public function get($request)
{
/**
* Returns the Response with a list of bug URIs.
*
* @param $request - The Request we're responding to
*/
$visible_project_ids = user_get_accessible_projects(auth_get_current_user_id(), TRUE);
# Now we construct a query to figure out which of these bugs matches the conditions
# we got from the query string, and order them correctly.
$sql_to_add = $this->_build_sql_from_querystring($request->query);
$bug_ids = array();
$mantis_bug_table = config_get('mantis_bug_table');
$query = "SELECT b.id, b.project_id FROM {$mantis_bug_table} b {$sql_to_add};";
$result = db_query($query);
# This loop takes care of both the filtering and the sorting.
foreach ($result as $r) {
if (in_array($r[1], $visible_project_ids)) {
$bug_ids[] = $r[0];
}
}
$this->rsrc_data['results'] = array();
foreach ($bug_ids as $id) {
$this->rsrc_data['results'][] = Bug::get_url_from_mantis_id($id);
}
$resp = new Response();
$resp->status = 200;
$resp->body = $this->_repr($request);
return $resp;
}
/**
* Get set of bug rows from given filter
* @todo Had to make all these parameters required because we can't use call-time pass by reference anymore.
* I really preferred not having to pass all the params in if you didn't want to, but I wanted to get
* rid of the errors for now. If we can think of a better way later (maybe return an object) that would be great.
*
* @param integer &$p_page_number Page number of the page you want to see (set to the actual page on return).
* @param integer &$p_per_page The number of bugs to see per page (set to actual on return)
* -1 indicates you want to see all bugs
* null indicates you want to use the value specified in the filter.
* @param integer &$p_page_count You don't need to give a value here, the number of pages will be stored here on return.
* @param integer &$p_bug_count You don't need to give a value here, the number of bugs will be stored here on return.
* @param mixed $p_custom_filter Custom Filter to use.
* @param integer $p_project_id Project id to use in filtering.
* @param integer $p_user_id User id to use as current user when filtering.
* @param boolean $p_show_sticky True/false - get sticky issues only.
* @return boolean|array
*/
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
log_event(LOG_FILTERING, 'START NEW FILTER QUERY');
$t_limit_reporters = config_get('limit_reporters');
$t_report_bug_threshold = config_get('report_bug_threshold');
$t_where_param_count = 0;
$t_current_user_id = auth_get_current_user_id();
if ($p_user_id === null || $p_user_id === 0) {
$t_user_id = $t_current_user_id;
} else {
$t_user_id = $p_user_id;
}
$c_user_id = (int) $t_user_id;
if (null === $p_project_id) {
# @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
$t_project_id = helper_get_current_project();
} else {
$t_project_id = $p_project_id;
}
if ($p_custom_filter === null) {
# Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
# cookies set by previous version of the code.
if ($t_user_id == $t_current_user_id) {
$t_filter = current_user_get_bug_filter();
} else {
$t_filter = user_get_bug_filter($t_user_id, $t_project_id);
}
} else {
$t_filter = $p_custom_filter;
}
# if filter isn't return above, create a new filter from an empty array.
if (false === $t_filter) {
$t_filter = array();
}
$t_filter = filter_ensure_valid_filter($t_filter);
$t_view_type = $t_filter['_view_type'];
# project query clauses must be AND-ed always, irrespective of how the filter
# clauses are requested by the user ( all matching -> AND, any matching -> OR )
$t_where_clauses = array();
$t_project_where_clauses = array('{project}.enabled = ' . db_param());
$t_where_params = array(1);
$t_select_clauses = array('{bug}.*');
$t_from_clauses = array('{bug}');
$t_join_clauses = array(' JOIN {project} ON {project}.id = {bug}.project_id');
# normalize the project filtering into an array $t_project_ids
if ('simple' == $t_view_type) {
log_event(LOG_FILTERING, 'Simple Filter');
$t_project_ids = array($t_project_id);
$t_include_sub_projects = true;
} else {
log_event(LOG_FILTERING, 'Advanced Filter');
if (!is_array($t_filter[FILTER_PROPERTY_PROJECT_ID])) {
$t_project_ids = array((int) $t_filter[FILTER_PROPERTY_PROJECT_ID]);
} else {
$t_project_ids = array_map('intval', $t_filter[FILTER_PROPERTY_PROJECT_ID]);
}
$t_include_sub_projects = count($t_project_ids) == 1 && ($t_project_ids[0] == META_FILTER_CURRENT || $t_project_ids[0] == ALL_PROJECTS);
}
log_event(LOG_FILTERING, 'project_ids = @P' . implode(', @P', $t_project_ids));
log_event(LOG_FILTERING, 'include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
# if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
# replace META_FILTER_CURRENT with the actualy current project id.
$t_all_projects_found = false;
$t_new_project_ids = array();
foreach ($t_project_ids as $t_pid) {
if ($t_pid == META_FILTER_CURRENT) {
$t_pid = $t_project_id;
}
if ($t_pid == ALL_PROJECTS) {
$t_all_projects_found = true;
log_event(LOG_FILTERING, 'all projects selected');
break;
}
# filter out inaccessible projects.
if (!project_exists($t_pid) || !access_has_project_level(config_get('view_bug_threshold', null, $t_user_id, $t_pid), $t_pid, $t_user_id)) {
log_event(LOG_FILTERING, 'Invalid or inaccessible project: ' . $t_pid);
continue;
}
$t_new_project_ids[] = $t_pid;
}
$t_projects_query_required = true;
if ($t_all_projects_found) {
if (user_is_administrator($t_user_id)) {
log_event(LOG_FILTERING, 'all projects + administrator, hence no project filter.');
$t_projects_query_required = false;
} else {
$t_project_ids = user_get_accessible_projects($t_user_id);
}
} else {
$t_project_ids = $t_new_project_ids;
}
if ($t_projects_query_required) {
# expand project ids to include sub-projects
if ($t_include_sub_projects) {
$t_top_project_ids = $t_project_ids;
foreach ($t_top_project_ids as $t_pid) {
log_event(LOG_FILTERING, 'Getting sub-projects for project id @P' . $t_pid);
$t_subproject_ids = user_get_all_accessible_subprojects($t_user_id, $t_pid);
if (!$t_subproject_ids) {
continue;
}
$t_project_ids = array_merge($t_project_ids, $t_subproject_ids);
}
$t_project_ids = array_unique($t_project_ids);
}
# if no projects are accessible, then return an empty array.
if (count($t_project_ids) == 0) {
log_event(LOG_FILTERING, 'no accessible projects');
return array();
}
log_event(LOG_FILTERING, 'project_ids after including sub-projects = @P' . implode(', @P', $t_project_ids));
# this array is to be populated with project ids for which we only want to show public issues. This is due to the limited
# access of the current user.
$t_public_only_project_ids = array();
# this array is populated with project ids that the current user has full access to.
$t_private_and_public_project_ids = array();
$t_limited_projects = array();
foreach ($t_project_ids as $t_pid) {
# limit reporters to visible projects
if (ON === $t_limit_reporters && !access_has_project_level(config_get('report_bug_threshold', null, $t_user_id, $t_pid) + 1, $t_pid, $t_user_id)) {
array_push($t_limited_projects, '({bug}.project_id=' . $t_pid . ' AND ({bug}.reporter_id=' . $t_user_id . ') )');
} else {
$t_access_required_to_view_private_bugs = config_get('private_bug_threshold', null, null, $t_pid);
if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
$t_private_and_public_project_ids[] = $t_pid;
} else {
$t_public_only_project_ids[] = $t_pid;
}
}
}
log_event(LOG_FILTERING, 'project_ids (with public/private access) = @P' . implode(', @P', $t_private_and_public_project_ids));
log_event(LOG_FILTERING, 'project_ids (with public access) = @P' . implode(', @P', $t_public_only_project_ids));
$t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
if ($t_count_private_and_public_project_ids == 1) {
$t_private_and_public_query = '( {bug}.project_id = ' . $t_private_and_public_project_ids[0] . ' )';
} else {
if ($t_count_private_and_public_project_ids > 1) {
$t_private_and_public_query = '( {bug}.project_id in (' . implode(', ', $t_private_and_public_project_ids) . ') )';
} else {
$t_private_and_public_query = null;
}
}
$t_count_public_only_project_ids = count($t_public_only_project_ids);
$t_public_view_state_check = '( ( {bug}.view_state = ' . VS_PUBLIC . ' ) OR ( {bug}.reporter_id = ' . $t_user_id . ') )';
if ($t_count_public_only_project_ids == 1) {
$t_public_only_query = '( ( {bug}.project_id = ' . $t_public_only_project_ids[0] . ' ) AND ' . $t_public_view_state_check . ')';
} else {
if ($t_count_public_only_project_ids > 1) {
$t_public_only_query = '( ( {bug}.project_id in (' . implode(', ', $t_public_only_project_ids) . ') ) AND ' . $t_public_view_state_check . ')';
} else {
$t_public_only_query = null;
}
}
# both queries can't be null, so we either have one of them or both.
if ($t_private_and_public_query === null) {
$t_project_query = $t_public_only_query;
} else {
if ($t_public_only_query === null) {
$t_project_query = $t_private_and_public_query;
} else {
$t_project_query = '( ' . $t_public_only_query . ' OR ' . $t_private_and_public_query . ' )';
}
}
if (!empty($t_limited_projects)) {
foreach ($t_limited_projects as $t_string) {
if ($t_project_query == "") {
$t_project_query = " ( {$t_string} ) ";
} else {
$t_project_query = " ( {$t_project_query} OR ( {$t_string} ) )";
}
}
}
log_event(LOG_FILTERING, 'project query = ' . $t_project_query);
array_push($t_project_where_clauses, $t_project_query);
}
# date filter
if ('on' == $t_filter[FILTER_PROPERTY_FILTER_BY_DATE] && is_numeric($t_filter[FILTER_PROPERTY_START_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_START_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_START_YEAR]) && is_numeric($t_filter[FILTER_PROPERTY_END_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_END_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_END_YEAR])) {
$t_start_string = $t_filter[FILTER_PROPERTY_START_YEAR] . '-' . $t_filter[FILTER_PROPERTY_START_MONTH] . '-' . $t_filter[FILTER_PROPERTY_START_DAY] . ' 00:00:00';
$t_end_string = $t_filter[FILTER_PROPERTY_END_YEAR] . '-' . $t_filter[FILTER_PROPERTY_END_MONTH] . '-' . $t_filter[FILTER_PROPERTY_END_DAY] . ' 23:59:59';
$t_where_params[] = strtotime($t_start_string);
$t_where_params[] = strtotime($t_end_string);
array_push($t_project_where_clauses, '({bug}.date_submitted BETWEEN ' . db_param() . ' AND ' . db_param() . ' )');
}
# view state
$t_view_state = (int) $t_filter[FILTER_PROPERTY_VIEW_STATE];
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VIEW_STATE])) {
$t_view_state_query = '({bug}.view_state=' . db_param() . ')';
log_event(LOG_FILTERING, 'view_state query = ' . $t_view_state_query);
$t_where_params[] = $t_view_state;
array_push($t_where_clauses, $t_view_state_query);
} else {
log_event(LOG_FILTERING, 'no view_state query');
}
# reporter
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_REPORTER_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_REPORTER_ID] as $t_filter_member) {
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '0');
} else {
$c_reporter_id = (int) $t_filter_member;
if (filter_field_is_myself($c_reporter_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_reporter_id);
}
}
}
if (1 < count($t_clauses)) {
$t_reporter_query = '( {bug}.reporter_id in (' . implode(', ', $t_clauses) . ') )';
} else {
$t_reporter_query = '( {bug}.reporter_id=' . $t_clauses[0] . ' )';
}
log_event(LOG_FILTERING, 'reporter query = ' . $t_reporter_query);
array_push($t_where_clauses, $t_reporter_query);
} else {
log_event(LOG_FILTERING, 'no reporter query');
}
# handler
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_HANDLER_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_HANDLER_ID] as $t_filter_member) {
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, 0);
} else {
$c_handler_id = (int) $t_filter_member;
if (filter_field_is_myself($c_handler_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_handler_id);
}
}
}
if (1 < count($t_clauses)) {
$t_handler_query = '( {bug}.handler_id in (' . implode(', ', $t_clauses) . ') )';
} else {
$t_handler_query = '( {bug}.handler_id=' . $t_clauses[0] . ' )';
}
log_event(LOG_FILTERING, 'handler query = ' . $t_handler_query);
array_push($t_where_clauses, $t_handler_query);
} else {
log_event(LOG_FILTERING, 'no handler query');
}
# category
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_CATEGORY_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_CATEGORY_ID] as $t_filter_member) {
if (!filter_field_is_none($t_filter_member)) {
array_push($t_clauses, $t_filter_member);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.category_id in ( SELECT id FROM {category} WHERE name in (' . implode(', ', $t_where_tmp) . ') ) )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.category_id in ( SELECT id FROM {category} WHERE name=' . db_param() . ') )');
}
}
# severity
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_SEVERITY])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_SEVERITY] as $t_filter_member) {
$c_show_severity = (int) $t_filter_member;
array_push($t_clauses, $c_show_severity);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.severity in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.severity=' . db_param() . ' )');
}
}
# show / hide status
# take a list of all available statuses then remove the ones that we want hidden, then make sure
# the ones we want shown are still available
$t_desired_statuses = array();
$t_available_statuses = MantisEnum::getValues(config_get('status_enum_string'));
if ('simple' == $t_filter['_view_type']) {
# simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
$t_this_status = $t_filter[FILTER_PROPERTY_STATUS][0];
$t_this_hide_status = isset($t_filter[FILTER_PROPERTY_HIDE_STATUS][0]) ? $t_filter[FILTER_PROPERTY_HIDE_STATUS][0] : null;
if (filter_field_is_any($t_this_status)) {
foreach ($t_available_statuses as $t_this_available_status) {
if ($t_this_hide_status > $t_this_available_status) {
$t_desired_statuses[] = $t_this_available_status;
}
}
} else {
$t_desired_statuses[] = $t_this_status;
}
} else {
# advanced filtering: ignore the hide
if (filter_field_is_any($t_filter[FILTER_PROPERTY_STATUS])) {
$t_desired_statuses = array();
} else {
foreach ($t_filter[FILTER_PROPERTY_STATUS] as $t_this_status) {
$t_desired_statuses[] = $t_this_status;
}
}
}
if (count($t_desired_statuses) > 0) {
$t_clauses = array();
foreach ($t_desired_statuses as $t_filter_member) {
$c_show_status = (int) $t_filter_member;
array_push($t_clauses, $c_show_status);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.status in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.status=' . db_param() . ' )');
}
}
# resolution
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_RESOLUTION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_RESOLUTION] as $t_filter_member) {
$c_show_resolution = (int) $t_filter_member;
array_push($t_clauses, $c_show_resolution);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.resolution in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.resolution=' . db_param() . ' )');
}
}
# priority
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRIORITY])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PRIORITY] as $t_filter_member) {
$c_show_priority = (int) $t_filter_member;
array_push($t_clauses, $c_show_priority);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.priority in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.priority=' . db_param() . ' )');
}
}
# product build
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_BUILD])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_BUILD] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_show_build = $t_filter_member;
array_push($t_clauses, $c_show_build);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.build in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.build=' . db_param() . ' )');
}
}
# product version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_show_version = $t_filter_member;
array_push($t_clauses, $c_show_version);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.version in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.version=' . db_param() . ' )');
}
}
# profile
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PROFILE_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PROFILE_ID] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '0');
} else {
$c_show_profile = (int) $t_filter_member;
array_push($t_clauses, $c_show_profile);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.profile_id in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.profile_id=' . db_param() . ' )');
}
}
# platform
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PLATFORM])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PLATFORM] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_platform = $t_filter_member;
array_push($t_clauses, $c_platform);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.platform in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.platform = ' . db_param() . ' )');
}
}
# Operating System (os)
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_OS] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_os = $t_filter_member;
array_push($t_clauses, $c_os);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.os in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.os = ' . db_param() . ' )');
}
}
# Operating System Build (os_build)
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS_BUILD])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_OS_BUILD] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_os_build = $t_filter_member;
array_push($t_clauses, $c_os_build);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.os_build in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.os_build = ' . db_param() . ' )');
}
}
# fixed in version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_fixed_in_version = $t_filter_member;
array_push($t_clauses, $c_fixed_in_version);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.fixed_in_version in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.fixed_in_version=' . db_param() . ' )');
}
}
# target version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_TARGET_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_TARGET_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_target_version = $t_filter_member;
array_push($t_clauses, $c_target_version);
}
}
# echo var_dump( $t_clauses ); exit;
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( {bug}.target_version in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( {bug}.target_version=' . db_param() . ' )');
}
}
# users monitoring a bug
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_MONITOR_USER_ID])) {
$t_clauses = array();
$t_table_name = 'user_monitor';
array_push($t_join_clauses, 'LEFT JOIN {bug_monitor} ' . $t_table_name . ' ON ' . $t_table_name . '.bug_id = {bug}.id');
foreach ($t_filter[FILTER_PROPERTY_MONITOR_USER_ID] as $t_filter_member) {
$c_user_monitor = (int) $t_filter_member;
if (filter_field_is_myself($c_user_monitor)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_user_monitor);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( ' . $t_table_name . '.user_id in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( ' . $t_table_name . '.user_id=' . db_param() . ' )');
}
}
# bug relationship
$t_any_found = false;
$c_rel_type = $t_filter[FILTER_PROPERTY_RELATIONSHIP_TYPE];
$c_rel_bug = $t_filter[FILTER_PROPERTY_RELATIONSHIP_BUG];
if (-1 == $c_rel_type || 0 == $c_rel_bug) {
$t_any_found = true;
}
if (!$t_any_found) {
# use the complementary type
$t_comp_type = relationship_get_complementary_type($c_rel_type);
$t_clauses = array();
$t_table_dst = 'rel_dst';
$t_table_src = 'rel_src';
array_push($t_join_clauses, 'LEFT JOIN {bug_relationship} ' . $t_table_dst . ' ON ' . $t_table_dst . '.destination_bug_id = {bug}.id');
array_push($t_join_clauses, 'LEFT JOIN {bug_relationship} ' . $t_table_src . ' ON ' . $t_table_src . '.source_bug_id = {bug}.id');
# get reverse relationships
$t_where_params[] = $t_comp_type;
$t_where_params[] = $c_rel_bug;
$t_where_params[] = $c_rel_type;
$t_where_params[] = $c_rel_bug;
array_push($t_clauses, '(' . $t_table_dst . '.relationship_type=' . db_param() . ' AND ' . $t_table_dst . '.source_bug_id=' . db_param() . ')');
array_push($t_clauses, '(' . $t_table_src . '.relationship_type=' . db_param() . ' AND ' . $t_table_src . '.destination_bug_id=' . db_param() . ')');
array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
}
# tags
$c_tag_string = trim($t_filter[FILTER_PROPERTY_TAG_STRING]);
$c_tag_select = trim($t_filter[FILTER_PROPERTY_TAG_SELECT]);
if (is_blank($c_tag_string) && !is_blank($c_tag_select) && $c_tag_select != 0) {
$t_tag = tag_get($c_tag_select);
$c_tag_string = $t_tag['name'];
}
if (!is_blank($c_tag_string)) {
$t_tags = tag_parse_filters($c_tag_string);
if (count($t_tags)) {
$t_tags_all = array();
$t_tags_any = array();
$t_tags_none = array();
foreach ($t_tags as $t_tag_row) {
switch ($t_tag_row['filter']) {
case 1:
$t_tags_all[] = $t_tag_row;
break;
case 0:
$t_tags_any[] = $t_tag_row;
break;
case -1:
$t_tags_none[] = $t_tag_row;
break;
}
}
if (0 < $t_filter[FILTER_PROPERTY_TAG_SELECT] && tag_exists($t_filter[FILTER_PROPERTY_TAG_SELECT])) {
$t_tags_any[] = tag_get($t_filter[FILTER_PROPERTY_TAG_SELECT]);
}
if (count($t_tags_all)) {
$t_clauses = array();
foreach ($t_tags_all as $t_tag_row) {
array_push($t_clauses, '{bug}.id IN ( SELECT bug_id FROM {bug_tag} WHERE {bug_tag}.tag_id = ' . $t_tag_row['id'] . ')');
}
array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
}
if (count($t_tags_any)) {
$t_clauses = array();
foreach ($t_tags_any as $t_tag_row) {
array_push($t_clauses, '{bug_tag}.tag_id = ' . $t_tag_row['id']);
}
array_push($t_where_clauses, '{bug}.id IN ( SELECT bug_id FROM {bug_tag} WHERE ( ' . implode(' OR ', $t_clauses) . ') )');
}
if (count($t_tags_none)) {
$t_clauses = array();
foreach ($t_tags_none as $t_tag_row) {
array_push($t_clauses, '{bug_tag}.tag_id = ' . $t_tag_row['id']);
}
array_push($t_where_clauses, '{bug}.id NOT IN ( SELECT bug_id FROM {bug_tag} WHERE ( ' . implode(' OR ', $t_clauses) . ') )');
}
}
}
# note user id
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_NOTE_USER_ID])) {
$t_bugnote_table_alias = 'mbnt';
$t_clauses = array();
array_push($t_join_clauses, 'LEFT JOIN {bugnote} ' . $t_bugnote_table_alias . ' ON {bug}.id = ' . $t_bugnote_table_alias . '.bug_id');
foreach ($t_filter[FILTER_PROPERTY_NOTE_USER_ID] as $t_filter_member) {
$c_note_user_id = (int) $t_filter_member;
if (filter_field_is_myself($c_note_user_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_note_user_id);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, '( ' . $t_bugnote_table_alias . '.reporter_id in (' . implode(', ', $t_where_tmp) . ') )');
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, '( ' . $t_bugnote_table_alias . '.reporter_id=' . db_param() . ' )');
}
}
# plugin filters
$t_plugin_filters = filter_get_plugin_filters();
foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
if (!filter_field_is_any($t_filter[$t_field_name]) || $t_filter_object->type == FILTER_TYPE_BOOLEAN) {
$t_filter_query = $t_filter_object->query($t_filter[$t_field_name]);
if (is_array($t_filter_query)) {
if (isset($t_filter_query['join'])) {
array_push($t_join_clauses, $t_filter_query['join']);
}
if (isset($t_filter_query['where'])) {
array_push($t_where_clauses, $t_filter_query['where']);
}
if (isset($t_filter_query['params']) && is_array($t_filter_query['params'])) {
$t_where_params = array_merge($t_where_params, $t_filter_query['params']);
}
}
}
}
# custom field filters
if (ON == config_get('filter_by_custom_fields')) {
# custom field filtering
# @@@ At the moment this gets the linked fields relating to the current project
# It should get the ones relating to the project in the filter or all projects
# if multiple projects.
$t_custom_fields = custom_field_get_linked_ids($t_project_id);
foreach ($t_custom_fields as $t_cfid) {
$t_field_info = custom_field_cache_row($t_cfid, true);
if (!$t_field_info['filter_by']) {
continue;
# skip this custom field it shouldn't be filterable
}
$t_field = $t_filter['custom_fields'][$t_cfid];
$t_custom_where_clause = '';
# Ignore all custom filters that are not set, or that are set to '' or "any"
if (!filter_field_is_any($t_field)) {
$t_def = custom_field_get_definition($t_cfid);
$t_table_name = '{custom_field_string}_' . $t_cfid;
# We need to filter each joined table or the result query will explode in dimensions
# Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
# and only after this process ends (if it is able to) the result query will be filtered
# by the WHERE clause and by the DISTINCT clause
$t_cf_join_clause = 'LEFT JOIN {custom_field_string} ' . $t_table_name . ' ON {bug}.id = ' . $t_table_name . '.bug_id AND ' . $t_table_name . '.field_id = ' . $t_cfid;
if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
# Define the value field with type cast to integer
$t_value_field = 'CAST(COALESCE(NULLIF(' . $t_table_name . '.value, \'\'), \'0\') AS DECIMAL)';
switch ($t_field[0]) {
# Closing parenthesis intentionally omitted, will be added later on
case CUSTOM_FIELD_DATE_ANY:
break;
case CUSTOM_FIELD_DATE_NONE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( ' . $t_table_name . '.bug_id is null OR ' . $t_value_field . ' = 0 ';
break;
case CUSTOM_FIELD_DATE_BEFORE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( ' . $t_value_field . ' != 0 AND ' . $t_value_field . ' < ' . $t_field[2];
break;
case CUSTOM_FIELD_DATE_AFTER:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( ' . $t_value_field . ' > ' . ($t_field[1] + 1);
break;
default:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( ' . $t_value_field . ' BETWEEN ' . $t_field[1] . ' AND ' . $t_field[2];
break;
}
} else {
array_push($t_join_clauses, $t_cf_join_clause);
$t_filter_array = array();
foreach ($t_field as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
# coerce filter value if selecting META_FILTER_NONE so it will match empty fields
$t_filter_member = '';
# but also add those _not_ present in the custom field string table
array_push($t_filter_array, '{bug}.id NOT IN (SELECT bug_id FROM {custom_field_string} WHERE field_id=' . $t_cfid . ')');
}
switch ($t_def['type']) {
case CUSTOM_FIELD_TYPE_CHECKBOX:
case CUSTOM_FIELD_TYPE_MULTILIST:
$t_where_params[] = '%|' . $t_filter_member . '|%';
array_push($t_filter_array, db_helper_like($t_table_name . '.value'));
break;
case CUSTOM_FIELD_TYPE_TEXTAREA:
$t_where_params[] = '%' . $t_filter_member . '%';
array_push($t_filter_array, db_helper_like($t_table_name . '.text'));
break;
default:
$t_where_params[] = $t_filter_member;
array_push($t_filter_array, $t_table_name . '.value = ' . db_param());
}
}
$t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
}
if (!is_blank($t_custom_where_clause)) {
array_push($t_where_clauses, $t_custom_where_clause . ')');
}
}
}
}
# Text search
if (!is_blank($t_filter[FILTER_PROPERTY_SEARCH])) {
# break up search terms by spacing or quoting
preg_match_all("/-?([^'\"\\s]+|\"[^\"]+\"|'[^']+')/", $t_filter[FILTER_PROPERTY_SEARCH], $t_matches, PREG_SET_ORDER);
# organize terms without quoting, paying attention to negation
$t_search_terms = array();
foreach ($t_matches as $t_match) {
$t_search_terms[trim($t_match[1], "\\'\"")] = $t_match[0][0] == '-';
}
# build a big where-clause and param list for all search terms, including negations
$t_first = true;
$t_textsearch_where_clause = '( ';
foreach ($t_search_terms as $t_search_term => $t_negate) {
if (!$t_first) {
$t_textsearch_where_clause .= ' AND ';
}
if ($t_negate) {
$t_textsearch_where_clause .= 'NOT ';
}
$c_search = '%' . $t_search_term . '%';
$t_textsearch_where_clause .= '( ' . db_helper_like('{bug}.summary') . ' OR ' . db_helper_like('{bug_text}.description') . ' OR ' . db_helper_like('{bug_text}.steps_to_reproduce') . ' OR ' . db_helper_like('{bug_text}.additional_information') . ' OR ' . db_helper_like('{bugnote_text}.note');
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
if (is_numeric($t_search_term)) {
# PostgreSQL on 64-bit OS hack (see #14014)
if (PHP_INT_MAX > 0x7fffffff && db_is_pgsql()) {
$t_search_max = 0x7fffffff;
} else {
$t_search_max = PHP_INT_MAX;
}
# Note: no need to test negative values, '-' sign has been removed
if ($t_search_term <= $t_search_max) {
$c_search_int = (int) $t_search_term;
$t_textsearch_where_clause .= ' OR {bug}.id = ' . db_param();
$t_textsearch_where_clause .= ' OR {bugnote}.id = ' . db_param();
$t_where_params[] = $c_search_int;
$t_where_params[] = $c_search_int;
}
}
$t_textsearch_where_clause .= ' )';
$t_first = false;
}
$t_textsearch_where_clause .= ' )';
# add text query elements to arrays
if (!$t_first) {
$t_join_clauses[] = 'JOIN {bug_text} ON {bug}.bug_text_id = {bug_text}.id';
$t_join_clauses[] = 'LEFT JOIN {bugnote} ON {bug}.id = {bugnote}.bug_id';
# Outer join required otherwise we don't retrieve issues without notes
$t_join_clauses[] = 'LEFT JOIN {bugnote_text} ON {bugnote}.bugnote_text_id = {bugnote_text}.id';
$t_where_clauses[] = $t_textsearch_where_clause;
}
}
# End text search
# Determine join operator
if ($t_filter[FILTER_PROPERTY_MATCH_TYPE] == FILTER_MATCH_ANY) {
$t_join_operator = ' OR ';
} else {
$t_join_operator = ' AND ';
}
log_event(LOG_FILTERING, 'Join operator : ' . $t_join_operator);
$t_query_clauses['select'] = $t_select_clauses;
$t_query_clauses['from'] = $t_from_clauses;
$t_query_clauses['join'] = $t_join_clauses;
$t_query_clauses['where'] = $t_where_clauses;
$t_query_clauses['where_values'] = $t_where_params;
$t_query_clauses['project_where'] = $t_project_where_clauses;
$t_query_clauses['operator'] = $t_join_operator;
$t_query_clauses = filter_get_query_sort_data($t_filter, $p_show_sticky, $t_query_clauses);
# assigning to $p_* for this function writes the values back in case the caller wants to know
# Get the total number of bugs that meet the criteria.
$p_bug_count = filter_get_bug_count($t_query_clauses);
if (0 == $p_bug_count) {
return array();
}
$p_per_page = filter_per_page($t_filter, $p_bug_count, $p_per_page);
$p_page_count = filter_page_count($p_bug_count, $p_per_page);
$p_page_number = filter_valid_page_number($p_page_number, $p_page_count);
$t_offset = filter_offset($p_page_number, $p_per_page);
$t_query_clauses = filter_unique_query_clauses($t_query_clauses);
$t_select_string = 'SELECT DISTINCT ' . implode(', ', $t_query_clauses['select']);
$t_from_string = ' FROM ' . implode(', ', $t_query_clauses['from']);
$t_order_string = ' ORDER BY ' . implode(', ', $t_query_clauses['order']);
$t_join_string = count($t_query_clauses['join']) > 0 ? implode(' ', $t_query_clauses['join']) : ' ';
$t_where_string = ' WHERE ' . implode(' AND ', $t_query_clauses['project_where']);
if (count($t_query_clauses['where']) > 0) {
$t_where_string .= ' AND ( ';
$t_where_string .= implode($t_join_operator, $t_query_clauses['where']);
$t_where_string .= ' ) ';
}
$t_result = db_query($t_select_string . $t_from_string . $t_join_string . $t_where_string . $t_order_string, $t_query_clauses['where_values'], $p_per_page, $t_offset);
$t_id_array_lastmod = array();
while ($t_row = db_fetch_array($t_result)) {
$t_id_array_lastmod[] = (int) $t_row['id'];
$t_rows[] = $t_row;
}
return filter_cache_result($t_rows, $t_id_array_lastmod);
}
function helper_project_specific_where($p_project_id, $p_user_id = null)
{
if (null === $p_user_id) {
$p_user_id = auth_get_current_user_id();
}
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
foreach ($t_topprojects as $t_project) {
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
}
$t_project_ids = array_unique($t_project_ids);
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
$t_project_ids = array_map('db_prepare_int', $t_project_ids);
if (0 == count($t_project_ids)) {
$t_project_filter = ' 1<>1';
} elseif (1 == count($t_project_ids)) {
$t_project_filter = ' project_id=' . $t_project_ids[0];
} else {
$t_project_filter = ' project_id IN (' . join(',', $t_project_ids) . ')';
}
return $t_project_filter;
}
/**
* List projects that the current user has access to.
*
* @param integer $p_project_id The current project id or null to use cookie.
* @param boolean $p_include_all_projects True: include "All Projects", otherwise false.
* @param integer|null $p_filter_project_id The id of a project to exclude or null.
* @param string|boolean $p_trace The current project trace, identifies the sub-project via a path from top to bottom.
* @param boolean $p_can_report_only If true, disables projects in which user can't report issues; defaults to false (all projects enabled).
* @return void
*/
function print_project_option_list($p_project_id = null, $p_include_all_projects = true, $p_filter_project_id = null, $p_trace = false, $p_can_report_only = false)
{
$t_user_id = auth_get_current_user_id();
$t_project_ids = user_get_accessible_projects($t_user_id);
$t_can_report = true;
project_cache_array_rows($t_project_ids);
if ($p_include_all_projects && $p_filter_project_id !== ALL_PROJECTS) {
echo '<option value="' . ALL_PROJECTS . '"';
if ($p_project_id !== null) {
check_selected($p_project_id, ALL_PROJECTS, false);
}
echo '>' . lang_get('all_projects') . '</option>' . "\n";
}
foreach ($t_project_ids as $t_id) {
if ($p_can_report_only) {
$t_report_bug_threshold = config_get('report_bug_threshold', null, $t_user_id, $t_id);
$t_can_report = access_has_project_level($t_report_bug_threshold, $t_id, $t_user_id);
}
echo '<option value="' . $t_id . '"';
check_selected($p_project_id, $t_id, false);
check_disabled($t_id == $p_filter_project_id || !$t_can_report);
echo '>' . string_attribute(project_get_field($t_id, 'name')) . '</option>' . "\n";
print_subproject_option_list($t_id, $p_project_id, $p_filter_project_id, $p_trace, $p_can_report_only);
}
}
/**
* retun an array of sub-project IDs of all project to which the user has access
* @param integer $p_user_id A valid user identifier.
* @param integer $p_project_id A valid project identifier.
* @return array
*/
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = user_get_accessible_projects($p_user_id);
# Cover the case for PHP < 5.4 where array_combine() returns
# false and triggers warning if arrays are empty (see #16187)
if (empty($t_topprojects)) {
return array();
}
# Create a combined array where key = value
$t_project_ids = array_combine($t_topprojects, $t_topprojects);
# Add all subprojects user has access to
foreach ($t_topprojects as $t_project) {
$t_subprojects_ids = user_get_all_accessible_subprojects($p_user_id, $t_project);
foreach ($t_subprojects_ids as $t_id) {
$t_project_ids[$t_id] = $t_id;
}
}
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
return $t_project_ids;
}
/**
* Get the attachments that belong to the specified project.
*
* @param string $p_username The name of the user trying to access the versions.
* @param string $p_password The password of the user.
* @param integer $p_project_id The id of the project to retrieve the attachments for.
* @return Array representing a ProjectAttachmentDataArray structure.
*/
function mc_project_get_attachments($p_username, $p_password, $p_project_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
return mci_soap_fault_access_denied($t_user_id);
}
if (!project_exists($p_project_id)) {
return new soap_fault('Client', '', "Project '{$p_project_id}' does not exist.");
}
if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_project_file_table = db_get_table('project_file');
$t_project_table = db_get_table('project');
$t_project_user_list_table = db_get_table('project_user_list');
$t_user_table = db_get_table('user');
$t_pub = VS_PUBLIC;
$t_priv = VS_PRIVATE;
$t_admin = config_get_global('admin_site_threshold');
if ($p_project_id == ALL_PROJECTS) {
# Select all the projects that the user has access to
$t_projects = user_get_accessible_projects($t_user_id);
} else {
# Select the specific project
$t_projects = array($p_project_id);
}
$t_projects[] = ALL_PROJECTS;
# add ALL_PROJECTS to the list of projects to fetch
$t_reqd_access = config_get('view_proj_doc_threshold');
if (is_array($t_reqd_access)) {
if (1 == count($t_reqd_access)) {
$t_access_clause = "= " . array_shift($t_reqd_access) . " ";
} else {
$t_access_clause = "IN (" . implode(',', $t_reqd_access) . ")";
}
} else {
$t_access_clause = ">= {$t_reqd_access} ";
}
$query = "SELECT pft.id, pft.project_id, pft.filename, pft.file_type, pft.filesize, pft.title, pft.description, pft.date_added\n\t\tFROM {$t_project_file_table} pft\n\t\tLEFT JOIN {$t_project_table} pt ON pft.project_id = pt.id\n\t\tLEFT JOIN {$t_project_user_list_table} pult\n\t\tON pft.project_id = pult.project_id AND pult.user_id = {$t_user_id}\n\t\tLEFT JOIN {$t_user_table} ut ON ut.id = {$t_user_id}\n\t\tWHERE pft.project_id in (" . implode(',', $t_projects) . ") AND\n\t\t( ( ( pt.view_state = {$t_pub} OR pt.view_state is null ) AND pult.user_id is null AND ut.access_level {$t_access_clause} ) OR\n\t\t( ( pult.user_id = {$t_user_id} ) AND ( pult.access_level {$t_access_clause} ) ) OR\n\t\t( ut.access_level = {$t_admin} ) )\n\t\tORDER BY pt.name ASC, pft.title ASC";
$result = db_query($query);
$num_files = db_num_rows($result);
$t_result = array();
for ($i = 0; $i < $num_files; $i++) {
$row = db_fetch_array($result);
$t_attachment = array();
$t_attachment['id'] = $row['id'];
$t_attachment['filename'] = $row['filename'];
$t_attachment['title'] = $row['title'];
$t_attachment['description'] = $row['description'];
$t_attachment['size'] = $row['filesize'];
$t_attachment['content_type'] = $row['file_type'];
$t_attachment['date_submitted'] = timestamp_to_iso8601($row['date_added']);
$t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $row['id'] . '&type=doc';
$t_result[] = $t_attachment;
}
return $t_result;
}
/**
* Returns an array of projects that are accessible to the current logged in
* user.
*
* @param show_disabled Include disabled projects.
* @return an array of accessible project ids.
* @access public
*/
function current_user_get_accessible_projects($p_show_disabled = false)
{
return user_get_accessible_projects(auth_get_current_user_id(), $p_show_disabled);
}
foreach ($rows as $t_row) {
$t_categories[] = $t_row->category_id;
}
category_cache_array_rows(array_unique($t_categories));
}
// get all user set filters
$t_filter = current_user_get_bug_filter();
// if viewing all projects, allow to switch between combined and splitted view
// (all projects mixed together or separated into rows)
$f_default_pdisplay = "combined";
$pdisplay = gpc_get_string('pdisplay', $f_default_pdisplay);
// only one project to display?
if ($t_project_id || $pdisplay == "combined") {
$all_project_ids = array($t_project_id);
} else {
$all_project_ids = user_get_accessible_projects($t_current_user_id);
}
$rowcounts = array();
foreach ($all_project_ids as $curr_project_id) {
?>
<tr>
<td class="projectHeader" colspan="<?php
echo count($columns);
?>
">
<h1><?php
echo project_get_name($curr_project_id);
?>
</h1>
</td>
</tr>
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: summary_page.php,v 1.54.2.1 2007-10-13 22:34:43 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'summary_api.php';
access_ensure_project_level(config_get('view_summary_threshold'));
$f_project_id = gpc_get_int('project_id', helper_get_current_project());
# Override the current page to make sure we get the appropriate project-specific configuration
$g_project_override = $f_project_id;
$t_user_id = auth_get_current_user_id();
# @@@ giallu: this block of code is duplicated from helper_project_specific_where
# the only diff is the commented line below: can we do better than this ?
if (ALL_PROJECTS == $f_project_id) {
$t_topprojects = $t_project_ids = user_get_accessible_projects($t_user_id);
foreach ($t_topprojects as $t_project) {
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($t_user_id, $t_project));
}
$t_project_ids = array_unique($t_project_ids);
} else {
# access_ensure_project_level( VIEWER, $p_project_id );
$t_project_ids = user_get_all_accessible_subprojects($t_user_id, $f_project_id);
array_unshift($t_project_ids, $f_project_id);
}
$t_project_ids = array_map('db_prepare_int', $t_project_ids);
if (0 == count($t_project_ids)) {
$specific_where = ' 1 <> 1';
} elseif (1 == count($t_project_ids)) {
$specific_where = ' project_id=' . $t_project_ids[0];
} else {
/**
* Get the attachments that belong to the specified project.
*
* @param string $p_username The name of the user trying to access the versions.
* @param string $p_password The password of the user.
* @param integer $p_project_id The id of the project to retrieve the attachments for.
* @return array representing a ProjectAttachmentDataArray structure.
*/
function mc_project_get_attachments($p_username, $p_password, $p_project_id)
{
global $g_project_override;
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
$g_project_override = $p_project_id;
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
return mci_soap_fault_access_denied($t_user_id);
}
if (!project_exists($p_project_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'Project \'' . $p_project_id . '\' does not exist.');
}
if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
return mci_soap_fault_access_denied($t_user_id);
}
$t_pub = VS_PUBLIC;
$t_priv = VS_PRIVATE;
$t_admin = config_get_global('admin_site_threshold');
if ($p_project_id == ALL_PROJECTS) {
# Select all the projects that the user has access to
$t_projects = user_get_accessible_projects($t_user_id);
} else {
# Select the specific project
$t_projects = array($p_project_id);
}
$t_projects[] = ALL_PROJECTS;
# add ALL_PROJECTS to the list of projects to fetch
$t_reqd_access = config_get('view_proj_doc_threshold');
if (is_array($t_reqd_access)) {
if (1 == count($t_reqd_access)) {
$t_access_clause = '= ' . array_shift($t_reqd_access) . ' ';
} else {
$t_access_clause = 'IN (' . implode(',', $t_reqd_access) . ')';
}
} else {
$t_access_clause = '>= ' . $t_reqd_access;
}
$t_query = 'SELECT pft.id, pft.project_id, pft.filename, pft.file_type, pft.filesize, pft.title, pft.description, pft.date_added, pft.user_id
FROM {project_file} pft
LEFT JOIN {project} pt ON pft.project_id = pt.id
LEFT JOIN {project_user_list} pult
ON pft.project_id = pult.project_id AND pult.user_id = ' . db_param() . '
LEFT JOIN {user} ut ON ut.id = ' . db_param() . '
WHERE pft.project_id in (' . implode(',', $t_projects) . ') AND
( ( ( pt.view_state = ' . db_param() . ' OR pt.view_state is null ) AND pult.user_id is null AND ut.access_level ' . $t_access_clause . ' ) OR
( ( pult.user_id = ' . db_param() . ' ) AND ( pult.access_level ' . $t_access_clause . ' ) ) OR
( ut.access_level = ' . db_param() . ' ) )
ORDER BY pt.name ASC, pft.title ASC';
$t_result = db_query($t_query, array($t_user_id, $t_user_id, $t_pub, $t_user_id, $t_admin));
$t_num_files = db_num_rows($t_result);
$t_attachments = array();
for ($i = 0; $i < $t_num_files; $i++) {
$t_row = db_fetch_array($t_result);
$t_attachment = array();
$t_attachment['id'] = $t_row['id'];
$t_attachment['filename'] = $t_row['filename'];
$t_attachment['title'] = $t_row['title'];
$t_attachment['description'] = $t_row['description'];
$t_attachment['size'] = $t_row['filesize'];
$t_attachment['content_type'] = $t_row['file_type'];
$t_attachment['date_submitted'] = SoapObjectsFactory::newDateTimeVar($t_row['date_added']);
$t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $t_row['id'] . '&type=doc';
$t_attachment['user_id'] = $t_row['user_id'];
$t_attachments[] = $t_attachment;
}
return $t_attachments;
}
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
log_event(LOG_FILTERING, 'FILTERING: START NEW FILTER QUERY');
$t_bug_table = config_get('mantis_bug_table');
$t_bug_text_table = config_get('mantis_bug_text_table');
$t_bugnote_table = config_get('mantis_bugnote_table');
$t_custom_field_string_table = config_get('mantis_custom_field_string_table');
$t_bugnote_text_table = config_get('mantis_bugnote_text_table');
$t_project_table = config_get('mantis_project_table');
$t_bug_monitor_table = config_get('mantis_bug_monitor_table');
$t_limit_reporters = config_get('limit_reporters');
$t_bug_relationship_table = config_get('mantis_bug_relationship_table');
$t_report_bug_threshold = config_get('report_bug_threshold');
$t_current_user_id = auth_get_current_user_id();
if (null === $p_user_id) {
$t_user_id = $t_current_user_id;
} else {
$t_user_id = $p_user_id;
}
$c_user_id = db_prepare_int($t_user_id);
if (null === $p_project_id) {
# @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
$t_project_id = helper_get_current_project();
} else {
$t_project_id = $p_project_id;
}
if ($p_custom_filter === null) {
# Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
# cookies set by previous version of the code.
if ($t_user_id == $t_current_user_id) {
$t_filter = current_user_get_bug_filter();
} else {
$t_filter = user_get_bug_filter($t_user_id, $t_project_id);
}
} else {
$t_filter = $p_custom_filter;
}
$t_filter = filter_ensure_valid_filter($t_filter);
if (false === $t_filter) {
return false;
# signify a need to create a cookie
#@@@ error instead?
}
$t_view_type = $t_filter['_view_type'];
$t_where_clauses = array("{$t_project_table}.enabled = 1", "{$t_project_table}.id = {$t_bug_table}.project_id");
$t_select_clauses = array("{$t_bug_table}.*");
$t_join_clauses = array();
$t_from_clauses = array();
// normalize the project filtering into an array $t_project_ids
if ('simple' == $t_view_type) {
log_event(LOG_FILTERING, 'FILTERING: Simple Filter');
$t_project_ids = array($t_project_id);
$t_include_sub_projects = true;
} else {
log_event(LOG_FILTERING, 'FILTERING: Advanced Filter');
if (!is_array($t_filter['project_id'])) {
$t_project_ids = array(db_prepare_int($t_filter['project_id']));
} else {
$t_project_ids = array_map('db_prepare_int', $t_filter['project_id']);
}
$t_include_sub_projects = count($t_project_ids) == 1 && $t_project_ids[0] == META_FILTER_CURRENT;
}
log_event(LOG_FILTERING, 'FILTERING: project_ids = ' . implode(',', $t_project_ids));
log_event(LOG_FILTERING, 'FILTERING: include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
// if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
// replace META_FILTER_CURRENT with the actualy current project id.
$t_all_projects_found = false;
$t_new_project_ids = array();
foreach ($t_project_ids as $t_pid) {
if ($t_pid == META_FILTER_CURRENT) {
$t_pid = $t_project_id;
}
if ($t_pid == ALL_PROJECTS) {
$t_all_projects_found = true;
log_event(LOG_FILTERING, 'FILTERING: all projects selected');
break;
}
// filter out inaccessible projects.
if (!access_has_project_level(VIEWER, $t_pid, $t_user_id)) {
continue;
}
$t_new_project_ids[] = $t_pid;
}
$t_projects_query_required = true;
if ($t_all_projects_found) {
if (user_is_administrator($t_user_id)) {
log_event(LOG_FILTERING, 'FILTERING: all projects + administrator, hence no project filter.');
$t_projects_query_required = false;
} else {
$t_project_ids = user_get_accessible_projects($t_user_id);
}
} else {
$t_project_ids = $t_new_project_ids;
}
if ($t_projects_query_required) {
// expand project ids to include sub-projects
if ($t_include_sub_projects) {
$t_top_project_ids = $t_project_ids;
foreach ($t_top_project_ids as $t_pid) {
log_event(LOG_FILTERING, 'FILTERING: Getting sub-projects for project id ' . $t_pid);
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($t_user_id, $t_pid));
}
$t_project_ids = array_unique($t_project_ids);
}
// if no projects are accessible, then return an empty array.
if (count($t_project_ids) == 0) {
log_event(LOG_FILTERING, 'FILTERING: no accessible projects');
return array();
}
log_event(LOG_FILTERING, 'FILTERING: project_ids after including sub-projects = ' . implode(',', $t_project_ids));
// this array is to be populated with project ids for which we only want to show public issues. This is due to the limited
// access of the current user.
$t_public_only_project_ids = array();
// this array is populated with project ids that the current user has full access to.
$t_private_and_public_project_ids = array();
$t_access_required_to_view_private_bugs = config_get('private_bug_threshold');
foreach ($t_project_ids as $t_pid) {
if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
$t_private_and_public_project_ids[] = $t_pid;
} else {
$t_public_only_project_ids[] = $t_pid;
}
}
log_event(LOG_FILTERING, 'FILTERING: project_ids (with public/private access) = ' . implode(',', $t_private_and_public_project_ids));
log_event(LOG_FILTERING, 'FILTERING: project_ids (with public access) = ' . implode(',', $t_public_only_project_ids));
$t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
if ($t_count_private_and_public_project_ids == 1) {
$t_private_and_public_query = "( {$t_bug_table}.project_id = " . $t_private_and_public_project_ids[0] . " )";
} else {
if ($t_count_private_and_public_project_ids > 1) {
$t_private_and_public_query = "( {$t_bug_table}.project_id in (" . implode(', ', $t_private_and_public_project_ids) . ") )";
} else {
$t_private_and_public_query = null;
}
}
$t_count_public_only_project_ids = count($t_public_only_project_ids);
$t_public_view_state_check = "( ( {$t_bug_table}.view_state = " . VS_PUBLIC . " ) OR ( {$t_bug_table}.reporter_id = {$t_user_id} ) )";
if ($t_count_public_only_project_ids == 1) {
$t_public_only_query = "( ( {$t_bug_table}.project_id = " . $t_public_only_project_ids[0] . " ) AND {$t_public_view_state_check} )";
} else {
if ($t_count_public_only_project_ids > 1) {
$t_public_only_query = "( ( {$t_bug_table}.project_id in (" . implode(', ', $t_public_only_project_ids) . ") ) AND {$t_public_view_state_check} )";
} else {
$t_public_only_query = null;
}
}
// both queries can't be null, so we either have one of them or both.
if ($t_private_and_public_query === null) {
$t_project_query = $t_public_only_query;
} else {
if ($t_public_only_query === null) {
$t_project_query = $t_private_and_public_query;
} else {
$t_project_query = "( {$t_public_only_query} OR {$t_private_and_public_query} )";
}
}
log_event(LOG_FILTERING, 'FILTERING: project query = ' . $t_project_query);
array_push($t_where_clauses, $t_project_query);
}
# view state
$t_view_state = db_prepare_int($t_filter['view_state']);
if ($t_filter['view_state'] !== META_FILTER_ANY && !is_blank($t_filter['view_state'])) {
$t_view_state_query = "({$t_bug_table}.view_state='{$t_view_state}')";
log_event(LOG_FILTERING, 'FILTERING: view_state query = ' . $t_view_state_query);
array_push($t_where_clauses, $t_view_state_query);
} else {
log_event(LOG_FILTERING, 'FILTERING: no view_state query');
}
# reporter
$t_any_found = false;
foreach ($t_filter['reporter_id'] as $t_filter_member) {
if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['reporter_id']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['reporter_id'] as $t_filter_member) {
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "0");
} else {
$c_reporter_id = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_reporter_id) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_reporter_id);
}
}
}
if (1 < count($t_clauses)) {
$t_reporter_query = "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )";
} else {
$t_reporter_query = "( {$t_bug_table}.reporter_id={$t_clauses['0']} )";
}
log_event(LOG_FILTERING, 'FILTERING: reporter query = ' . $t_reporter_query);
array_push($t_where_clauses, $t_reporter_query);
} else {
log_event(LOG_FILTERING, 'FILTERING: no reporter query');
}
# limit reporter
# @@@ thraxisp - access_has_project_level checks greater than or equal to,
# this assumed that there aren't any holes above REPORTER where the limit would apply
#
if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
$c_reporter_id = $c_user_id;
array_push($t_where_clauses, "({$t_bug_table}.reporter_id='{$c_reporter_id}')");
}
# handler
$t_any_found = false;
foreach ($t_filter['handler_id'] as $t_filter_member) {
if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['handler_id']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['handler_id'] as $t_filter_member) {
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, 0);
} else {
$c_handler_id = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_handler_id) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_handler_id);
}
}
}
if (1 < count($t_clauses)) {
$t_handler_query = "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )";
} else {
$t_handler_query = "( {$t_bug_table}.handler_id={$t_clauses['0']} )";
}
log_event(LOG_FILTERING, 'FILTERING: handler query = ' . $t_handler_query);
array_push($t_where_clauses, $t_handler_query);
} else {
log_event(LOG_FILTERING, 'FILTERING: no handler query');
}
# category
if (!_filter_is_any($t_filter['show_category'])) {
$t_clauses = array();
foreach ($t_filter['show_category'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_category = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_category}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.category in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.category={$t_clauses['0']} )");
}
}
# severity
$t_any_found = false;
foreach ($t_filter['show_severity'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_severity']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_severity'] as $t_filter_member) {
$c_show_severity = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_severity);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.severity={$t_clauses['0']} )");
}
}
# show / hide status
# take a list of all available statuses then remove the ones that we want hidden, then make sure
# the ones we want shown are still available
$t_status_arr = explode_enum_string(config_get('status_enum_string'));
$t_available_statuses = array();
$t_desired_statuses = array();
foreach ($t_status_arr as $t_this_status) {
$t_this_status_arr = explode_enum_arr($t_this_status);
$t_available_statuses[] = $t_this_status_arr[0];
}
if ('simple' == $t_filter['_view_type']) {
# simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
$t_any_found = false;
$t_this_status = $t_filter['show_status'][0];
$t_this_hide_status = $t_filter['hide_status'][0];
if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
$t_any_found = true;
}
if ($t_any_found) {
foreach ($t_available_statuses as $t_this_available_status) {
if ($t_this_hide_status > $t_this_available_status) {
$t_desired_statuses[] = $t_this_available_status;
}
}
} else {
$t_desired_statuses[] = $t_this_status;
}
} else {
# advanced filtering: ignore the hide
$t_any_found = false;
foreach ($t_filter['show_status'] as $t_this_status) {
$t_desired_statuses[] = $t_this_status;
if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
$t_any_found = true;
}
}
if ($t_any_found) {
$t_desired_statuses = array();
}
}
if (count($t_desired_statuses) > 0) {
$t_clauses = array();
foreach ($t_desired_statuses as $t_filter_member) {
$c_show_status = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_status);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.status={$t_clauses['0']} )");
}
}
# resolution
$t_any_found = false;
foreach ($t_filter['show_resolution'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_resolution']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_resolution'] as $t_filter_member) {
$c_show_resolution = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_resolution);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.resolution={$t_clauses['0']} )");
}
}
# priority
$t_any_found = false;
foreach ($t_filter['show_priority'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_priority']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_priority'] as $t_filter_member) {
$c_show_priority = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_priority);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.priority={$t_clauses['0']} )");
}
}
# product build
$t_any_found = false;
foreach ($t_filter['show_build'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['show_build']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_build'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_build = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_build}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.build={$t_clauses['0']} )");
}
}
# product version
if (!_filter_is_any($t_filter['show_version'])) {
$t_clauses = array();
foreach ($t_filter['show_version'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_version = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_version}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.version={$t_clauses['0']} )");
}
}
# profile
if (!_filter_is_any($t_filter['show_profile'])) {
$t_clauses = array();
foreach ($t_filter['show_profile'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "0");
} else {
$c_show_profile = db_prepare_int($t_filter_member);
array_push($t_clauses, "{$c_show_profile}");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.profile_id={$t_clauses['0']} )");
}
}
# platform
if (!_filter_is_any($t_filter['platform'])) {
$t_clauses = array();
foreach ($t_filter['platform'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, '');
} else {
$c_platform = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_platform}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.platform in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.platform = {$t_clauses['0']} )");
}
}
# os
if (!_filter_is_any($t_filter['os'])) {
$t_clauses = array();
foreach ($t_filter['os'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, '');
} else {
$c_os = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_os}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.os in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.os = {$t_clauses['0']} )");
}
}
# os_build
if (!_filter_is_any($t_filter['os_build'])) {
$t_clauses = array();
foreach ($t_filter['os_build'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, '');
} else {
$c_os_build = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_os_build}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.os_build in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.os_build = {$t_clauses['0']} )");
}
}
# date filter
if ('on' == $t_filter['do_filter_by_date'] && is_numeric($t_filter['start_month']) && is_numeric($t_filter['start_day']) && is_numeric($t_filter['start_year']) && is_numeric($t_filter['end_month']) && is_numeric($t_filter['end_day']) && is_numeric($t_filter['end_year'])) {
$t_start_string = db_prepare_string($t_filter['start_year'] . "-" . $t_filter['start_month'] . "-" . $t_filter['start_day'] . " 00:00:00");
$t_end_string = db_prepare_string($t_filter['end_year'] . "-" . $t_filter['end_month'] . "-" . $t_filter['end_day'] . " 23:59:59");
array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN '{$t_start_string}' AND '{$t_end_string}' )");
}
# fixed in version
if (!_filter_is_any($t_filter['fixed_in_version'])) {
$t_clauses = array();
foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_fixed_in_version = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_fixed_in_version}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version={$t_clauses['0']} )");
}
}
# target version
if (!_filter_is_any($t_filter['target_version'])) {
$t_clauses = array();
foreach ($t_filter['target_version'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_target_version = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_target_version}'");
}
}
#echo var_dump( $t_clauses ); exit;
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.target_version in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.target_version={$t_clauses['0']} )");
}
}
# users monitoring a bug
$t_any_found = false;
foreach ($t_filter['user_monitor'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['user_monitor']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
$t_table_name = 'user_monitor';
array_push($t_from_clauses, $t_bug_monitor_table);
array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
foreach ($t_filter['user_monitor'] as $t_filter_member) {
$c_user_monitor = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_user_monitor) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_user_monitor);
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_table_name}.user_id={$t_clauses['0']} )");
}
}
# bug relationship
$t_any_found = false;
$c_rel_type = $t_filter['relationship_type'];
$c_rel_bug = $t_filter['relationship_bug'];
if (-1 == $c_rel_type || 0 == $c_rel_bug) {
$t_any_found = true;
}
if (!$t_any_found) {
# use the complementary type
$t_comp_type = relationship_get_complementary_type($c_rel_type);
$t_clauses = array();
$t_table_name = 'relationship';
array_push($t_from_clauses, $t_bug_relationship_table);
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}2 ON {$t_table_name}2.source_bug_id = {$t_bug_table}.id");
// get reverse relationships
array_push($t_clauses, "({$t_table_name}.relationship_type='{$t_comp_type}' AND {$t_table_name}.source_bug_id='{$c_rel_bug}')");
array_push($t_clauses, "({$t_table_name}" . "2.relationship_type='{$c_rel_type}' AND {$t_table_name}" . "2.destination_bug_id='{$c_rel_bug}')");
array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
}
# tags
$c_tag_string = trim($t_filter['tag_string']);
if (!is_blank($c_tag_string)) {
$t_tags = tag_parse_filters($c_tag_string);
if (count($t_tags)) {
$t_tags_all = array();
$t_tags_any = array();
$t_tags_none = array();
foreach ($t_tags as $t_tag_row) {
switch ($t_tag_row['filter']) {
case 1:
$t_tags_all[] = $t_tag_row;
break;
case 0:
$t_tags_any[] = $t_tag_row;
break;
case -1:
$t_tags_none[] = $t_tag_row;
break;
}
}
if (0 < $t_filter['tag_select'] && tag_exists($t_filter['tag_select'])) {
$t_tags_any[] = tag_get($t_filter['tag_select']);
}
$t_bug_tag_table = config_get('mantis_bug_tag_table');
if (count($t_tags_all)) {
$t_clauses = array();
foreach ($t_tags_all as $t_tag_row) {
array_push($t_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE {$t_bug_tag_table}.tag_id = {$t_tag_row['id']} )");
}
array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
}
if (count($t_tags_any)) {
$t_clauses = array();
foreach ($t_tags_any as $t_tag_row) {
array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
}
array_push($t_where_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
}
if (count($t_tags_none)) {
$t_clauses = array();
foreach ($t_tags_none as $t_tag_row) {
array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
}
array_push($t_where_clauses, "{$t_bug_table}.id NOT IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
}
}
}
# custom field filters
if (ON == config_get('filter_by_custom_fields')) {
# custom field filtering
# @@@ At the moment this gets the linked fields relating to the current project
# It should get the ones relating to the project in the filter or all projects
# if multiple projects.
$t_custom_fields = custom_field_get_linked_ids($t_project_id);
foreach ($t_custom_fields as $t_cfid) {
$t_custom_where_clause = '';
# Ignore all custom filters that are not set, or that are set to '' or "any"
$t_any_found = false;
foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (!isset($t_filter['custom_fields'][$t_cfid])) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_def = custom_field_get_definition($t_cfid);
$t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
# We need to filter each joined table or the result query will explode in dimensions
# Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
# and only after this process ends (if it is able to) the result query will be filtered
# by the WHERE clause and by the DISTINCT clause
$t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id AND {$t_table_name}.field_id = {$t_cfid} ";
if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
switch ($t_filter['custom_fields'][$t_cfid][0]) {
case CUSTOM_FIELD_DATE_ANY:
break;
case CUSTOM_FIELD_DATE_NONE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
break;
case CUSTOM_FIELD_DATE_BEFORE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
break;
case CUSTOM_FIELD_DATE_AFTER:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1);
break;
default:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2];
break;
}
} else {
array_push($t_join_clauses, $t_cf_join_clause);
$t_filter_array = array();
foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
# coerce filter value if selecting META_FILTER_NONE so it will match empty fields
$t_filter_member = '';
# but also add those _not_ present in the custom field string table
array_push($t_filter_array, "{$t_bug_table}.id NOT IN (SELECT bug_id FROM {$t_custom_field_string_table} WHERE field_id={$t_cfid})");
}
switch ($t_def['type']) {
case CUSTOM_FIELD_TYPE_MULTILIST:
case CUSTOM_FIELD_TYPE_CHECKBOX:
array_push($t_filter_array, db_helper_like("{$t_table_name}.value", '%|' . db_prepare_string($t_filter_member) . '|%'));
break;
default:
array_push($t_filter_array, "{$t_table_name}.value = '" . db_prepare_string($t_filter_member) . "'");
}
}
$t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
}
if (!is_blank($t_custom_where_clause)) {
array_push($t_where_clauses, $t_custom_where_clause . ')');
}
}
}
}
$t_textsearch_where_clause = '';
$t_textsearch_wherejoin_clause = '';
# Simple Text Search - Thanks to Alan Knowles
if (!is_blank($t_filter['search'])) {
$c_search = db_prepare_string($t_filter['search']);
$c_search_int = db_prepare_int($t_filter['search']);
$t_textsearch_where_clause = '(' . db_helper_like('summary', "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.description", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information", "%{$c_search}%") . " OR ( {$t_bug_table}.id = '{$c_search_int}' ) )";
$t_textsearch_wherejoin_clause = '(' . db_helper_like('summary', "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.description", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_table}.id", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bugnote_text_table}.note", "%{$c_search}%") . ' )';
array_push($t_where_clauses, "({$t_bug_text_table}.id = {$t_bug_table}.bug_text_id)");
$t_from_clauses = array($t_bug_text_table, $t_project_table, $t_bug_table);
} else {
$t_from_clauses = array($t_project_table, $t_bug_table);
}
$t_select = implode(', ', array_unique($t_select_clauses));
$t_from = 'FROM ' . implode(', ', array_unique($t_from_clauses));
$t_join = implode(' ', $t_join_clauses);
if (count($t_where_clauses) > 0) {
$t_where = 'WHERE ' . implode(' AND ', $t_where_clauses);
} else {
$t_where = '';
}
# Possibly do two passes. First time, grab the IDs of issues that match the filters. Second time, grab the IDs of issues that
# have bugnotes that match the text search if necessary.
$t_id_array = array();
for ($i = 0; $i < 2; $i++) {
$t_id_where = $t_where;
$t_id_join = $t_join;
if ($i == 0) {
if (!is_blank($t_id_where) && !is_blank($t_textsearch_where_clause)) {
$t_id_where = $t_id_where . ' AND ' . $t_textsearch_where_clause;
}
} else {
if (!is_blank($t_textsearch_wherejoin_clause)) {
$t_id_where = $t_id_where . ' AND ' . $t_textsearch_wherejoin_clause;
$t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_table} ON {$t_bugnote_table}.bug_id = {$t_bug_table}.id";
$t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_text_table} ON {$t_bugnote_text_table}.id = {$t_bugnote_table}.bugnote_text_id";
}
}
$query = "SELECT DISTINCT {$t_bug_table}.id AS id\r\n\t\t\t\t\t\t{$t_from}\r\n\t\t\t\t\t\t{$t_id_join}\r\n\t\t\t\t\t\t{$t_id_where}";
if ($i == 0 || !is_blank($t_textsearch_wherejoin_clause)) {
$result = db_query($query);
$row_count = db_num_rows($result);
for ($j = 0; $j < $row_count; $j++) {
$row = db_fetch_array($result);
$t_id_array[] = db_prepare_int($row['id']);
}
}
}
$t_id_array = array_unique($t_id_array);
# Get the total number of bugs that meet the criteria.
$bug_count = count($t_id_array);
$rows = array();
if ($bug_count > 0) {
$t_where = "WHERE {$t_bug_table}.id in (" . implode(", ", $t_id_array) . ")";
} else {
return $rows;
}
$t_from = 'FROM ' . $t_bug_table;
# write the value back in case the caller wants to know
$p_bug_count = $bug_count;
if (null === $p_per_page) {
$p_per_page = (int) $t_filter['per_page'];
} else {
if (-1 == $p_per_page) {
$p_per_page = $bug_count;
}
}
# Guard against silly values of $f_per_page.
if (0 == $p_per_page) {
$p_per_page = $bug_count;
// 0 - means show all
}
$p_per_page = (int) abs($p_per_page);
# Use $bug_count and $p_per_page to determine how many pages
# to split this list up into.
# For the sake of consistency have at least one page, even if it
# is empty.
$t_page_count = ceil($bug_count / $p_per_page);
if ($t_page_count < 1) {
$t_page_count = 1;
}
# write the value back in case the caller wants to know
$p_page_count = $t_page_count;
# Make sure $p_page_number isn't past the last page.
if ($p_page_number > $t_page_count) {
$p_page_number = $t_page_count;
}
# Make sure $p_page_number isn't before the first page
if ($p_page_number < 1) {
$p_page_number = 1;
}
# Now add the rest of the criteria i.e. sorting, limit.
# if sort is blank then default the sort and direction. This is to fix the
# symptoms of #3953. Note that even if the main problem is fixed, we may
# have to keep this code for a while to handle filters saved with this blank field.
if (is_blank($t_filter['sort'])) {
$t_filter['sort'] = 'last_updated';
$t_filter['dir'] = 'DESC';
}
$t_order_array = array();
$t_sort_fields = split(',', $t_filter['sort']);
$t_dir_fields = split(',', $t_filter['dir']);
if ('on' == $t_filter['sticky_issues'] && NULL !== $p_show_sticky) {
$t_order_array[] = "sticky DESC";
}
$t_join = '';
for ($i = 0; $i < count($t_sort_fields); $i++) {
$c_sort = db_prepare_string($t_sort_fields[$i]);
if (!in_array($t_sort_fields[$i], array_slice($t_sort_fields, $i + 1))) {
# if sorting by a custom field
if (strpos($c_sort, 'custom_') === 0) {
$t_custom_field = substr($c_sort, strlen('custom_'));
$t_custom_field_id = custom_field_get_id_from_name($t_custom_field);
$t_join .= " LEFT JOIN {$t_custom_field_string_table} ON ( ( {$t_custom_field_string_table}.bug_id = {$t_bug_table}.id ) AND ( {$t_custom_field_string_table}.field_id = {$t_custom_field_id} ) )";
$c_sort = "{$t_custom_field_string_table}.value";
$t_select_clauses[] = "{$t_custom_field_string_table}.value";
}
if ('DESC' == $t_dir_fields[$i]) {
$c_dir = 'DESC';
} else {
$c_dir = 'ASC';
}
$t_order_array[] = "{$c_sort} {$c_dir}";
}
}
# add basic sorting if necessary
if (!in_array('last_updated', $t_sort_fields)) {
$t_order_array[] = 'last_updated DESC';
}
if (!in_array('date_submitted', $t_sort_fields)) {
$t_order_array[] = 'date_submitted DESC';
}
$t_order = " ORDER BY " . implode(', ', $t_order_array);
$t_select = implode(', ', array_unique($t_select_clauses));
$query2 = "SELECT DISTINCT {$t_select}\r\n\t\t\t\t\t{$t_from}\r\n\t\t\t\t\t{$t_join}\r\n\t\t\t\t\t{$t_where}\r\n\t\t\t\t\t{$t_order}";
# Figure out the offset into the db query
#
# for example page number 1, per page 5:
# t_offset = 0
# for example page number 2, per page 5:
# t_offset = 5
$c_per_page = db_prepare_int($p_per_page);
$c_page_number = db_prepare_int($p_page_number);
$t_offset = ($c_page_number - 1) * $c_per_page;
# perform query
$result2 = db_query($query2, $c_per_page, $t_offset);
$row_count = db_num_rows($result2);
$t_id_array_lastmod = array();
for ($i = 0; $i < $row_count; $i++) {
$row = db_fetch_array($result2);
$t_id_array_lastmod[] = db_prepare_int($row['id']);
$row['date_submitted'] = db_unixtimestamp($row['date_submitted']);
$row['last_updated'] = db_unixtimestamp($row['last_updated']);
array_push($rows, $row);
}
$t_id_array_lastmod = array_unique($t_id_array_lastmod);
// paulr: it should be impossible for t_id_array_lastmod to be array():
// that would imply that $t_id_array is null which aborts this function early
//if ( count( $t_id_array_lastmod ) > 0 ) {
$t_where = "WHERE {$t_bugnote_table}.bug_id in (" . implode(", ", $t_id_array_lastmod) . ")";
$query3 = "SELECT DISTINCT bug_id,MAX(last_modified) as last_modified, COUNT(last_modified) as count FROM {$t_bugnote_table} {$t_where} GROUP BY bug_id";
# perform query
$result3 = db_query($query3);
$row_count = db_num_rows($result3);
for ($i = 0; $i < $row_count; $i++) {
$row = db_fetch_array($result3);
$t_stats[$row['bug_id']] = $row;
}
foreach ($rows as $row) {
if (!isset($t_stats[$row['id']])) {
bug_cache_database_result($row, false);
} else {
bug_cache_database_result($row, $t_stats[$row['id']]);
}
}
return $rows;
}
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
access_denied();
}
# Override the current page to make sure we get the appropriate project-specific configuration
$g_project_override = $f_project_id;
$t_user_id = auth_get_current_user_id();
$t_project_file_table = db_get_table('project_file');
$t_project_table = db_get_table('project');
$t_project_user_list_table = db_get_table('project_user_list');
$t_user_table = db_get_table('user');
$t_pub = VS_PUBLIC;
$t_priv = VS_PRIVATE;
$t_admin = config_get_global('admin_site_threshold');
if ($f_project_id == ALL_PROJECTS) {
# Select all the projects that the user has access to
$t_projects = user_get_accessible_projects($t_user_id);
} else {
# Select the specific project
$t_projects = array($f_project_id);
}
$t_projects[] = ALL_PROJECTS;
# add "ALL_PROJECTS to the list of projects to fetch
$t_reqd_access = config_get('view_proj_doc_threshold');
if (is_array($t_reqd_access)) {
if (1 == count($t_reqd_access)) {
$t_access_clause = "= " . array_shift($t_reqd_access) . " ";
} else {
$t_access_clause = "IN (" . implode(',', $t_reqd_access) . ")";
}
} else {
$t_access_clause = ">= {$t_reqd_access} ";
/**
* @todo Had to make all these parameters required because we can't use
* call-time pass by reference anymore. I really preferred not having
* to pass all the params in if you didn't want to, but I wanted to get
* rid of the errors for now. If we can think of a better way later
* (maybe return an object) that would be great.
*
* @param int $p_page_number the page you want to see (set to the actual page on return)
* @param int $p_per_page the number of bugs to see per page (set to actual on return)
* -1 indicates you want to see all bugs
* null indicates you want to use the value specified in the filter
* @param int $p_page_count you don't need to give a value here, the number of pages will be stored here on return
* @param int $p_bug_count you don't need to give a value here, the number of bugs will be stored here on return
* @param mixed $p_custom_filter Filter to use.
* @param int $p_project_id project id to use in filtering.
* @param int $p_user_id user id to use as current user when filtering.
* @param bool $p_show_sticky get sticky issues only.
*/
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
log_event(LOG_FILTERING, 'START NEW FILTER QUERY');
$t_bug_table = db_get_table('mantis_bug_table');
$t_bug_text_table = db_get_table('mantis_bug_text_table');
$t_bugnote_table = db_get_table('mantis_bugnote_table');
$t_category_table = db_get_table('mantis_category_table');
$t_custom_field_string_table = db_get_table('mantis_custom_field_string_table');
$t_bugnote_text_table = db_get_table('mantis_bugnote_text_table');
$t_project_table = db_get_table('mantis_project_table');
$t_bug_monitor_table = db_get_table('mantis_bug_monitor_table');
$t_limit_reporters = config_get('limit_reporters');
$t_bug_relationship_table = db_get_table('mantis_bug_relationship_table');
$t_report_bug_threshold = config_get('report_bug_threshold');
$t_where_param_count = 0;
$t_current_user_id = auth_get_current_user_id();
if (null === $p_user_id) {
$t_user_id = $t_current_user_id;
} else {
$t_user_id = $p_user_id;
}
$c_user_id = db_prepare_int($t_user_id);
if (null === $p_project_id) {
# @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
$t_project_id = helper_get_current_project();
} else {
$t_project_id = $p_project_id;
}
if ($p_custom_filter === null) {
# Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
# cookies set by previous version of the code.
if ($t_user_id == $t_current_user_id) {
$t_filter = current_user_get_bug_filter();
} else {
$t_filter = user_get_bug_filter($t_user_id, $t_project_id);
}
} else {
$t_filter = $p_custom_filter;
}
$t_filter = filter_ensure_valid_filter($t_filter);
if (false === $t_filter) {
return false;
# signify a need to create a cookie
# @@@ error instead?
}
$t_view_type = $t_filter['_view_type'];
$t_where_clauses = array("{$t_project_table}.enabled = " . db_param(), "{$t_project_table}.id = {$t_bug_table}.project_id");
$t_where_params = array(1);
$t_select_clauses = array("{$t_bug_table}.*");
$t_join_clauses = array();
$t_from_clauses = array();
// normalize the project filtering into an array $t_project_ids
if ('simple' == $t_view_type) {
log_event(LOG_FILTERING, 'Simple Filter');
$t_project_ids = array($t_project_id);
$t_include_sub_projects = true;
} else {
log_event(LOG_FILTERING, 'Advanced Filter');
if (!is_array($t_filter[FILTER_PROPERTY_PROJECT_ID])) {
$t_project_ids = array(db_prepare_int($t_filter[FILTER_PROPERTY_PROJECT_ID]));
} else {
$t_project_ids = array_map('db_prepare_int', $t_filter[FILTER_PROPERTY_PROJECT_ID]);
}
$t_include_sub_projects = count($t_project_ids) == 1 && ($t_project_ids[0] == META_FILTER_CURRENT || $t_project_ids[0] == ALL_PROJECTS);
}
log_event(LOG_FILTERING, 'project_ids = @P' . implode(', @P', $t_project_ids));
log_event(LOG_FILTERING, 'include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
// if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
// replace META_FILTER_CURRENT with the actualy current project id.
$t_all_projects_found = false;
$t_new_project_ids = array();
foreach ($t_project_ids as $t_pid) {
if ($t_pid == META_FILTER_CURRENT) {
$t_pid = $t_project_id;
}
if ($t_pid == ALL_PROJECTS) {
$t_all_projects_found = true;
log_event(LOG_FILTERING, 'all projects selected');
break;
}
// filter out inaccessible projects.
if (!access_has_project_level(VIEWER, $t_pid, $t_user_id)) {
continue;
}
$t_new_project_ids[] = $t_pid;
}
$t_projects_query_required = true;
if ($t_all_projects_found) {
if (user_is_administrator($t_user_id)) {
log_event(LOG_FILTERING, 'all projects + administrator, hence no project filter.');
$t_projects_query_required = false;
} else {
$t_project_ids = user_get_accessible_projects($t_user_id);
}
} else {
$t_project_ids = $t_new_project_ids;
}
if ($t_projects_query_required) {
// expand project ids to include sub-projects
if ($t_include_sub_projects) {
$t_top_project_ids = $t_project_ids;
foreach ($t_top_project_ids as $t_pid) {
log_event(LOG_FILTERING, 'Getting sub-projects for project id @P' . $t_pid);
$t_subproject_ids = user_get_all_accessible_subprojects($t_user_id, $t_pid);
if (!$t_subproject_ids) {
continue;
}
$t_project_ids = array_merge($t_project_ids, $t_subproject_ids);
}
$t_project_ids = array_unique($t_project_ids);
}
// if no projects are accessible, then return an empty array.
if (count($t_project_ids) == 0) {
log_event(LOG_FILTERING, 'no accessible projects');
return array();
}
log_event(LOG_FILTERING, 'project_ids after including sub-projects = @P' . implode(', @P', $t_project_ids));
// this array is to be populated with project ids for which we only want to show public issues. This is due to the limited
// access of the current user.
$t_public_only_project_ids = array();
// this array is populated with project ids that the current user has full access to.
$t_private_and_public_project_ids = array();
foreach ($t_project_ids as $t_pid) {
$t_access_required_to_view_private_bugs = config_get('private_bug_threshold', null, null, $t_pid);
if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
$t_private_and_public_project_ids[] = $t_pid;
} else {
$t_public_only_project_ids[] = $t_pid;
}
}
log_event(LOG_FILTERING, 'project_ids (with public/private access) = @P' . implode(', @P', $t_private_and_public_project_ids));
log_event(LOG_FILTERING, 'project_ids (with public access) = @P' . implode(', @P', $t_public_only_project_ids));
$t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
if ($t_count_private_and_public_project_ids == 1) {
$t_private_and_public_query = "( {$t_bug_table}.project_id = " . $t_private_and_public_project_ids[0] . " )";
} else {
if ($t_count_private_and_public_project_ids > 1) {
$t_private_and_public_query = "( {$t_bug_table}.project_id in (" . implode(', ', $t_private_and_public_project_ids) . ") )";
} else {
$t_private_and_public_query = null;
}
}
$t_count_public_only_project_ids = count($t_public_only_project_ids);
$t_public_view_state_check = "( ( {$t_bug_table}.view_state = " . VS_PUBLIC . " ) OR ( {$t_bug_table}.reporter_id = {$t_user_id} ) )";
if ($t_count_public_only_project_ids == 1) {
$t_public_only_query = "( ( {$t_bug_table}.project_id = " . $t_public_only_project_ids[0] . " ) AND {$t_public_view_state_check} )";
} else {
if ($t_count_public_only_project_ids > 1) {
$t_public_only_query = "( ( {$t_bug_table}.project_id in (" . implode(', ', $t_public_only_project_ids) . ") ) AND {$t_public_view_state_check} )";
} else {
$t_public_only_query = null;
}
}
// both queries can't be null, so we either have one of them or both.
if ($t_private_and_public_query === null) {
$t_project_query = $t_public_only_query;
} else {
if ($t_public_only_query === null) {
$t_project_query = $t_private_and_public_query;
} else {
$t_project_query = "( {$t_public_only_query} OR {$t_private_and_public_query} )";
}
}
log_event(LOG_FILTERING, 'project query = ' . $t_project_query);
array_push($t_where_clauses, $t_project_query);
}
# view state
$t_view_state = db_prepare_int($t_filter[FILTER_PROPERTY_VIEW_STATE_ID]);
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VIEW_STATE_ID])) {
$t_view_state_query = "({$t_bug_table}.view_state=" . db_param() . ')';
log_event(LOG_FILTERING, 'view_state query = ' . $t_view_state_query);
$t_where_params[] = $t_view_state;
array_push($t_where_clauses, $t_view_state_query);
} else {
log_event(LOG_FILTERING, 'no view_state query');
}
# reporter
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_REPORTER_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_REPORTER_ID] as $t_filter_member) {
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, "0");
} else {
$c_reporter_id = db_prepare_int($t_filter_member);
if (filter_field_is_myself($c_reporter_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_reporter_id);
}
}
}
if (1 < count($t_clauses)) {
$t_reporter_query = "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )";
} else {
$t_reporter_query = "( {$t_bug_table}.reporter_id={$t_clauses['0']} )";
}
log_event(LOG_FILTERING, 'reporter query = ' . $t_reporter_query);
array_push($t_where_clauses, $t_reporter_query);
} else {
log_event(LOG_FILTERING, 'no reporter query');
}
# limit reporter
# @@@ thraxisp - access_has_project_level checks greater than or equal to,
# this assumed that there aren't any holes above REPORTER where the limit would apply
#
if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
$c_reporter_id = $c_user_id;
$t_where_params[] = $c_reporter_id;
array_push($t_where_clauses, "({$t_bug_table}.reporter_id=" . db_param() . ')');
}
# handler
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_HANDLER_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_HANDLER_ID] as $t_filter_member) {
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, 0);
} else {
$c_handler_id = db_prepare_int($t_filter_member);
if (filter_field_is_myself($c_handler_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_handler_id);
}
}
}
if (1 < count($t_clauses)) {
$t_handler_query = "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )";
} else {
$t_handler_query = "( {$t_bug_table}.handler_id={$t_clauses['0']} )";
}
log_event(LOG_FILTERING, 'handler query = ' . $t_handler_query);
array_push($t_where_clauses, $t_handler_query);
} else {
log_event(LOG_FILTERING, 'no handler query');
}
# category
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_CATEGORY])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_CATEGORY] as $t_filter_member) {
if (!filter_field_is_none($t_filter_member)) {
array_push($t_clauses, $t_filter_member);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.category_id in ( SELECT id FROM {$t_category_table} WHERE name in (" . implode(', ', $t_where_tmp) . ") ) )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.category_id in ( SELECT id FROM {$t_category_table} WHERE name=" . db_param() . ") )");
}
}
# severity
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_SEVERITY_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_SEVERITY_ID] as $t_filter_member) {
$c_show_severity = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_severity);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.severity=" . db_param() . " )");
}
}
# show / hide status
# take a list of all available statuses then remove the ones that we want hidden, then make sure
# the ones we want shown are still available
$t_desired_statuses = array();
$t_available_statuses = MantisEnum::getValues(config_get('status_enum_string'));
if ('simple' == $t_filter['_view_type']) {
# simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
$t_any_found = false;
$t_this_status = $t_filter[FILTER_PROPERTY_STATUS_ID][0];
$t_this_hide_status = $t_filter[FILTER_PROPERTY_HIDE_STATUS_ID][0];
if (filter_field_is_any($t_this_status)) {
foreach ($t_available_statuses as $t_this_available_status) {
if ($t_this_hide_status > $t_this_available_status) {
$t_desired_statuses[] = $t_this_available_status;
}
}
} else {
$t_desired_statuses[] = $t_this_status;
}
} else {
# advanced filtering: ignore the hide
if (filter_field_is_any($t_filter[FILTER_PROPERTY_STATUS_ID])) {
$t_desired_statuses = array();
} else {
foreach ($t_filter[FILTER_PROPERTY_STATUS_ID] as $t_this_status) {
$t_desired_statuses[] = $t_this_status;
}
}
}
if (count($t_desired_statuses) > 0) {
$t_clauses = array();
foreach ($t_desired_statuses as $t_filter_member) {
$c_show_status = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_status);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.status=" . db_param() . " )");
}
}
# resolution
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_RESOLUTION_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_RESOLUTION_ID] as $t_filter_member) {
$c_show_resolution = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_resolution);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.resolution=" . db_param() . " )");
}
}
# priority
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRIORITY_ID])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PRIORITY_ID] as $t_filter_member) {
$c_show_priority = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_priority);
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.priority=" . db_param() . " )");
}
}
# product build
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRODUCT_BUILD])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PRODUCT_BUILD] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_show_build = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_show_build);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.build=" . db_param() . " )");
}
}
# product version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRODUCT_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PRODUCT_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_show_version = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_show_version);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.version=" . db_param() . " )");
}
}
# profile
if (!filter_field_is_any($t_filter['show_profile'])) {
$t_clauses = array();
foreach ($t_filter['show_profile'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, "0");
} else {
$c_show_profile = db_prepare_int($t_filter_member);
array_push($t_clauses, "{$c_show_profile}");
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.profile_id=" . db_param() . " )");
}
}
# platform
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PLATFORM])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_PLATFORM] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_platform = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_platform);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.platform in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.platform = " . db_param() . " )");
}
}
# os
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_OS] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_os = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_os);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.os in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.os = " . db_param() . " )");
}
}
# os_build
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS_BUILD])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_OS_BUILD] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_os_build = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_os_build);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.os_build in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.os_build = " . db_param() . " )");
}
}
# date filter
if ('on' == $t_filter[FILTER_PROPERTY_FILTER_BY_DATE] && is_numeric($t_filter[FILTER_PROPERTY_START_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_START_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_START_YEAR]) && is_numeric($t_filter[FILTER_PROPERTY_END_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_END_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_END_YEAR])) {
$t_start_string = $t_filter[FILTER_PROPERTY_START_YEAR] . "-" . $t_filter[FILTER_PROPERTY_START_MONTH] . "-" . $t_filter[FILTER_PROPERTY_START_DAY] . " 00:00:00";
$t_end_string = $t_filter[FILTER_PROPERTY_END_YEAR] . "-" . $t_filter[FILTER_PROPERTY_END_MONTH] . "-" . $t_filter[FILTER_PROPERTY_END_DAY] . " 23:59:59";
$t_where_params[] = strtotime($t_start_string);
$t_where_params[] = strtotime($t_end_string);
array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN " . db_param() . " AND " . db_param() . " )");
}
# fixed in version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_fixed_in_version = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_fixed_in_version);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version=" . db_param() . " )");
}
}
# target version
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_TARGET_VERSION])) {
$t_clauses = array();
foreach ($t_filter[FILTER_PROPERTY_TARGET_VERSION] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
array_push($t_clauses, '');
} else {
$c_target_version = db_prepare_string($t_filter_member);
array_push($t_clauses, $c_target_version);
}
}
# echo var_dump( $t_clauses ); exit;
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bug_table}.target_version in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bug_table}.target_version=" . db_param() . " )");
}
}
# users monitoring a bug
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_MONITOR_USER_ID])) {
$t_clauses = array();
$t_table_name = 'user_monitor';
array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
foreach ($t_filter[FILTER_PROPERTY_MONITOR_USER_ID] as $t_filter_member) {
$c_user_monitor = db_prepare_int($t_filter_member);
if (filter_field_is_myself($c_user_monitor)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_user_monitor);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_table_name}.user_id=" . db_param() . " )");
}
}
# bug relationship
$t_any_found = false;
$c_rel_type = $t_filter[FILTER_PROPERTY_RELATIONSHIP_TYPE];
$c_rel_bug = $t_filter[FILTER_PROPERTY_RELATIONSHIP_BUG];
if (-1 == $c_rel_type || 0 == $c_rel_bug) {
$t_any_found = true;
}
if (!$t_any_found) {
# use the complementary type
$t_comp_type = relationship_get_complementary_type($c_rel_type);
$t_clauses = array();
$t_table_name = 'relationship';
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}2 ON {$t_table_name}2.source_bug_id = {$t_bug_table}.id");
// get reverse relationships
$t_where_params[] = $t_comp_type;
$t_where_params[] = $c_rel_bug;
$t_where_params[] = $c_rel_type;
$t_where_params[] = $c_rel_bug;
array_push($t_clauses, "({$t_table_name}.relationship_type=" . db_param() . " AND {$t_table_name}.source_bug_id=" . db_param() . ')');
array_push($t_clauses, "({$t_table_name}" . "2.relationship_type=" . db_param() . " AND {$t_table_name}" . "2.destination_bug_id=" . db_param() . ')');
array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
}
# tags
$c_tag_string = trim($t_filter[FILTER_PROPERTY_TAG_STRING]);
$c_tag_select = trim($t_filter[FILTER_PROPERTY_TAG_SELECT]);
if (is_blank($c_tag_string) && !is_blank($c_tag_select) && $c_tag_select != 0) {
$t_tag = tag_get($c_tag_select);
$c_tag_string = $t_tag['name'];
}
if (!is_blank($c_tag_string)) {
$t_tags = tag_parse_filters($c_tag_string);
if (count($t_tags)) {
$t_tags_all = array();
$t_tags_any = array();
$t_tags_none = array();
foreach ($t_tags as $t_tag_row) {
switch ($t_tag_row['filter']) {
case 1:
$t_tags_all[] = $t_tag_row;
break;
case 0:
$t_tags_any[] = $t_tag_row;
break;
case -1:
$t_tags_none[] = $t_tag_row;
break;
}
}
if (0 < $t_filter[FILTER_PROPERTY_TAG_SELECT] && tag_exists($t_filter[FILTER_PROPERTY_TAG_SELECT])) {
$t_tags_any[] = tag_get($t_filter[FILTER_PROPERTY_TAG_SELECT]);
}
$t_bug_tag_table = db_get_table('mantis_bug_tag_table');
if (count($t_tags_all)) {
$t_clauses = array();
foreach ($t_tags_all as $t_tag_row) {
array_push($t_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE {$t_bug_tag_table}.tag_id = {$t_tag_row['id']} )");
}
array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
}
if (count($t_tags_any)) {
$t_clauses = array();
foreach ($t_tags_any as $t_tag_row) {
array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
}
array_push($t_where_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
}
if (count($t_tags_none)) {
$t_clauses = array();
foreach ($t_tags_none as $t_tag_row) {
array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
}
array_push($t_where_clauses, "{$t_bug_table}.id NOT IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
}
}
}
# note user id
if (!filter_field_is_any($t_filter[FILTER_PROPERTY_NOTE_USER_ID])) {
$t_bugnote_table_alias = 'mbnt';
$t_clauses = array();
array_push($t_from_clauses, "{$t_bugnote_table} {$t_bugnote_table_alias}");
array_push($t_where_clauses, "( {$t_bug_table}.id = {$t_bugnote_table_alias}.bug_id )");
foreach ($t_filter[FILTER_PROPERTY_NOTE_USER_ID] as $t_filter_member) {
$c_note_user_id = db_prepare_int($t_filter_member);
if (filter_field_is_myself($c_note_user_id)) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_note_user_id);
}
}
if (1 < count($t_clauses)) {
$t_where_tmp = array();
foreach ($t_clauses as $t_clause) {
$t_where_tmp[] = db_param();
$t_where_params[] = $t_clause;
}
array_push($t_where_clauses, "( {$t_bugnote_table_alias}.reporter_id in (" . implode(', ', $t_where_tmp) . ") )");
} else {
$t_where_params[] = $t_clauses[0];
array_push($t_where_clauses, "( {$t_bugnote_table_alias}.reporter_id=" . db_param() . " )");
}
}
# plugin filters
$t_plugin_filters = filter_get_plugin_filters();
foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
if (!filter_field_is_any($t_filter[$t_field_name]) || $t_filter_object->type == FILTER_TYPE_BOOLEAN) {
$t_filter_query = $t_filter_object->query($t_filter[$t_field_name]);
if (is_array($t_filter_query)) {
if (isset($t_filter_query['join'])) {
array_push($t_join_clauses, $t_filter_query['join']);
}
if (isset($t_filter_query['where'])) {
array_push($t_where_clauses, $t_filter_query['where']);
}
if (isset($t_filter_query['params']) && is_array($t_filter_query['params'])) {
$t_where_params = array_merge($t_where_params, $t_filter_query['params']);
}
}
}
}
# custom field filters
if (ON == config_get('filter_by_custom_fields')) {
# custom field filtering
# @@@ At the moment this gets the linked fields relating to the current project
# It should get the ones relating to the project in the filter or all projects
# if multiple projects.
$t_custom_fields = custom_field_get_linked_ids($t_project_id);
foreach ($t_custom_fields as $t_cfid) {
$t_field_info = custom_field_cache_row($t_cfid, true);
if (!$t_field_info['filter_by']) {
continue;
# skip this custom field it shouldn't be filterable
}
$t_custom_where_clause = '';
# Ignore all custom filters that are not set, or that are set to '' or "any"
if (!filter_field_is_any($t_filter['custom_fields'][$t_cfid])) {
$t_def = custom_field_get_definition($t_cfid);
$t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
# We need to filter each joined table or the result query will explode in dimensions
# Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
# and only after this process ends (if it is able to) the result query will be filtered
# by the WHERE clause and by the DISTINCT clause
$t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_bug_table}.id = {$t_table_name}.bug_id AND {$t_table_name}.field_id = {$t_cfid}";
if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
switch ($t_filter['custom_fields'][$t_cfid][0]) {
case CUSTOM_FIELD_DATE_ANY:
break;
case CUSTOM_FIELD_DATE_NONE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
break;
case CUSTOM_FIELD_DATE_BEFORE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
break;
case CUSTOM_FIELD_DATE_AFTER:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1);
break;
default:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '( (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2];
break;
}
} else {
array_push($t_join_clauses, $t_cf_join_clause);
$t_filter_array = array();
foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (filter_field_is_none($t_filter_member)) {
# coerce filter value if selecting META_FILTER_NONE so it will match empty fields
$t_filter_member = '';
# but also add those _not_ present in the custom field string table
array_push($t_filter_array, "{$t_bug_table}.id NOT IN (SELECT bug_id FROM {$t_custom_field_string_table} WHERE field_id={$t_cfid})");
}
switch ($t_def['type']) {
case CUSTOM_FIELD_TYPE_CHECKBOX:
case CUSTOM_FIELD_TYPE_MULTILIST:
if ($t_filter_member != '') {
$t_filter_member = '%|' . $t_filter_member . '|%';
}
$t_where_params[] = $t_filter_member;
array_push($t_filter_array, db_helper_like("{$t_table_name}.value"));
break;
default:
$t_where_params[] = $t_filter_member;
array_push($t_filter_array, "{$t_table_name}.value = " . db_param());
}
}
$t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
}
if (!is_blank($t_custom_where_clause)) {
array_push($t_where_clauses, $t_custom_where_clause . ')');
}
}
}
}
# Text search
if (!is_blank($t_filter[FILTER_PROPERTY_FREE_TEXT])) {
# break up search terms by spacing or quoting
preg_match_all("/-?([^'\"\\s]+|\"[^\"]+\"|'[^']+')/", $t_filter[FILTER_PROPERTY_FREE_TEXT], $t_matches, PREG_SET_ORDER);
# organize terms without quoting, paying attention to negation
$t_search_terms = array();
foreach ($t_matches as $t_match) {
$t_search_terms[trim($t_match[1], "\\'\"")] = $t_match[0][0] == '-';
}
# build a big where-clause and param list for all search terms, including negations
$t_first = true;
$t_textsearch_where_clause = "( ";
foreach ($t_search_terms as $t_search_term => $t_negate) {
if (!$t_first) {
$t_textsearch_where_clause .= ' AND ';
}
if ($t_negate) {
$t_textsearch_where_clause .= 'NOT ';
}
$c_search = '%' . $t_search_term . '%';
$t_textsearch_where_clause .= '( ' . db_helper_like('summary') . ' OR ' . db_helper_like("{$t_bug_text_table}.description") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information") . ' OR ' . db_helper_like("{$t_bugnote_text_table}.note");
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
$t_where_params[] = $c_search;
if (is_numeric($t_search_term)) {
// PostgreSQL on 64-bit OS hack (see #14014)
if (PHP_INT_MAX > 0x7fffffff && db_is_pgsql()) {
$t_search_max = 0x7fffffff;
} else {
$t_search_max = PHP_INT_MAX;
}
// Note: no need to test negative values, '-' sign has been removed
if ($t_search_term <= $t_search_max) {
$c_search_int = (int) $t_search_term;
$t_textsearch_where_clause .= " OR {$t_bug_table}.id = " . db_param();
$t_textsearch_where_clause .= " OR {$t_bugnote_table}.id = " . db_param();
$t_where_params[] = $c_search_int;
$t_where_params[] = $c_search_int;
}
}
$t_textsearch_where_clause .= ' )';
$t_first = false;
}
$t_textsearch_where_clause .= ' )';
# add text query elements to arrays
if (!$t_first) {
$t_from_clauses[] = "{$t_bug_text_table}";
$t_where_clauses[] = "{$t_bug_table}.bug_text_id = {$t_bug_text_table}.id";
$t_where_clauses[] = $t_textsearch_where_clause;
$t_join_clauses[] = " LEFT JOIN {$t_bugnote_table} ON {$t_bug_table}.id = {$t_bugnote_table}.bug_id";
$t_join_clauses[] = " LEFT JOIN {$t_bugnote_text_table} ON {$t_bugnote_table}.bugnote_text_id = {$t_bugnote_text_table}.id";
}
}
# End text search
$t_from_clauses[] = $t_project_table;
$t_from_clauses[] = $t_bug_table;
$t_query_clauses['select'] = $t_select_clauses;
$t_query_clauses['from'] = $t_from_clauses;
$t_query_clauses['join'] = $t_join_clauses;
$t_query_clauses['where'] = $t_where_clauses;
$t_query_clauses['where_values'] = $t_where_params;
$t_query_clauses = filter_get_query_sort_data($t_filter, $p_show_sticky, $t_query_clauses);
# assigning to $p_* for this function writes the values back in case the caller wants to know
# Get the total number of bugs that meet the criteria.
$p_bug_count = filter_get_bug_count($t_query_clauses);
if (0 == $p_bug_count) {
return array();
}
$p_per_page = filter_per_page($t_filter, $p_bug_count, $p_per_page);
$p_page_count = filter_page_count($p_bug_count, $p_per_page);
$p_page_number = filter_valid_page_number($p_page_number, $p_page_count);
$t_offset = filter_offset($p_page_number, $p_per_page);
$t_query_clauses = filter_unique_query_clauses($t_query_clauses);
$t_select_string = "SELECT DISTINCT " . implode(', ', $t_query_clauses['select']);
$t_from_string = " FROM " . implode(', ', $t_query_clauses['from']);
$t_order_string = " ORDER BY " . implode(', ', $t_query_clauses['order']);
$t_join_string = count($t_query_clauses['join']) > 0 ? implode(' ', $t_query_clauses['join']) : '';
$t_where_string = count($t_query_clauses['where']) > 0 ? 'WHERE ' . implode(' AND ', $t_query_clauses['where']) : '';
$t_result = db_query_bound("{$t_select_string} {$t_from_string} {$t_join_string} {$t_where_string} {$t_order_string}", $t_query_clauses['where_values'], $p_per_page, $t_offset);
$t_row_count = db_num_rows($t_result);
$t_id_array_lastmod = array();
for ($i = 0; $i < $t_row_count; $i++) {
$t_row = db_fetch_array($t_result);
$t_id_array_lastmod[] = (int) $t_row['id'];
$t_rows[] = $t_row;
}
return filter_cache_result($t_rows, $t_id_array_lastmod);
}
}
function get_user_array()
{
class User
{
public $id;
public $name;
}
$user_array = array();
$p_project_id = null;
if (null === $p_project_id) {
$p_project_id = helper_get_current_project();
}
if ($p_project_id === ALL_PROJECTS) {
$t_current_user = auth_get_current_user_id();
$t_projects = user_get_accessible_projects($t_current_user);
# Get list of users having access level for all accessible projects
$t_users = array();
foreach ($t_projects as $t_project_id) {
$t_project_users_list = project_get_all_user_rows($t_project_id, DEVELOPER);
# Do a 'smart' merge of the project's user list, into an
# associative array (to remove duplicates)
# Use a foreach loop for correctness
foreach ($t_project_users_list as $t_key => $t_user) {
$t_users[$t_user['id']] = $t_user;
}
unset($t_project_users_list);
}
unset($t_projects);
} else {
$t_users = project_get_all_user_rows($p_project_id, DEVELOPER);
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
$t_bug_table = config_get('mantis_bug_table');
$t_bug_text_table = config_get('mantis_bug_text_table');
$t_bugnote_table = config_get('mantis_bugnote_table');
$t_custom_field_string_table = config_get('mantis_custom_field_string_table');
$t_bugnote_text_table = config_get('mantis_bugnote_text_table');
$t_project_table = config_get('mantis_project_table');
$t_bug_monitor_table = config_get('mantis_bug_monitor_table');
$t_limit_reporters = config_get('limit_reporters');
$t_bug_relationship_table = config_get('mantis_bug_relationship_table');
$t_report_bug_threshold = config_get('report_bug_threshold');
$t_current_user_id = auth_get_current_user_id();
if (null === $p_user_id) {
$t_user_id = $t_current_user_id;
} else {
$t_user_id = $p_user_id;
}
$c_user_id = db_prepare_int($t_user_id);
if (null === $p_project_id) {
$t_project_id = helper_get_current_project();
} else {
$t_project_id = $p_project_id;
}
if ($p_custom_filter === null) {
# Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
# cookies set by previous version of the code.
if ($t_user_id == $t_current_user_id) {
$t_filter = current_user_get_bug_filter();
} else {
$t_filter = user_get_bug_filter($t_user_id, $t_project_id);
}
} else {
$t_filter = $p_custom_filter;
}
$t_filter = filter_ensure_valid_filter($t_filter);
if (false === $t_filter) {
return false;
# signify a need to create a cookie
#@@@ error instead?
}
$t_where_clauses = array("{$t_project_table}.enabled = 1", "{$t_project_table}.id = {$t_bug_table}.project_id");
$t_select_clauses = array("{$t_bug_table}.*");
$t_join_clauses = array();
$t_from_clauses = array();
if (ALL_PROJECTS == $t_project_id) {
if (!user_is_administrator($t_user_id)) {
$t_topprojects = $t_projects = user_get_accessible_projects($t_user_id);
foreach ($t_topprojects as $t_project) {
$t_projects = array_merge($t_projects, user_get_all_accessible_subprojects($t_user_id, $t_project));
}
$t_projects = array_unique($t_projects);
if (0 == count($t_projects)) {
return array();
# no accessible projects, return an empty array
} else {
if (1 == count($t_projects)) {
$t_project = $t_projects[0];
array_push($t_where_clauses, "( {$t_bug_table}.project_id={$t_project} )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.project_id in (" . implode(', ', $t_projects) . ") )");
}
}
}
} else {
access_ensure_project_level(VIEWER, $t_project_id, $t_user_id);
$t_projects = user_get_all_accessible_subprojects($t_user_id, $t_project_id);
$t_projects[] = $t_project_id;
$t_projects = array_unique($t_projects);
if (1 == count($t_projects)) {
$t_project = $t_projects[0];
array_push($t_where_clauses, "( {$t_bug_table}.project_id={$t_project} )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.project_id in (" . implode(', ', $t_projects) . ") )");
}
}
# private bug selection
if (!access_has_project_level(config_get('private_bug_threshold'), $t_project_id, $t_user_id)) {
$t_public = VS_PUBLIC;
$t_private = VS_PRIVATE;
switch ($t_filter['view_state']) {
case VS_PUBLIC:
array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_public}')");
break;
case VS_PRIVATE:
array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_private}' AND {$t_bug_table}.reporter_id='{$t_user_id}')");
break;
case META_FILTER_ANY:
default:
array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_public}' OR {$t_bug_table}.reporter_id='{$t_user_id}')");
break;
}
} else {
$t_view_state = db_prepare_int($t_filter['view_state']);
if ($t_filter['view_state'] !== META_FILTER_ANY && !is_blank($t_filter['view_state'])) {
array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_view_state}')");
}
}
# reporter
$t_any_found = false;
foreach ($t_filter['reporter_id'] as $t_filter_member) {
if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['reporter_id']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['reporter_id'] as $t_filter_member) {
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "0");
} else {
$c_reporter_id = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_reporter_id) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_reporter_id);
}
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.reporter_id={$t_clauses['0']} )");
}
}
# limit reporter
# @@@ thraxisp - access_has_project_level checks greater than or equal to,
# this assumed that there aren't any holes above REPORTER where the limit would apply
#
if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
$c_reporter_id = $c_user_id;
array_push($t_where_clauses, "({$t_bug_table}.reporter_id='{$c_reporter_id}')");
}
# handler
$t_any_found = false;
foreach ($t_filter['handler_id'] as $t_filter_member) {
if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['handler_id']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['handler_id'] as $t_filter_member) {
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, 0);
} else {
$c_handler_id = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_handler_id) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_handler_id);
}
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.handler_id={$t_clauses['0']} )");
}
}
# category
$t_any_found = false;
foreach ($t_filter['show_category'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['show_category']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_category'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_category = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_category}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.category in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.category={$t_clauses['0']} )");
}
}
# severity
$t_any_found = false;
foreach ($t_filter['show_severity'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_severity']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_severity'] as $t_filter_member) {
$c_show_severity = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_severity);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.severity={$t_clauses['0']} )");
}
}
# show / hide status
# take a list of all available statuses then remove the ones that we want hidden, then make sure
# the ones we want shown are still available
$t_status_arr = explode_enum_string(config_get('status_enum_string'));
$t_available_statuses = array();
$t_desired_statuses = array();
foreach ($t_status_arr as $t_this_status) {
$t_this_status_arr = explode_enum_arr($t_this_status);
$t_available_statuses[] = $t_this_status_arr[0];
}
if ('simple' == $t_filter['_view_type']) {
# simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
$t_any_found = false;
$t_this_status = $t_filter['show_status'][0];
$t_this_hide_status = $t_filter['hide_status'][0];
if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
$t_any_found = true;
}
if ($t_any_found) {
foreach ($t_available_statuses as $t_this_available_status) {
if ($t_this_hide_status > $t_this_available_status) {
$t_desired_statuses[] = $t_this_available_status;
}
}
} else {
$t_desired_statuses[] = $t_this_status;
}
} else {
# advanced filtering: ignore the hide
$t_any_found = false;
foreach ($t_filter['show_status'] as $t_this_status) {
$t_desired_statuses[] = $t_this_status;
if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
$t_any_found = true;
}
}
if ($t_any_found) {
$t_desired_statuses = array();
}
}
if (count($t_desired_statuses) > 0) {
$t_clauses = array();
foreach ($t_desired_statuses as $t_filter_member) {
$c_show_status = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_status);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.status={$t_clauses['0']} )");
}
}
# resolution
$t_any_found = false;
foreach ($t_filter['show_resolution'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_resolution']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_resolution'] as $t_filter_member) {
$c_show_resolution = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_resolution);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.resolution={$t_clauses['0']} )");
}
}
# priority
$t_any_found = false;
foreach ($t_filter['show_priority'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['show_priority']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_priority'] as $t_filter_member) {
$c_show_priority = db_prepare_int($t_filter_member);
array_push($t_clauses, $c_show_priority);
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.priority={$t_clauses['0']} )");
}
}
# product build
$t_any_found = false;
foreach ($t_filter['show_build'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['show_build']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_build'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_build = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_build}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.build={$t_clauses['0']} )");
}
}
# product version
$t_any_found = false;
foreach ($t_filter['show_version'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['show_version']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_version'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_show_version = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_show_version}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.version={$t_clauses['0']} )");
}
}
# profile
$t_any_found = false;
foreach ($t_filter['show_profile'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['show_profile']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['show_profile'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "0");
} else {
$c_show_profile = db_prepare_int($t_filter_member);
array_push($t_clauses, "{$c_show_profile}");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.profile_id={$t_clauses['0']} )");
}
}
# date filter
if ('on' == $t_filter['do_filter_by_date'] && is_numeric($t_filter['start_month']) && is_numeric($t_filter['start_day']) && is_numeric($t_filter['start_year']) && is_numeric($t_filter['end_month']) && is_numeric($t_filter['end_day']) && is_numeric($t_filter['end_year'])) {
$t_start_string = db_prepare_string($t_filter['start_year'] . "-" . $t_filter['start_month'] . "-" . $t_filter['start_day'] . " 00:00:00");
$t_end_string = db_prepare_string($t_filter['end_year'] . "-" . $t_filter['end_month'] . "-" . $t_filter['end_day'] . " 23:59:59");
array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN '{$t_start_string}' AND '{$t_end_string}' )");
}
# fixed in version
$t_any_found = false;
foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (count($t_filter['fixed_in_version']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE == $t_filter_member) {
array_push($t_clauses, "''");
} else {
$c_fixed_in_version = db_prepare_string($t_filter_member);
array_push($t_clauses, "'{$c_fixed_in_version}'");
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version={$t_clauses['0']} )");
}
}
# users monitoring a bug
$t_any_found = false;
foreach ($t_filter['user_monitor'] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
$t_any_found = true;
}
}
if (count($t_filter['user_monitor']) == 0) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_clauses = array();
$t_table_name = 'user_monitor';
array_push($t_from_clauses, $t_bug_monitor_table);
array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
foreach ($t_filter['user_monitor'] as $t_filter_member) {
$c_user_monitor = db_prepare_int($t_filter_member);
if (META_FILTER_MYSELF == $c_user_monitor) {
array_push($t_clauses, $c_user_id);
} else {
array_push($t_clauses, $c_user_monitor);
}
}
if (1 < count($t_clauses)) {
array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_clauses) . ") )");
} else {
array_push($t_where_clauses, "( {$t_table_name}.user_id={$t_clauses['0']} )");
}
}
# bug relationship
$t_any_found = false;
$c_rel_type = $t_filter['relationship_type'];
$c_rel_bug = $t_filter['relationship_bug'];
if (-1 == $c_rel_type || 0 == $c_rel_bug) {
$t_any_found = true;
}
if (!$t_any_found) {
# use the complementary type
$c_rel_type = relationship_get_complementary_type($c_rel_type);
$t_clauses = array();
$t_table_name = 'relationship';
array_push($t_from_clauses, $t_bug_relationship_table);
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
// get reverse relationships
if ($c_rel_type == 1) {
array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}" . "2 ON {$t_table_name}" . "2.source_bug_id = {$t_bug_table}.id");
}
array_push($t_clauses, "({$t_table_name}.relationship_type='{$c_rel_type}' AND {$t_table_name}.source_bug_id='{$c_rel_bug}')");
// get reverse relationships
if ($c_rel_type == 1) {
array_push($t_clauses, "({$t_table_name}" . "2.relationship_type='{$c_rel_type}' AND {$t_table_name}" . "2.destination_bug_id='{$c_rel_bug}')");
}
array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
}
# custom field filters
if (ON == config_get('filter_by_custom_fields')) {
# custom field filtering
$t_custom_fields = custom_field_get_linked_ids($t_project_id);
foreach ($t_custom_fields as $t_cfid) {
$t_first_time = true;
$t_custom_where_clause = '';
# Ignore all custom filters that are not set, or that are set to '' or "any"
$t_any_found = false;
foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
$t_any_found = true;
}
}
if (!isset($t_filter['custom_fields'][$t_cfid])) {
$t_any_found = true;
}
if (!$t_any_found) {
$t_def = custom_field_get_definition($t_cfid);
$t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
# We need to filter each joined table or the result query will explode in dimensions
# Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
# and only after this process ends (if it is able to) the result query will be filtered
# by the WHERE clause and by the DISTINCT clause
$t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id AND {$t_table_name}.field_id = {$t_cfid} ";
if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
switch ($t_filter['custom_fields'][$t_cfid][0]) {
case CUSTOM_FIELD_DATE_ANY:
break;
case CUSTOM_FIELD_DATE_NONE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
break;
case CUSTOM_FIELD_DATE_BEFORE:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
break;
case CUSTOM_FIELD_DATE_AFTER:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.field_id = ' . $t_cfid . ' AND (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1) . ')';
break;
default:
array_push($t_join_clauses, $t_cf_join_clause);
$t_custom_where_clause = '(( ' . $t_table_name . '.field_id = ' . $t_cfid . ' AND (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
break;
}
} else {
array_push($t_join_clauses, $t_cf_join_clause);
foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
$t_filter_member = stripslashes($t_filter_member);
if (META_FILTER_NONE === $t_filter_member) {
# coerce filter value if selecting META_FILTER_NONE
$t_filter_member = '';
}
if ($t_first_time) {
$t_first_time = false;
$t_custom_where_clause = '(';
} else {
$t_custom_where_clause .= ' OR ';
}
$t_custom_where_clause .= "{$t_table_name}.value ";
switch ($t_def['type']) {
case CUSTOM_FIELD_TYPE_MULTILIST:
case CUSTOM_FIELD_TYPE_CHECKBOX:
$t_custom_where_clause .= "LIKE '%|";
$t_custom_where_clause_closing = "|%'";
break;
default:
$t_custom_where_clause .= "= '";
$t_custom_where_clause_closing = "'";
}
$t_custom_where_clause .= db_prepare_string($t_filter_member);
$t_custom_where_clause .= $t_custom_where_clause_closing;
}
}
if (!is_blank($t_custom_where_clause)) {
array_push($t_where_clauses, $t_custom_where_clause . ')');
}
}
}
}
$t_textsearch_where_clause = '';
$t_textsearch_wherejoin_clause = '';
# Simple Text Search - Thanks to Alan Knowles
if (!is_blank($t_filter['search'])) {
$c_search = db_prepare_string($t_filter['search']);
$c_search_int = db_prepare_int($t_filter['search']);
$t_textsearch_where_clause = "((summary LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.description LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.steps_to_reproduce LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.additional_information LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_table}.id = '{$c_search_int}'))";
$t_textsearch_wherejoin_clause = "((summary LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.description LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.steps_to_reproduce LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.additional_information LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_table}.id LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bugnote_text_table}.note LIKE '%{$c_search}%'))";
array_push($t_where_clauses, "({$t_bug_text_table}.id = {$t_bug_table}.bug_text_id)");
$t_from_clauses = array($t_bug_text_table, $t_project_table, $t_bug_table);
} else {
$t_from_clauses = array($t_project_table, $t_bug_table);
}
$t_select = implode(', ', array_unique($t_select_clauses));
$t_from = 'FROM ' . implode(', ', array_unique($t_from_clauses));
$t_join = implode(' ', $t_join_clauses);
if (count($t_where_clauses) > 0) {
$t_where = 'WHERE ' . implode(' AND ', $t_where_clauses);
} else {
$t_where = '';
}
# Possibly do two passes. First time, grab the IDs of issues that match the filters. Second time, grab the IDs of issues that
# have bugnotes that match the text search if necessary.
$t_id_array = array();
for ($i = 0; $i < 2; $i++) {
$t_id_where = $t_where;
$t_id_join = $t_join;
if ($i == 0) {
if (!is_blank($t_id_where) && !is_blank($t_textsearch_where_clause)) {
$t_id_where = $t_id_where . ' AND ' . $t_textsearch_where_clause;
}
} else {
if (!is_blank($t_textsearch_wherejoin_clause)) {
$t_id_where = $t_id_where . ' AND ' . $t_textsearch_wherejoin_clause;
$t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_table} ON {$t_bugnote_table}.bug_id = {$t_bug_table}.id";
$t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_text_table} ON {$t_bugnote_text_table}.id = {$t_bugnote_table}.bugnote_text_id";
}
}
$query = "SELECT DISTINCT {$t_bug_table}.id AS id\n\t\t\t\t\t\t{$t_from}\n\t\t\t\t\t\t{$t_id_join}\n\t\t\t\t\t\t{$t_id_where}";
if ($i == 0 || !is_blank($t_textsearch_wherejoin_clause)) {
$result = db_query($query);
$row_count = db_num_rows($result);
for ($j = 0; $j < $row_count; $j++) {
$row = db_fetch_array($result);
$t_id_array[] = db_prepare_int($row['id']);
}
}
}
$t_id_array = array_unique($t_id_array);
if (count($t_id_array) > 0) {
$t_where = "WHERE {$t_bug_table}.id in (" . implode(", ", $t_id_array) . ")";
} else {
$t_where = "WHERE 1 != 1";
}
$t_from = 'FROM ' . $t_bug_table;
# Get the total number of bugs that meet the criteria.
$bug_count = count($t_id_array);
# write the value back in case the caller wants to know
$p_bug_count = $bug_count;
if (null === $p_per_page) {
$p_per_page = (int) $t_filter['per_page'];
} else {
if (-1 == $p_per_page) {
$p_per_page = $bug_count;
}
}
# Guard against silly values of $f_per_page.
if (0 == $p_per_page) {
$p_per_page = 1;
}
$p_per_page = (int) abs($p_per_page);
# Use $bug_count and $p_per_page to determine how many pages
# to split this list up into.
# For the sake of consistency have at least one page, even if it
# is empty.
$t_page_count = ceil($bug_count / $p_per_page);
if ($t_page_count < 1) {
$t_page_count = 1;
}
# write the value back in case the caller wants to know
$p_page_count = $t_page_count;
# Make sure $p_page_number isn't past the last page.
if ($p_page_number > $t_page_count) {
$p_page_number = $t_page_count;
}
# Make sure $p_page_number isn't before the first page
if ($p_page_number < 1) {
$p_page_number = 1;
}
# Now add the rest of the criteria i.e. sorting, limit.
# if sort is blank then default the sort and direction. This is to fix the
# symptoms of #3953. Note that even if the main problem is fixed, we may
# have to keep this code for a while to handle filters saved with this blank field.
if (is_blank($t_filter['sort'])) {
$t_filter['sort'] = 'last_updated';
$t_filter['dir'] = 'DESC';
}
$t_order_array = array();
$t_sort_fields = split(',', $t_filter['sort']);
$t_dir_fields = split(',', $t_filter['dir']);
if ('on' == $t_filter['sticky_issues'] && NULL !== $p_show_sticky) {
$t_order_array[] = "sticky DESC";
}
for ($i = 0; $i < count($t_sort_fields); $i++) {
$c_sort = db_prepare_string($t_sort_fields[$i]);
if (!in_array($t_sort_fields[$i], array_slice($t_sort_fields, $i + 1))) {
# if sorting by a custom field
if (strpos($c_sort, 'custom_') === 0) {
$t_custom_field = substr($c_sort, strlen('custom_'));
$t_custom_field_id = custom_field_get_id_from_name($t_custom_field);
$t_join .= " LEFT JOIN {$t_custom_field_string_table} ON ( ( {$t_custom_field_string_table}.bug_id = {$t_bug_table}.id ) AND ( {$t_custom_field_string_table}.field_id = {$t_custom_field_id} ) )";
$c_sort = "{$t_custom_field_string_table}.value";
$t_select_clauses[] = "{$t_custom_field_string_table}.value";
}
if ('DESC' == $t_dir_fields[$i]) {
$c_dir = 'DESC';
} else {
$c_dir = 'ASC';
}
$t_order_array[] = "{$c_sort} {$c_dir}";
}
}
# add basic sorting if necessary
if (!in_array('last_updated', $t_sort_fields)) {
$t_order_array[] = 'last_updated DESC';
}
if (!in_array('date_submitted', $t_sort_fields)) {
$t_order_array[] = 'date_submitted DESC';
}
$t_order = " ORDER BY " . implode(', ', $t_order_array);
$t_select = implode(', ', array_unique($t_select_clauses));
$query2 = "SELECT DISTINCT {$t_select}\n\t\t\t\t\t{$t_from}\n\t\t\t\t\t{$t_join}\n\t\t\t\t\t{$t_where}\n\t\t\t\t\t{$t_order}";
# Figure out the offset into the db query
#
# for example page number 1, per page 5:
# t_offset = 0
# for example page number 2, per page 5:
# t_offset = 5
$c_per_page = db_prepare_int($p_per_page);
$c_page_number = db_prepare_int($p_page_number);
$t_offset = ($c_page_number - 1) * $c_per_page;
# perform query
$result2 = db_query($query2, $c_per_page, $t_offset);
$row_count = db_num_rows($result2);
$rows = array();
for ($i = 0; $i < $row_count; $i++) {
$row = db_fetch_array($result2);
$row['date_submitted'] = db_unixtimestamp($row['date_submitted']);
$row['last_updated'] = db_unixtimestamp($row['last_updated']);
array_push($rows, $row);
bug_add_to_cache($row);
}
return $rows;
}
function print_user_option_list($p_user_id, $p_project_id = null, $p_access = ANYBODY)
{
$t_current_user = auth_get_current_user_id();
if (null === $p_project_id) {
$p_project_id = helper_get_current_project();
}
if ($p_project_id === ALL_PROJECTS) {
$t_projects = user_get_accessible_projects($t_current_user);
# Get list of users having access level for all accessible projects
$t_users = array();
foreach ($t_projects as $t_project_id) {
$t_project_users_list = project_get_all_user_rows($t_project_id, $p_access);
# Do a 'smart' merge of the project's user list, into an
# associative array (to remove duplicates)
# Use a while loop for better performance
$i = 0;
while (isset($t_project_users_list[$i])) {
$t_users[$t_project_users_list[$i]['id']] = $t_project_users_list[$i];
$i++;
}
unset($t_project_users_list);
}
unset($t_projects);
} else {
$t_users = project_get_all_user_rows($p_project_id, $p_access);
}
$t_display = array();
$t_sort = array();
$t_show_realname = ON == config_get('show_realname');
$t_sort_by_last_name = ON == config_get('sort_by_last_name');
foreach ($t_users as $t_key => $t_user) {
$t_user_name = string_attribute($t_user['username']);
$t_sort_name = utf8_strtolower($t_user_name);
if ($t_show_realname && $t_user['realname'] != '') {
$t_user_name = string_attribute($t_user['realname']);
if ($t_sort_by_last_name) {
$t_sort_name_bits = explode(' ', utf8_strtolower($t_user_name), 2);
$t_sort_name = (isset($t_sort_name_bits[1]) ? $t_sort_name_bits[1] . ', ' : '') . $t_sort_name_bits[0];
} else {
$t_sort_name = utf8_strtolower($t_user_name);
}
}
$t_display[] = $t_user_name;
$t_sort[] = $t_sort_name;
}
array_multisort($t_sort, SORT_ASC, SORT_STRING, $t_users, $t_display);
unset($t_sort);
$t_count = count($t_users);
for ($i = 0; $i < $t_count; $i++) {
$t_row = $t_users[$i];
echo '<option value="' . $t_row['id'] . '" ';
check_selected($p_user_id, $t_row['id']);
echo '>' . $t_display[$i] . '</option>';
}
}
<td width="10%">
<?php
print_manage_project_sort_link('manage_proj_page.php', lang_get('view_status'), 'view_state', $t_direction, $f_sort);
print_sort_icon($t_direction, $f_sort, 'view_state');
?>
</td>
<td width="40%">
<?php
print_manage_project_sort_link('manage_proj_page.php', lang_get('description'), 'description', $t_direction, $f_sort);
print_sort_icon($t_direction, $f_sort, 'description');
?>
</td>
</tr>
<?php
$t_manage_project_threshold = config_get('manage_project_threshold');
$t_projects = user_get_accessible_projects(auth_get_current_user_id(), true);
$t_full_projects = array();
foreach ($t_projects as $t_project_id) {
$t_full_projects[] = project_get_row($t_project_id);
}
$t_projects = multi_sort($t_full_projects, $f_sort, $t_direction);
$t_stack = array($t_projects);
while (0 < count($t_stack)) {
$t_projects = array_shift($t_stack);
if (0 == count($t_projects)) {
continue;
}
$t_project = array_shift($t_projects);
$t_project_id = $t_project['id'];
$t_level = count($t_stack);
# only print row if user has project management privileges
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
if (ALL_PROJECTS == $p_project_id) {
$t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
foreach ($t_topprojects as $t_project) {
$t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
}
$t_project_ids = array_unique($t_project_ids);
} else {
access_ensure_project_level(VIEWER, $p_project_id);
$t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
array_unshift($t_project_ids, $p_project_id);
}
return $t_project_ids;
}