/** * save_search * * @param string $do * @access public * @return void * @notes FIXME: must return something, should not merge _GET and _REQUEST with other stuff. */ public function save_search($do = 'index') { global $db; if ($this->isAnon()) { return; } // Only logged in users get to use the 'last search' functionality if ($do == 'index') { if (Post::val('search_name')) { $arr = array(); foreach ($this->search_keys as $key) { $arr[$key] = Post::val($key, $key == 'status' ? 'open' : null); } foreach (array('order', 'sort', 'order2', 'sort2') as $key) { if (Post::val($key)) { $arr[$key] = Post::val($key); } } $fields = array('search_string' => serialize($arr), 'time' => time(), 'user_id' => $this->id, 'name' => Post::val('search_name')); $keys = array('name', 'user_id'); $db->Replace('{searches}', $fields, $keys); } } $sql = $db->Query('SELECT * FROM {searches} WHERE user_id = ? ORDER BY name ASC', array($this->id)); $this->searches = $db->FetchAllArray($sql); }
function action_edit() { foreach (Get::val('ids') as $task_id) { // Edit or close? If we have a resolution_reason, then close! otherwise, edit. if (Post::val('resolution_reason')) { Backend::close_task($task_id, Post::val('resolution_reason'), Post::val('closure_comment'), Post::val('mark100')); } elseif (count(Post::val('changes'))) { $task = Flyspray::GetTaskDetails($task_id); $args = $task; // import previous values foreach (Post::val('changes') as $change) { $args[$change] = Post::val($change); } if (is_array($args['assigned_to'])) { $args['assigned_to'] = implode(';', $task['assigned_to_uname']); } Backend::edit_task($task, $args); } } return array(SUBMIT_OK, L('masseditsuccessful')); }
require_once '../../scripts/index.php'; $baseurl = dirname(dirname($baseurl)) . '/'; // first, find out about the field we are going to edit $classnames = explode(' ', Post::val('classname')); $field = ''; foreach ($classnames as $name) { if (substr($name, 0, 5) == 'task_') { $field = Filters::noXSS(substr($name, 5)); } } // spare unnecessary queries if (!$field) { header('HTTP/1.1 400 Bad Request'); exit; } $task = Flyspray::GetTaskDetails(Post::val('task_id')); // we better not forget this one ;) if (!$user->can_edit_task($task)) { header('HTTP/1.1 400 Bad Request'); exit; } // pre build some HTML $task['num_assigned'] = count($task['assigned_to']); $task['assigned_to_name'] = reset($task['assigned_to_name']); $prev = Filters::noXSS(str_replace("'", "\\'", tpl_draw_cell($task, $field, '<span class="%s %s">%s</span>'))); $id = sprintf('id="task%d_%s" name="task%d_%s"', $task['task_id'], $field, $task['task_id'], $field); switch ($field) { case 'summary': echo '<input type="text" class="text" ' . $id . ' value="' . Filters::noXSS($task['item_summary']) . '" />'; break; case 'project':
/** * @param PageBuilder $pageBuilder * @return ContactsPanel */ function CNewMessagePanel(&$pagebuilder) { $this->Type = Post::val('mtype', 'mes'); $this->To = ''; $this->_pagebuilder =& $pagebuilder; $this->_proc =& $pagebuilder->_proc; $this->From = $this->_getFromEmail(); $this->_pagebuilder->_top->AddOnResize('ResizeElements(\'all\');'); if ($this->_proc->account->AllowDhtmlEditor) { $editorResize = 'HTMLEditor.Resize(width - 1, height - 2);'; $editorReplace = 'HTMLEditor.Replace();'; } else { $editorResize = ' plainEditor.style.height = (height - 1) + "px"; plainEditor.style.width = (width - 2) + "px"; '; $editorReplace = ''; } $this->inputs = ''; $contacts = null; if (Post::has('contacts') && is_array(Post::val('contacts'))) { $contactsArray = array_keys(Post::val('contacts')); $contacts =& $this->_proc->db->LoadContactsById($contactsArray); } if (Post::has('groupid')) { $group =& $this->_proc->db->SelectGroupById(Post::val('groupid', -1)); $contacts =& $this->_proc->db->SelectAddressGroupContacts(Post::val('groupid', -1)); } if ($contacts) { foreach ($contacts->Instance() as $contact) { if (!$contact->Email) { continue; } $this->To .= $contact->Name ? '"' . $contact->Name . '" <' . $contact->Email . '>, ' : $contact->Email . ','; } $this->To = trim(trim($this->To), ','); } if (Post::has('mailto')) { $this->To = Post::val('mailto', ''); } if (Get::has('to')) { $this->To = (string) trim(Get::val('to', '')); } $message = null; $isHtml = $this->_proc->account->AllowDhtmlEditor; $this->attacmentsHtml = ''; $this->_pagebuilder->AddJSText(' var bcc, bcc_mode, bcc_mode_switcher; var plainCont = null; var plainEditor = null; var HTMLEditor = null; var EditAreaUrl = "edit-area.php"; var prevWidth = 0; var prevHeight = 0; var rowIndex = 0; function ResizeElements(mode) { var width = GetWidth(); if (width < 684) width = 684; width = width - 40; var height = Math.ceil(width/3); if (prevWidth != width && prevHeight != height) { prevWidth = width; prevHeight = height; if (plainCont != null) { plainCont.style.height = height + "px"; plainCont.style.width = width + "px"; ' . $editorResize . ' } } } function WriteEmails(str, field) { var mailInput; if (field == 2) { mailInput = document.getElementById("toCC"); } else if (field == 3) { mailInput = document.getElementById("toBCC"); } else { mailInput = document.getElementById("toemail"); } if (mailInput) { mailInput.value = (mailInput.value == "") ? str : mailInput.value + ", " + str; mailInput.focus(); } } function LoadAttachmentHandler(attachObj) { var attachtable = document.getElementById("attachmentTable"); if (attachObj) { var imageLink = GetFileParams(attachObj.FileName); var tr = attachtable.insertRow(rowIndex++); tr.id = "tr_" + attachObj.TempName; var td = tr.insertCell(0); td.className = "wm_attachment"; var innerHtml = \'<img src="./images/icons/\' + imageLink.image + \'" />\'; innerHtml += \'<input type="hidden" name="attachments[\' + attachObj.TempName + \']" value="\' + attachObj.FileName + \'">\'; innerHtml += HtmlEncode(attachObj.FileName) + \' (\' + GetFriendlySize(attachObj.Size) + \') <a href="#" id="\' + attachObj.TempName + \'" onclick="return DeleteAttach(this.id);">' . JS_LANG_Delete . '</a>\'; td.innerHTML = innerHtml; } } function ChangeBCCMode() { if (bcc_mode == "hide") { bcc_mode = "show"; bcc.className = ""; bcc_mode_switcher.innerHTML = Lang.HideBCC; } else { bcc_mode = "hide"; bcc.className = "wm_hide"; bcc_mode_switcher.innerHTML = Lang.ShowBCC; } ' . $editorReplace . ' return false; } function UpdateIdUid(id, uid) { var idf = document.getElementById("m_id"); var uidf = document.getElementById("m_uid"); if (idf && uidf) { idf.value = id; uidf.value = uid; } } var Rep_m, Err_m; var hiddensaveiframe; var pop3Pr = ' . ($pagebuilder->_proc->account->MailProtocol == MAILPROTOCOL_POP3 ? 'true' : 'false') . '; function DoSaveButton() { if (pop3Pr) { if (!hiddensaveiframe) { hiddensaveiframe = CreateChildWithAttrs(document.body, "iframe", [["name", "hiddensaveiframe"], ["class", "wm_hide"]]); } } var form = document.getElementById("messageForm"); form.action = "' . ACTIONFILE . '?action=save&req=message"; form.target = (pop3Pr) ? "hiddensaveiframe" : ""; if (submitSaveMessage()) { form.submit(); } } function DoSendButton() { var toemail = document.getElementById("toemail"); var ccemail = document.getElementById("toCC"); var bccemail = document.getElementById("toBCC"); var subject = document.getElementById("subject"); var mailIsCorrect = false; if ((toemail && toemail.value.length > 3) || (ccemail && ccemail.value.length > 3) || (bccemail && bccemail.value.length > 3)) { mailIsCorrect = true; } if (mailIsCorrect) { if (subject && subject.value.length < 1 && !confirm(Lang.ConfirmEmptySubject)) { return false; } var form = document.getElementById("messageForm"); form.action = "' . ACTIONFILE . '?action=send&req=message"; form.target = ""; if (submitSaveMessage()) { form.submit(); } } else { alert(Lang.WarningToBlank); } } function DeleteAttach(idline) { var trtable = document.getElementById("tr_" + idline); if (trtable) { trtable.className = "wm_hide"; CleanNode(trtable); } return false; } function ShowPictures() { var showPictureTable = document.getElementById("showpicturestable"); if (HTMLEditor) { var temp = HTMLEditor.GetText().ReplaceStr("wmx_src", "src"); temp = temp.ReplaceStr("wmx_background", "background"); HTMLEditor.SetHtml(temp); if (showPictureTable) { showPictureTable.className = "wm_hide"; } HTMLEditor.Replace(); } } '); $this->_pagebuilder->AddInitText(' bcc_mode = "hide"; bcc = document.getElementById("bcc"); bcc_mode_switcher = document.getElementById("bcc_mode_switcher"); plainEditor = document.getElementById("editor_area"); plainCont = document.getElementById("editor_cont"); Rep_m = new CReport("Rep_m"); Rep_m.Build(); Err_m = new CError("Err_m", "' . ConvertUtils::ClearJavaScriptString($this->_pagebuilder->SkinName(), '"') . '"); Err_m.Build(); '); $m_id = -1; $m_uid = ''; if (Post::has('m_id')) { $mes_id = Post::val('m_id'); $mes_uid = Post::val('m_uid'); $folder_id = Post::val('f_id'); $folder_name = Post::val('f_name'); $folder_name = 'defaultname'; $mes_charset = Post::val('charset', -1); $message = new GetMessageBase($this->_proc->account, $mes_id, $mes_uid, $folder_id, $folder_name, $mes_charset); $m_id = (int) $mes_id; $m_uid = $mes_uid; } $this->inputs = '<input type="hidden" id="m_id" name="m_id" value="' . ConvertUtils::AttributeQuote($m_id) . '"><input type="hidden" id="m_uid" name="m_uid" value="' . ConvertUtils::AttributeQuote($m_uid) . '">'; $withSignature = false; switch ($this->_proc->account->SignatureOptions) { case SIGNATURE_OPTION_AddToAll: $withSignature = true; break; case SIGNATURE_OPTION_AddToNewOnly: $withSignature = $this->Type == 'mes'; break; default: case SIGNATURE_OPTION_DontAdd: $withSignature = false; break; } if ($message) { if ($this->Type != 'forward' && $this->Type != 'reply' && $this->Type != 'replytoall') { $withSignature = false; } $this->_pagebuilder->AddInitText('SetPriority(' . $message->msg->GetPriorityStatus() . ');'); switch ($this->Type) { default: $this->To = $message->PrintTo(true); $this->CC = $message->PrintCC(true); $this->BCC = ''; $this->Subject = $message->PrintSubject(true); break; case 'forward': $this->To = ''; $this->CC = ''; $this->BCC = ''; $this->Subject = JS_LANG_Fwd . ': ' . $message->PrintSubject(true); break; case 'reply': $replyto = trim($message->PrintReplyTo(true)); $this->To = strlen($replyto) > 0 ? $replyto : $message->PrintFrom(true); $this->CC = ''; $this->BCC = ''; $this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true); break; case 'replytoall': $emailCollection =& $message->msg->GetAllRecipients(false, true); $temp = ''; if ($emailCollection) { foreach ($emailCollection->Instance() as $value) { $email =& $value; if ($email->Email != $this->_proc->account->Email) { $temp .= $email->Email . ', '; } } } $this->To = trim(trim($temp), ','); $this->CC = ''; $this->BCC = ''; $this->Subject = JS_LANG_Re . ': ' . $message->PrintSubject(true); break; } if ($this->_proc->account->AllowDhtmlEditor) { switch ($this->Type) { case 'forward': case 'reply': case 'replytoall': if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) { $isHtml = true; $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true)); if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) { $GLOBALS[GL_WITHIMG] = false; $this->isSafety = false; } } else { $isHtml = true; $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetRelpyAsHtml(true)); } break; default: if ($message->account->ViewMode == VIEW_MODE_PREVIEW_PANE_NO_IMG || $message->account->ViewMode == VIEW_MODE_WITHOUT_PREVIEW_PANE_NO_IMG) { if ($message->msg->HasHtmlText()) { $isHtml = true; $this->Body = ConvertUtils::HtmlBodyWithoutImages($message->msg->GetCensoredHtmlWithImageLinks(true)); if (isset($GLOBALS[GL_WITHIMG]) && $GLOBALS[GL_WITHIMG]) { $GLOBALS[GL_WITHIMG] = false; $this->isSafety = false; } } elseif ($message->msg->HasPlainText()) { $isHtml = false; $this->Body = $message->msg->GetNotCensoredTextBody(true); } } else { if ($message->msg->HasHtmlText()) { $isHtml = true; $this->Body = $message->msg->GetCensoredHtmlWithImageLinks(true); } elseif ($message->msg->HasPlainText()) { $isHtml = false; $this->Body = $message->msg->GetNotCensoredTextBody(true); } } break; } } else { $isHtml = false; switch ($this->Type) { case 'forward': case 'reply': case 'replytoall': $this->Body = $message->msg->GetRelpyAsPlain(true); break; default: $this->Body = $message->msg->GetNotCensoredTextBody(true); break; } } if ($message->HasAttachments() && $this->Type != 'reply' && $this->Type != 'replytoall') { $attachments =& $message->msg->Attachments; if ($attachments != null && $attachments->Count() > 0) { foreach (array_keys($attachments->Instance()) as $key) { $attachment =& $attachments->Get($key); $tempname = $message->msg->IdMsg . '-' . $key . '_' . $attachment->GetTempName(); //$filename = ConvertUtils::ConvertEncoding($attachment->GetFilenameFromMime(), $GLOBALS[MailInputCharset], $message->account->GetUserCharset()); $filename = ConvertUtils::WMHtmlSpecialChars($attachment->GetFilenameFromMime()); $filesize = GetFriendlySize(strlen($attachment->MimePart->GetBinaryBody())); $fs =& new FileSystem(INI_DIR . '/temp', $message->account->Email, $message->account->Id); $attfolder =& new Folder($message->account->Id, -1, Session::val('attachtempdir', md5(session_id()))); $fs->SaveAttach($attachment, $attfolder, $tempname); $this->attacmentsHtml .= ' <tr id="tr_' . ConvertUtils::AttributeQuote($tempname) . '"><td class="wm_attachment"><img src="./images/icons/' . GetAttachImg($filename) . '" /> <input type="hidden" name="attachments[' . ConvertUtils::AttributeQuote($tempname) . ']" value="' . ConvertUtils::AttributeQuote($filename) . '"> ' . $filename . ' (' . $filesize . ') <a href="#" id="' . ConvertUtils::AttributeQuote($tempname) . '" onClick="return DeleteAttach(this.id);">' . JS_LANG_Delete . '</a></td></tr>'; } } } } else { $this->_pagebuilder->AddInitText('SetPriority(3);'); } $signature = ''; if ($withSignature) { if ($this->_proc->account->AllowDhtmlEditor) { $signature = $this->_proc->account->SignatureType == 0 ? nl2br($this->_proc->account->Signature) : $this->_proc->account->Signature; $signature = $isHtml ? $signature : strip_tags(nl2br($signature)); } else { $signature = $this->_proc->account->SignatureType == 0 ? strip_tags($this->_proc->account->Signature) : strip_tags($this->_proc->account->Signature); } } $this->Body = $signature . $this->Body; if ($this->_proc->account->AllowDhtmlEditor) { $this->_pagebuilder->AddJSFile('class.html-editor.js'); $setText = $isHtml ? 'HTMLEditor.SetHtml(mess);' : 'HTMLEditor.SetText(mess);'; $this->_pagebuilder->AddJSText(' function submitSaveMessage() { var hiddenkey = document.getElementById("ishtml"); if (HTMLEditor._htmlMode) { plainEditor.value = HTMLEditor.GetText(); hiddenkey.value = "1"; } else { hiddenkey.value = "0"; } if (bcc_mode == "hide") { document.getElementById("toBCC").value = ""; } return true; } function EditAreaLoadHandler() { HTMLEditor.LoadEditArea(); } function CreateLinkHandler(url) { HTMLEditor.CreateLinkFromWindow(url); } function DesignModeOnHandler(rer) { HTMLEditor.Show(); var mess = "' . ConvertUtils::ReBuildStringToJavaScript($this->Body, '"') . '"; if (mess.length == 0) { mess = "<br />"; } ' . $setText . ' } '); $this->_pagebuilder->AddInitText(' HTMLEditor = new CHtmlEditorField(true); HTMLEditor.SetPlainEditor(plainEditor, document.getElementById("mode_switcher")); HTMLEditor.Show();'); } else { $this->_pagebuilder->AddJSText(' function submitSaveMessage() { var hiddenkey = document.getElementById("ishtml"); hiddenkey.value = "0"; if (bcc_mode == "hide") { document.getElementById("toBCC").value = ""; } return true; } '); } }
function Post_to0($key) { return Post::val($key, 0); }
function ToHTML() { return ' <table id="iftare_table" width="100%"> <tr> <td> <iframe name="iframe_container" width="100%" frameborder="0" id="iframe_container"></iframe> </td> </tr> </table> <form name="messform" id="messform" action="base-iframe.php?mode=full" target="iframe_container" method="POST"> <input type="hidden" name="m_id" id="m_id" value="' . ConvertUtils::AttributeQuote(Post::val('m_id', '')) . '" /> <input type="hidden" name="m_uid" id="m_uid" value="' . ConvertUtils::AttributeQuote(Post::val('m_uid', '')) . '" /> <input type="hidden" name="f_id" id="f_id" value="' . ConvertUtils::AttributeQuote(Post::val('f_id', '')) . '" /> <input type="hidden" name="f_name" id="f_name" value="' . ConvertUtils::AttributeQuote(Post::val('f_name', '')) . '" /> <input type="hidden" name="charset" id="charset" value="' . ConvertUtils::AttributeQuote(Post::val('charset', '')) . '" /> <input type="hidden" name="plain" id="plain" value="' . ConvertUtils::AttributeQuote(Post::val('plain', '-1')) . '" /> <input type="hidden" name="mtype" id="mtype" value="msg" /> </form> '; }
<?php /**********************************************************\ | This script adds/deletes data what can't be added to | | the XML schema files. | \***********************************************************/ // New status list, make sure data is only inserted if we have an empty table $sql = $db->x->GetOne('SELECT count(*) FROM {list_status}'); if ($sql < 1) { $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('Unconfirmed', 1, 1, 0)"); $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('New', 2, 1, 0)"); $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('Assigned', 3, 1, 0)"); $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('Researching', 4, 1, 0)"); $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('Waiting on Customer', 5, 1, 0)"); $db->query("INSERT INTO {list_status} (`status_name`, `list_position`, `show_in_list`, `project_id`) VALUES ('Requires testing', 6, 1, 0)"); } if (Post::val('replace_resolution')) { $db->x->execParam('UPDATE {list_resolution} SET resolution_name = ? WHERE resolution_id = ?', array('Duplicate (the real one)', 6)); } $db->query("DELETE FROM {list_status} WHERE status_id = 7"); $db->query("DELETE FROM {notifications} WHERE user_id = 0 OR task_id = 0"); $db->query("UPDATE {tasks} SET closure_comment='' WHERE closure_comment='0'"); $db->query("UPDATE {groups} SET `add_to_assignees` = '1' WHERE `assign_others_to_self` =1 "); $db->query("UPDATE {groups} SET add_votes = 1 WHERE group_id = 2 OR group_id = 3 OR group_id = 6"); $db->query("UPDATE {groups} SET `edit_assignments` = '1' WHERE `group_id` =2"); $db->query("UPDATE {history} SET event_type = 3 WHERE event_type = 0"); $db->query("UPDATE {history} SET event_type = 11 WHERE event_type = 15"); $db->query("UPDATE {history} SET event_type = 12 WHERE event_type = 16"); $db->query("UPDATE {history} SET field_changed = 'project_id' WHERE field_changed = 'attached_to_project'");
if ($db->countRows($res) < 1) { header(':', true, 403); die(L('invalidvalue')); } break; case 'closedby_version': $res = $db->Query('SELECT * FROM {list_version} WHERE (project_id=0 OR project_id=?) AND show_in_list=1 AND version_id=? AND version_tense=3', array($task['project_id'], $value)); if ($db->countRows($res) < 1) { header(':', true, 403); die(L('invalidvalue')); } break; default: header(':', true, 403); die(L('invalidField')); break; } $oldvalue = $task[Post::val('name')]; $time = time(); $sql = $db->Query("UPDATE {tasks} SET " . Post::val('name') . " = ?,last_edited_time = ? WHERE task_id = ?", array($value, $time, Post::val('task_id'))); # load $proj again of task with correct project_id for getting active notification types in notification class $proj = new Project($task['project_id']); // Log the changed field in task history Flyspray::logEvent($task['task_id'], 3, $value, $oldvalue, Post::val('name'), $time); // Get the details of the task we just updated to generate the changed-task message $new_details_full = Flyspray::GetTaskDetails($task['task_id']); $changes = Flyspray::compare_tasks($task, $new_details_full); if (count($changes) > 0) { $notify = new Notifications(); $notify->Create(NOTIFY_TASK_CHANGED, $task['task_id'], $changes, null, NOTIFY_BOTH, $proj->prefs['lang_code']); }
?> </td> </tr> <tr<?php echo $isHideCharset; ?> > <td class="wm_view_message_title"><?php echo JS_LANG_Charset; ?> :</td> <td> <select name="str_charset" id="strCharset" onchange="DoPost();" class="wm_view_message_select"> <?php foreach ($CHARSETS as $value) { echo Post::val('charset', '-1') == $value[0] ? '<option value="' . $value[0] . '" selected="selected" > ' . $value[1] . '</option>' . "\r\n" : '<option value="' . $value[0] . '" > ' . $value[1] . '</option>' . "\r\n"; } ?> </select> </td> </tr> </table> </td> </tr> <tr> <td id="td_attachments"> <?php $JSfilenameTrim = ''; if ($message->msg->Attachments != null && $message->msg->Attachments->Count() > 0) { echo '<div id="attachments" class="wm_message_attachments">'; $attachments =& $message->msg->Attachments;
/** * @param PageBuilder $pagebuilder * @param int $contact_id * @param bool $isNew * @return string */ function WriteContactEdit(&$pagebuilder, $contact_id, $isNew = false) { $out = ''; $isCorrect = false; $jsIsNew = $isNew ? 'true' : 'false'; $pagebuilder->AddJSText(' function dolocation(idurl) { var url = document.getElementById(idurl); if (url && url.value.length > 2) { OpenURL(url.value); } } function MessageToMail(email) { if (!email) { return false; } var form = CreateChildWithAttrs(document.body, "form", [["action", "' . BASEFILE . '?' . SCREEN . '=' . SCREEN_NEWOREDIT . '"], ["method", "POST"]]); CreateChildWithAttrs(form, "input", [["type", "hidden"], ["name", "mailto"], ["value", email]]); form.submit(); } function submitContactForm() { var result = false; if (newContact) { result = newContact.SubmitContact(); } if (!result) { alert(Lang.WarningContactNotComplete); } return result; } function DoCancle() { if (' . $jsIsNew . ') { document.location = "' . BASEFILE . '?' . SCREEN . '=' . SCREEN_CONTACTS . '"; } else { document.location = "' . BASEFILE . '?' . SCREEN . '=' . SCREEN_CONTACTS . '&' . CONTACT_MODE . '=' . C_VIEW . '&' . CONTACT_ID . '=' . $contact_id . '"; } } '); if ($isNew) { $contact = new AddressBookRecord(); $contact->PrimaryEmail = 0; $groupsArray = array(); if (Post::val('cdata') == 1) { $contact->FullName = Post::val('cfullname', ''); $contact->HomeEmail = Post::val('cemail', ''); } } else { $contact =& $pagebuilder->_proc->db->SelectAddressBookRecord($contact_id); $groupsArray =& $pagebuilder->_proc->db->SelectAddressGroupContact($contact_id); } $allGroups =& $pagebuilder->_proc->db->SelectUserAddressGroupNames(); $skinName = $pagebuilder->SkinName(); if ($contact && is_object($contact)) { $isCorrect = true; } if ($isCorrect) { $pagebuilder->AddInitText($contact->isOpen() ? 'var isOpenContact = true;' : 'var isOpenContact = false;'); $data = array(); $data = @get_object_vars($contact); foreach ($data as $key => $value) { $data[$key] = $value && strlen($value) > 0 ? array('', $value) : array(' class="wm_hide"', ''); } $Birthday[0] = $data['BirthdayDay'][1] || $data['BirthdayMonth'][1] || $data['BirthdayYear'][1] ? '' : ' class="wm_hide"'; $Birthday[1] = GetBirthDay($data['BirthdayDay'][1], $data['BirthdayMonth'][1], $data['BirthdayYear'][1]); $Email = array('', ''); switch ($contact->PrimaryEmail) { case PRIMARYEMAIL_Home: $Email[1] = $contact->HomeEmail; break; case PRIMARYEMAIL_Business: $Email[1] = $contact->BusinessEmail; break; case PRIMARYEMAIL_Other: $Email[1] = $contact->OtherEmail; break; } $Email[0] = $Email[1] ? '' : ' class="wm_hide"'; $class_00 = $data['HomeEmail'][1] || $data['HomeStreet'][1] || $data['HomeCity'][1] || $data['HomeFax'][1] || $data['HomeState'][1] || $data['HomePhone'][1] || $data['HomeZip'][1] || $data['HomeMobile'][1] || $data['HomeCountry'][1] || $data['HomeWeb'][1]; $class_00 = $class_00 ? ' class="wm_contacts_view"' : ' class="wm_hide"'; $class_01 = $data['HomeCity'][1] || $data['HomeFax'][1] ? '' : ' class="wm_hide"'; $data['HomeCity'][0] = $data['HomeCity'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomeCity'][2] = $data['HomeCity'][1] != '' ? '' : ' class="wm_hide"'; $data['HomeFax'][0] = $data['HomeFax'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomeFax'][2] = $data['HomeFax'][1] != '' ? '' : ' class="wm_hide"'; $class_02 = $data['HomeState'][1] || $data['HomePhone'][1] ? '' : ' class="wm_hide"'; $data['HomeState'][0] = $data['HomeState'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomeState'][2] = $data['HomeState'][1] != '' ? '' : ' class="wm_hide"'; $data['HomePhone'][0] = $data['HomePhone'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomePhone'][2] = $data['HomePhone'][1] != '' ? '' : ' class="wm_hide"'; $class_03 = $data['HomeZip'][1] || $data['HomeMobile'][1] ? '' : ' class="wm_hide"'; $data['HomeZip'][0] = $data['HomeZip'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomeZip'][2] = $data['HomeZip'][1] != '' ? '' : ' class="wm_hide"'; $data['HomeMobile'][0] = $data['HomeMobile'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['HomeMobile'][2] = $data['HomeMobile'][1] != '' ? '' : ' class="wm_hide"'; $class_10 = $data['BusinessCompany'][1] || $data['BusinessJobTitle'][1] || $data['BusinessDepartment'][1] || $data['BusinessOffice'][1] || $data['BusinessCity'][1] || $data['BusinessFax'][1] || $data['BusinessState'][1] || $data['BusinessPhone'][1] || $data['BusinessZip'][1] || $data['BusinessCountry'][1] || $data['BusinessEmail'][1] || $data['BusinessStreet'][1] || $data['BusinessWeb'][1]; $class_10 = $class_10 ? ' class="wm_contacts_view"' : ' class="wm_hide"'; $class_11 = $data['BusinessCompany'][1] || $data['BusinessJobTitle'][1] ? '' : ' class="wm_hide"'; $data['BusinessCompany'][0] = $data['BusinessCompany'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessCompany'][2] = $data['BusinessCompany'][1] != '' ? '' : ' class="wm_hide"'; $data['BusinessJobTitle'][0] = $data['BusinessJobTitle'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessJobTitle'][2] = $data['BusinessJobTitle'][1] != '' ? '' : ' class="wm_hide"'; $class_12 = $data['BusinessDepartment'][1] || $data['BusinessOffice'][1] ? '' : ' class="wm_hide"'; $data['BusinessDepartment'][0] = $data['BusinessDepartment'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessDepartment'][2] = $data['BusinessDepartment'][1] != '' ? '' : ' class="wm_hide"'; $data['BusinessOffice'][0] = $data['BusinessOffice'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessOffice'][2] = $data['BusinessOffice'][1] != '' ? '' : ' class="wm_hide"'; $class_13 = $data['BusinessCity'][1] || $data['BusinessFax'][1] ? '' : ' class="wm_hide"'; $data['BusinessCity'][0] = $data['BusinessCity'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessCity'][2] = $data['BusinessCity'][1] != '' ? '' : ' class="wm_hide"'; $data['BusinessFax'][0] = $data['BusinessFax'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessFax'][2] = $data['BusinessFax'][1] != '' ? '' : ' class="wm_hide"'; $class_14 = $data['BusinessState'][1] || $data['BusinessPhone'][1] ? '' : ' class="wm_hide"'; $data['BusinessState'][0] = $data['BusinessState'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessState'][2] = $data['BusinessState'][1] != '' ? '' : ' class="wm_hide"'; $data['BusinessPhone'][0] = $data['BusinessPhone'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessPhone'][2] = $data['BusinessPhone'][1] != '' ? '' : ' class="wm_hide"'; $class_15 = $data['BusinessZip'][1] || $data['BusinessCountry'][1] ? '' : ' class="wm_hide"'; $data['BusinessZip'][0] = $data['BusinessZip'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessZip'][2] = $data['BusinessZip'][1] != '' ? '' : ' class="wm_hide"'; $data['BusinessCountry'][0] = $data['BusinessCountry'][1] != '' ? ' class="wm_contacts_view_title"' : ' class="wm_hide"'; $data['BusinessCountry'][2] = $data['BusinessCountry'][1] != '' ? '' : ' class="wm_hide"'; $class_20 = $data['OtherEmail'][1] || $data['Notes'][1] || $Birthday[1]; $class_20 = $class_20 ? ' class="wm_contacts_view"' : ' class="wm_hide"'; $daysSelect = ''; for ($i = 1; $i < 32; $i++) { $daysSelect .= $data['BirthdayDay'][1] == $i ? '<option value="' . $i . '" selected="selected">' . $i . '</option>' . "\r\n" : '<option value="' . $i . '">' . $i . '</option>' . "\r\n"; } $selectedArray = array('', '', '', '', '', '', '', '', '', '', '', '', '', ''); if (isset($data['BirthdayMonth'][1]) && $data['BirthdayMonth'][1] > 0 && $data['BirthdayMonth'][1] < 13) { $selectedArray[(int) $data['BirthdayMonth'][1]] = ' selected="selected"'; } $monthsSelect = '<option value="1"' . $selectedArray[1] . '>' . JS_LANG_January . '</option> <option value="2"' . $selectedArray[2] . '>' . JS_LANG_February . '</option> <option value="3"' . $selectedArray[3] . '>' . JS_LANG_March . '</option> <option value="4"' . $selectedArray[4] . '>' . JS_LANG_April . '</option> <option value="5"' . $selectedArray[5] . '>' . JS_LANG_May . '</option> <option value="6"' . $selectedArray[6] . '>' . JS_LANG_June . '</option> <option value="7"' . $selectedArray[7] . '>' . JS_LANG_July . '</option> <option value="8"' . $selectedArray[8] . '>' . JS_LANG_August . '</option> <option value="9"' . $selectedArray[9] . '>' . JS_LANG_September . '</option> <option value="10"' . $selectedArray[10] . '>' . JS_LANG_October . '</option> <option value="11"' . $selectedArray[11] . '>' . JS_LANG_November . '</option> <option value="12"' . $selectedArray[12] . '>' . JS_LANG_December . '</option>'; $yearsSelect = ''; $lastyear = (int) date('Y', time()) > 1900 ? (int) date('Y', time()) : 2008; for ($i = $lastyear; $i > 1899; $i--) { $yearsSelect .= $data['BirthdayYear'][1] == $i ? '<option value="' . $i . '" selected="selected">' . $i . '</option>' . "\r\n" : '<option value="' . $i . '">' . $i . '</option>' . "\r\n"; } $groupsHtml = ''; if ($groupsArray && count($groupsArray) > 0) { $groupsHtml = '<table class="wm_contacts_view"> <tr> <td class="wm_contacts_view_title wm_contacts_section_name">' . JS_LANG_Groups . ':</td>'; $k = 0; $cnt = count($groupsArray); foreach ($groupsArray as $key => $value) { $k++; $tempstr = $cnt > $k ? ',' : ''; $groupsHtml .= '<td class="wm_contacts_groups"><a href="' . BASEFILE . '?' . CONTACT_MODE . '=' . G_VIEW . '&' . CONTACT_ID . '=' . $key . '">' . $value . '</a>' . $tempstr . '</td>' . "\r\n"; } $groupsHtml .= '</tr></table>'; } $groupsHtml2 = ''; if (count($allGroups) > 0) { $groupsHtml2 = ' <table class="wm_contacts_tab" onclick="ChangeTabVisibility(\'street_addresses\');"> <tr> <td> <span class="wm_contacts_tab_name"> ' . JS_LANG_Groups . ' </span> <span class="wm_contacts_tab_mode"> <img id="button_street_addresses" src="skins/' . $skinName . '/menu/arrow_down.gif" /> </span> </td> </tr> </table> <table class="wm_hide" id="street_addresses"> <tr><td>'; foreach ($allGroups as $id => $name) { $inGroup = key_exists($id, $groupsArray); $inGroup = $inGroup ? 'checked="checked"' : ''; $groupsHtml2 .= '<input id="inp_g_' . $id . '" class="wm_checkbox" ' . $inGroup . ' type="checkbox" value="' . $id . '" name="groupsIds[]"/> <label for="inp_g_' . $id . '">' . $name . '</label><br />'; } $groupsHtml2 .= ' </td></tr> </table>'; } $useFrName = $contact->UseFriendlyName || $isNew ? ' checked="checked"' : ''; $isNewHidden = $isNew ? '1' : '0'; $out .= '<form action="' . ACTIONFILE . '?action=update&req=contact" method="POST" onsubmit="return submitContactForm()"> <input type="hidden" name="isNewContact" value="' . $isNewHidden . '" /> <input type="hidden" name="contactId" value="' . $contact_id . '" /> <div id="viewTbl"> <table class="wm_contacts_view"> <tr' . $data['FullName'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_Name . ':</td> <td class="wm_contacts_name">' . ConvertUtils::WMHtmlSpecialChars($data['FullName'][1]) . '</td> </tr> <tr' . $Email[0] . '> <td class="wm_contacts_view_title">' . JS_LANG_Email . ':</td> <td class="wm_contacts_email"><a href="#" onclick="return MessageToMail(\'' . ConvertUtils::AttributeQuote(ConvertUtils::ClearJavaScriptString(ConvertUtils::WMHtmlSpecialChars($Email[1]), '\'')) . '\')">' . ConvertUtils::WMHtmlSpecialChars($Email[1]) . '</a></td> </tr> </table> <table' . $class_00 . '> <tr> <td class="wm_contacts_section_name" colspan="4">' . JS_LANG_Home . '</td> </tr> <tr' . $data['HomeEmail'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_PersonalEmail . ':</td> <td colspan="3"> <a href="#" onclick="return MessageToMail(\'' . ConvertUtils::AttributeQuote(ConvertUtils::ClearJavaScriptString(ConvertUtils::WMHtmlSpecialChars($data['HomeEmail'][1]), '\'')) . '\')">' . ConvertUtils::WMHtmlSpecialChars($data['HomeEmail'][1]) . '</a> </td> </tr> <tr' . $data['HomeStreet'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_StreetAddress . ':</td> <td colspan="3">' . ConvertUtils::WMHtmlSpecialChars($data['HomeStreet'][1]) . '</td> </tr> <tr' . $class_01 . '> <td' . $data['HomeCity'][0] . '>' . JS_LANG_City . ':</td> <td' . $data['HomeCity'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomeCity'][1]) . '</td> <td' . $data['HomeFax'][0] . '>' . JS_LANG_Fax . ':</td> <td' . $data['HomeFax'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomeFax'][1]) . '</td> </tr> <tr' . $class_02 . '> <td' . $data['HomeState'][0] . '>' . JS_LANG_StateProvince . ':</td> <td' . $data['HomeState'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomeState'][1]) . '</td> <td' . $data['HomePhone'][0] . '>' . JS_LANG_Phone . ':</td> <td' . $data['HomePhone'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomePhone'][1]) . '</td> </tr> <tr' . $class_03 . '> <td' . $data['HomeZip'][0] . '>' . JS_LANG_ZipCode . ':</td> <td' . $data['HomeZip'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomeZip'][1]) . '</td> <td' . $data['HomeMobile'][0] . '>' . JS_LANG_Mobile . ':</td> <td' . $data['HomeMobile'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['HomeMobile'][1]) . '</td> </tr> <tr' . $data['HomeCountry'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_CountryRegion . ':</td> <td colspan="3"> ' . ConvertUtils::WMHtmlSpecialChars($data['HomeCountry'][1]) . ' </td> </tr> <tr' . $data['HomeWeb'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_WebPage . ':</td> <td colspan="3"> ' . ConvertUtils::WMHtmlSpecialChars($data['HomeWeb'][1]) . ' </td> </tr> </table> <table' . $class_10 . '> <tr> <td class="wm_contacts_section_name" colspan="4">' . JS_LANG_Business . '</td> </tr> <tr' . $data['BusinessEmail'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_BusinessEmail . ':</td> <td colspan="3"> <a href="#" onclick="return MessageToMail(\'' . ConvertUtils::AttributeQuote(ConvertUtils::ClearJavaScriptString(ConvertUtils::WMHtmlSpecialChars($data['BusinessEmail'][1]), '\'')) . '\')">' . ConvertUtils::WMHtmlSpecialChars($data['BusinessEmail'][1]) . '</a> </td> </tr> <tr' . $class_11 . '> <td' . $data['BusinessCompany'][0] . '>' . JS_LANG_Company . ':</td> <td' . $data['BusinessCompany'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessCompany'][1]) . '</td> <td' . $data['BusinessJobTitle'][0] . '">' . JS_LANG_JobTitle . ':</td> <td' . $data['BusinessJobTitle'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessJobTitle'][1]) . '</td> </tr> <tr' . $class_12 . '> <td' . $data['BusinessDepartment'][0] . '>' . JS_LANG_Department . ':</td> <td' . $data['BusinessDepartment'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessDepartment'][1]) . '</td> <td' . $data['BusinessOffice'][0] . '>' . JS_LANG_Office . ':</td> <td' . $data['BusinessOffice'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessOffice'][1]) . '</td> </tr> <tr' . $data['BusinessStreet'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_StreetAddress . ':</td> <td colspan="3">' . ConvertUtils::WMHtmlSpecialChars($data['BusinessStreet'][1]) . '</td> </tr> <tr' . $class_13 . '> <td' . $data['BusinessCity'][0] . '>' . JS_LANG_City . ':</td> <td' . $data['BusinessCity'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessCity'][1]) . '</td> <td' . $data['BusinessFax'][0] . '>' . JS_LANG_Fax . ':</td> <td' . $data['BusinessFax'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessFax'][1]) . '</td> </tr> <tr' . $class_14 . '> <td' . $data['BusinessState'][0] . '>' . JS_LANG_StateProvince . ':</td> <td' . $data['BusinessState'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessState'][1]) . '</td> <td' . $data['BusinessPhone'][0] . '>' . JS_LANG_Phone . ':</td> <td' . $data['BusinessPhone'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessPhone'][1]) . '</td> </tr> <tr' . $class_15 . '> <td' . $data['BusinessZip'][0] . '>' . JS_LANG_ZipCode . ':</td> <td' . $data['BusinessZip'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessZip'][1]) . '</td> <td' . $data['BusinessCountry'][0] . '>' . JS_LANG_CountryRegion . ':</td> <td' . $data['BusinessCountry'][2] . '>' . ConvertUtils::WMHtmlSpecialChars($data['BusinessCountry'][1]) . '</td> </tr> <tr' . $data['BusinessWeb'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_WebPage . ':</td> <td colspan="3"> ' . ConvertUtils::WMHtmlSpecialChars($data['BusinessWeb'][1]) . ' </td> </tr> </table> <table' . $class_20 . '> <tr> <td class="wm_contacts_section_name" colspan="2">' . JS_LANG_Other . '</td> </tr> <tr' . $Birthday[0] . '> <td class="wm_contacts_view_title">' . JS_LANG_Birthday . ':</td> <td>' . $Birthday[1] . '</td> </tr> <tr' . $data['OtherEmail'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_OtherEmail . ':</td> <td><a href="#" onclick="return MessageToMail(\'' . ConvertUtils::AttributeQuote(ConvertUtils::ClearJavaScriptString(ConvertUtils::WMHtmlSpecialChars($data['OtherEmail'][1]), '\'')) . '\')">' . ConvertUtils::WMHtmlSpecialChars($data['OtherEmail'][1]) . '</a></td> </tr> <tr' . $data['Notes'][0] . '> <td class="wm_contacts_view_title">' . JS_LANG_Notes . ':</td> <td>' . ConvertUtils::WMHtmlSpecialChars($data['Notes'][1]) . '</td> </tr> </table> ' . $groupsHtml . ' <table class="wm_contacts_view"> <tr> <td> <a href="#" id="switch_to_edit">' . JS_LANG_EditContact . '</a> </td> </tr> </table> </div> <!-- --> <div id="editTbl" class="wm_hide"> <table class="wm_contacts_view"> <tr> <td class="wm_contacts_view_title" style="width: 25%;">' . JS_LANG_DefaultEmail . ':</td> <td style="width: 75%;"> <span id="notSpecified" class="wm_hide">' . JS_LANG_NotSpecifiedYet . '</span> <select id="select_default_email" class="wm_hide" style="width: 200px;"></select> <input id="input_default_email" name="input_default_email" type="text" value="' . ConvertUtils::AttributeQuote($Email[1]) . '" class="wm_input" maxlength="255"/> <input id="default_email_type" type="hidden" name="default_email_type" value="' . ConvertUtils::AttributeQuote($contact->PrimaryEmail) . '" /> </td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 25%;">' . JS_LANG_Name . ':</td> <td> <input class="wm_input" type="text" name="c_fullname" value="' . ConvertUtils::AttributeQuote($data['FullName'][1]) . '" id="c_fullname" maxlength="85" /></td> </tr> <tr> <td></td> <td> <input class="wm_checkbox" type="checkbox" name="use_friendly_name" id="use_friendly_name" value="1" ' . $useFrName . '> <label for="use_friendly_name">' . JS_LANG_UseFriendlyName1 . '</label><label class="wm_secondary_info wm_inline_info" for="use_friendly_name">' . JS_LANG_UseFriendlyName2 . '</label> </td> </tr> </table> <div class="wm_hide" id="more_info_div"> <table class="wm_contacts_view" style="width: 94%; margin: 0px 15px 2px 15px;"> <tr> <td style="text-align: right; border-top: solid 1px #8D8C89;"> <a href="" id="more_info_hide">' . JS_LANG_HideAddFields . '</a> </td> </tr> </table> <table class="wm_contacts_tab" onclick="ChangeTabVisibility(\'access\');"> <tr> <td> <span class="wm_contacts_tab_name"> ' . JS_LANG_Home . ' </span> <span class="wm_contacts_tab_mode"> <img id="button_access" src="skins/' . $skinName . '/menu/arrow_up.gif"> </span> </td> </tr> </table> <table ' . $class_00 . ' id="access"> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_PersonalEmail . ':</td> <td style="width: 80%;" colspan="4"><input autocomplete="off" class="wm_input" type="text" size="45" id="personal_email" name="personal_email" value="' . ConvertUtils::AttributeQuote($data['HomeEmail'][1]) . '" maxlength="255" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_StreetAddress . ':</td> <td colspan="4"><textarea class="wm_input" rows="2" cols="35" name="personal_street" rows="4">' . $data['HomeStreet'][1] . '</textarea></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_City . ':</td> <td style="width: 30%;"><input class="wm_input" type="text" size="18" name="personal_city" value="' . ConvertUtils::AttributeQuote($data['HomeCity'][1]) . '" maxlength="65" /></td> <td style="width: 10%;"></td> <td class="wm_contacts_view_title" style="width: 10%;">' . JS_LANG_Fax . ':</td> <td style="width: 30%;"><input class="wm_input" type="text" size="18" name="personal_fax" value="' . ConvertUtils::AttributeQuote($data['HomeFax'][1]) . '" maxlength="50"/></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_StateProvince . ':</td> <td><input class="wm_input" type="text" size="18" name="personal_state" value="' . ConvertUtils::AttributeQuote($data['HomeState'][1]) . '" maxlength="65" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_Phone . ':</td> <td><input class="wm_input" type="text" size="18" name="personal_phone" value="' . ConvertUtils::AttributeQuote($data['HomePhone'][1]) . '" maxlength="50" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_ZipCode . ':</td> <td><input class="wm_input" type="text" size="18" name="personal_zip" value="' . ConvertUtils::AttributeQuote($data['HomeZip'][1]) . '" maxlength="10" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_Mobile . ':</td> <td><input class="wm_input" type="text" size="18" name="personal_mobile" value="' . ConvertUtils::AttributeQuote($data['HomeMobile'][1]) . '" maxlength="50" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_CountryRegion . ':</td> <td colspan="4"><input class="wm_input" type="text" size="18" name="personal_country" value="' . ConvertUtils::AttributeQuote($data['HomeCountry'][1]) . '" maxlength="65" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_WebPage . ':</td> <td colspan="4"> <input class="wm_input" type="text" size="45" name="personal_web" id="personal_web" value="' . ConvertUtils::AttributeQuote($data['HomeWeb'][1]) . '" maxlength="255" /> <input class="wm_button" type="button" value="' . ConvertUtils::AttributeQuote(JS_LANG_Go) . '" onClick="dolocation(\'personal_web\');" /> </td> </tr> </table> <table class="wm_contacts_tab" onclick="ChangeTabVisibility(\'online_addresses\');"> <tr> <td> <span class="wm_contacts_tab_name"> ' . JS_LANG_Business . ' </span> <span class="wm_contacts_tab_mode"> <img id="button_online_addresses" src="skins/' . $skinName . '/menu/arrow_down.gif"> </span> </td> </tr> </table> <table ' . $class_10 . ' id="online_addresses"> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_BusinessEmail . ':</td> <td style="width: 80%;" colspan="4"><input class="wm_input" autocomplete="off" type="text" id="business_email" name="business_email" size="45" value="' . ConvertUtils::AttributeQuote($data['BusinessEmail'][1]) . '" maxlength="255" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_Company . ':</td> <td style="width: 30%;"><input class="wm_input" type="text" size="18" name="business_company" value="' . ConvertUtils::AttributeQuote($data['BusinessCompany'][1]) . '" maxlength="65" /></td> <td style="width: 5%;"></td> <td class="wm_contacts_view_title" style="width: 15%;">' . JS_LANG_JobTitle . ':</td> <td style="width: 30%;"><input class="wm_input" type="text" size="18" name="business_job" value="' . ConvertUtils::AttributeQuote($data['BusinessJobTitle'][1]) . '" maxlength="30" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_Department . ':</td> <td><input class="wm_input" type="text" size="18" name="business_departament" value="' . ConvertUtils::AttributeQuote($data['BusinessDepartment'][1]) . '" maxlength="65" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_Office . ':</td> <td><input class="wm_input" type="text" size="18" name="business_office" value="' . ConvertUtils::AttributeQuote($data['BusinessOffice'][1]) . '" maxlength="65" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_StreetAddress . ':</td> <td colspan="4"><textarea rows="2" class="wm_input" cols="35" name="business_street" rows="4">' . $data['BusinessStreet'][1] . '</textarea></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_City . ':</td> <td><input class="wm_input" type="text" size="18" name="business_city" value="' . ConvertUtils::AttributeQuote($data['BusinessCity'][1]) . '" maxlength="65" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_Fax . ':</td> <td><input class="wm_input" type="text" size="18" name="business_fax" value="' . ConvertUtils::AttributeQuote($data['BusinessFax'][1]) . '" maxlength="50" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_StateProvince . ':</td> <td><input class="wm_input" type="text" size="18" name="business_state" value="' . ConvertUtils::AttributeQuote($data['BusinessState'][1]) . '" maxlength="65" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_Phone . ':</td> <td><input class="wm_input" type="text" size="18" name="business_phone" value="' . ConvertUtils::AttributeQuote($data['BusinessPhone'][1]) . '" maxlength="50" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_ZipCode . ':</td> <td><input class="wm_input" type="text" size="18" name="business_zip" value="' . ConvertUtils::AttributeQuote($data['BusinessZip'][1]) . '" maxlength="10" /></td> <td></td> <td class="wm_contacts_view_title">' . JS_LANG_CountryRegion . ':</td> <td colspan="4"><input class="wm_input" type="text" name="business_country" size="18" value="' . ConvertUtils::AttributeQuote($data['BusinessCountry'][1]) . '" maxlength="65" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_WebPage . ':</td> <td colspan="4"> <input class="wm_input" type="text" size="45" id="business_web" name="business_web" value="' . ConvertUtils::AttributeQuote($data['BusinessWeb'][1]) . '" maxlength="255" /> <input class="wm_button" type="button" value="' . ConvertUtils::AttributeQuote(JS_LANG_Go) . '" onClick="dolocation(\'business_web\');" /> </td> </tr> </table> <table class="wm_contacts_tab" onclick="ChangeTabVisibility(\'phone_numbers\');"> <tr> <td> <span class="wm_contacts_tab_name"> ' . JS_LANG_Other . ' </span> <span class="wm_contacts_tab_mode"> <img id="button_phone_numbers" src="skins/' . $skinName . '/menu/arrow_down.gif"> </span> </td> </tr> </table> <table ' . $class_20 . ' id="phone_numbers"> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_Birthday . ':</td> <td> <select name="birthday_month"> <option value="0">' . JS_LANG_Month . '</option> ' . $monthsSelect . ' </select> <select name="birthday_day"> <option value="0">' . JS_LANG_Day . '</option> ' . $daysSelect . ' </select> <select name="birthday_year"> <option value="0">' . JS_LANG_Year . '</option> ' . $yearsSelect . ' </select> </td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_OtherEmail . ':</td> <td style="width: 80%;"><input class="wm_input" autocomplete="off" id="other_email" name="other_email" type="text" size="45" value="' . ConvertUtils::AttributeQuote($data['OtherEmail'][1]) . '" maxlength="255" /></td> </tr> <tr> <td class="wm_contacts_view_title" style="width: 20%;">' . JS_LANG_Notes . ':</td> <td><textarea rows="2" class="wm_input" cols="35" rows="4" name="other_notes">' . $data['Notes'][1] . '</textarea></td> </tr> </table> ' . $groupsHtml2 . ' </div> <table class="wm_contacts_view" style="width: 94%; margin: 0px 15px 2px 15px;"> <tr> <td style="text-align: right;"> <a href="" id="more_info_show">' . JS_LANG_ShowAddFields . '</a> </td> </tr> <tr> <td style="text-align: right; border-top: solid 1px #8D8C89;"> <input type="submit" class="wm_button" value="' . ConvertUtils::AttributeQuote(JS_LANG_Save) . '" /> <input type="button" class="wm_button" name="cancle" value="' . ConvertUtils::AttributeQuote(JS_LANG_Cancel) . '" ID="Cancel" onclick="DoCancle();" /> </td> </tr> </table> </div></form>'; } else { $out = ''; } return $out; }
<?php define('IN_FS', true); header('Content-type: text/html; charset=utf-8'); $webdir = dirname(dirname(dirname(htmlspecialchars($_SERVER['PHP_SELF'], ENT_QUOTES, 'utf-8')))); require_once '../../header.php'; if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) { $user = new User(Cookie::val('flyspray_userid')); $user->check_account_ok(); } else { $user = new User(0, $proj); } # TODO csrftoken checking echo TextFormatter::render(Post::val('text'));
function _onsubmit() { global $fs, $db, $proj, $user; $proj = new Project(0); $proj->setCookie(); $action = Post::val('action'); list($type, $msg, $url) = $this->handle('action', $action); if ($type != NO_SUBMIT) { $fs = new Flyspray(); $user->get_perms(); } return array($type, $msg, $url); }
function show() { global $db, $page, $fs, $proj, $do; $page = new FSTpl(); $page->setTheme($proj->prefs['theme_style']); $page->assign('do', $do); $page->pushTpl('baseheader.tpl'); $assignees = ''; if (Get::val('onlyassignees')) { $assignees = 'AND (g.show_as_assignees = 1 OR g.is_admin = 1)'; } $query = 'SELECT g.group_id, g.group_name, g.group_desc, g.group_open, count(u.user_id) AS num_users FROM {groups} g LEFT JOIN {users_in_groups} uig ON uig.group_id = g.group_id LEFT JOIN {users} u ON (uig.user_id = u.user_id ' . $assignees . ') WHERE g.project_id = ? GROUP BY g.group_id'; $page->assign('groups', $db->x->getAll($query, null, $proj->id)); $page->assign('globalgroups', $db->x->getAll($query, null, 0)); // Search conditions $where = array(); $params = array(); foreach (array('user_name', 'real_name') as $key) { if (Post::val($key)) { $where[] = ' ' . $key . ' LIKE ? '; $params[] = '%' . Post::val($key) . '%'; } } $where = count($where) ? implode(' OR ', $where) : '1=1'; // fill the table with users if (Get::val('group_id', -1) > 0) { $order_keys = array('username' => 'user_name', 'realname' => 'real_name'); $order_column = $order_keys[Filters::enum(Get::val('order', 'username'), array_keys($order_keys))]; $sortorder = sprintf('ORDER BY %s %s, u.user_id ASC', $order_column, Filters::enum(Get::val('sort', 'desc'), array('asc', 'desc'))); $users = $db->x->getAll('SELECT u.user_id, user_name, real_name, email_address FROM {users} u LEFT JOIN {users_in_groups} uig ON uig.user_id = u.user_id LEFT JOIN {groups} g ON uig.group_id = g.group_id WHERE uig.group_id = ? ' . $assignees . ' AND ( ' . $where . ' )' . $sortorder, null, array_merge(array(Get::val('group_id')), $params)); // Offset and limit $user_list = array(); $offset = max(Get::num('pagenum') - 1, 0) * 20; for ($i = $offset; $i < $offset + 20 && $i < count($users); $i++) { $user_list[] = $users[$i]; } $page->assign('users', $user_list); } else { // be tricky ^^: show most assigned users $db->setLimit(20); $users = $db->x->getAll('SELECT a.user_id, u.user_name, u.real_name, email_address, count(a.user_id) AS a_count, CASE WHEN t.project_id = ? THEN 1 ELSE 0 END AS my_project FROM {assigned} a LEFT JOIN {users} u ON a.user_id = u.user_id LEFT JOIN {tasks} t ON a.task_id = t.task_id WHERE ( ' . $where . ' )' . ' AND u.account_enabled = 1 GROUP BY a.user_id ORDER BY my_project DESC, a_count DESC', null, array_merge(array($proj->id), $params)); $page->assign('users', $users); } $page->assign('usercount', count($users)); $page->setTitle($fs->prefs['page_title'] . L('userselect')); $page->pushTpl('userselect.tpl'); $page->finish(); }
/** * @param Account $account * @return WebMailMessage */ function &CreateMessageFromPost(&$account) { $message =& new WebMailMessage(); $GLOBALS[MailDefaultCharset] = $account->GetUserCharset(); $GLOBALS[MailInputCharset] = $account->GetUserCharset(); $GLOBALS[MailOutputCharset] = $account->GetDefaultOutCharset(); $message->Headers->SetHeaderByName(MIMEConst_MimeVersion, '1.0'); $message->Headers->SetHeaderByName(MIMEConst_XMailer, 'MailBee WebMail Pro PHP'); $message->Headers->SetHeaderByName(MIMEConst_XOriginatingIp, isset($_SERVER['REMOTE_ADDR']) ? $_SERVER['REMOTE_ADDR'] : '0.0.0.0'); $message->IdMsg = Post::val('m_id', -1); $message->SetPriority(Post::val('priority_input', 3)); $message->DbPriority = Post::val('priority_input', 3); $message->Uid = Post::val('m_uid', ''); $message->Headers->SetHeaderByName(MIMEConst_MessageID, '<' . substr(session_id(), 0, 7) . '.' . md5(time()) . '@' . $_SERVER['SERVER_NAME'] . '>'); $temp = Post::val('from', ''); if ($temp) { $message->SetFromAsString($temp); } $temp = Post::val('toemail', ''); if ($temp) { $message->SetToAsString($temp); } $temp = Post::val('toCC', ''); if ($temp) { $message->SetCcAsString($temp); } $temp = Post::val('toBCC', ''); if ($temp) { $message->SetBccAsString($temp); } $temp = Post::val('subject', ''); if ($temp) { $message->SetSubject($temp); } $message->SetDate(new CDateTime(time())); if (Post::val('ishtml', 0)) { $message->TextBodies->HtmlTextBodyPart = ConvertUtils::BackImagesToHtmlBody(Post::val('message', '')); } else { $message->TextBodies->PlainTextBodyPart = ConvertUtils::BackImagesToHtmlBody(Post::val('message', '')); } $attachments = Post::val('attachments'); if ($attachments && is_array($attachments)) { $fs =& new FileSystem(INI_DIR . '/temp', $account->Email, $account->Id); $attfolder =& new Folder($account->Id, -1, Session::val('attachtempdir')); foreach ($attachments as $key => $value) { if (Session::val('attachtempdir')) { $attachCid = 'attach.php?tn=' . $key; $replaceCid = md5(time() . $value); $mime_type = ConvertUtils::GetContentTypeFromFileName($value); $message->Attachments->AddFromFile($fs->GetFolderFullPath($attfolder) . '/' . $key, $value, $mime_type, false); if (Post::val('ishtml', 0)) { if (strpos($message->TextBodies->HtmlTextBodyPart, $attachCid) !== false) { $attachment =& $message->Attachments->GetLast(); $attachment->MimePart->Headers->SetHeaderByName(MIMEConst_ContentID, '<' . $replaceCid . '>'); $message->TextBodies->HtmlTextBodyPart = str_replace($attachCid, 'cid:' . $replaceCid, $message->TextBodies->HtmlTextBodyPart); $attachname = ConvertUtils::EncodeHeaderString($value, $account->GetUserCharset(), $GLOBALS[MailOutputCharset]); $attachment->MimePart->Headers->SetHeaderByName(MIMEConst_ContentDisposition, MIMEConst_InlineLower . ';' . CRLF . "\t" . MIMEConst_FilenameLower . '="' . $attachname . '"', false); } } } } } return $message; }
/** * @return BaseProcessor */ function BaseProcessor() { if (!Session::has(ACCOUNT_ID)) { $this->SetError(1); } $accountId = Session::val(ACCOUNT_ID); $this->sArray = Session::val(SARRAY, array()); $this->settings =& Settings::CreateInstance(); if (!$this->settings || !$this->settings->isLoad) { $this->SetError(3); } if ($accountId) { if (Get::has(CHANGE_ACCID)) { $oldaccount =& Account::LoadFromDb(Session::val(ACCOUNT_ID, -1)); $accountId = Get::val(CHANGE_ACCID); if (!isset($_SESSION['attachtempdir'])) { $_SESSION['attachtempdir'] = md5(session_id()); } $fs =& new FileSystem(INI_DIR . '/temp', $oldaccount->Email, $oldaccount->Id); $attfolder =& new Folder($oldaccount->Id, -1, $_SESSION['attachtempdir']); $fs->DeleteDir($attfolder); unset($fs, $attfolder); $this->sArray[ACCOUNT_ID] = $accountId; $this->account =& Account::LoadFromDb($accountId); if (!$this->account || $this->account->IdUser != $oldaccount->IdUser) { $this->account = null; } else { $_SESSION[ACCOUNT_ID] = $accountId; unset($_SESSION[SARRAY]); $this->sArray = array(); } } else { $this->sArray[ACCOUNT_ID] = $accountId; $this->account =& Account::LoadFromDb($accountId); } if (!$this->account) { $this->SetError(2); } } else { $this->SetError(1); } if (!isset($this->sArray[ACCOUNT_ID]) || $this->sArray[ACCOUNT_ID] != $accountId) { $this->sArray[EDIT_ACCOUNT_ID] = $accountId; } $this->processor =& new MailProcessor($this->account); if (!$this->processor->DbStorage || !$this->processor->DbStorage->Connect()) { $this->SetError(5); } $this->db =& $this->processor->DbStorage; $this->accounts =& $this->GetAccounts(); $skins =& FileSystem::GetSkinsList(); $hasDefSettingsSkin = false; $normalSkin = false; foreach ($skins as $skinName) { if ($skinName == $this->settings->DefaultSkin) { $hasDefSettingsSkin = true; } if ($skinName == $this->account->DefaultSkin) { $normalSkin = true; break; } } if (!$normalSkin) { $this->account->DefaultSkin = $hasDefSettingsSkin ? $this->settings->DefaultSkin : ($this->account->DefaultSkin = $skins[0]); } $_SESSION[ATTACH_DIR] = Session::val(ATTACH_DIR, md5(session_id())); if (isset($this->sArray[SCREEN])) { $screen = Get::val(SCREEN, $this->sArray[SCREEN]); $this->sArray[SCREEN] = $screen; if ($this->account->AllowChangeSettings == false && ($screen == SET_ACCOUNT_PROF || $screen == SET_ACCOUNT_ADDACC)) { $this->sArray[SCREEN] = SCREEN_MAILBOX; } if (!$this->settings->AllowContacts && $screen == SCREEN_CONTACTS) { $this->sArray[SCREEN] = SCREEN_MAILBOX; } } else { $this->sArray[SCREEN] = Get::val(SCREEN, SCREEN_MAILBOX); } if (isset($this->sArray[FOLDER_ID])) { $this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, $this->sArray[FOLDER_ID]); } else { $this->sArray[FOLDER_ID] = Get::val(FOLDER_ID, -1); } if (Get::has(FOLDER_ID) || Get::has(SCREEN)) { if (isset($this->sArray[SEARCH_ARRAY])) { unset($this->sArray[SEARCH_ARRAY]); } } if (Session::has(GOTOFOLDER)) { $this->sArray[GOTOFOLDER] = Session::val(GOTOFOLDER, ''); unset($_SESSION[GOTOFOLDER]); } if (isset($this->sArray[PAGE])) { $this->sArray[PAGE] = Get::val(PAGE, $this->sArray[PAGE]); } else { $this->sArray[PAGE] = 1; } if (Get::has(S_GETMODE)) { $this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODE, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', ''); if (!empty($this->sArray[SEARCH_ARRAY][S_TEXT])) { $this->sArray[SEARCH_ARRAY][S_FOLDER] = Post::val('qfolder', -2); $this->sArray[SEARCH_ARRAY][S_MODE] = Post::val('qmmode', 'onlyheaders'); $this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER]; $this->sArray[PAGE] = 1; } else { if (Post::val('qfolder', -2) < 1) { $this->sArray[FOLDER_ID] = -1; } unset($this->sArray[SEARCH_ARRAY]); $this->sArray[PAGE] = 1; } } if (Get::has(S_GETMODECONTACT)) { $this->sArray[SEARCH_ARRAY][S_TEXT] = Get::val(S_GETMODECONTACT, 'mini') == 'mini' ? Post::val('smallLookFor', '') : Post::val('bigLookFor', ''); $this->sArray[CONTACT_ID] = Post::val(CONTACT_ID, -1); $this->sArray[CONTACT_PAGE] = 1; } if (isset($this->sArray[SEARCH_ARRAY][S_FOLDER])) { $this->sArray[FOLDER_ID] = $this->sArray[SEARCH_ARRAY][S_FOLDER]; } if (isset($this->sArray[EDIT_ACCOUNT_ID])) { $this->sArray[EDIT_ACCOUNT_ID] = Get::val(EDIT_ACCOUNT_ID, $this->sArray[EDIT_ACCOUNT_ID]); } else { $this->sArray[EDIT_ACCOUNT_ID] = $accountId; } if (Get::has(EDIT_ACCOUNT_ID)) { $this->sArray[SCREEN] = $this->sArray[SCREEN] == SET_ACCOUNT_ADDACC ? SET_ACCOUNT_PROF : $this->sArray[SCREEN]; } $this->sArray[CONTACT_PAGE] = isset($this->sArray[CONTACT_PAGE]) ? Get::val(CONTACT_PAGE, $this->sArray[CONTACT_PAGE]) : Get::val(CONTACT_PAGE, 1); $this->sArray[CONTACT_ORD] = isset($this->sArray[CONTACT_ORD]) ? Get::val(CONTACT_ORD, $this->sArray[CONTACT_ORD]) : Get::val(CONTACT_ORD, 0); if (isset($this->sArray[CONTACT_FLD])) { if (Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]) != $this->sArray[CONTACT_FLD]) { $this->sArray[CONTACT_ORD] = 0; } $this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, $this->sArray[CONTACT_FLD]); } else { $this->sArray[CONTACT_FLD] = Get::val(CONTACT_FLD, 0); } if (isset($_COOKIE['wm_vert_resizer']) || isset($_COOKIE['wm_horiz_resizer']) || isset($_COOKIE['wm_hide_folders'])) { if (isset($_COOKIE['wm_vert_resizer']) && strlen($_COOKIE['wm_vert_resizer']) > 0) { $this->account->VertResizer = (int) $_COOKIE['wm_vert_resizer']; setcookie('wm_vert_resizer', '0', time() - 24 * 3600); } if (isset($_COOKIE['wm_horiz_resizer']) && strlen($_COOKIE['wm_horiz_resizer']) > 0) { $this->account->HorizResizer = (int) $_COOKIE['wm_horiz_resizer']; setcookie('wm_horiz_resizer', '0', time() - 24 * 3600); } if (isset($_COOKIE['wm_hide_folders']) && strlen($_COOKIE['wm_hide_folders']) > 0) { $this->account->HideFolders = (bool) $_COOKIE['wm_hide_folders']; setcookie('wm_hide_folders', '0', time() - 24 * 3600); } $this->account->Update(); } $this->FillData(); $this->UpdateSession(); }
if (($project_id = Cookie::val('flyspray_project')) == '') { $project_id = $fs->prefs['default_project']; } $project_id = Req::val('project', Req::val('project_id', $project_id)); } $proj = new Project($project_id); // reset do for default project level entry page if (!in_array($do, $modes)) { $do = $do ? Req::enum('do', $modes, $proj->prefs['default_entry']) : $proj->prefs['default_entry']; } $proj->setCookie(); $user = new User($uid = 0); // verify and initiate user $auth = new FlysprayAuth(); if (Post::val('user_name') && Post::has('password')) { $uid = $auth->checkLogin(Post::val('user_name'), Post::val('password')); if (is_array($uid)) { FlysprayDo::error($uid); } } else { if (Cookie::val('flyspray_userid') && $auth->checkCookie(Cookie::val('flyspray_userid'), Cookie::val('flyspray_passhash'))) { $uid = Cookie::val('flyspray_userid'); } } $user = new User($uid); // Load translations load_translations(); function debuglog($str) { $file = fopen("debug.log", "a+"); fwrite($file, $str . "\n");
$db->dblink->StartTrans(); fix_duplicate_list_entries(true); foreach ($folders as $folder) { if (version_compare($installed_version, $folder, '<=')) { $uplog[] = "Start {$installed_version} to {$folder}"; $uplog[] = execute_upgrade_file($folder, $installed_version); $installed_version = $folder; $uplog[] = "End {$installed_version} to {$folder}"; } } # maybe as Filter: $out=html2wiki($input, 'wikistyle'); and $out=wiki2html($input, 'wikistyle') ? # No need for any filter, because dokuwiki format wouldn't be touched anyway. But maybe ask the user # first and explain that html-formatting is now used instead of plain text on installations that didn't # use dokuwiki format. Then, adding paragraph tags and line breaks might enhance readability. // For testing, do not use yet, have to discuss this one with others. if ((!isset($conf['general']['syntax_plugin']) || !$conf['general']['syntax_plugin'] || $conf['general']['syntax_plugin'] == 'none') && Post::val('yes_please_do_convert')) { convert_old_entries('tasks', 'detailed_desc', 'task_id'); convert_old_entries('projects', 'intro_message', 'project_id'); convert_old_entries('projects', 'default_task', 'project_id'); convert_old_entries('comments', 'comment_text', 'comment_id'); $page->assign('conversion', true); } else { $page->assign('conversion', false); } // we should be done at this point $db->Query('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array($fs->version, 'fs_ver')); // Fix the sequence in tasks table for PostgreSQL. if ($db->dblink->dataProvider == 'postgres') { $rslt = $db->Query('SELECT MAX(task_id) FROM {tasks}'); $maxid = $db->FetchOne($rslt); // The correct sequence should normally have a name containing at least both the table and column name in this format.
} if (!$user->can_open_task($proj)) { Flyspray::show_error(15); } $page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('newtask')); $result = $db->Query(' SELECT u.user_id, u.user_name, u.real_name, g.group_id, g.group_name, g.project_id FROM {users} u JOIN {users_in_groups} uig ON u.user_id = uig.user_id JOIN {groups} g ON g.group_id = uig.group_id WHERE (g.show_as_assignees = 1 OR g.is_admin = 1) AND (g.project_id = 0 OR g.project_id = ?) AND u.account_enabled = 1 ORDER BY g.project_id ASC, g.group_name ASC, u.user_name ASC', $proj->id); $userlist = array(); $userids = array(); while ($row = $db->FetchRow($result)) { if (!in_array($row['user_id'], $userids)) { $userlist[$row['group_id']][] = array(0 => $row['user_id'], 1 => sprintf('%s (%s)', $row['user_name'], $row['real_name']), 2 => $row['project_id'], 3 => $row['group_name']); $userids[] = $row['user_id']; } else { # user is probably in a global group with assignee permission listed, so no need to show second time in a project group. } } $assignees = array(); if (is_array(Post::val('rassigned_to'))) { $assignees = Post::val('rassigned_to'); } $page->assign('assignees', $assignees); $page->assign('userlist', $userlist); $page->assign('old_assigned', ''); $page->pushTpl('newtask.tpl');
Flyspray::Redirect(CreateURL('details', $show_task)); } else { Flyspray::Redirect($baseurl . '?string=' . $show_task); } } if (Flyspray::requestDuplicated()) { // Check that this page isn't being submitted twice Flyspray::show_error(3); } # handle all forms request that modify data if (Req::has('action')) { # enforcing if the form sent the correct anti csrf token # only allow token by post if (!Post::has('csrftoken')) { die('missingtoken'); } elseif (Post::val('csrftoken') == $_SESSION['csrftoken']) { require_once BASEDIR . '/includes/modify.inc.php'; } else { die('wrongtoken'); } } # start collecting infos for the answer page if ($proj->id && $user->perms('manage_project')) { // Find out if there are any PM requests wanting attention $sql = $db->Query('SELECT COUNT(*) FROM {admin_requests} WHERE project_id = ? AND resolved_by = 0', array($proj->id)); list($count) = $db->fetchRow($sql); $page->assign('pm_pendingreq_num', $count); } if ($user->perms('is_admin')) { $sql = $db->Query('SELECT COUNT(*) FROM {admin_requests} WHERE request_type = 3 AND project_id = 0 AND resolved_by = 0'); list($count) = $db->fetchRow($sql);
function _onsubmit() { global $page, $db; $area = Post::val('action'); return $this->handle('action', $area); }
AND (g.project_id = 0 OR g.project_id = ?) AND u.account_enabled = 1 ORDER BY g.project_id ASC, g.group_name ASC, u.user_name ASC', $proj->id ? $proj->id : -1); // FIXME: -1 is a hack. when $proj->id is 0 the query fails $userlist = array(); $userids = array(); while ($row = $db->FetchRow($result)) { if (!in_array($row['user_id'], $userids)) { $userlist[$row['group_id']][] = array(0 => $row['user_id'], 1 => sprintf('%s (%s)', $row['user_name'], $row['real_name']), 2 => $row['project_id'], 3 => $row['group_name']); $userids[] = $row['user_id']; } else { # user is probably in a global group with assignee permission listed, so no need to show second time in a project group. } } if (is_array(Post::val('rassigned_to'))) { $page->assign('assignees', Post::val('rassigned_to')); } else { $assignees = $db->Query('SELECT user_id FROM {assigned} WHERE task_id = ?', $task_details['task_id']); $page->assign('assignees', $db->FetchCol($assignees)); } $page->assign('userlist', $userlist); # Build the category select array, a movetask or normal taskedit # then in the template just use tpl_select($catselect); # keep last category selection $catselected = Req::val('product_category', $task_details['product_category']); if (isset($move) && $move == 1) { # listglobalcats $gcats = $proj->listCategories(0); if (count($gcats) > 0) { foreach ($gcats as $cat) { $gcatopts[] = array('value' => $cat['category_id'], 'label' => $cat['category_name']);
} ?> <td id="td_message"> <div id="message" class="wm_message"> <?php $messageText = $isHtml ? ConvertUtils::ReplaceJSMethod($message->PrintHtmlBody(true)) : nl2br($message->PrintPlainBody()); echo $messageText; ?> </div> </td> </tr> <?php if ($message->GetTypeOfMessage() > 2) { echo '<tr class="wm_lowtoolbar" id="lowtoolbar"><td colspan="3"><span class="wm_lowtoolbar_plain_html">'; if (Post::val('plain', '-1') == -1 || Post::val('plain', '-1') == 3) { echo '<span id="message_switcher"><a href="#" onclick="ChangeBody(2); return false;">Switch to Plain Text View</a></span>'; } else { echo '<span id="message_switcher"><a href="#" onclick="ChangeBody(3); return false;">Switch to Html View</a></span>'; } echo '</span></td></tr>'; } ?> </table> <script language="JavaScript"> function Init() { Headers = new CHeaders(); Message = new CMessage(); FullHeaders = new CFullHeadersViewer();
public function addfrom($method = 'get', $vars = array()) { $append = ''; foreach ($vars as $key) { $append .= http_build_query($method == 'get' ? Get::val($key) : Post::val($key)) . '&'; } $append = substr($append, 0, -1); $separator = ini_get('arg_separator.output'); if (strlen($separator) != 0) { $append = str_replace($separator, '&', $append); } if ($this->getinfo('query')) { $this->parsed['query'] .= '&' . $append; } else { $this->parsed['query'] = $append; } }
function _onsubmit() { global $fs, $db, $proj, $user; $action = Post::val('action'); list($type, $msg, $url) = $this->handle('action', $action); if ($type != NO_SUBMIT) { $proj = new Project($proj->id); } return array($type, $msg, $url); }
function _onsubmit() { $area = Post::val('action'); return $this->handle('action', $area); }
$sql = $db->Query('SELECT pref_value FROM {prefs} WHERE pref_name = ?', array('fs_ver')); $installed_version = $db->FetchOne($sql); $page = new Tpl(); $page->assign('title', 'Upgrade '); $page->assign('short_version', UPGRADE_VERSION); //cleanup //the cache dir @rmdirr(sprintf('%s/cache/dokuwiki', APPLICATION_PATH)); // --------------------------------------------------------------------- // Now the hard work // --------------------------------------------------------------------- // Find out which upgrades need to be run $folders = glob_compat(BASEDIR . '/upgrade/[0-9]*'); usort($folders, 'version_compare'); // start with lowest version if (Post::val('upgrade')) { $uplog = array(); $uplog[] = "Start database transaction"; $db->dblink->StartTrans(); fix_duplicate_list_entries(true); foreach ($folders as $folder) { if (version_compare($installed_version, $folder, '<=')) { $uplog[] = "Start {$installed_version} to {$folder}"; $uplog[] = execute_upgrade_file($folder, $installed_version); $installed_version = $folder; $uplog[] = "End {$installed_version} to {$folder}"; } } $db->Query('UPDATE {projects} SET theme_style = \'CleanFS\''); # maybe as Filter: $out=html2wiki($input, 'wikistyle'); and $out=wiki2html($input, 'wikistyle') ? // For testing, do not use yet, have to discuss this one with others.
/** * Adds a new task * @param array $args array containing all task properties. unknown properties will be ignored * @access public * @return array(error type, msg, false) or array(task ID, token, true) * @version 1.0 * @notes $args is POST data, bad..bad user.. */ function create_task($args) { global $db, $user, $proj, $fs; if ($proj->id != $args['project_id']) { $proj = new Project($args['project_id']); } if (!$user->can_open_task($proj) || count($args) < 3) { return array(ERROR_RECOVER, L('missingrequired'), false); } // check required fields if (!(($item_summary = $args['item_summary']) && ($detailed_desc = $args['detailed_desc']))) { return array(ERROR_RECOVER, L('summaryanddetails'), false); } foreach ($proj->fields as $field) { if ($field->prefs['value_required'] && !array_get($args, 'field' . $field->id) && !($field->prefs['force_default'] && !$user->perms('modify_all_tasks'))) { return array(ERROR_RECOVER, L('missingrequired') . ' (' . $field->prefs['field_name'] . ')', false); } } if ($user->isAnon() && $fs->prefs['use_recaptcha']) { include_once BASEDIR . '/includes/external/recaptchalib.php'; $solution = new reCAPTCHA_Solution(); $solution->privatekey = $fs->prefs['recaptcha_priv_key']; $solution->challenge = Post::val('recaptcha_challenge_field'); $solution->response = Post::val('recaptcha_response_field'); $solution->remoteip = $_SERVER['REMOTE_ADDR']; if (!$solution->isValid()) { return array(ERROR_RECOVER, $solution->error_code, false); } } $sql_values = array(time(), time(), $args['project_id'], $item_summary, $detailed_desc, intval($user->id), 0); $sql_params[] = 'mark_private'; $sql_values[] = isset($args['mark_private']) && $args['mark_private'] == '1'; $sql_params[] = 'closure_comment'; $sql_values[] = ''; $sql_params[] = 'syntax_plugins'; $plugins = trim(implode(' ', array_get($args, 'detailed_desc_syntax_plugins', array()))); if (!$plugins) { $plugins = $proj->prefs['syntax_plugins']; } $sql_values[] = $plugins; // Token for anonymous users $token = ''; if ($user->isAnon()) { $token = md5(uniqid(mt_rand(), true)); $sql_params[] = 'task_token'; $sql_values[] = $token; } $sql_params[] = 'anon_email'; $sql_values[] = array_get($args, 'anon_email', ''); $sql_cols = array_merge(array('date_opened', 'last_edited_time', 'project_id', 'item_summary', 'detailed_desc', 'opened_by', 'percent_complete'), $sql_params); $db->x->autoExecute('{tasks}', array_combine($sql_cols, $sql_values)); $task_id = $db->lastInsertID(); // [RED] Add task to redundancy table (opened by, last_changed_time) $db->x->autoExecute('{redundant}', array('task_id' => $task_id, 'last_changed_time' => time(), 'opened_by_real_name' => $user->infos['real_name'], 'opened_by_user_name' => $user->infos['user_name'], 'last_changed_by_real_name' => $user->infos['real_name'], 'last_changed_by_user_name' => $user->infos['user_name'])); // Per project task ID $prefix_id = $db->x->GetOne('SELECT MAX(prefix_id)+1 FROM {tasks} WHERE project_id = ?', null, $proj->id); $db->x->execParam('UPDATE {tasks} SET prefix_id = ? WHERE task_id = ?', array($prefix_id, $task_id)); // Now the custom fields if (count($proj->fields)) { $stmt = $db->x->autoPrepare('{field_values}', array('task_id', 'field_id', 'field_value')); foreach ($proj->fields as $field) { $stmt->execute(array($task_id, $field->id, $field->read(array_get($args, 'field' . $field->id, 0)))); } $stmt->free(); } $assignees = array(); if (isset($args['assigned_to'])) { // Prepare assignee list $assignees = explode(';', trim($args['assigned_to'])); $assignees = array_map(array('Flyspray', 'UserNameToId'), $assignees); $assignees = array_filter($assignees, create_function('$x', 'return ($x > 0);')); // Log the assignments and send notifications to the assignees if (count($assignees)) { // Convert assigned_to and store them in the 'assigned' table foreach ($assignees as $val) { $fields = array('user_id' => array('value' => $val, 'key' => true), 'task_id' => array('value' => $task_id, 'key' => true)); $db->Replace('{assigned}', $fields); } Flyspray::logEvent($task_id, 14, implode(' ', $assignees)); // Notify the new assignees what happened. This obviously won't happen if the task is now assigned to no-one. Notifications::send($assignees, ADDRESS_USER, NOTIFY_NEW_ASSIGNEE, array('task_id' => $task_id)); } } // Log that the task was opened Flyspray::logEvent($task_id, 1); // find category owners $owners = array(); foreach ($proj->fields as $field) { if ($field->prefs['list_type'] != LIST_CATEGORY) { continue; } $cat = $db->x->getRow('SELECT * FROM {list_category} WHERE category_id = ?', null, array_get($args, 'field' . $field->id, 0)); if ($cat['category_owner']) { $owners[] = $cat['category_owner']; } else { // check parent categories $sql = $db->x->getAll('SELECT * FROM {list_category} WHERE lft < ? AND rgt > ? AND list_id = ? ORDER BY lft DESC', null, array($cat['lft'], $cat['rgt'], $cat['list_id'])); foreach ($sql as $row) { // If there's a parent category owner, send to them if ($row['category_owner']) { $owners[] = $row['category_owner']; break; } } } } // last try... if (!count($owners) && $proj->prefs['default_cat_owner']) { $owners[] = $proj->prefs['default_cat_owner']; } if (count($owners)) { foreach ($owners as $owner) { if ($proj->prefs['auto_assign'] && !in_array($owner, $assignees)) { Backend::add_to_assignees($owner, $task_id, true); } Backend::add_notification($owner, $task_id, true); } } // Create the Notification if (Backend::upload_files($task_id)) { Notifications::send($task_id, ADDRESS_TASK, NOTIFY_TASK_OPENED, array('files' => true)); } else { Notifications::send($task_id, ADDRESS_TASK, NOTIFY_TASK_OPENED); } // If the reporter wanted to be added to the notification list if (isset($args['notifyme']) && $args['notifyme'] == '1' && !in_array($user->id, $owners)) { Backend::add_notification($user->id, $task_id, true); } // this is relaxed, if the anonymous email is not valid, just dont bother.. if ($user->isAnon() && Flyspray::check_email($args['anon_email'])) { Notifications::send($args['anon_email'], ADDRESS_EMAIL, NOTIFY_ANON_TASK, array('task_id' => $task_id, 'token' => $token)); } return array($task_id, $token, true); }
public function testValidation() { $post = new Post(); $post->val('text', 'TEXT is text'); $post->val('num', 10); $error_list = $post->validate(); $this->assertEquals(0, count($error_list)); $post = new Post(); $post->val('text', 'bad text'); $post->val('num', 10); $error_list = $post->validate(); $this->assertEquals(1, count($error_list)); $post = new Post(); $post->val('text', 'TEXT is text'); $post->val('num', 'NaN'); $error_list = $post->validate(); $this->assertEquals(1, count($error_list)); $post = new Post(); $post->val('text', 'TEXT is text'); $post->val('num', -1); $error_list = $post->validate(); $this->assertEquals(1, count($error_list)); $post = new Post(); $post->val('text', 'bad text'); $post->val('num', 'bad number'); $error_list = $post->validate(); $this->assertEquals(2, count($error_list)); $post = new Post(); $post->val('text', ''); $post->val('num', ''); $error_list = $post->validate(); $this->assertEquals(1, count($error_list)); }
/** * Test to see if user resubmitted a form. * Checks only newtask and addcomment actions. * @return bool true if user has submitted the same action within less than 6 hours, false otherwise * @access public static * @version 1.0 */ public static function requestDuplicated() { // garbage collection -- clean entries older than 6 hrs $now = isset($_SERVER['REQUEST_TIME']) ? $_SERVER['REQUEST_TIME'] : time(); if (!empty($_SESSION['requests_hash'])) { foreach ($_SESSION['requests_hash'] as $key => $val) { if ($val < $now - 6 * 60 * 60) { unset($_SESSION['requests_hash'][$key]); } } } if (count($_POST)) { if (preg_match('/^newtask.newtask|details.addcomment$/', Post::val('action', ''))) { $currentrequest = md5(serialize($_POST)); if (!empty($_SESSION['requests_hash'][$currentrequest])) { return true; } $_SESSION['requests_hash'][$currentrequest] = time(); } } return false; }
function isAlnum($key) { return Filters::isAlnum(Post::val($key)); }