabled. if (OFF == config_get('enable_project_documentation')) { return mci_soap_fault_access_denied($p_user_id); } if (!access_has_project_level(config_get('view_proj_doc_threshold'), $t_project_id, $p_user_id)) { return mci_soap_fault_access_denied($p_user_id); } break; } # dump file content to the connection. switch (config_get('file_upload_method')) { case DISK: if (file_exists($t_diskfile)) { return mci_file_read_local($t_diskfile); } else { return new soap_fault('Client', '', 'Unable to find an attachment with type ' . $p_type . ' and id ' . $p_file_id . ' .'); } case FTP: if (file_exists($t_diskfile)) { return mci_file_read_local($t_diskfile); } else { $ftp = file_ftp_connect(); file_ftp_get($ftp, $t_diskfile, $t_diskfile); file_ftp_disconnect($ftp); return mci_file_read_local($t_diskfile); } default: return $t_content; } }
/** * Purge all expired tokens. * @param integer Token type * @return always true. */ function token_purge_expired($p_token_type = null) { global $g_tokens_purged; $t_tokens_table = db_get_table('mantis_tokens_table'); $t_query = "DELETE FROM {$t_tokens_table} WHERE " . db_param() . " > expiry"; if (!is_null($p_token_type)) { $c_token_type = db_prepare_int($p_token_type); $t_query .= " AND type=" . db_param(); db_query_bound($t_query, array(db_now(), $c_token_type)); } else { db_query_bound($t_query, array(db_now())); } $g_tokens_purged = true; return true; }
# You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; form_security_validate('manage_user_prune'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_user_threshold')); $t_user_table = db_get_table('mantis_user_table'); # Delete the users who have never logged in and are older than 1 week $days_old = (int) 7 * SECONDS_PER_DAY; $query = "SELECT id, access_level\n\t\t\tFROM {$t_user_table}\n\t\t\tWHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days(0, "date_created", "> {$days_old}"); $result = db_query_bound($query, array(db_now())); if (!$result) { trigger_error(ERROR_GENERIC, ERROR); } $count = db_num_rows($result); if ($count > 0) { helper_ensure_confirmed(lang_get('confirm_account_pruning'), lang_get('prune_accounts_button')); } for ($i = 0; $i < $count; $i++) { $row = db_fetch_array($result); # Don't prune accounts with a higher global access level than the current user if (access_has_global_level($row['access_level'])) {
function news_get_limited_rows($p_offset, $p_project_id = null) { if ($p_project_id === null) { $p_project_id = helper_get_current_project(); } $c_offset = db_prepare_int($p_offset); $t_projects = current_user_get_all_accessible_subprojects($p_project_id); $t_projects[] = (int) $p_project_id; if (ALL_PROJECTS != $p_project_id) { $t_projects[] = ALL_PROJECTS; } $t_news_table = db_get_table('mantis_news_table'); $t_news_view_limit = config_get('news_view_limit'); $t_news_view_limit_days = config_get('news_view_limit_days') * SECONDS_PER_DAY; switch (config_get('news_limit_method')) { case 0: # BY_LIMIT - Select the news posts $query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table}"; if (1 == count($t_projects)) { $c_project_id = $t_projects[0]; $query .= " WHERE project_id='{$c_project_id}'"; } else { $query .= ' WHERE project_id IN (' . join($t_projects, ',') . ')'; } $query .= ' ORDER BY announcement DESC, id DESC'; $result = db_query($query, $t_news_view_limit, $c_offset); break; case 1: # BY_DATE - Select the news posts $query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table} WHERE\n\t\t\t\t\t\t( " . db_helper_compare_days(0, 'date_posted', "< {$t_news_view_limit_days}") . "\n\t\t\t\t\t\t OR announcement = " . db_param() . " ) "; $t_params = array(db_now(), 1); if (1 == count($t_projects)) { $c_project_id = $t_projects[0]; $query .= " AND project_id=" . db_param(); $t_params[] = $c_project_id; } else { $query .= ' AND project_id IN (' . join($t_projects, ',') . ')'; } $query .= " ORDER BY announcement DESC, id DESC"; $result = db_query_bound($query, $t_params, $t_news_view_limit, $c_offset); break; } # end switch $t_row_count = db_num_rows($result); $t_rows = array(); for ($i = 0; $i < $t_row_count; $i++) { $row = db_fetch_array($result); array_push($t_rows, $row); } return $t_rows; }