function custom_field_update($p_field_id, $p_def_array) { if (string_contains_scripting_chars($p_def_array['name'])) { trigger_error(ERROR_CUSTOM_FIELD_INVALID_DEFINITION, ERROR); } $c_field_id = db_prepare_int($p_field_id); $c_name = db_prepare_string(trim($p_def_array['name'])); $c_type = db_prepare_int($p_def_array['type']); $c_possible_values = db_prepare_string($p_def_array['possible_values']); $c_default_value = db_prepare_string($p_def_array['default_value']); $c_valid_regexp = db_prepare_string($p_def_array['valid_regexp']); $c_access_level_r = db_prepare_int($p_def_array['access_level_r']); $c_access_level_rw = db_prepare_int($p_def_array['access_level_rw']); $c_length_min = db_prepare_int($p_def_array['length_min']); $c_length_max = db_prepare_int($p_def_array['length_max']); $c_advanced = db_prepare_bool($p_def_array['advanced']); $c_display_report = db_prepare_bool($p_def_array['display_report']); $c_display_update = db_prepare_bool($p_def_array['display_update']); $c_display_resolved = db_prepare_bool($p_def_array['display_resolved']); $c_display_closed = db_prepare_bool($p_def_array['display_closed']); $c_require_report = db_prepare_bool($p_def_array['require_report']); $c_require_update = db_prepare_bool($p_def_array['require_update']); $c_require_resolved = db_prepare_bool($p_def_array['require_resolved']); $c_require_closed = db_prepare_bool($p_def_array['require_closed']); if (is_blank($c_name)) { error_parameters('name'); trigger_error(ERROR_EMPTY_FIELD, ERROR); } if ($c_access_level_rw < $c_access_level_r || $c_length_min < 0 || $c_length_max != 0 && $c_length_min > $c_length_max) { trigger_error(ERROR_CUSTOM_FIELD_INVALID_DEFINITION, ERROR); } if ($c_advanced == true && ($c_require_report == true || $c_require_update)) { trigger_error(ERROR_CUSTOM_FIELD_INVALID_DEFINITION, ERROR); } if (!custom_field_is_name_unique($c_name, $c_field_id)) { trigger_error(ERROR_CUSTOM_FIELD_NAME_NOT_UNIQUE, ERROR); } $t_update_something = false; $t_mantis_custom_field_table = config_get('mantis_custom_field_table'); $query = "UPDATE {$t_mantis_custom_field_table}\r\n\t\t\t\t SET "; if (array_key_exists('name', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "name='{$c_name}'"; } if (array_key_exists('type', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "type='{$c_type}'"; } if (array_key_exists('possible_values', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "possible_values='{$c_possible_values}'"; } if (array_key_exists('default_value', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "default_value='{$c_default_value}'"; } if (array_key_exists('valid_regexp', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "valid_regexp='{$c_valid_regexp}'"; } if (array_key_exists('access_level_r', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "access_level_r='{$c_access_level_r}'"; } if (array_key_exists('access_level_rw', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "access_level_rw='{$c_access_level_rw}'"; } if (array_key_exists('length_min', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "length_min='{$c_length_min}'"; } if (array_key_exists('length_max', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "length_max='{$c_length_max}'"; } if (array_key_exists('advanced', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "advanced='{$c_advanced}'"; } if (array_key_exists('display_report', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "display_report='{$c_display_report}'"; } if (array_key_exists('display_update', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "display_update='{$c_display_update}'"; } if (array_key_exists('display_resolved', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "display_resolved='{$c_display_resolved}'"; } if (array_key_exists('display_closed', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "display_closed='{$c_display_closed}'"; } if (array_key_exists('require_report', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "require_report='{$c_require_report}'"; } if (array_key_exists('require_update', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "require_update='{$c_require_update}'"; } if (array_key_exists('require_resolved', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "require_resolved='{$c_require_resolved}'"; } if (array_key_exists('require_closed', $p_def_array)) { if (!$t_update_something) { $t_update_something = true; } else { $query .= ', '; } $query .= "require_closed='{$c_require_closed}'"; } $query .= " WHERE id='{$c_field_id}'"; if ($t_update_something) { db_query($query); custom_field_clear_cache($p_field_id); } else { return false; # there is nothing to update... } # db_query() errors on failure so: return true; }
function user_is_realname_valid($p_realname) { return !string_contains_scripting_chars($p_realname); }
/** * Update the field definition * return true on success, false on failure * @param int $p_field_id custom field id * @param array custom field definition * @return bool * @access public */ function custom_field_update($p_field_id, $p_def_array) { if (string_contains_scripting_chars($p_def_array['name'])) { error_parameters(lang_get('custom_field_name')); trigger_error(ERROR_CUSTOM_FIELD_INVALID_PROPERTY, ERROR); } if (is_blank($p_def_array['name'])) { error_parameters('name'); trigger_error(ERROR_EMPTY_FIELD, ERROR); } if ($p_def_array['access_level_rw'] < $p_def_array['access_level_r']) { error_parameters(lang_get('custom_field_access_level_r') . ', ' . lang_get('custom_field_access_level_rw')); trigger_error(ERROR_CUSTOM_FIELD_INVALID_PROPERTY, ERROR); } if ($p_def_array['length_min'] < 0 || $p_def_array['length_max'] != 0 && $p_def_array['length_min'] > $p_def_array['length_max']) { error_parameters(lang_get('custom_field_length_min') . ', ' . lang_get('custom_field_length_max')); trigger_error(ERROR_CUSTOM_FIELD_INVALID_PROPERTY, ERROR); } if (!custom_field_is_name_unique($p_def_array['name'], $p_field_id)) { trigger_error(ERROR_CUSTOM_FIELD_NAME_NOT_UNIQUE, ERROR); } # Build fields update statement $t_update = ''; foreach ($p_def_array as $field => $value) { $t_update .= "{$field} = " . db_param() . ', '; $t_params[] = is_bool($value) ? db_prepare_bool($value) : $value; } # If there are fields to update, execute SQL if ($t_update !== '') { $t_mantis_custom_field_table = db_get_table('mantis_custom_field_table'); $t_query = "\n\t\t\tUPDATE {$t_mantis_custom_field_table}\n\t\t\tSET " . rtrim($t_update, ', ') . "\n\t\t\tWHERE id = " . db_param(); $t_params[] = $p_field_id; db_query_bound($t_query, $t_params); custom_field_clear_cache($p_field_id); # db_query errors on failure so: return true; } return false; }