function getProject($pID) { $this->getAllByPK($pID); $row = $this->getNext(); $p = new project(); $p->getAllByPK($row['package']); return $p->getNext(); }
} $b = new bug(); $b->getAll(); $u = new user(); $p = new project(); $TITLE = "Latest {$Count} bugs"; $i = 0; $CONTENT .= "<h1>Last {$Count} bugs filed</h1>"; $CONTENT .= "\n<table class = 'sortable' >\n\t<tr class = 'nobg' >\n\t\t<th>ID</th> <th> Status </th> <th> Severity </th> <th>Owner</th> <th>Project</th> <th>Private</th> <th>Title</th>\n\t</tr>\n"; while ($row = $b->getNext()) { $u->getAllByPK($row['owner']); $owner = $u->getNext(); if ($owner['uID'] <= 0) { $owner['real_name'] = "Nobody"; } $p->getAllByPK($row['package']); $package = $p->getNext(); if (isset($_SESSION['id'])) { $id = $_SESSION['id']; } else { $id = -1; // NOT -10000!!!!!! } $privacy = checkBugViewAuth($row['bID'], $id); if ($privacy[1]) { $picon = "<img src = '" . $SITE_PREFIX . "imgs/locked.png' alt = 'Private' />"; } else { $picon = "<img src = '" . $SITE_PREFIX . "imgs/unlocked.png' alt = 'Public' />"; } if (!$privacy[0]) { if ($i < $Count) {
function checkBugViewAuth($bugID, $requester) { $b = new bug(); $u = new user(); $p = new project(); $b->getAllByPK($bugID); $bug = $b->getNext(); if (isset($bug['bID'])) { if (isset($_SESSION['patrick_stewart']) && $_SESSION['patrick_stewart']) { // see gate for context return array(true, $bug['private']); // public bug, dummy } $whoami = $requester; if ($bug['private']) { // good query. $u->getAllByPK($bug['owner']); $owner = $u->getNext(); $u->getAllByPK($bug['reporter']); $reporter = $u->getNext(); $p->getAllByPK($bug['package']); $project = $p->getNext(); $oid = -10000; $rid = -10000; $pid = -10000; if (isset($owner['uID'])) { $oid = $owner['uID']; } if (isset($reporter['uID'])) { $rid = $reporter['uID']; } if (isset($project['oID'])) { $pid = $project['oID']; } if ($oid != $whoami && $rid != $whoami && $pid != $whoami) { return array(false, $bug['private']); } else { return array(true, $bug['private']); } } else { return array(true, $bug['private']); // public bug, dummy } } else { return array(false, false); // bug iz no good } /* if bug.private: check if is owner check if is reporter check if is asignee check if is project owner check if site administrator / staff any of the above: Yes, otherwise, no else: Yes Query bug, if it's public, don't give a shit. */ }