/**
* Updates a button in the plugin configuration
*
* @param $config
*/
public function updateButton($config)
{
$button = gpc_get_int($config);
if (plugin_config_get($config) != $button) {
plugin_config_set($config, $button);
}
}
/**
* Print a generic combobox with a list of users above a given access level.
*/
function xmlhttprequest_user_combobox()
{
$f_user_id = gpc_get_int('user_id');
$f_user_access = gpc_get_int('access_level');
echo '<select name="user_id">';
print_user_option_list($f_user_id, ALL_PROJECTS, $f_user_access);
echo '</select>';
}
function set_capability_enum($p_threshold, $p_all_projects_only = false)
{
global $t_access, $t_project;
if ($t_access >= config_get_access($p_threshold) && (ALL_PROJECTS == $t_project || !$p_all_projects_only)) {
$f_flag = gpc_get('flag_' . $p_threshold);
$f_access = gpc_get_int('access_' . $p_threshold);
# @@debug @@ echo "<br />for $p_threshold "; var_dump($f_flag, $f_access); echo '<br />';
if ($f_flag != config_get($p_threshold)) {
config_set($p_threshold, $f_flag, NO_USER, $t_project, $f_access);
}
}
}
/**
* Affichage du code dans la page de visualisation d'un bug
* Placement dans le DOM via jquery
*/
function uploadFileBugDetails()
{
#Déplacement du code d'upload dans le DOM
echo '<script type="text/javascript">
jQuery(document).ready(function($){
$("#upload_form_open").after($("#upload_form_multi").html());
});
</script>';
#Code qui va servir à l'upload ( Iframe avec une page html5 )
echo '<div id="upload_form_multi" style="display:none">
<div id="multiple_upload_area" style="margin-top:20px;">
<iframe src="plugins/UploadFile/pages/upload_iframe.php?bug_id=' . gpc_get_int('id', -1) . '" id="uploadPage" width="100%" scrolling="no" height="200px;" frameborder="0"></iframe>
</div>
</div>';
}
function add_columns()
{
$t_project_id = helper_get_current_project();
$t_user_id = auth_get_current_user_id();
$t_user_has_level = user_get_access_level($t_user_id, $t_project_id) >= plugin_config_get('RelationshipColumnAccessLevel', PLUGINS_RELATIONSHIPCOLUMNVIEW_THRESHOLD_LEVEL_DEFAULT);
$t_result = array();
if (plugin_config_get('ShowRelationshipColumn') == gpc_get_int('ShowRelationshipColumn', ON) && $t_user_has_level) {
if ('1.2.' == substr(MANTIS_VERSION, 0, 4)) {
require_once 'classes' . DIRECTORY_SEPARATOR . 'RelationshipColumn.class.1.2.0.php';
} else {
require_once 'classes' . DIRECTORY_SEPARATOR . 'RelationshipColumn.class.1.3.0.php';
}
$t_result[] = 'RelationshipColumn';
}
return $t_result;
}
function worklogmenu()
{
if (ON == plugin_config_get('promote_text')) {
$bugid = gpc_get_int('id');
if (access_has_bug_level(plugin_config_get('promote_threshold'), $bugid)) {
$t_bug_p = bug_get($bugid, true);
if (OFF == plugin_config_get('project_text')) {
$proj_id = 0;
} else {
$proj_id = $t_bug_p->project_id;
}
$subject = urlencode($t_bug_p->description);
$subject .= " ";
$subject .= urlencode($t_bug_p->additional_information);
$content = category_full_name($t_bug_p->category_id);
$content .= " -> ";
$content .= urlencode($t_bug_p->summary);
if (ON == plugin_config_get('worklog_view_check')) {
$import_page = 'worklog_add_page2.php';
} else {
$import_page = 'worklog_add.php';
}
$import_page .= '&log_type=0&';
$import_page .= '&ref_log_ids=';
$import_page .= '&ref_issue_ids=';
$import_page .= '&log_begin=';
$import_page .= '&log_end=';
$import_page .= '&content=';
$import_page .= $content;
$import_page .= '&subject=';
$import_page .= $subject;
$import_page .= '&project_id=';
$import_page .= $proj_id;
if (ON == plugin_config_get('worklog_view_check')) {
return array(plugin_lang_get('import_worklog') => plugin_page($import_page) . '" target=_new>');
} else {
return array(plugin_lang_get('import_worklog') => plugin_page($import_page));
}
}
}
}
/**
* @param $types
*/
function print_document_selection($types)
{
$project_id = gpc_get_int('project_id', helper_get_current_project());
$specmanagement_database_api = new specmanagement_database_api();
echo '<select name="version_id">';
foreach ($types as $type) {
$type_string = string_html_specialchars($type);
$type_id = $specmanagement_database_api->get_type_id($type);
$version_id_array = get_version_ids($type_id, $project_id);
foreach ($version_id_array as $version_id) {
$version_spec_project_id = version_get_field($version_id, 'project_id');
if (project_includes_user($version_spec_project_id, auth_get_current_user_id()) || user_is_administrator(auth_get_current_user_id())) {
$version_string = version_full_name($version_id);
echo '<option value="' . $version_id . '">';
echo $type_string . " - " . $version_string;
echo '</option>';
}
}
}
echo '</select>';
}
function faqmenu()
{
if (ON == plugin_config_get('promote_text')) {
$bugid = gpc_get_int('id');
if (access_has_bug_level(plugin_config_get('promote_threshold'), $bugid)) {
$t_bug_p = bug_get($bugid, true);
if (OFF == plugin_config_get('project_text')) {
$proj_id = 0;
} else {
$proj_id = $t_bug_p->project_id;
}
$answer = urlencode($t_bug_p->description);
$answer .= " ";
$answer .= urlencode($t_bug_p->additional_information);
$question = category_full_name($t_bug_p->category_id);
$question .= " -> ";
$question .= urlencode($t_bug_p->summary);
if (ON == plugin_config_get('faq_view_check')) {
$import_page = 'faq_add_page2.php';
} else {
$import_page = 'faq_add.php';
}
$import_page .= '&question=';
$import_page .= $question;
$import_page .= '&answere=';
$import_page .= $answer;
$import_page .= '&project_id=';
$import_page .= $proj_id;
if (ON == plugin_config_get('faq_view_check')) {
return array(plugin_lang_get('import_faq') => plugin_page($import_page) . '" target=_new>');
} else {
return array(plugin_lang_get('import_faq') => plugin_page($import_page));
}
}
}
}
$f_highlight_changed = $t_filter_cookie_arr[FILTER_PROPERTY_HIGHLIGHT_CHANGED];
$f_sort = $t_filter_cookie_arr[FILTER_PROPERTY_SORT_FIELD_NAME];
$f_dir = $t_filter_cookie_arr[FILTER_PROPERTY_SORT_DIRECTION];
$t_project_id = helper_get_current_project();
}
# This replaces the actual search that used to be here
$f_page_number = gpc_get_int('page_number', 1);
$t_per_page = -1;
$t_bug_count = null;
$t_page_count = null;
$result = filter_get_bug_rows($f_page_number, $t_per_page, $t_page_count, $t_bug_count);
$row_count = count($result);
# pre-cache custom column data
columns_plugin_cache_issue_data($result);
# for export
$t_show_flag = gpc_get_int('show_flag', 0);
html_page_top1();
html_head_end();
html_body_begin();
?>
<table class="width100"><tr><td class="form-title">
<div class="center">
<?php
echo string_display(config_get('window_title')) . ' - ' . string_display(project_get_name($t_project_id));
?>
</div>
</td></tr></table>
<br />
if ($f_action != 'make_default' && $f_profile_id == 0) {
error_parameters(lang_get('select_profile'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
}
switch ($f_action) {
case 'edit':
form_security_purge('profile_update');
print_header_redirect('account_prof_edit_page.php?profile_id=' . $f_profile_id);
break;
case 'add':
$f_platform = gpc_get_string('platform');
$f_os = gpc_get_string('os');
$f_os_build = gpc_get_string('os_build');
$f_description = gpc_get_string('description');
$t_user_id = gpc_get_int('user_id');
if (ALL_USERS != $t_user_id) {
$t_user_id = auth_get_current_user_id();
}
if (ALL_USERS == $t_user_id) {
access_ensure_global_level(config_get('manage_global_profile_threshold'));
} else {
access_ensure_global_level(config_get('add_profile_threshold'));
}
profile_create($t_user_id, $f_platform, $f_os, $f_os_build, $f_description);
form_security_purge('profile_update');
if (ALL_USERS == $t_user_id) {
print_header_redirect('manage_prof_menu_page.php');
} else {
print_header_redirect('account_prof_menu_page.php');
}
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'Period.php';
require_once 'graph_api.php';
access_ensure_project_level(config_get('view_summary_threshold'));
$f_width = gpc_get_int('width', 600);
$t_ar = plugin_config_get('bar_aspect');
$t_interval = new Period();
$t_interval->set_period_from_selector('interval');
$f_show_as_table = gpc_get_bool('show_table', FALSE);
$f_summary = gpc_get_bool('summary', FALSE);
$t_interval_days = $t_interval->get_elapsed_days();
if ($t_interval_days <= 14) {
$t_incr = 60 * 60;
// less than 14 days, use hourly
} else {
if ($t_interval_days <= 92) {
$t_incr = 24 * 60 * 60;
// less than three months, use daily
} else {
$t_incr = 7 * 24 * 60 * 60;
$f_os = gpc_get_string('os', '');
$f_os_build = gpc_get_string('os_build', '');
$f_product_version = gpc_get_string('product_version', '');
$f_target_version = gpc_get_string('target_version', '');
$f_profile_id = gpc_get_int('profile_id', 0);
$f_handler_id = gpc_get_int('handler_id', 0);
$f_category_id = gpc_get_int('category_id', 0);
$f_reproducibility = gpc_get_int('reproducibility', (int) config_get('default_bug_reproducibility'));
$f_eta = gpc_get_int('eta', (int) config_get('default_bug_eta'));
$f_severity = gpc_get_int('severity', (int) config_get('default_bug_severity'));
$f_priority = gpc_get_int('priority', (int) config_get('default_bug_priority'));
$f_summary = gpc_get_string('summary', '');
$f_description = gpc_get_string('description', '');
$f_steps_to_reproduce = gpc_get_string('steps_to_reproduce', config_get('default_bug_steps_to_reproduce'));
$f_additional_info = gpc_get_string('additional_info', config_get('default_bug_additional_info'));
$f_view_state = gpc_get_int('view_state', (int) config_get('default_bug_view_status'));
$f_due_date = gpc_get_string('due_date', '');
if ($f_due_date == '') {
$f_due_date = date_get_null();
}
$t_changed_project = false;
}
$f_report_stay = gpc_get_bool('report_stay', false);
$f_copy_notes_from_parent = gpc_get_bool('copy_notes_from_parent', false);
$f_copy_attachments_from_parent = gpc_get_bool('copy_attachments_from_parent', false);
$t_fields = config_get('bug_report_page_fields');
$t_fields = columns_filter_disabled($t_fields);
$t_show_category = in_array('category_id', $t_fields);
$t_show_reproducibility = in_array('reproducibility', $t_fields);
$t_show_eta = in_array('eta', $t_fields);
$t_show_severity = in_array('severity', $t_fields);
* @uses html_api.php
* @uses lang_api.php
* @uses news_api.php
* @uses print_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('news_api.php');
require_api('print_api.php');
news_ensure_enabled();
$f_news_id = gpc_get_int('news_id', null);
html_page_top();
?>
<?php
if ($f_news_id !== null) {
$t_project_id = news_get_field($f_news_id, 'project_id');
if (news_is_private($f_news_id)) {
access_ensure_project_level(config_get('private_news_threshold'), $t_project_id);
} else {
access_ensure_project_level(VIEWER, $t_project_id);
}
print_news_string_by_news_id($f_news_id);
}
?>
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
form_security_validate('manage_custom_field_update');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_custom_fields_threshold'));
$f_field_id = gpc_get_int('field_id');
$f_return = strip_tags(gpc_get_string('return', 'manage_custom_field_page.php'));
$t_values['name'] = gpc_get_string('name');
$t_values['type'] = gpc_get_int('type');
$t_values['possible_values'] = gpc_get_string('possible_values');
$t_values['default_value'] = gpc_get_string('default_value');
$t_values['valid_regexp'] = gpc_get_string('valid_regexp');
$t_values['access_level_r'] = gpc_get_int('access_level_r');
$t_values['access_level_rw'] = gpc_get_int('access_level_rw');
$t_values['length_min'] = gpc_get_int('length_min');
$t_values['length_max'] = gpc_get_int('length_max');
$t_values['display_report'] = gpc_get_bool('display_report');
$t_values['display_update'] = gpc_get_bool('display_update');
$t_values['display_resolved'] = gpc_get_bool('display_resolved');
$t_values['display_closed'] = gpc_get_bool('display_closed');
$t_values['require_report'] = gpc_get_bool('require_report');
$t_values['require_update'] = gpc_get_bool('require_update');
$t_values['require_resolved'] = gpc_get_bool('require_resolved');
$t_values['require_closed'] = gpc_get_bool('require_closed');
$t_values['filter_by'] = gpc_get_bool('filter_by');
custom_field_update($f_field_id, $t_values);
form_security_purge('manage_custom_field_update');
html_page_top(null, $f_return);
html_operation_successful($f_return);
html_page_bottom();
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'email_api.php';
form_security_validate('signup');
$f_username = strip_tags(gpc_get_string('username'));
$f_email = strip_tags(gpc_get_string('email'));
$f_captcha = gpc_get_string('captcha', '');
$f_public_key = gpc_get_int('public_key', '');
$f_username = trim($f_username);
$f_email = email_append_domain(trim($f_email));
$f_captcha = utf8_strtolower(trim($f_captcha));
# force logout on the current user if already authenticated
if (auth_is_user_authenticated()) {
auth_logout();
}
# Check to see if signup is allowed
if (OFF == config_get_global('allow_signup')) {
print_header_redirect('login_page.php');
exit;
}
if (ON == config_get('signup_use_captcha') && get_gd_version() > 0 && helper_call_custom_function('auth_can_change_password', array())) {
# captcha image requires GD library and related option to ON
$t_key = utf8_strtolower(utf8_substr(md5(config_get('password_confirm_hash_magic_string') . $f_public_key), 1, 5));
/**
* Make sure that our filters are entirely correct and complete (it is possible that they are not).
* We need to do this to cover cases where we don't have complete control over the filters given.
* @param array $p_filter_arr A Filter definition.
* @return array
* @todo function needs to be abstracted
*/
function filter_ensure_valid_filter(array $p_filter_arr)
{
# extend current filter to add information passed via POST
if (!isset($p_filter_arr['_version'])) {
$p_filter_arr['_version'] = FILTER_VERSION;
}
$t_cookie_vers = (int) substr($p_filter_arr['_version'], 1);
if (substr(FILTER_VERSION, 1) > $t_cookie_vers) {
# if the version is old, update it
$p_filter_arr['_version'] = FILTER_VERSION;
}
if (!isset($p_filter_arr['_view_type'])) {
$p_filter_arr['_view_type'] = gpc_get_string('view_type', 'simple');
}
if (!isset($p_filter_arr[FILTER_PROPERTY_ISSUES_PER_PAGE])) {
$p_filter_arr[FILTER_PROPERTY_ISSUES_PER_PAGE] = gpc_get_int(FILTER_PROPERTY_ISSUES_PER_PAGE, config_get('default_limit_view'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_HIGHLIGHT_CHANGED])) {
$p_filter_arr[FILTER_PROPERTY_HIGHLIGHT_CHANGED] = config_get('default_show_changed');
}
if (!isset($p_filter_arr[FILTER_PROPERTY_STICKY])) {
$p_filter_arr[FILTER_PROPERTY_STICKY] = gpc_string_to_bool(config_get('show_sticky_issues'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_SORT_FIELD_NAME])) {
$p_filter_arr[FILTER_PROPERTY_SORT_FIELD_NAME] = 'last_updated';
}
if (!isset($p_filter_arr[FILTER_PROPERTY_SORT_DIRECTION])) {
$p_filter_arr[FILTER_PROPERTY_SORT_DIRECTION] = 'DESC';
}
if (!isset($p_filter_arr[FILTER_PROPERTY_PLATFORM])) {
$p_filter_arr[FILTER_PROPERTY_PLATFORM] = array(0 => (string) META_FILTER_ANY);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_OS])) {
$p_filter_arr[FILTER_PROPERTY_OS] = array(0 => (string) META_FILTER_ANY);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_OS_BUILD])) {
$p_filter_arr[FILTER_PROPERTY_OS_BUILD] = array(0 => (string) META_FILTER_ANY);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_PROJECT_ID])) {
$p_filter_arr[FILTER_PROPERTY_PROJECT_ID] = array(0 => META_FILTER_CURRENT);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_START_MONTH])) {
$p_filter_arr[FILTER_PROPERTY_START_MONTH] = gpc_get_string(FILTER_PROPERTY_START_MONTH, date('m'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_START_DAY])) {
$p_filter_arr[FILTER_PROPERTY_START_DAY] = gpc_get_string(FILTER_PROPERTY_START_DAY, 1);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_START_YEAR])) {
$p_filter_arr[FILTER_PROPERTY_START_YEAR] = gpc_get_string(FILTER_PROPERTY_START_YEAR, date('Y'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_END_MONTH])) {
$p_filter_arr[FILTER_PROPERTY_END_MONTH] = gpc_get_string(FILTER_PROPERTY_END_MONTH, date('m'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_END_DAY])) {
$p_filter_arr[FILTER_PROPERTY_END_DAY] = gpc_get_string(FILTER_PROPERTY_END_DAY, date('d'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_END_YEAR])) {
$p_filter_arr[FILTER_PROPERTY_END_YEAR] = gpc_get_string(FILTER_PROPERTY_END_YEAR, date('Y'));
}
if (!isset($p_filter_arr[FILTER_PROPERTY_SEARCH])) {
$p_filter_arr[FILTER_PROPERTY_SEARCH] = '';
}
if (!isset($p_filter_arr[FILTER_PROPERTY_FILTER_BY_DATE])) {
$p_filter_arr[FILTER_PROPERTY_FILTER_BY_DATE] = gpc_get_bool(FILTER_PROPERTY_FILTER_BY_DATE, false);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_VIEW_STATE])) {
$p_filter_arr[FILTER_PROPERTY_VIEW_STATE] = gpc_get(FILTER_PROPERTY_VIEW_STATE, META_FILTER_ANY);
} else {
if (filter_field_is_any($p_filter_arr[FILTER_PROPERTY_VIEW_STATE])) {
$p_filter_arr[FILTER_PROPERTY_VIEW_STATE] = META_FILTER_ANY;
}
}
if (!isset($p_filter_arr[FILTER_PROPERTY_RELATIONSHIP_TYPE])) {
$p_filter_arr[FILTER_PROPERTY_RELATIONSHIP_TYPE] = gpc_get_int(FILTER_PROPERTY_RELATIONSHIP_TYPE, -1);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_RELATIONSHIP_BUG])) {
$p_filter_arr[FILTER_PROPERTY_RELATIONSHIP_BUG] = gpc_get_int(FILTER_PROPERTY_RELATIONSHIP_BUG, 0);
}
if (!isset($p_filter_arr[FILTER_PROPERTY_TARGET_VERSION])) {
$p_filter_arr[FILTER_PROPERTY_TARGET_VERSION] = (string) META_FILTER_ANY;
}
if (!isset($p_filter_arr[FILTER_PROPERTY_TAG_STRING])) {
$p_filter_arr[FILTER_PROPERTY_TAG_STRING] = gpc_get_string(FILTER_PROPERTY_TAG_STRING, '');
}
if (!isset($p_filter_arr[FILTER_PROPERTY_TAG_SELECT])) {
$p_filter_arr[FILTER_PROPERTY_TAG_SELECT] = gpc_get_string(FILTER_PROPERTY_TAG_SELECT, '');
}
if (!isset($p_filter_arr[FILTER_PROPERTY_MATCH_TYPE])) {
$p_filter_arr[FILTER_PROPERTY_MATCH_TYPE] = gpc_get_int(FILTER_PROPERTY_MATCH_TYPE, FILTER_MATCH_ALL);
}
# initialize plugin filters
$t_plugin_filters = filter_get_plugin_filters();
foreach ($t_plugin_filters as $t_field_name => $t_filter_object) {
if (!isset($p_filter_arr[$t_field_name])) {
switch ($t_filter_object->type) {
case FILTER_TYPE_STRING:
$p_filter_arr[$t_field_name] = gpc_get_string($t_field_name, $t_filter_object->default);
break;
case FILTER_TYPE_INT:
$p_filter_arr[$t_field_name] = gpc_get_int($t_field_name, (int) $t_filter_object->default);
break;
case FILTER_TYPE_BOOLEAN:
$p_filter_arr[$t_field_name] = gpc_get_bool($t_field_name, (bool) $t_filter_object->default);
break;
case FILTER_TYPE_MULTI_STRING:
$p_filter_arr[$t_field_name] = gpc_get_string_array($t_field_name, array(0 => (string) META_FILTER_ANY));
break;
case FILTER_TYPE_MULTI_INT:
$p_filter_arr[$t_field_name] = gpc_get_int_array($t_field_name, array(0 => META_FILTER_ANY));
break;
default:
$p_filter_arr[$t_field_name] = (string) META_FILTER_ANY;
}
}
if (!$t_filter_object->validate($p_filter_arr[$t_field_name])) {
$p_filter_arr[$t_field_name] = $t_filter_object->default;
}
}
$t_custom_fields = custom_field_get_ids();
# @@@ (thraxisp) This should really be the linked ids, but we don't know the project
$f_custom_fields_data = array();
if (is_array($t_custom_fields) && count($t_custom_fields) > 0) {
foreach ($t_custom_fields as $t_cfid) {
if (is_array(gpc_get('custom_field_' . $t_cfid, null))) {
$f_custom_fields_data[$t_cfid] = gpc_get_string_array('custom_field_' . $t_cfid, array(META_FILTER_ANY));
} else {
$f_custom_fields_data[$t_cfid] = gpc_get_string('custom_field_' . $t_cfid, (string) META_FILTER_ANY);
$f_custom_fields_data[$t_cfid] = array($f_custom_fields_data[$t_cfid]);
}
}
}
# validate sorting
$t_fields = helper_get_columns_to_view();
$t_n_fields = count($t_fields);
for ($i = 0; $i < $t_n_fields; $i++) {
if (isset($t_fields[$i]) && in_array($t_fields[$i], array('selection', 'edit', 'bugnotes_count', 'attachment_count'))) {
unset($t_fields[$i]);
}
}
# Make sure array is no longer than 2 elements
$t_sort_fields = explode(',', $p_filter_arr['sort']);
if (count($t_sort_fields) > 2) {
$t_sort_fields = array_slice($t_sort_fields, 0, 2);
}
# Make sure array is no longer than 2 elements
$t_dir_fields = explode(',', $p_filter_arr['dir']);
if (count($t_dir_fields) > 2) {
$t_dir_fields = array_slice($t_dir_fields, 0, 2);
}
# Validate the max of two segments for $t_sort_fields and $t_dir_fields
for ($i = 0; $i < 2; $i++) {
if (isset($t_sort_fields[$i])) {
$t_drop = false;
$t_sort = $t_sort_fields[$i];
if (strpos($t_sort, 'custom_') === 0) {
if (false === custom_field_get_id_from_name(utf8_substr($t_sort, utf8_strlen('custom_')))) {
$t_drop = true;
}
} else {
if (!in_array($t_sort, $t_fields)) {
$t_drop = true;
}
}
if (!in_array($t_dir_fields[$i], array('ASC', 'DESC'))) {
$t_drop = true;
}
if ($t_drop) {
unset($t_sort_fields[$i]);
unset($t_dir_fields[$i]);
}
}
}
if (count($t_sort_fields) > 0) {
$p_filter_arr['sort'] = implode(',', $t_sort_fields);
$p_filter_arr['dir'] = implode(',', $t_dir_fields);
} else {
$p_filter_arr['sort'] = 'last_updated';
$p_filter_arr['dir'] = 'DESC';
}
# validate or filter junk from other fields
$t_multi_select_list = array(FILTER_PROPERTY_CATEGORY_ID => 'string', FILTER_PROPERTY_SEVERITY => 'int', FILTER_PROPERTY_STATUS => 'int', FILTER_PROPERTY_REPORTER_ID => 'int', FILTER_PROPERTY_HANDLER_ID => 'int', FILTER_PROPERTY_NOTE_USER_ID => 'int', FILTER_PROPERTY_RESOLUTION => 'int', FILTER_PROPERTY_PRIORITY => 'int', FILTER_PROPERTY_BUILD => 'string', FILTER_PROPERTY_VERSION => 'string', FILTER_PROPERTY_HIDE_STATUS => 'int', FILTER_PROPERTY_FIXED_IN_VERSION => 'string', FILTER_PROPERTY_TARGET_VERSION => 'string', FILTER_PROPERTY_MONITOR_USER_ID => 'int', FILTER_PROPERTY_PROFILE_ID => 'int');
foreach ($t_multi_select_list as $t_multi_field_name => $t_multi_field_type) {
if (!isset($p_filter_arr[$t_multi_field_name])) {
if (FILTER_PROPERTY_HIDE_STATUS == $t_multi_field_name) {
$p_filter_arr[$t_multi_field_name] = array(config_get('hide_status_default'));
} else {
if ('custom_fields' == $t_multi_field_name) {
$p_filter_arr[$t_multi_field_name] = array($f_custom_fields_data);
} else {
$p_filter_arr[$t_multi_field_name] = array(META_FILTER_ANY);
}
}
} else {
if (!is_array($p_filter_arr[$t_multi_field_name])) {
$p_filter_arr[$t_multi_field_name] = array($p_filter_arr[$t_multi_field_name]);
}
$t_checked_array = array();
foreach ($p_filter_arr[$t_multi_field_name] as $t_filter_value) {
$t_filter_value = stripslashes($t_filter_value);
if ($t_filter_value === 'any' || $t_filter_value === '[any]') {
$t_filter_value = META_FILTER_ANY;
}
if ($t_filter_value === 'none' || $t_filter_value === '[none]') {
$t_filter_value = META_FILTER_NONE;
}
if ('string' == $t_multi_field_type) {
$t_checked_array[] = $t_filter_value;
} else {
if ('int' == $t_multi_field_type) {
$t_checked_array[] = (int) $t_filter_value;
} else {
if ('array' == $t_multi_field_type) {
$t_checked_array[] = $t_filter_value;
}
}
}
}
$p_filter_arr[$t_multi_field_name] = $t_checked_array;
}
}
if (is_array($t_custom_fields) && count($t_custom_fields) > 0) {
foreach ($t_custom_fields as $t_cfid) {
if (!isset($p_filter_arr['custom_fields'][$t_cfid])) {
$p_filter_arr['custom_fields'][$t_cfid] = array(META_FILTER_ANY);
} else {
if (!is_array($p_filter_arr['custom_fields'][$t_cfid])) {
$p_filter_arr['custom_fields'][$t_cfid] = array($p_filter_arr['custom_fields'][$t_cfid]);
}
$t_checked_array = array();
foreach ($p_filter_arr['custom_fields'][$t_cfid] as $t_filter_value) {
$t_filter_value = stripslashes($t_filter_value);
if ($t_filter_value === 'any' || $t_filter_value === '[any]') {
$t_filter_value = META_FILTER_ANY;
}
$t_checked_array[] = $t_filter_value;
}
$p_filter_arr['custom_fields'][$t_cfid] = $t_checked_array;
}
}
}
# all of our filter values are now guaranteed to be there, and correct.
return $p_filter_arr;
}
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'news_api.php';
require_once 'string_api.php';
news_ensure_enabled();
$f_news_id = gpc_get_int('news_id');
$f_action = gpc_get_string('action', '');
# If deleting item redirect to delete script
if ('delete' == $f_action) {
form_security_validate('news_delete');
$row = news_get_row($f_news_id);
# This check is to allow deleting of news items that were left orphan due to bug #3723
if (project_exists($row['project_id'])) {
access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']);
}
helper_ensure_confirmed(lang_get('delete_news_sure_msg'), lang_get('delete_news_item_button'));
news_delete($f_news_id);
form_security_purge('news_delete');
print_header_redirect('news_menu_page.php', true);
}
# Retrieve news item data and prefix with v_
<?php
# Mantis - a php based bugtracking system
# Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
# Copyright (C) 2002 - 2004 Mantis Team - mantisbt-dev@lists.sourceforge.net
# This program is distributed under the terms and conditions of the GPL
# See the README and LICENSE files for details
# --------------------------------------------------------
# $Id: summary_graph_bystatus_pct.php,v 1.15 2005/02/12 20:01:08 jlatour Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'graph_api.php';
access_ensure_project_level(config_get('view_summary_threshold'));
$f_width = gpc_get_int('width', 300);
$f_token = gpc_get_int('token', 0);
if (0 == $f_token) {
$t_metrics = create_bug_enum_summary(lang_get('status_enum_string'), 'status');
} else {
$t_metrics = unserialize(token_get_value($f_token));
}
graph_pie($t_metrics, lang_get('by_status_pct'), $f_width, $f_width);
function gpc_get_custom_field($p_var_name, $p_custom_field_type, $p_default = null)
{
switch ($p_custom_field_type) {
case CUSTOM_FIELD_TYPE_MULTILIST:
case CUSTOM_FIELD_TYPE_CHECKBOX:
$t_values = gpc_get_string_array($p_var_name, $p_default);
if (null !== $t_values && '' != $t_values) {
return implode('|', $t_values);
} else {
return '';
}
break;
case CUSTOM_FIELD_TYPE_DATE:
$t_day = gpc_get_int($p_var_name . "_day", 0);
$t_month = gpc_get_int($p_var_name . "_month", 0);
$t_year = gpc_get_int($p_var_name . "_year", 0);
if ($t_year == 0 || $t_month == 0 || $t_day == 0) {
if ($p_default == null) {
return '';
} else {
return $p_default;
}
} else {
return strtotime($t_year . "-" . $t_month . "-" . $t_day);
}
break;
default:
return gpc_get_string($p_var_name, $p_default);
}
}
require_api('access_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('file_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
require_api('utility_api.php');
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation') || !file_is_uploading_enabled() || !file_allow_project_upload()) {
access_denied();
}
$f_file_id = gpc_get_int('file_id');
$c_file_id = db_prepare_int($f_file_id);
$t_project_id = file_get_field($f_file_id, 'project_id', 'project');
access_ensure_project_level(config_get('upload_project_file_threshold'), $t_project_id);
$t_proj_file_table = db_get_table('project_file');
$query = "SELECT *\n\t\tFROM {$t_proj_file_table}\n\t\tWHERE id=" . db_param();
$result = db_query_bound($query, array($c_file_id));
$row = db_fetch_array($result);
extract($row, EXTR_PREFIX_ALL, 'v');
$v_title = string_attribute($v_title);
$v_description = string_textarea($v_description);
$t_max_file_size = (int) min(ini_get_number('upload_max_filesize'), ini_get_number('post_max_size'), config_get('max_file_size'));
html_page_top();
?>
<br />
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
form_security_validate('manage_proj_subproj_delete');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_subproject_id = gpc_get_int('subproject_id');
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
project_hierarchy_remove($f_subproject_id, $f_project_id);
form_security_purge('manage_proj_subproj_delete');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: manage_custom_field_delete.php,v 1.17.2.1 2007-10-13 22:33:27 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'custom_field_api.php';
form_security_validate('manage_custom_field_delete');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_custom_fields_threshold'));
$f_field_id = gpc_get_int('field_id');
$f_return = strip_tags(gpc_get_string('return', 'manage_custom_field_page.php'));
$t_definition = custom_field_get_definition($f_field_id);
if (0 < count(custom_field_get_project_ids($f_field_id))) {
helper_ensure_confirmed(lang_get('confirm_used_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button'));
} else {
helper_ensure_confirmed(lang_get('confirm_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button'));
}
custom_field_destroy($f_field_id);
form_security_purge('manage_custom_field_delete');
html_page_top1();
html_meta_redirect($f_return);
html_page_top2();
?>
<br />
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
/**
* requires tag_api
*/
require_once 'tag_api.php';
form_security_validate('tag_detach');
$f_tag_id = gpc_get_int('tag_id');
$f_bug_id = gpc_get_int('bug_id');
tag_bug_detach($f_tag_id, $f_bug_id);
event_signal('EVENT_TAG_DETACHED', array($f_bug_id, array($f_tag_id)));
form_security_purge('tag_detach');
print_successful_redirect_to_bug($f_bug_id);
<?php
# phpWebNotes - a php based note addition system
# Copyright (C) 2000-2002 Webnotes Team - webnotes-devel@sourceforge.net
# This program is distributed under the terms and conditions of the GPL
# See the files README and LICENSE for details
# --------------------------------------------------------
# $Id: note_add.php,v 1.20 2003/09/13 06:59:30 vboctor Exp $
# --------------------------------------------------------
require_once 'core' . DIRECTORY_SEPARATOR . 'api.php';
access_ensure_check_action(ACTION_NOTES_SUBMIT);
$f_page_id = gpc_get_int('f_page_id');
$f_note_id = gpc_get_int('f_note_id');
$f_email = stripslashes(gpc_get_string('f_email'));
$f_note = stripslashes(gpc_get_string('f_note'));
### insert note
if (0 == $f_note_id) {
$result = note_add($f_page_id, $f_email, $REMOTE_ADDR, $f_note);
if ($result !== false) {
email_note_added($result);
}
} else {
$result = note_update($f_note_id, $f_email, $f_note);
email_note_updated($f_note_id);
}
$t_page_info = page_get_info(page_where_id_equals($f_page_id));
if (false === $t_page_info) {
echo "page not found";
exit;
}
$t_url = $t_page_info['url'];
* MantisBT Core API's
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('columns_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('current_user_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
form_security_validate('manage_columns_copy');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_other_project_id = gpc_get_int('other_project_id');
$f_copy_from = gpc_get_bool('copy_from');
$f_copy_to = gpc_get_bool('copy_to');
$f_manage_page = gpc_get_bool('manage_page');
if ($f_copy_from) {
$t_src_project_id = $f_other_project_id;
$t_dst_project_id = $f_project_id;
} else {
if ($f_copy_to) {
$t_src_project_id = $f_project_id;
$t_dst_project_id = $f_other_project_id;
} else {
trigger_error(ERROR_GENERIC, ERROR);
}
}
# only admins can set global defaults.for ALL_PROJECT
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_api('authentication_api.php');
require_api('compress_api.php');
require_api('filter_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
auth_ensure_user_authenticated();
compress_enable();
$f_query_id = gpc_get_int('source_query_id');
$t_redirect_url = 'query_view_page.php';
$t_delete_url = 'query_delete.php';
if (!filter_db_can_delete_filter($f_query_id)) {
print_header_redirect($t_redirect_url);
}
html_page_top();
?>
<br />
<div align="center">
<center><b><?php
print string_display(filter_db_get_name($f_query_id));
?>
</b></center>
<?php
echo lang_get('query_delete_msg');
* @uses print_api.php
*/
/** @ignore */
define('PLUGINS_DISABLED', true);
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
form_security_validate('manage_plugin_update');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_plugin_threshold'));
$t_plugin_table = db_get_table('plugin');
$t_query = "SELECT basename FROM {$t_plugin_table}";
$t_result = db_query_bound($t_query);
while ($t_row = db_fetch_array($t_result)) {
$t_basename = $t_row['basename'];
$f_change = gpc_get_bool('change_' . $t_basename, 0);
if (!$f_change) {
continue;
}
$f_priority = gpc_get_int('priority_' . $t_basename, 3);
$f_protected = gpc_get_bool('protected_' . $t_basename, 0);
$t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param();
db_query_bound($t_query, array($f_priority, $f_protected, $t_basename));
}
form_security_purge('manage_plugin_update');
print_successful_redirect('manage_plugin_page.php');
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'news_api.php';
require_once 'print_api.php';
news_ensure_enabled();
form_security_validate('news_add');
access_ensure_project_level(config_get('manage_news_threshold'));
$f_view_state = gpc_get_int('view_state');
$f_headline = gpc_get_string('headline');
$f_announcement = gpc_get_bool('announcement');
$f_body = gpc_get_string('body');
$t_news_id = news_create(helper_get_current_project(), auth_get_current_user_id(), $f_view_state, $f_announcement, $f_headline, $f_body);
form_security_purge('news_add');
$t_news_row = news_get_row($t_news_id);
html_page_top();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link('news_menu_page.php', lang_get('proceed'));
echo '<br /><br />';
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'custom_field_api.php';
form_security_validate('manage_proj_custom_field_update');
auth_reauthenticate();
$f_field_id = gpc_get_int('field_id');
$f_project_id = gpc_get_int('project_id');
$f_sequence = gpc_get_int('sequence');
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id);
custom_field_set_sequence($f_field_id, $f_project_id, $f_sequence);
form_security_purge('manage_proj_custom_field_update');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
# Mantis is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: adm_config_set.php,v 1.4.2.1 2007-10-13 22:32:27 giallu Exp $
# --------------------------------------------------------
# This page stores the reported bug
require_once 'core.php';
$t_core_path = config_get('core_path');
# helper_ensure_post();
$f_user_id = gpc_get_int('user_id');
$f_project_id = gpc_get_int('project_id');
$f_config_option = gpc_get_string('config_option');
$f_type = gpc_get_string('type');
$f_value = gpc_get_string('value');
if (is_blank($f_config_option)) {
error_parameters('config_option');
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
if ($f_project_id == ALL_PROJECTS) {
access_ensure_global_level(config_get('set_configuration_threshold'));
} else {
access_ensure_project_level(config_get('set_configuration_threshold'), $f_project_id);
}
# make sure that configuration option specified is a valid one.
$t_not_found_value = '***CONFIG OPTION NOT FOUND***';
if (config_get_global($f_config_option, $t_not_found_value) === $t_not_found_value) {
