/**
* Add to email queue
* @param EmailData $p_email_data
* @return int
*/
function email_queue_add($p_email_data)
{
$t_email_data = email_queue_prepare_db($p_email_data);
# email cannot be blank
if (is_blank($t_email_data->email)) {
error_parameters(lang_get('email'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# subject cannot be blank
if (is_blank($t_email_data->subject)) {
error_parameters(lang_get('subject'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# body cannot be blank
if (is_blank($t_email_data->body)) {
error_parameters(lang_get('body'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_email_table = db_get_table('email');
$c_email = $t_email_data->email;
$c_subject = $t_email_data->subject;
$c_body = $t_email_data->body;
$c_metadata = serialize($t_email_data->metadata);
$query = "INSERT INTO {$t_email_table}\n\t\t\t\t ( email,\n\t\t\t\t subject,\n\t\t\t\t\t body,\n\t\t\t\t\t submitted,\n\t\t\t\t\t metadata)\n\t\t\t\t VALUES\n\t\t\t\t ( " . db_param() . ",\n\t\t\t\t " . db_param() . ",\n\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t " . db_param() . "\n\t\t\t\t\t)";
db_query_bound($query, array($c_email, $c_subject, $c_body, db_now(), $c_metadata));
return db_insert_id($t_email_table, 'email_id');
}
function gpc_get_fileCustom($p_var_name, $p_default = null)
{
if (isset($_FILES[$p_var_name])) {
# FILES are not escaped even if magic_quotes is ON, this applies to Windows paths.
$t_result = $_FILES[$p_var_name];
} else {
if (isset($_POST[$p_var_name])) {
$f = $_POST[$p_var_name][0];
$h = "data:image/png;base64,";
if (substr($f, 0, strlen($h)) == $h) {
$data = base64_decode(substr($f, strlen($h)));
$fn = tempnam("/tmp", "CLPBRD");
file_put_contents($fn, $data);
chmod($fn, 0777);
$t_result = array();
$pi = pathinfo($fn);
$t_result[0]['name'] = $pi['filename'] . ".png";
$t_result[0]['type'] = "image/png";
$t_result[0]['size'] = strlen($data);
$t_result[0]['tmp_name'] = $fn;
$t_result[0]['error'] = 0;
}
} else {
if (func_num_args() > 1) {
# check for a default passed in (allowing null)
$t_result = $p_default;
} else {
error_parameters($p_var_name);
trigger_error(ERROR_GPC_VAR_NOT_FOUND, ERROR);
}
}
}
return $t_result;
}
function email_queue_add($p_email_data)
{
$t_email_data = email_queue_prepare_db($p_email_data);
# email cannot be blank
if (is_blank($t_email_data->email)) {
error_parameters(lang_get('email'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# subject cannot be blank
if (is_blank($t_email_data->subject)) {
error_parameters(lang_get('subject'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
# body cannot be blank
if (is_blank($t_email_data->body)) {
error_parameters(lang_get('body'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_email_table = config_get('mantis_email_table');
$c_email = $t_email_data->email;
$c_subject = $t_email_data->subject;
$c_body = $t_email_data->body;
$c_metadata = serialize($t_email_data->metadata);
$query = "INSERT INTO {$t_email_table}\r\n\t\t\t\t ( email,\r\n\t\t\t\t subject,\r\n\t\t\t\t\t body,\r\n\t\t\t\t\t submitted,\r\n\t\t\t\t\t metadata)\r\n\t\t\t\t VALUES\r\n\t\t\t\t ( '{$c_email}',\r\n\t\t\t\t '{$c_subject}',\r\n\t\t\t\t '{$c_body}',\r\n\t\t\t\t\t " . db_now() . ",\r\n\t\t\t\t\t '{$c_metadata}'\r\n\t\t\t\t\t)";
db_query($query);
return db_insert_id($t_email_table);
}
function install() {
$result = extension_loaded("xmlreader") && extension_loaded("xmlwriter");
if ( ! $result ) {
#\todo returning false should trigger some error reporting, needs rethinking error_api
error_parameters( plugin_lang_get( 'error_no_xml' ) );
trigger_error( ERROR_PLUGIN_INSTALL_FAILED, ERROR );
}
return $result;
}
/**
* Ensure that the specified token name is unique to the user, otherwise,
* prompt the user with an error.
*
* @param string $p_token_name The token name.
* @param string $p_user_id The user id.
*/
function api_token_name_ensure_unique($p_token_name, $p_user_id)
{
$t_query = 'SELECT * FROM {api_token} WHERE user_id=' . db_param() . ' AND name=' . db_param();
$t_result = db_query($t_query, array($p_user_id, $p_token_name));
$t_row = db_fetch_array($t_result);
if ($t_row) {
error_parameters($p_token_name);
trigger_error(ERROR_API_TOKEN_NAME_NOT_UNIQUE, ERROR);
}
}
function get($p_name, $p_default = null)
{
if (isset($_SESSION[$p_name])) {
return unserialize($_SESSION[$p_name]);
}
if (func_num_args() > 1) {
return $p_default;
}
error_parameters($p_name);
trigger_error(ERROR_SESSION_VAR_NOT_FOUND, ERROR);
}
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier or ALL_PROJECTS.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
db_param_push();
if (ALL_PROJECTS != $p_project_id) {
access_ensure_project_level(config_get('view_bug_threshold'), $p_project_id);
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_ids = user_get_all_accessible_projects();
$t_project_where = ' AND b.project_id in (' . implode(', ', $t_project_ids) . ')';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.project_id project_id, c.name bug_category, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt, {category} c
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id AND c.id=b.category_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
$t_access_level_required = config_get('time_tracking_view_threshold');
while ($t_row = db_fetch_array($t_result)) {
if (!access_has_bugnote_level($t_access_level_required, $t_row['id'])) {
continue;
}
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
if (ALL_PROJECTS != $p_project_id) {
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_where = '';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
while ($t_row = db_fetch_array($t_result)) {
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
/**
* Returns an array of time tracking stats
* @param int $p_project_id project id
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @return array array of bugnote stats
* @access public
*/
function plugin_TimeTracking_stats_get_project_array($p_project_id, $p_from, $p_to)
{
$c_project_id = db_prepare_int($p_project_id);
$c_to = "'" . date("Y-m-d", strtotime("{$p_to}") + SECONDS_PER_DAY - 1) . "'";
$c_from = "'" . $p_from . "'";
//strtotime( $p_from )
if ($c_to === false || $c_from === false) {
error_parameters(array($p_form, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
$t_timereport_table = plugin_table('data', 'TimeTracking');
$t_bug_table = db_get_table('mantis_bug_table');
$t_user_table = db_get_table('mantis_user_table');
$t_project_table = db_get_table('mantis_project_table');
if (!is_blank($c_from)) {
$t_from_where = " AND expenditure_date >= {$c_from}";
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = " AND expenditure_date <= {$c_to}";
} else {
$t_to_where = '';
}
if (ALL_PROJECTS != $c_project_id) {
$t_project_where = " AND b.project_id = '{$c_project_id}' ";
} else {
$t_project_where = '';
}
if (!access_has_global_level(plugin_config_get('view_others_threshold'))) {
$t_user_id = auth_get_current_user_id();
$t_user_where = " AND user = '******' ";
} else {
$t_user_where = '';
}
$t_results = array();
$query = "SELECT u.username, p.name as project_name, bug_id, expenditure_date, hours, timestamp, info \nFROM {$t_timereport_table} tr, {$t_bug_table} b, {$t_user_table} u, {$t_project_table} p\nWHERE tr.bug_id=b.id and tr.user=u.id AND p.id = b.project_id\n{$t_project_where} {$t_from_where} {$t_to_where} {$t_user_where}\nORDER BY user, expenditure_date, bug_id";
$result = db_query($query);
while ($row = db_fetch_array($result)) {
$t_results[] = $row;
}
return $t_results;
}
/**
* Validates the action on the specified bug id.
*
* @returns true|array Action can be applied., ( bug_id => reason for failure )
*/
function action_add_note_validate($p_bug_id)
{
$f_bugnote_text = gpc_get_string('bugnote_text');
if (is_blank($f_bugnote_text)) {
error_parameters(lang_get('bugnote'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_failed_validation_ids = array();
$t_add_bugnote_threshold = config_get('add_bugnote_threshold');
$t_bug_id = $p_bug_id;
if (bug_is_readonly($t_bug_id)) {
$t_failed_validation_ids[$t_bug_id] = lang_get('actiongroup_error_issue_is_readonly');
return $t_failed_validation_ids;
}
if (!access_has_bug_level($t_add_bugnote_threshold, $t_bug_id)) {
$t_failed_validation_ids[$t_bug_id] = lang_get('access_denied');
return $t_failed_validation_ids;
}
return true;
}
/**
* Triggers an error if the current user is suspected to be a spammer.
* This should be run before actions like adding issues or issue notes. If the
* user is determined to demonstrate spammy behavior, this method will trigger an
* error and exit the script.
*/
function antispam_check()
{
if (OFF == config_get_global('allow_signup')) {
return;
}
if (access_get_global_level() > config_get('default_new_account_access_level')) {
return;
}
$t_antispam_max_event_count = config_get('antispam_max_event_count');
if ($t_antispam_max_event_count == 0) {
return;
}
# Make sure user has at least one more event to add before exceeding the limit, which will happen
# after this method returns.
$t_antispam_time_window_in_seconds = config_get('antispam_time_window_in_seconds');
if (history_count_user_recent_events($t_antispam_time_window_in_seconds) < $t_antispam_max_event_count) {
return;
}
error_parameters($t_antispam_max_event_count, $t_antispam_time_window_in_seconds);
trigger_error(ERROR_SPAM_SUSPECTED, ERROR);
}
function news_update($p_news_id, $p_project_id, $p_view_state, $p_announcement, $p_headline, $p_body)
{
$c_news_id = db_prepare_int($p_news_id);
$c_project_id = db_prepare_int($p_project_id);
$c_view_state = db_prepare_int($p_view_state);
$c_announcement = db_prepare_bool($p_announcement);
$c_headline = db_prepare_string($p_headline);
$c_body = db_prepare_string($p_body);
if (is_blank($c_headline)) {
error_parameters(lang_get('headline'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
if (is_blank($c_body)) {
error_parameters(lang_get('body'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_news_table = config_get('mantis_news_table');
# Update entry
$query = "UPDATE {$t_news_table}\n\t\t\t\t SET view_state='{$c_view_state}',\n\t\t\t\t\tannouncement='{$c_announcement}',\n\t\t\t\t\theadline='{$c_headline}',\n\t\t\t\t\tbody='{$c_body}',\n\t\t\t\t\tproject_id='{$c_project_id}',\n\t\t\t\t\tlast_modified= " . db_now() . "\n\t\t\t\t WHERE id='{$c_news_id}'";
db_query($query);
# db_query() errors on failure so:
return true;
}
}
}
$f_filter_target = gpc_get_string('filter_target');
$t_function_name = 'print_filter_' . utf8_substr($f_filter_target, 0, -7);
if (function_exists($t_function_name)) {
return_dynamic_filters_prepend_headers();
call_user_func($t_function_name);
} else {
if ('custom_field' == utf8_substr($f_filter_target, 0, 12)) {
# custom function
$t_custom_id = utf8_substr($f_filter_target, 13, -7);
return_dynamic_filters_prepend_headers();
print_filter_custom_field($t_custom_id);
} else {
$t_plugin_filters = filter_get_plugin_filters();
$t_found = false;
foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
if ($t_field_name . '_filter' == $f_filter_target) {
return_dynamic_filters_prepend_headers();
print_filter_plugin_field($t_field_name, $t_filter_object);
$t_found = true;
break;
}
}
if (!$t_found) {
# error - no function to populate the target (e.g., print_filter_foo)
error_parameters($f_filter_target);
trigger_error(ERROR_FILTER_NOT_FOUND, ERROR);
}
}
}
/**
* Create or update repository data.
* Creates database row if $this->id is zero, updates an existing row otherwise.
*/
function save()
{
if (is_blank($this->type) || is_blank($this->name)) {
if (is_blank($this->type)) {
error_parameters(plugin_lang_get('type'));
} else {
error_parameters(plugin_lang_get('name'));
}
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
$t_repo_table = plugin_table('repository', 'Source');
if (0 == $this->id) {
# create
$t_query = "INSERT INTO {$t_repo_table} ( type, name, url, info ) VALUES ( " . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ' )';
db_query_bound($t_query, array($this->type, $this->name, $this->url, serialize($this->info)));
$this->id = db_insert_id($t_repo_table);
} else {
# update
$t_query = "UPDATE {$t_repo_table} SET type=" . db_param() . ', name=' . db_param() . ', url=' . db_param() . ', info=' . db_param() . ' WHERE id=' . db_param();
db_query_bound($t_query, array($this->type, $this->name, $this->url, serialize($this->info), $this->id));
}
foreach ($this->mappings as $t_mapping) {
$t_mapping->save();
}
}
public function process(XMLreader $reader)
{
//print "\nImportIssue process()\n";
$t_project_id = helper_get_current_project();
// TODO: category_get_id_by_name could work by default on current project
$userId = auth_get_current_user_id();
$t_custom_fields = array();
$t_bugnotes = array();
$t_attachments = array();
$depth = $reader->depth;
while ($reader->read() && ($reader->depth > $depth || $reader->nodeType != XMLReader::END_ELEMENT)) {
if ($reader->nodeType == XMLReader::ELEMENT) {
switch ($reader->localName) {
case 'reporter':
$t_old_id = $reader->getAttribute('id');
$reader->read();
$this->newbug_->reporter_id = $this->get_user_id($reader->value, $userId);
//echo "reporter: old id = $t_old_id - new id = {$this->newbug_->reporter_id}\n";
break;
case 'handler':
$t_old_id = $reader->getAttribute('id');
$reader->read();
$this->newbug_->handler_id = $this->get_user_id($reader->value, $userId);
//echo "handler: old id = $t_old_id - new id = {$this->newbug_->handler_id}\n";
break;
case 'category':
$this->newbug_->category_id = $this->defaultCategory_;
if (version_compare(MANTIS_VERSION, '1.2', '>') === true) {
$reader->read();
if ($this->keepCategory_) {
# Check for the category's existence in the current project
# well as its parents (if any)
$t_projects_hierarchy = project_hierarchy_inheritance($t_project_id);
foreach ($t_projects_hierarchy as $t_project) {
$t_category_id = category_get_id_by_name($reader->value, $t_project, false);
if ($t_category_id !== false) {
$this->newbug_->category_id = $t_category_id;
break;
}
}
}
// echo "new id = {$this->newbug_->category_id}\n";
}
break;
case 'eta':
case 'priority':
case 'projection':
case 'reproducibility':
case 'resolution':
case 'severity':
case 'status':
case 'view_state':
$t_field = $reader->localName;
$t_id = $reader->getAttribute('id');
$reader->read();
$t_value = $reader->value;
// Here we assume ids have the same meaning in both installations
// TODO add a check for customized values
$this->newbug_->{$t_field} = $t_id;
break;
case 'id':
$reader->read();
$this->old_id_ = $reader->value;
break;
case 'project':
// ignore original value, use current project
$this->newbug_->project_id = $t_project_id;
break;
case 'custom_fields':
// store custom fields
$i = -1;
$depth_cf = $reader->depth;
while ($reader->read() && ($reader->depth > $depth_cf || $reader->nodeType != XMLReader::END_ELEMENT)) {
if ($reader->nodeType == XMLReader::ELEMENT) {
if ($reader->localName == 'custom_field') {
$t_custom_fields[++$i] = new stdClass();
}
switch ($reader->localName) {
default:
$field = $reader->localName;
$reader->read();
$t_custom_fields[$i]->{$field} = $reader->value;
}
}
}
break;
case 'bugnotes':
// store bug notes
$i = -1;
$depth_bn = $reader->depth;
while ($reader->read() && ($reader->depth > $depth_bn || $reader->nodeType != XMLReader::END_ELEMENT)) {
if ($reader->nodeType == XMLReader::ELEMENT) {
if ($reader->localName == 'bugnote') {
$t_bugnotes[++$i] = new stdClass();
}
switch ($reader->localName) {
case 'reporter':
$t_old_id = $reader->getAttribute('id');
$reader->read();
$t_bugnotes[$i]->reporter_id = $this->get_user_id($reader->value, $userId);
break;
case 'view_state':
$t_old_id = $reader->getAttribute('id');
$reader->read();
$t_bugnotes[$i]->private = $reader->value == VS_PRIVATE ? true : false;
break;
default:
$field = $reader->localName;
$reader->read();
$t_bugnotes[$i]->{$field} = $reader->value;
}
}
}
break;
case 'attachments':
// store attachments
$i = -1;
$depth_att = $reader->depth;
while ($reader->read() && ($reader->depth > $depth_att || $reader->nodeType != XMLReader::END_ELEMENT)) {
if ($reader->nodeType == XMLReader::ELEMENT) {
if ($reader->localName == 'attachment') {
$t_attachments[++$i] = new stdClass();
}
switch ($reader->localName) {
default:
$field = $reader->localName;
$reader->read();
$t_attachments[$i]->{$field} = $reader->value;
}
}
}
break;
default:
$field = $reader->localName;
//echo "using default handler for field: $field\n";
$reader->read();
$this->newbug_->{$field} = $reader->value;
}
}
}
// now save the new bug
$this->new_id_ = $this->newbug_->create();
// add custom fields
if ($this->new_id_ > 0 && is_array($t_custom_fields) && count($t_custom_fields) > 0) {
foreach ($t_custom_fields as $t_custom_field) {
$t_custom_field_id = custom_field_get_id_from_name($t_custom_field->name);
if (custom_field_ensure_exists($t_custom_field_id) && custom_field_is_linked($t_custom_field_id, $t_project_id)) {
custom_field_set_value($t_custom_field->id, $this->new_id_, $t_custom_field->value);
} else {
error_parameters($t_custom_field->name, $t_custom_field_id);
trigger_error(ERROR_CUSTOM_FIELD_NOT_LINKED_TO_PROJECT, ERROR);
}
}
}
// add bugnotes
if ($this->new_id_ > 0 && is_array($t_bugnotes) && count($t_bugnotes) > 0) {
foreach ($t_bugnotes as $t_bugnote) {
bugnote_add($this->new_id_, $t_bugnote->note, $t_bugnote->time_tracking, $t_bugnote->private, $t_bugnote->note_type, $t_bugnote->note_attr, $t_bugnote->reporter_id, false, $t_bugnote->date_submitted, $t_bugnote->last_modified, true);
}
}
// add attachments
if ($this->new_id_ > 0 && is_array($t_attachments) && count($t_attachments) > 0) {
foreach ($t_attachments as $t_attachment) {
// Create a temporary file in the temporary files directory using sys_get_temp_dir()
$temp_file_name = tempnam(sys_get_temp_dir(), 'MantisImport');
file_put_contents($temp_file_name, base64_decode($t_attachment->content));
$file_data = array('name' => $t_attachment->filename, 'type' => $t_attachment->file_type, 'tmp_name' => $temp_file_name, 'size' => filesize($temp_file_name), 'error' => UPLOAD_ERR_OK);
// unfortunately we have no clue who has added the attachment (this could only be fetched from history -> feel free to implement this)
// also I have no clue where description should come from...
file_add($this->new_id_, $file_data, 'bug', $t_attachment->title, $p_desc = '', $p_user_id = null, $t_attachment->date_added, true);
unlink($temp_file_name);
}
}
//echo "\nnew bug: $this->new_id_\n";
}
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'bug_api.php';
require_once 'bugnote_api.php';
form_security_validate('bugnote_add');
$f_bug_id = gpc_get_int('bug_id');
$f_private = gpc_get_bool('private');
$f_time_tracking = gpc_get_string('time_tracking', '0:00');
$f_bugnote_text = trim(gpc_get_string('bugnote_text', ''));
$t_bug = bug_get($f_bug_id, true);
if ($t_bug->project_id != helper_get_current_project()) {
# in case the current project is not the same project of the bug we are viewing...
# ... override the current project. This to avoid problems with categories and handlers lists etc.
$g_project_override = $t_bug->project_id;
}
if (bug_is_readonly($f_bug_id)) {
error_parameters($f_bug_id);
trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
access_ensure_bug_level(config_get('add_bugnote_threshold'), $f_bug_id);
// We always set the note time to BUGNOTE, and the API will overwrite it with TIME_TRACKING
// if $f_time_tracking is not 0 and the time tracking feature is enabled.
$t_bugnote_id = bugnote_add($f_bug_id, $f_bugnote_text, $f_time_tracking, $f_private, BUGNOTE);
if (!$t_bugnote_id) {
error_parameters(lang_get('bugnote'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
form_security_purge('bugnote_add');
print_successful_redirect_to_bug($f_bug_id);
/**
* Checks an array of columns for duplicate or invalid fields.
*
* @param string $p_field_name - The logic name of the array being validated. Used when triggering errors.
* @param array $p_columns_to_validate - The array of columns to validate.
* @param array $p_columns_all - The list of all valid columns.
* @return bool
* @access public
*/
function columns_ensure_valid($p_field_name, $p_columns_to_validate, $p_columns_all)
{
$t_columns_all_lower = array_map('utf8_strtolower', $p_columns_all);
# Check for invalid fields
foreach ($p_columns_to_validate as $t_column) {
if (!in_array(utf8_strtolower($t_column), $t_columns_all_lower)) {
error_parameters($p_field_name, $t_column);
trigger_error(ERROR_COLUMNS_INVALID, ERROR);
return false;
}
}
# Check for duplicate fields
$t_columns_no_duplicates = array();
foreach ($p_columns_to_validate as $t_column) {
$t_column_lower = utf8_strtolower($t_column);
if (in_array($t_column, $t_columns_no_duplicates)) {
error_parameters($p_field_name, $t_column);
trigger_error(ERROR_COLUMNS_DUPLICATE, ERROR);
} else {
$t_columns_no_duplicates[] = $t_column_lower;
}
}
return true;
}
function gpc_get_file($p_var_name, $p_default = null)
{
# simulate auto-globals from PHP v4.1.0 (see also code in php_api.php)
if (!php_version_at_least('4.1.0')) {
global $_FILES;
}
if (isset($_FILES[$p_var_name])) {
# FILES are not escaped even if magic_quotes is ON, this applies to Windows paths.
$t_result = $_FILES[$p_var_name];
} else {
if (func_num_args() > 1) {
#check for a default passed in (allowing null)
$t_result = $p_default;
} else {
error_parameters($p_var_name);
trigger_error(ERROR_GPC_VAR_NOT_FOUND, ERROR);
}
}
return $t_result;
}
function user_get_field($p_user_id, $p_field_name)
{
if (NO_USER == $p_user_id) {
trigger_error('user_get_field() for NO_USER', WARNING);
return "@null@";
}
$row = user_get_row($p_user_id);
if (isset($row[$p_field_name])) {
return $row[$p_field_name];
} else {
error_parameters($p_field_name);
trigger_error(ERROR_DB_FIELD_NOT_FOUND, WARNING);
return '';
}
}
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
if ($f_project_id == ALL_PROJECTS) {
access_ensure_global_level(config_get('set_configuration_threshold'));
} else {
access_ensure_project_level(config_get('set_configuration_threshold'), $f_project_id);
}
# make sure that configuration option specified is a valid one.
$t_not_found_value = '***CONFIG OPTION NOT FOUND***';
if (config_get_global($f_config_option, $t_not_found_value) === $t_not_found_value) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_NOT_FOUND, ERROR);
}
# make sure that configuration option specified can be stored in the database
if (!config_can_set_in_database($f_config_option)) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_CANT_BE_SET_IN_DB, ERROR);
}
if ($f_type === 'default') {
$t_config_global_value = config_get_global($f_config_option);
if (is_string($t_config_global_value)) {
$t_type = 'string';
} else {
if (is_int($t_config_global_value)) {
$t_type = 'integer';
} else {
# note that we consider bool and float as complex. We use ON/OFF for bools which map to numeric.
$t_type = 'complex';
}
}
} else {
/**
* Cache a filter row if necessary and return the cached copy
* If the second parameter is true (default), trigger an error
* if the filter can't be found. If the second parameter is
* false, return false if the filter can't be found.
* @param integer $p_filter_id A filter identifier to retrieve.
* @param boolean $p_trigger_errors Whether to trigger an error if the filter is not found.
* @return array|boolean
*/
function filter_cache_row($p_filter_id, $p_trigger_errors = true)
{
global $g_cache_filter;
if (isset($g_cache_filter[$p_filter_id])) {
return $g_cache_filter[$p_filter_id];
}
$t_query = 'SELECT * FROM {filters} WHERE id=' . db_param();
$t_result = db_query($t_query, array($p_filter_id));
$t_row = db_fetch_array($t_result);
if (!$t_row) {
if ($p_trigger_errors) {
error_parameters($p_filter_id);
trigger_error(ERROR_FILTER_NOT_FOUND, ERROR);
} else {
return false;
}
}
$g_cache_filter[$p_filter_id] = $t_row;
return $t_row;
}
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('profile_api.php');
require_api('project_api.php');
require_api('relationship_api.php');
require_api('string_api.php');
require_api('utility_api.php');
require_api('version_api.php');
$f_master_bug_id = gpc_get_int('m_id', 0);
if ($f_master_bug_id > 0) {
# master bug exists...
bug_ensure_exists($f_master_bug_id);
# master bug is not read-only...
if (bug_is_readonly($f_master_bug_id)) {
error_parameters($f_master_bug_id);
trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
$t_bug = bug_get($f_master_bug_id, true);
#@@@ (thraxisp) Note that the master bug is cloned into the same project as the master, independent of
# what the current project is set to.
if ($t_bug->project_id != helper_get_current_project()) {
# in case the current project is not the same project of the bug we are viewing...
# ... override the current project. This to avoid problems with categories and handlers lists etc.
$g_project_override = $t_bug->project_id;
$t_changed_project = true;
} else {
$t_changed_project = false;
}
access_ensure_project_level(config_get('report_bug_threshold'));
$f_build = $t_bug->build;
/**
* Return the specified preference field for the user id
* If the preference can't be found try to return a defined default
* If that fails, trigger a WARNING and return ''
* @param int $p_user_id
* @param string $p_pref_name
* @param int $p_project_id
* @return string
*/
function user_pref_get_pref( $p_user_id, $p_pref_name, $p_project_id = ALL_PROJECTS ) {
static $t_vars;
$t_prefs = user_pref_get( $p_user_id, $p_project_id );
if ($t_vars == null ) {
$t_reflection = new ReflectionClass('UserPreferences');
$t_vars = $t_reflection->getDefaultProperties();
}
if( in_array( $p_pref_name, array_keys( $t_vars ), true ) ) {
return $t_prefs->Get( $p_pref_name );
} else {
error_parameters( $p_pref_name );
trigger_error( ERROR_DB_FIELD_NOT_FOUND, WARNING );
return '';
}
}
/**
* MantisBT Core API's
*/
require_once 'core.php';
auth_reauthenticate();
access_ensure_global_level(config_get('manage_user_threshold'));
$f_username = gpc_get_string('username', '');
if (is_blank($f_username)) {
$t_user_id = gpc_get_int('user_id');
} else {
$t_user_id = user_get_id_by_name($f_username);
if ($t_user_id === false) {
# If we can't find the user by name, attempt to find by email.
$t_user_id = user_get_id_by_email($f_username);
if ($t_user_id === false) {
error_parameters($f_username);
trigger_error(ERROR_USER_BY_NAME_NOT_FOUND, ERROR);
}
}
}
$t_user = user_get_row($t_user_id);
# Ensure that the account to be updated is of equal or lower access to the
# current user.
access_ensure_global_level($t_user['access_level']);
$t_ldap = LDAP == config_get('login_method');
html_page_top();
print_manage_menu();
?>
<br />
/**
* get database table name
* @return string containing full database table name
*/
function db_get_table($p_option)
{
if (isset($GLOBALS['g_db_table'][$p_option])) {
$t_value = config_eval($GLOBALS['g_db_table'][$p_option]);
if ($t_value !== $GLOBALS['g_db_table'][$p_option]) {
$GLOBALS['g_db_table'][$p_option] = $t_value;
}
return $t_value;
} else {
error_parameters($p_option);
trigger_error(ERROR_CONFIG_OPT_NOT_FOUND, WARNING);
}
}
$t_file['tmp_name'] = $f_files['tmp_name'][$i];
$t_file['type'] = $f_files['type'][$i];
$t_file['error'] = $f_files['error'][$i];
$t_file['size'] = $f_files['size'][$i];
file_add($t_bug_id, $t_file, 'bug');
}
}
# Handle custom field submission
foreach ($t_related_custom_field_ids as $t_id) {
# Do not set custom field value if user has no write access
if (!custom_field_has_write_access($t_id, $t_bug_id)) {
continue;
}
$t_def = custom_field_get_definition($t_id);
if (!custom_field_set_value($t_id, $t_bug_id, gpc_get_custom_field("custom_field_{$t_id}", $t_def['type'], $t_def['default_value']), false)) {
error_parameters(lang_get_defaulted(custom_field_get_field($t_id, 'name')));
trigger_error(ERROR_CUSTOM_FIELD_INVALID_VALUE, ERROR);
}
}
$f_master_bug_id = gpc_get_int('m_id', 0);
$f_rel_type = gpc_get_int('rel_type', -1);
if ($f_master_bug_id > 0) {
# it's a child generation... let's create the relationship and add some lines in the history
# update master bug last updated
bug_update_date($f_master_bug_id);
# Add log line to record the cloning action
history_log_event_special($t_bug_id, BUG_CREATED_FROM, '', $f_master_bug_id);
history_log_event_special($f_master_bug_id, BUG_CLONED_TO, '', $t_bug_id);
if ($f_rel_type >= 0) {
# Add the relationship
relationship_add($t_bug_id, $f_master_bug_id, $f_rel_type);
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'profile_api.php';
form_security_validate('profile_update');
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
$f_action = gpc_get_string('action');
if ($f_action != 'add') {
$f_profile_id = gpc_get_int('profile_id');
# Make sure user did select an existing profile from the list
if ($f_action != 'make_default' && $f_profile_id == 0) {
error_parameters(lang_get('select_profile'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
}
switch ($f_action) {
case 'edit':
form_security_purge('profile_update');
print_header_redirect('account_prof_edit_page.php?profile_id=' . $f_profile_id);
break;
case 'add':
$f_platform = gpc_get_string('platform');
$f_os = gpc_get_string('os');
$f_os_build = gpc_get_string('os_build');
$f_description = gpc_get_string('description');
$t_user_id = gpc_get_int('user_id');
if (ALL_USERS != $t_user_id) {
require_api('error_api.php');
require_api('event_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
require_api('string_api.php');
form_security_validate('bugnote_update');
$f_bugnote_id = gpc_get_int('bugnote_id');
$f_bugnote_text = gpc_get_string('bugnote_text', '');
$f_time_tracking = gpc_get_string('time_tracking', '0:00');
# Check if the current user is allowed to edit the bugnote
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field($f_bugnote_id, 'reporter_id');
if ($t_user_id == $t_reporter_id) {
access_ensure_bugnote_level(config_get('bugnote_user_edit_threshold'), $f_bugnote_id);
} else {
access_ensure_bugnote_level(config_get('update_bugnote_threshold'), $f_bugnote_id);
}
# Check if the bug is readonly
$t_bug_id = bugnote_get_field($f_bugnote_id, 'bug_id');
if (bug_is_readonly($t_bug_id)) {
error_parameters($t_bug_id);
trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
$f_bugnote_text = trim($f_bugnote_text) . "\n\n";
bugnote_set_text($f_bugnote_id, $f_bugnote_text);
bugnote_set_time_tracking($f_bugnote_id, $f_time_tracking);
# Plugin integration
event_signal('EVENT_BUGNOTE_EDIT', array($t_bug_id, $f_bugnote_id));
form_security_purge('bugnote_update');
print_successful_redirect(string_get_bug_view_url($t_bug_id) . '#bugnotes');
/**
* Retrieves an internationalized string
* This function will return one of (in order of preference):
* 1. The string in the current user's preferred language (if defined)
* 2. The string in English
* @param string $p_string
* @param string $p_lang
* @return string
*/
function lang_get($p_string, $p_lang = null)
{
global $g_lang_strings;
# If no specific language is requested, we'll
# try to determine the language from the users
# preferences
$t_lang = $p_lang;
if (null === $t_lang) {
$t_lang = lang_get_current();
}
// Now we'll make sure that the requested language is loaded
lang_ensure_loaded($t_lang);
# note in the current implementation we always return the same value
# because we don't have a concept of falling back on a language. The
# language files actually *contain* English strings if none has been
# defined in the correct language
# @todo thraxisp - not sure if this is still true. Strings from last language loaded
# may still be in memeory if a new language is loaded.
if (lang_exists($p_string, $t_lang)) {
return $g_lang_strings[$t_lang][$p_string];
} else {
$t_plugin_current = plugin_get_current();
if (!is_null($t_plugin_current)) {
lang_load($t_lang, config_get('plugin_path') . $t_plugin_current . DIRECTORY_SEPARATOR . 'lang' . DIRECTORY_SEPARATOR);
if (lang_exists($p_string, $t_lang)) {
return $g_lang_strings[$t_lang][$p_string];
}
}
if ($t_lang == 'english') {
error_parameters($p_string);
trigger_error(ERROR_LANG_STRING_NOT_FOUND, WARNING);
return '';
} else {
# if string is not found in a language other than english, then retry using the english language.
return lang_get($p_string, 'english');
}
}
}
/**
* return the specified user field for the user id
*
* @param integer $p_user_id A valid user identifier.
* @param string $p_field_name The field name to retrieve.
* @return string
*/
function user_get_field($p_user_id, $p_field_name)
{
if (NO_USER == $p_user_id) {
error_parameters(NO_USER);
trigger_error(ERROR_USER_BY_ID_NOT_FOUND, WARNING);
return '@null@';
}
$t_row = user_get_row($p_user_id);
if (isset($t_row[$p_field_name])) {
switch ($p_field_name) {
case 'access_level':
return (int) $t_row[$p_field_name];
default:
return $t_row[$p_field_name];
}
} else {
error_parameters($p_field_name);
trigger_error(ERROR_DB_FIELD_NOT_FOUND, WARNING);
return '';
}
}
