/** * Validates the Attach Tags group action. * Gets called for every bug, but performs the real tag validation only * the first time. Any invalid tags will be skipped, as there is no simple * or clean method of presenting these errors to the user. * @param integer Bug ID * @return boolean True */ function action_attach_tags_validate($p_bug_id) { global $g_action_attach_tags_valid; if (!isset($g_action_attach_tags_valid)) { $f_tag_string = gpc_get_string('tag_string'); $f_tag_select = gpc_get_string('tag_select'); global $g_action_attach_tags_attach, $g_action_attach_tags_create, $g_action_attach_tags_failed; $g_action_attach_tags_attach = array(); $g_action_attach_tags_create = array(); $g_action_attach_tags_failed = array(); $t_tags = tag_parse_string($f_tag_string); $t_can_create = access_has_global_level(config_get('tag_create_threshold')); foreach ($t_tags as $t_tag_row) { if (-1 == $t_tag_row['id']) { if ($t_can_create) { $g_action_attach_tags_create[] = $t_tag_row; } else { $g_action_attach_tags_failed[] = $t_tag_row; } } elseif (-2 == $t_tag_row['id']) { $g_action_attach_tags_failed[] = $t_tag_row; } else { $g_action_attach_tags_attach[] = $t_tag_row; } } if (0 < $f_tag_select && tag_exists($f_tag_select)) { $g_action_attach_tags_attach[] = tag_get($f_tag_select); } } global $g_action_attach_tags_attach, $g_action_attach_tags_create, $g_action_attach_tags_failed; return true; }
/** * Get username, realname and email from for a given user id * @param integer $p_user_id A valid user identifier. * @return array */ function mci_account_get_array_by_id($p_user_id) { $t_result = array(); $t_result['id'] = $p_user_id; if (user_exists($p_user_id)) { $t_current_user_id = auth_get_current_user_id(); $t_access_level = user_get_field($t_current_user_id, 'access_level'); $t_can_manage = access_has_global_level(config_get('manage_user_threshold')) && access_has_global_level($t_access_level); # this deviates from the behaviour of view_user_page.php, but it is more intuitive $t_is_same_user = $t_current_user_id === $p_user_id; $t_can_see_realname = access_has_project_level(config_get('show_user_realname_threshold')); $t_can_see_email = access_has_project_level(config_get('show_user_email_threshold')); $t_result['name'] = user_get_field($p_user_id, 'username'); if ($t_is_same_user || $t_can_manage || $t_can_see_realname) { $t_realname = user_get_realname($p_user_id); if (!empty($t_realname)) { $t_result['real_name'] = $t_realname; } } if ($t_is_same_user || $t_can_manage || $t_can_see_email) { $t_email = user_get_email($p_user_id); if (!empty($t_email)) { $t_result['email'] = $t_email; } } } return $t_result; }
function options() { plugin_push_current('CustomerManagement'); if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) { $options = array(1 => lang_get('yes'), 2 => lang_get('no')); } plugin_pop_current(); return $options; }
public function display($p_bug, $p_columns_target) { plugin_push_current('CustomerManagement'); if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) { $bugData = CustomerManagementDao::getBugData($p_bug->id); if (count($bugData) > 0) { $group = CustomerManagementDao::getGroupForCustomer($bugData['customer_id']); echo string_display_line($group['name']); } } plugin_pop_current(); }
public function display($p_bug, $p_columns_target) { plugin_push_current('CustomerManagement'); if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) { $bugData = CustomerManagementDao::getBugData($p_bug->id); if (count($bugData) > 0) { $isBillable = CustomerManagementDao::getService($bugData['is_billable']); echo string_display_line($isBillable ? lang_get('yes') : lang_get('no')); } } plugin_pop_current(); }
function options() { plugin_push_current('CustomerManagement'); if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) { $options = array(); foreach (CustomerManagementDao::findAllGroups() as $group) { $options[$group['id']] = $group['name']; } } plugin_pop_current(); return $options; }
function query($p_filter_input) { $invoice = $p_filter_input; if (is_blank($invoice)) { return; } plugin_push_current('CustomerManagement'); if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) { $t_query = CustomerManagementDao::buildFilterArrayForInvoice($invoice); } plugin_pop_current(); return $t_query; }
/** * Returns an array of time tracking stats * @param int $p_project_id project id * @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored. * @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored. * @return array array of bugnote stats * @access public */ function plugin_TimeTracking_stats_get_project_array($p_project_id, $p_from, $p_to) { $c_project_id = db_prepare_int($p_project_id); $c_to = "'" . date("Y-m-d", strtotime("{$p_to}") + SECONDS_PER_DAY - 1) . "'"; $c_from = "'" . $p_from . "'"; //strtotime( $p_from ) if ($c_to === false || $c_from === false) { error_parameters(array($p_form, $p_to)); trigger_error(ERROR_GENERIC, ERROR); } $t_timereport_table = plugin_table('data', 'TimeTracking'); $t_bug_table = db_get_table('mantis_bug_table'); $t_user_table = db_get_table('mantis_user_table'); $t_project_table = db_get_table('mantis_project_table'); if (!is_blank($c_from)) { $t_from_where = " AND expenditure_date >= {$c_from}"; } else { $t_from_where = ''; } if (!is_blank($c_to)) { $t_to_where = " AND expenditure_date <= {$c_to}"; } else { $t_to_where = ''; } if (ALL_PROJECTS != $c_project_id) { $t_project_where = " AND b.project_id = '{$c_project_id}' "; } else { $t_project_where = ''; } if (!access_has_global_level(plugin_config_get('view_others_threshold'))) { $t_user_id = auth_get_current_user_id(); $t_user_where = " AND user = '******' "; } else { $t_user_where = ''; } $t_results = array(); $query = "SELECT u.username, p.name as project_name, bug_id, expenditure_date, hours, timestamp, info \nFROM {$t_timereport_table} tr, {$t_bug_table} b, {$t_user_table} u, {$t_project_table} p\nWHERE tr.bug_id=b.id and tr.user=u.id AND p.id = b.project_id\n{$t_project_where} {$t_from_where} {$t_to_where} {$t_user_where}\nORDER BY user, expenditure_date, bug_id"; $result = db_query($query); while ($row = db_fetch_array($result)) { $t_results[] = $row; } return $t_results; }
function ERP_print_menu($p_page = '') { $t_pages = array('plugin_lang_get' => array('manage_config', 'manage_mailbox'), 'lang_get' => array('documentation_link' => 'view_readme', 'changelog_link' => 'view_changelog')); if (plugin_config_get('mail_rule_system') == TRUE) { $t_pages['plugin_lang_get'] = array_merge($t_pages['plugin_lang_get'], array('manage_rule')); } if (access_has_global_level(config_get('manage_plugin_threshold'))) { echo '<div align="center"><p>'; foreach ($t_pages as $t_lang_function => $t_pageset) { foreach ($t_pageset as $t_page_lang => $t_page_name) { if (is_int($t_page_lang)) { $t_page_lang = $t_page_name; } $t_page = $p_page !== $t_page_name ? plugin_page($t_page_name) : NULL; print_bracket_link($t_page, $t_lang_function($t_page_lang)); } } echo '</p></div>'; } }
public function post($request) { /** * Creates a new user. * * The user will get a confirmation email, and will have the password provided * in the incoming representation. * * @param $request - The Request we're responding to */ if (!access_has_global_level(config_get('manage_user_threshold'))) { throw new HTTPException(403, "Access denied to create user"); } $new_user = new User(); $new_user->populate_from_repr($request->body); $username = $new_user->mantis_data['username']; $password = $new_user->mantis_data['password']; $email = email_append_domain($new_user->mantis_data['email']); $access_level = $new_user->mantis_data['access_level']; $protected = $new_user->mantis_data['protected']; $enabled = $new_user->mantis_data['enabled']; $realname = $new_user->mantis_data['realname']; if (!user_is_name_valid($username)) { throw new HTTPException(500, "Invalid username"); } elseif (!user_is_realname_valid($realname)) { throw new HTTPException(500, "Invalid realname"); } user_create($username, $password, $email, $access_level, $protected, $enabled, $realname); $new_user_id = user_get_id_by_name($username); $new_user_url = User::get_url_from_mantis_id($new_user_id); $this->rsrc_data = $new_user_url; $resp = new Response(); $resp->status = 201; $resp->headers[] = "location: {$new_user_url}"; $resp->body = $this->_repr($request); return $resp; }
function helper_show_queries() { # Check is authenticated before checking access level, otherwise user gets # redirected to login_page.php. See #8461. return ON == config_get('show_queries_count') && auth_is_user_authenticated() && access_has_global_level(config_get('show_queries_threshold')); }
echo helper_alternate_class(); ?> > <td><?php echo $t_tag_row['id']; ?> </td> <td><input type="text" <?php echo helper_get_tab_index(); ?> name="name" value="<?php echo $t_name; ?> "/></td> <td><?php if (access_has_global_level(config_get('tag_edit_threshold'))) { if (ON == config_get('use_javascript')) { $t_username = prepare_user_name($t_tag_row['user_id']); echo ajax_click_to_edit($t_username, 'user_id', 'entrypoint=user_combobox&user_id=' . $t_tag_row['user_id'] . '&access_level=' . config_get('tag_create_threshold')); } else { echo '<select ', helper_get_tab_index(), ' name="user_id">'; print_user_option_list($t_tag_row['user_id'], ALL_PROJECTS, config_get('tag_create_threshold')); echo '</select>'; } } else { echo string_display_line(user_get_name($t_tag_row['user_id'])); } ?> </td> <td><?php echo date(config_get('normal_date_format'), $t_tag_row['date_created']);
/** * Get current headlines and id prefix with v_ * @return void */ function print_news_item_option_list() { $t_project_id = helper_get_current_project(); $t_global = access_has_global_level(config_get_global('admin_site_threshold')); if ($t_global) { $t_query = 'SELECT id, headline, announcement, view_state FROM {news} ORDER BY date_posted DESC'; } else { $t_query = 'SELECT id, headline, announcement, view_state FROM {news} WHERE project_id=' . db_param() . ' ORDER BY date_posted DESC'; } $t_result = db_query($t_query, $t_global == true ? array() : array($t_project_id)); while ($t_row = db_fetch_array($t_result)) { $t_headline = string_display($t_row['headline']); $t_announcement = $t_row['announcement']; $t_view_state = $t_row['view_state']; $t_id = $t_row['id']; $t_notes = array(); $t_note_string = ''; if (1 == $t_announcement) { array_push($t_notes, lang_get('announcement')); } if (VS_PRIVATE == $t_view_state) { array_push($t_notes, lang_get('private')); } if (count($t_notes) > 0) { $t_note_string = ' [' . implode(' ', $t_notes) . ']'; } echo '<option value="' . $t_id . '">' . $t_headline . $t_note_string . '</option>'; } }
require_once 'core.php'; require_api('access_api.php'); require_api('compress_api.php'); require_api('config_api.php'); require_api('database_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); require_api('user_api.php'); access_ensure_global_level(config_get('tag_edit_threshold')); compress_enable(); $t_can_edit = access_has_global_level(config_get('tag_edit_threshold')); $f_filter = utf8_strtoupper(gpc_get_string('filter', config_get('default_manage_tag_prefix'))); $f_page_number = gpc_get_int('page_number', 1); # Start Index Menu $t_prefix_array = array('ALL'); for ($i = 'A'; $i != 'AA'; $i++) { $t_prefix_array[] = $i; } for ($i = 0; $i <= 9; $i++) { $t_prefix_array[] = (string) $i; } if ($f_filter === 'ALL') { $t_name_filter = ''; } else { $t_name_filter = $f_filter; }
<?php # reset the class counter helper_alternate_class(0); ?> <!-- SUBPROJECTS --> <div align="center"> <table class="width75" cellspacing="1"> <!-- Title --> <tr> <td class="form-title" colspan="6"> <?php echo lang_get('subprojects'); # Check the user's global access level before allowing project creation if (access_has_global_level(config_get('create_project_threshold'))) { print_button('manage_proj_create_page.php?parent_id=' . $f_project_id, lang_get('create_new_subproject_link')); } ?> </td> </tr> <!-- Subprojects --> <form name="update_children_form" action="manage_proj_update_children.php" method="post"> <?php echo form_security_field('manage_proj_update_children'); ?> <input type="hidden" name="project_id" value="<?php echo $f_project_id; ?> " />
/** * return an array of sub-project IDs of a certain project to which the user has access * @param integer $p_user_id A valid user identifier. * @param integer $p_project_id A valid project identifier. * @param boolean $p_show_disabled Include disabled projects in the resulting array. * @return array */ function user_get_accessible_subprojects($p_user_id, $p_project_id, $p_show_disabled = false) { global $g_user_accessible_subprojects_cache; if (null !== $g_user_accessible_subprojects_cache && auth_get_current_user_id() == $p_user_id && false == $p_show_disabled) { if (isset($g_user_accessible_subprojects_cache[$p_project_id])) { return $g_user_accessible_subprojects_cache[$p_project_id]; } else { return array(); } } db_param_push(); if (access_has_global_level(config_get('private_project_threshold'), $p_user_id)) { $t_enabled_clause = $p_show_disabled ? '' : 'p.enabled = ' . db_param() . ' AND'; $t_query = 'SELECT DISTINCT p.id, p.name, ph.parent_id FROM {project} p LEFT JOIN {project_hierarchy} ph ON ph.child_id = p.id WHERE ' . $t_enabled_clause . ' ph.parent_id IS NOT NULL ORDER BY p.name'; $t_result = db_query($t_query, $p_show_disabled ? array() : array(true)); } else { $t_query = 'SELECT DISTINCT p.id, p.name, ph.parent_id FROM {project} p LEFT JOIN {project_user_list} u ON p.id = u.project_id AND u.user_id=' . db_param() . ' LEFT JOIN {project_hierarchy} ph ON ph.child_id = p.id WHERE ' . ($p_show_disabled ? '' : 'p.enabled = ' . db_param() . ' AND ') . ' ph.parent_id IS NOT NULL AND ( p.view_state=' . db_param() . ' OR (p.view_state=' . db_param() . ' AND u.user_id=' . db_param() . ' ) ) ORDER BY p.name'; $t_param = array($p_user_id, VS_PUBLIC, VS_PRIVATE, $p_user_id); if (!$p_show_disabled) { # Insert enabled flag value in 2nd position of parameter array array_splice($t_param, 1, 0, true); } $t_result = db_query($t_query, $t_param); } $t_projects = array(); while ($t_row = db_fetch_array($t_result)) { if (!isset($t_projects[(int) $t_row['parent_id']])) { $t_projects[(int) $t_row['parent_id']] = array(); } array_push($t_projects[(int) $t_row['parent_id']], (int) $t_row['id']); } if (auth_get_current_user_id() == $p_user_id) { $g_user_accessible_subprojects_cache = $t_projects; } if (!isset($t_projects[(int) $p_project_id])) { $t_projects[(int) $p_project_id] = array(); } return $t_projects[(int) $p_project_id]; }
function print_news_item_option_list() { $t_mantis_news_table = db_get_table('news'); $t_project_id = helper_get_current_project(); $t_global = access_has_global_level(config_get_global('admin_site_threshold')); if ($t_global) { $query = "SELECT id, headline, announcement, view_state\n\t\t\t\tFROM {$t_mantis_news_table}\n\t\t\t\tORDER BY date_posted DESC"; } else { $query = "SELECT id, headline, announcement, view_state\n\t\t\t\tFROM {$t_mantis_news_table}\n\t\t\t\tWHERE project_id=" . db_param() . "\n\t\t\t\tORDER BY date_posted DESC"; } $result = db_query_bound($query, $t_global == true ? array() : array($t_project_id)); $news_count = db_num_rows($result); for ($i = 0; $i < $news_count; $i++) { $row = db_fetch_array($result); $t_headline = string_display($row['headline']); $t_announcement = $row['announcement']; $t_view_state = $row['view_state']; $t_id = $row['id']; $t_notes = array(); $t_note_string = ''; if (1 == $t_announcement) { array_push($t_notes, lang_get('announcement')); } if (VS_PRIVATE == $t_view_state) { array_push($t_notes, lang_get('private')); } if (count($t_notes) > 0) { $t_note_string = ' [' . implode(' ', $t_notes) . ']'; } echo "<option value=\"{$t_id}\">{$t_headline}{$t_note_string}</option>"; } }
# Delete the users who have never logged in and are older than 1 week $days_old = (int)7 * SECONDS_PER_DAY; $query = "SELECT id, access_level FROM $t_user_table WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" ); $result = db_query_bound($query, Array( db_now() ) ); if ( !$result ) { trigger_error( ERROR_GENERIC, ERROR ); } $count = db_num_rows( $result ); if ( $count > 0 ) { helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ), lang_get( 'prune_accounts_button' ) ); } for ($i=0; $i < $count; $i++) { $row = db_fetch_array( $result ); # Don't prune accounts with a higher global access level than the current user if ( access_has_global_level( $row['access_level'] ) ) { user_delete($row['id']); } } form_security_purge( 'manage_user_prune' ); print_header_redirect( 'manage_user_page.php' );
/** * print tag fields * @return void */ function print_filter_tag_string() { if (!access_has_global_level(config_get('tag_view_threshold'))) { return; } global $g_filter; $t_tag_string = $g_filter[FILTER_PROPERTY_TAG_STRING]; if ($g_filter[FILTER_PROPERTY_TAG_SELECT] != 0 && tag_exists($g_filter[FILTER_PROPERTY_TAG_SELECT])) { $t_tag_string .= is_blank($t_tag_string) ? '' : config_get('tag_separator'); $t_tag_string .= tag_get_field($g_filter[FILTER_PROPERTY_TAG_SELECT], 'name'); } ?> <input type="hidden" id="tag_separator" value="<?php echo config_get('tag_separator'); ?> " /> <input type="text" name="<?php echo FILTER_PROPERTY_TAG_STRING; ?> " id="<?php echo FILTER_PROPERTY_TAG_STRING; ?> " size="40" value="<?php echo string_attribute($t_tag_string); ?> " /> <select <?php echo helper_get_tab_index(); ?> name="<?php echo FILTER_PROPERTY_TAG_SELECT; ?> " id="<?php echo FILTER_PROPERTY_TAG_SELECT; ?> "> <?php print_tag_option_list(); ?> </select> <?php }
* * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; form_security_validate('account_delete'); auth_ensure_user_authenticated(); current_user_ensure_unprotected(); # Only allow users to delete their own accounts if allow_account_delete = ON or # the user has permission to manage user accounts. if (OFF == config_get('allow_account_delete') && !access_has_global_level(config_get('manage_user_threshold'))) { print_header_redirect('account_page.php'); } # check that we are not deleting the last administrator account $t_admin_threshold = config_get_global('admin_site_threshold'); if (current_user_is_administrator() && user_count_level($t_admin_threshold) <= 1) { trigger_error(ERROR_USER_CHANGE_LAST_ADMIN, ERROR); } helper_ensure_confirmed(lang_get('confirm_delete_msg'), lang_get('delete_account_button')); form_security_purge('account_delete'); $t_user_id = auth_get_current_user_id(); auth_logout(); user_delete($t_user_id); html_page_top1(); html_page_top2a(); ?>
function log_print_to_page() { if (config_get_global('log_destination') === 'page' && auth_is_user_authenticated() && access_has_global_level(config_get('show_log_threshold'))) { global $g_log_events, $g_log_levels; echo "\n\n<!--Mantis Debug Log Output-->"; echo "<hr />\n"; echo "<table id=\"log-event-list\">\n"; echo "\t<thead>\n"; echo "\t\t<tr>\n"; echo "\t\t\t<th>" . lang_get('log_page_number') . "</th>\n"; echo "\t\t\t<th>" . lang_get('log_page_time') . "</th>\n"; echo "\t\t\t<th>" . lang_get('log_page_caller') . "</th>\n"; echo "\t\t\t<th>" . lang_get('log_page_event') . "</th>\n"; echo "\t\t</tr>\n"; echo "\t</thead>\n"; echo "\t<tbody>\n"; $t_unique_queries_count = 0; $t_total_query_execution_time = 0; $t_unique_queries = array(); $t_total_queries_count = 0; $t_total_event_count = count($g_log_events); if ($t_total_event_count == 0) { echo "\t</tbody>\n\t</table>\n"; echo "<!--END Mantis Debug Log Output-->\n\n"; return; } for ($i = 0; $i < $t_total_event_count; $i++) { if ($g_log_events[$i][1] == LOG_DATABASE) { if (!in_array($g_log_events[$i][2][0], $t_unique_queries)) { $t_unique_queries_count++; $g_log_events[$i][2][2] = false; array_push($t_unique_queries, $g_log_events[$i][2][0]); } else { $g_log_events[$i][2][2] = true; } $t_total_query_execution_time += $g_log_events[$i][2][1]; } } $t_count = array(); foreach ($g_log_events as $t_log_event) { $t_level = $g_log_levels[$t_log_event[1]]; $t_count[$t_log_event[1]]++; switch ($t_log_event[1]) { case LOG_DATABASE: $t_total_queries_count++; $t_query_duplicate_class = ''; if ($t_log_event[2][2]) { $t_query_duplicate_class = ' class="duplicate-query"'; } echo "\t\t<tr{$t_query_duplicate_class}><td>" . $t_level . '-' . $t_count[$t_log_event[1]] . "</td><td>" . $t_log_event[2][1] . "</td><td>" . string_html_specialchars($t_log_event[3]) . "</td><td>" . string_html_specialchars($t_log_event[2][0]) . "</td></tr>\n"; break; default: echo "\t\t<tr><td>" . $t_level . '-' . $t_count[$t_log_event[1]] . "</td><td>" . $t_log_event[2][1] . "</td><td>" . string_html_specialchars($t_log_event[3]) . "</td><td>" . string_html_specialchars($t_log_event[2][0]) . "</td></tr>\n"; } } # output any summary data if ($t_unique_queries_count != 0) { $t_unique_queries_executed = sprintf(lang_get('unique_queries_executed'), $t_unique_queries_count); echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_unique_queries_executed . "</td></tr>\n"; } if ($t_total_queries_count != 0) { $t_total_queries_executed = sprintf(lang_get('total_queries_executed'), $t_total_queries_count); echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_total_queries_executed . "</td></tr>\n"; } if ($t_total_query_execution_time != 0) { $t_total_query_time = sprintf(lang_get('total_query_execution_time'), $t_total_query_execution_time); echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_total_query_time . "</td></tr>\n"; } echo "\t</tbody>\n\t</table>\n"; } echo "<!--END Mantis Debug Log Output-->\n\n"; }
function print_manage_menu($p_page = '') { $t_manage_user_page = 'manage_user_page.php'; $t_manage_project_menu_page = 'manage_proj_page.php'; $t_manage_custom_field_page = 'manage_custom_field_page.php'; $t_manage_config_page = 'adm_config_report.php'; $t_manage_prof_menu_page = 'manage_prof_menu_page.php'; # $t_documentation_page = 'documentation_page.php'; switch ($p_page) { case $t_manage_user_page: $t_manage_user_page = ''; break; case $t_manage_project_menu_page: $t_manage_project_menu_page = ''; break; case $t_manage_custom_field_page: $t_manage_custom_field_page = ''; break; case $t_manage_config_page: $t_manage_config_page = ''; break; case $t_manage_prof_menu_page: $t_manage_prof_menu_page = ''; break; # case $t_documentation_page: # $t_documentation_page = ''; # break; } print '<br /><div align="center">'; if (access_has_global_level(config_get('manage_user_threshold'))) { print_bracket_link($t_manage_user_page, lang_get('manage_users_link')); } if (access_has_project_level(config_get('manage_project_threshold'))) { print_bracket_link($t_manage_project_menu_page, lang_get('manage_projects_link')); } if (access_has_global_level(config_get('manage_custom_fields_threshold'))) { print_bracket_link($t_manage_custom_field_page, lang_get('manage_custom_field_link')); } if (access_has_global_level(config_get('manage_global_profile_threshold'))) { print_bracket_link($t_manage_prof_menu_page, lang_get('manage_global_profiles_link')); } if (access_has_project_level(config_get('view_configuration_threshold'))) { print_bracket_link($t_manage_config_page, lang_get('manage_config_link')); } # print_bracket_link( $t_documentation_page, lang_get( 'documentation_link' ) ); print '</div>'; }
require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('database_api.php'); require_api('form_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); require_api('string_api.php'); require_api('user_api.php'); access_ensure_global_level(config_get('view_configuration_threshold')); $t_read_write_access = access_has_global_level(config_get('set_configuration_threshold')); html_page_top(lang_get('configuration_report')); print_manage_menu('adm_permissions_report.php'); print_manage_config_menu('adm_config_report.php'); $t_config_types = array(CONFIG_TYPE_DEFAULT => 'default', CONFIG_TYPE_INT => 'integer', CONFIG_TYPE_FLOAT => 'float', CONFIG_TYPE_COMPLEX => 'complex', CONFIG_TYPE_STRING => 'string'); /** * returns the configuration type for a given configuration type id * @param integer $p_type Configuration type identifier to check. * @return string configuration type */ function get_config_type($p_type) { global $t_config_types; if (array_key_exists($p_type, $t_config_types)) { return $t_config_types[$p_type]; } else {
/** * * Deletes a tag * * @param string $p_username The user's username * @param string $p_password The user's password * @param unknown_type $p_tag_id * @param int $p_tag_id The id of the tag * @return soap_fault|boolean */ function mc_tag_delete($p_username, $p_password, $p_tag_id) { $t_user_id = mci_check_login($p_username, $p_password); if ($t_user_id === false) { return mci_soap_fault_login_failed(); } if (!access_has_global_level(config_get('tag_edit_threshold'))) { return mci_soap_fault_access_denied($t_user_id); } if (!tag_exists($p_tag_id)) { return SoapObjectsFactory::newSoapFault('Client', 'No tag with id ' . $p_tag_id); } return tag_delete($p_tag_id); }
/** * Check if the user has the specified global access level * and deny access to the page if not * @see access_has_global_level * @param int $p_access_level integer representing access level * @param int|null $p_user_id integer representing user id, defaults to null to use current user * @access public */ function access_ensure_global_level($p_access_level, $p_user_id = null) { if (!access_has_global_level($p_access_level, $p_user_id)) { access_denied(); } }
$f_view_type = gpc_get_string('view_type', $f_default_view_type); if (ADVANCED_ONLY == config_get('view_filters')) { $f_view_type = 'advanced'; } if (SIMPLE_ONLY == config_get('view_filters')) { $f_view_type = 'simple'; } if (!in_array($f_view_type, array('simple', 'advanced'))) { $f_view_type = $f_default_view_type; } $t_select_modifier = ''; if ('advanced' == $f_view_type) { $t_select_modifier = 'multiple="multiple" size="10" '; } $t_show_version = ON == config_get('show_product_version') || AUTO == config_get('show_product_version') && count(version_get_all_rows_with_subs($t_project_id)) > 0; $t_show_tags = access_has_global_level(config_get('tag_view_threshold')); ?> <br /> <form method="post" name="filters" action="<?php echo $t_action; ?> "> <input type="hidden" name="type" value="1" /> <input type="hidden" name="view_type" value="<?php print $f_view_type; ?> " /> <?php if ($f_for_screen == false) { print "<input type=\"hidden\" name=\"print\" value=\"1\" />"; print "<input type=\"hidden\" name=\"offset\" value=\"0\" />";
function user_get_accessible_subprojects($p_user_id, $p_project_id, $p_show_disabled = false) { global $g_user_accessible_subprojects_cache; if (null !== $g_user_accessible_subprojects_cache && auth_get_current_user_id() == $p_user_id && false == $p_show_disabled) { if (isset($g_user_accessible_subprojects_cache[$p_project_id])) { return $g_user_accessible_subprojects_cache[$p_project_id]; } else { return array(); } } $c_user_id = db_prepare_int($p_user_id); $c_project_id = db_prepare_int($p_project_id); $t_project_table = config_get('mantis_project_table'); $t_project_user_list_table = config_get('mantis_project_user_list_table'); $t_project_hierarchy_table = config_get('mantis_project_hierarchy_table'); $t_enabled_clause = $p_show_disabled ? '' : 'p.enabled = 1 AND'; $t_public = VS_PUBLIC; $t_private = VS_PRIVATE; if (access_has_global_level(config_get('private_project_threshold'), $p_user_id)) { $query = "SELECT DISTINCT p.id, p.name, ph.parent_id\n\t\t\t\t\t FROM {$t_project_table} p\n\t\t\t\t\t LEFT JOIN {$t_project_hierarchy_table} ph\n\t\t\t\t\t ON ph.child_id = p.id\n\t\t\t\t\t WHERE {$t_enabled_clause}\n\t\t\t\t\t \t ph.parent_id IS NOT NULL\n\t\t\t\t\t ORDER BY p.name"; } else { $query = "SELECT DISTINCT p.id, p.name, ph.parent_id\n\t\t\t\t\t FROM {$t_project_table} p\n\t\t\t\t\t LEFT JOIN {$t_project_user_list_table} u\n\t\t\t\t\t ON p.id = u.project_id AND u.user_id='{$c_user_id}'\n\t\t\t\t\t LEFT JOIN {$t_project_hierarchy_table} ph\n\t\t\t\t\t ON ph.child_id = p.id\n\t\t\t\t\t WHERE {$t_enabled_clause}\n\t\t\t\t\t \tph.parent_id IS NOT NULL AND\n\t\t\t\t\t\t( p.view_state='{$t_public}'\n\t\t\t\t\t\t OR (p.view_state='{$t_private}'\n\t\t\t\t\t\t\t AND\n\t\t\t\t\t\t u.user_id='{$c_user_id}' )\n\t\t\t\t\t\t)\n\t\t\t\t\t ORDER BY p.name"; } $result = db_query($query); $row_count = db_num_rows($result); $t_projects = array(); for ($i = 0; $i < $row_count; $i++) { $row = db_fetch_array($result); if (!isset($t_projects[$row['parent_id']])) { $t_projects[$row['parent_id']] = array(); } array_push($t_projects[$row['parent_id']], $row['id']); } if (auth_get_current_user_id() == $p_user_id) { $g_user_accessible_subprojects_cache = $t_projects; } if (!isset($t_projects[$p_project_id])) { $t_projects[$p_project_id] = array(); } return $t_projects[$p_project_id]; }
if (ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) { echo lang_get('reset_password_msg'); } else { echo lang_get('reset_password_msg2'); } ?> </div> <?php } } ?> <!-- PROJECT ACCESS (if permissions allow) and user is not ADMINISTRATOR --> <?php if (access_has_global_level(config_get('manage_user_threshold')) && !user_is_administrator($t_user_id)) { ?> <br /> <div align="center"> <table class="width75" cellspacing="1"> <!-- Title --> <tr> <td class="form-title" colspan="2"> <?php echo lang_get('add_user_title'); ?> </td> </tr> <!-- Assigned Projects --> <tr <?php
<!-- GLOBAL CATEGORIES --> <a name="categories" /> <div align="center"> <table class="width75" cellspacing="1"> <!-- Title --> <tr> <td class="form-title" colspan="3"> <?php echo lang_get('global_categories'); ?> </td> </tr> <?php $t_categories = category_get_all_rows(ALL_PROJECTS); $t_can_update_global_cat = access_has_global_level(config_get('manage_site_threshold')); if (count($t_categories) > 0) { ?> <tr class="row-category"> <td> <?php echo lang_get('category'); ?> </td> <td> <?php echo lang_get('assign_to'); ?> </td> <?php if ($t_can_update_global_cat) {
# Loop through results for ($i = 0; $i < $t_issues_count; $i++) { $t_bug = $t_issues[$i]; $about = $link = $t_path . "view.php?id=" . $t_bug->id; $title = bug_format_id($t_bug->id) . ': ' . $t_bug->summary; if ($t_bug->view_state == VS_PRIVATE) { $title .= ' [' . lang_get('private') . ']'; } $description = string_rss_links($t_bug->description); # subject is category. $subject = category_full_name($t_bug->category_id, false); # optional DC value $date = $t_bug->last_updated; # author of item $author = ''; if (access_has_global_level(config_get('show_user_email_threshold'))) { $t_author_name = user_get_name($t_bug->reporter_id); $t_author_email = user_get_field($t_bug->reporter_id, 'email'); if (!is_blank($t_author_email)) { if (!is_blank($t_author_name)) { $author = $t_author_name . ' <' . $t_author_email . '>'; } else { $author = $t_author_email; } } } # $comments = 'http://www.example.com/sometext.php?somevariable=somevalue&comments=1'; # url to comment page rss 2.0 value $comments = $t_path . 'view.php?id=' . $t_bug->id . '#bugnotes'; # optional mod_im value for dispaying a different pic for every item $image = ''; $rssfile->addRSSItem($about, $title, $link, $description, $subject, $date, $author, $comments, $image);