<?php /* This script is the AJAX callback that deletes a user's saved search */ define('IN_FS', true); require_once '../../header.php'; $baseurl = dirname(dirname($baseurl)) . '/'; if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { $user = new User(Cookie::val('flyspray_userid')); $user->check_account_ok(); $db->Query('DELETE FROM {searches} WHERE id = ? AND user_id = ?', array(Get::num('id'), $user->id)); }
box-shadow: 0 1px 1px #ddd; color: #565656; cursor: pointer; display: inline-block; font-family: sans-serif; font-size: 100%; font-weight: bold; line-height: 130%; padding: 8px 13px 8px 10px; text-decoration: none; ">Remove the folder ' . DIRECTORY_SEPARATOR . 'setup</a> before you start using Flyspray</p> '); } // Any "do" mode that accepts a task_id or id field should be added here. if (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) { if (Req::num('task_id')) { $result = $db->Query('SELECT project_id FROM {tasks} WHERE task_id = ?', array(Req::num('task_id'))); $project_id = $db->FetchOne($result); } } if (!isset($project_id)) { // Determine which project we want to see if (($project_id = Cookie::val('flyspray_project')) == '') { $project_id = $fs->prefs['default_project']; } $project_id = Req::val('project', Req::val('project_id', $project_id)); } $proj = new Project($project_id); # no more project cookie! #$proj->setCookie();
} elseif (Req::has('show') || Req::has('switch') && $do == 'details' || $do == 'newtask' && Req::val('project') == '0') { $do = 'index'; } elseif (Req::has('code')) { $_SESSION['oauth_provider'] = 'microsoft'; $do = 'oauth'; } elseif (Req::has('do') && Req::val('do') == 'tasklist') { $do = 'index'; } // supertask_id for add new sub-task $supertask_id = 0; if (Req::has('supertask')) { $supertask_id = Req::val('supertask'); } /* permission stuff */ if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { $user = new User(Cookie::val('flyspray_userid'), $proj); $user->check_account_ok(); $user->save_search($do); } else { $user = new User(0, $proj); } if (Get::val('getfile')) { // If a file was requested, deliver it $result = $db->Query("SELECT t.project_id,\n a.orig_name, a.file_name, a.file_type, t.*\n FROM {attachments} a\n INNER JOIN {tasks} t ON a.task_id = t.task_id\n WHERE attachment_id = ?", array(Get::val('getfile'))); $task = $db->FetchRow($result); list($proj_id, $orig_name, $file_name, $file_type) = $task; // Check if file exists, and user permission to access it! if (!is_file(BASEDIR . "/attachments/{$file_name}")) { header('HTTP/1.1 410 Gone'); echo 'File does not exist anymore.'; exit;
public function check_account_ok() { global $conf, $baseurl; // Anon users are always OK if ($this->isAnon()) { return; } $saltedpass = crypt($this->infos['user_pass'], $conf['general']['cookiesalt']); if (Cookie::val('flyspray_passhash') !== $saltedpass || !$this->infos['account_enabled'] || !$this->perms('group_open', 0)) { $this->logout(); Flyspray::Redirect($baseurl); } }
$project_id = Req::val('project', Req::val('project_id', $project_id)); } $proj = new Project($project_id); // reset do for default project level entry page if (!in_array($do, $modes)) { $do = $do ? Req::enum('do', $modes, $proj->prefs['default_entry']) : $proj->prefs['default_entry']; } $proj->setCookie(); $user = new User($uid = 0); // verify and initiate user $auth = new FlysprayAuth(); if (Post::val('user_name') && Post::has('password')) { $uid = $auth->checkLogin(Post::val('user_name'), Post::val('password')); if (is_array($uid)) { FlysprayDo::error($uid); } } else { if (Cookie::val('flyspray_userid') && $auth->checkCookie(Cookie::val('flyspray_userid'), Cookie::val('flyspray_passhash'))) { $uid = Cookie::val('flyspray_userid'); } } $user = new User($uid); // Load translations load_translations(); function debuglog($str) { $file = fopen("debug.log", "a+"); fwrite($file, $str . "\n"); fflush($file); fclose($file); }