$usr_id = Auth::getUserID(); $role_id = Auth::getCurrentRole(); $associated_projects = @array_keys(Project::getAssocList($usr_id)); $tpl = new Template_Helper(); $tpl->setTemplate('update.tpl.html'); $tpl->assign('user_prefs', Prefs::get($usr_id)); Auth::checkAuthentication(APP_COOKIE); $issue_id = @$_POST['issue_id'] ? $_POST['issue_id'] : @$_GET['id']; $tpl->assign('issue_id', $issue_id); $details = Issue::getDetails($issue_id); if ($details == '') { Misc::setMessage(ev_gettext('Error: The issue #%1$s could not be found.', $issue_id), Misc::MSG_ERROR); $tpl->displayTemplate(); exit; } Workflow::prePage($prj_id, 'update'); // check if the requested issue is a part of the 'current' project. If it doesn't // check if issue exists in another project and if it does, switch projects $iss_prj_id = Issue::getProjectID($issue_id); $auto_switched_from = false; if (!empty($iss_prj_id) && $iss_prj_id != $prj_id && in_array($iss_prj_id, $associated_projects)) { $cookie = Auth::getCookieInfo(APP_PROJECT_COOKIE); Auth::setCurrentProject($iss_prj_id, $cookie['remember'], true); $auto_switched_from = $iss_prj_id; $prj_id = $iss_prj_id; Misc::setMessage(ev_gettext('Note: Project automatically switched to "%1$s" from "%2$s".', Auth::getCurrentProjectName(), Project::getName($iss_prj_id))); } $tpl->assign('issue', $details); $tpl->assign('extra_title', ev_gettext('Update Issue #%1$s', $issue_id)); // in the case of a customer user, also need to check if that customer has access to this issue if ($role_id == User::getRoleID('customer') && (empty($details) || User::getCustomerID($usr_id) != $details['iss_customer_id']) || !Issue::canAccess($issue_id, $usr_id) || !($role_id > User::getRoleID('Reporter')) || !Issue::canUpdate($issue_id, $usr_id)) {
// +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('send.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $prj_id = Auth::getCurrentProject(); $usr_id = Auth::getUserID(); $issue_id = isset($_GET['issue_id']) ? (int) $_GET['issue_id'] : (isset($_POST['issue_id']) ? (int) $_POST['issue_id'] : null); $cat = isset($_POST['cat']) ? (string) $_POST['cat'] : (isset($_GET['cat']) ? (string) $_GET['cat'] : null); $tpl->assign('issue_id', $issue_id); if (!Issue::canAccess($issue_id, $usr_id)) { $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } Workflow::prePage($prj_id, 'send_email'); // since emails associated with issues are sent to the notification list, not the to: field, set the to field to be blank // this field should already be blank, but may also be unset. if ($issue_id) { $_POST['to'] = ''; } if ($cat == 'send_email') { $res = Support::sendEmailFromPost($_POST['parent_id']); $tpl->assign('send_result', $res); if (Access::canChangeStatus($issue_id, $usr_id) && isset($_POST['new_status']) && !empty($_POST['new_status'])) { $res = Issue::setStatus($issue_id, $_POST['new_status']); if ($res != -1) { $new_status = Status::getStatusTitle($_POST['new_status']); History::add($issue_id, $usr_id, 'status_changed', "Status changed to '{status}' by {user} when sending an email", array('status' => $new_status, 'user' => User::getFullName($usr_id))); } }
$tpl = new Template_Helper(); $tpl->setTemplate('post_note.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $prj_id = Auth::getCurrentProject(); $usr_id = Auth::getUserID(); $issue_id = isset($_GET['issue_id']) ? (int) $_GET['issue_id'] : (isset($_POST['issue_id']) ? (int) $_POST['issue_id'] : null); $cat = isset($_POST['cat']) ? (string) $_POST['cat'] : (isset($_GET['cat']) ? (string) $_GET['cat'] : null); $details = Issue::getDetails($issue_id); $tpl->assign('issue_id', $issue_id); $tpl->assign('issue', $details); if (!Issue::canAccess($issue_id, $usr_id) || Auth::getCurrentRole() <= User::getRoleID('Customer')) { $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } Workflow::prePage($prj_id, 'post_note'); if ($cat == 'post_result' && !empty($_GET['post_result'])) { $res = (int) $_GET['post_result']; $tpl->assign('post_result', $res); } elseif ($cat == 'post_note') { // change status $status = isset($_POST['new_status']) ? (int) $_POST['new_status'] : null; if ($status) { $res = Issue::setStatus($issue_id, $status); if ($res != -1) { $new_status = Status::getStatusTitle($status); History::add($issue_id, $usr_id, 'status_changed', "Status changed to '{status}' by {user} when sending a note", array('status' => $new_status, 'user' => User::getFullName($usr_id))); } } $res = Note::insertFromPost($usr_id, $issue_id); Issue_Field::updateValues($issue_id, 'post_note', @$_REQUEST['issue_field']);