/** * Cache collapse API data from the database for the current user. * If the collapse cookie has been set, grab the changes and resave * the token, or touch it otherwise. */ function collapse_cache_token() { global $g_collapse_cache_token; if (!auth_is_user_authenticated() || current_user_is_anonymous()) { $g_collapse_cache_token = array(); return; } if (isset($g_collapse_cache_token)) { return; } $t_user_id = auth_get_current_user_id(); $t_token = token_get_value(TOKEN_COLLAPSE); if (!is_null($t_token)) { $t_data = unserialize($t_token); } else { $t_data = array(); } $g_collapse_cache_token = $t_data; $t_cookie = gpc_get_cookie('MANTIS_collapse_settings', ''); if (false !== $t_cookie && !is_blank($t_cookie)) { $t_update = false; $t_data = explode('|', $t_cookie); foreach ($t_data as $t_pair) { $t_pair = explode(',', $t_pair); if (false !== $t_pair && count($t_pair) == 2) { $g_collapse_cache_token[$t_pair[0]] = true == $t_pair[1]; $t_update = true; } } if ($t_update) { $t_token = serialize($g_collapse_cache_token); token_set(TOKEN_COLLAPSE, $t_token, TOKEN_EXPIRY_COLLAPSE); } else { token_touch(TOKEN_COLLAPSE); } gpc_clear_cookie('MANTIS_collapse_settings'); } }
/** * MantisBT Core API's */ require_once 'core.php'; require_once 'current_user_api.php'; require_once 'bug_api.php'; require_once 'date_api.php'; require_once 'icon_api.php'; require_once 'string_api.php'; require_once 'columns_api.php'; require_once 'config_filter_defaults_inc.php'; auth_ensure_user_authenticated(); $f_search = gpc_get_string(FILTER_PROPERTY_FREE_TEXT, false); /** @todo need a better default */ $f_offset = gpc_get_int('offset', 0); $t_cookie_value_id = gpc_get_cookie(config_get('view_all_cookie'), ''); $t_cookie_value = filter_db_get_filter($t_cookie_value_id); $f_highlight_changed = 0; $f_sort = null; $f_dir = null; $t_project_id = 0; $t_columns = helper_get_columns_to_view(COLUMNS_TARGET_PRINT_PAGE); $t_num_of_columns = count($t_columns); # check to see if the cookie exists if (!is_blank($t_cookie_value)) { # check to see if new cookie is needed if (!filter_is_cookie_valid()) { print_header_redirect('view_all_set.php?type=0&print=1'); } $t_setting_arr = explode('#', $t_cookie_value, 2); $t_filter_cookie_arr = unserialize($t_setting_arr[1]);
function helper_get_current_project_trace() { $t_cookie_name = config_get('project_cookie'); $t_project_id = gpc_get_cookie($t_cookie_name, null); if (null === $t_project_id) { $t_bottom = current_user_get_pref('default_project'); $t_project_id = array($t_bottom); } else { $t_project_id = split(';', $t_project_id); $t_bottom = $t_project_id[count($t_project_id) - 1]; } if (!project_exists($t_bottom) || 0 == project_get_field($t_bottom, 'enabled') || !access_has_project_level(VIEWER, $t_bottom)) { $t_project_id = array(ALL_PROJECTS); } return $t_project_id; }
/** * Check if the filter cookie exists and is of the correct version. * @return boolean */ function filter_is_cookie_valid() { $t_view_all_cookie_id = gpc_get_cookie(config_get('view_all_cookie'), ''); $t_view_all_cookie = filter_db_get_filter($t_view_all_cookie_id); # check to see if the cookie does not exist if (is_blank($t_view_all_cookie)) { return false; } # check to see if new cookie is needed $t_setting_arr = explode('#', $t_view_all_cookie, 2); if ($t_setting_arr[0] == 'v1' || $t_setting_arr[0] == 'v2' || $t_setting_arr[0] == 'v3' || $t_setting_arr[0] == 'v4') { return false; } # We shouldn't need to do this anymore, as filters from v5 onwards should cope with changing # filter indices dynamically $t_filter_cookie_arr = array(); if (isset($t_setting_arr[1])) { $t_filter_cookie_arr = json_decode($t_setting_arr[1], true); } else { return false; } if ($t_filter_cookie_arr['_version'] != FILTER_VERSION) { return false; } return true; }
require_api('config_api.php'); require_api('constant_inc.php'); require_api('filter_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); auth_ensure_user_authenticated(); compress_enable(); html_page_top(); ?> <br /> <div align="center"> <?php $t_query_to_store = filter_db_get_filter(gpc_get_cookie(config_get('view_all_cookie'), '')); $t_query_arr = filter_db_get_available_queries(); # Let's just see if any of the current filters are the # same as the one we're about the try and save foreach ($t_query_arr as $t_id => $t_name) { if (filter_db_get_filter($t_id) == $t_query_to_store) { print lang_get('query_exists') . ' (' . $t_name . ')<br />'; } } # Check for an error $t_error_msg = strip_tags(gpc_get_string('error_msg', null)); if ($t_error_msg != null) { print "<br />{$t_error_msg}<br /><br />"; } print lang_get('query_name_label') . lang_get('word_separator'); ?>
require_api('database_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); require_api('user_api.php'); require_api('utility_api.php'); require_css('login.css'); $f_error = gpc_get_bool('error'); $f_cookie_error = gpc_get_bool('cookie_error'); $f_return = string_sanitize_url(gpc_get_string('return', '')); $f_username = gpc_get_string('username', ''); $f_perm_login = gpc_get_bool('perm_login', false); $f_secure_session = gpc_get_bool('secure_session', false); $f_secure_session_cookie = gpc_get_cookie(config_get_global('cookie_prefix') . '_secure_session', null); # Set username to blank if invalid to prevent possible XSS exploits if (!user_is_name_valid($f_username)) { $f_username = ''; } $t_session_validation = ON == config_get_global('session_validation'); # If user is already authenticated and not anonymous if (auth_is_user_authenticated() && !current_user_is_anonymous()) { # If return URL is specified redirect to it; otherwise use default page if (!is_blank($f_return)) { print_header_redirect($f_return, false, false, true); } else { print_header_redirect(config_get('default_home_page')); } } # Check for automatic logon methods where we want the logon to just be handled by login.php
$t_filter_config_value = META_FILTER_NONE; } else { $t_filter_user_value = gpc_get_int('filter_user_id', ALL_USERS); $t_filter_project_value = gpc_get_int('filter_project_id', ALL_PROJECTS); $t_filter_config_value = check_config_value(gpc_get_string('filter_config_id', META_FILTER_NONE)); } } # Manage filter's persistency through cookie $t_cookie_name = config_get('manage_config_cookie'); if ($t_filter_save) { # Save user's filter to the cookie $t_cookie_string = implode(':', array($t_filter_user_value, $t_filter_project_value, $t_filter_config_value)); gpc_set_cookie($t_cookie_name, $t_cookie_string, true); } else { # Retrieve the filter from the cookie if it exists $t_cookie_string = gpc_get_cookie($t_cookie_name, null); if (null !== $t_cookie_string) { $t_cookie_contents = explode(':', $t_cookie_string); $t_filter_user_value = $t_cookie_contents[0]; $t_filter_project_value = $t_cookie_contents[1]; $t_filter_config_value = check_config_value($t_cookie_contents[2]); if ($t_filter_project_value != META_FILTER_NONE && !project_exists($t_filter_project_value)) { $t_filter_project_value = ALL_PROJECTS; } } } # Get config edit values $t_edit_user_id = gpc_get_int('user_id', $t_filter_user_value == META_FILTER_NONE ? ALL_USERS : $t_filter_user_value); $t_edit_project_id = gpc_get_int('project_id', $t_filter_project_value == META_FILTER_NONE ? ALL_PROJECTS : $t_filter_project_value); $t_edit_option = gpc_get_string('config_option', $t_filter_config_value == META_FILTER_NONE ? '' : $t_filter_config_value); $t_edit_type = gpc_get_string('type', CONFIG_TYPE_DEFAULT);
$t_bug = bug_prepare_display(bug_get($f_bug_id, true)); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } if (SIMPLE_ONLY == config_get('show_view')) { print_header_redirect('bug_view_page.php?bug_id=' . $f_bug_id); } compress_enable(); html_page_top1(bug_format_summary($f_bug_id, SUMMARY_CAPTION)); html_page_top2(); print_recently_visited(); $t_access_level_needed = config_get('view_history_threshold'); $t_can_view_history = access_has_bug_level($t_access_level_needed, $f_bug_id); $t_bugslist = gpc_get_cookie(config_get('bug_list_cookie'), false); ?> <br /> <table class="width100" cellspacing="1"> <tr> <!-- Title --> <td class="form-title" colspan="<?php echo $t_bugslist ? '3' : '4'; ?> "> <?php echo lang_get('viewing_bug_advanced_details_title');
$c_dir = 'DESC'; } if ($f_hide == 0) { # a 0 will turn it off $c_hide = 0; } else { # anything else (including 'on') will turn it on $c_hide = 1; } # set cookie values for hide, sort by, and dir if ($f_save) { $t_manage_string = $c_hide . ':' . $c_sort . ':' . $c_dir; gpc_set_cookie($t_cookie_name, $t_manage_string, true); } else { if (!is_blank(gpc_get_cookie($t_cookie_name, ''))) { $t_manage_arr = explode(':', gpc_get_cookie($t_cookie_name)); $f_hide = $t_manage_arr[0]; if (isset($t_manage_arr[1])) { $f_sort = $t_manage_arr[1]; } else { $f_sort = 'username'; } if (isset($t_manage_arr[2])) { $f_dir = $t_manage_arr[2]; } else { $f_dir = 'DESC'; } } } html_page_top1(lang_get('manage_users_link')); html_page_top2();
$f_query_name = strip_tags(gpc_get_string('query_name')); $f_is_public = gpc_get_bool('is_public'); $f_all_projects = gpc_get_bool('all_projects'); $t_query_redirect_url = 'query_store_page.php'; # We can't have a blank name if (is_blank($f_query_name)) { $t_query_redirect_url = $t_query_redirect_url . '?error_msg=' . urlencode(lang_get('query_blank_name')); print_header_redirect($t_query_redirect_url); } # Check and make sure they don't already have a # query with the same name $t_query_arr = filter_db_get_available_queries(); foreach ($t_query_arr as $t_id => $t_name) { if ($f_query_name == $t_name) { $t_query_redirect_url = $t_query_redirect_url . '?error_msg=' . urlencode(lang_get('query_dupe_name')); print_header_redirect($t_query_redirect_url); exit; } } $t_project_id = helper_get_current_project(); if ($f_all_projects) { $t_project_id = 0; } $t_filter_string = filter_db_get_filter(gpc_get_cookie(config_get('view_all_cookie'), '')); $t_new_row_id = filter_db_set_for_current_user($t_project_id, $f_is_public, $f_query_name, $t_filter_string); if ($t_new_row_id == -1) { $t_query_redirect_url = $t_query_redirect_url . '?error_msg=' . urlencode(lang_get('query_store_error')); print_header_redirect($t_query_redirect_url); } else { print_header_redirect('view_all_bug_page.php'); }
/** * Return the current project id as stored in a cookie, in an Array * If no cookie exists, the user's default project is returned * If the current project is a subproject, the return value will include * any parent projects * @return array */ function helper_get_current_project_trace() { $t_cookie_name = config_get('project_cookie'); $t_project_id = gpc_get_cookie($t_cookie_name, null); if (null === $t_project_id) { $t_bottom = current_user_get_pref('default_project'); $t_parent = $t_bottom; $t_project_id = array($t_bottom); while (true) { $t_parent = project_hierarchy_get_parent($t_parent); if (0 == $t_parent) { break; } array_unshift($t_project_id, $t_parent); } } else { $t_project_id = explode(';', $t_project_id); $t_bottom = $t_project_id[count($t_project_id) - 1]; } if (!project_exists($t_bottom) || 0 == project_get_field($t_bottom, 'enabled') || !access_has_project_level(VIEWER, $t_bottom)) { $t_project_id = array(ALL_PROJECTS); } return $t_project_id; }
/** * * @return bool * @access public */ function auth_http_is_logout_pending() { $t_cookie_name = config_get('logout_cookie'); $t_cookie = gpc_get_cookie($t_cookie_name, ''); return $t_cookie > ''; }
$g_css_inc_file = $g_absolute_directory . 'core' . DIRECTORY_SEPARATOR . 'css_inc' . $g_ext; $g_meta_inc_file = $g_absolute_directory . 'core' . DIRECTORY_SEPARATOR . 'meta_inc' . $g_ext; $g_note_add_page = $g_web_directory . 'note_add_page' . $g_ext; $g_note_preview_page = $g_web_directory . 'note_preview_page' . $g_ext; $g_note_add = $g_web_directory . 'note_add' . $g_ext; $t_path_lang = $t_path_main . 'lang' . DIRECTORY_SEPARATOR; require_once $t_path_lang . 'strings_english' . $g_ext; if ($g_language != 'english') { require_once $t_path_lang . 'strings_' . $g_language . $g_ext; } require_once $t_path_core . 'lang_api.php'; require_once $t_path_core . 'config_api.php'; require_once $t_path_core . 'database_api.php'; require_once $t_path_core . 'note_api.php'; require_once $t_path_core . 'string_api.php'; require_once $t_path_core . 'access_api.php'; require_once $t_path_core . 'page_api.php'; require_once $t_path_core . 'html_api.php'; require_once $t_path_core . 'user_api.php'; require_once $t_path_core . 'link_api.php'; require_once $t_path_core . 'util_api.php'; require_once $t_path_core . 'gpc_api.php'; require_once $t_path_core . 'email_api.php'; require_once $t_path_core . 'enum_api.php'; require_once $t_path_core . 'pwn_api.php'; require_once $t_path_main . DIRECTORY_SEPARATOR . 'themes' . DIRECTORY_SEPARATOR . $g_theme . DIRECTORY_SEPARATOR . 'theme_api.php'; # Cookies $g_string_cookie_val = gpc_get_cookie($g_string_cookie, ''); ########################################################################### ### END ### ###########################################################################