public function get($request)
 {
     /**
      *      Returns the Response with a list of bug URIs.
      *
      *      @param $request - The Request we're responding to
      */
     $visible_project_ids = user_get_accessible_projects(auth_get_current_user_id(), TRUE);
     # Now we construct a query to figure out which of these bugs matches the conditions
     # we got from the query string, and order them correctly.
     $sql_to_add = $this->_build_sql_from_querystring($request->query);
     $bug_ids = array();
     $mantis_bug_table = config_get('mantis_bug_table');
     $query = "SELECT b.id, b.project_id FROM {$mantis_bug_table} b {$sql_to_add};";
     $result = db_query($query);
     # This loop takes care of both the filtering and the sorting.
     foreach ($result as $r) {
         if (in_array($r[1], $visible_project_ids)) {
             $bug_ids[] = $r[0];
         }
     }
     $this->rsrc_data['results'] = array();
     foreach ($bug_ids as $id) {
         $this->rsrc_data['results'][] = Bug::get_url_from_mantis_id($id);
     }
     $resp = new Response();
     $resp->status = 200;
     $resp->body = $this->_repr($request);
     return $resp;
 }
Exemple #2
0
/**
 * Get set of bug rows from given filter
 * @todo Had to make all these parameters required because we can't use call-time pass by reference anymore.
 * I really preferred not having to pass all the params in if you didn't want to, but I wanted to get
 * rid of the errors for now.  If we can think of a better way later (maybe return an object) that would be great.
 *
 * @param integer &$p_page_number  Page number of the page you want to see (set to the actual page on return).
 * @param integer &$p_per_page     The number of bugs to see per page (set to actual on return)
 *                                 -1   indicates you want to see all bugs
 *                                 null indicates you want to use the value specified in the filter.
 * @param integer &$p_page_count   You don't need to give a value here, the number of pages will be stored here on return.
 * @param integer &$p_bug_count    You don't need to give a value here, the number of bugs will be stored here on return.
 * @param mixed   $p_custom_filter Custom Filter to use.
 * @param integer $p_project_id    Project id to use in filtering.
 * @param integer $p_user_id       User id to use as current user when filtering.
 * @param boolean $p_show_sticky   True/false - get sticky issues only.
 * @return boolean|array
 */
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
    log_event(LOG_FILTERING, 'START NEW FILTER QUERY');
    $t_limit_reporters = config_get('limit_reporters');
    $t_report_bug_threshold = config_get('report_bug_threshold');
    $t_where_param_count = 0;
    $t_current_user_id = auth_get_current_user_id();
    if ($p_user_id === null || $p_user_id === 0) {
        $t_user_id = $t_current_user_id;
    } else {
        $t_user_id = $p_user_id;
    }
    $c_user_id = (int) $t_user_id;
    if (null === $p_project_id) {
        # @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
        $t_project_id = helper_get_current_project();
    } else {
        $t_project_id = $p_project_id;
    }
    if ($p_custom_filter === null) {
        # Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
        # cookies set by previous version of the code.
        if ($t_user_id == $t_current_user_id) {
            $t_filter = current_user_get_bug_filter();
        } else {
            $t_filter = user_get_bug_filter($t_user_id, $t_project_id);
        }
    } else {
        $t_filter = $p_custom_filter;
    }
    # if filter isn't return above, create a new filter from an empty array.
    if (false === $t_filter) {
        $t_filter = array();
    }
    $t_filter = filter_ensure_valid_filter($t_filter);
    $t_view_type = $t_filter['_view_type'];
    # project query clauses must be AND-ed always, irrespective of how the filter
    # clauses are requested by the user ( all matching -> AND, any matching -> OR )
    $t_where_clauses = array();
    $t_project_where_clauses = array('{project}.enabled = ' . db_param());
    $t_where_params = array(1);
    $t_select_clauses = array('{bug}.*');
    $t_from_clauses = array('{bug}');
    $t_join_clauses = array(' JOIN {project} ON {project}.id = {bug}.project_id');
    # normalize the project filtering into an array $t_project_ids
    if ('simple' == $t_view_type) {
        log_event(LOG_FILTERING, 'Simple Filter');
        $t_project_ids = array($t_project_id);
        $t_include_sub_projects = true;
    } else {
        log_event(LOG_FILTERING, 'Advanced Filter');
        if (!is_array($t_filter[FILTER_PROPERTY_PROJECT_ID])) {
            $t_project_ids = array((int) $t_filter[FILTER_PROPERTY_PROJECT_ID]);
        } else {
            $t_project_ids = array_map('intval', $t_filter[FILTER_PROPERTY_PROJECT_ID]);
        }
        $t_include_sub_projects = count($t_project_ids) == 1 && ($t_project_ids[0] == META_FILTER_CURRENT || $t_project_ids[0] == ALL_PROJECTS);
    }
    log_event(LOG_FILTERING, 'project_ids = @P' . implode(', @P', $t_project_ids));
    log_event(LOG_FILTERING, 'include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
    # if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
    # replace META_FILTER_CURRENT with the actualy current project id.
    $t_all_projects_found = false;
    $t_new_project_ids = array();
    foreach ($t_project_ids as $t_pid) {
        if ($t_pid == META_FILTER_CURRENT) {
            $t_pid = $t_project_id;
        }
        if ($t_pid == ALL_PROJECTS) {
            $t_all_projects_found = true;
            log_event(LOG_FILTERING, 'all projects selected');
            break;
        }
        # filter out inaccessible projects.
        if (!project_exists($t_pid) || !access_has_project_level(config_get('view_bug_threshold', null, $t_user_id, $t_pid), $t_pid, $t_user_id)) {
            log_event(LOG_FILTERING, 'Invalid or inaccessible project: ' . $t_pid);
            continue;
        }
        $t_new_project_ids[] = $t_pid;
    }
    $t_projects_query_required = true;
    if ($t_all_projects_found) {
        if (user_is_administrator($t_user_id)) {
            log_event(LOG_FILTERING, 'all projects + administrator, hence no project filter.');
            $t_projects_query_required = false;
        } else {
            $t_project_ids = user_get_accessible_projects($t_user_id);
        }
    } else {
        $t_project_ids = $t_new_project_ids;
    }
    if ($t_projects_query_required) {
        # expand project ids to include sub-projects
        if ($t_include_sub_projects) {
            $t_top_project_ids = $t_project_ids;
            foreach ($t_top_project_ids as $t_pid) {
                log_event(LOG_FILTERING, 'Getting sub-projects for project id @P' . $t_pid);
                $t_subproject_ids = user_get_all_accessible_subprojects($t_user_id, $t_pid);
                if (!$t_subproject_ids) {
                    continue;
                }
                $t_project_ids = array_merge($t_project_ids, $t_subproject_ids);
            }
            $t_project_ids = array_unique($t_project_ids);
        }
        # if no projects are accessible, then return an empty array.
        if (count($t_project_ids) == 0) {
            log_event(LOG_FILTERING, 'no accessible projects');
            return array();
        }
        log_event(LOG_FILTERING, 'project_ids after including sub-projects = @P' . implode(', @P', $t_project_ids));
        # this array is to be populated with project ids for which we only want to show public issues.  This is due to the limited
        # access of the current user.
        $t_public_only_project_ids = array();
        # this array is populated with project ids that the current user has full access to.
        $t_private_and_public_project_ids = array();
        $t_limited_projects = array();
        foreach ($t_project_ids as $t_pid) {
            # limit reporters to visible projects
            if (ON === $t_limit_reporters && !access_has_project_level(config_get('report_bug_threshold', null, $t_user_id, $t_pid) + 1, $t_pid, $t_user_id)) {
                array_push($t_limited_projects, '({bug}.project_id=' . $t_pid . ' AND ({bug}.reporter_id=' . $t_user_id . ') )');
            } else {
                $t_access_required_to_view_private_bugs = config_get('private_bug_threshold', null, null, $t_pid);
                if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
                    $t_private_and_public_project_ids[] = $t_pid;
                } else {
                    $t_public_only_project_ids[] = $t_pid;
                }
            }
        }
        log_event(LOG_FILTERING, 'project_ids (with public/private access) = @P' . implode(', @P', $t_private_and_public_project_ids));
        log_event(LOG_FILTERING, 'project_ids (with public access) = @P' . implode(', @P', $t_public_only_project_ids));
        $t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
        if ($t_count_private_and_public_project_ids == 1) {
            $t_private_and_public_query = '( {bug}.project_id = ' . $t_private_and_public_project_ids[0] . ' )';
        } else {
            if ($t_count_private_and_public_project_ids > 1) {
                $t_private_and_public_query = '( {bug}.project_id in (' . implode(', ', $t_private_and_public_project_ids) . ') )';
            } else {
                $t_private_and_public_query = null;
            }
        }
        $t_count_public_only_project_ids = count($t_public_only_project_ids);
        $t_public_view_state_check = '( ( {bug}.view_state = ' . VS_PUBLIC . ' ) OR ( {bug}.reporter_id = ' . $t_user_id . ') )';
        if ($t_count_public_only_project_ids == 1) {
            $t_public_only_query = '( ( {bug}.project_id = ' . $t_public_only_project_ids[0] . ' ) AND ' . $t_public_view_state_check . ')';
        } else {
            if ($t_count_public_only_project_ids > 1) {
                $t_public_only_query = '( ( {bug}.project_id in (' . implode(', ', $t_public_only_project_ids) . ') ) AND ' . $t_public_view_state_check . ')';
            } else {
                $t_public_only_query = null;
            }
        }
        # both queries can't be null, so we either have one of them or both.
        if ($t_private_and_public_query === null) {
            $t_project_query = $t_public_only_query;
        } else {
            if ($t_public_only_query === null) {
                $t_project_query = $t_private_and_public_query;
            } else {
                $t_project_query = '( ' . $t_public_only_query . ' OR ' . $t_private_and_public_query . ' )';
            }
        }
        if (!empty($t_limited_projects)) {
            foreach ($t_limited_projects as $t_string) {
                if ($t_project_query == "") {
                    $t_project_query = " ( {$t_string} ) ";
                } else {
                    $t_project_query = " ( {$t_project_query} OR ( {$t_string} ) )";
                }
            }
        }
        log_event(LOG_FILTERING, 'project query = ' . $t_project_query);
        array_push($t_project_where_clauses, $t_project_query);
    }
    # date filter
    if ('on' == $t_filter[FILTER_PROPERTY_FILTER_BY_DATE] && is_numeric($t_filter[FILTER_PROPERTY_START_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_START_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_START_YEAR]) && is_numeric($t_filter[FILTER_PROPERTY_END_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_END_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_END_YEAR])) {
        $t_start_string = $t_filter[FILTER_PROPERTY_START_YEAR] . '-' . $t_filter[FILTER_PROPERTY_START_MONTH] . '-' . $t_filter[FILTER_PROPERTY_START_DAY] . ' 00:00:00';
        $t_end_string = $t_filter[FILTER_PROPERTY_END_YEAR] . '-' . $t_filter[FILTER_PROPERTY_END_MONTH] . '-' . $t_filter[FILTER_PROPERTY_END_DAY] . ' 23:59:59';
        $t_where_params[] = strtotime($t_start_string);
        $t_where_params[] = strtotime($t_end_string);
        array_push($t_project_where_clauses, '({bug}.date_submitted BETWEEN ' . db_param() . ' AND ' . db_param() . ' )');
    }
    # view state
    $t_view_state = (int) $t_filter[FILTER_PROPERTY_VIEW_STATE];
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VIEW_STATE])) {
        $t_view_state_query = '({bug}.view_state=' . db_param() . ')';
        log_event(LOG_FILTERING, 'view_state query = ' . $t_view_state_query);
        $t_where_params[] = $t_view_state;
        array_push($t_where_clauses, $t_view_state_query);
    } else {
        log_event(LOG_FILTERING, 'no view_state query');
    }
    # reporter
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_REPORTER_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_REPORTER_ID] as $t_filter_member) {
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '0');
            } else {
                $c_reporter_id = (int) $t_filter_member;
                if (filter_field_is_myself($c_reporter_id)) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_reporter_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_reporter_query = '( {bug}.reporter_id in (' . implode(', ', $t_clauses) . ') )';
        } else {
            $t_reporter_query = '( {bug}.reporter_id=' . $t_clauses[0] . ' )';
        }
        log_event(LOG_FILTERING, 'reporter query = ' . $t_reporter_query);
        array_push($t_where_clauses, $t_reporter_query);
    } else {
        log_event(LOG_FILTERING, 'no reporter query');
    }
    # handler
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_HANDLER_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_HANDLER_ID] as $t_filter_member) {
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, 0);
            } else {
                $c_handler_id = (int) $t_filter_member;
                if (filter_field_is_myself($c_handler_id)) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_handler_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_handler_query = '( {bug}.handler_id in (' . implode(', ', $t_clauses) . ') )';
        } else {
            $t_handler_query = '( {bug}.handler_id=' . $t_clauses[0] . ' )';
        }
        log_event(LOG_FILTERING, 'handler query = ' . $t_handler_query);
        array_push($t_where_clauses, $t_handler_query);
    } else {
        log_event(LOG_FILTERING, 'no handler query');
    }
    # category
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_CATEGORY_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_CATEGORY_ID] as $t_filter_member) {
            if (!filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, $t_filter_member);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.category_id in ( SELECT id FROM {category} WHERE name in (' . implode(', ', $t_where_tmp) . ') ) )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.category_id in ( SELECT id FROM {category} WHERE name=' . db_param() . ') )');
        }
    }
    # severity
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_SEVERITY])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_SEVERITY] as $t_filter_member) {
            $c_show_severity = (int) $t_filter_member;
            array_push($t_clauses, $c_show_severity);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.severity in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.severity=' . db_param() . ' )');
        }
    }
    # show / hide status
    # take a list of all available statuses then remove the ones that we want hidden, then make sure
    # the ones we want shown are still available
    $t_desired_statuses = array();
    $t_available_statuses = MantisEnum::getValues(config_get('status_enum_string'));
    if ('simple' == $t_filter['_view_type']) {
        # simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
        $t_this_status = $t_filter[FILTER_PROPERTY_STATUS][0];
        $t_this_hide_status = isset($t_filter[FILTER_PROPERTY_HIDE_STATUS][0]) ? $t_filter[FILTER_PROPERTY_HIDE_STATUS][0] : null;
        if (filter_field_is_any($t_this_status)) {
            foreach ($t_available_statuses as $t_this_available_status) {
                if ($t_this_hide_status > $t_this_available_status) {
                    $t_desired_statuses[] = $t_this_available_status;
                }
            }
        } else {
            $t_desired_statuses[] = $t_this_status;
        }
    } else {
        # advanced filtering: ignore the hide
        if (filter_field_is_any($t_filter[FILTER_PROPERTY_STATUS])) {
            $t_desired_statuses = array();
        } else {
            foreach ($t_filter[FILTER_PROPERTY_STATUS] as $t_this_status) {
                $t_desired_statuses[] = $t_this_status;
            }
        }
    }
    if (count($t_desired_statuses) > 0) {
        $t_clauses = array();
        foreach ($t_desired_statuses as $t_filter_member) {
            $c_show_status = (int) $t_filter_member;
            array_push($t_clauses, $c_show_status);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.status in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.status=' . db_param() . ' )');
        }
    }
    # resolution
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_RESOLUTION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_RESOLUTION] as $t_filter_member) {
            $c_show_resolution = (int) $t_filter_member;
            array_push($t_clauses, $c_show_resolution);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.resolution in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.resolution=' . db_param() . ' )');
        }
    }
    # priority
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRIORITY])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PRIORITY] as $t_filter_member) {
            $c_show_priority = (int) $t_filter_member;
            array_push($t_clauses, $c_show_priority);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.priority in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.priority=' . db_param() . ' )');
        }
    }
    # product build
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_BUILD])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_BUILD] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_show_build = $t_filter_member;
                array_push($t_clauses, $c_show_build);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.build in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.build=' . db_param() . ' )');
        }
    }
    # product version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_show_version = $t_filter_member;
                array_push($t_clauses, $c_show_version);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.version in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.version=' . db_param() . ' )');
        }
    }
    # profile
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PROFILE_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PROFILE_ID] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '0');
            } else {
                $c_show_profile = (int) $t_filter_member;
                array_push($t_clauses, $c_show_profile);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.profile_id in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.profile_id=' . db_param() . ' )');
        }
    }
    # platform
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PLATFORM])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PLATFORM] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_platform = $t_filter_member;
                array_push($t_clauses, $c_platform);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.platform in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.platform = ' . db_param() . ' )');
        }
    }
    # Operating System (os)
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_OS] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_os = $t_filter_member;
                array_push($t_clauses, $c_os);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.os in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.os = ' . db_param() . ' )');
        }
    }
    # Operating System Build (os_build)
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS_BUILD])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_OS_BUILD] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_os_build = $t_filter_member;
                array_push($t_clauses, $c_os_build);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.os_build in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.os_build = ' . db_param() . ' )');
        }
    }
    # fixed in version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_fixed_in_version = $t_filter_member;
                array_push($t_clauses, $c_fixed_in_version);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.fixed_in_version in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.fixed_in_version=' . db_param() . ' )');
        }
    }
    # target version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_TARGET_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_TARGET_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_target_version = $t_filter_member;
                array_push($t_clauses, $c_target_version);
            }
        }
        # echo var_dump( $t_clauses ); exit;
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( {bug}.target_version in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( {bug}.target_version=' . db_param() . ' )');
        }
    }
    # users monitoring a bug
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_MONITOR_USER_ID])) {
        $t_clauses = array();
        $t_table_name = 'user_monitor';
        array_push($t_join_clauses, 'LEFT JOIN {bug_monitor} ' . $t_table_name . ' ON ' . $t_table_name . '.bug_id = {bug}.id');
        foreach ($t_filter[FILTER_PROPERTY_MONITOR_USER_ID] as $t_filter_member) {
            $c_user_monitor = (int) $t_filter_member;
            if (filter_field_is_myself($c_user_monitor)) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_user_monitor);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( ' . $t_table_name . '.user_id in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( ' . $t_table_name . '.user_id=' . db_param() . ' )');
        }
    }
    # bug relationship
    $t_any_found = false;
    $c_rel_type = $t_filter[FILTER_PROPERTY_RELATIONSHIP_TYPE];
    $c_rel_bug = $t_filter[FILTER_PROPERTY_RELATIONSHIP_BUG];
    if (-1 == $c_rel_type || 0 == $c_rel_bug) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        # use the complementary type
        $t_comp_type = relationship_get_complementary_type($c_rel_type);
        $t_clauses = array();
        $t_table_dst = 'rel_dst';
        $t_table_src = 'rel_src';
        array_push($t_join_clauses, 'LEFT JOIN {bug_relationship} ' . $t_table_dst . ' ON ' . $t_table_dst . '.destination_bug_id = {bug}.id');
        array_push($t_join_clauses, 'LEFT JOIN {bug_relationship} ' . $t_table_src . ' ON ' . $t_table_src . '.source_bug_id = {bug}.id');
        # get reverse relationships
        $t_where_params[] = $t_comp_type;
        $t_where_params[] = $c_rel_bug;
        $t_where_params[] = $c_rel_type;
        $t_where_params[] = $c_rel_bug;
        array_push($t_clauses, '(' . $t_table_dst . '.relationship_type=' . db_param() . ' AND ' . $t_table_dst . '.source_bug_id=' . db_param() . ')');
        array_push($t_clauses, '(' . $t_table_src . '.relationship_type=' . db_param() . ' AND ' . $t_table_src . '.destination_bug_id=' . db_param() . ')');
        array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
    }
    # tags
    $c_tag_string = trim($t_filter[FILTER_PROPERTY_TAG_STRING]);
    $c_tag_select = trim($t_filter[FILTER_PROPERTY_TAG_SELECT]);
    if (is_blank($c_tag_string) && !is_blank($c_tag_select) && $c_tag_select != 0) {
        $t_tag = tag_get($c_tag_select);
        $c_tag_string = $t_tag['name'];
    }
    if (!is_blank($c_tag_string)) {
        $t_tags = tag_parse_filters($c_tag_string);
        if (count($t_tags)) {
            $t_tags_all = array();
            $t_tags_any = array();
            $t_tags_none = array();
            foreach ($t_tags as $t_tag_row) {
                switch ($t_tag_row['filter']) {
                    case 1:
                        $t_tags_all[] = $t_tag_row;
                        break;
                    case 0:
                        $t_tags_any[] = $t_tag_row;
                        break;
                    case -1:
                        $t_tags_none[] = $t_tag_row;
                        break;
                }
            }
            if (0 < $t_filter[FILTER_PROPERTY_TAG_SELECT] && tag_exists($t_filter[FILTER_PROPERTY_TAG_SELECT])) {
                $t_tags_any[] = tag_get($t_filter[FILTER_PROPERTY_TAG_SELECT]);
            }
            if (count($t_tags_all)) {
                $t_clauses = array();
                foreach ($t_tags_all as $t_tag_row) {
                    array_push($t_clauses, '{bug}.id IN ( SELECT bug_id FROM {bug_tag} WHERE {bug_tag}.tag_id = ' . $t_tag_row['id'] . ')');
                }
                array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
            }
            if (count($t_tags_any)) {
                $t_clauses = array();
                foreach ($t_tags_any as $t_tag_row) {
                    array_push($t_clauses, '{bug_tag}.tag_id = ' . $t_tag_row['id']);
                }
                array_push($t_where_clauses, '{bug}.id IN ( SELECT bug_id FROM {bug_tag} WHERE ( ' . implode(' OR ', $t_clauses) . ') )');
            }
            if (count($t_tags_none)) {
                $t_clauses = array();
                foreach ($t_tags_none as $t_tag_row) {
                    array_push($t_clauses, '{bug_tag}.tag_id = ' . $t_tag_row['id']);
                }
                array_push($t_where_clauses, '{bug}.id NOT IN ( SELECT bug_id FROM {bug_tag} WHERE ( ' . implode(' OR ', $t_clauses) . ') )');
            }
        }
    }
    # note user id
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_NOTE_USER_ID])) {
        $t_bugnote_table_alias = 'mbnt';
        $t_clauses = array();
        array_push($t_join_clauses, 'LEFT JOIN {bugnote} ' . $t_bugnote_table_alias . ' ON {bug}.id = ' . $t_bugnote_table_alias . '.bug_id');
        foreach ($t_filter[FILTER_PROPERTY_NOTE_USER_ID] as $t_filter_member) {
            $c_note_user_id = (int) $t_filter_member;
            if (filter_field_is_myself($c_note_user_id)) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_note_user_id);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, '( ' . $t_bugnote_table_alias . '.reporter_id in (' . implode(', ', $t_where_tmp) . ') )');
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, '( ' . $t_bugnote_table_alias . '.reporter_id=' . db_param() . ' )');
        }
    }
    # plugin filters
    $t_plugin_filters = filter_get_plugin_filters();
    foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
        if (!filter_field_is_any($t_filter[$t_field_name]) || $t_filter_object->type == FILTER_TYPE_BOOLEAN) {
            $t_filter_query = $t_filter_object->query($t_filter[$t_field_name]);
            if (is_array($t_filter_query)) {
                if (isset($t_filter_query['join'])) {
                    array_push($t_join_clauses, $t_filter_query['join']);
                }
                if (isset($t_filter_query['where'])) {
                    array_push($t_where_clauses, $t_filter_query['where']);
                }
                if (isset($t_filter_query['params']) && is_array($t_filter_query['params'])) {
                    $t_where_params = array_merge($t_where_params, $t_filter_query['params']);
                }
            }
        }
    }
    # custom field filters
    if (ON == config_get('filter_by_custom_fields')) {
        # custom field filtering
        # @@@ At the moment this gets the linked fields relating to the current project
        #     It should get the ones relating to the project in the filter or all projects
        #     if multiple projects.
        $t_custom_fields = custom_field_get_linked_ids($t_project_id);
        foreach ($t_custom_fields as $t_cfid) {
            $t_field_info = custom_field_cache_row($t_cfid, true);
            if (!$t_field_info['filter_by']) {
                continue;
                # skip this custom field it shouldn't be filterable
            }
            $t_field = $t_filter['custom_fields'][$t_cfid];
            $t_custom_where_clause = '';
            # Ignore all custom filters that are not set, or that are set to '' or "any"
            if (!filter_field_is_any($t_field)) {
                $t_def = custom_field_get_definition($t_cfid);
                $t_table_name = '{custom_field_string}_' . $t_cfid;
                # We need to filter each joined table or the result query will explode in dimensions
                # Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
                # and only after this process ends (if it is able to) the result query will be filtered
                # by the WHERE clause and by the DISTINCT clause
                $t_cf_join_clause = 'LEFT JOIN {custom_field_string} ' . $t_table_name . ' ON {bug}.id = ' . $t_table_name . '.bug_id AND ' . $t_table_name . '.field_id = ' . $t_cfid;
                if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
                    # Define the value field with type cast to integer
                    $t_value_field = 'CAST(COALESCE(NULLIF(' . $t_table_name . '.value, \'\'), \'0\') AS DECIMAL)';
                    switch ($t_field[0]) {
                        # Closing parenthesis intentionally omitted, will be added later on
                        case CUSTOM_FIELD_DATE_ANY:
                            break;
                        case CUSTOM_FIELD_DATE_NONE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( ' . $t_table_name . '.bug_id is null OR ' . $t_value_field . ' = 0 ';
                            break;
                        case CUSTOM_FIELD_DATE_BEFORE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( ' . $t_value_field . ' != 0 AND ' . $t_value_field . ' < ' . $t_field[2];
                            break;
                        case CUSTOM_FIELD_DATE_AFTER:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( ' . $t_value_field . ' > ' . ($t_field[1] + 1);
                            break;
                        default:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( ' . $t_value_field . ' BETWEEN ' . $t_field[1] . ' AND ' . $t_field[2];
                            break;
                    }
                } else {
                    array_push($t_join_clauses, $t_cf_join_clause);
                    $t_filter_array = array();
                    foreach ($t_field as $t_filter_member) {
                        $t_filter_member = stripslashes($t_filter_member);
                        if (filter_field_is_none($t_filter_member)) {
                            # coerce filter value if selecting META_FILTER_NONE so it will match empty fields
                            $t_filter_member = '';
                            # but also add those _not_ present in the custom field string table
                            array_push($t_filter_array, '{bug}.id NOT IN (SELECT bug_id FROM {custom_field_string} WHERE field_id=' . $t_cfid . ')');
                        }
                        switch ($t_def['type']) {
                            case CUSTOM_FIELD_TYPE_CHECKBOX:
                            case CUSTOM_FIELD_TYPE_MULTILIST:
                                $t_where_params[] = '%|' . $t_filter_member . '|%';
                                array_push($t_filter_array, db_helper_like($t_table_name . '.value'));
                                break;
                            case CUSTOM_FIELD_TYPE_TEXTAREA:
                                $t_where_params[] = '%' . $t_filter_member . '%';
                                array_push($t_filter_array, db_helper_like($t_table_name . '.text'));
                                break;
                            default:
                                $t_where_params[] = $t_filter_member;
                                array_push($t_filter_array, $t_table_name . '.value = ' . db_param());
                        }
                    }
                    $t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
                }
                if (!is_blank($t_custom_where_clause)) {
                    array_push($t_where_clauses, $t_custom_where_clause . ')');
                }
            }
        }
    }
    # Text search
    if (!is_blank($t_filter[FILTER_PROPERTY_SEARCH])) {
        # break up search terms by spacing or quoting
        preg_match_all("/-?([^'\"\\s]+|\"[^\"]+\"|'[^']+')/", $t_filter[FILTER_PROPERTY_SEARCH], $t_matches, PREG_SET_ORDER);
        # organize terms without quoting, paying attention to negation
        $t_search_terms = array();
        foreach ($t_matches as $t_match) {
            $t_search_terms[trim($t_match[1], "\\'\"")] = $t_match[0][0] == '-';
        }
        # build a big where-clause and param list for all search terms, including negations
        $t_first = true;
        $t_textsearch_where_clause = '( ';
        foreach ($t_search_terms as $t_search_term => $t_negate) {
            if (!$t_first) {
                $t_textsearch_where_clause .= ' AND ';
            }
            if ($t_negate) {
                $t_textsearch_where_clause .= 'NOT ';
            }
            $c_search = '%' . $t_search_term . '%';
            $t_textsearch_where_clause .= '( ' . db_helper_like('{bug}.summary') . ' OR ' . db_helper_like('{bug_text}.description') . ' OR ' . db_helper_like('{bug_text}.steps_to_reproduce') . ' OR ' . db_helper_like('{bug_text}.additional_information') . ' OR ' . db_helper_like('{bugnote_text}.note');
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            if (is_numeric($t_search_term)) {
                # PostgreSQL on 64-bit OS hack (see #14014)
                if (PHP_INT_MAX > 0x7fffffff && db_is_pgsql()) {
                    $t_search_max = 0x7fffffff;
                } else {
                    $t_search_max = PHP_INT_MAX;
                }
                # Note: no need to test negative values, '-' sign has been removed
                if ($t_search_term <= $t_search_max) {
                    $c_search_int = (int) $t_search_term;
                    $t_textsearch_where_clause .= ' OR {bug}.id = ' . db_param();
                    $t_textsearch_where_clause .= ' OR {bugnote}.id = ' . db_param();
                    $t_where_params[] = $c_search_int;
                    $t_where_params[] = $c_search_int;
                }
            }
            $t_textsearch_where_clause .= ' )';
            $t_first = false;
        }
        $t_textsearch_where_clause .= ' )';
        # add text query elements to arrays
        if (!$t_first) {
            $t_join_clauses[] = 'JOIN {bug_text} ON {bug}.bug_text_id = {bug_text}.id';
            $t_join_clauses[] = 'LEFT JOIN {bugnote} ON {bug}.id = {bugnote}.bug_id';
            # Outer join required otherwise we don't retrieve issues without notes
            $t_join_clauses[] = 'LEFT JOIN {bugnote_text} ON {bugnote}.bugnote_text_id = {bugnote_text}.id';
            $t_where_clauses[] = $t_textsearch_where_clause;
        }
    }
    # End text search
    # Determine join operator
    if ($t_filter[FILTER_PROPERTY_MATCH_TYPE] == FILTER_MATCH_ANY) {
        $t_join_operator = ' OR ';
    } else {
        $t_join_operator = ' AND ';
    }
    log_event(LOG_FILTERING, 'Join operator : ' . $t_join_operator);
    $t_query_clauses['select'] = $t_select_clauses;
    $t_query_clauses['from'] = $t_from_clauses;
    $t_query_clauses['join'] = $t_join_clauses;
    $t_query_clauses['where'] = $t_where_clauses;
    $t_query_clauses['where_values'] = $t_where_params;
    $t_query_clauses['project_where'] = $t_project_where_clauses;
    $t_query_clauses['operator'] = $t_join_operator;
    $t_query_clauses = filter_get_query_sort_data($t_filter, $p_show_sticky, $t_query_clauses);
    # assigning to $p_* for this function writes the values back in case the caller wants to know
    # Get the total number of bugs that meet the criteria.
    $p_bug_count = filter_get_bug_count($t_query_clauses);
    if (0 == $p_bug_count) {
        return array();
    }
    $p_per_page = filter_per_page($t_filter, $p_bug_count, $p_per_page);
    $p_page_count = filter_page_count($p_bug_count, $p_per_page);
    $p_page_number = filter_valid_page_number($p_page_number, $p_page_count);
    $t_offset = filter_offset($p_page_number, $p_per_page);
    $t_query_clauses = filter_unique_query_clauses($t_query_clauses);
    $t_select_string = 'SELECT DISTINCT ' . implode(', ', $t_query_clauses['select']);
    $t_from_string = ' FROM ' . implode(', ', $t_query_clauses['from']);
    $t_order_string = ' ORDER BY ' . implode(', ', $t_query_clauses['order']);
    $t_join_string = count($t_query_clauses['join']) > 0 ? implode(' ', $t_query_clauses['join']) : ' ';
    $t_where_string = ' WHERE ' . implode(' AND ', $t_query_clauses['project_where']);
    if (count($t_query_clauses['where']) > 0) {
        $t_where_string .= ' AND ( ';
        $t_where_string .= implode($t_join_operator, $t_query_clauses['where']);
        $t_where_string .= ' ) ';
    }
    $t_result = db_query($t_select_string . $t_from_string . $t_join_string . $t_where_string . $t_order_string, $t_query_clauses['where_values'], $p_per_page, $t_offset);
    $t_id_array_lastmod = array();
    while ($t_row = db_fetch_array($t_result)) {
        $t_id_array_lastmod[] = (int) $t_row['id'];
        $t_rows[] = $t_row;
    }
    return filter_cache_result($t_rows, $t_id_array_lastmod);
}
Exemple #3
0
function helper_project_specific_where($p_project_id, $p_user_id = null)
{
    if (null === $p_user_id) {
        $p_user_id = auth_get_current_user_id();
    }
    if (ALL_PROJECTS == $p_project_id) {
        $t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
        foreach ($t_topprojects as $t_project) {
            $t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
        }
        $t_project_ids = array_unique($t_project_ids);
    } else {
        access_ensure_project_level(VIEWER, $p_project_id);
        $t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
        array_unshift($t_project_ids, $p_project_id);
    }
    $t_project_ids = array_map('db_prepare_int', $t_project_ids);
    if (0 == count($t_project_ids)) {
        $t_project_filter = ' 1<>1';
    } elseif (1 == count($t_project_ids)) {
        $t_project_filter = ' project_id=' . $t_project_ids[0];
    } else {
        $t_project_filter = ' project_id IN (' . join(',', $t_project_ids) . ')';
    }
    return $t_project_filter;
}
Exemple #4
0
/**
 * List projects that the current user has access to.
 *
 * @param integer        $p_project_id           The current project id or null to use cookie.
 * @param boolean        $p_include_all_projects True: include "All Projects", otherwise false.
 * @param integer|null   $p_filter_project_id    The id of a project to exclude or null.
 * @param string|boolean $p_trace                The current project trace, identifies the sub-project via a path from top to bottom.
 * @param boolean        $p_can_report_only      If true, disables projects in which user can't report issues; defaults to false (all projects enabled).
 * @return void
 */
function print_project_option_list($p_project_id = null, $p_include_all_projects = true, $p_filter_project_id = null, $p_trace = false, $p_can_report_only = false)
{
    $t_user_id = auth_get_current_user_id();
    $t_project_ids = user_get_accessible_projects($t_user_id);
    $t_can_report = true;
    project_cache_array_rows($t_project_ids);
    if ($p_include_all_projects && $p_filter_project_id !== ALL_PROJECTS) {
        echo '<option value="' . ALL_PROJECTS . '"';
        if ($p_project_id !== null) {
            check_selected($p_project_id, ALL_PROJECTS, false);
        }
        echo '>' . lang_get('all_projects') . '</option>' . "\n";
    }
    foreach ($t_project_ids as $t_id) {
        if ($p_can_report_only) {
            $t_report_bug_threshold = config_get('report_bug_threshold', null, $t_user_id, $t_id);
            $t_can_report = access_has_project_level($t_report_bug_threshold, $t_id, $t_user_id);
        }
        echo '<option value="' . $t_id . '"';
        check_selected($p_project_id, $t_id, false);
        check_disabled($t_id == $p_filter_project_id || !$t_can_report);
        echo '>' . string_attribute(project_get_field($t_id, 'name')) . '</option>' . "\n";
        print_subproject_option_list($t_id, $p_project_id, $p_filter_project_id, $p_trace, $p_can_report_only);
    }
}
Exemple #5
0
/**
 * retun an array of sub-project IDs of all project to which the user has access
 * @param integer $p_user_id    A valid user identifier.
 * @param integer $p_project_id A valid project identifier.
 * @return array
 */
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
    if (ALL_PROJECTS == $p_project_id) {
        $t_topprojects = user_get_accessible_projects($p_user_id);
        # Cover the case for PHP < 5.4 where array_combine() returns
        # false and triggers warning if arrays are empty (see #16187)
        if (empty($t_topprojects)) {
            return array();
        }
        # Create a combined array where key = value
        $t_project_ids = array_combine($t_topprojects, $t_topprojects);
        # Add all subprojects user has access to
        foreach ($t_topprojects as $t_project) {
            $t_subprojects_ids = user_get_all_accessible_subprojects($p_user_id, $t_project);
            foreach ($t_subprojects_ids as $t_id) {
                $t_project_ids[$t_id] = $t_id;
            }
        }
    } else {
        access_ensure_project_level(VIEWER, $p_project_id);
        $t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
        array_unshift($t_project_ids, $p_project_id);
    }
    return $t_project_ids;
}
Exemple #6
0
/**
 * Get the attachments that belong to the specified project.
 *
 * @param string $p_username  The name of the user trying to access the versions.
 * @param string $p_password  The password of the user.
 * @param integer $p_project_id  The id of the project to retrieve the attachments for.
 * @return Array  representing a ProjectAttachmentDataArray structure.
 */
function mc_project_get_attachments($p_username, $p_password, $p_project_id)
{
    $t_user_id = mci_check_login($p_username, $p_password);
    if ($t_user_id === false) {
        return mci_soap_fault_login_failed();
    }
    # Check if project documentation feature is enabled.
    if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    if (!project_exists($p_project_id)) {
        return new soap_fault('Client', '', "Project '{$p_project_id}' does not exist.");
    }
    if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    $t_project_file_table = db_get_table('project_file');
    $t_project_table = db_get_table('project');
    $t_project_user_list_table = db_get_table('project_user_list');
    $t_user_table = db_get_table('user');
    $t_pub = VS_PUBLIC;
    $t_priv = VS_PRIVATE;
    $t_admin = config_get_global('admin_site_threshold');
    if ($p_project_id == ALL_PROJECTS) {
        # Select all the projects that the user has access to
        $t_projects = user_get_accessible_projects($t_user_id);
    } else {
        # Select the specific project
        $t_projects = array($p_project_id);
    }
    $t_projects[] = ALL_PROJECTS;
    # add ALL_PROJECTS to the list of projects to fetch
    $t_reqd_access = config_get('view_proj_doc_threshold');
    if (is_array($t_reqd_access)) {
        if (1 == count($t_reqd_access)) {
            $t_access_clause = "= " . array_shift($t_reqd_access) . " ";
        } else {
            $t_access_clause = "IN (" . implode(',', $t_reqd_access) . ")";
        }
    } else {
        $t_access_clause = ">= {$t_reqd_access} ";
    }
    $query = "SELECT pft.id, pft.project_id, pft.filename, pft.file_type, pft.filesize, pft.title, pft.description, pft.date_added\n\t\tFROM {$t_project_file_table} pft\n\t\tLEFT JOIN {$t_project_table} pt ON pft.project_id = pt.id\n\t\tLEFT JOIN {$t_project_user_list_table} pult\n\t\tON pft.project_id = pult.project_id AND pult.user_id = {$t_user_id}\n\t\tLEFT JOIN {$t_user_table} ut ON ut.id = {$t_user_id}\n\t\tWHERE pft.project_id in (" . implode(',', $t_projects) . ") AND\n\t\t( ( ( pt.view_state = {$t_pub} OR pt.view_state is null ) AND pult.user_id is null AND ut.access_level {$t_access_clause} ) OR\n\t\t( ( pult.user_id = {$t_user_id} ) AND ( pult.access_level {$t_access_clause} ) ) OR\n\t\t( ut.access_level = {$t_admin} ) )\n\t\tORDER BY pt.name ASC, pft.title ASC";
    $result = db_query($query);
    $num_files = db_num_rows($result);
    $t_result = array();
    for ($i = 0; $i < $num_files; $i++) {
        $row = db_fetch_array($result);
        $t_attachment = array();
        $t_attachment['id'] = $row['id'];
        $t_attachment['filename'] = $row['filename'];
        $t_attachment['title'] = $row['title'];
        $t_attachment['description'] = $row['description'];
        $t_attachment['size'] = $row['filesize'];
        $t_attachment['content_type'] = $row['file_type'];
        $t_attachment['date_submitted'] = timestamp_to_iso8601($row['date_added']);
        $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $row['id'] . '&amp;type=doc';
        $t_result[] = $t_attachment;
    }
    return $t_result;
}
/**
 * Returns an array of projects that are accessible to the current logged in
 * user.
 *
 * @param show_disabled	Include disabled projects.
 * @return an array of accessible project ids.
 * @access public
 */
function current_user_get_accessible_projects($p_show_disabled = false)
{
    return user_get_accessible_projects(auth_get_current_user_id(), $p_show_disabled);
}
Exemple #8
0
    foreach ($rows as $t_row) {
        $t_categories[] = $t_row->category_id;
    }
    category_cache_array_rows(array_unique($t_categories));
}
// get all user set filters
$t_filter = current_user_get_bug_filter();
// if viewing all projects, allow to switch between combined and splitted view
// (all projects mixed together or separated into rows)
$f_default_pdisplay = "combined";
$pdisplay = gpc_get_string('pdisplay', $f_default_pdisplay);
// only one project to display?
if ($t_project_id || $pdisplay == "combined") {
    $all_project_ids = array($t_project_id);
} else {
    $all_project_ids = user_get_accessible_projects($t_current_user_id);
}
$rowcounts = array();
foreach ($all_project_ids as $curr_project_id) {
    ?>
    <tr>
        <td class="projectHeader" colspan="<?php 
    echo count($columns);
    ?>
">
            <h1><?php 
    echo project_get_name($curr_project_id);
    ?>
</h1>
        </td>
    </tr>
# along with Mantis.  If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: summary_page.php,v 1.54.2.1 2007-10-13 22:34:43 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'summary_api.php';
access_ensure_project_level(config_get('view_summary_threshold'));
$f_project_id = gpc_get_int('project_id', helper_get_current_project());
# Override the current page to make sure we get the appropriate project-specific configuration
$g_project_override = $f_project_id;
$t_user_id = auth_get_current_user_id();
# @@@ giallu: this block of code is duplicated from helper_project_specific_where
# the only diff is the commented line below: can we do better than this ?
if (ALL_PROJECTS == $f_project_id) {
    $t_topprojects = $t_project_ids = user_get_accessible_projects($t_user_id);
    foreach ($t_topprojects as $t_project) {
        $t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($t_user_id, $t_project));
    }
    $t_project_ids = array_unique($t_project_ids);
} else {
    # access_ensure_project_level( VIEWER, $p_project_id );
    $t_project_ids = user_get_all_accessible_subprojects($t_user_id, $f_project_id);
    array_unshift($t_project_ids, $f_project_id);
}
$t_project_ids = array_map('db_prepare_int', $t_project_ids);
if (0 == count($t_project_ids)) {
    $specific_where = ' 1 <> 1';
} elseif (1 == count($t_project_ids)) {
    $specific_where = ' project_id=' . $t_project_ids[0];
} else {
/**
 * Get the attachments that belong to the specified project.
 *
 * @param string  $p_username   The name of the user trying to access the versions.
 * @param string  $p_password   The password of the user.
 * @param integer $p_project_id The id of the project to retrieve the attachments for.
 * @return array  representing a ProjectAttachmentDataArray structure.
 */
function mc_project_get_attachments($p_username, $p_password, $p_project_id)
{
    global $g_project_override;
    $t_user_id = mci_check_login($p_username, $p_password);
    if ($t_user_id === false) {
        return mci_soap_fault_login_failed();
    }
    $g_project_override = $p_project_id;
    # Check if project documentation feature is enabled.
    if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    if (!project_exists($p_project_id)) {
        return SoapObjectsFactory::newSoapFault('Client', 'Project \'' . $p_project_id . '\' does not exist.');
    }
    if (!mci_has_readonly_access($t_user_id, $p_project_id)) {
        return mci_soap_fault_access_denied($t_user_id);
    }
    $t_pub = VS_PUBLIC;
    $t_priv = VS_PRIVATE;
    $t_admin = config_get_global('admin_site_threshold');
    if ($p_project_id == ALL_PROJECTS) {
        # Select all the projects that the user has access to
        $t_projects = user_get_accessible_projects($t_user_id);
    } else {
        # Select the specific project
        $t_projects = array($p_project_id);
    }
    $t_projects[] = ALL_PROJECTS;
    # add ALL_PROJECTS to the list of projects to fetch
    $t_reqd_access = config_get('view_proj_doc_threshold');
    if (is_array($t_reqd_access)) {
        if (1 == count($t_reqd_access)) {
            $t_access_clause = '= ' . array_shift($t_reqd_access) . ' ';
        } else {
            $t_access_clause = 'IN (' . implode(',', $t_reqd_access) . ')';
        }
    } else {
        $t_access_clause = '>= ' . $t_reqd_access;
    }
    $t_query = 'SELECT pft.id, pft.project_id, pft.filename, pft.file_type, pft.filesize, pft.title, pft.description, pft.date_added, pft.user_id
		FROM {project_file} pft
		LEFT JOIN {project} pt ON pft.project_id = pt.id
		LEFT JOIN {project_user_list} pult
		ON pft.project_id = pult.project_id AND pult.user_id = ' . db_param() . '
		LEFT JOIN {user} ut ON ut.id = ' . db_param() . '
		WHERE pft.project_id in (' . implode(',', $t_projects) . ') AND
		( ( ( pt.view_state = ' . db_param() . ' OR pt.view_state is null ) AND pult.user_id is null AND ut.access_level ' . $t_access_clause . ' ) OR
		( ( pult.user_id = ' . db_param() . ' ) AND ( pult.access_level ' . $t_access_clause . ' ) ) OR
		( ut.access_level = ' . db_param() . ' ) )
		ORDER BY pt.name ASC, pft.title ASC';
    $t_result = db_query($t_query, array($t_user_id, $t_user_id, $t_pub, $t_user_id, $t_admin));
    $t_num_files = db_num_rows($t_result);
    $t_attachments = array();
    for ($i = 0; $i < $t_num_files; $i++) {
        $t_row = db_fetch_array($t_result);
        $t_attachment = array();
        $t_attachment['id'] = $t_row['id'];
        $t_attachment['filename'] = $t_row['filename'];
        $t_attachment['title'] = $t_row['title'];
        $t_attachment['description'] = $t_row['description'];
        $t_attachment['size'] = $t_row['filesize'];
        $t_attachment['content_type'] = $t_row['file_type'];
        $t_attachment['date_submitted'] = SoapObjectsFactory::newDateTimeVar($t_row['date_added']);
        $t_attachment['download_url'] = mci_get_mantis_path() . 'file_download.php?file_id=' . $t_row['id'] . '&amp;type=doc';
        $t_attachment['user_id'] = $t_row['user_id'];
        $t_attachments[] = $t_attachment;
    }
    return $t_attachments;
}
Exemple #11
0
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
    log_event(LOG_FILTERING, 'FILTERING: START NEW FILTER QUERY');
    $t_bug_table = config_get('mantis_bug_table');
    $t_bug_text_table = config_get('mantis_bug_text_table');
    $t_bugnote_table = config_get('mantis_bugnote_table');
    $t_custom_field_string_table = config_get('mantis_custom_field_string_table');
    $t_bugnote_text_table = config_get('mantis_bugnote_text_table');
    $t_project_table = config_get('mantis_project_table');
    $t_bug_monitor_table = config_get('mantis_bug_monitor_table');
    $t_limit_reporters = config_get('limit_reporters');
    $t_bug_relationship_table = config_get('mantis_bug_relationship_table');
    $t_report_bug_threshold = config_get('report_bug_threshold');
    $t_current_user_id = auth_get_current_user_id();
    if (null === $p_user_id) {
        $t_user_id = $t_current_user_id;
    } else {
        $t_user_id = $p_user_id;
    }
    $c_user_id = db_prepare_int($t_user_id);
    if (null === $p_project_id) {
        # @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
        $t_project_id = helper_get_current_project();
    } else {
        $t_project_id = $p_project_id;
    }
    if ($p_custom_filter === null) {
        # Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
        # cookies set by previous version of the code.
        if ($t_user_id == $t_current_user_id) {
            $t_filter = current_user_get_bug_filter();
        } else {
            $t_filter = user_get_bug_filter($t_user_id, $t_project_id);
        }
    } else {
        $t_filter = $p_custom_filter;
    }
    $t_filter = filter_ensure_valid_filter($t_filter);
    if (false === $t_filter) {
        return false;
        # signify a need to create a cookie
        #@@@ error instead?
    }
    $t_view_type = $t_filter['_view_type'];
    $t_where_clauses = array("{$t_project_table}.enabled = 1", "{$t_project_table}.id = {$t_bug_table}.project_id");
    $t_select_clauses = array("{$t_bug_table}.*");
    $t_join_clauses = array();
    $t_from_clauses = array();
    // normalize the project filtering into an array $t_project_ids
    if ('simple' == $t_view_type) {
        log_event(LOG_FILTERING, 'FILTERING: Simple Filter');
        $t_project_ids = array($t_project_id);
        $t_include_sub_projects = true;
    } else {
        log_event(LOG_FILTERING, 'FILTERING: Advanced Filter');
        if (!is_array($t_filter['project_id'])) {
            $t_project_ids = array(db_prepare_int($t_filter['project_id']));
        } else {
            $t_project_ids = array_map('db_prepare_int', $t_filter['project_id']);
        }
        $t_include_sub_projects = count($t_project_ids) == 1 && $t_project_ids[0] == META_FILTER_CURRENT;
    }
    log_event(LOG_FILTERING, 'FILTERING: project_ids = ' . implode(',', $t_project_ids));
    log_event(LOG_FILTERING, 'FILTERING: include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
    // if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
    // replace META_FILTER_CURRENT with the actualy current project id.
    $t_all_projects_found = false;
    $t_new_project_ids = array();
    foreach ($t_project_ids as $t_pid) {
        if ($t_pid == META_FILTER_CURRENT) {
            $t_pid = $t_project_id;
        }
        if ($t_pid == ALL_PROJECTS) {
            $t_all_projects_found = true;
            log_event(LOG_FILTERING, 'FILTERING: all projects selected');
            break;
        }
        // filter out inaccessible projects.
        if (!access_has_project_level(VIEWER, $t_pid, $t_user_id)) {
            continue;
        }
        $t_new_project_ids[] = $t_pid;
    }
    $t_projects_query_required = true;
    if ($t_all_projects_found) {
        if (user_is_administrator($t_user_id)) {
            log_event(LOG_FILTERING, 'FILTERING: all projects + administrator, hence no project filter.');
            $t_projects_query_required = false;
        } else {
            $t_project_ids = user_get_accessible_projects($t_user_id);
        }
    } else {
        $t_project_ids = $t_new_project_ids;
    }
    if ($t_projects_query_required) {
        // expand project ids to include sub-projects
        if ($t_include_sub_projects) {
            $t_top_project_ids = $t_project_ids;
            foreach ($t_top_project_ids as $t_pid) {
                log_event(LOG_FILTERING, 'FILTERING: Getting sub-projects for project id ' . $t_pid);
                $t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($t_user_id, $t_pid));
            }
            $t_project_ids = array_unique($t_project_ids);
        }
        // if no projects are accessible, then return an empty array.
        if (count($t_project_ids) == 0) {
            log_event(LOG_FILTERING, 'FILTERING: no accessible projects');
            return array();
        }
        log_event(LOG_FILTERING, 'FILTERING: project_ids after including sub-projects = ' . implode(',', $t_project_ids));
        // this array is to be populated with project ids for which we only want to show public issues.  This is due to the limited
        // access of the current user.
        $t_public_only_project_ids = array();
        // this array is populated with project ids that the current user has full access to.
        $t_private_and_public_project_ids = array();
        $t_access_required_to_view_private_bugs = config_get('private_bug_threshold');
        foreach ($t_project_ids as $t_pid) {
            if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
                $t_private_and_public_project_ids[] = $t_pid;
            } else {
                $t_public_only_project_ids[] = $t_pid;
            }
        }
        log_event(LOG_FILTERING, 'FILTERING: project_ids (with public/private access) = ' . implode(',', $t_private_and_public_project_ids));
        log_event(LOG_FILTERING, 'FILTERING: project_ids (with public access) = ' . implode(',', $t_public_only_project_ids));
        $t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
        if ($t_count_private_and_public_project_ids == 1) {
            $t_private_and_public_query = "( {$t_bug_table}.project_id = " . $t_private_and_public_project_ids[0] . " )";
        } else {
            if ($t_count_private_and_public_project_ids > 1) {
                $t_private_and_public_query = "( {$t_bug_table}.project_id in (" . implode(', ', $t_private_and_public_project_ids) . ") )";
            } else {
                $t_private_and_public_query = null;
            }
        }
        $t_count_public_only_project_ids = count($t_public_only_project_ids);
        $t_public_view_state_check = "( ( {$t_bug_table}.view_state = " . VS_PUBLIC . " ) OR ( {$t_bug_table}.reporter_id = {$t_user_id} ) )";
        if ($t_count_public_only_project_ids == 1) {
            $t_public_only_query = "( ( {$t_bug_table}.project_id = " . $t_public_only_project_ids[0] . " ) AND {$t_public_view_state_check} )";
        } else {
            if ($t_count_public_only_project_ids > 1) {
                $t_public_only_query = "( ( {$t_bug_table}.project_id in (" . implode(', ', $t_public_only_project_ids) . ") ) AND {$t_public_view_state_check} )";
            } else {
                $t_public_only_query = null;
            }
        }
        // both queries can't be null, so we either have one of them or both.
        if ($t_private_and_public_query === null) {
            $t_project_query = $t_public_only_query;
        } else {
            if ($t_public_only_query === null) {
                $t_project_query = $t_private_and_public_query;
            } else {
                $t_project_query = "( {$t_public_only_query} OR {$t_private_and_public_query} )";
            }
        }
        log_event(LOG_FILTERING, 'FILTERING: project query = ' . $t_project_query);
        array_push($t_where_clauses, $t_project_query);
    }
    # view state
    $t_view_state = db_prepare_int($t_filter['view_state']);
    if ($t_filter['view_state'] !== META_FILTER_ANY && !is_blank($t_filter['view_state'])) {
        $t_view_state_query = "({$t_bug_table}.view_state='{$t_view_state}')";
        log_event(LOG_FILTERING, 'FILTERING: view_state query = ' . $t_view_state_query);
        array_push($t_where_clauses, $t_view_state_query);
    } else {
        log_event(LOG_FILTERING, 'FILTERING: no view_state query');
    }
    # reporter
    $t_any_found = false;
    foreach ($t_filter['reporter_id'] as $t_filter_member) {
        if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['reporter_id']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['reporter_id'] as $t_filter_member) {
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "0");
            } else {
                $c_reporter_id = db_prepare_int($t_filter_member);
                if (META_FILTER_MYSELF == $c_reporter_id) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_reporter_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_reporter_query = "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )";
        } else {
            $t_reporter_query = "( {$t_bug_table}.reporter_id={$t_clauses['0']} )";
        }
        log_event(LOG_FILTERING, 'FILTERING: reporter query = ' . $t_reporter_query);
        array_push($t_where_clauses, $t_reporter_query);
    } else {
        log_event(LOG_FILTERING, 'FILTERING: no reporter query');
    }
    # limit reporter
    # @@@ thraxisp - access_has_project_level checks greater than or equal to,
    #   this assumed that there aren't any holes above REPORTER where the limit would apply
    #
    if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
        $c_reporter_id = $c_user_id;
        array_push($t_where_clauses, "({$t_bug_table}.reporter_id='{$c_reporter_id}')");
    }
    # handler
    $t_any_found = false;
    foreach ($t_filter['handler_id'] as $t_filter_member) {
        if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['handler_id']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['handler_id'] as $t_filter_member) {
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, 0);
            } else {
                $c_handler_id = db_prepare_int($t_filter_member);
                if (META_FILTER_MYSELF == $c_handler_id) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_handler_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_handler_query = "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )";
        } else {
            $t_handler_query = "( {$t_bug_table}.handler_id={$t_clauses['0']} )";
        }
        log_event(LOG_FILTERING, 'FILTERING: handler query = ' . $t_handler_query);
        array_push($t_where_clauses, $t_handler_query);
    } else {
        log_event(LOG_FILTERING, 'FILTERING: no handler query');
    }
    # category
    if (!_filter_is_any($t_filter['show_category'])) {
        $t_clauses = array();
        foreach ($t_filter['show_category'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_category = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_category}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.category in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.category={$t_clauses['0']} )");
        }
    }
    # severity
    $t_any_found = false;
    foreach ($t_filter['show_severity'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_severity']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_severity'] as $t_filter_member) {
            $c_show_severity = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_severity);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.severity={$t_clauses['0']} )");
        }
    }
    # show / hide status
    # take a list of all available statuses then remove the ones that we want hidden, then make sure
    # the ones we want shown are still available
    $t_status_arr = explode_enum_string(config_get('status_enum_string'));
    $t_available_statuses = array();
    $t_desired_statuses = array();
    foreach ($t_status_arr as $t_this_status) {
        $t_this_status_arr = explode_enum_arr($t_this_status);
        $t_available_statuses[] = $t_this_status_arr[0];
    }
    if ('simple' == $t_filter['_view_type']) {
        # simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
        $t_any_found = false;
        $t_this_status = $t_filter['show_status'][0];
        $t_this_hide_status = $t_filter['hide_status'][0];
        if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
            $t_any_found = true;
        }
        if ($t_any_found) {
            foreach ($t_available_statuses as $t_this_available_status) {
                if ($t_this_hide_status > $t_this_available_status) {
                    $t_desired_statuses[] = $t_this_available_status;
                }
            }
        } else {
            $t_desired_statuses[] = $t_this_status;
        }
    } else {
        # advanced filtering: ignore the hide
        $t_any_found = false;
        foreach ($t_filter['show_status'] as $t_this_status) {
            $t_desired_statuses[] = $t_this_status;
            if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
                $t_any_found = true;
            }
        }
        if ($t_any_found) {
            $t_desired_statuses = array();
        }
    }
    if (count($t_desired_statuses) > 0) {
        $t_clauses = array();
        foreach ($t_desired_statuses as $t_filter_member) {
            $c_show_status = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_status);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.status={$t_clauses['0']} )");
        }
    }
    # resolution
    $t_any_found = false;
    foreach ($t_filter['show_resolution'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_resolution']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_resolution'] as $t_filter_member) {
            $c_show_resolution = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_resolution);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.resolution={$t_clauses['0']} )");
        }
    }
    # priority
    $t_any_found = false;
    foreach ($t_filter['show_priority'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_priority']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_priority'] as $t_filter_member) {
            $c_show_priority = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_priority);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.priority={$t_clauses['0']} )");
        }
    }
    # product build
    $t_any_found = false;
    foreach ($t_filter['show_build'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_build']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_build'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_build = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_build}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.build={$t_clauses['0']} )");
        }
    }
    # product version
    if (!_filter_is_any($t_filter['show_version'])) {
        $t_clauses = array();
        foreach ($t_filter['show_version'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_version}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.version={$t_clauses['0']} )");
        }
    }
    # profile
    if (!_filter_is_any($t_filter['show_profile'])) {
        $t_clauses = array();
        foreach ($t_filter['show_profile'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "0");
            } else {
                $c_show_profile = db_prepare_int($t_filter_member);
                array_push($t_clauses, "{$c_show_profile}");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id={$t_clauses['0']} )");
        }
    }
    # platform
    if (!_filter_is_any($t_filter['platform'])) {
        $t_clauses = array();
        foreach ($t_filter['platform'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, '');
            } else {
                $c_platform = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_platform}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.platform in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.platform = {$t_clauses['0']} )");
        }
    }
    # os
    if (!_filter_is_any($t_filter['os'])) {
        $t_clauses = array();
        foreach ($t_filter['os'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, '');
            } else {
                $c_os = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_os}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.os in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.os = {$t_clauses['0']} )");
        }
    }
    # os_build
    if (!_filter_is_any($t_filter['os_build'])) {
        $t_clauses = array();
        foreach ($t_filter['os_build'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, '');
            } else {
                $c_os_build = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_os_build}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.os_build in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.os_build = {$t_clauses['0']} )");
        }
    }
    # date filter
    if ('on' == $t_filter['do_filter_by_date'] && is_numeric($t_filter['start_month']) && is_numeric($t_filter['start_day']) && is_numeric($t_filter['start_year']) && is_numeric($t_filter['end_month']) && is_numeric($t_filter['end_day']) && is_numeric($t_filter['end_year'])) {
        $t_start_string = db_prepare_string($t_filter['start_year'] . "-" . $t_filter['start_month'] . "-" . $t_filter['start_day'] . " 00:00:00");
        $t_end_string = db_prepare_string($t_filter['end_year'] . "-" . $t_filter['end_month'] . "-" . $t_filter['end_day'] . " 23:59:59");
        array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN '{$t_start_string}' AND '{$t_end_string}' )");
    }
    # fixed in version
    if (!_filter_is_any($t_filter['fixed_in_version'])) {
        $t_clauses = array();
        foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_fixed_in_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_fixed_in_version}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version={$t_clauses['0']} )");
        }
    }
    # target version
    if (!_filter_is_any($t_filter['target_version'])) {
        $t_clauses = array();
        foreach ($t_filter['target_version'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_target_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_target_version}'");
            }
        }
        #echo var_dump( $t_clauses ); exit;
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.target_version in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.target_version={$t_clauses['0']} )");
        }
    }
    # users monitoring a bug
    $t_any_found = false;
    foreach ($t_filter['user_monitor'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['user_monitor']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        $t_table_name = 'user_monitor';
        array_push($t_from_clauses, $t_bug_monitor_table);
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
        foreach ($t_filter['user_monitor'] as $t_filter_member) {
            $c_user_monitor = db_prepare_int($t_filter_member);
            if (META_FILTER_MYSELF == $c_user_monitor) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_user_monitor);
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_table_name}.user_id={$t_clauses['0']} )");
        }
    }
    # bug relationship
    $t_any_found = false;
    $c_rel_type = $t_filter['relationship_type'];
    $c_rel_bug = $t_filter['relationship_bug'];
    if (-1 == $c_rel_type || 0 == $c_rel_bug) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        # use the complementary type
        $t_comp_type = relationship_get_complementary_type($c_rel_type);
        $t_clauses = array();
        $t_table_name = 'relationship';
        array_push($t_from_clauses, $t_bug_relationship_table);
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}2 ON {$t_table_name}2.source_bug_id = {$t_bug_table}.id");
        // get reverse relationships
        array_push($t_clauses, "({$t_table_name}.relationship_type='{$t_comp_type}' AND {$t_table_name}.source_bug_id='{$c_rel_bug}')");
        array_push($t_clauses, "({$t_table_name}" . "2.relationship_type='{$c_rel_type}' AND {$t_table_name}" . "2.destination_bug_id='{$c_rel_bug}')");
        array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
    }
    # tags
    $c_tag_string = trim($t_filter['tag_string']);
    if (!is_blank($c_tag_string)) {
        $t_tags = tag_parse_filters($c_tag_string);
        if (count($t_tags)) {
            $t_tags_all = array();
            $t_tags_any = array();
            $t_tags_none = array();
            foreach ($t_tags as $t_tag_row) {
                switch ($t_tag_row['filter']) {
                    case 1:
                        $t_tags_all[] = $t_tag_row;
                        break;
                    case 0:
                        $t_tags_any[] = $t_tag_row;
                        break;
                    case -1:
                        $t_tags_none[] = $t_tag_row;
                        break;
                }
            }
            if (0 < $t_filter['tag_select'] && tag_exists($t_filter['tag_select'])) {
                $t_tags_any[] = tag_get($t_filter['tag_select']);
            }
            $t_bug_tag_table = config_get('mantis_bug_tag_table');
            if (count($t_tags_all)) {
                $t_clauses = array();
                foreach ($t_tags_all as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE {$t_bug_tag_table}.tag_id = {$t_tag_row['id']} )");
                }
                array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
            }
            if (count($t_tags_any)) {
                $t_clauses = array();
                foreach ($t_tags_any as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
                }
                array_push($t_where_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
            }
            if (count($t_tags_none)) {
                $t_clauses = array();
                foreach ($t_tags_none as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
                }
                array_push($t_where_clauses, "{$t_bug_table}.id NOT IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
            }
        }
    }
    # custom field filters
    if (ON == config_get('filter_by_custom_fields')) {
        # custom field filtering
        # @@@ At the moment this gets the linked fields relating to the current project
        #     It should get the ones relating to the project in the filter or all projects
        #     if multiple projects.
        $t_custom_fields = custom_field_get_linked_ids($t_project_id);
        foreach ($t_custom_fields as $t_cfid) {
            $t_custom_where_clause = '';
            # Ignore all custom filters that are not set, or that are set to '' or "any"
            $t_any_found = false;
            foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
                if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
                    $t_any_found = true;
                }
            }
            if (!isset($t_filter['custom_fields'][$t_cfid])) {
                $t_any_found = true;
            }
            if (!$t_any_found) {
                $t_def = custom_field_get_definition($t_cfid);
                $t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
                # We need to filter each joined table or the result query will explode in dimensions
                # Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
                # and only after this process ends (if it is able to) the result query will be filtered
                # by the WHERE clause and by the DISTINCT clause
                $t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id AND {$t_table_name}.field_id = {$t_cfid} ";
                if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
                    switch ($t_filter['custom_fields'][$t_cfid][0]) {
                        case CUSTOM_FIELD_DATE_ANY:
                            break;
                        case CUSTOM_FIELD_DATE_NONE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
                            break;
                        case CUSTOM_FIELD_DATE_BEFORE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
                            break;
                        case CUSTOM_FIELD_DATE_AFTER:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1);
                            break;
                        default:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2];
                            break;
                    }
                } else {
                    array_push($t_join_clauses, $t_cf_join_clause);
                    $t_filter_array = array();
                    foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
                        $t_filter_member = stripslashes($t_filter_member);
                        if (META_FILTER_NONE == $t_filter_member) {
                            # coerce filter value if selecting META_FILTER_NONE so it will match empty fields
                            $t_filter_member = '';
                            # but also add those _not_ present in the custom field string table
                            array_push($t_filter_array, "{$t_bug_table}.id NOT IN (SELECT bug_id FROM {$t_custom_field_string_table} WHERE field_id={$t_cfid})");
                        }
                        switch ($t_def['type']) {
                            case CUSTOM_FIELD_TYPE_MULTILIST:
                            case CUSTOM_FIELD_TYPE_CHECKBOX:
                                array_push($t_filter_array, db_helper_like("{$t_table_name}.value", '%|' . db_prepare_string($t_filter_member) . '|%'));
                                break;
                            default:
                                array_push($t_filter_array, "{$t_table_name}.value = '" . db_prepare_string($t_filter_member) . "'");
                        }
                    }
                    $t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
                }
                if (!is_blank($t_custom_where_clause)) {
                    array_push($t_where_clauses, $t_custom_where_clause . ')');
                }
            }
        }
    }
    $t_textsearch_where_clause = '';
    $t_textsearch_wherejoin_clause = '';
    # Simple Text Search - Thanks to Alan Knowles
    if (!is_blank($t_filter['search'])) {
        $c_search = db_prepare_string($t_filter['search']);
        $c_search_int = db_prepare_int($t_filter['search']);
        $t_textsearch_where_clause = '(' . db_helper_like('summary', "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.description", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information", "%{$c_search}%") . " OR ( {$t_bug_table}.id = '{$c_search_int}' ) )";
        $t_textsearch_wherejoin_clause = '(' . db_helper_like('summary', "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.description", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bug_table}.id", "%{$c_search}%") . ' OR ' . db_helper_like("{$t_bugnote_text_table}.note", "%{$c_search}%") . ' )';
        array_push($t_where_clauses, "({$t_bug_text_table}.id = {$t_bug_table}.bug_text_id)");
        $t_from_clauses = array($t_bug_text_table, $t_project_table, $t_bug_table);
    } else {
        $t_from_clauses = array($t_project_table, $t_bug_table);
    }
    $t_select = implode(', ', array_unique($t_select_clauses));
    $t_from = 'FROM ' . implode(', ', array_unique($t_from_clauses));
    $t_join = implode(' ', $t_join_clauses);
    if (count($t_where_clauses) > 0) {
        $t_where = 'WHERE ' . implode(' AND ', $t_where_clauses);
    } else {
        $t_where = '';
    }
    # Possibly do two passes. First time, grab the IDs of issues that match the filters. Second time, grab the IDs of issues that
    # have bugnotes that match the text search if necessary.
    $t_id_array = array();
    for ($i = 0; $i < 2; $i++) {
        $t_id_where = $t_where;
        $t_id_join = $t_join;
        if ($i == 0) {
            if (!is_blank($t_id_where) && !is_blank($t_textsearch_where_clause)) {
                $t_id_where = $t_id_where . ' AND ' . $t_textsearch_where_clause;
            }
        } else {
            if (!is_blank($t_textsearch_wherejoin_clause)) {
                $t_id_where = $t_id_where . ' AND ' . $t_textsearch_wherejoin_clause;
                $t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_table} ON {$t_bugnote_table}.bug_id = {$t_bug_table}.id";
                $t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_text_table} ON {$t_bugnote_text_table}.id = {$t_bugnote_table}.bugnote_text_id";
            }
        }
        $query = "SELECT DISTINCT {$t_bug_table}.id AS id\r\n\t\t\t\t\t\t{$t_from}\r\n\t\t\t\t\t\t{$t_id_join}\r\n\t\t\t\t\t\t{$t_id_where}";
        if ($i == 0 || !is_blank($t_textsearch_wherejoin_clause)) {
            $result = db_query($query);
            $row_count = db_num_rows($result);
            for ($j = 0; $j < $row_count; $j++) {
                $row = db_fetch_array($result);
                $t_id_array[] = db_prepare_int($row['id']);
            }
        }
    }
    $t_id_array = array_unique($t_id_array);
    # Get the total number of bugs that meet the criteria.
    $bug_count = count($t_id_array);
    $rows = array();
    if ($bug_count > 0) {
        $t_where = "WHERE {$t_bug_table}.id in (" . implode(", ", $t_id_array) . ")";
    } else {
        return $rows;
    }
    $t_from = 'FROM ' . $t_bug_table;
    # write the value back in case the caller wants to know
    $p_bug_count = $bug_count;
    if (null === $p_per_page) {
        $p_per_page = (int) $t_filter['per_page'];
    } else {
        if (-1 == $p_per_page) {
            $p_per_page = $bug_count;
        }
    }
    # Guard against silly values of $f_per_page.
    if (0 == $p_per_page) {
        $p_per_page = $bug_count;
        // 0 - means show all
    }
    $p_per_page = (int) abs($p_per_page);
    # Use $bug_count and $p_per_page to determine how many pages
    # to split this list up into.
    # For the sake of consistency have at least one page, even if it
    # is empty.
    $t_page_count = ceil($bug_count / $p_per_page);
    if ($t_page_count < 1) {
        $t_page_count = 1;
    }
    # write the value back in case the caller wants to know
    $p_page_count = $t_page_count;
    # Make sure $p_page_number isn't past the last page.
    if ($p_page_number > $t_page_count) {
        $p_page_number = $t_page_count;
    }
    # Make sure $p_page_number isn't before the first page
    if ($p_page_number < 1) {
        $p_page_number = 1;
    }
    # Now add the rest of the criteria i.e. sorting, limit.
    # if sort is blank then default the sort and direction.  This is to fix the
    # symptoms of #3953.  Note that even if the main problem is fixed, we may
    # have to keep this code for a while to handle filters saved with this blank field.
    if (is_blank($t_filter['sort'])) {
        $t_filter['sort'] = 'last_updated';
        $t_filter['dir'] = 'DESC';
    }
    $t_order_array = array();
    $t_sort_fields = split(',', $t_filter['sort']);
    $t_dir_fields = split(',', $t_filter['dir']);
    if ('on' == $t_filter['sticky_issues'] && NULL !== $p_show_sticky) {
        $t_order_array[] = "sticky DESC";
    }
    $t_join = '';
    for ($i = 0; $i < count($t_sort_fields); $i++) {
        $c_sort = db_prepare_string($t_sort_fields[$i]);
        if (!in_array($t_sort_fields[$i], array_slice($t_sort_fields, $i + 1))) {
            # if sorting by a custom field
            if (strpos($c_sort, 'custom_') === 0) {
                $t_custom_field = substr($c_sort, strlen('custom_'));
                $t_custom_field_id = custom_field_get_id_from_name($t_custom_field);
                $t_join .= " LEFT JOIN {$t_custom_field_string_table} ON ( ( {$t_custom_field_string_table}.bug_id = {$t_bug_table}.id ) AND ( {$t_custom_field_string_table}.field_id = {$t_custom_field_id} ) )";
                $c_sort = "{$t_custom_field_string_table}.value";
                $t_select_clauses[] = "{$t_custom_field_string_table}.value";
            }
            if ('DESC' == $t_dir_fields[$i]) {
                $c_dir = 'DESC';
            } else {
                $c_dir = 'ASC';
            }
            $t_order_array[] = "{$c_sort} {$c_dir}";
        }
    }
    # add basic sorting if necessary
    if (!in_array('last_updated', $t_sort_fields)) {
        $t_order_array[] = 'last_updated DESC';
    }
    if (!in_array('date_submitted', $t_sort_fields)) {
        $t_order_array[] = 'date_submitted DESC';
    }
    $t_order = " ORDER BY " . implode(', ', $t_order_array);
    $t_select = implode(', ', array_unique($t_select_clauses));
    $query2 = "SELECT DISTINCT {$t_select}\r\n\t\t\t\t\t{$t_from}\r\n\t\t\t\t\t{$t_join}\r\n\t\t\t\t\t{$t_where}\r\n\t\t\t\t\t{$t_order}";
    # Figure out the offset into the db query
    #
    # for example page number 1, per page 5:
    #     t_offset = 0
    # for example page number 2, per page 5:
    #     t_offset = 5
    $c_per_page = db_prepare_int($p_per_page);
    $c_page_number = db_prepare_int($p_page_number);
    $t_offset = ($c_page_number - 1) * $c_per_page;
    # perform query
    $result2 = db_query($query2, $c_per_page, $t_offset);
    $row_count = db_num_rows($result2);
    $t_id_array_lastmod = array();
    for ($i = 0; $i < $row_count; $i++) {
        $row = db_fetch_array($result2);
        $t_id_array_lastmod[] = db_prepare_int($row['id']);
        $row['date_submitted'] = db_unixtimestamp($row['date_submitted']);
        $row['last_updated'] = db_unixtimestamp($row['last_updated']);
        array_push($rows, $row);
    }
    $t_id_array_lastmod = array_unique($t_id_array_lastmod);
    // paulr: it should be impossible for t_id_array_lastmod to be array():
    // that would imply that $t_id_array is null which aborts this function early
    //if ( count( $t_id_array_lastmod ) > 0 ) {
    $t_where = "WHERE {$t_bugnote_table}.bug_id in (" . implode(", ", $t_id_array_lastmod) . ")";
    $query3 = "SELECT DISTINCT bug_id,MAX(last_modified) as last_modified, COUNT(last_modified) as count FROM {$t_bugnote_table} {$t_where} GROUP BY bug_id";
    # perform query
    $result3 = db_query($query3);
    $row_count = db_num_rows($result3);
    for ($i = 0; $i < $row_count; $i++) {
        $row = db_fetch_array($result3);
        $t_stats[$row['bug_id']] = $row;
    }
    foreach ($rows as $row) {
        if (!isset($t_stats[$row['id']])) {
            bug_cache_database_result($row, false);
        } else {
            bug_cache_database_result($row, $t_stats[$row['id']]);
        }
    }
    return $rows;
}
Exemple #12
0
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled()) {
    access_denied();
}
# Override the current page to make sure we get the appropriate project-specific configuration
$g_project_override = $f_project_id;
$t_user_id = auth_get_current_user_id();
$t_project_file_table = db_get_table('project_file');
$t_project_table = db_get_table('project');
$t_project_user_list_table = db_get_table('project_user_list');
$t_user_table = db_get_table('user');
$t_pub = VS_PUBLIC;
$t_priv = VS_PRIVATE;
$t_admin = config_get_global('admin_site_threshold');
if ($f_project_id == ALL_PROJECTS) {
    # Select all the projects that the user has access to
    $t_projects = user_get_accessible_projects($t_user_id);
} else {
    # Select the specific project
    $t_projects = array($f_project_id);
}
$t_projects[] = ALL_PROJECTS;
# add "ALL_PROJECTS to the list of projects to fetch
$t_reqd_access = config_get('view_proj_doc_threshold');
if (is_array($t_reqd_access)) {
    if (1 == count($t_reqd_access)) {
        $t_access_clause = "= " . array_shift($t_reqd_access) . " ";
    } else {
        $t_access_clause = "IN (" . implode(',', $t_reqd_access) . ")";
    }
} else {
    $t_access_clause = ">= {$t_reqd_access} ";
/**
 * @todo Had to make all these parameters required because we can't use
 *  call-time pass by reference anymore.  I really preferred not having
 *  to pass all the params in if you didn't want to, but I wanted to get
 *  rid of the errors for now.  If we can think of a better way later
 *  (maybe return an object) that would be great.
 *
 * @param int $p_page_number the page you want to see (set to the actual page on return)
 * @param int $p_per_page the number of bugs to see per page (set to actual on return)
 *      -1   indicates you want to see all bugs
 *      null indicates you want to use the value specified in the filter
 * @param int $p_page_count you don't need to give a value here, the number of pages will be stored here on return
 * @param int $p_bug_count you don't need to give a value here, the number of bugs will be stored here on return
 * @param mixed $p_custom_filter Filter to use.
 * @param int $p_project_id project id to use in filtering.
 * @param int $p_user_id user id to use as current user when filtering.
 * @param bool $p_show_sticky get sticky issues only.
 */
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
    log_event(LOG_FILTERING, 'START NEW FILTER QUERY');
    $t_bug_table = db_get_table('mantis_bug_table');
    $t_bug_text_table = db_get_table('mantis_bug_text_table');
    $t_bugnote_table = db_get_table('mantis_bugnote_table');
    $t_category_table = db_get_table('mantis_category_table');
    $t_custom_field_string_table = db_get_table('mantis_custom_field_string_table');
    $t_bugnote_text_table = db_get_table('mantis_bugnote_text_table');
    $t_project_table = db_get_table('mantis_project_table');
    $t_bug_monitor_table = db_get_table('mantis_bug_monitor_table');
    $t_limit_reporters = config_get('limit_reporters');
    $t_bug_relationship_table = db_get_table('mantis_bug_relationship_table');
    $t_report_bug_threshold = config_get('report_bug_threshold');
    $t_where_param_count = 0;
    $t_current_user_id = auth_get_current_user_id();
    if (null === $p_user_id) {
        $t_user_id = $t_current_user_id;
    } else {
        $t_user_id = $p_user_id;
    }
    $c_user_id = db_prepare_int($t_user_id);
    if (null === $p_project_id) {
        # @@@ If project_id is not specified, then use the project id(s) in the filter if set, otherwise, use current project.
        $t_project_id = helper_get_current_project();
    } else {
        $t_project_id = $p_project_id;
    }
    if ($p_custom_filter === null) {
        # Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
        # cookies set by previous version of the code.
        if ($t_user_id == $t_current_user_id) {
            $t_filter = current_user_get_bug_filter();
        } else {
            $t_filter = user_get_bug_filter($t_user_id, $t_project_id);
        }
    } else {
        $t_filter = $p_custom_filter;
    }
    $t_filter = filter_ensure_valid_filter($t_filter);
    if (false === $t_filter) {
        return false;
        # signify a need to create a cookie
        # @@@ error instead?
    }
    $t_view_type = $t_filter['_view_type'];
    $t_where_clauses = array("{$t_project_table}.enabled = " . db_param(), "{$t_project_table}.id = {$t_bug_table}.project_id");
    $t_where_params = array(1);
    $t_select_clauses = array("{$t_bug_table}.*");
    $t_join_clauses = array();
    $t_from_clauses = array();
    // normalize the project filtering into an array $t_project_ids
    if ('simple' == $t_view_type) {
        log_event(LOG_FILTERING, 'Simple Filter');
        $t_project_ids = array($t_project_id);
        $t_include_sub_projects = true;
    } else {
        log_event(LOG_FILTERING, 'Advanced Filter');
        if (!is_array($t_filter[FILTER_PROPERTY_PROJECT_ID])) {
            $t_project_ids = array(db_prepare_int($t_filter[FILTER_PROPERTY_PROJECT_ID]));
        } else {
            $t_project_ids = array_map('db_prepare_int', $t_filter[FILTER_PROPERTY_PROJECT_ID]);
        }
        $t_include_sub_projects = count($t_project_ids) == 1 && ($t_project_ids[0] == META_FILTER_CURRENT || $t_project_ids[0] == ALL_PROJECTS);
    }
    log_event(LOG_FILTERING, 'project_ids = @P' . implode(', @P', $t_project_ids));
    log_event(LOG_FILTERING, 'include sub-projects = ' . ($t_include_sub_projects ? '1' : '0'));
    // if the array has ALL_PROJECTS, then reset the array to only contain ALL_PROJECTS.
    // replace META_FILTER_CURRENT with the actualy current project id.
    $t_all_projects_found = false;
    $t_new_project_ids = array();
    foreach ($t_project_ids as $t_pid) {
        if ($t_pid == META_FILTER_CURRENT) {
            $t_pid = $t_project_id;
        }
        if ($t_pid == ALL_PROJECTS) {
            $t_all_projects_found = true;
            log_event(LOG_FILTERING, 'all projects selected');
            break;
        }
        // filter out inaccessible projects.
        if (!access_has_project_level(VIEWER, $t_pid, $t_user_id)) {
            continue;
        }
        $t_new_project_ids[] = $t_pid;
    }
    $t_projects_query_required = true;
    if ($t_all_projects_found) {
        if (user_is_administrator($t_user_id)) {
            log_event(LOG_FILTERING, 'all projects + administrator, hence no project filter.');
            $t_projects_query_required = false;
        } else {
            $t_project_ids = user_get_accessible_projects($t_user_id);
        }
    } else {
        $t_project_ids = $t_new_project_ids;
    }
    if ($t_projects_query_required) {
        // expand project ids to include sub-projects
        if ($t_include_sub_projects) {
            $t_top_project_ids = $t_project_ids;
            foreach ($t_top_project_ids as $t_pid) {
                log_event(LOG_FILTERING, 'Getting sub-projects for project id @P' . $t_pid);
                $t_subproject_ids = user_get_all_accessible_subprojects($t_user_id, $t_pid);
                if (!$t_subproject_ids) {
                    continue;
                }
                $t_project_ids = array_merge($t_project_ids, $t_subproject_ids);
            }
            $t_project_ids = array_unique($t_project_ids);
        }
        // if no projects are accessible, then return an empty array.
        if (count($t_project_ids) == 0) {
            log_event(LOG_FILTERING, 'no accessible projects');
            return array();
        }
        log_event(LOG_FILTERING, 'project_ids after including sub-projects = @P' . implode(', @P', $t_project_ids));
        // this array is to be populated with project ids for which we only want to show public issues.  This is due to the limited
        // access of the current user.
        $t_public_only_project_ids = array();
        // this array is populated with project ids that the current user has full access to.
        $t_private_and_public_project_ids = array();
        foreach ($t_project_ids as $t_pid) {
            $t_access_required_to_view_private_bugs = config_get('private_bug_threshold', null, null, $t_pid);
            if (access_has_project_level($t_access_required_to_view_private_bugs, $t_pid, $t_user_id)) {
                $t_private_and_public_project_ids[] = $t_pid;
            } else {
                $t_public_only_project_ids[] = $t_pid;
            }
        }
        log_event(LOG_FILTERING, 'project_ids (with public/private access) = @P' . implode(', @P', $t_private_and_public_project_ids));
        log_event(LOG_FILTERING, 'project_ids (with public access) = @P' . implode(', @P', $t_public_only_project_ids));
        $t_count_private_and_public_project_ids = count($t_private_and_public_project_ids);
        if ($t_count_private_and_public_project_ids == 1) {
            $t_private_and_public_query = "( {$t_bug_table}.project_id = " . $t_private_and_public_project_ids[0] . " )";
        } else {
            if ($t_count_private_and_public_project_ids > 1) {
                $t_private_and_public_query = "( {$t_bug_table}.project_id in (" . implode(', ', $t_private_and_public_project_ids) . ") )";
            } else {
                $t_private_and_public_query = null;
            }
        }
        $t_count_public_only_project_ids = count($t_public_only_project_ids);
        $t_public_view_state_check = "( ( {$t_bug_table}.view_state = " . VS_PUBLIC . " ) OR ( {$t_bug_table}.reporter_id = {$t_user_id} ) )";
        if ($t_count_public_only_project_ids == 1) {
            $t_public_only_query = "( ( {$t_bug_table}.project_id = " . $t_public_only_project_ids[0] . " ) AND {$t_public_view_state_check} )";
        } else {
            if ($t_count_public_only_project_ids > 1) {
                $t_public_only_query = "( ( {$t_bug_table}.project_id in (" . implode(', ', $t_public_only_project_ids) . ") ) AND {$t_public_view_state_check} )";
            } else {
                $t_public_only_query = null;
            }
        }
        // both queries can't be null, so we either have one of them or both.
        if ($t_private_and_public_query === null) {
            $t_project_query = $t_public_only_query;
        } else {
            if ($t_public_only_query === null) {
                $t_project_query = $t_private_and_public_query;
            } else {
                $t_project_query = "( {$t_public_only_query} OR {$t_private_and_public_query} )";
            }
        }
        log_event(LOG_FILTERING, 'project query = ' . $t_project_query);
        array_push($t_where_clauses, $t_project_query);
    }
    # view state
    $t_view_state = db_prepare_int($t_filter[FILTER_PROPERTY_VIEW_STATE_ID]);
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_VIEW_STATE_ID])) {
        $t_view_state_query = "({$t_bug_table}.view_state=" . db_param() . ')';
        log_event(LOG_FILTERING, 'view_state query = ' . $t_view_state_query);
        $t_where_params[] = $t_view_state;
        array_push($t_where_clauses, $t_view_state_query);
    } else {
        log_event(LOG_FILTERING, 'no view_state query');
    }
    # reporter
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_REPORTER_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_REPORTER_ID] as $t_filter_member) {
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, "0");
            } else {
                $c_reporter_id = db_prepare_int($t_filter_member);
                if (filter_field_is_myself($c_reporter_id)) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_reporter_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_reporter_query = "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )";
        } else {
            $t_reporter_query = "( {$t_bug_table}.reporter_id={$t_clauses['0']} )";
        }
        log_event(LOG_FILTERING, 'reporter query = ' . $t_reporter_query);
        array_push($t_where_clauses, $t_reporter_query);
    } else {
        log_event(LOG_FILTERING, 'no reporter query');
    }
    # limit reporter
    # @@@ thraxisp - access_has_project_level checks greater than or equal to,
    #   this assumed that there aren't any holes above REPORTER where the limit would apply
    #
    if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
        $c_reporter_id = $c_user_id;
        $t_where_params[] = $c_reporter_id;
        array_push($t_where_clauses, "({$t_bug_table}.reporter_id=" . db_param() . ')');
    }
    # handler
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_HANDLER_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_HANDLER_ID] as $t_filter_member) {
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, 0);
            } else {
                $c_handler_id = db_prepare_int($t_filter_member);
                if (filter_field_is_myself($c_handler_id)) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_handler_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            $t_handler_query = "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )";
        } else {
            $t_handler_query = "( {$t_bug_table}.handler_id={$t_clauses['0']} )";
        }
        log_event(LOG_FILTERING, 'handler query = ' . $t_handler_query);
        array_push($t_where_clauses, $t_handler_query);
    } else {
        log_event(LOG_FILTERING, 'no handler query');
    }
    # category
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_CATEGORY])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_CATEGORY] as $t_filter_member) {
            if (!filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, $t_filter_member);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.category_id in ( SELECT id FROM {$t_category_table} WHERE name in (" . implode(', ', $t_where_tmp) . ") ) )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.category_id in ( SELECT id FROM {$t_category_table} WHERE name=" . db_param() . ") )");
        }
    }
    # severity
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_SEVERITY_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_SEVERITY_ID] as $t_filter_member) {
            $c_show_severity = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_severity);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.severity=" . db_param() . " )");
        }
    }
    # show / hide status
    # take a list of all available statuses then remove the ones that we want hidden, then make sure
    # the ones we want shown are still available
    $t_desired_statuses = array();
    $t_available_statuses = MantisEnum::getValues(config_get('status_enum_string'));
    if ('simple' == $t_filter['_view_type']) {
        # simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
        $t_any_found = false;
        $t_this_status = $t_filter[FILTER_PROPERTY_STATUS_ID][0];
        $t_this_hide_status = $t_filter[FILTER_PROPERTY_HIDE_STATUS_ID][0];
        if (filter_field_is_any($t_this_status)) {
            foreach ($t_available_statuses as $t_this_available_status) {
                if ($t_this_hide_status > $t_this_available_status) {
                    $t_desired_statuses[] = $t_this_available_status;
                }
            }
        } else {
            $t_desired_statuses[] = $t_this_status;
        }
    } else {
        # advanced filtering: ignore the hide
        if (filter_field_is_any($t_filter[FILTER_PROPERTY_STATUS_ID])) {
            $t_desired_statuses = array();
        } else {
            foreach ($t_filter[FILTER_PROPERTY_STATUS_ID] as $t_this_status) {
                $t_desired_statuses[] = $t_this_status;
            }
        }
    }
    if (count($t_desired_statuses) > 0) {
        $t_clauses = array();
        foreach ($t_desired_statuses as $t_filter_member) {
            $c_show_status = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_status);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.status=" . db_param() . " )");
        }
    }
    # resolution
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_RESOLUTION_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_RESOLUTION_ID] as $t_filter_member) {
            $c_show_resolution = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_resolution);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.resolution=" . db_param() . " )");
        }
    }
    # priority
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRIORITY_ID])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PRIORITY_ID] as $t_filter_member) {
            $c_show_priority = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_priority);
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.priority=" . db_param() . " )");
        }
    }
    # product build
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRODUCT_BUILD])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PRODUCT_BUILD] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_show_build = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_show_build);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.build=" . db_param() . " )");
        }
    }
    # product version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PRODUCT_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PRODUCT_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_show_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_show_version);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.version=" . db_param() . " )");
        }
    }
    # profile
    if (!filter_field_is_any($t_filter['show_profile'])) {
        $t_clauses = array();
        foreach ($t_filter['show_profile'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, "0");
            } else {
                $c_show_profile = db_prepare_int($t_filter_member);
                array_push($t_clauses, "{$c_show_profile}");
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id=" . db_param() . " )");
        }
    }
    # platform
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_PLATFORM])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_PLATFORM] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_platform = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_platform);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.platform in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.platform = " . db_param() . " )");
        }
    }
    # os
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_OS] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_os = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_os);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.os in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.os = " . db_param() . " )");
        }
    }
    # os_build
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_OS_BUILD])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_OS_BUILD] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_os_build = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_os_build);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.os_build in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.os_build = " . db_param() . " )");
        }
    }
    # date filter
    if ('on' == $t_filter[FILTER_PROPERTY_FILTER_BY_DATE] && is_numeric($t_filter[FILTER_PROPERTY_START_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_START_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_START_YEAR]) && is_numeric($t_filter[FILTER_PROPERTY_END_MONTH]) && is_numeric($t_filter[FILTER_PROPERTY_END_DAY]) && is_numeric($t_filter[FILTER_PROPERTY_END_YEAR])) {
        $t_start_string = $t_filter[FILTER_PROPERTY_START_YEAR] . "-" . $t_filter[FILTER_PROPERTY_START_MONTH] . "-" . $t_filter[FILTER_PROPERTY_START_DAY] . " 00:00:00";
        $t_end_string = $t_filter[FILTER_PROPERTY_END_YEAR] . "-" . $t_filter[FILTER_PROPERTY_END_MONTH] . "-" . $t_filter[FILTER_PROPERTY_END_DAY] . " 23:59:59";
        $t_where_params[] = strtotime($t_start_string);
        $t_where_params[] = strtotime($t_end_string);
        array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN " . db_param() . " AND " . db_param() . " )");
    }
    # fixed in version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_FIXED_IN_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_fixed_in_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_fixed_in_version);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version=" . db_param() . " )");
        }
    }
    # target version
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_TARGET_VERSION])) {
        $t_clauses = array();
        foreach ($t_filter[FILTER_PROPERTY_TARGET_VERSION] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (filter_field_is_none($t_filter_member)) {
                array_push($t_clauses, '');
            } else {
                $c_target_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, $c_target_version);
            }
        }
        # echo var_dump( $t_clauses ); exit;
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bug_table}.target_version in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bug_table}.target_version=" . db_param() . " )");
        }
    }
    # users monitoring a bug
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_MONITOR_USER_ID])) {
        $t_clauses = array();
        $t_table_name = 'user_monitor';
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
        foreach ($t_filter[FILTER_PROPERTY_MONITOR_USER_ID] as $t_filter_member) {
            $c_user_monitor = db_prepare_int($t_filter_member);
            if (filter_field_is_myself($c_user_monitor)) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_user_monitor);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_table_name}.user_id=" . db_param() . " )");
        }
    }
    # bug relationship
    $t_any_found = false;
    $c_rel_type = $t_filter[FILTER_PROPERTY_RELATIONSHIP_TYPE];
    $c_rel_bug = $t_filter[FILTER_PROPERTY_RELATIONSHIP_BUG];
    if (-1 == $c_rel_type || 0 == $c_rel_bug) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        # use the complementary type
        $t_comp_type = relationship_get_complementary_type($c_rel_type);
        $t_clauses = array();
        $t_table_name = 'relationship';
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}2 ON {$t_table_name}2.source_bug_id = {$t_bug_table}.id");
        // get reverse relationships
        $t_where_params[] = $t_comp_type;
        $t_where_params[] = $c_rel_bug;
        $t_where_params[] = $c_rel_type;
        $t_where_params[] = $c_rel_bug;
        array_push($t_clauses, "({$t_table_name}.relationship_type=" . db_param() . " AND {$t_table_name}.source_bug_id=" . db_param() . ')');
        array_push($t_clauses, "({$t_table_name}" . "2.relationship_type=" . db_param() . " AND {$t_table_name}" . "2.destination_bug_id=" . db_param() . ')');
        array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
    }
    # tags
    $c_tag_string = trim($t_filter[FILTER_PROPERTY_TAG_STRING]);
    $c_tag_select = trim($t_filter[FILTER_PROPERTY_TAG_SELECT]);
    if (is_blank($c_tag_string) && !is_blank($c_tag_select) && $c_tag_select != 0) {
        $t_tag = tag_get($c_tag_select);
        $c_tag_string = $t_tag['name'];
    }
    if (!is_blank($c_tag_string)) {
        $t_tags = tag_parse_filters($c_tag_string);
        if (count($t_tags)) {
            $t_tags_all = array();
            $t_tags_any = array();
            $t_tags_none = array();
            foreach ($t_tags as $t_tag_row) {
                switch ($t_tag_row['filter']) {
                    case 1:
                        $t_tags_all[] = $t_tag_row;
                        break;
                    case 0:
                        $t_tags_any[] = $t_tag_row;
                        break;
                    case -1:
                        $t_tags_none[] = $t_tag_row;
                        break;
                }
            }
            if (0 < $t_filter[FILTER_PROPERTY_TAG_SELECT] && tag_exists($t_filter[FILTER_PROPERTY_TAG_SELECT])) {
                $t_tags_any[] = tag_get($t_filter[FILTER_PROPERTY_TAG_SELECT]);
            }
            $t_bug_tag_table = db_get_table('mantis_bug_tag_table');
            if (count($t_tags_all)) {
                $t_clauses = array();
                foreach ($t_tags_all as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE {$t_bug_tag_table}.tag_id = {$t_tag_row['id']} )");
                }
                array_push($t_where_clauses, '(' . implode(' AND ', $t_clauses) . ')');
            }
            if (count($t_tags_any)) {
                $t_clauses = array();
                foreach ($t_tags_any as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
                }
                array_push($t_where_clauses, "{$t_bug_table}.id IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
            }
            if (count($t_tags_none)) {
                $t_clauses = array();
                foreach ($t_tags_none as $t_tag_row) {
                    array_push($t_clauses, "{$t_bug_tag_table}.tag_id = {$t_tag_row['id']}");
                }
                array_push($t_where_clauses, "{$t_bug_table}.id NOT IN ( SELECT bug_id FROM {$t_bug_tag_table} WHERE ( " . implode(' OR ', $t_clauses) . ') )');
            }
        }
    }
    # note user id
    if (!filter_field_is_any($t_filter[FILTER_PROPERTY_NOTE_USER_ID])) {
        $t_bugnote_table_alias = 'mbnt';
        $t_clauses = array();
        array_push($t_from_clauses, "{$t_bugnote_table}  {$t_bugnote_table_alias}");
        array_push($t_where_clauses, "( {$t_bug_table}.id = {$t_bugnote_table_alias}.bug_id )");
        foreach ($t_filter[FILTER_PROPERTY_NOTE_USER_ID] as $t_filter_member) {
            $c_note_user_id = db_prepare_int($t_filter_member);
            if (filter_field_is_myself($c_note_user_id)) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_note_user_id);
            }
        }
        if (1 < count($t_clauses)) {
            $t_where_tmp = array();
            foreach ($t_clauses as $t_clause) {
                $t_where_tmp[] = db_param();
                $t_where_params[] = $t_clause;
            }
            array_push($t_where_clauses, "( {$t_bugnote_table_alias}.reporter_id in (" . implode(', ', $t_where_tmp) . ") )");
        } else {
            $t_where_params[] = $t_clauses[0];
            array_push($t_where_clauses, "( {$t_bugnote_table_alias}.reporter_id=" . db_param() . " )");
        }
    }
    # plugin filters
    $t_plugin_filters = filter_get_plugin_filters();
    foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
        if (!filter_field_is_any($t_filter[$t_field_name]) || $t_filter_object->type == FILTER_TYPE_BOOLEAN) {
            $t_filter_query = $t_filter_object->query($t_filter[$t_field_name]);
            if (is_array($t_filter_query)) {
                if (isset($t_filter_query['join'])) {
                    array_push($t_join_clauses, $t_filter_query['join']);
                }
                if (isset($t_filter_query['where'])) {
                    array_push($t_where_clauses, $t_filter_query['where']);
                }
                if (isset($t_filter_query['params']) && is_array($t_filter_query['params'])) {
                    $t_where_params = array_merge($t_where_params, $t_filter_query['params']);
                }
            }
        }
    }
    # custom field filters
    if (ON == config_get('filter_by_custom_fields')) {
        # custom field filtering
        # @@@ At the moment this gets the linked fields relating to the current project
        #     It should get the ones relating to the project in the filter or all projects
        #     if multiple projects.
        $t_custom_fields = custom_field_get_linked_ids($t_project_id);
        foreach ($t_custom_fields as $t_cfid) {
            $t_field_info = custom_field_cache_row($t_cfid, true);
            if (!$t_field_info['filter_by']) {
                continue;
                # skip this custom field it shouldn't be filterable
            }
            $t_custom_where_clause = '';
            # Ignore all custom filters that are not set, or that are set to '' or "any"
            if (!filter_field_is_any($t_filter['custom_fields'][$t_cfid])) {
                $t_def = custom_field_get_definition($t_cfid);
                $t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
                # We need to filter each joined table or the result query will explode in dimensions
                # Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
                # and only after this process ends (if it is able to) the result query will be filtered
                # by the WHERE clause and by the DISTINCT clause
                $t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_bug_table}.id = {$t_table_name}.bug_id AND {$t_table_name}.field_id = {$t_cfid}";
                if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
                    switch ($t_filter['custom_fields'][$t_cfid][0]) {
                        case CUSTOM_FIELD_DATE_ANY:
                            break;
                        case CUSTOM_FIELD_DATE_NONE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
                            break;
                        case CUSTOM_FIELD_DATE_BEFORE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
                            break;
                        case CUSTOM_FIELD_DATE_AFTER:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1);
                            break;
                        default:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '( (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2];
                            break;
                    }
                } else {
                    array_push($t_join_clauses, $t_cf_join_clause);
                    $t_filter_array = array();
                    foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
                        $t_filter_member = stripslashes($t_filter_member);
                        if (filter_field_is_none($t_filter_member)) {
                            # coerce filter value if selecting META_FILTER_NONE so it will match empty fields
                            $t_filter_member = '';
                            # but also add those _not_ present in the custom field string table
                            array_push($t_filter_array, "{$t_bug_table}.id NOT IN (SELECT bug_id FROM {$t_custom_field_string_table} WHERE field_id={$t_cfid})");
                        }
                        switch ($t_def['type']) {
                            case CUSTOM_FIELD_TYPE_CHECKBOX:
                            case CUSTOM_FIELD_TYPE_MULTILIST:
                                if ($t_filter_member != '') {
                                    $t_filter_member = '%|' . $t_filter_member . '|%';
                                }
                                $t_where_params[] = $t_filter_member;
                                array_push($t_filter_array, db_helper_like("{$t_table_name}.value"));
                                break;
                            default:
                                $t_where_params[] = $t_filter_member;
                                array_push($t_filter_array, "{$t_table_name}.value = " . db_param());
                        }
                    }
                    $t_custom_where_clause .= '(' . implode(' OR ', $t_filter_array);
                }
                if (!is_blank($t_custom_where_clause)) {
                    array_push($t_where_clauses, $t_custom_where_clause . ')');
                }
            }
        }
    }
    # Text search
    if (!is_blank($t_filter[FILTER_PROPERTY_FREE_TEXT])) {
        # break up search terms by spacing or quoting
        preg_match_all("/-?([^'\"\\s]+|\"[^\"]+\"|'[^']+')/", $t_filter[FILTER_PROPERTY_FREE_TEXT], $t_matches, PREG_SET_ORDER);
        # organize terms without quoting, paying attention to negation
        $t_search_terms = array();
        foreach ($t_matches as $t_match) {
            $t_search_terms[trim($t_match[1], "\\'\"")] = $t_match[0][0] == '-';
        }
        # build a big where-clause and param list for all search terms, including negations
        $t_first = true;
        $t_textsearch_where_clause = "( ";
        foreach ($t_search_terms as $t_search_term => $t_negate) {
            if (!$t_first) {
                $t_textsearch_where_clause .= ' AND ';
            }
            if ($t_negate) {
                $t_textsearch_where_clause .= 'NOT ';
            }
            $c_search = '%' . $t_search_term . '%';
            $t_textsearch_where_clause .= '( ' . db_helper_like('summary') . ' OR ' . db_helper_like("{$t_bug_text_table}.description") . ' OR ' . db_helper_like("{$t_bug_text_table}.steps_to_reproduce") . ' OR ' . db_helper_like("{$t_bug_text_table}.additional_information") . ' OR ' . db_helper_like("{$t_bugnote_text_table}.note");
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            $t_where_params[] = $c_search;
            if (is_numeric($t_search_term)) {
                // PostgreSQL on 64-bit OS hack (see #14014)
                if (PHP_INT_MAX > 0x7fffffff && db_is_pgsql()) {
                    $t_search_max = 0x7fffffff;
                } else {
                    $t_search_max = PHP_INT_MAX;
                }
                // Note: no need to test negative values, '-' sign has been removed
                if ($t_search_term <= $t_search_max) {
                    $c_search_int = (int) $t_search_term;
                    $t_textsearch_where_clause .= " OR {$t_bug_table}.id = " . db_param();
                    $t_textsearch_where_clause .= " OR {$t_bugnote_table}.id = " . db_param();
                    $t_where_params[] = $c_search_int;
                    $t_where_params[] = $c_search_int;
                }
            }
            $t_textsearch_where_clause .= ' )';
            $t_first = false;
        }
        $t_textsearch_where_clause .= ' )';
        # add text query elements to arrays
        if (!$t_first) {
            $t_from_clauses[] = "{$t_bug_text_table}";
            $t_where_clauses[] = "{$t_bug_table}.bug_text_id = {$t_bug_text_table}.id";
            $t_where_clauses[] = $t_textsearch_where_clause;
            $t_join_clauses[] = " LEFT JOIN {$t_bugnote_table} ON {$t_bug_table}.id = {$t_bugnote_table}.bug_id";
            $t_join_clauses[] = " LEFT JOIN {$t_bugnote_text_table} ON {$t_bugnote_table}.bugnote_text_id = {$t_bugnote_text_table}.id";
        }
    }
    # End text search
    $t_from_clauses[] = $t_project_table;
    $t_from_clauses[] = $t_bug_table;
    $t_query_clauses['select'] = $t_select_clauses;
    $t_query_clauses['from'] = $t_from_clauses;
    $t_query_clauses['join'] = $t_join_clauses;
    $t_query_clauses['where'] = $t_where_clauses;
    $t_query_clauses['where_values'] = $t_where_params;
    $t_query_clauses = filter_get_query_sort_data($t_filter, $p_show_sticky, $t_query_clauses);
    # assigning to $p_* for this function writes the values back in case the caller wants to know
    # Get the total number of bugs that meet the criteria.
    $p_bug_count = filter_get_bug_count($t_query_clauses);
    if (0 == $p_bug_count) {
        return array();
    }
    $p_per_page = filter_per_page($t_filter, $p_bug_count, $p_per_page);
    $p_page_count = filter_page_count($p_bug_count, $p_per_page);
    $p_page_number = filter_valid_page_number($p_page_number, $p_page_count);
    $t_offset = filter_offset($p_page_number, $p_per_page);
    $t_query_clauses = filter_unique_query_clauses($t_query_clauses);
    $t_select_string = "SELECT DISTINCT " . implode(', ', $t_query_clauses['select']);
    $t_from_string = " FROM " . implode(', ', $t_query_clauses['from']);
    $t_order_string = " ORDER BY " . implode(', ', $t_query_clauses['order']);
    $t_join_string = count($t_query_clauses['join']) > 0 ? implode(' ', $t_query_clauses['join']) : '';
    $t_where_string = count($t_query_clauses['where']) > 0 ? 'WHERE ' . implode(' AND ', $t_query_clauses['where']) : '';
    $t_result = db_query_bound("{$t_select_string} {$t_from_string} {$t_join_string} {$t_where_string} {$t_order_string}", $t_query_clauses['where_values'], $p_per_page, $t_offset);
    $t_row_count = db_num_rows($t_result);
    $t_id_array_lastmod = array();
    for ($i = 0; $i < $t_row_count; $i++) {
        $t_row = db_fetch_array($t_result);
        $t_id_array_lastmod[] = (int) $t_row['id'];
        $t_rows[] = $t_row;
    }
    return filter_cache_result($t_rows, $t_id_array_lastmod);
}
}
function get_user_array()
{
    class User
    {
        public $id;
        public $name;
    }
    $user_array = array();
    $p_project_id = null;
    if (null === $p_project_id) {
        $p_project_id = helper_get_current_project();
    }
    if ($p_project_id === ALL_PROJECTS) {
        $t_current_user = auth_get_current_user_id();
        $t_projects = user_get_accessible_projects($t_current_user);
        # Get list of users having access level for all accessible projects
        $t_users = array();
        foreach ($t_projects as $t_project_id) {
            $t_project_users_list = project_get_all_user_rows($t_project_id, DEVELOPER);
            # Do a 'smart' merge of the project's user list, into an
            # associative array (to remove duplicates)
            # Use a foreach loop for correctness
            foreach ($t_project_users_list as $t_key => $t_user) {
                $t_users[$t_user['id']] = $t_user;
            }
            unset($t_project_users_list);
        }
        unset($t_projects);
    } else {
        $t_users = project_get_all_user_rows($p_project_id, DEVELOPER);
Exemple #15
0
function filter_get_bug_rows(&$p_page_number, &$p_per_page, &$p_page_count, &$p_bug_count, $p_custom_filter = null, $p_project_id = null, $p_user_id = null, $p_show_sticky = null)
{
    $t_bug_table = config_get('mantis_bug_table');
    $t_bug_text_table = config_get('mantis_bug_text_table');
    $t_bugnote_table = config_get('mantis_bugnote_table');
    $t_custom_field_string_table = config_get('mantis_custom_field_string_table');
    $t_bugnote_text_table = config_get('mantis_bugnote_text_table');
    $t_project_table = config_get('mantis_project_table');
    $t_bug_monitor_table = config_get('mantis_bug_monitor_table');
    $t_limit_reporters = config_get('limit_reporters');
    $t_bug_relationship_table = config_get('mantis_bug_relationship_table');
    $t_report_bug_threshold = config_get('report_bug_threshold');
    $t_current_user_id = auth_get_current_user_id();
    if (null === $p_user_id) {
        $t_user_id = $t_current_user_id;
    } else {
        $t_user_id = $p_user_id;
    }
    $c_user_id = db_prepare_int($t_user_id);
    if (null === $p_project_id) {
        $t_project_id = helper_get_current_project();
    } else {
        $t_project_id = $p_project_id;
    }
    if ($p_custom_filter === null) {
        # Prefer current_user_get_bug_filter() over user_get_filter() when applicable since it supports
        # cookies set by previous version of the code.
        if ($t_user_id == $t_current_user_id) {
            $t_filter = current_user_get_bug_filter();
        } else {
            $t_filter = user_get_bug_filter($t_user_id, $t_project_id);
        }
    } else {
        $t_filter = $p_custom_filter;
    }
    $t_filter = filter_ensure_valid_filter($t_filter);
    if (false === $t_filter) {
        return false;
        # signify a need to create a cookie
        #@@@ error instead?
    }
    $t_where_clauses = array("{$t_project_table}.enabled = 1", "{$t_project_table}.id = {$t_bug_table}.project_id");
    $t_select_clauses = array("{$t_bug_table}.*");
    $t_join_clauses = array();
    $t_from_clauses = array();
    if (ALL_PROJECTS == $t_project_id) {
        if (!user_is_administrator($t_user_id)) {
            $t_topprojects = $t_projects = user_get_accessible_projects($t_user_id);
            foreach ($t_topprojects as $t_project) {
                $t_projects = array_merge($t_projects, user_get_all_accessible_subprojects($t_user_id, $t_project));
            }
            $t_projects = array_unique($t_projects);
            if (0 == count($t_projects)) {
                return array();
                # no accessible projects, return an empty array
            } else {
                if (1 == count($t_projects)) {
                    $t_project = $t_projects[0];
                    array_push($t_where_clauses, "( {$t_bug_table}.project_id={$t_project} )");
                } else {
                    array_push($t_where_clauses, "( {$t_bug_table}.project_id in (" . implode(', ', $t_projects) . ") )");
                }
            }
        }
    } else {
        access_ensure_project_level(VIEWER, $t_project_id, $t_user_id);
        $t_projects = user_get_all_accessible_subprojects($t_user_id, $t_project_id);
        $t_projects[] = $t_project_id;
        $t_projects = array_unique($t_projects);
        if (1 == count($t_projects)) {
            $t_project = $t_projects[0];
            array_push($t_where_clauses, "( {$t_bug_table}.project_id={$t_project} )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.project_id in (" . implode(', ', $t_projects) . ") )");
        }
    }
    # private bug selection
    if (!access_has_project_level(config_get('private_bug_threshold'), $t_project_id, $t_user_id)) {
        $t_public = VS_PUBLIC;
        $t_private = VS_PRIVATE;
        switch ($t_filter['view_state']) {
            case VS_PUBLIC:
                array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_public}')");
                break;
            case VS_PRIVATE:
                array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_private}' AND {$t_bug_table}.reporter_id='{$t_user_id}')");
                break;
            case META_FILTER_ANY:
            default:
                array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_public}' OR {$t_bug_table}.reporter_id='{$t_user_id}')");
                break;
        }
    } else {
        $t_view_state = db_prepare_int($t_filter['view_state']);
        if ($t_filter['view_state'] !== META_FILTER_ANY && !is_blank($t_filter['view_state'])) {
            array_push($t_where_clauses, "({$t_bug_table}.view_state='{$t_view_state}')");
        }
    }
    # reporter
    $t_any_found = false;
    foreach ($t_filter['reporter_id'] as $t_filter_member) {
        if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['reporter_id']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['reporter_id'] as $t_filter_member) {
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "0");
            } else {
                $c_reporter_id = db_prepare_int($t_filter_member);
                if (META_FILTER_MYSELF == $c_reporter_id) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_reporter_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.reporter_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.reporter_id={$t_clauses['0']} )");
        }
    }
    # limit reporter
    # @@@ thraxisp - access_has_project_level checks greater than or equal to,
    #   this assumed that there aren't any holes above REPORTER where the limit would apply
    #
    if (ON === $t_limit_reporters && !access_has_project_level(REPORTER + 1, $t_project_id, $t_user_id)) {
        $c_reporter_id = $c_user_id;
        array_push($t_where_clauses, "({$t_bug_table}.reporter_id='{$c_reporter_id}')");
    }
    # handler
    $t_any_found = false;
    foreach ($t_filter['handler_id'] as $t_filter_member) {
        if (META_FILTER_ANY === $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['handler_id']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['handler_id'] as $t_filter_member) {
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, 0);
            } else {
                $c_handler_id = db_prepare_int($t_filter_member);
                if (META_FILTER_MYSELF == $c_handler_id) {
                    array_push($t_clauses, $c_user_id);
                } else {
                    array_push($t_clauses, $c_handler_id);
                }
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.handler_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.handler_id={$t_clauses['0']} )");
        }
    }
    # category
    $t_any_found = false;
    foreach ($t_filter['show_category'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_category']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_category'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_category = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_category}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.category in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.category={$t_clauses['0']} )");
        }
    }
    # severity
    $t_any_found = false;
    foreach ($t_filter['show_severity'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_severity']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_severity'] as $t_filter_member) {
            $c_show_severity = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_severity);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.severity in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.severity={$t_clauses['0']} )");
        }
    }
    # show / hide status
    # take a list of all available statuses then remove the ones that we want hidden, then make sure
    # the ones we want shown are still available
    $t_status_arr = explode_enum_string(config_get('status_enum_string'));
    $t_available_statuses = array();
    $t_desired_statuses = array();
    foreach ($t_status_arr as $t_this_status) {
        $t_this_status_arr = explode_enum_arr($t_this_status);
        $t_available_statuses[] = $t_this_status_arr[0];
    }
    if ('simple' == $t_filter['_view_type']) {
        # simple filtering: if showing any, restrict by the hide status value, otherwise ignore the hide
        $t_any_found = false;
        $t_this_status = $t_filter['show_status'][0];
        $t_this_hide_status = $t_filter['hide_status'][0];
        if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
            $t_any_found = true;
        }
        if ($t_any_found) {
            foreach ($t_available_statuses as $t_this_available_status) {
                if ($t_this_hide_status > $t_this_available_status) {
                    $t_desired_statuses[] = $t_this_available_status;
                }
            }
        } else {
            $t_desired_statuses[] = $t_this_status;
        }
    } else {
        # advanced filtering: ignore the hide
        $t_any_found = false;
        foreach ($t_filter['show_status'] as $t_this_status) {
            $t_desired_statuses[] = $t_this_status;
            if (META_FILTER_ANY == $t_this_status || is_blank($t_this_status) || 0 === $t_this_status) {
                $t_any_found = true;
            }
        }
        if ($t_any_found) {
            $t_desired_statuses = array();
        }
    }
    if (count($t_desired_statuses) > 0) {
        $t_clauses = array();
        foreach ($t_desired_statuses as $t_filter_member) {
            $c_show_status = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_status);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.status in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.status={$t_clauses['0']} )");
        }
    }
    # resolution
    $t_any_found = false;
    foreach ($t_filter['show_resolution'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_resolution']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_resolution'] as $t_filter_member) {
            $c_show_resolution = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_resolution);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.resolution in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.resolution={$t_clauses['0']} )");
        }
    }
    # priority
    $t_any_found = false;
    foreach ($t_filter['show_priority'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_priority']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_priority'] as $t_filter_member) {
            $c_show_priority = db_prepare_int($t_filter_member);
            array_push($t_clauses, $c_show_priority);
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.priority in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.priority={$t_clauses['0']} )");
        }
    }
    # product build
    $t_any_found = false;
    foreach ($t_filter['show_build'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_build']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_build'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_build = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_build}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.build in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.build={$t_clauses['0']} )");
        }
    }
    # product version
    $t_any_found = false;
    foreach ($t_filter['show_version'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_version']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_version'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_show_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_show_version}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.version in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.version={$t_clauses['0']} )");
        }
    }
    # profile
    $t_any_found = false;
    foreach ($t_filter['show_profile'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['show_profile']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['show_profile'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "0");
            } else {
                $c_show_profile = db_prepare_int($t_filter_member);
                array_push($t_clauses, "{$c_show_profile}");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.profile_id={$t_clauses['0']} )");
        }
    }
    # date filter
    if ('on' == $t_filter['do_filter_by_date'] && is_numeric($t_filter['start_month']) && is_numeric($t_filter['start_day']) && is_numeric($t_filter['start_year']) && is_numeric($t_filter['end_month']) && is_numeric($t_filter['end_day']) && is_numeric($t_filter['end_year'])) {
        $t_start_string = db_prepare_string($t_filter['start_year'] . "-" . $t_filter['start_month'] . "-" . $t_filter['start_day'] . " 00:00:00");
        $t_end_string = db_prepare_string($t_filter['end_year'] . "-" . $t_filter['end_month'] . "-" . $t_filter['end_day'] . " 23:59:59");
        array_push($t_where_clauses, "({$t_bug_table}.date_submitted BETWEEN '{$t_start_string}' AND '{$t_end_string}' )");
    }
    # fixed in version
    $t_any_found = false;
    foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['fixed_in_version']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        foreach ($t_filter['fixed_in_version'] as $t_filter_member) {
            $t_filter_member = stripslashes($t_filter_member);
            if (META_FILTER_NONE == $t_filter_member) {
                array_push($t_clauses, "''");
            } else {
                $c_fixed_in_version = db_prepare_string($t_filter_member);
                array_push($t_clauses, "'{$c_fixed_in_version}'");
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_bug_table}.fixed_in_version={$t_clauses['0']} )");
        }
    }
    # users monitoring a bug
    $t_any_found = false;
    foreach ($t_filter['user_monitor'] as $t_filter_member) {
        if (META_FILTER_ANY == $t_filter_member || 0 === $t_filter_member) {
            $t_any_found = true;
        }
    }
    if (count($t_filter['user_monitor']) == 0) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        $t_clauses = array();
        $t_table_name = 'user_monitor';
        array_push($t_from_clauses, $t_bug_monitor_table);
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_monitor_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id");
        foreach ($t_filter['user_monitor'] as $t_filter_member) {
            $c_user_monitor = db_prepare_int($t_filter_member);
            if (META_FILTER_MYSELF == $c_user_monitor) {
                array_push($t_clauses, $c_user_id);
            } else {
                array_push($t_clauses, $c_user_monitor);
            }
        }
        if (1 < count($t_clauses)) {
            array_push($t_where_clauses, "( {$t_table_name}.user_id in (" . implode(', ', $t_clauses) . ") )");
        } else {
            array_push($t_where_clauses, "( {$t_table_name}.user_id={$t_clauses['0']} )");
        }
    }
    # bug relationship
    $t_any_found = false;
    $c_rel_type = $t_filter['relationship_type'];
    $c_rel_bug = $t_filter['relationship_bug'];
    if (-1 == $c_rel_type || 0 == $c_rel_bug) {
        $t_any_found = true;
    }
    if (!$t_any_found) {
        # use the complementary type
        $c_rel_type = relationship_get_complementary_type($c_rel_type);
        $t_clauses = array();
        $t_table_name = 'relationship';
        array_push($t_from_clauses, $t_bug_relationship_table);
        array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name} ON {$t_table_name}.destination_bug_id = {$t_bug_table}.id");
        // get reverse relationships
        if ($c_rel_type == 1) {
            array_push($t_join_clauses, "LEFT JOIN {$t_bug_relationship_table} {$t_table_name}" . "2 ON {$t_table_name}" . "2.source_bug_id = {$t_bug_table}.id");
        }
        array_push($t_clauses, "({$t_table_name}.relationship_type='{$c_rel_type}' AND {$t_table_name}.source_bug_id='{$c_rel_bug}')");
        // get reverse relationships
        if ($c_rel_type == 1) {
            array_push($t_clauses, "({$t_table_name}" . "2.relationship_type='{$c_rel_type}' AND {$t_table_name}" . "2.destination_bug_id='{$c_rel_bug}')");
        }
        array_push($t_where_clauses, '(' . implode(' OR ', $t_clauses) . ')');
    }
    # custom field filters
    if (ON == config_get('filter_by_custom_fields')) {
        # custom field filtering
        $t_custom_fields = custom_field_get_linked_ids($t_project_id);
        foreach ($t_custom_fields as $t_cfid) {
            $t_first_time = true;
            $t_custom_where_clause = '';
            # Ignore all custom filters that are not set, or that are set to '' or "any"
            $t_any_found = false;
            foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
                if (META_FILTER_ANY == $t_filter_member && is_numeric($t_filter_member)) {
                    $t_any_found = true;
                }
            }
            if (!isset($t_filter['custom_fields'][$t_cfid])) {
                $t_any_found = true;
            }
            if (!$t_any_found) {
                $t_def = custom_field_get_definition($t_cfid);
                $t_table_name = $t_custom_field_string_table . '_' . $t_cfid;
                # We need to filter each joined table or the result query will explode in dimensions
                # Each custom field will result in a exponential growth like Number_of_Issues^Number_of_Custom_Fields
                # and only after this process ends (if it is able to) the result query will be filtered
                # by the WHERE clause and by the DISTINCT clause
                $t_cf_join_clause = "LEFT JOIN {$t_custom_field_string_table} {$t_table_name} ON {$t_table_name}.bug_id = {$t_bug_table}.id AND {$t_table_name}.field_id = {$t_cfid} ";
                if ($t_def['type'] == CUSTOM_FIELD_TYPE_DATE) {
                    switch ($t_filter['custom_fields'][$t_cfid][0]) {
                        case CUSTOM_FIELD_DATE_ANY:
                            break;
                        case CUSTOM_FIELD_DATE_NONE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.bug_id is null) OR ( ' . $t_table_name . '.value = 0)';
                            break;
                        case CUSTOM_FIELD_DATE_BEFORE:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.value != 0 AND (' . $t_table_name . '.value+0) < ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
                            break;
                        case CUSTOM_FIELD_DATE_AFTER:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.field_id = ' . $t_cfid . ' AND (' . $t_table_name . '.value+0) > ' . ($t_filter['custom_fields'][$t_cfid][1] + 1) . ')';
                            break;
                        default:
                            array_push($t_join_clauses, $t_cf_join_clause);
                            $t_custom_where_clause = '(( ' . $t_table_name . '.field_id = ' . $t_cfid . ' AND (' . $t_table_name . '.value+0) BETWEEN ' . $t_filter['custom_fields'][$t_cfid][1] . ' AND ' . $t_filter['custom_fields'][$t_cfid][2] . ')';
                            break;
                    }
                } else {
                    array_push($t_join_clauses, $t_cf_join_clause);
                    foreach ($t_filter['custom_fields'][$t_cfid] as $t_filter_member) {
                        $t_filter_member = stripslashes($t_filter_member);
                        if (META_FILTER_NONE === $t_filter_member) {
                            # coerce filter value if selecting META_FILTER_NONE
                            $t_filter_member = '';
                        }
                        if ($t_first_time) {
                            $t_first_time = false;
                            $t_custom_where_clause = '(';
                        } else {
                            $t_custom_where_clause .= ' OR ';
                        }
                        $t_custom_where_clause .= "{$t_table_name}.value ";
                        switch ($t_def['type']) {
                            case CUSTOM_FIELD_TYPE_MULTILIST:
                            case CUSTOM_FIELD_TYPE_CHECKBOX:
                                $t_custom_where_clause .= "LIKE '%|";
                                $t_custom_where_clause_closing = "|%'";
                                break;
                            default:
                                $t_custom_where_clause .= "= '";
                                $t_custom_where_clause_closing = "'";
                        }
                        $t_custom_where_clause .= db_prepare_string($t_filter_member);
                        $t_custom_where_clause .= $t_custom_where_clause_closing;
                    }
                }
                if (!is_blank($t_custom_where_clause)) {
                    array_push($t_where_clauses, $t_custom_where_clause . ')');
                }
            }
        }
    }
    $t_textsearch_where_clause = '';
    $t_textsearch_wherejoin_clause = '';
    # Simple Text Search - Thanks to Alan Knowles
    if (!is_blank($t_filter['search'])) {
        $c_search = db_prepare_string($t_filter['search']);
        $c_search_int = db_prepare_int($t_filter['search']);
        $t_textsearch_where_clause = "((summary LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.description LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.steps_to_reproduce LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.additional_information LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_table}.id = '{$c_search_int}'))";
        $t_textsearch_wherejoin_clause = "((summary LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.description LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.steps_to_reproduce LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_text_table}.additional_information LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bug_table}.id LIKE '%{$c_search}%')\n\t\t\t\t\t\t\t OR ({$t_bugnote_text_table}.note LIKE '%{$c_search}%'))";
        array_push($t_where_clauses, "({$t_bug_text_table}.id = {$t_bug_table}.bug_text_id)");
        $t_from_clauses = array($t_bug_text_table, $t_project_table, $t_bug_table);
    } else {
        $t_from_clauses = array($t_project_table, $t_bug_table);
    }
    $t_select = implode(', ', array_unique($t_select_clauses));
    $t_from = 'FROM ' . implode(', ', array_unique($t_from_clauses));
    $t_join = implode(' ', $t_join_clauses);
    if (count($t_where_clauses) > 0) {
        $t_where = 'WHERE ' . implode(' AND ', $t_where_clauses);
    } else {
        $t_where = '';
    }
    # Possibly do two passes. First time, grab the IDs of issues that match the filters. Second time, grab the IDs of issues that
    # have bugnotes that match the text search if necessary.
    $t_id_array = array();
    for ($i = 0; $i < 2; $i++) {
        $t_id_where = $t_where;
        $t_id_join = $t_join;
        if ($i == 0) {
            if (!is_blank($t_id_where) && !is_blank($t_textsearch_where_clause)) {
                $t_id_where = $t_id_where . ' AND ' . $t_textsearch_where_clause;
            }
        } else {
            if (!is_blank($t_textsearch_wherejoin_clause)) {
                $t_id_where = $t_id_where . ' AND ' . $t_textsearch_wherejoin_clause;
                $t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_table} ON {$t_bugnote_table}.bug_id = {$t_bug_table}.id";
                $t_id_join = $t_id_join . " INNER JOIN {$t_bugnote_text_table} ON {$t_bugnote_text_table}.id = {$t_bugnote_table}.bugnote_text_id";
            }
        }
        $query = "SELECT DISTINCT {$t_bug_table}.id AS id\n\t\t\t\t\t\t{$t_from}\n\t\t\t\t\t\t{$t_id_join}\n\t\t\t\t\t\t{$t_id_where}";
        if ($i == 0 || !is_blank($t_textsearch_wherejoin_clause)) {
            $result = db_query($query);
            $row_count = db_num_rows($result);
            for ($j = 0; $j < $row_count; $j++) {
                $row = db_fetch_array($result);
                $t_id_array[] = db_prepare_int($row['id']);
            }
        }
    }
    $t_id_array = array_unique($t_id_array);
    if (count($t_id_array) > 0) {
        $t_where = "WHERE {$t_bug_table}.id in (" . implode(", ", $t_id_array) . ")";
    } else {
        $t_where = "WHERE 1 != 1";
    }
    $t_from = 'FROM ' . $t_bug_table;
    # Get the total number of bugs that meet the criteria.
    $bug_count = count($t_id_array);
    # write the value back in case the caller wants to know
    $p_bug_count = $bug_count;
    if (null === $p_per_page) {
        $p_per_page = (int) $t_filter['per_page'];
    } else {
        if (-1 == $p_per_page) {
            $p_per_page = $bug_count;
        }
    }
    # Guard against silly values of $f_per_page.
    if (0 == $p_per_page) {
        $p_per_page = 1;
    }
    $p_per_page = (int) abs($p_per_page);
    # Use $bug_count and $p_per_page to determine how many pages
    # to split this list up into.
    # For the sake of consistency have at least one page, even if it
    # is empty.
    $t_page_count = ceil($bug_count / $p_per_page);
    if ($t_page_count < 1) {
        $t_page_count = 1;
    }
    # write the value back in case the caller wants to know
    $p_page_count = $t_page_count;
    # Make sure $p_page_number isn't past the last page.
    if ($p_page_number > $t_page_count) {
        $p_page_number = $t_page_count;
    }
    # Make sure $p_page_number isn't before the first page
    if ($p_page_number < 1) {
        $p_page_number = 1;
    }
    # Now add the rest of the criteria i.e. sorting, limit.
    # if sort is blank then default the sort and direction.  This is to fix the
    # symptoms of #3953.  Note that even if the main problem is fixed, we may
    # have to keep this code for a while to handle filters saved with this blank field.
    if (is_blank($t_filter['sort'])) {
        $t_filter['sort'] = 'last_updated';
        $t_filter['dir'] = 'DESC';
    }
    $t_order_array = array();
    $t_sort_fields = split(',', $t_filter['sort']);
    $t_dir_fields = split(',', $t_filter['dir']);
    if ('on' == $t_filter['sticky_issues'] && NULL !== $p_show_sticky) {
        $t_order_array[] = "sticky DESC";
    }
    for ($i = 0; $i < count($t_sort_fields); $i++) {
        $c_sort = db_prepare_string($t_sort_fields[$i]);
        if (!in_array($t_sort_fields[$i], array_slice($t_sort_fields, $i + 1))) {
            # if sorting by a custom field
            if (strpos($c_sort, 'custom_') === 0) {
                $t_custom_field = substr($c_sort, strlen('custom_'));
                $t_custom_field_id = custom_field_get_id_from_name($t_custom_field);
                $t_join .= " LEFT JOIN {$t_custom_field_string_table} ON ( ( {$t_custom_field_string_table}.bug_id = {$t_bug_table}.id ) AND ( {$t_custom_field_string_table}.field_id = {$t_custom_field_id} ) )";
                $c_sort = "{$t_custom_field_string_table}.value";
                $t_select_clauses[] = "{$t_custom_field_string_table}.value";
            }
            if ('DESC' == $t_dir_fields[$i]) {
                $c_dir = 'DESC';
            } else {
                $c_dir = 'ASC';
            }
            $t_order_array[] = "{$c_sort} {$c_dir}";
        }
    }
    # add basic sorting if necessary
    if (!in_array('last_updated', $t_sort_fields)) {
        $t_order_array[] = 'last_updated DESC';
    }
    if (!in_array('date_submitted', $t_sort_fields)) {
        $t_order_array[] = 'date_submitted DESC';
    }
    $t_order = " ORDER BY " . implode(', ', $t_order_array);
    $t_select = implode(', ', array_unique($t_select_clauses));
    $query2 = "SELECT DISTINCT {$t_select}\n\t\t\t\t\t{$t_from}\n\t\t\t\t\t{$t_join}\n\t\t\t\t\t{$t_where}\n\t\t\t\t\t{$t_order}";
    # Figure out the offset into the db query
    #
    # for example page number 1, per page 5:
    #     t_offset = 0
    # for example page number 2, per page 5:
    #     t_offset = 5
    $c_per_page = db_prepare_int($p_per_page);
    $c_page_number = db_prepare_int($p_page_number);
    $t_offset = ($c_page_number - 1) * $c_per_page;
    # perform query
    $result2 = db_query($query2, $c_per_page, $t_offset);
    $row_count = db_num_rows($result2);
    $rows = array();
    for ($i = 0; $i < $row_count; $i++) {
        $row = db_fetch_array($result2);
        $row['date_submitted'] = db_unixtimestamp($row['date_submitted']);
        $row['last_updated'] = db_unixtimestamp($row['last_updated']);
        array_push($rows, $row);
        bug_add_to_cache($row);
    }
    return $rows;
}
Exemple #16
0
function print_user_option_list($p_user_id, $p_project_id = null, $p_access = ANYBODY)
{
    $t_current_user = auth_get_current_user_id();
    if (null === $p_project_id) {
        $p_project_id = helper_get_current_project();
    }
    if ($p_project_id === ALL_PROJECTS) {
        $t_projects = user_get_accessible_projects($t_current_user);
        # Get list of users having access level for all accessible projects
        $t_users = array();
        foreach ($t_projects as $t_project_id) {
            $t_project_users_list = project_get_all_user_rows($t_project_id, $p_access);
            # Do a 'smart' merge of the project's user list, into an
            # associative array (to remove duplicates)
            # Use a while loop for better performance
            $i = 0;
            while (isset($t_project_users_list[$i])) {
                $t_users[$t_project_users_list[$i]['id']] = $t_project_users_list[$i];
                $i++;
            }
            unset($t_project_users_list);
        }
        unset($t_projects);
    } else {
        $t_users = project_get_all_user_rows($p_project_id, $p_access);
    }
    $t_display = array();
    $t_sort = array();
    $t_show_realname = ON == config_get('show_realname');
    $t_sort_by_last_name = ON == config_get('sort_by_last_name');
    foreach ($t_users as $t_key => $t_user) {
        $t_user_name = string_attribute($t_user['username']);
        $t_sort_name = utf8_strtolower($t_user_name);
        if ($t_show_realname && $t_user['realname'] != '') {
            $t_user_name = string_attribute($t_user['realname']);
            if ($t_sort_by_last_name) {
                $t_sort_name_bits = explode(' ', utf8_strtolower($t_user_name), 2);
                $t_sort_name = (isset($t_sort_name_bits[1]) ? $t_sort_name_bits[1] . ', ' : '') . $t_sort_name_bits[0];
            } else {
                $t_sort_name = utf8_strtolower($t_user_name);
            }
        }
        $t_display[] = $t_user_name;
        $t_sort[] = $t_sort_name;
    }
    array_multisort($t_sort, SORT_ASC, SORT_STRING, $t_users, $t_display);
    unset($t_sort);
    $t_count = count($t_users);
    for ($i = 0; $i < $t_count; $i++) {
        $t_row = $t_users[$i];
        echo '<option value="' . $t_row['id'] . '" ';
        check_selected($p_user_id, $t_row['id']);
        echo '>' . $t_display[$i] . '</option>';
    }
}
	<td width="10%">
		<?php 
print_manage_project_sort_link('manage_proj_page.php', lang_get('view_status'), 'view_state', $t_direction, $f_sort);
print_sort_icon($t_direction, $f_sort, 'view_state');
?>
	</td>
	<td width="40%">
		<?php 
print_manage_project_sort_link('manage_proj_page.php', lang_get('description'), 'description', $t_direction, $f_sort);
print_sort_icon($t_direction, $f_sort, 'description');
?>
	</td>
</tr>
<?php 
$t_manage_project_threshold = config_get('manage_project_threshold');
$t_projects = user_get_accessible_projects(auth_get_current_user_id(), true);
$t_full_projects = array();
foreach ($t_projects as $t_project_id) {
    $t_full_projects[] = project_get_row($t_project_id);
}
$t_projects = multi_sort($t_full_projects, $f_sort, $t_direction);
$t_stack = array($t_projects);
while (0 < count($t_stack)) {
    $t_projects = array_shift($t_stack);
    if (0 == count($t_projects)) {
        continue;
    }
    $t_project = array_shift($t_projects);
    $t_project_id = $t_project['id'];
    $t_level = count($t_stack);
    # only print row if user has project management privileges
Exemple #18
0
function user_get_all_accessible_projects($p_user_id, $p_project_id)
{
    if (ALL_PROJECTS == $p_project_id) {
        $t_topprojects = $t_project_ids = user_get_accessible_projects($p_user_id);
        foreach ($t_topprojects as $t_project) {
            $t_project_ids = array_merge($t_project_ids, user_get_all_accessible_subprojects($p_user_id, $t_project));
        }
        $t_project_ids = array_unique($t_project_ids);
    } else {
        access_ensure_project_level(VIEWER, $p_project_id);
        $t_project_ids = user_get_all_accessible_subprojects($p_user_id, $p_project_id);
        array_unshift($t_project_ids, $p_project_id);
    }
    return $t_project_ids;
}