function getWorkMovedFromSplittedStories($bugList, $date)
{
$t_sql = "SELECT sum(work_moved) AS total_work_moved \n\t\t\t\t\tFROM gadiv_rel_userstory_splitting_table \n\t\t\t\t\tWHERE old_userstory_id IN ( " . $bugList . " ) \n\t\t\t\t\tAND DATE LIKE " . db_param(0);
//TODO: . " GROUP BY"-> function is unused!
$t_params = array("%" . $this->getNormalDateFormat($date) . "%");
$userstories = $this->executeQuery($t_sql, $t_params);
return $userstories[0]['total_work_moved'];
}
/**
* @author Lennard Bredenkamp, BFE
* NOT USED AT THE MOMENT (loadRelations is used to load multiple relations instead)
* get single tts_relation object from DB
* @param $p_bug_id
* @param $tts_exec_id
* @return TTSrelation object
*/
static function loadRelation($p_bug_id, $tts_exec_id)
{
$t_project_table = plugin_table('project', 'TTSintegr');
$its_id = $p_bug_id;
$t_query = "SELECT * FROM {$t_project_table} WHERE its_id=" . db_param() . " AND tts_exec_id=" . db_param();
$t_result = db_query_bound($t_query, array($its_id, $tts_exec_id));
$t_row = db_fetch_array($t_result);
$t_relation = new TTSrelation($t_row['its_id'], $t_row['tts_exec_id'], $t_row['tts_tproject_id']);
return $t_relation;
}
function getNumberOfUserStories($project_id, $version)
{
$t_mantis_custom_field_string_table = db_get_table('mantis_custom_field_string_table');
$t_mantis_bug_table = db_get_table('mantis_bug_table');
$this->getAdditionalProjectFields();
$t_sql = "SELECT count(*) AS userstories \n\t\t\t\t\tFROM {$t_mantis_bug_table} \n\t\t\t\t\tINNER JOIN {$t_mantis_custom_field_string_table} ON id = bug_id \n\t\t\t\t\tWHERE project_id=" . db_param(0) . " \n\t\t\t\t\tAND target_version = " . db_param(1) . " \n\t\t\t\t\tAND status < 80 \n\t\t\t\t\tAND field_id=" . db_param(2) . " \n\t\t\t\t\tAND value != ''" . " \n\t\t\t\t\tGROUP BY field_id";
$t_params = array($project_id, $version, $this->pb);
$total = $this->executeQuery($t_sql, $t_params);
return 0 + $total[0]['userstories'];
}
function profile_exists($p_platform, $p_os, $p_os_build)
{
$t_user_profile_table = db_get_table('mantis_user_profile_table');
$query_where = 'platform = ' . db_param() . ' and os = ' . db_param() . ' and os_build = ' . db_param();
$query = "SELECT *\n\t\t\t\t FROM {$t_user_profile_table}\n\t\t\t\t WHERE {$query_where}\n\t\t\t\t ORDER BY platform, os, os_build LIMIT 0,1";
$result = db_query_bound($query, array($p_platform, $p_os, $p_os_build));
$result = db_fetch_array($result);
if ($result === false) {
return false;
}
return $result['id'];
}
function view_bug_attachment($p_event, $p_attachment)
{
//log_event( LOG_EMAIL_RECIPIENT, "event=$p_event params=".var_export($p_attachment, true) );
require_once MANTIS_CORE . '/database_api.php';
require_once MANTIS_CORE . '/user_api.php';
$t_query = 'SELECT user_id
FROM {bug_file}
WHERE id=' . db_param();
$t_db_result = db_query($t_query, array($p_attachment['id']), 1);
$t_name = user_get_name(db_result($t_db_result));
return ' <span class="underline">@' . $t_name . '</span>';
}
function bug_get_attachments($p_bug_id)
{
$c_bug_id = db_prepare_int($p_bug_id);
$t_bug_file_table = db_get_table('mantis_bug_file_table');
$query = "SELECT id, title, diskfile, filename, filesize, file_type, date_added, user_id\n FROM {$t_bug_file_table}\n WHERE bug_id=" . db_param() . "\n ORDER BY date_added";
$db_result = db_query_bound($query, array($c_bug_id));
$num_files = db_num_rows($db_result);
$t_result = array();
for ($i = 0; $i < $num_files; $i++) {
$t_result[] = db_fetch_array($db_result);
}
return $t_result;
}
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier or ALL_PROJECTS.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
db_param_push();
if (ALL_PROJECTS != $p_project_id) {
access_ensure_project_level(config_get('view_bug_threshold'), $p_project_id);
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_ids = user_get_all_accessible_projects();
$t_project_where = ' AND b.project_id in (' . implode(', ', $t_project_ids) . ')';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.project_id project_id, c.name bug_category, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt, {category} c
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id AND c.id=b.category_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
$t_access_level_required = config_get('time_tracking_view_threshold');
while ($t_row = db_fetch_array($t_result)) {
if (!access_has_bugnote_level($t_access_level_required, $t_row['id'])) {
continue;
}
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
public function create()
{
$t_issue_ext_table = plugin_table("issue");
# Insert the rest of the data
$query = "INSERT INTO {$t_issue_ext_table}\n\t\t\t\t\t ( project_id , issue_id, report_id, report_fingerprint,\n file_path, phone_model, phone_build, phone_brand,\n product_name, total_mem_size, available_mem_size, custom_data,\n initial_configuration, crash_configuration, display, user_comment,\n dumpsys_meminfo, dropbox, eventslog, radiolog,\n is_silent, device_id, installation_id, user_email,\n device_features, environment, settings_system, settings_secure,\n shared_preferences, android_version,app_version, crash_date,\n report_date, install_date\n\t\t\t\t\t )\n\t\t\t\t\t VALUES\n\t\t\t\t\t ( " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . db_param() . ',' . db_param() . ',' . db_param() . ',' . db_param() . ",\n\t\t\t\t\t " . 'now()' . ',' . db_param() . ')';
$t_display_errors = config_get_global('display_errors');
$t_on_error_handler = $t_display_errors[E_USER_ERROR];
$t_display_errors[E_USER_ERROR] = "none";
config_set_global('display_errors', $t_display_errors);
$t_result = db_query_bound($query, array($this->project_id, $this->issue_id, $this->report_id, $this->report_fingerprint, $this->file_path, $this->phone_model, $this->phone_build, $this->phone_brand, $this->product_name, $this->total_mem_size, $this->available_mem_size, $this->custom_data, $this->initial_configuration, $this->crash_configuration, $this->display, $this->user_comment, $this->dumpsys_meminfo, $this->dropbox, $this->eventslog, $this->radiolog, $this->is_silent, $this->device_id, $this->installation_id, $this->user_email, $this->device_features, $this->environment, $this->settings_system, $this->settings_secure, $this->shared_preferences, $this->android_version, $this->app_version, $this->crash_date . $this->report_date, $this->install_date));
$t_display_errors[E_USER_ERROR] = $t_on_error_handler;
config_set_global('display_errors', $t_display_errors);
if ($t_result === false) {
return false;
}
$this->id = db_insert_id($t_issue_ext_table);
return true;
}
/**
* Gets the billing information for the specified project during the specified date range.
*
* @param integer $p_project_id A project identifier.
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param integer $p_cost_per_hour Cost per hour.
* @return array array of bugnotes
* @access public
*/
function billing_get_for_project($p_project_id, $p_from, $p_to, $p_cost_per_hour)
{
$t_params = array();
$c_to = strtotime($p_to) + SECONDS_PER_DAY - 1;
$c_from = strtotime($p_from);
if ($c_to === false || $c_from === false) {
error_parameters(array($p_from, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
if (ALL_PROJECTS != $p_project_id) {
$t_project_where = ' AND b.project_id = ' . db_param() . ' AND bn.bug_id = b.id ';
$t_params[] = $p_project_id;
} else {
$t_project_where = '';
}
if (!is_blank($c_from)) {
$t_from_where = ' AND bn.date_submitted >= ' . db_param();
$t_params[] = $c_from;
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = ' AND bn.date_submitted <= ' . db_param();
$t_params[] = $c_to;
} else {
$t_to_where = '';
}
$t_results = array();
$t_query = 'SELECT bn.id id, bn.time_tracking minutes, bn.date_submitted as date_submitted, bnt.note note,
u.realname realname, b.summary bug_summary, bn.bug_id bug_id, bn.reporter_id reporter_id
FROM {user} u, {bugnote} bn, {bug} b, {bugnote_text} bnt
WHERE u.id = bn.reporter_id AND bn.time_tracking != 0 AND bn.bug_id = b.id AND bnt.id = bn.bugnote_text_id
' . $t_project_where . $t_from_where . $t_to_where . '
ORDER BY bn.id';
$t_result = db_query($t_query, $t_params);
$t_cost_per_min = $p_cost_per_hour / 60.0;
while ($t_row = db_fetch_array($t_result)) {
$t_total_cost = $t_cost_per_min * $t_row['minutes'];
$t_row['cost'] = $t_total_cost;
$t_results[] = $t_row;
}
$t_billing_rows = billing_rows_to_array($t_results);
return $t_billing_rows;
}
/**
* updates DB with new value
* @param int $backlog
* @throw exception on failure
*/
public function setBacklog($backlog)
{
$old_backlog = NULL;
$query = "SELECT value FROM codev_config_table WHERE config_id = " . db_param();
$result = db_query($query, array(IssueMantisPluginHelper::id_customField_backlog));
$row = db_fetch_array($result);
if ($row) {
$backlogCustomField = $row['value'];
} else {
$backlogCustomField = 0;
}
// TODO should be done only once...
$query = "SELECT name FROM mantis_custom_field_table WHERE id = " . db_param();
$result = db_query($query, array($backlogCustomField));
$row = db_fetch_array($result);
if ($row) {
$field_name = $row['name'];
} else {
$field_name = "Backlog (BL)";
}
// check if backlog already defined for this issue
$query = "SELECT value FROM `mantis_custom_field_string_table` WHERE bug_id=" . db_param() . " AND field_id = " . db_param();
$result = db_query($query, array($this->id, $backlogCustomField));
$row = db_fetch_array($result);
if ($row) {
$old_backlog = $row['value'];
$query2 = "UPDATE mantis_custom_field_string_table SET value = " . db_param() . " WHERE bug_id=" . db_param() . " AND field_id = " . db_param();
$result2 = db_query($query2, array($backlog, $this->id, $backlogCustomField));
} else {
$old_backlog = '';
$query2 = "INSERT INTO mantis_custom_field_string_table (`field_id`, `bug_id`, `value`) VALUES (" . db_param() . ", " . db_param() . ", " . db_param() . ")";
$result2 = db_query($query2, array($backlogCustomField, $this->id, $backlog));
}
// Add to history
if ("{$old_backlog}" != "{$backlog}") {
$userid = current_user_get_field('id');
$now = time();
$query = "INSERT INTO mantis_bug_history_table (`user_id`, `bug_id`, `field_name`, `old_value`, `new_value`, `type`, `date_modified`) " . "VALUES (" . db_param() . "," . db_param() . "," . db_param() . ", " . db_param() . ", " . db_param() . ", " . db_param() . ", " . db_param() . ")";
$result = db_query($query, array($userid, $this->id, $field_name, $old_backlog, $backlog, 0, $now));
}
// no need to update lastUpdated field
}
function print_users_in_group_option_list($usergroup_id)
{
if (plugin_config_get('assign_to_groups', '') == 1 && plugin_config_get('assign_group_threshold', '') <= user_get_access_level(auth_get_current_user_id())) {
$show_groups = 1;
} else {
$show_groups = 0;
}
$t_table_users = plugin_table('users');
$t_user_table = db_get_table('mantis_user_table');
$query = "SELECT * FROM (";
$query .= " SELECT u.id, u.username, u.realname, ug.group_user_id";
$query .= " FROM {$t_user_table} AS u";
$query .= " LEFT JOIN {$t_table_users} AS ug ON (u.id=ug.user)";
//if( plugin_config_get('assign_to_groups', '') == 0 || plugin_config_get('assign_group_threshold','') > user_get_access_level( auth_get_current_user_id() ) )
if ($show_groups == 0) {
$query .= " WHERE u.username NOT LIKE " . db_param();
}
$query .= ") AS t1 WHERE group_user_id=" . db_param() . " OR group_user_id IS NULL ORDER BY username ASC";
if ($show_groups == 0) {
$result = db_query_bound($query, array(plugin_config_get('group_prefix') . '%', (int) $usergroup_id));
} else {
$result = db_query_bound($query, array((int) $usergroup_id));
}
$count = db_num_rows($result);
for ($i = 0; $i < $count; $i++) {
$row = db_fetch_array($result);
if ($row['id'] == $usergroup_id) {
continue;
//usergroup must not be nested with itself
}
echo '<option value="' . $row['id'] . '" ';
if (!is_null($row['group_user_id'])) {
echo 'selected="selected"';
} else {
echo '';
}
echo '>' . $row['username'] . '</option>';
}
}
/**
* Get list of affected issues between a given time period
* @param integer $p_start_time Timestamp representing start time of the period.
* @param integer $p_end_time Timestamp representing end time of the period.
* @return array
*/
function timeline_get_affected_issues($p_start_time, $p_end_time)
{
$t_query = 'SELECT DISTINCT(bug_id) from {bug_history} WHERE date_modified >= ' . db_param() . ' AND date_modified < ' . db_param();
$t_result = db_query($t_query, array($p_start_time, $p_end_time));
$t_current_project = helper_get_current_project();
$t_all_issue_ids = array();
while (($t_row = db_fetch_array($t_result)) !== false) {
$t_all_issue_ids[] = $t_row['bug_id'];
}
bug_cache_array_rows($t_all_issue_ids);
$t_issue_ids = array();
foreach ($t_all_issue_ids as $t_issue_id) {
if ($t_current_project != ALL_PROJECTS && $t_current_project != bug_get_field($t_issue_id, 'project_id')) {
continue;
}
if (!access_has_bug_level(config_get('view_bug_threshold'), $t_issue_id)) {
continue;
}
$t_issue_ids[] = $t_issue_id;
}
return $t_issue_ids;
}
function print_bug_attachments_list($p_bug_id)
{
$t_attachments = file_get_visible_attachments($p_bug_id);
$t_attachments_count = count($t_attachments);
$i = 0;
$image_previewed = false;
foreach ($t_attachments as $t_attachment) {
$t_file_display_name = string_display_line($t_attachment['display_name']);
$t_filesize = number_format($t_attachment['size']);
$t_date_added = date(config_get('normal_date_format'), $t_attachment['date_added']);
if ($image_previewed) {
$image_previewed = false;
echo '<br />';
}
if ($t_attachment['can_download']) {
$t_href_start = '<a href="' . string_attribute($t_attachment['download_url']) . '">';
$t_href_end = '</a>';
$t_href_clicket = " [<a href=\"file_download.php?file_id={$t_attachment['id']}&type=bug\" target=\"_blank\">^</a>]";
} else {
$t_href_start = '';
$t_href_end = '';
$t_href_clicket = '';
}
if (!$t_attachment['exists']) {
print_file_icon($t_file_display_name);
echo ' <span class="strike">' . $t_file_display_name . '</span>' . lang_get('word_separator') . '(' . lang_get('attachment_missing') . ')';
} else {
echo $t_href_start;
print_file_icon($t_file_display_name);
echo $t_href_end . ' ' . $t_href_start . $t_file_display_name . $t_href_end . $t_href_clicket . ' (' . $t_filesize . ' ' . lang_get('bytes') . ') ' . '<span class="italic">' . $t_date_added . '</span>';
}
if ($t_attachment['can_delete']) {
echo ' [';
print_link('bug_file_delete.php?file_id=' . $t_attachment['id'] . form_security_param('bug_file_delete'), lang_get('delete_link'), false, 'small');
echo ']';
}
if ($t_attachment['exists']) {
if (FTP == config_get('file_upload_method') && $t_attachment['exists']) {
echo ' (' . lang_get('cached') . ')';
}
if ($t_attachment['preview'] && $t_attachment['type'] == 'text') {
$c_id = db_prepare_int($t_attachment['id']);
$t_bug_file_table = db_get_table('mantis_bug_file_table');
echo "<script type=\"text/javascript\" language=\"JavaScript\">\n<!--\nfunction swap_content( span ) {\ndisplayType = ( document.getElementById( span ).style.display == 'none' ) ? '' : 'none';\ndocument.getElementById( span ).style.display = displayType;\n}\n\n -->\n </script>";
echo " <span id=\"hideSection_{$c_id}\">[<a class=\"small\" href='#' id='attmlink_" . $c_id . "' onclick='swap_content(\"hideSection_" . $c_id . "\");swap_content(\"showSection_" . $c_id . "\");return false;'>" . lang_get('show_content') . "</a>]</span>";
echo " <span style='display:none' id=\"showSection_{$c_id}\">[<a class=\"small\" href='#' id='attmlink_" . $c_id . "' onclick='swap_content(\"hideSection_" . $c_id . "\");swap_content(\"showSection_" . $c_id . "\");return false;'>" . lang_get('hide_content') . "</a>]";
echo "<pre>";
/** @todo Refactor into a method that gets contents for download / preview. */
switch (config_get('file_upload_method')) {
case DISK:
if ($t_attachment['exists']) {
$v_content = file_get_contents($t_attachment['diskfile']);
}
break;
case FTP:
if (file_exists($t_attachment['exists'])) {
file_get_contents($t_attachment['diskfile']);
} else {
$ftp = file_ftp_connect();
file_ftp_get($ftp, $t_attachment['diskfile'], $t_attachment['diskfile']);
file_ftp_disconnect($ftp);
$v_content = file_get_contents($t_attachment['diskfile']);
}
break;
default:
$query = "SELECT *\n\t \t\t\t\t\tFROM {$t_bug_file_table}\n\t\t\t\t \t\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_id));
$row = db_fetch_array($result);
$v_content = $row['content'];
}
echo htmlspecialchars($v_content);
echo "</pre></span>\n";
}
if ($t_attachment['can_download'] && $t_attachment['preview'] && $t_attachment['type'] == 'image') {
$t_preview_style = 'border: 0;';
$t_max_width = config_get('preview_max_width');
if ($t_max_width > 0) {
$t_preview_style .= ' max-width:' . $t_max_width . 'px;';
}
$t_max_height = config_get('preview_max_height');
if ($t_max_height > 0) {
$t_preview_style .= ' max-height:' . $t_max_height . 'px;';
}
$t_preview_style = 'style="' . $t_preview_style . '"';
$t_title = file_get_field($t_attachment['id'], 'title');
$t_image_url = $t_attachment['download_url'] . '&show_inline=1' . form_security_param('file_show_inline');
echo "\n<br />{$t_href_start}<img alt=\"{$t_title}\" {$t_preview_style} src=\"{$t_image_url}\" />{$t_href_end}";
$image_previewed = true;
}
}
if ($i != $t_attachments_count - 1) {
echo "<br />\n";
$i++;
}
}
}
/**
* Note: any changes made in this function should be reflected in
* mci_filter_db_get_available_queries())
* @param integer $p_project_id A valid project identifier.
* @param integer $p_user_id A valid user identifier.
* @return mixed
*/
function filter_db_get_available_queries($p_project_id = null, $p_user_id = null)
{
$t_overall_query_arr = array();
if (null === $p_project_id) {
$t_project_id = helper_get_current_project();
} else {
$t_project_id = (int) $p_project_id;
}
if (null === $p_user_id) {
$t_user_id = auth_get_current_user_id();
} else {
$t_user_id = (int) $p_user_id;
}
# If the user doesn't have access rights to stored queries, just return
if (!access_has_project_level(config_get('stored_query_use_threshold'))) {
return $t_overall_query_arr;
}
# Get the list of available queries. By sorting such that public queries are
# first, we can override any query that has the same name as a private query
# with that private one
$t_query = 'SELECT * FROM {filters}
WHERE (project_id=' . db_param() . '
OR project_id=0)
AND name!=\'\'
AND (is_public = ' . db_param() . '
OR user_id = ' . db_param() . ')
ORDER BY is_public DESC, name ASC';
$t_result = db_query($t_query, array($t_project_id, true, $t_user_id));
while ($t_row = db_fetch_array($t_result)) {
$t_overall_query_arr[$t_row['id']] = $t_row['name'];
}
$t_overall_query_arr = array_unique($t_overall_query_arr);
asort($t_overall_query_arr);
return $t_overall_query_arr;
}
/**
* delete all preferences for a project for all users (part of deleting the project)
* returns true if the prefs were successfully deleted
*
* It is far more efficient to delete them all in one query than to
* call user_pref_delete() for each one and the code is short so that's
* what we do
* @param $p_project_id
* @return true
*/
function user_pref_delete_project( $p_project_id ) {
$c_project_id = db_prepare_int( $p_project_id );
$t_user_pref_table = db_get_table( 'user_pref' );
$query = 'DELETE FROM ' . $t_user_pref_table . ' WHERE project_id=' . db_param();
db_query_bound( $query, Array( $c_project_id ) );
# db_query errors on failure so:
return true;
}
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
require_api('utility_api.php');
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled() || !file_allow_project_upload()) {
access_denied();
}
$f_file_id = gpc_get_int('file_id');
$c_file_id = db_prepare_int($f_file_id);
$t_project_id = file_get_field($f_file_id, 'project_id', 'project');
access_ensure_project_level(config_get('upload_project_file_threshold'), $t_project_id);
$t_proj_file_table = db_get_table('project_file');
$query = "SELECT *\n\t\tFROM {$t_proj_file_table}\n\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_file_id));
$row = db_fetch_array($result);
extract($row, EXTR_PREFIX_ALL, 'v');
$v_title = string_attribute($v_title);
$v_description = string_textarea($v_description);
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
html_page_top();
?>
<br />
<div>
<form method="post" enctype="multipart/form-data" action="proj_doc_update.php">
<?php
echo form_security_field('proj_doc_update');
?>
/**
* check if there is a relationship between two bugs
* return id if found 0 otherwise
* @param integer $p_src_bug_id Source bug identifier.
* @param integer $p_dest_bug_id Destination bug identifier.
* @return integer Relationship ID
*/
function relationship_exists($p_src_bug_id, $p_dest_bug_id)
{
$c_src_bug_id = (int) $p_src_bug_id;
$c_dest_bug_id = (int) $p_dest_bug_id;
$t_query = 'SELECT * FROM {bug_relationship}
WHERE (source_bug_id=' . db_param() . ' AND destination_bug_id=' . db_param() . ')
OR
(source_bug_id=' . db_param() . '
AND destination_bug_id=' . db_param() . ')';
$t_result = db_query($t_query, array($c_src_bug_id, $c_dest_bug_id, $c_dest_bug_id, $c_src_bug_id), 1);
if ($t_row = db_fetch_array($t_result)) {
# return the first id
return $t_row['id'];
} else {
# no relationship found
return 0;
}
}
/**
* Persist a user object to the database. If the user object contains a blank
* username, then delete any existing data from the database to minimize storage.
*/
function save()
{
$t_user_table = plugin_table('user', 'Source');
# handle new objects
if ($this->new) {
if (is_blank($this->username)) {
# do nothing
return;
} else {
# insert new entry
$t_query = "INSERT INTO {$t_user_table} ( user_id, username ) VALUES (" . db_param() . ', ' . db_param() . ')';
db_query_bound($t_query, array($this->user_id, $this->username));
$this->new = false;
}
# handle loaded objects
} else {
if (is_blank($this->username)) {
# delete existing entry
$t_query = "DELETE FROM {$t_user_table} WHERE user_id=" . db_param();
db_query_bound($t_query, array($this->user_id));
} else {
# update existing entry
$t_query = "UPDATE {$t_user_table} SET username=" . db_param() . ' WHERE user_id=' . db_param();
db_query_bound($t_query, array($this->username, $this->user_id));
}
}
}
$t_prefs_arr[$i] = 0;
} else {
$t_prefs_arr[$i] = 1;
}
}
# get user id
$t_user_id = $f_user_id;
$c_export = implode('',$t_prefs_arr);
# update preferences
$t_user_print_pref_table = db_get_table( 'user_print_pref' );
$query = "UPDATE $t_user_print_pref_table
SET print_pref=" . db_param() . "
WHERE user_id=" . db_param();
$result = db_query_bound( $query, Array( $c_export, $t_user_id ) );
form_security_purge( 'print_all_bug_options_update' );
html_page_top( null, $f_redirect_url );
echo '<br /><div>';
if ( $result ) {
print lang_get( 'operation_successful' );
} else {
print error_string( ERROR_GENERIC );
}
function cfdef_prepare_list_distinct_values($p_field_def)
{
$t_custom_field_table = db_get_table('custom_field');
$query = "SELECT possible_values\n\t\t\t FROM {$t_custom_field_table}\n\t\t\t WHERE id=" . db_param();
$result = db_query_bound($query, array($p_field_def['id']));
$t_row_count = db_num_rows($result);
if (0 == $t_row_count) {
return false;
}
$row = db_fetch_array($result);
$t_possible_values = custom_field_prepare_possible_values($row['possible_values']);
$t_values_arr = explode('|', $t_possible_values);
$t_return_arr = array();
foreach ($t_values_arr as $t_option) {
array_push($t_return_arr, $t_option);
}
return $t_return_arr;
}
/**
* Retrieve a list of changes to a bug of the same type as the
* given revision ID.
* @param int $p_rev_id Revision ID
* @return array|null Array of Revision rows
*/
function bug_revision_like( $p_rev_id ) {
$t_bug_rev_table = db_get_table( 'bug_revision' );
$t_query = "SELECT bug_id, bugnote_id, type FROM $t_bug_rev_table WHERE id=" . db_param();
$t_result = db_query_bound( $t_query, array( $p_rev_id ) );
if ( db_num_rows( $t_result ) < 1 ) {
trigger_error( ERROR_BUG_REVISION_NOT_FOUND, ERROR );
}
$t_row = db_fetch_array( $t_result );
$t_bug_id = $t_row['bug_id'];
$t_bugnote_id = $t_row['bugnote_id'];
$t_type = $t_row['type'];
$t_params = array( $t_bug_id );
$t_query = "SELECT * FROM $t_bug_rev_table
WHERE bug_id=" . db_param();
if ( REV_ANY < $t_type ) {
$t_query .= ' AND type=' . db_param();
$t_params[] = $t_type;
}
if ( $t_bugnote_id > 0 ) {
$t_query .= ' AND bugnote_id=' . db_param();
$t_params[] = $t_bugnote_id;
} else {
$t_query .= ' AND bugnote_id=0';
}
$t_query .= ' ORDER BY timestamp ASC';
$t_result = db_query_bound( $t_query, $t_params );
$t_revisions = array();
while( $t_row = db_fetch_array( $t_result ) ) {
$t_revisions[$t_row['id']] = $t_row;
}
return $t_revisions;
}
/**
* A helper function to compare two dates against a certain number of days
* @param $p_date1_id_or_column
* @param $p_date2_id_or_column
* @param $p_limitstring
* @return string returns database query component to compare dates
* @todo Check if there is a way to do that using ADODB rather than implementing it here.
*/
function db_helper_compare_days($p_date1_id_or_column, $p_date2_id_or_column, $p_limitstring)
{
$t_db_type = config_get_global('db_type');
$p_date1 = $p_date1_id_or_column;
$p_date2 = $p_date2_id_or_column;
if (is_int($p_date1_id_or_column)) {
$p_date1 = db_param();
}
if (is_int($p_date2_id_or_column)) {
$p_date2 = db_param();
}
return '((' . $p_date1 . ' - ' . $p_date2 . ')' . $p_limitstring . ')';
}
?>
</td>
<td class="right"><?php
echo sponsorship_format_amount($t_total_paid);
?>
</td>
<td colspan="2"></td>
</tr>
</table>
</div>
<?php
}
# end sponsored issues
$t_query = 'SELECT b.id as bug, s.id as sponsor, s.paid, b.project_id, b.fixed_in_version, b.status
FROM {bug} b, {sponsorship} s
WHERE b.handler_id=' . db_param() . ' AND s.bug_id = b.id ' . ($t_show_all ? '' : 'AND ( b.status < ' . db_param() . ' OR s.paid < ' . SPONSORSHIP_PAID . ')') . '
AND ' . $t_project_clause . '
ORDER BY s.paid ASC, b.project_id ASC, b.fixed_in_version ASC, b.status ASC, b.id DESC';
$t_result = db_query($t_query, $t_show_all ? array($t_user) : array($t_user, $t_resolved));
$t_sponsors = array();
while ($t_row = db_fetch_array($t_result)) {
$t_sponsors[] = $t_row;
}
$t_sponsor_count = count($t_sponsors);
if ($t_sponsor_count === 0) {
echo '<p>' . lang_get('no_sponsored') . '</p>';
} else {
?>
<!-- # Edit sponsorship Form BEGIN -->
<br />
/**
* Set the user's password to the given string, encoded as appropriate
*
* @param integer $p_user_id A valid user identifier.
* @param string $p_password A password to set.
* @param boolean $p_allow_protected Whether Allow password change to a protected account. This defaults to false.
* @return boolean always true
*/
function user_set_password($p_user_id, $p_password, $p_allow_protected = false)
{
if (!$p_allow_protected) {
user_ensure_unprotected($p_user_id);
}
# When the password is changed, invalidate the cookie to expire sessions that
# may be active on all browsers.
$c_cookie_string = auth_generate_unique_cookie_string();
$c_password = auth_process_plain_password($p_password);
$t_query = 'UPDATE {user}
SET password='******', cookie_string=' . db_param() . '
WHERE id=' . db_param();
db_query($t_query, array($c_password, $c_cookie_string, (int) $p_user_id));
return true;
}
/**
* retrieves and returns access matrix for a user from cache or caching if required.
* @param int $p_user_id integer representing user id
* @return array returns an array of projects->accesslevel for the given user
* @access private
*/
function access_cache_matrix_user($p_user_id)
{
global $g_cache_access_matrix, $g_cache_access_matrix_user_ids;
if (!in_array((int) $p_user_id, $g_cache_access_matrix_user_ids)) {
$t_project_user_list_table = db_get_table('project_user_list');
$t_query = "SELECT project_id, access_level\n\t\t\t\t\t FROM {$t_project_user_list_table}\n\t\t\t\t\t WHERE user_id=" . db_param();
$t_result = db_query_bound($t_query, array((int) $p_user_id));
# make sure we always have an array to return
$g_cache_access_matrix[(int) $p_user_id] = array();
while ($t_row = db_fetch_array($t_result)) {
$g_cache_access_matrix[(int) $p_user_id][(int) $t_row['project_id']] = (int) $t_row['access_level'];
}
$g_cache_access_matrix_user_ids[] = (int) $p_user_id;
}
return $g_cache_access_matrix[(int) $p_user_id];
}
function news_get_limited_rows($p_offset, $p_project_id = null)
{
if ($p_project_id === null) {
$p_project_id = helper_get_current_project();
}
$c_offset = db_prepare_int($p_offset);
$t_projects = current_user_get_all_accessible_subprojects($p_project_id);
$t_projects[] = (int) $p_project_id;
if (ALL_PROJECTS != $p_project_id) {
$t_projects[] = ALL_PROJECTS;
}
$t_news_table = db_get_table('mantis_news_table');
$t_news_view_limit = config_get('news_view_limit');
$t_news_view_limit_days = config_get('news_view_limit_days') * SECONDS_PER_DAY;
switch (config_get('news_limit_method')) {
case 0:
# BY_LIMIT - Select the news posts
$query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table}";
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$query .= " WHERE project_id='{$c_project_id}'";
} else {
$query .= ' WHERE project_id IN (' . join($t_projects, ',') . ')';
}
$query .= ' ORDER BY announcement DESC, id DESC';
$result = db_query($query, $t_news_view_limit, $c_offset);
break;
case 1:
# BY_DATE - Select the news posts
$query = "SELECT *\n\t\t\t\t\t\tFROM {$t_news_table} WHERE\n\t\t\t\t\t\t( " . db_helper_compare_days(0, 'date_posted', "< {$t_news_view_limit_days}") . "\n\t\t\t\t\t\t OR announcement = " . db_param() . " ) ";
$t_params = array(db_now(), 1);
if (1 == count($t_projects)) {
$c_project_id = $t_projects[0];
$query .= " AND project_id=" . db_param();
$t_params[] = $c_project_id;
} else {
$query .= ' AND project_id IN (' . join($t_projects, ',') . ')';
}
$query .= " ORDER BY announcement DESC, id DESC";
$result = db_query_bound($query, $t_params, $t_news_view_limit, $c_offset);
break;
}
# end switch
$t_row_count = db_num_rows($result);
$t_rows = array();
for ($i = 0; $i < $t_row_count; $i++) {
$row = db_fetch_array($result);
array_push($t_rows, $row);
}
return $t_rows;
}
/**
* Prints the preview of a text file attachment.
* @param array $p_attachment An attachment arrray from within the array returned by the file_get_visible_attachments() function
*/
function print_bug_attachment_preview_text($p_attachment)
{
if (!$p_attachment['exists']) {
return;
}
echo "\n<pre class=\"bug-attachment-preview-text\">";
switch (config_get('file_upload_method')) {
case DISK:
if (file_exists($p_attachment['diskfile'])) {
$t_content = file_get_contents($p_attachment['diskfile']);
}
break;
case FTP:
if (file_exists($p_attachment['diskfile'])) {
$t_content = file_get_contents($p_attachment['diskfile']);
} else {
$t_ftp = file_ftp_connect();
file_ftp_get($t_ftp, $p_attachment['diskfile'], $p_attachment['diskfile']);
file_ftp_disconnect($t_ftp);
if (file_exists($p_attachment['diskfile'])) {
$t_content = file_get_contents($p_attachment['diskfile']);
}
}
break;
default:
$t_bug_file_table = db_get_table('bug_file');
$c_attachment_id = db_prepare_int($p_attachment['id']);
$t_query = "SELECT * FROM {$t_bug_file_table} WHERE id=" . db_param();
$t_result = db_query_bound($t_query, array($c_attachment_id));
$t_row = db_fetch_array($t_result);
$t_content = $t_row['content'];
}
echo htmlspecialchars($t_content);
echo '</pre>';
}
/**
* Prints the preview of a text file attachment.
* @param array $p_attachment An attachment array from within the array returned by the file_get_visible_attachments() function.
* @return void
*/
function print_bug_attachment_preview_text(array $p_attachment)
{
if (!$p_attachment['exists']) {
return;
}
echo "\n<pre class=\"bug-attachment-preview-text\">";
switch (config_get('file_upload_method')) {
case DISK:
if (file_exists($p_attachment['diskfile'])) {
$t_content = file_get_contents($p_attachment['diskfile']);
}
break;
case DATABASE:
$t_query = 'SELECT * FROM {bug_file} WHERE id=' . db_param();
$t_result = db_query($t_query, array((int) $p_attachment['id']));
$t_row = db_fetch_array($t_result);
$t_content = $t_row['content'];
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
echo htmlspecialchars($t_content);
echo '</pre>';
}
* @uses print_api.php
*/
/** @ignore */
define('PLUGINS_DISABLED', true);
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
form_security_validate('manage_plugin_update');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_plugin_threshold'));
$t_plugin_table = db_get_table('plugin');
$t_query = "SELECT basename FROM {$t_plugin_table}";
$t_result = db_query_bound($t_query);
while ($t_row = db_fetch_array($t_result)) {
$t_basename = $t_row['basename'];
$f_change = gpc_get_bool('change_' . $t_basename, 0);
if (!$f_change) {
continue;
}
$f_priority = gpc_get_int('priority_' . $t_basename, 3);
$f_protected = gpc_get_bool('protected_' . $t_basename, 0);
$t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param();
db_query_bound($t_query, array($f_priority, $f_protected, $t_basename));
}
form_security_purge('manage_plugin_update');
print_successful_redirect('manage_plugin_page.php');
/**
* Purge all expired tokens.
* @param integer Token type
* @return always true.
*/
function token_purge_expired($p_token_type = null)
{
global $g_tokens_purged;
$t_tokens_table = db_get_table('mantis_tokens_table');
$t_query = "DELETE FROM {$t_tokens_table} WHERE " . db_param() . " > expiry";
if (!is_null($p_token_type)) {
$c_token_type = db_prepare_int($p_token_type);
$t_query .= " AND type=" . db_param();
db_query_bound($t_query, array(db_now(), $c_token_type));
} else {
db_query_bound($t_query, array(db_now()));
}
$g_tokens_purged = true;
return true;
}
