function newProductBacklog()
{
global $agilemantis_au;
// Check if team-user name fits into MantisBT regulations
if (!(utf8_strlen($this->name) < 22 && user_is_name_valid($this->name) && user_is_name_unique($this->name))) {
return null;
}
$p_username = $this->generateTeamUser($this->name);
$p_email = $this->email;
$p_email = trim($p_email);
$t_seed = $p_email . $p_username;
$t_password = auth_generate_random_password($t_seed);
if (user_is_name_unique($p_username) === true) {
user_create($p_username, $t_password, $p_email, 55, false, true, 'Team-User-' . $_POST['pbl_name']);
} else {
$t_user_id = $this->getUserIdByName($p_username);
user_set_field($t_user_id, 'email', $p_email);
}
$user_id = $this->getLatestUser();
$agilemantis_au->setAgileMantisUserRights($user_id, 1, 0, 0);
if ($this->team == 0) {
$this->team = $this->getLatestUser();
}
$t_sql = "INSERT INTO gadiv_productbacklogs (name, description, user_id) VALUES ( " . db_param(0) . ", " . db_param(1) . ", " . db_param(2) . ") ";
$t_params = array($this->name, $this->description, $user_id);
db_query_bound($t_sql, $t_params);
$this->id = db_insert_id("gadiv_productbacklogs");
$this->user_id = $user_id;
return $this->id;
}
/**
* Reset the user's password
* Take into account the 'send_reset_password' setting
* - if it is ON, generate a random password and send an email
* (unless the second parameter is false)
* - if it is OFF, set the password to blank
* Return false if the user is protected, true if the password was
* successfully reset
*
* @param integer $p_user_id A valid user identifier.
* @param boolean $p_send_email Whether to send confirmation email.
* @return boolean
*/
function user_reset_password($p_user_id, $p_send_email = true)
{
$t_protected = user_get_field($p_user_id, 'protected');
# Go with random password and email it to the user
if (ON == $t_protected) {
return false;
}
# @@@ do we want to force blank password instead of random if
# email notifications are turned off?
# How would we indicate that we had done this with a return value?
# Should we just have two functions? (user_reset_password_random()
# and user_reset_password() )?
if (ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) {
$t_email = user_get_field($p_user_id, 'email');
if (is_blank($t_email)) {
trigger_error(ERROR_LOST_PASSWORD_NO_EMAIL_SPECIFIED, ERROR);
}
# Create random password
$t_password = auth_generate_random_password();
$t_password2 = auth_process_plain_password($t_password);
user_set_field($p_user_id, 'password', $t_password2);
# Send notification email
if ($p_send_email) {
$t_confirm_hash = auth_generate_confirm_hash($p_user_id);
email_send_confirm_hash_url($p_user_id, $t_confirm_hash);
}
} else {
# use blank password, no emailing
$t_password = auth_process_plain_password('');
user_set_field($p_user_id, 'password', $t_password);
# reset the failed login count because in this mode there is no emailing
user_reset_failed_login_count_to_zero($p_user_id);
}
return true;
}
/**
* Authenticates an user via LDAP given the username and password.
*
* @param string $p_username The user name.
* @param string $p_password The password.
* @return true: authenticated, false: failed to authenticate.
*/
function ldap_authenticate_by_username( $p_username, $p_password ) {
if ( ldap_simulation_is_enabled() ) {
log_event( LOG_LDAP, "Authenticating via LDAP simulation" );
$t_authenticated = ldap_simulation_authenticate_by_username( $p_username, $p_password );
} else {
$c_username = ldap_escape_string( $p_username );
$t_ldap_organization = config_get( 'ldap_organization' );
$t_ldap_root_dn = config_get( 'ldap_root_dn' );
$t_ldap_uid_field = config_get( 'ldap_uid_field', 'uid' );
$t_search_filter = "(&$t_ldap_organization($t_ldap_uid_field=$c_username))";
$t_search_attrs = array(
$t_ldap_uid_field,
'dn',
);
# Bind
log_event( LOG_LDAP, "Binding to LDAP server" );
$t_ds = ldap_connect_bind();
if ( $t_ds === false ) {
ldap_log_error( $t_ds );
trigger_error( ERROR_LDAP_AUTH_FAILED, ERROR );
}
# Search for the user id
log_event( LOG_LDAP, "Searching for $t_search_filter" );
$t_sr = ldap_search( $t_ds, $t_ldap_root_dn, $t_search_filter, $t_search_attrs );
if ( $t_sr === false ) {
ldap_log_error( $t_ds );
ldap_unbind( $t_ds );
log_event( LOG_LDAP, "ldap search failed" );
trigger_error( ERROR_LDAP_AUTH_FAILED, ERROR );
}
$t_info = @ldap_get_entries( $t_ds, $t_sr );
if ( $t_info === false ) {
ldap_log_error( $t_ds );
ldap_free_result( $t_sr );
ldap_unbind( $t_ds );
trigger_error( ERROR_LDAP_AUTH_FAILED, ERROR );
}
$t_authenticated = false;
if ( $t_info['count'] > 0 ) {
# Try to authenticate to each until we get a match
for ( $i = 0; $i < $t_info['count']; $i++ ) {
$t_dn = $t_info[$i]['dn'];
log_event( LOG_LDAP, "Checking {$t_info[$i]['dn']}" );
# Attempt to bind with the DN and password
if ( @ldap_bind( $t_ds, $t_dn, $p_password ) ) {
$t_authenticated = true;
break;
}
}
} else {
log_event( LOG_LDAP, "No matching entries found" );
}
log_event( LOG_LDAP, "Unbinding from LDAP server" );
ldap_free_result( $t_sr );
ldap_unbind( $t_ds );
}
# If user authenticated successfully then update the local DB with information
# from LDAP. This will allow us to use the local data after login without
# having to go back to LDAP. This will also allow fallback to DB if LDAP is down.
if ( $t_authenticated ) {
$t_user_id = user_get_id_by_name( $p_username );
if ( false !== $t_user_id ) {
user_set_field( $t_user_id, 'password', md5( $p_password ) );
if ( ON == config_get( 'use_ldap_realname' ) ) {
$t_realname = ldap_realname( $t_user_id );
user_set_field( $t_user_id, 'realname', $t_realname );
}
if ( ON == config_get( 'use_ldap_email' ) ) {
$t_email = ldap_email_from_username( $p_username );
user_set_field( $t_user_id, 'email', $t_email );
}
}
log_event( LOG_LDAP, "User '$p_username' authenticated" );
} else {
log_event( LOG_LDAP, "Authentication failed" );
}
return $t_authenticated;
}
foreach ($a_removedRsrcBindings as $i_miteIdEntry) {
$a_queries[] = "DELETE FROM " . $s_DBTable_mpsmp . " WHERE user_id = {$i_userId} AND type = '" . $s_type . "' AND " . $a_fieldNamesMiteRsrc_id[$s_type] . " = " . $i_miteIdEntry . " AND mantis_project_id = " . $i_updatedProject;
}
}
}
# get removed MITE project/services to MANTIS project bindings
# and build queries to DELETE the removed bindings
###################################################################################
$a_deletedProjectBindings = array_diff(array_keys($a_userMiteBindings), array_keys($a_userSelectedBindings));
foreach ($a_deletedProjectBindings as $i_removedProjectId) {
$a_project = $a_userMiteBindings[$i_removedProjectId];
foreach (Mantis2mitePlugin::$a_rsrcTypes as $s_type) {
# prepare array for foreach loop
if (!isset($a_project[$s_type])) {
$a_project[$s_type] = array();
}
foreach ($a_project[$s_type] as $i_miteIdEntry) {
$a_queries[] = "DELETE FROM " . $s_DBTable_mpsmp . " WHERE user_id = {$i_userId} AND type = '{$s_type}' AND " . $a_fieldNamesMiteRsrc_id[$s_type] . " = " . $i_miteIdEntry . " AND mantis_project_id = " . $i_removedProjectId;
}
}
}
# execute the database queries
for ($i = 0; $i < count($a_queries); $i++) {
$r_result = db_query_bound($a_queries[$i]);
}
# save the field for the notes pattern
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_NOTE_PATTERN, $_POST[Mantis2mitePlugin::DB_FIELD_NOTE_PATTERN]);
# force re-initialization of session stored user values
session_set('plugin_mite_status_session_vars', 'reinit');
$o_pluginController->initMiteObjects();
echo "<messages datetimestamp='" . gmdate('Y-m-d H:i:s') . "'>" . $s_xmlMsg . "</messages>";
*/
$r_result = $o_pluginController = null;
/*
* @local arrays
*/
$a_queries = array();
/*
* @local strings
*/
$s_query = '';
############
# ACTION
#######
$o_pluginController = $g_plugin_cache['Mantis2mite'];
$i_userId = $o_pluginController->getCurrentUserId();
$a_queries[] = "DELETE FROM " . plugin_table(Mantis2mitePlugin::DB_TABLE_PS) . " WHERE user_id = " . $i_userId;
$a_queries[] = "DELETE FROM " . plugin_table(Mantis2mitePlugin::DB_TABLE_PSMP) . " WHERE user_id = " . $i_userId;
$a_queries[] = "DELETE FROM " . plugin_table(Mantis2mitePlugin::DB_TABLE_TE) . " WHERE user_id = " . $i_userId;
# empty all database fields in the user table which are connected to the plugin
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_CONNECT_VERIFIED, 0);
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_API_KEY, '');
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_ACCOUNT_NAME, '');
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_NOTE_PATTERN, '');
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_CONNECT_LAST_UPDATED, 0);
# reset session status for plugin vars
session_set('plugin_mite_status_session_vars', 'init');
# execute the database queries
for ($i = 0; $i < count($a_queries); $i++) {
$r_result = db_query_bound($a_queries[$i]);
}
echo "<messages datetimestamp='" . gmdate('Y-m-d H:i:s') . "'></messages>";
$system = plugin_lang_get('edit_product_backlog_error_922600');
} else {
if (empty($_POST['pbl_email']) || email_is_valid($agilemantis_pb->email) == false) {
$system = plugin_lang_get('edit_product_backlog_error_923600');
} else {
$isNewPBOk = !$_POST['id'] && $agilemantis_pb->isNameUnique();
// New PB with unique name?
$isExistingPbOk = $_POST['id'] > 0 & ($agilemantis_pb->name != $pb_name_old && $agilemantis_pb->isNameUnique() || $agilemantis_pb->name == $pb_name_old);
// PB name didn't change, Ok!
if ($isNewPBOk || $isExistingPbOk) {
if (!$agilemantis_pb->editProductBacklog()) {
$system = plugin_lang_get('edit_product_backlog_error_982601');
} else {
if ($_POST['pbl_email'] != $_POST['pbl_email_old']) {
$t_team_user_id = $agilemantis_pb->getTeamUserId($agilemantis_pb->id);
user_set_field($t_team_user_id, 'email', $_POST['pbl_email']);
}
$agilemantis_pb->updatePBCustomFieldStrings($pb_name_old, $agilemantis_pb->name);
if ($_POST['project_id'] == 0 && $_POST['id'] > 0) {
$fromPage = 'product_backlogs.php';
if ($_POST['pageFrom']) {
$fromPage = $_POST['pageFrom'];
}
header("Location: " . plugin_page($fromPage));
}
}
} else {
$system = plugin_lang_get('edit_product_backlog_error_982600');
}
}
}
function ERP_update_check()
{
$t_config_version = plugin_config_get('config_version');
if ($t_config_version === 0) {
$t_username = plugin_config_get('mail_reporter', '');
if (strlen($t_username) > 0) {
$t_user_id = user_get_id_by_name($t_username);
if ($t_user_id !== FALSE) {
$t_user_email = user_get_email($t_user_id);
if ($t_user_email === 'nomail') {
plugin_require_api('core/config_api.php');
# We need to allow blank emails for a sec
ERP_set_temporary_overwrite('allow_blank_email', ON);
user_set_email($t_user_id, '');
}
}
}
$t_schema = plugin_config_get('schema');
$t_reset_schema = plugin_config_get('reset_schema');
if ($t_schema !== -1 && $t_reset_schema === 0) {
plugin_config_set('schema', -1);
plugin_config_set('reset_schema', 1);
}
plugin_config_set('config_version', 1);
}
if ($t_config_version <= 1) {
$t_mail_reporter = plugin_config_get('mail_reporter', '');
if (strlen($t_mail_reporter) > 0) {
$t_mail_reporter_id = user_get_id_by_name($t_mail_reporter);
plugin_config_set('mail_reporter_id', $t_mail_reporter_id);
}
plugin_config_delete('mail_directory');
plugin_config_delete('mail_reporter');
plugin_config_delete('mail_additional');
plugin_config_delete('random_user_number');
plugin_config_delete('mail_bug_priority_default');
plugin_config_set('config_version', 2);
}
if ($t_config_version <= 2) {
plugin_config_delete('mail_cronjob_present');
plugin_config_delete('mail_check_timer');
plugin_config_delete('mail_last_check');
plugin_config_set('config_version', 3);
}
if ($t_config_version <= 3) {
$t_mailboxes = plugin_config_get('mailboxes', array());
$t_indexes = array('mailbox_project' => 'mailbox_project_id', 'mailbox_global_category' => 'mailbox_global_category_id');
foreach ($t_mailboxes as $t_key => $t_array) {
if (isset($t_array['mailbox_hostname'])) {
# Correct the hostname if it is stored in an older format
$t_hostname = $t_array['mailbox_hostname'];
if (!is_array($t_hostname)) {
// ipv6 also uses : so we need to work around that
if (substr_count($t_hostname, ':') === 1) {
$t_hostname = explode(':', $t_hostname, 2);
} else {
$t_hostname = array($t_hostname);
}
$t_hostname = array('hostname' => $t_hostname[0], 'port' => isset($t_hostname[1]) ? $t_hostname[1] : '');
$t_array['mailbox_hostname'] = $t_hostname;
}
}
$t_mailboxes[$t_key] = $this->ERP_update_indexes($t_array, $t_indexes);
}
plugin_config_set('mailboxes', $t_mailboxes);
plugin_config_set('config_version', 4);
}
if ($t_config_version <= 4) {
$t_mail_remove_mantis_email = plugin_config_get('mail_remove_mantis_email', -1);
$t_mail_identify_reply = plugin_config_get('mail_identify_reply', $t_mail_remove_mantis_email);
if ($t_mail_remove_mantis_email !== -1 && $t_mail_identify_reply !== $t_mail_remove_mantis_email) {
plugin_config_set('mail_remove_mantis_email', $t_mail_identify_reply);
}
plugin_config_delete('mail_identify_reply');
plugin_config_set('config_version', 5);
}
if ($t_config_version <= 5) {
plugin_config_delete('mail_parse_mime');
plugin_config_set('config_version', 6);
}
if ($t_config_version <= 6) {
$t_mailboxes = plugin_config_get('mailboxes', array());
$t_indexes = array('mailbox_enabled' => 'enabled', 'mailbox_description' => 'description', 'mailbox_type' => 'type', 'mailbox_hostname' => 'hostname', 'mailbox_encryption' => 'encryption', 'mailbox_username' => 'username', 'mailbox_password' => 'password', 'mailbox_auth_method' => 'auth_method', 'mailbox_project_id' => 'project_id', 'mailbox_global_category_id' => 'global_category_id', 'mailbox_basefolder' => 'basefolder', 'mailbox_createfolderstructure' => 'createfolderstructure');
foreach ($t_mailboxes as $t_key => $t_array) {
$t_mailboxes[$t_key] = $this->ERP_update_indexes($t_array, $t_indexes);
}
plugin_config_set('mailboxes', $t_mailboxes);
plugin_config_set('config_version', 7);
}
if ($t_config_version <= 7) {
$t_mailboxes = plugin_config_get('mailboxes', array());
foreach ($t_mailboxes as $t_key => $t_array) {
if (isset($t_array['hostname'])) {
$t_hostname = $t_array['hostname'];
if (is_array($t_hostname)) {
$t_array['hostname'] = $t_hostname['hostname'];
$t_array['port'] = $t_hostname['port'];
}
$t_mailboxes[$t_key] = $t_array;
}
}
plugin_config_set('mailboxes', $t_mailboxes);
plugin_config_set('config_version', 8);
}
if ($t_config_version <= 8) {
plugin_config_delete('mail_tmp_directory');
plugin_config_set('config_version', 9);
}
if ($t_config_version <= 9) {
$t_mailboxes = plugin_config_get('mailboxes', array());
$t_indexes = array('type' => 'mailbox_type', 'basefolder' => 'imap_basefolder', 'createfolderstructure' => 'imap_createfolderstructure');
foreach ($t_mailboxes as $t_key => $t_array) {
$t_mailboxes[$t_key] = $this->ERP_update_indexes($t_array, $t_indexes);
}
plugin_config_set('mailboxes', $t_mailboxes);
plugin_config_set('config_version', 10);
}
if ($t_config_version <= 10) {
plugin_config_delete('mail_rule_system');
plugin_config_set('config_version', 11);
}
if ($t_config_version <= 11) {
$t_mailboxes = plugin_config_get('mailboxes', array());
$t_indexes = array('username' => 'erp_username', 'password' => 'erp_password');
foreach ($t_mailboxes as $t_key => $t_array) {
$t_mailboxes[$t_key] = $this->ERP_update_indexes($t_array, $t_indexes);
}
plugin_config_set('mailboxes', $t_mailboxes);
plugin_config_delete('rules');
plugin_config_delete('mail_encoding');
plugin_config_set('config_version', 12);
}
if ($t_config_version <= 12) {
plugin_config_set('reset_schema', 1);
plugin_config_set('config_version', 13);
}
if ($t_config_version <= 13) {
plugin_config_delete('mail_fetch_max');
plugin_config_set('config_version', 14);
}
if ($t_config_version <= 14) {
$t_mail_reporter_id = plugin_config_get('mail_reporter_id', 'Mail');
$t_report_bug_threshold = config_get_global('report_bug_threshold');
if ($t_mail_reporter_id !== 'Mail' && user_exists($t_mail_reporter_id)) {
if (!access_has_global_level($t_report_bug_threshold, $t_mail_reporter_id)) {
user_set_field($t_mail_reporter_id, 'access_level', $t_report_bug_threshold);
}
}
plugin_config_set('config_version', 15);
}
}
# append the customer name to a project name that belongs to more than one customers
if ($s_type == Mantis2mitePlugin::API_RSRC_P && count($a_miteProjectNames[$s_entryName]) > 1) {
$s_entryName .= " (" . $a_miteProjectNames[$s_entryName][$i_idEntryPossiblyModified] . ")";
}
$a_logs[$s_type][] = "Updated entry from name='" . $a_tmpEntryMantis['name'] . "' to name='" . $s_entryName . "' " . "on '" . $a_fieldNamesMiteRsrc_id[$s_type] . "=" . $i_idEntryPossiblyModified . "'";
$a_queries[] = sprintf(" \n\t\t\t\t\tUPDATE " . $s_DBTable_mps . " \n\t\t\t\t\tSET name = '%s', mite_updated_at = '%s'\n\t\t\t\t\tWHERE id = %d", Mantis2mitePlugin::encodeValue($s_entryName), $a_tmpEntryMite['mite_updated_at'], $a_tmpEntryMantis['id']);
}
}
}
# execute the database queries
for ($i = 0; $i < count($a_queries); $i++) {
$r_result = db_query_bound($a_queries[$i]);
}
# set connection verified flag in the database
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_CONNECT_VERIFIED, 1);
# update last update value
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_CONNECT_LAST_UPDATED, Mantis2mitePlugin::mysqlDate());
# save the account name
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_ACCOUNT_NAME, Mantis2mitePlugin::encodeValue($_POST[Mantis2mitePlugin::DB_FIELD_ACCOUNT_NAME]));
# save the API key
user_set_field($i_userId, Mantis2mitePlugin::DB_FIELD_API_KEY, Mantis2mitePlugin::encodeValue($_POST[Mantis2mitePlugin::DB_FIELD_API_KEY]));
# build xml log messages
foreach ($a_logs as $s_type => $a_messages) {
foreach ($a_messages as $s_message) {
$s_xmlMsg .= "<message data='" . $s_type . "'>" . $s_message . "</message>";
}
}
# force re-initialization of session stored user values
session_set('plugin_mite_status_session_vars', 'reinit');
# return xml log messages
echo "<messages datetimestamp='" . date('Y-m-d H:i:s') . "'>" . $s_xmlMsg . "</messages>";
