Exemple #1
0
 function show()
 {
     global $page, $db, $user, $fs, $proj;
     $page->setTitle($fs->prefs['page_title'] . L('reports'));
     $events = array(1 => L('taskopened'), 13 => L('taskreopened'), 2 => L('taskclosed'), 3 => L('taskedited'), 14 => L('assignmentchanged'), 29 => L('events.useraddedtoassignees'), 4 => L('commentadded'), 5 => L('commentedited'), 6 => L('commentdeleted'), 7 => L('attachmentadded'), 8 => L('attachmentdeleted'), 11 => L('relatedadded'), 12 => L('relateddeleted'), 9 => L('notificationadded'), 10 => L('notificationdeleted'), 17 => L('reminderadded'), 18 => L('reminderdeleted'));
     $user_events = array(30 => L('created'), 31 => L('deleted'));
     $page->assign('events', $events);
     $page->assign('user_events', $user_events);
     $sort = strtoupper(Get::enum('sort', array('desc', 'asc')));
     $where = array();
     $params = array();
     $orderby = '';
     switch (Get::val('order')) {
         case 'type':
             $orderby = "h.event_type {$sort}, h.event_date {$sort}";
             break;
         case 'user':
             $orderby = "user_id {$sort}, h.event_date {$sort}";
             break;
         case 'date':
         default:
             $orderby = "h.event_date {$sort}, h.event_type {$sort}";
     }
     foreach (Get::val('events', array()) as $eventtype) {
         $where[] = 'h.event_type = ?';
         $params[] = $eventtype;
     }
     $where = '(' . implode(' OR ', $where) . ')';
     if ($proj->id) {
         $where = $where . 'AND (t.project_id = ?  OR h.event_type > 29) ';
         $params[] = $proj->id;
     }
     if (($fromdate = Req::val('fromdate')) || Req::val('todate')) {
         $where .= ' AND ';
         $todate = Req::val('todate');
         if ($fromdate) {
             $where .= ' h.event_date > ?';
             $params[] = Flyspray::strtotime($fromdate) + 0;
         }
         if ($todate && $fromdate) {
             $where .= ' AND h.event_date < ?';
             $params[] = Flyspray::strtotime($todate) + 86400;
         } else {
             if ($todate) {
                 $where .= ' h.event_date < ?';
                 $params[] = Flyspray::strtotime($todate) + 86400;
             }
         }
     }
     $histories = array();
     if (count(Get::val('events'))) {
         if (Get::num('event_number') > 0) {
             $db->setLimit(Get::num('event_number'));
         }
         $histories = $db->x->getAll("SELECT h.*, t.*, p.project_prefix\n                                             FROM {history} h\n                                        LEFT JOIN {tasks} t ON h.task_id = t.task_id\n                                        LEFT JOIN {projects} p ON t.project_id = p.project_id\n                                            WHERE {$where}\n                                         ORDER BY {$orderby}", null, $params);
     }
     $page->assign('histories', $histories);
     $page->assign('sort', $sort);
     $page->pushTpl('reports.tpl');
 }
Exemple #2
0
 function _onsubmit()
 {
     global $proj;
     // only meant for global fields...
     if (!count(Get::val('ids', array()))) {
         return array(ERROR_RECOVER, L('notasksselected'), CreateUrl('index'));
     }
     $proj = new Project(0);
     $return = $this->handle('action', Req::val('action'));
     $proj = new Project(0);
     return $return;
 }
Exemple #3
0
 function show($area = null)
 {
     global $page, $fs, $db, $proj, $user, $conf;
     $perpage = '20';
     if (isset($user->infos['tasks_perpage'])) {
         $perpage = $user->infos['tasks_perpage'];
     }
     $pagenum = max(1, Get::num('pagenum', 1));
     $offset = $perpage * ($pagenum - 1);
     // Get the visibility state of all columns
     $visible = explode(' ', trim($proj->id ? $proj->prefs['visible_columns'] : $fs->prefs['visible_columns']));
     if (!is_array($visible) || !count($visible) || !$visible[0]) {
         $visible = array('id');
     }
     list($tasks, $id_list) = Backend::get_task_list($_GET, $visible, $offset, $perpage);
     $page->assign('tasks', $tasks);
     $page->assign('offset', $offset);
     $page->assign('perpage', $perpage);
     $page->assign('pagenum', $pagenum);
     $page->assign('visible', $visible);
     // List of task IDs for next/previous links
     $_SESSION['tasklist'] = $id_list;
     $page->assign('total', count($id_list));
     // Javascript replacement
     if (Get::val('toggleadvanced')) {
         $advanced_search = intval(!Req::val('advancedsearch'));
         Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
         $_COOKIE['advancedsearch'] = $advanced_search;
     }
     // Update check {{{
     if (Get::has('hideupdatemsg')) {
         unset($_SESSION['latest_version']);
     } else {
         if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
             if (!isset($_SESSION['latest_version'])) {
                 $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
                 //if for some silly reason we get and empty response, we use the actual version
                 $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
                 $db->x->execParam('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
             }
         }
     }
     if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
         $page->assign('updatemsg', true);
     }
     // }}}
     $page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('tasklist'));
     $page->pushTpl('index.tpl');
 }
Exemple #4
0
define('IN_FS', true);
define('IN_FEED', true);
require_once dirname(__FILE__) . '/header.php';
$page = new FSTpl();
// Set up the basic XML head
header('Content-type: text/html; charset=utf-8');
$max_items = Req::num('num', 10) == 10 ? 10 : 20;
$sql_project = ' 1=1 ';
if ($proj->id) {
    $sql_project = sprintf(' p.project_id = %d', $proj->id);
}
$feed_type = Req::val('feed_type', 'rss2');
if ($feed_type != 'rss1' && $feed_type != 'rss2') {
    $feed_type = 'atom';
}
switch (Req::val('topic')) {
    case 'clo':
        $orderby = 'date_closed';
        $closed = 't.is_closed = 1 ';
        $topic = 1;
        $title = 'Recently closed tasks';
        break;
    case 'edit':
        $orderby = 'last_edited_time';
        $closed = '1=1';
        $topic = 2;
        $title = 'Recently edited tasks';
        break;
    default:
        $orderby = 'date_opened';
        $closed = '1=1';
Exemple #5
0
    header('Content-Type: application/csv');
    header('Content-Disposition: attachment; filename=' . $outfile);
    header('Content-Transfer-Encoding: text');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . strlen($result));
    ob_clean();
    flush();
    // finally send out our data
    printf("%s", $result);
}
// } }}
// Javascript replacement
if (Get::val('toggleadvanced')) {
    $advanced_search = intval(!Req::val('advancedsearch'));
    Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
    $_COOKIE['advancedsearch'] = $advanced_search;
}
// Update check {{{
if (Get::has('hideupdatemsg')) {
    unset($_SESSION['latest_version']);
} else {
    if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
        if (!isset($_SESSION['latest_version'])) {
            $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
            //if for some silly reason we get and empty response, we use the actual version
            $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
            $db->Query('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
        }
    }
Exemple #6
0
 private function &get_command_from_url()
 {
     $out = new FlySprayCommand();
     if (($action = Req::val('action', false)) === false) {
         $null = null;
         return $null;
     }
     $out->action = $action;
     $out->id = Req::val('id');
     switch ($out->action) {
         case 'close_task':
             $out->ids['comment'] = Req::val('comment', '');
             $out->ids['mark100'] = intval(Req::val('mark100', 1));
             break;
         case 'add_comment':
             $out->ids[0] = Req::val('text');
             break;
         case 'edit_task':
             $out->ids[Req::val('param', '___')] = Req::val('value');
             break;
         case 'assign_to_me':
             $ids_str = Req::val('task_ids', '');
             $ids_arr = explode(',', $ids_str);
             $out->ids = $ids_arr;
             break;
         case 'get_task_details':
             break;
     }
     return $out;
 }
     // ##################
     // denying a PM request
     // ##################
 // ##################
 // denying a PM request
 // ##################
 case 'denypmreq':
     $result = $db->Query("SELECT  task_id, project_id\n                                FROM  {admin_requests}\n                               WHERE  request_id = ?", array(Req::val('req_id')));
     $req_details = $db->FetchRow($result);
     if (!$user->perms('manage_project', $req_details['project_id'])) {
         break;
     }
     // Mark the PM request as 'resolved'
     $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
     Flyspray::logEvent($req_details['task_id'], 28, Req::val('deny_reason'));
     $notify->Create(NOTIFY_PM_DENY_REQUEST, $req_details['task_id'], Req::val('deny_reason'));
     $_SESSION['SUCCESS'] = L('pmreqdeniedmsg');
     break;
     // ##################
     // adding a dependency
     // ##################
 // ##################
 // adding a dependency
 // ##################
 case 'details.newdep':
     if (!$user->can_edit_task($task)) {
         break;
     }
     if (!Post::val('dep_task_id')) {
         Flyspray::show_error(L('formnotcomplete'));
         break;
Exemple #8
0
 function _onsubmit()
 {
     global $fs, $db, $proj, $user;
     $proj = new Project(0);
     return $this->handle('action', Req::val('action'));
 }
Exemple #9
0
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Remove the folder ' . DIRECTORY_SEPARATOR . 'setup</a> before you start using Flyspray</p>
');
}
// Any "do" mode that accepts a task_id or id field should be added here.
if (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) {
    if (Req::num('task_id')) {
        $result = $db->Query('SELECT  project_id
                                FROM  {tasks} WHERE task_id = ?', array(Req::num('task_id')));
        $project_id = $db->FetchOne($result);
    }
}
if (!isset($project_id)) {
    // Determine which project we want to see
    if (($project_id = Cookie::val('flyspray_project')) == '') {
        $project_id = $fs->prefs['default_project'];
    }
    $project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);
# no more project cookie!
#$proj->setCookie();
Exemple #10
0
 /**
  * Returns (safe) HTML which displays a field to edit a value
  * @access public
  * @param bool $use_default use default field value or not
  * @param bool $lock lock the field depending on the users perms ornot
  * @param array $task task data
  * @param array $add_options add options to the select?
  * @param array $attrs add attributes to the select
  * @return string
  */
 function edit($use_default = true, $lock = false, $task = array(), $add_options = array(), $attrs = array(), $prefix = '')
 {
     global $user, $proj;
     if ($use_default) {
         $task['field' . $this->id] = $this->prefs['default_value'];
     } else {
         if (!isset($task['field' . $this->id])) {
             $task['field' . $this->id] = '';
         }
     }
     // determine whether or not to lock inputs
     $lock = $lock && $this->prefs['force_default'] && (count($task) > 3 && !$user->can_edit_task($task) || !$user->perms('modify_all_tasks'));
     $html = '';
     switch ($this->prefs['field_type']) {
         case FIELD_LIST:
             if (!$this->prefs['list_id']) {
                 return '';
             }
             $html .= sprintf('<select id="%sfield%d" name="%sfield%d%s" %s ', $prefix, $this->id, $prefix, $this->id, isset($attrs['multiple']) ? '[]' : '', join_attrs($attrs));
             $html .= tpl_disableif($lock) . '>';
             $html .= tpl_options(array_merge($add_options, $proj->get_list($this->prefs, $task['field' . $this->id])), Req::val('field' . $this->id, $task['field' . $this->id]));
             $html .= '</select>';
             break;
         case FIELD_DATE:
             $attrs = array();
             if ($lock) {
                 $attrs = array('readonly' => 'readonly');
             }
             $html .= tpl_datepicker($prefix . 'field' . $this->id, '', Req::val('field' . $this->id, $task['field' . $this->id]), $attrs);
             break;
         case FIELD_TEXT:
             $html .= sprintf('<input type="text" class="text" id="%sfield%d" name="%sfield%d" value="%s"/>', $prefix, $this->id, $prefix, $this->id, Filters::noXSS(Req::val('field' . $this->id, $task['field' . $this->id])));
             break;
         case FIELD_USER:
             $html .= tpl_userselect($prefix . 'field' . $this->id, Req::val('field' . $this->id, $task['field' . $this->id]));
             break;
     }
     return $html;
 }
Exemple #11
0
/*******************************************************************************/
/* Here begins the deep flyspray : html rendering                              */
/*******************************************************************************/
# no cache headers are now in header.php!
// see http://www.w3.org/TR/html401/present/styles.html#h-14.2.1
header('Content-Style-Type: text/css');
header('Content-type: text/html; charset=utf-8');
if ($conf['general']['output_buffering'] == 'gzip' && extension_loaded('zlib')) {
    // Start Output Buffering and gzip encoding if setting is present.
    ob_start('ob_gzhandler');
} else {
    ob_start();
}
$page = new FSTpl();
// make sure people are not attempting to manually fiddle with projects they are not allowed to play with
if (Req::has('project') && Req::val('project') != 0 && !$user->can_view_project(Req::val('project'))) {
    Flyspray::show_error(L('nopermission'));
    exit;
}
if ($show_task = Get::val('show_task')) {
    // If someone used the 'show task' form, redirect them
    if (is_numeric($show_task)) {
        Flyspray::Redirect(CreateURL('details', $show_task));
    } else {
        Flyspray::Redirect($baseurl . '?string=' . $show_task);
    }
}
if (Flyspray::requestDuplicated()) {
    // Check that this page isn't being submitted twice
    Flyspray::show_error(3);
}
Exemple #12
0
define('IN_FS', true);
header('Content-type: text/html; charset=utf-8');
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'));
    $user->check_account_ok();
} else {
    $user = new User(0, $proj);
}
// don't allow anonymous users to access this page at all
if ($user->isAnon()) {
    die;
}
if (Req::has('name')) {
    $searchterm = strtolower(Req::val('name'));
}
// Get the list of users from the global groups above
$get_users = $db->Query('  SELECT  count(u.user_name) AS anz_u_user, 
                                   count(r.user_name) AS anz_r_user 
                             FROM  {users} u
                        LEFT JOIN  {registrations} r ON u.user_name = r.user_name
                            WHERE  Lower(u.user_name) = ? 
                                   OR
                                   Lower(r.user_name) = ?', array($searchterm, $searchterm));
while ($row = $db->FetchRow($get_users)) {
    if ($row['anz_u_user'] > '0' || $row['anz_r_user'] > '0') {
        $html = 'false|' . eL('usernametaken');
    } else {
        $html = 'true';
    }
Exemple #13
0
 /**
  * show 
  * 
  * @access public
  * @return void
  */
 function show()
 {
     global $page, $fs, $db;
     $page->setTitle($fs->prefs['page_title'] . L('lostpw'));
     if (!Req::has('magic_url')) {
         // Step One: user requests magic url
         $page->pushTpl('lostpw.step1.tpl');
     } else {
         // Step Two: user enters new password
         $check_magic = $db->x->getRow('SELECT user_id, user_name FROM {users} WHERE magic_url = ?', null, array(Req::val('magic_url')));
         if ($check_magic) {
             $page->assign('userinfo', $check_magic);
             $page->pushTpl('lostpw.step2.tpl');
         } else {
             $page->pushTpl('lostpw.step1.tpl');
         }
     }
 }
Exemple #14
0
 function isAlnum($key)
 {
     return Filters::isAlnum(Req::val($key));
 }
Exemple #15
0
 function show()
 {
     global $page, $db, $user, $fs;
     $page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
     if (Get::val('regdone')) {
         $page->pushTpl('register.ok.tpl');
     } else {
         if ($user->can_register()) {
             // 32 is the length of the magic_url
             if (Req::has('magic_url')) {
                 // If the user came here from their notification link
                 $sql = $db->x->GetOne('SELECT reg_id FROM {registrations} WHERE magic_url = ?', null, Req::val('magic_url'));
                 if (!$sql) {
                     FlysprayDo::error(array(ERROR_INPUT, L('error18')));
                 }
                 $page->pushTpl('register.magic.tpl');
             } else {
                 $page->pushTpl('register.no-magic.tpl');
             }
         } else {
             $page->pushTpl('common.newuser.tpl');
         }
     }
 }
Exemple #16
0
<?php

/*********************************************************\
  | Register a new user (when confirmation codes is used)   |
  | ~~~~~~~~~~~~~~~~~~~                                     |
  \*********************************************************/
if (!defined('IN_FS')) {
    die('Do not access this file directly.');
}
$page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
if (!$user->isAnon()) {
    Flyspray::Redirect($baseurl);
}
if ($user->can_register()) {
    // 32 is the length of the magic_url
    if (Req::has('magic_url') && strlen(Req::val('magic_url')) == 32) {
        // If the user came here from their notification link
        $sql = $db->Query('SELECT * FROM {registrations} WHERE magic_url = ?', array(Get::val('magic_url')));
        if (!$db->CountRows($sql)) {
            Flyspray::show_error(18);
        }
        $page->pushTpl('register.magic.tpl');
    } else {
        $page->pushTpl('register.no-magic.tpl');
    }
} elseif ($user->can_self_register()) {
    $page->pushTpl('common.newuser.tpl');
} else {
    Flyspray::show_error(22);
}
Exemple #17
0
$page->pushTpl('admin.menu.tpl');
switch ($area = Req::val('area', 'prefs')) {
    case 'users':
        $id = Flyspray::UserNameToId(Req::val('user_name'));
        if (!$id) {
            $id = Req::val('user_id');
        }
        $theuser = new User($id, $proj);
        if ($theuser->isAnon()) {
            Flyspray::show_error(5, true, null, $_SESSION['prev_page']);
        }
        $page->assign('theuser', $theuser);
    case 'cat':
    case 'editgroup':
        // yeah, utterly stupid, is changed in 1.0 already
        if (Req::val('area') == 'editgroup') {
            $group_details = Flyspray::getGroupDetails(Req::num('id'));
            if (!$group_details || $group_details['project_id'] != $proj->id) {
                Flyspray::show_error(L('groupnotexist'));
                Flyspray::Redirect(CreateURL('pm', 'groups', $proj->id));
            }
            $page->uses('group_details');
        }
    case 'groups':
    case 'newuser':
    case 'newuserbulk':
    case 'editallusers':
        $page->assign('groups', Flyspray::ListGroups());
    case 'userrequest':
        $sql = $db->Query("SELECT  *\n                             FROM  {admin_requests}\n                            WHERE  request_type = 3 AND project_id = 0 AND resolved_by = 0\n                         ORDER BY  time_submitted ASC");
        $page->assign('pendings', $db->fetchAllArray($sql));
Exemple #18
0
function tpl_datepicker($name, $label = '', $value = 0)
{
    global $user, $page;
    $date = '';
    if ($value) {
        if (!is_numeric($value)) {
            $value = strtotime($value);
        }
        if (!$user->isAnon()) {
            $st = date('Z') / 3600;
            // server GMT timezone
            $value += ($user->infos['time_zone'] - $st) * 60 * 60;
        }
        $date = date('Y-m-d', intval($value));
        /* It must "look" as a date..
         * XXX : do not blindly copy this code to validate other dates
         * this is mostly a tongue-in-cheek validation
         * 1. it will fail on 32 bit systems on dates < 1970
         * 2. it will produce different results bewteen 32 and 64 bit systems for years < 1970
         * 3. it will not work when year > 2038 on 32 bit systems (see http://en.wikipedia.org/wiki/Year_2038_problem)
         *
         * Fortunately tasks are never opened to be dated on 1970 and maybe our sons or the future flyspray
         * coders may be willing to fix the 2038 issue ( in the strange case 32 bit systems are still used by that year) :-)
         */
    } elseif (Req::has($name) && strlen(Req::val($name))) {
        //strtotime sadly returns -1 on faliure in php < 5.1 instead of false
        $ts = strtotime(Req::val($name));
        foreach (array('m', 'd', 'Y') as $period) {
            //checkdate only accepts arguments of type integer
            ${$period} = intval(date($period, $ts));
        }
        // $ts has to be > 0 to get around php behavior change
        // false is casted to 0 by the ZE
        $date = $ts > 0 && checkdate($m, $d, $Y) ? Req::val($name) : '';
    }
    $subPage = new FSTpl();
    $subPage->setTheme($page->getTheme());
    $subPage->assign('name', $name);
    $subPage->assign('date', $date);
    $subPage->assign('label', $label);
    $subPage->assign('dateformat', '%Y-%m-%d');
    $subPage->display('common.datepicker.tpl');
}
Exemple #19
0
 /**
  * area_list
  *
  * @access public
  * @return void
  */
 function area_list()
 {
     global $fs, $db, $proj, $user, $page;
     if (!Req::val('list_id')) {
         FlysprayDo::error(array(ERROR_INPUT));
         return;
     }
     $row = $db->x->getRow('SELECT list_type, list_name FROM {lists} WHERE list_id = ?', null, Req::val('list_id'));
     if ($row['list_type'] != LIST_CATEGORY) {
         $page->assign('rows', $proj->get_edit_list(Req::val('list_id')));
     }
     $page->assign('list_type', $row['list_type']);
     $page->assign('list_name', $row['list_name']);
 }
Exemple #20
0
 function _onsubmit()
 {
     $action = Req::val('action');
     list($type, $msg, $url) = $this->handle('action', $action, $this->task);
     if ($type != NO_SUBMIT) {
         $this->task = Flyspray::GetTaskDetails(Req::num('task_id'));
     }
     return array($type, $msg, $url);
 }
Exemple #21
0
         $userids[] = $row['user_id'];
     } else {
         # user is probably in a global group with assignee permission listed, so no need to show second time in a project group.
     }
 }
 if (is_array(Post::val('rassigned_to'))) {
     $page->assign('assignees', Post::val('rassigned_to'));
 } else {
     $assignees = $db->Query('SELECT user_id FROM {assigned} WHERE task_id = ?', $task_details['task_id']);
     $page->assign('assignees', $db->FetchCol($assignees));
 }
 $page->assign('userlist', $userlist);
 # Build the category select array, a movetask or normal taskedit
 # then in the template just use tpl_select($catselect);
 # keep last category selection
 $catselected = Req::val('product_category', $task_details['product_category']);
 if (isset($move) && $move == 1) {
     # listglobalcats
     $gcats = $proj->listCategories(0);
     if (count($gcats) > 0) {
         foreach ($gcats as $cat) {
             $gcatopts[] = array('value' => $cat['category_id'], 'label' => $cat['category_name']);
             if ($catselected == $cat['category_id']) {
                 $gcatopts[count($gcatopts) - 1]['selected'] = 1;
             }
         }
         $catsel['options'][] = array('optgroup' => 1, 'label' => L('categoriesglobal'), 'options' => $gcatopts);
     }
     # listprojectcats
     $pcats = $proj->listCategories($proj->id);
     if (count($pcats) > 0) {
Exemple #22
0
    $where[] = 'h.event_type = ?';
    $params[] = $eventtype;
}
$where = '(' . implode(' OR ', $where) . ')';
if ($proj->id) {
    $where = $where . 'AND (t.project_id = ?  OR h.event_type > 29) ';
    $params[] = $proj->id;
}
if (($fromdate = Req::val('fromdate')) || Req::val('todate')) {
    $where .= ' AND ';
    $todate = Req::val('todate');
    if ($fromdate) {
        $where .= ' h.event_date > ?';
        $params[] = Flyspray::strtotime($fromdate) + 0;
    }
    if ($todate && $fromdate) {
        $where .= ' AND h.event_date < ?';
        $params[] = Flyspray::strtotime($todate) + 86400;
    } else {
        if ($todate) {
            $where .= ' h.event_date < ?';
            $params[] = Flyspray::strtotime($todate) + 86400;
        }
    }
}
if (count(Req::val('events'))) {
    $histories = $db->Query("SELECT h.*\n                        FROM  {history} h\n                   LEFT JOIN {tasks} t ON h.task_id = t.task_id\n                        WHERE {$where}\n                     ORDER BY {$orderby}", $params, Req::num('event_number', -1));
    $histories = $db->FetchAllArray($histories);
}
$page->uses('histories', 'sort');
$page->pushTpl('reports.tpl');
Exemple #23
0
     $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
     Flyspray::logEvent($req_details['task_id'], 28, Req::val('deny_reason'));
     $notify->Create(NOTIFY_PM_DENY_REQUEST, $req_details['task_id'], Req::val('deny_reason'), null, NOTIFY_BOTH, $proj->prefs['lang_code']);
     $_SESSION['SUCCESS'] = L('pmreqdeniedmsg');
     break;
     // ##################
     // deny a new user request
     // ##################
 // ##################
 // deny a new user request
 // ##################
 case 'denyuserreq':
     if ($user->perms('is_admin')) {
         $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
         // Wrong event constant
         Flyspray::logEvent(0, 28, Req::val('deny_reason'));
         //nee a new event number. need notification. fix smtp first
         // Missing notification constant, can't notify yet...
         $_SESSION['SUCCESS'] = "New user register request denied";
     }
     break;
     // ##################
     // adding a dependency
     // ##################
 // ##################
 // adding a dependency
 // ##################
 case 'details.newdep':
     if (!$user->can_edit_task($task)) {
         Flyspray::show_error(L('nopermission'));
         //TODO: create a better error message
Exemple #24
0
    $amails = $db->x->getCol('SELECT email_address
                         FROM {users} u
                    LEFT JOIN {users_in_groups} g ON u.user_id = g.user_id
                        WHERE g.group_id = 1');
    $amails = array_map(create_function('$x', 'return str_replace("@", "#", $x);'), $amails);
    $page->assign('admin_emails', $amails);
}
// default title
$page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title']);
$page->setTheme($proj->prefs['theme_style']);
$page->assign('do', $do);
$page->pushTpl('header.tpl');
if (Flyspray::requestDuplicated()) {
    // Check that this page isn't being submitted twice
    FlysprayDo::error(array(ERROR_INPUT, L('error3')));
}
/* XXX:
 * there is something fishy in the new design, users actions
 * should never require the admin specific class.
 */
$class = 'FlysprayDo' . $do;
$mode = new $class();
$mode->show(Req::val('area'));
if (isset($_SESSION)) {
    // remove dupe data on error, since no submission happened
    if (isset($_SESSION['ERROR']) && isset($_SESSION['requests_hash'])) {
        $currentrequest = md5(serialize($_POST));
        unset($_SESSION['requests_hash'][$currentrequest]);
    }
}
$page->finish('footer.tpl');
            }
        }
    } else {
        // Determine if the user should be remembered on this machine
        if (Req::has('remember_login')) {
            $cookie_time = time() + 60 * 60 * 24 * 30;
            // Set cookies for 30 days
        } else {
            $cookie_time = 0;
            // Set cookies to expire when session ends (browser closes)
        }
        $user = new User($user_id);
        // Set a couple of cookies
        $passweirded = md5($user->infos['user_pass'] . $conf['general']['cookiesalt']);
        Flyspray::setcookie('flyspray_userid', $user->id, $cookie_time);
        Flyspray::setcookie('flyspray_passhash', $passweirded, $cookie_time);
        // If the user had previously requested a password change, remove the magic url
        $remove_magic = $db->Query("UPDATE {users} SET magic_url = '' WHERE user_id = ?", array($user->id));
        // Save for displaying
        if ($user->infos['login_attempts'] > 0) {
            $_SESSION['login_attempts'] = $user->infos['login_attempts'];
        }
        $db->Query('UPDATE {users} SET login_attempts = 0 WHERE user_id = ?', array($user->id));
        $_SESSION['SUCCESS'] = L('loginsuccessful');
    }
} else {
    // If the user didn't provide both a username and a password, show this error:
    Flyspray::show_error(8);
}
Flyspray::Redirect(Req::val('return_to'));
Exemple #26
0
/*
   This is the main script that everything else is included
   in.  Mostly what it does is check the user permissions
   to see what they have access to.
*/
define('IN_FS', true);
require_once dirname(__FILE__) . '/header.php';
// Get available do-modes
$modes = str_replace('.php', '', array_map('basename', glob_compat(BASEDIR . "/scripts/*.php")));
$do = Req::enum('do', $modes, $proj->prefs['default_entry']);
if ($do == 'admin' && Req::has('switch') && Req::val('project') != '0') {
    $do = 'pm';
} elseif ($do == 'pm' && Req::has('switch') && Req::val('project') == '0') {
    $do = 'admin';
} elseif (Req::has('show') || Req::has('switch') && $do == 'details' || $do == 'newtask' && Req::val('project') == '0') {
    $do = 'index';
}
/* permission stuff */
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'), $proj);
    $user->check_account_ok();
    $user->save_search($do);
} else {
    $user = new User(0, $proj);
}
if (Get::val('getfile')) {
    // If a file was requested, deliver it
    $result = $db->Query("SELECT  t.project_id,\n                                  a.orig_name, a.file_name, a.file_type, t.*\n                            FROM  {attachments} a\n                      INNER JOIN  {tasks}       t ON a.task_id = t.task_id\n                           WHERE  attachment_id = ?", array(Get::val('getfile')));
    $task = $db->FetchRow($result);
    list($proj_id, $orig_name, $file_name, $file_type) = $task;