} } if ($show['search_options']) { $assignable_users = fetch_assignable_users_select($project['projectid']); $search_status_options = fetch_issue_status_search_select($projectperms); } // navbar and output $navbits = construct_navbits(array('project.php' . $vbulletin->session->vars['sessionurl_q'] => $vbphrase['projects'], "project.php?" . $vbulletin->session->vars['sessionurl'] . "projectid={$project['projectid']}" => $project['title_clean'], "projectmilestone.php?" . $vbulletin->session->vars['sessionurl'] . "projectid={$project['projectid']}" => $vbphrase['milestones'], '' => $milestone['title_clean'])); eval('$navbar = "' . fetch_template('navbar') . '";'); eval('print_output("' . fetch_template('pt_milestone') . '");'); } // ####################################################################### if ($_REQUEST['do'] == 'project') { $vbulletin->input->clean_array_gpc('r', array('projectid' => TYPE_UINT, 'viewall' => TYPE_BOOL)); $project = verify_project($vbulletin->GPC['projectid']); $projectperms = fetch_project_permissions($vbulletin->userinfo, $project['projectid']); $milestone_types = fetch_viewable_milestone_types($projectperms); if (!$milestone_types) { print_no_permission(); } $milestone_data = $vbulletin->db->query_read("\r\n\t\tSELECT *\r\n\t\tFROM " . TABLE_PREFIX . "pt_milestone\r\n\t\tWHERE projectid = {$project['projectid']}\r\n\t\tORDER BY completeddate DESC, targetdate\r\n\t"); if (!$db->num_rows($milestone_data)) { standard_error(fetch_error('invalidid', $vbphrase['project'], $vbulletin->options['contactuslink'])); } $counts = fetch_milestone_count_data("\r\n\t\tmilestone.projectid = {$project['projectid']}\r\n\t\tAND milestonetypecount.issuetypeid IN ('" . implode("','", $milestone_types) . "')\r\n\t"); $active_milestones = ''; $no_target_milestones = ''; $completed_milestones = ''; $count_completed = 0; while ($milestone = $db->fetch_array($milestone_data)) { if ($milestone['completeddate'] and !$vbulletin->GPC['viewall']) {
/** * Verifies that an issue type is valid. Errors if not. * * @param string Issue type ID * @param integer Project ID. */ function verify_issuetypeid($issuetypeid, $projectid) { global $vbulletin, $vbphrase; $project = fetch_project_info($projectid); if (!$project) { standard_error(fetch_error('invalidid', $vbphrase['issue_type'], $vbulletin->options['contactuslink'])); } $types = $vbulletin->pt_projects["{$project['projectid']}"]['types']; if (!isset($types["{$issuetypeid}"])) { standard_error(fetch_error('invalidid', $vbphrase['issue_type'], $vbulletin->options['contactuslink'])); } $issueperms = fetch_project_permissions($vbulletin->userinfo, $projectid, $issuetypeid); if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview'])) { print_no_permission(); } return true; }
/** * Adds milestone ID criteria. Only allows one milestone to be specified. * * @param string * @param integer */ function add_milestoneid($name, $value) { $id = intval($value); if (!$id) { return PT_SEARCHGEN_CRITERIA_UNNECESSARY; } $milestone = $this->registry->db->query_first("\r\n\t\t\tSELECT *\r\n\t\t\tFROM " . TABLE_PREFIX . "pt_milestone\r\n\t\t\tWHERE milestoneid = {$id}\r\n\t\t"); if (!$milestone) { return PT_SEARCHGEN_CRITERIA_UNNECESSARY; } require_once DIR . '/includes/functions_pt_milestone.php'; $projectperms = fetch_project_permissions($this->registry->userinfo, $milestone['projectid']); $milestone_types = fetch_viewable_milestone_types($projectperms); if (!$milestone_types) { // no permission, give a condition with no matches $this->where['milestoneid'] = "1=0"; } else { $this->where['milestoneid'] = "\r\n\t\t\t\tissue.milestoneid = {$id}\r\n\t\t\t\tAND issue.projectid = {$milestone['projectid']}\r\n\t\t\t\tAND issue.issuetypeid IN ('" . implode("','", $milestone_types) . "')\r\n\t\t\t"; } return PT_SEARCHGEN_CRITERIA_ADDED; }
/** * Builds a search result bit * * @param array Issue info * * @return string Search result bit HTML */ function build_pt_search_resultbit($issue) { global $vbulletin, $db, $show, $stylevar, $vbphrase, $template_hook; static $projectperms = array(); if (!isset($projectperms["{$issue['projectid']}"])) { $projectperms["{$issue['projectid']}"] = fetch_project_permissions($vbulletin->userinfo, $issue['projectid']); } $project = $vbulletin->pt_projects["{$issue['projectid']}"]; $issueperms = $projectperms["{$issue['projectid']}"]["{$issue['issuetypeid']}"]; $posting_perms = prepare_issue_posting_pemissions($issue, $issueperms); $show['edit_issue'] = $posting_perms['issue_edit']; $show['status_edit'] = $posting_perms['status_edit']; $issue = prepare_issue($issue); ($hook = vBulletinHook::fetch_hook('projectsearch_results_bit')) ? eval($hook) : false; eval('$resultbits .= "' . fetch_template('pt_searchresultbit') . '";'); return $resultbits; }
if (!($vbulletin->userinfo['permissions']['ptpermissions'] & $vbulletin->bf_ugp_ptpermissions['canviewprojecttools'])) { print_no_permission(); } ($hook = vBulletinHook::fetch_hook('projectattachment_start')) ? eval($hook) : false; // ######################################################################## // ######################### START MAIN SCRIPT ############################ // ######################################################################## $vbulletin->input->clean_array_gpc('r', array('attachmentid' => TYPE_UINT, 'thumb' => TYPE_BOOL)); $idname = $vbphrase['attachment']; $imagetype = !empty($vbulletin->GPC['thumb']) ? 'thumbnail' : 'filedata'; if (!($attachmentinfo = $db->query_first_slave("\r\n\tSELECT issueattach.filename, issueattach.issueid, issueattach.userid, issueattach.attachmentid,\r\n\t\t" . (!empty($vbulletin->GPC['thumb']) ? 'issueattach.thumbnail AS filedata, thumbnail_dateline AS dateline, thumbnail_filesize AS filesize,' : 'issueattach.dateline, SUBSTRING(filedata, 1, 2097152) AS filedata, filesize,') . "\r\n\t\tissueattach.visible, issueattach.extension\r\n\tFROM " . TABLE_PREFIX . "pt_issueattach AS issueattach\r\n\tWHERE issueattach.attachmentid = " . $vbulletin->GPC['attachmentid'] . "\r\n"))) { eval(standard_error(fetch_error('invalidid', $idname, $vbulletin->options['contactuslink']))); } $issue = verify_issue($attachmentinfo['issueid']); $project = verify_project($issue['projectid']); $issueperms = fetch_project_permissions($vbulletin->userinfo, $project['projectid'], $issue['issuetypeid']); if (!($issueperms['attachpermissions'] & $vbulletin->pt_bitfields['attach']['canattachview'])) { print_no_permission(); } if ($vbulletin->options['pt_attachfile']) { require_once DIR . '/includes/functions_file.php'; if ($vbulletin->GPC['thumb']) { $attachpath = fetch_attachment_path($attachmentinfo['userid'], $attachmentinfo['attachmentid'], true, $vbulletin->options['pt_attachpath']); } else { $attachpath = fetch_attachment_path($attachmentinfo['userid'], $attachmentinfo['attachmentid'], false, $vbulletin->options['pt_attachpath']); } if ($permissions['adminpermissions'] & $vbulletin->bf_ugp_adminpermissions['cancontrolpanel']) { if (!($fp = fopen($attachpath, 'rb'))) { exit; } } else {
/** * Displays project information after this forum (if selected by the user), in the subforum list. * Requires $project_forums and $project_types to be global * * @param array Forum information * * @return string Project bits */ function pt_subforumbit_display(&$forum) { global $vbulletin, $db, $stylevar, $vbphrase, $show, $template_hook; global $project_forums, $project_types; $projectbits = ''; if (isset($project_forums["{$forum['forumid']}"])) { foreach ($project_forums["{$forum['forumid']}"] as $projectid) { $project = $vbulletin->pt_projects["{$projectid}"]; $projectperms = fetch_project_permissions($vbulletin->userinfo, $project['projectid']); $project['lastactivity'] = 0; $can_view = false; foreach ($project_types["{$project['projectid']}"] as $type) { if (!($projectperms["{$type['issuetypeid']}"]['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview'])) { continue; } $can_view = true; break; } if (!$can_view) { continue; } //($hook = vBulletinHook::fetch_hook('project_subforumbit')) ? eval($hook) : false; eval('$projectbits .= "' . fetch_template('pt_subforumbit_project') . '";'); } } return $projectbits; }
eval('print_output("' . fetch_template('pt_move_issue_confirm') . '");'); } // ####################################################################### if ($_REQUEST['do'] == 'moveissue') { $vbulletin->input->clean_array_gpc('r', array('issueid' => TYPE_UINT)); $issue = verify_issue($vbulletin->GPC['issueid']); $project = verify_project($issue['projectid']); $issueperms = fetch_project_permissions($vbulletin->userinfo, $project['projectid'], $issue['issuetypeid']); $posting_perms = prepare_issue_posting_pemissions($issue, $issueperms); if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canmoveissue'])) { print_no_permission(); } $project_type_select = ''; $optionclass = ''; foreach ($vbulletin->pt_projects as $projectid => $projectinfo) { $project_perms["{$projectid}"] = fetch_project_permissions($vbulletin->userinfo, $projectid); $optgroup_options = ''; foreach (array_keys($projectinfo['types']) as $type) { // Check we can both view and post the target issue type if (!($project_perms["{$projectid}"]["{$type}"]['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview']) or !($project_perms["{$projectid}"]["{$type}"]['postpermissions'] & $vbulletin->pt_bitfields['post']['canpostnew'])) { continue; } $optionvalue = $projectinfo['projectid'] . '-' . $type; $optiontitle = $vbphrase["issuetype_{$type}_singular"]; $optionselected = ($issue['issuetypeid'] == $type and $issue['projectid'] == $projectid) ? ' selected="selected"' : ''; eval('$optgroup_options .= "' . fetch_template('option') . '";'); } if (empty($optgroup_options)) { continue; } $optgroup_label = $projectinfo['title'];
/** * Sends the selected PT digest (daily or weekly) * * @param string Digest type (daily or weekly) */ function exec_pt_digest($type = 'daily') { global $vbulletin; if (empty($vbulletin->pt_permissions)) { $vbulletin->datastore->do_db_fetch("'pt_bitfields','pt_permissions'"); } $lastdate = mktime(0, 0); // midnight today if ($type == 'daily') { // daily, yesterday midnight $lastdate -= 24 * 60 * 60; } else { // weekly, last week midnight $type = 'weekly'; $lastdate -= 7 * 24 * 60 * 60; } require_once DIR . '/includes/functions_misc.php'; require_once DIR . '/includes/class_bbcode_alt.php'; $plaintext_parser =& new vB_BbCodeParser_PlainText($vbulletin, fetch_tag_list()); vbmail_start(); // get new issues $issues = $vbulletin->db->query_read_slave("\r\n\t\tSELECT user.userid, user.salt, user.username, user.email, user.languageid, user.usergroupid, user.membergroupids,\r\n\t\t\tuser.timezoneoffset, IF(user.options & " . $vbulletin->bf_misc_useroptions['dstonoff'] . ", 1, 0) AS dstonoff,\r\n\t\t\tissue.*, language.dateoverride AS lang_dateoverride, language.timeoverride AS lang_timeoverride\r\n\t\tFROM " . TABLE_PREFIX . "pt_issuesubscribe AS issuesubscribe\r\n\t\tINNER JOIN " . TABLE_PREFIX . "pt_issue AS issue ON (issue.issueid = issuesubscribe.issueid)\r\n\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (issuesubscribe.userid = user.userid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (usergroup.usergroupid = user.usergroupid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "usertextfield AS usertextfield ON (usertextfield.userid = user.userid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "language AS language ON (language.languageid = IF(user.languageid = 0, " . intval($vbulletin->options['languageid']) . ", user.languageid))\r\n\t\tWHERE issuesubscribe.subscribetype = '{$type}'\r\n\t\t\tAND issue.lastpost > {$lastdate}\r\n\t\t\tAND issue.visible = 'visible'\r\n\t\t\tAND user.usergroupid <> 3\r\n\t\t\tAND (usergroup.genericoptions & " . $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] . ")\r\n\t"); while ($issue = $vbulletin->db->fetch_array($issues)) { // check that this user has the correct permissions to view $issueperms = fetch_project_permissions($issue, $issue['projectid'], $issue['issuetypeid']); if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview']) or $issue['userid'] != $issue['submituserid'] and !($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canviewothers'])) { // can't view or can't view others' issues continue; } $notebits = ''; $hourdiff = (date('Z', TIMENOW) / 3600 - ($issue['timezoneoffset'] + ($issue['dstonoff'] ? 1 : 0))) * 3600; $lastpost_adjusted = max(0, $issue['lastpost'] - $hourdiff); $issue['lastreplydate'] = date($vbulletin->options['dateformat'], $lastpost_adjusted); $issue['lastreplytime'] = date($vbulletin->options['timeformat'], $lastpost_adjusted); $issue['title'] = unhtmlspecialchars($issue['title']); $issue['username'] = unhtmlspecialchars($issue['username']); $issue['submitusername'] = unhtmlspecialchars($issue['submitusername']); $issue['lastpostusername'] = unhtmlspecialchars($issue['lastpostusername']); $issue['newposts'] = 0; // get posts $notes = $vbulletin->db->query_read_slave("\r\n\t\t\tSELECT issuenote.*\r\n\t\t\tFROM " . TABLE_PREFIX . "pt_issuenote AS issuenote\r\n\t\t\tLEFT JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = issuenote.userid)\r\n\t\t\tWHERE issuenote.issueid = {$issue['issueid']}\r\n\t\t\t\tAND issuenote.visible = 'visible'\r\n\t\t\t\tAND issuenote.dateline > {$lastdate}\r\n\t\t\tORDER BY issuenote.dateline\r\n\t\t"); // compile $haveothers = false; while ($note = $vbulletin->db->fetch_array($notes)) { if ($note['userid'] != $issue['userid']) { $haveothers = true; } $issue['newposts']++; $dateline_adjusted = max(0, $note['dateline'] - $hourdiff); $note['postdate'] = date($vbulletin->options['dateformat'], $dateline_adjusted); $note['posttime'] = date($vbulletin->options['timeformat'], $dateline_adjusted); $note['username'] = unhtmlspecialchars($note['username']); $plaintext_parser->set_parsing_language($issue['languageid']); $note['message'] = $plaintext_parser->parse($note['pagetext'], 'pt'); eval(fetch_email_phrases('pt_digestnotebit', $issue['languageid'])); $notebits .= $message; } // Don't send an update if the subscriber is the only one who posted in the issue. if ($haveothers) { // make email eval(fetch_email_phrases('pt_digestissue', $issue['languageid'])); vbmail($issue['email'], $subject, $message); } } unset($plaintext_parser); // get new projects $projects = $vbulletin->db->query_read_slave("\r\n\t\tSELECT user.userid, user.salt, user.username, user.email, user.languageid, user.usergroupid, user.membergroupids,\r\n\t\t\tuser.timezoneoffset, IF(user.options & " . $vbulletin->bf_misc_useroptions['dstonoff'] . ", 1, 0) AS dstonoff,\r\n\t\t\tIF(user.options & " . $vbulletin->bf_misc_useroptions['hasaccessmask'] . ", 1, 0) AS hasaccessmask,\r\n\t\t\tproject.*, projecttype.issuetypeid,\r\n\t\t\tlanguage.dateoverride AS lang_dateoverride, language.timeoverride AS lang_timeoverride, language.locale AS lang_locale\r\n\t\tFROM " . TABLE_PREFIX . "pt_projecttypesubscribe AS projecttypesubscribe\r\n\t\tINNER JOIN " . TABLE_PREFIX . "pt_projecttype AS projecttype ON (projecttype.projectid = projecttypesubscribe.projectid AND projecttype.issuetypeid = projecttypesubscribe.issuetypeid)\r\n\t\tINNER JOIN " . TABLE_PREFIX . "pt_project AS project ON (project.projectid = projecttypesubscribe.projectid)\r\n\t\tINNER JOIN " . TABLE_PREFIX . "user AS user ON (user.userid = projecttypesubscribe.userid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (usergroup.usergroupid = user.usergroupid)\r\n\t\tLEFT JOIN " . TABLE_PREFIX . "language AS language ON (language.languageid = IF(user.languageid = 0, " . intval($vbulletin->options['languageid']) . ", user.languageid))\r\n\t\tWHERE projecttypesubscribe.subscribetype = '{$type}'\r\n\t\t\tAND projecttype.lastpost > {$lastdate}\r\n\t\t\tAND user.usergroupid <> 3\r\n\t\t\tAND (usergroup.genericoptions & " . $vbulletin->bf_ugp_genericoptions['isnotbannedgroup'] . ")\r\n\t"); while ($project = $vbulletin->db->fetch_array($projects)) { $userinfo = array('lang_locale' => $project['lang_locale'], 'dstonoff' => $project['dstonoff'], 'timezoneoffset' => $project['timezoneoffset']); $newissuebits = ''; $newissues = 0; $updatedissuebits = ''; $updatedissues = 0; $project['username_clean'] = unhtmlspecialchars($project['username']); $project['title_clean'] = unhtmlspecialchars($project['title_clean']); $project['issuetype_plural'] = fetch_phrase("issuetype_{$project['issuetypeid']}_plural", 'projecttools', '', false, true, $project['languageid'], false); $issues = $vbulletin->db->query_read_slave("\r\n\t\t\tSELECT issue.*\r\n\t\t\tFROM " . TABLE_PREFIX . "pt_issue AS issue\r\n\t\t\tWHERE issue.projectid = {$project['projectid']}\r\n\t\t\t\tAND issue.issuetypeid = '{$project['issuetypeid']}'\r\n\t\t\t\tAND issue.visible = 'visible'\r\n\t\t\t\tAND issue.lastpost > {$lastdate}\r\n\t\t"); while ($issue = $vbulletin->db->fetch_array($issues)) { $issueperms = fetch_project_permissions($project, $issue['projectid'], $issue['issuetypeid']); if (!($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canview']) or $issue['userid'] != $issue['submituserid'] and !($issueperms['generalpermissions'] & $vbulletin->pt_bitfields['general']['canviewothers'])) { // can't view or can't view others' issues continue; } $issue['lastreplydate'] = vbdate($project['lang_dateoverride'] ? $project['lang_dateoverride'] : $vbulletin->options['default_dateformat'], $issue['lastpost'], false, true, true, false, $userinfo); $issue['lastreplytime'] = vbdate($project['lang_timeoverride'] ? $project['lang_timeoverride'] : $vbulletin->options['default_timeformat'], $issue['lastpost'], false, true, true, false, $userinfo); $issue['title_clean'] = unhtmlspecialchars($issue['title']); $issue['submitusername_clean'] = unhtmlspecialchars($issue['submitusername']); $issue['lastposter_clean'] = unhtmlspecialchars($issue['lastposter']); eval(fetch_email_phrases('pt_digestissuebit', $project['languageid'])); if ($issue['submitdate'] > $lastdate) { // new issue $newissues++; $newissuebits .= $message; } else { $updatedissues++; $updatedissuebits .= $message; } } if ($newissues or $updatedissues) { // make email eval(fetch_email_phrases('pt_digestproject', $project['languageid'])); vbmail($project['email'], $subject, $message); } } vbmail_end(); }