# # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: manage_proj_cat_delete.php,v 1.23.2.1 2007-10-13 22:33:31 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'category_api.php'; form_security_validate('manage_proj_cat_delete'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_category = gpc_get_string('category'); access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); # Confirm with the user helper_ensure_confirmed(lang_get('category_delete_sure_msg') . '<br/>' . lang_get('category') . ': ' . $f_category, lang_get('delete_category_button')); category_remove($f_project_id, $f_category); form_security_purge('manage_proj_cat_delete'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top1(); html_meta_redirect($t_redirect_url); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div>
require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); require_api('user_api.php'); form_security_validate('manage_proj_user_remove'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id', 0); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); if (0 == $f_user_id) { # Confirm with the user helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button')); project_remove_all_users($f_project_id, access_get_project_level($f_project_id)); } else { # Don't allow removal of users from the project who have a higher access level than the current user access_ensure_project_level(access_get_project_level($f_project_id, $f_user_id), $f_project_id); $t_user = user_get_row($f_user_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('username_label') . lang_get('word_separator') . $t_user['username'], lang_get('remove_user_button')); project_remove_user($f_project_id, $f_user_id); } form_security_purge('manage_proj_user_remove'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top(null, $t_redirect_url); html_operation_successful($t_redirect_url); html_page_bottom();
*/ require_once 'core.php'; require_once 'news_api.php'; require_once 'string_api.php'; news_ensure_enabled(); $f_news_id = gpc_get_int('news_id'); $f_action = gpc_get_string('action', ''); # If deleting item redirect to delete script if ('delete' == $f_action) { form_security_validate('news_delete'); $row = news_get_row($f_news_id); # This check is to allow deleting of news items that were left orphan due to bug #3723 if (project_exists($row['project_id'])) { access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']); } helper_ensure_confirmed(lang_get('delete_news_sure_msg'), lang_get('delete_news_item_button')); news_delete($f_news_id); form_security_purge('news_delete'); print_header_redirect('news_menu_page.php', true); } # Retrieve news item data and prefix with v_ $row = news_get_row($f_news_id); if ($row) { extract($row, EXTR_PREFIX_ALL, 'v'); } access_ensure_project_level(config_get('manage_news_threshold'), $v_project_id); $v_headline = string_attribute($v_headline); $v_body = string_textarea($v_body); html_page_top(lang_get('edit_news_title')); # Edit News Form BEGIN ?>
<?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details # -------------------------------------------------------- # $Id: bug_delete.php,v 1.40 2005/07/25 16:34:10 thraxisp Exp $ # -------------------------------------------------------- # Deletes the bug and re-directs to view_all_bug_page.php require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'bug_api.php'; $f_bug_id = gpc_get_int('bug_id'); access_ensure_bug_level(config_get('delete_bug_threshold'), $f_bug_id); $t_bug = bug_get($f_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } helper_ensure_confirmed(lang_get('delete_bug_sure_msg'), lang_get('delete_bug_button')); $t_bug = bug_get($f_bug_id, true); helper_call_custom_function('issue_delete_validate', array($f_bug_id)); bug_delete($f_bug_id); helper_call_custom_function('issue_delete_notify', array($f_bug_id)); print_successful_redirect('view_all_bug_page.php');
* @uses print_api.php * @uses project_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('manage_user_proj_delete'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id'); user_ensure_exists($f_user_id); $t_user = user_get_row($f_user_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); access_ensure_project_level($t_user['access_level'], $f_project_id); $t_project_name = project_get_name($f_project_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('project_name_label') . lang_get('word_separator') . $t_project_name, lang_get('remove_user_button')); project_remove_user($f_project_id, $f_user_id); form_security_purge('manage_user_proj_delete'); $t_redirect_url = 'manage_user_edit_page.php?user_id=' . $f_user_id; html_page_top(null, $t_redirect_url); html_operation_successful($t_redirect_url); html_page_bottom();
} $t_bug = bug_get($f_src_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } # check if there is other relationship between the bugs... $t_old_id_relationship = relationship_same_type_exists($f_src_bug_id, $f_dest_bug_id, $f_rel_type); if ($t_old_id_relationship == -1) { # the relationship type is exactly the same of the new one. No sense to proceed trigger_error(ERROR_RELATIONSHIP_ALREADY_EXISTS, ERROR); } else { if ($t_old_id_relationship > 0) { # there is already a relationship between them -> we have to update it and not to add a new one helper_ensure_confirmed(lang_get('replace_relationship_sure_msg'), lang_get('replace_relationship_button')); # Update the relationship relationship_update($t_old_id_relationship, $f_src_bug_id, $f_dest_bug_id, $f_rel_type); # Add log line to the history (both bugs) history_log_event_special($f_src_bug_id, BUG_REPLACE_RELATIONSHIP, $f_rel_type, $f_dest_bug_id); history_log_event_special($f_dest_bug_id, BUG_REPLACE_RELATIONSHIP, relationship_get_complementary_type($f_rel_type), $f_src_bug_id); } else { # Add the new relationship relationship_add($f_src_bug_id, $f_dest_bug_id, $f_rel_type); # Add log line to the history (both bugs) history_log_event_special($f_src_bug_id, BUG_ADD_RELATIONSHIP, $f_rel_type, $f_dest_bug_id); history_log_event_special($f_dest_bug_id, BUG_ADD_RELATIONSHIP, relationship_get_complementary_type($f_rel_type), $f_src_bug_id); } } # update bug last updated (just for the src bug) bug_update_date($f_src_bug_id);
<?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details # -------------------------------------------------------- # $Id: manage_user_delete.php,v 1.30 2004/12/14 20:37:07 marcelloscata Exp $ # -------------------------------------------------------- require_once 'core.php'; access_ensure_global_level(config_get('manage_user_threshold')); $f_user_id = gpc_get_int('user_id'); $t_user = user_get_row($f_user_id); helper_ensure_confirmed(lang_get('delete_account_sure_msg') . '<br/>' . lang_get('username') . ': ' . $t_user['username'], lang_get('delete_account_button')); user_delete($f_user_id); $t_redirect_url = 'manage_user_page.php'; html_page_top1(); html_meta_redirect($t_redirect_url); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div> <?php
# GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: manage_user_proj_delete.php,v 1.20.2.1 2007-10-13 22:33:56 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; # helper_ensure_post(); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id'); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); $t_project_name = project_get_name($f_project_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('project_name') . ': ' . $t_project_name, lang_get('remove_user_button')); $result = project_remove_user($f_project_id, $f_user_id); $t_redirect_url = 'manage_user_edit_page.php?user_id=' . $f_user_id; html_page_top1(); html_meta_redirect($t_redirect_url); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div> <?php
*/ require_once 'core.php'; form_security_validate('proj_doc_delete'); # Check if project documentation feature is enabled. if (OFF == config_get('enable_project_documentation')) { access_denied(); } $f_file_id = gpc_get_int('file_id'); $t_project_id = file_get_field($f_file_id, 'project_id', 'project'); access_ensure_project_level(config_get('upload_project_file_threshold'), $t_project_id); $t_project_file_table = db_get_table('mantis_project_file_table'); $query = "SELECT title FROM {$t_project_file_table}\n\t\t\t\tWHERE id=" . db_param(); $result = db_query_bound($query, array($f_file_id)); $t_title = db_result($result); # Confirm with the user helper_ensure_confirmed(lang_get('confirm_file_delete_msg') . '<br />' . lang_get('filename') . ': ' . string_display($t_title), lang_get('file_delete_button')); file_delete($f_file_id, 'project'); form_security_purge('proj_doc_delete'); $t_redirect_url = 'proj_doc_page.php'; html_page_top(null, $t_redirect_url); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div> <?php html_page_bottom();
$f_field_id = gpc_get_int( 'field_id' ); $f_project_id = gpc_get_int( 'project_id' ); $f_return = gpc_get_string( 'return', '' ); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level( config_get( 'manage_project_threshold' ), $f_project_id ); access_ensure_project_level( config_get( 'custom_field_link_threshold' ), $f_project_id ); $t_definition = custom_field_get_definition( $f_field_id ); # Confirm with the user helper_ensure_confirmed( lang_get( 'confirm_custom_field_unlinking' ) . '<br/>' . lang_get( 'custom_field_label' ) . lang_get( 'word_separator' ) . string_attribute( $t_definition['name'] ), lang_get( 'field_remove_button' ) ); if ( $f_return == 'custom_field' ) { $t_redirect_url = 'manage_custom_field_edit_page.php?field_id=' . $f_field_id; } else { $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; } custom_field_unlink( $f_field_id, $f_project_id ); form_security_purge( 'manage_proj_custom_field_remove' ); html_page_top( null, $t_redirect_url ); ?> <br />
require_api( 'version_api.php' ); form_security_validate( 'manage_proj_ver_delete' ); auth_reauthenticate(); $f_version_id = gpc_get_int( 'version_id' ); $t_version_info = version_get( $f_version_id ); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $t_version_info->project_id; access_ensure_project_level( config_get( 'manage_project_threshold' ), $t_version_info->project_id ); # Confirm with the user helper_ensure_confirmed( lang_get( 'version_delete_sure' ) . '<br/>' . lang_get( 'version_label' ) . lang_get( 'word_separator' ) . $t_version_info->version, lang_get( 'delete_version_button' ) ); version_remove( $f_version_id ); form_security_purge( 'manage_proj_ver_delete' ); html_page_top( null, $t_redirect_url ); ?> <br /> <div> <?php echo lang_get( 'operation_successful' ).'<br />'; print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) ); ?> </div>
$t_admin_threshold = config_get_global( 'admin_site_threshold' ); if ( user_is_administrator( $f_user_id ) && user_count_level( $t_admin_threshold ) <= 1 ) { trigger_error( ERROR_USER_CHANGE_LAST_ADMIN, ERROR ); } # If an administrator is trying to delete their own account, use # account_delete.php instead as it is handles logging out and redirection # of users who have just deleted their own accounts. if ( auth_get_current_user_id() == $f_user_id ) { form_security_purge( 'manage_user_delete' ); print_header_redirect( 'account_delete.php?account_delete_token=' . form_security_token( 'account_delete' ), true, false ); } helper_ensure_confirmed( lang_get( 'delete_account_sure_msg' ) . '<br/>' . lang_get( 'username_label' ) . lang_get( 'word_separator' ) . $t_user['username'], lang_get( 'delete_account_button' ) ); user_delete( $f_user_id ); form_security_purge('manage_user_delete'); html_page_top( null, 'manage_user_page.php' ); ?> <br /> <div> <?php echo lang_get( 'operation_successful' ) . '<br />'; print_bracket_link( 'manage_user_page.php', lang_get( 'proceed' ) ); ?>
user_ensure_realname_unique($f_username, $f_realname); if ($f_password != $f_password_verify) { trigger_error(ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR); } $f_email = email_append_domain($f_email); email_ensure_not_disposable($f_email); if (ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) { # Check code will be sent to the user directly via email. Dummy password set to random # Create random password $t_seed = $f_email . $f_username; $f_password = auth_generate_random_password($t_seed); } else { # Password won't to be sent by email. It entered by the admin # Now, if the password is empty, confirm that that is what we wanted if (is_blank($f_password)) { helper_ensure_confirmed(lang_get('empty_password_sure_msg'), lang_get('empty_password_button')); } } # Don't allow the creation of accounts with access levels higher than that of # the user creating the account. access_ensure_global_level($f_access_level); # Need to send the user creation mail in the tracker language, not in the creating admin's language # Park the current language name until the user has been created lang_push(config_get('default_language')); # create the user $t_admin_name = user_get_name(auth_get_current_user_id()); $t_cookie = user_create($f_username, $f_password, $f_email, $f_access_level, $f_protected, $f_enabled, $t_realname, $t_admin_name); # set language back to user language lang_pop(); form_security_purge('manage_user_create'); if ($t_cookie === false) {
<?php # Copyright (c) 2012 John Reese # Licensed under the MIT license form_security_validate('plugin_Source_repo_import_full'); access_ensure_global_level(plugin_config_get('manage_threshold')); $f_repo_id = gpc_get_string('id'); $t_repo = SourceRepo::load($f_repo_id); $t_vcs = SourceVCS::repo($t_repo); helper_ensure_confirmed(plugin_lang_get('ensure_import_full'), plugin_lang_get('import_full')); helper_begin_long_process(); html_page_top1(); html_page_top2(); # create a new, temporary repo $t_new_repo = SourceRepo::load($f_repo_id); $t_new_repo->id = 0; $t_new_repo->name = 'Import ' . date('Y-m-d H:i:s'); $t_new_repo->save(); # keep checking for more changesets to import $t_error = false; while (true) { # import the next batch of changesets $t_changesets = $t_vcs->import_full($t_new_repo); # check for errors if (!is_array($t_changesets)) { $t_error = true; break; } # if no more entries, we're done if (count($t_changesets) < 1) { break;
# it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: bug_file_delete.php,v 1.30.14.1 2007-10-13 22:32:38 giallu Exp $ # -------------------------------------------------------- # Delete a file from a bug and then view the bug require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'file_api.php'; # helper_ensure_post(); $f_file_id = gpc_get_int('file_id'); $t_bug_id = file_get_field($f_file_id, 'bug_id'); access_ensure_bug_level(config_get('update_bug_threshold'), $t_bug_id); $t_bug = bug_get($t_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } helper_ensure_confirmed(lang_get('delete_attachment_sure_msg'), lang_get('delete_attachment_button')); file_delete($f_file_id, 'bug'); print_header_redirect_view($t_bug_id);
<?php # Copyright (c) 2012 John Reese # Licensed under the MIT license form_security_validate('plugin_Source_repo_delete'); access_ensure_global_level(plugin_config_get('manage_threshold')); $f_repo_id = gpc_get_string('id'); $t_repo = SourceRepo::load($f_repo_id); helper_ensure_confirmed(sprintf(plugin_lang_get('ensure_delete'), $t_repo->name), plugin_lang_get('delete_repository')); SourceRepo::delete($t_repo->id); form_security_purge('plugin_Source_repo_delete'); print_successful_redirect(plugin_page('index', true));
<?php # Mantis - a php based bugtracking system # Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2007 Mantis Team - mantisbt-dev@lists.sourceforge.net # Mantis is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: tag_delete.php,v 1.1.2.1 2007-10-13 22:34:44 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'tag_api.php'; form_security_validate('tag_delete'); access_ensure_global_level(config_get('tag_edit_threshold')); $f_tag_id = gpc_get_int('tag_id'); $t_tag_row = tag_get($f_tag_id); helper_ensure_confirmed(lang_get('tag_delete_message'), lang_get('tag_delete_button')); tag_delete($f_tag_id); form_security_purge('tag_delete'); print_successful_redirect(config_get('default_home_page'));
# We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); if (0 == $f_user_id) { # Confirm with the user helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button')); project_remove_all_users($f_project_id, access_get_project_level($f_project_id)); } else { # Don't allow removal of users from the project who have a higher access level than the current user access_ensure_project_level(access_get_project_level($f_project_id, $f_user_id), $f_project_id); $t_user = user_get_row($f_user_id); $t_project_name = project_get_name($f_project_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br />' . lang_get('username') . ': ' . $t_user['username'], sprintf(lang_get('remove_user_from_project_button'), $t_project_name)); project_remove_user($f_project_id, $f_user_id); } form_security_purge('manage_proj_user_remove'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top(null, $t_redirect_url); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div> <?php
/** @ignore */ define('PLUGINS_DISABLED', true); /** * MantisBT Core API's */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('lang_api.php'); require_api('plugin_api.php'); require_api('print_api.php'); require_api('string_api.php'); form_security_validate('manage_plugin_uninstall'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_plugin_threshold')); # register plugins and metadata without initializing plugin_register_installed(); $f_basename = gpc_get_string('name'); $t_plugin = plugin_register($f_basename, true); helper_ensure_confirmed(sprintf(lang_get('plugin_uninstall_message'), string_display_line($t_plugin->name)), lang_get('plugin_uninstall')); if (!is_null($t_plugin)) { plugin_uninstall($t_plugin); } else { plugin_force_uninstall($f_basename); } form_security_purge('manage_plugin_uninstall'); print_successful_redirect('manage_plugin_page.php');
require_once 'core.php'; require_once 'category_api.php'; form_security_validate('manage_proj_cat_delete'); auth_reauthenticate(); $f_category_id = gpc_get_int('id'); $f_project_id = gpc_get_int('project_id'); $t_row = category_get_row($f_category_id); $t_name = category_full_name($f_category_id); $t_project_id = $t_row['project_id']; access_ensure_project_level(config_get('manage_project_threshold'), $t_project_id); # Get a bug count $t_bug_table = db_get_table('mantis_bug_table'); $t_query = "SELECT COUNT(id) FROM {$t_bug_table} WHERE category_id=" . db_param(); $t_bug_count = db_result(db_query_bound($t_query, array($f_category_id))); # Confirm with the user helper_ensure_confirmed(sprintf(lang_get('category_delete_sure_msg'), string_display_line($t_name), $t_bug_count), lang_get('delete_category_button')); category_remove($f_category_id); form_security_purge('manage_proj_cat_delete'); if ($f_project_id == ALL_PROJECTS) { $t_redirect_url = 'manage_proj_page.php'; } else { $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; } html_page_top(null, $t_redirect_url); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?>
*/ require_once 'core.php'; form_security_validate('account_delete'); auth_ensure_user_authenticated(); current_user_ensure_unprotected(); # Only allow users to delete their own accounts if allow_account_delete = ON or # the user has permission to manage user accounts. if (OFF == config_get('allow_account_delete') && !access_has_global_level(config_get('manage_user_threshold'))) { print_header_redirect('account_page.php'); } # check that we are not deleting the last administrator account $t_admin_threshold = config_get_global('admin_site_threshold'); if (current_user_is_administrator() && user_count_level($t_admin_threshold) <= 1) { trigger_error(ERROR_USER_CHANGE_LAST_ADMIN, ERROR); } helper_ensure_confirmed(lang_get('confirm_delete_msg'), lang_get('delete_account_button')); form_security_purge('account_delete'); $t_user_id = auth_get_current_user_id(); auth_logout(); user_delete($t_user_id); html_page_top1(); html_page_top2a(); ?> <br /> <div align="center"> <?php echo lang_get('account_removed_msg') . '<br />'; print_bracket_link(config_get('logout_redirect_page'), lang_get('proceed')); ?> </div>
require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); require_api('string_api.php'); form_security_validate('manage_config_revert'); auth_reauthenticate(); $f_project_id = gpc_get_int('project', 0); $f_revert = gpc_get_string('revert', ''); $f_return = gpc_get_string('return'); $t_access = true; $t_revert_vars = explode(',', $f_revert); array_walk($t_revert_vars, 'trim'); foreach ($t_revert_vars as $t_revert) { $t_access &= access_has_project_level(config_get_access($t_revert), $f_project_id); } if (!$t_access) { access_denied(); } if ('' != $f_revert) { # Confirm with the user helper_ensure_confirmed(lang_get('config_delete_sure') . lang_get('word_separator') . string_html_specialchars(implode(', ', $t_revert_vars)) . lang_get('word_separator') . lang_get('in_project') . lang_get('word_separator') . project_get_name($f_project_id), lang_get('delete_config_button')); foreach ($t_revert_vars as $t_revert) { config_delete($t_revert, null, $f_project_id); } } form_security_purge('manage_config_revert'); $t_redirect_url = $f_return; html_page_top(null, $t_redirect_url); html_operation_successful($t_redirect_url); html_page_bottom();
* @uses config_api.php * @uses constant_inc.php * @uses form_api.php * @uses gpc_api.php * @uses helper_api.php * @uses lang_api.php * @uses print_api.php * @uses project_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('adm_config_delete'); $f_user_id = gpc_get_int('user_id'); $f_project_id = gpc_get_int('project_id'); $f_config_option = gpc_get_string('config_option'); access_ensure_global_level(config_get('set_configuration_threshold')); if ($f_project_id != ALL_PROJECTS) { project_ensure_exists($f_project_id); } helper_ensure_confirmed(lang_get('delete_config_sure_msg'), lang_get('delete_link')); config_delete($f_config_option, $f_user_id, $f_project_id); form_security_purge('adm_config_delete'); print_successful_redirect('adm_config_report.php');
if (current_user_is_anonymous()) { access_denied(); } $f_bug_id = gpc_get_int('bug_id'); $f_amount = gpc_get_int('amount'); $t_bug = bug_get($f_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } if (config_get('enable_sponsorship') == OFF) { trigger_error(ERROR_SPONSORSHIP_NOT_ENABLED, ERROR); } access_ensure_bug_level(config_get('sponsor_threshold'), $f_bug_id); helper_ensure_confirmed(sprintf(lang_get('confirm_sponsorship'), $f_bug_id, sponsorship_format_amount($f_amount)), lang_get('sponsor_issue')); if ($f_amount == 0) { # if amount == 0, delete sponsorship by current user (if any) $t_sponsorship_id = sponsorship_get_id($f_bug_id); if ($t_sponsorship_id !== false) { sponsorship_delete($t_sponsorship_id); } } else { # add sponsorship $t_user = auth_get_current_user_id(); if (is_blank(user_get_email($t_user))) { trigger_error(ERROR_SPONSORSHIP_SPONSOR_NO_EMAIL, ERROR); } else { $sponsorship = new SponsorshipData(); $sponsorship->bug_id = $f_bug_id; $sponsorship->user_id = $t_user;
require_once 'core.php'; $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id', 0); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); if (0 == $f_user_id) { # Confirm with the user helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button')); project_remove_all_users($f_project_id); } else { $t_user = user_get_row($f_user_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('username') . ': ' . $t_user['username'], lang_get('remove_user_button')); project_remove_user($f_project_id, $f_user_id); } $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top1(); html_meta_redirect($t_redirect_url); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div>
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org # Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net # This program is distributed under the terms and conditions of the GPL # See the README and LICENSE files for details # -------------------------------------------------------- # $Id: manage_proj_ver_delete.php,v 1.22 2004/12/14 20:37:07 marcelloscata Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'version_api.php'; $f_version_id = gpc_get_int('version_id'); $t_version_info = version_get($f_version_id); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $t_version_info->project_id; access_ensure_project_level(config_get('manage_project_threshold'), $t_version_info->project_id); # Confirm with the user helper_ensure_confirmed(lang_get('version_delete_sure') . '<br/>' . lang_get('version') . ': ' . $t_version_info->version, lang_get('delete_version_button')); version_remove($f_version_id); html_page_top1(); html_meta_redirect($t_redirect_url); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?> </div> <?php html_page_bottom1(__FILE__);
# -------------------------------------------------------- # $Id: manage_custom_field_delete.php,v 1.17.2.1 2007-10-13 22:33:27 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'custom_field_api.php'; form_security_validate('manage_custom_field_delete'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_custom_fields_threshold')); $f_field_id = gpc_get_int('field_id'); $f_return = strip_tags(gpc_get_string('return', 'manage_custom_field_page.php')); $t_definition = custom_field_get_definition($f_field_id); if (0 < count(custom_field_get_project_ids($f_field_id))) { helper_ensure_confirmed(lang_get('confirm_used_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button')); } else { helper_ensure_confirmed(lang_get('confirm_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button')); } custom_field_destroy($f_field_id); form_security_purge('manage_custom_field_delete'); html_page_top1(); html_meta_redirect($f_return); html_page_top2(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($f_return, lang_get('proceed')); ?> </div>
$f_file_id = gpc_get_int( 'file_id' ); $t_project_id = file_get_field( $f_file_id, 'project_id', 'project' ); access_ensure_project_level( config_get( 'upload_project_file_threshold' ), $t_project_id ); $t_project_file_table = db_get_table( 'project_file' ); $query = "SELECT title FROM $t_project_file_table WHERE id=" . db_param(); $result = db_query_bound( $query, Array( $f_file_id ) ); $t_title = db_result( $result ); # Confirm with the user helper_ensure_confirmed( lang_get( 'confirm_file_delete_msg' ) . '<br/>' . lang_get( 'filename_label' ) . lang_get( 'word_separator' ) . string_display( $t_title ), lang_get( 'file_delete_button' ) ); file_delete( $f_file_id, 'project' ); form_security_purge( 'proj_doc_delete' ); $t_redirect_url = 'proj_doc_page.php'; html_page_top( null, $t_redirect_url ); ?> <br /> <div> <?php echo lang_get( 'operation_successful' ).'<br />'; print_bracket_link( $t_redirect_url, lang_get( 'proceed' ) );
# Delete the users who have never logged in and are older than 1 week $days_old = (int)7 * SECONDS_PER_DAY; $query = "SELECT id, access_level FROM $t_user_table WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" ); $result = db_query_bound($query, Array( db_now() ) ); if ( !$result ) { trigger_error( ERROR_GENERIC, ERROR ); } $count = db_num_rows( $result ); if ( $count > 0 ) { helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ), lang_get( 'prune_accounts_button' ) ); } for ($i=0; $i < $count; $i++) { $row = db_fetch_array( $result ); # Don't prune accounts with a higher global access level than the current user if ( access_has_global_level( $row['access_level'] ) ) { user_delete($row['id']); } } form_security_purge( 'manage_user_prune' ); print_header_redirect( 'manage_user_page.php' );
* * @uses core.php * @uses access_api.php * @uses bug_revision_api.php * @uses config_api.php * @uses form_api.php * @uses gpc_api.php * @uses helper_api.php * @uses lang_api.php * @uses print_api.php */ /** * MantisBT Core API's */ require_once 'core.php'; require_api('access_api.php'); require_api('bug_revision_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('lang_api.php'); require_api('print_api.php'); form_security_validate('bug_revision_drop'); $f_revision_id = gpc_get_int('id'); $t_revision = bug_revision_get($f_revision_id); access_ensure_bug_level(config_get('bug_revision_drop_threshold'), $t_revision['bug_id']); helper_ensure_confirmed(lang_get('confirm_revision_drop'), lang_get('revision_drop')); bug_revision_drop($f_revision_id); form_security_purge('bug_revision_drop'); print_successful_redirect_to_bug($t_revision['bug_id']);