function getContent()
 {
     $frsrf = new FRSReleaseFactory();
     $html_my_monitored_fp = '';
     $sql = "SELECT groups.group_name,groups.group_id " . "FROM groups,filemodule_monitor,frs_package " . "WHERE groups.group_id=frs_package.group_id " . "AND frs_package.status_id !=" . $frsrf->STATUS_DELETED . " " . "AND frs_package.package_id=filemodule_monitor.filemodule_id " . "AND filemodule_monitor.user_id='" . user_getid() . "' ";
     $um =& UserManager::instance();
     $current_user =& $um->getCurrentUser();
     if ($current_user->isRestricted()) {
         $projects = $current_user->getProjects();
         $sql .= "AND groups.group_id IN (" . implode(',', $projects) . ") ";
     }
     $sql .= "GROUP BY group_id ORDER BY group_id ASC LIMIT 100";
     $result = db_query($sql);
     $rows = db_numrows($result);
     if (!$result || $rows < 1) {
         $html_my_monitored_fp .= $GLOBALS['Language']->getText('my_index', 'my_files_msg');
     } else {
         $html_my_monitored_fp .= '<table style="width:100%">';
         $request =& HTTPRequest::instance();
         for ($j = 0; $j < $rows; $j++) {
             $group_id = db_result($result, $j, 'group_id');
             $sql2 = "SELECT frs_package.name,filemodule_monitor.filemodule_id " . "FROM groups,filemodule_monitor,frs_package " . "WHERE groups.group_id=frs_package.group_id " . "AND groups.group_id={$group_id} " . "AND frs_package.status_id !=" . $frsrf->STATUS_DELETED . " " . "AND frs_package.package_id=filemodule_monitor.filemodule_id " . "AND filemodule_monitor.user_id='" . user_getid() . "'  LIMIT 100";
             $result2 = db_query($sql2);
             $rows2 = db_numrows($result2);
             $vItemId = new Valid_UInt('hide_item_id');
             $vItemId->required();
             if ($request->valid($vItemId)) {
                 $hide_item_id = $request->get('hide_item_id');
             } else {
                 $hide_item_id = null;
             }
             $vFrs = new Valid_WhiteList('hide_frs', array(0, 1));
             $vFrs->required();
             if ($request->valid($vFrs)) {
                 $hide_frs = $request->get('hide_frs');
             } else {
                 $hide_frs = null;
             }
             list($hide_now, $count_diff, $hide_url) = my_hide_url('frs', $group_id, $hide_item_id, $rows2, $hide_frs);
             $html_hdr = ($j ? '<tr class="boxitem"><td colspan="2">' : '') . $hide_url . '<A HREF="/project/?group_id=' . $group_id . '">' . db_result($result, $j, 'group_name') . '</A>&nbsp;&nbsp;&nbsp;&nbsp;';
             $html = '';
             $count_new = max(0, $count_diff);
             for ($i = 0; $i < $rows2; $i++) {
                 if (!$hide_now) {
                     $html .= '
                     <TR class="' . util_get_alt_row_color($i) . '">' . '<TD WIDTH="99%">&nbsp;&nbsp;&nbsp;&nbsp;-&nbsp;<A HREF="/file/showfiles.php?group_id=' . $group_id . '">' . db_result($result2, $i, 'name') . '</A></TD>' . '<TD><A HREF="/file/filemodule_monitor.php?filemodule_id=' . db_result($result2, $i, 'filemodule_id') . '&group_id=' . $group_id . '" onClick="return confirm(\'' . $GLOBALS['Language']->getText('my_index', 'stop_file') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" ' . 'BORDER=0" ALT="' . $GLOBALS['Language']->getText('my_index', 'stop_monitor') . '"></A></TD></TR>';
                 }
             }
             $html_hdr .= my_item_count($rows2, $count_new) . '</td></tr>';
             $html_my_monitored_fp .= $html_hdr . $html;
         }
         $html_my_monitored_fp .= '</table>';
     }
     return $html_my_monitored_fp;
 }
 function getContent()
 {
     $html_my_monitored_forums = '';
     $sql = "SELECT groups.group_id, groups.group_name " . "FROM groups,forum_group_list,forum_monitored_forums " . "WHERE groups.group_id=forum_group_list.group_id " . "AND groups.status = 'A' " . "AND forum_group_list.is_public <> 9 " . "AND forum_group_list.group_forum_id=forum_monitored_forums.forum_id " . "AND forum_monitored_forums.user_id='" . user_getid() . "' ";
     $um =& UserManager::instance();
     $current_user =& $um->getCurrentUser();
     if ($current_user->isRestricted()) {
         $projects = $current_user->getProjects();
         $sql .= "AND groups.group_id IN (" . implode(',', $projects) . ") ";
     }
     $sql .= "GROUP BY group_id ORDER BY group_id ASC LIMIT 100";
     $result = db_query($sql);
     $rows = db_numrows($result);
     if (!$result || $rows < 1) {
         $html_my_monitored_forums .= $GLOBALS['Language']->getText('my_index', 'my_forums_msg');
     } else {
         $request =& HTTPRequest::instance();
         $html_my_monitored_forums .= '<table style="width:100%">';
         for ($j = 0; $j < $rows; $j++) {
             $group_id = db_result($result, $j, 'group_id');
             $sql2 = "SELECT forum_group_list.group_forum_id,forum_group_list.forum_name " . "FROM groups,forum_group_list,forum_monitored_forums " . "WHERE groups.group_id=forum_group_list.group_id " . "AND groups.group_id={$group_id} " . "AND forum_group_list.is_public <> 9 " . "AND forum_group_list.group_forum_id=forum_monitored_forums.forum_id " . "AND forum_monitored_forums.user_id='" . user_getid() . "' LIMIT 100";
             $result2 = db_query($sql2);
             $rows2 = db_numrows($result2);
             $vItemId = new Valid_UInt('hide_item_id');
             $vItemId->required();
             if ($request->valid($vItemId)) {
                 $hide_item_id = $request->get('hide_item_id');
             } else {
                 $hide_item_id = null;
             }
             $vForum = new Valid_WhiteList('hide_forum', array(0, 1));
             $vForum->required();
             if ($request->valid($vForum)) {
                 $hide_forum = $request->get('hide_forum');
             } else {
                 $hide_forum = null;
             }
             list($hide_now, $count_diff, $hide_url) = my_hide_url('forum', $group_id, $hide_item_id, $rows2, $hide_forum);
             $html_hdr = ($j ? '<tr class="boxitem"><td colspan="2">' : '') . $hide_url . '<A HREF="/forum/?group_id=' . $group_id . '">' . db_result($result, $j, 'group_name') . '</A>&nbsp;&nbsp;&nbsp;&nbsp;';
             $html = '';
             $count_new = max(0, $count_diff);
             for ($i = 0; $i < $rows2; $i++) {
                 if (!$hide_now) {
                     $group_forum_id = db_result($result2, $i, 'group_forum_id');
                     $html .= '
                 <TR class="' . util_get_alt_row_color($i) . '"><TD WIDTH="99%">' . '&nbsp;&nbsp;&nbsp;-&nbsp;<A HREF="/forum/forum.php?forum_id=' . $group_forum_id . '">' . stripslashes(db_result($result2, $i, 'forum_name')) . '</A></TD>' . '<TD ALIGN="center"><A HREF="/my/stop_monitor.php?forum_id=' . $group_forum_id . '" onClick="return confirm(\'' . $GLOBALS['Language']->getText('my_index', 'stop_forum') . '\')">' . '<IMG SRC="' . util_get_image_theme("ic/trash.png") . '" HEIGHT="16" WIDTH="16" ' . 'BORDER=0 ALT="' . $GLOBALS['Language']->getText('my_index', 'stop_monitor') . '"></A></TD></TR>';
                 }
             }
             $html_hdr .= my_item_count($rows2, $count_new) . '</td></tr>';
             $html_my_monitored_forums .= $html_hdr . $html;
         }
         $html_my_monitored_forums .= '</table>';
     }
     return $html_my_monitored_forums;
 }
예제 #3
0
 private function getUGroupIdInRequest($request)
 {
     $vUgroupId = new Valid_UInt('ugroup_id');
     $vUgroupId->required();
     if ($request->valid($vUgroupId)) {
         $ugroupId = $request->get('ugroup_id');
     } else {
         $ugroupId = null;
     }
     return $ugroupId;
 }
 function initDisplay()
 {
     $request =& HTTPRequest::instance();
     //
     // User may request a specific table id
     $vVersion = new Valid_UInt('version');
     $vVersion->required();
     if ($request->valid($vVersion)) {
         $this->version = $request->get('version');
     }
     $this->atf =& Docman_ApprovalTableFactoriesFactory::getFromItem($this->item, $this->version);
     $this->table =& $this->atf->getTable();
 }
예제 #5
0
 public function update()
 {
     $vChildren = new Valid_UInt('children');
     $vChildren->required();
     if ($this->request->validArray($vChildren)) {
         $this->dao->updateChildren($this->tracker->getId(), $this->request->get('children'));
     } else {
         if ($this->request->exist('children')) {
             $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('plugin_tracker_hierarchy', 'controller_bad_request'));
         } else {
             $this->dao->deleteAllChildren($this->tracker->getId());
         }
     }
     $this->redirect(array('tracker' => $this->tracker->getId(), 'func' => 'admin-hierarchy'));
 }
 function getContent()
 {
     $folder_or_document = is_a($this->item, 'Docman_Folder') ? 'folder' : (is_a($this->item, 'Docman_File') ? 'file' : 'document');
     $item_type = $this->_controller->_getItemFactory()->getItemTypeForItem($this->item);
     $vVersion = new Valid_UInt('version');
     $vVersion->required();
     if ($this->_controller->request->valid($vVersion)) {
         $version = $this->_controller->request->get('version');
         $label = $this->_controller->request->get('label');
     } else {
         $version = false;
     }
     $content = '';
     $content .= '<dl><dt>' . $GLOBALS['Language']->getText('plugin_docman', 'details_actions_delete') . '</dt><dd>';
     $content .= '<form action="' . $this->url . '" method="POST">';
     $content .= '<div class="docman_confirm_delete">';
     if ($version !== false) {
         $content .= $GLOBALS['Language']->getText('plugin_docman', 'details_delete_warning_version', array($this->hp->purify($this->item->getTitle(), CODENDI_PURIFIER_CONVERT_HTML), $version));
     } else {
         $content .= $GLOBALS['Language']->getText('plugin_docman', 'details_delete_warning_' . $folder_or_document, $this->hp->purify($this->item->getTitle(), CODENDI_PURIFIER_CONVERT_HTML));
     }
     if ($item_type == PLUGIN_DOCMAN_ITEM_TYPE_WIKI) {
         $content .= $this->getWikiDeleteInfo();
     }
     $content .= '<div class="docman_confirm_delete_buttons">';
     if ($this->token) {
         $content .= '<input type="hidden" name="token" value="' . $this->token . '" />';
     }
     $content .= '     <input type="hidden" name="section" value="actions" />';
     if ($version !== false) {
         $content .= '     <input type="hidden" name="action" value="deleteVersion" />';
         $content .= '     <input type="hidden" name="version" value="' . $version . '" />';
     } else {
         $content .= '     <input type="hidden" name="action" value="delete" />';
     }
     $content .= '     <input type="hidden" name="id" value="' . $this->item->getId() . '" />';
     $content .= '     <input type="submit" tabindex="2" name="confirm" value="' . $GLOBALS['Language']->getText('plugin_docman', 'details_delete_confirm') . '" />';
     $content .= '     <input type="submit" tabindex="1" name="cancel" value="' . $GLOBALS['Language']->getText('plugin_docman', 'details_delete_cancel') . '" />';
     $content .= '</div>';
     $content .= '</div>';
     $content .= '</form>';
     $content .= '</dd></dl>';
     return $content;
 }
 function getContent()
 {
     $html = '';
     $request = HTTPRequest::instance();
     $um = UserManager::instance();
     $user = $um->getCurrentUser();
     $vFunc = new Valid_WhiteList('docman_func', array('show_docman'));
     $vFunc->required();
     if ($request->valid($vFunc)) {
         $func = $request->get('docman_func');
     } else {
         $func = '';
     }
     $vDocmanId = new Valid_UInt('docman_id');
     $vDocmanId->required();
     if ($request->valid($vDocmanId)) {
         $docman_id = $request->get('docman_id');
     } else {
         $docman_id = '';
     }
     $html .= '<form method="post" action="?">';
     $html .= '<label>' . $GLOBALS['Language']->getText('plugin_docman', 'widget_my_docman_search_label') . '</label>';
     $html .= '<input type="hidden" name="docman_func" value="show_docman" />';
     $html .= '<input type="text" name="docman_id" value="' . $docman_id . '" id="docman_id" />';
     $html .= '&nbsp;';
     $html .= '<input type="submit" value="' . $GLOBALS['Language']->getText('plugin_docman', 'widget_my_docman_search_btn') . '"/>';
     $html .= '</form>';
     if ($func == 'show_docman' && $docman_id) {
         $res = $this->returnAllowedGroupId($docman_id, $user);
         if ($res) {
             $dPm = Docman_PermissionsManager::instance($res['group_id']);
             $itemPerm = $dPm->userCanAccess($user, $docman_id);
             if ($itemPerm) {
                 $html .= '<p><a href="/plugins/docman/?group_id=' . $res['group_id'] . '&action=details&id=' . $docman_id . '&section=properties">Show &quot;' . $res['title'] . '&quot; Properties</a></p>';
                 return $html;
             }
         }
         $html .= '<p>' . $GLOBALS['Language']->getText('plugin_docman', 'perm_denied') . '</p>';
     }
     return $html;
 }
예제 #8
0
         $forum_name = $request->get('forum_name');
         $is_public = $request->get('is_public');
         $description = $request->get('description');
         $is_monitored = $request->get('is_monitored');
         $fid = forum_create_forum($group_id, $forum_name, $is_public, 1, $description);
         if ($is_monitored) {
             forum_add_monitor($fid, user_getid());
         }
     }
 } else {
     if ($request->existAndNonEmpty('change_status')) {
         /*
         	Change a forum to public/private
         */
         $vGrpForum = new Valid_UInt('group_forum_id');
         $vGrpForum->required();
         if ($request->valid($vForumName) && $request->valid($vDescription) && $request->valid($vIsPublic) && $request->valid($vGrpForum)) {
             $forum_name = $request->get('forum_name');
             $is_public = $request->get('is_public');
             $description = $request->get('description');
             $group_forum_id = $request->get('group_forum_id');
             $sql = "UPDATE forum_group_list SET is_public=" . db_ei($is_public) . ",forum_name='" . db_es(htmlspecialchars($forum_name)) . "'," . "description='" . db_es(htmlspecialchars($description)) . "' " . "WHERE group_forum_id=" . db_ei($group_forum_id) . " AND group_id=" . db_ei($group_id);
             $result = db_query($sql);
             if (!$result || db_affected_rows($result) < 1) {
                 $feedback .= ' ' . $Language->getText('forum_admin_index', 'upd_err') . ' ';
             } else {
                 $feedback .= ' ' . $Language->getText('forum_admin_index', 'upd_success') . ' ';
             }
         }
     }
 }
 private function inconsistentArtifactsIdsAreValid(array $artifact_ids)
 {
     $validator = new Valid_UInt();
     $validator->required();
     $artifact_factory = Tracker_ArtifactFactory::instance();
     foreach ($artifact_ids as $artifact_id) {
         if (!($validator->validate($artifact_id) && $artifact_factory->getArtifactById($artifact_id))) {
             return false;
         }
     }
     return true;
 }
예제 #10
0
<?php

require_once 'pre.php';
$valid = new Valid_UInt('tracker_id');
$valid->required();
if ($request->valid($valid)) {
    if (user_get_preference('tracker_comment_invertorder_' . $request->get('tracker_id'))) {
        user_del_preference('tracker_comment_invertorder_' . $request->get('tracker_id'));
    } else {
        user_set_preference('tracker_comment_invertorder_' . $request->get('tracker_id'), '1');
    }
}
예제 #11
0
 function updatePreferences($request)
 {
     $done = false;
     $vContentId = new Valid_UInt('content_id');
     $vContentId->required();
     if (($rss = $request->get('rss')) && $request->valid($vContentId)) {
         $vUrl = new Valid_String('url');
         if ($request->validInArray('rss', $vUrl)) {
             $url = " url   = '" . db_escape_string($rss['url']) . "' ";
         } else {
             $url = '';
         }
         $vTitle = new Valid_String('title');
         if ($request->validInArray('rss', $vTitle)) {
             $title = " title = '" . db_escape_string($rss['title']) . "' ";
         } else {
             $title = '';
         }
         if ($url || $title) {
             $sql = "UPDATE widget_rss SET " . $title . ", " . $url . " WHERE owner_id = " . $this->owner_id . " AND owner_type = '" . $this->owner_type . "' AND id = " . (int) $request->get('content_id');
             $res = db_query($sql);
             $done = true;
         }
     }
     return $done;
 }
예제 #12
0
 /**
  * Checks whether a planning tracker id is present in the parameters, and is
  * a valid positive integer.
  * 
  * @param PlanningParameters $planning_parameters The validated parameters.
  * 
  * @return bool
  */
 private function planningTrackerIdIsPresentAndIsAPositiveInteger(PlanningParameters $planning_parameters)
 {
     $planning_tracker_id = new Valid_UInt();
     $planning_tracker_id->required();
     return $planning_tracker_id->validate($planning_parameters->planning_tracker_id);
 }
 /**
  * Perform wiki attachment removal.
  */
 function deleteAttachments()
 {
     $request = HTTPRequest::instance();
     if ($request->isPost() && $request->exist('attachments_to_delete')) {
         $args = $request->get('attachments_to_delete');
         $deleteStatus = true;
         $um = UserManager::instance();
         $user = $um->getCurrentUser();
         foreach ($args as $id) {
             $valid = new Valid_UInt('repo_id');
             $valid->required();
             if ($valid->validate($id)) {
                 $wa = new WikiAttachment();
                 $wa->initWithId($id);
                 if ($wa->validate() && $wa->gid == $_REQUEST['group_id'] && $wa->isAutorized($user->getId())) {
                     if (!$wa->deleteAttachment()) {
                         $deleteStatus = false;
                     }
                 } else {
                     $deleteStatus = false;
                 }
             } else {
                 $deleteStatus = false;
             }
         }
         if ($deleteStatus) {
             $GLOBALS['Response']->addFeedback('info', $GLOBALS['Language']->getText('wiki_actions_wikiserviceadmin', 'delete_attachment_success'));
         } else {
             $GLOBALS['Response']->addFeedback('error', $GLOBALS['Language']->getText('wiki_actions_wikiserviceadmin', 'delete_attachment_failure'));
         }
     }
 }
예제 #14
0
$vRelative = new Valid_WhiteList('relative', array('true'));
$vRelative->required();
if ($request->valid($vRelative)) {
    $relative = true;
} else {
    $relative = false;
}
$vOrder = new Valid_WhiteList('order', array('start_size', 'end_size', 'evolution', 'evolution_rate'));
$vOrder->required();
if ($request->valid($vOrder)) {
    $order = $request->get('order');
} else {
    $order = 'end_size';
}
$vOffset = new Valid_UInt('offset');
$vOffset->required();
if ($request->valid($vOffset)) {
    $offset = $request->get('offset');
} else {
    $offset = 0;
}
$title = 'Disk usage';
$GLOBALS['HTML']->includeCalendarScripts();
$GLOBALS['HTML']->header(array('title' => $title));
echo '<h1>' . $title . '</h1>';
echo '
<table>
  <tr>
    <th align="center">Service/Projects</th>
    <th align="center">Users</th>
  </tr>
예제 #15
0
<?php

//
// Codendi
// Copyright (c) Xerox Corporation, Codendi Team, 2001-2009. All rights reserved
// Copyright (c) Enalean, 2015. All Rights Reserved.
// http://www.codendi.com
//
//
require_once 'pre.php';
require_once 'common/frs/FRSFileFactory.class.php';
require_once 'common/frs/FRSPackageFactory.class.php';
$vGroupId = new Valid_GroupId();
$vGroupId->required();
$vFileId = new Valid_UInt('file_id');
$vFileId->required();
if ($request->valid($vGroupId) && $request->valid($vFileId)) {
    $group_id = $request->get('group_id');
    $file_id = $request->get('file_id');
} else {
    exit_missing_param();
}
$frsff = new FRSFileFactory();
$frspf = new FRSPackageFactory();
// Must have a group_id and file_id otherwise
// we cannot do much
if (!$file_id || !$group_id) {
    exit_missing_param();
}
if (!$GLOBALS['sys_frs_license_mandatory']) {
    // Display license popup?
예제 #16
0
<?php

//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright (c) Enalean, 2015. All rights reserved
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
require_once 'pre.php';
require_once 'bookmarks.php';
require_once 'my_utils.php';
$request = HTTPRequest::instance();
$vId = new Valid_UInt('bookmark_id');
$vId->setErrorMessage('bookmark_id is required');
$vId->required();
if (!$request->valid($vId)) {
    $GLOBALS['Response']->redirect('/my');
} else {
    $bookmark_id = (int) $request->get('bookmark_id');
}
$vUrl = new Valid_String('bookmark_url');
$vUrl->setErrorMessage('Url is required');
$vUrl->required();
$vTitle = new Valid_String('bookmark_title');
$vTitle->setErrorMessage('Title is required');
$vTitle->required();
$bookmark_url_id = '/my/bookmark_edit.php?bookmark_id=' . $bookmark_id;
$csrf_token = new CSRFSynchronizerToken($bookmark_url_id);
if ($request->isPost() && $request->valid($vUrl) && $request->valid($vTitle)) {
    $csrf_token->check();
    $bookmark_url = $request->get('bookmark_url');
예제 #17
0
 /**
  * Validate request values
  *
  * @param HTTPRequest $request request containing form values
  *
  * @return Array
  */
 function validateRequest($request)
 {
     $status = true;
     $invalid = array();
     $valid = new Valid_String('request_summary');
     $valid->required();
     $summary = trim($request->get('request_summary'));
     if ($request->valid($valid) && strlen($summary) < self::MAX_SUMMARY_LENGTH && $summary != '') {
         $params['summary'] = $summary;
     } else {
         $status = false;
         $invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'summary');
     }
     $valid = new Valid_Text('request_description');
     $valid->required();
     $description = trim($request->get('request_description'));
     $defaultDescription = $GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_default_description');
     if ($request->valid($valid) && strlen($description) < self::MAX_DESCRIPTION_LENGTH && $description != '' && $description != $defaultDescription) {
         $params['description'] = $description;
     } else {
         $status = false;
         $invalid[] = 'Description';
     }
     $valid = new Valid_UInt('type');
     $valid->required();
     if ($request->valid($valid)) {
         $requestType = $request->get('type');
         $params['type'] = $requestType;
         switch ($requestType) {
             case RequestHelp::TYPE_SUPPORT:
                 $params['text_type'] = $this->_getPluginProperty('support_request');
                 break;
             case RequestHelp::TYPE_ENHANCEMENT:
                 $params['text_type'] = $this->_getPluginProperty('enhancement_request');
                 break;
             default:
                 $status = false;
                 $invalid[] = 'Type';
                 break;
         }
     } else {
         $status = false;
         $invalid[] = 'Type';
     }
     $valid = new Valid_UInt('severity');
     $valid->required();
     if ($request->valid($valid)) {
         $severity = $request->get('severity');
         $params['severity'] = $severity;
         switch ($severity) {
             case RequestHelp::SEVERITY_MINOR:
                 $params['text_severity'] = 'Minor';
                 break;
             case RequestHelp::SEVERITY_SERIOUS:
                 $params['text_severity'] = 'Serious';
                 break;
             case RequestHelp::SEVERITY_CRITICAL:
                 $params['text_severity'] = 'Critical';
                 break;
             default:
                 $status = false;
                 $invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
                 break;
         }
     } else {
         $status = false;
         $invalid[] = $GLOBALS['Language']->getText('plugin_requesthelp', 'severity');
     }
     $cc = array();
     $mails = array_map('trim', preg_split('/[,;]/', $request->get('cc')));
     $rule = new Rule_Email();
     $um = $this->_getUserManager();
     $invalidCc = array();
     foreach ($mails as $mail) {
         if ($rule->isValid($mail)) {
             $cc[] = $mail;
         } else {
             if (trim($mail) != '') {
                 $user = $um->findUser($mail);
                 if ($user) {
                     $mail = $user->getUserName();
                     if ($mail) {
                         $cc[] = $mail;
                     } else {
                         $invalidCc[] = $mail;
                     }
                 } else {
                     $invalidCc[] = $mail;
                 }
             }
         }
     }
     if (!empty($invalidCc)) {
         $c = $this->getController();
         $c->addWarn($GLOBALS['Language']->getText('plugin_requesthelp', 'requesthelp_invalid_cc', implode(", ", $invalidCc)));
     }
     $params['cc'] = implode(";", $cc);
     return array('status' => $status, 'params' => $params, 'invalid' => $invalid);
 }
예제 #18
0
 function _dispatch($view, $item, $root, $get_show_view)
 {
     $item_factory =& $this->_getItemFactory();
     $user =& $this->getUser();
     $dpm = $this->_getPermissionsManager();
     switch ($view) {
         case 'show':
             if ($item->isObsolete()) {
                 if (!$this->userCanAdmin($item->getId())) {
                     // redirect to details view
                     $this->view = 'Details';
                     break;
                 }
             }
             $this->view = $item->accept($get_show_view, $this->request->get('report'));
             break;
         case 'expandFolder':
             $this->action = 'expandFolder';
             if ($this->request->get('view') == 'ulsubfolder') {
                 $this->view = 'RawTree';
             } else {
                 $this->_viewParams['item'] =& $root;
                 $this->view = 'Tree';
             }
             break;
         case 'getRootFolder':
             $this->_viewParams['action_result'] = $root->getId();
             $this->_setView('getRootFolder');
             break;
         case 'collapseFolder':
             $this->action = 'collapseFolder';
             $this->_viewParams['item'] =& $root;
             $this->view = 'Tree';
             break;
         case 'admin_set_permissions':
             $this->action = $view;
             $this->view = 'Admin_Permissions';
             break;
         case 'admin_change_view':
             $this->action = $view;
             $this->_viewParams['default_url_params'] = array('action' => 'admin_view', 'id' => $item->getParentId());
             $this->view = 'RedirectAfterCrud';
             break;
         case 'admin':
         case 'details':
             $this->view = ucfirst($view);
             break;
         case 'admin_view':
             $this->view = 'Admin_View';
             break;
         case 'admin_permissions':
             $this->view = 'Admin_Permissions';
             break;
         case 'admin_metadata':
             $this->view = 'Admin_Metadata';
             $mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
             $mdIter =& $mdFactory->getMetadataForGroup();
             $this->_viewParams['mdIter'] =& $mdIter;
             break;
         case 'admin_md_details':
             // Sanitize
             $_mdLabel = $this->request->get('md');
             $md = null;
             $mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
             $valid = $this->validateMetadata($_mdLabel, $md);
             if (!$valid) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md'));
                 $this->view = 'RedirectAfterCrud';
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             } else {
                 $this->view = 'Admin_MetadataDetails';
                 $mdFactory->appendMetadataValueList($md, false);
                 $this->_viewParams['md'] =& $md;
             }
             break;
         case 'admin_md_details_update':
             $_name = trim($this->request->get('name'));
             $_label = $this->request->get('label');
             $mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
             if ($mdFactory->isValidLabel($_label)) {
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $_label);
                 if ($mdFactory->isHardCodedMetadata($_label) || $this->validateUpdateMetadata($_name, $_label)) {
                     $this->action = $view;
                 }
             } else {
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             }
             $this->view = 'RedirectAfterCrud';
             break;
         case 'admin_create_metadata':
             $_name = trim($this->request->get('name'));
             $valid = $this->validateNewMetadata($_name);
             if ($valid) {
                 $this->action = $view;
             }
             $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             $this->view = 'RedirectAfterCrud';
             break;
         case 'admin_delete_metadata':
             $valid = false;
             // md
             // Sanitize
             $_mdLabel = $this->request->get('md');
             // Valid
             $logmsg = '';
             $mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
             $md = null;
             $vld = $this->validateMetadata($_mdLabel, $md);
             if ($vld) {
                 if (!$mdFactory->isHardCodedMetadata($md->getLabel())) {
                     $valid = true;
                 } else {
                     $logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_cannot_delete_hc_md');
                 }
             } else {
                 $logmsg = $GLOBALS['Language']->getText('plugin_docman', 'error_invalid_md');
             }
             if (!$valid) {
                 if ($logmsg != '') {
                     $this->feedback->log('error', $logmsg);
                 }
                 $this->view = 'RedirectAfterCrud';
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             } else {
                 $this->action = $view;
                 $this->_actionParams['md'] = $md;
             }
             break;
         case 'admin_create_love':
             $mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
             if ($mdFactory->isValidLabel($this->request->get('md'))) {
                 $this->action = $view;
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
             } else {
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             }
             $this->view = 'RedirectAfterCrud';
             break;
         case 'admin_delete_love':
             $mdFactory = $this->_getMetadataFactory($this->_viewParams['group_id']);
             if ($mdFactory->isValidLabel($this->request->get('md'))) {
                 $this->action = $view;
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_md_details', 'md' => $this->request->get('md'));
             } else {
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             }
             $this->view = 'RedirectAfterCrud';
             break;
         case 'admin_display_love':
             $valid = false;
             // Required params:
             // md (string [a-z_]+)
             // loveid (int)
             // Sanitize
             $_mdLabel = $this->request->get('md');
             $_loveId = (int) $this->request->get('loveid');
             // Valid
             $md = null;
             $love = null;
             $this->validateMetadata($_mdLabel, $md);
             if ($md !== null && $md->getLabel() !== 'status') {
                 $valid = $this->validateLove($_loveId, $md, $love);
             }
             if (!$valid) {
                 $this->view = 'RedirectAfterCrud';
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             } else {
                 $mdFactory = new Docman_MetadataFactory($this->groupId);
                 $mdFactory->appendMetadataValueList($md, false);
                 $this->view = 'Admin_MetadataDetailsUpdateLove';
                 $this->_viewParams['md'] = $md;
                 $this->_viewParams['love'] = $love;
             }
             break;
         case 'admin_update_love':
             $valid = false;
             // Required params:
             // md (string [a-z_]+)
             // loveid (int)
             //
             // rank (beg, end, [0-9]+)
             // name
             // descr
             // Sanitize
             /// @todo sanitize md, rank, name, descr
             $_mdLabel = $this->request->get('md');
             $_loveId = (int) $this->request->get('loveid');
             $_rank = $this->request->get('rank');
             $_name = $this->request->get('name');
             $_descr = $this->request->get('descr');
             // Valid
             $md = null;
             $love = null;
             $this->validateMetadata($_mdLabel, $md);
             if ($md !== null && $md->getLabel() !== 'status') {
                 $valid = $this->validateLove($_loveId, $md, $love);
             }
             if (!$valid) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_md_or_love'));
                 $this->view = 'RedirectAfterCrud';
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             } else {
                 // Set parameters
                 $love->setRank($_rank);
                 $love->setName($_name);
                 $love->setDescription($_descr);
                 // define action
                 $this->action = $view;
                 $this->_actionParams['md'] = $md;
                 $this->_actionParams['love'] = $love;
             }
             break;
         case 'admin_import_metadata_check':
             $ok = false;
             if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
                 $pm = ProjectManager::instance();
                 $srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
                 if ($srcGroup && !$srcGroup->isError()) {
                     $this->_viewParams['sSrcGroupId'] = $srcGroup->getGroupId();
                     $this->view = 'Admin_MetadataImport';
                     $ok = true;
                 }
             }
             if (!$ok) {
                 $this->view = 'RedirectAfterCrud';
                 $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             }
             break;
         case 'admin_import_metadata':
             if ($this->request->existAndNonEmpty('confirm')) {
                 if ($this->request->existAndNonEmpty('plugin_docman_metadata_import_group')) {
                     $pm = ProjectManager::instance();
                     $srcGroup = $pm->getProjectFromAutocompleter($this->request->get('plugin_docman_metadata_import_group'));
                     $srcGroupId = $srcGroup->getGroupId();
                     $this->_actionParams['sSrcGroupId'] = $srcGroupId;
                     $this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
                     $this->action = $view;
                 } else {
                     $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'missing_param'));
                     $this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
                 }
             } else {
                 $this->feedback->log('info', $GLOBALS['Language']->getText('plugin_docman', 'operation_canceled'));
             }
             $this->view = 'RedirectAfterCrud';
             $this->_viewParams['default_url_params'] = array('action' => 'admin_metadata');
             break;
         case 'admin_obsolete':
             $this->view = 'Admin_Obsolete';
             break;
         case 'admin_lock_infos':
             $this->view = 'Admin_LockInfos';
             break;
         case 'move':
             if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
                 $this->view = 'Details';
             } else {
                 if ($this->request->exist('quick_move')) {
                     $this->action = 'move';
                     $this->view = null;
                 } else {
                     $this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
                     $this->view = ucfirst($view);
                 }
             }
             break;
         case 'newGlobalDocument':
             if ($dpm->oneFolderIsWritable($user)) {
                 $this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
                 $this->view = 'New_FolderSelection';
             } else {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
                 $this->view = $item->accept($get_show_view, $this->request->get('report'));
             }
             break;
         case 'newDocument':
         case 'newFolder':
             if ($this->request->exist('cancel')) {
                 $this->_set_redirectView();
             } else {
                 if (!$this->userCanWrite($item->getId())) {
                     $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
                     $this->view = 'Details';
                 } else {
                     //$this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
                     $this->_viewParams['ordering'] = $this->request->get('ordering');
                     if ($this->request->get('item_type') == PLUGIN_DOCMAN_ITEM_TYPE_FOLDER) {
                         $view = 'newFolder';
                     }
                     $this->view = ucfirst($view);
                 }
             }
             break;
         case 'monitor':
             if ($this->request->exist('monitor')) {
                 $this->_actionParams['monitor'] = $this->request->get('monitor');
                 if ($this->request->exist('cascade')) {
                     $this->_actionParams['cascade'] = $this->request->get('cascade');
                 }
                 $this->_actionParams['item'] =& $item;
                 $this->action = 'monitor';
             }
             $this->_setView('Details');
             break;
         case 'remove_monitoring':
             $this->_actionParams['listeners_to_delete'] = array();
             if ($this->userCanManage($item->getId())) {
                 if ($this->request->exist('listeners_to_delete')) {
                     $um = UserManager::instance();
                     $vUserId = new Valid_UInt('listeners_to_delete');
                     if ($this->request->validArray($vUserId)) {
                         $userIds = $this->request->get('listeners_to_delete');
                         $users = array();
                         foreach ($userIds as $userId) {
                             $users[] = $um->getUserById($userId);
                         }
                         $this->_actionParams['listeners_to_delete'] = $users;
                         $this->_actionParams['item'] = $item;
                     }
                 }
                 $this->action = 'remove_monitoring';
                 $this->_setView('Details');
             } else {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
                 $this->_setView('Details');
             }
             break;
         case 'add_monitoring':
             $this->_actionParams['listeners_to_add'] = array();
             $this->_actionParams['invalid_users'] = false;
             if ($this->userCanManage($item->getId())) {
                 if ($this->request->exist('listeners_to_add')) {
                     $um = UserManager::instance();
                     $vUser = new Valid_Text('listeners_to_add');
                     if ($this->request->valid($vUser)) {
                         $usernames = array_map('trim', preg_split('/[,;]/', $this->request->get('listeners_to_add')));
                         $users = array();
                         $vUserName = new Valid_String();
                         $vUserName->required();
                         foreach ($usernames as $username) {
                             if ($vUserName->validate($username) && ($user = $um->findUser($username))) {
                                 $users[] = $user;
                             } else {
                                 $this->_actionParams['invalid_users'] = true;
                             }
                         }
                         if ($this->request->exist('monitor_cascade')) {
                             $this->_actionParams['monitor_cascade'] = $this->request->get('monitor_cascade');
                         }
                         $this->_actionParams['listeners_to_add'] = $users;
                         $this->_actionParams['item'] = $item;
                     }
                 }
                 $this->action = 'add_monitoring';
                 $this->_setView('Details');
             } else {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'notifications_permission_denied'));
                 $this->_setView('Details');
             }
             break;
         case 'move_here':
             if (!$this->request->exist('item_to_move')) {
                 $this->feedback->log('error', 'Missing parameter.');
                 $this->view = 'DocmanError';
             } else {
                 $item_to_move =& $item_factory->getItemFromDb($this->request->get('item_to_move'));
                 $this->view = null;
                 if ($this->request->exist('confirm')) {
                     if (!$item_to_move || !($this->userCanWrite($item->getId()) && $this->userCanWrite($item_to_move->getId()) && $this->userCanWrite($item_to_move->getParentId()))) {
                         $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_move'));
                         $this->_set_moveView_errorPerms();
                     } else {
                         $this->action = 'move';
                     }
                 }
                 if (!$this->view) {
                     $this->_set_redirectView();
                 }
             }
             break;
         case 'permissions':
             if (!$this->userCanManage($item->getId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_perms'));
                 $this->view = 'Details';
             } else {
                 $this->action = 'permissions';
                 $this->view = 'Details';
             }
             break;
         case 'confirmDelete':
             if (!$this->userCanWrite($item->getId()) || !$this->userCanWrite($item->getParentId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
                 $this->view = 'Details';
             } else {
                 $this->view = 'Delete';
             }
             break;
         case 'action_new_version':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $dPm = $this->_getPermissionsManager();
                 if ($dPm->getLockFactory()->itemIsLocked($item)) {
                     $this->feedback->log('warning', $GLOBALS['Language']->getText('plugin_docman', 'event_lock_add'));
                 }
                 $this->view = 'NewVersion';
             }
             break;
         case 'action_update':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->view = 'Update';
             }
             break;
         case 'action_copy':
             //@XSS: validate action against a regexp.
             $_action = $this->request->get('orig_action');
             $_id = (int) $this->request->get('orig_id');
             $this->_actionParams['item'] = $item;
             $this->action = $view;
             if (!$this->request->exist('ajax_copy')) {
                 $this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'action_cut':
             $_action = $this->request->get('orig_action');
             $_id = (int) $this->request->get('orig_id');
             $this->_actionParams['item'] = $item;
             $this->action = $view;
             if (!$this->request->exist('ajax_cut')) {
                 $this->_viewParams['default_url_params'] = array('action' => $_action, 'id' => $_id);
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'action_paste':
             $itemToPaste = null;
             $mode = null;
             $allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
             if (!$allowed) {
                 $this->view = 'Details';
             } else {
                 $this->_viewParams['itemToPaste'] = $itemToPaste;
                 $this->_viewParams['srcMode'] = $mode;
                 $this->view = 'Paste';
             }
             break;
         case 'paste_cancel':
             // intend to be only called through ajax call
             $item_factory->delCopyPreference();
             $item_factory->delCutPreference();
             break;
         case 'paste':
             if ($this->request->exist('cancel')) {
                 $this->_viewParams['default_url_params'] = array('action' => 'show');
                 $this->view = 'RedirectAfterCrud';
             } else {
                 $itemToPaste = null;
                 $mode = null;
                 $allowed = $this->checkPasteIsAllowed($item, $itemToPaste, $mode);
                 if (!$allowed) {
                     $this->view = 'Details';
                 } else {
                     $this->_viewParams['importMd'] = false;
                     if ($this->userCanAdmin()) {
                         if ($this->request->exist('import_md') && $this->request->get('import_md') == '1') {
                             $this->_viewParams['importMd'] = true;
                         }
                     }
                     $this->_viewParams['item'] = $item;
                     $this->_viewParams['rank'] = $this->request->get('rank');
                     $this->_viewParams['itemToPaste'] = $itemToPaste;
                     $this->_viewParams['srcMode'] = $mode;
                     /*$this->action = $view;
                                                   
                       $this->_viewParams['default_url_params'] = array('action'  => 'show',
                                                                        'id'      => $item->getId());
                       $this->view = 'RedirectAfterCrud';*/
                     $this->_viewParams['item'] = $item;
                     $this->_viewParams['rank'] = $this->request->get('rank');
                     $this->_viewParams['itemToPaste'] = $itemToPaste;
                     $this->_viewParams['srcMode'] = $mode;
                     $this->view = 'PasteInProgress';
                 }
             }
             break;
         case 'approval_create':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->view = 'ApprovalCreate';
             }
             break;
         case 'approval_delete':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 if ($this->request->exist('confirm')) {
                     $this->action = $view;
                     $this->_actionParams['item'] = $item;
                     // Version
                     $vVersion = new Valid_UInt('version');
                     $vVersion->required();
                     if ($this->request->valid($vVersion)) {
                         $this->_actionParams['version'] = $this->request->get('version');
                     } else {
                         $this->_actionParams['version'] = null;
                     }
                 }
                 $this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'approval_update':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->_actionParams['item'] = $item;
                 // Settings
                 $this->_actionParams['status'] = (int) $this->request->get('status');
                 $this->_actionParams['description'] = $this->request->get('description');
                 $this->_actionParams['notification'] = (int) $this->request->get('notification');
                 $this->_actionParams['reminder'] = $this->request->get('reminder');
                 $this->_actionParams['occurence'] = (int) $this->request->get('occurence');
                 $this->_actionParams['period'] = (int) $this->request->get('period');
                 // Users
                 $this->_actionParams['user_list'] = $this->request->get('user_list');
                 $this->_actionParams['ugroup_list'] = null;
                 if (is_array($this->request->get('ugroup_list'))) {
                     $this->_actionParams['ugroup_list'] = array_map('intval', $this->request->get('ugroup_list'));
                 }
                 // Selected users
                 $this->_actionParams['sel_user'] = null;
                 if (is_array($this->request->get('sel_user'))) {
                     $this->_actionParams['sel_user'] = array_map('intval', $this->request->get('sel_user'));
                 }
                 $allowedAct = array('100', 'mail', 'del');
                 $this->_actionParams['sel_user_act'] = null;
                 if (in_array($this->request->get('sel_user_act'), $allowedAct)) {
                     $this->_actionParams['sel_user_act'] = $this->request->get('sel_user_act');
                 }
                 // Resend
                 $this->_actionParams['resend_notif'] = false;
                 if ($this->request->get('resend_notif') == 'yes') {
                     $this->_actionParams['resend_notif'] = true;
                 }
                 // Version
                 $vVersion = new Valid_UInt('version');
                 $vVersion->required();
                 if ($this->request->valid($vVersion)) {
                     $this->_actionParams['version'] = $this->request->get('version');
                 } else {
                     $this->_actionParams['version'] = null;
                 }
                 // Import
                 $vImport = new Valid_WhiteList('app_table_import', array('copy', 'reset', 'empty'));
                 $vImport->required();
                 $this->_actionParams['import'] = $this->request->getValidated('app_table_import', $vImport, false);
                 // Owner
                 $vOwner = new Valid_String('table_owner');
                 $vOwner->required();
                 $this->_actionParams['table_owner'] = $this->request->getValidated('table_owner', $vOwner, false);
                 //
                 // Special handeling of table deletion
                 if ($this->_actionParams['status'] == PLUGIN_DOCMAN_APPROVAL_TABLE_DELETED) {
                     $this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'delete' => 'confirm', 'id' => $item->getId());
                 } else {
                     // Action!
                     $this->action = $view;
                     $this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
                 }
                 if ($this->_actionParams['version'] !== null) {
                     $this->_viewParams['default_url_params']['version'] = $this->_actionParams['version'];
                 }
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'approval_upd_user':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->_actionParams['item'] = $item;
                 $this->_actionParams['user_id'] = (int) $this->request->get('user_id');
                 $this->_actionParams['rank'] = $this->request->get('rank');
                 $this->action = $view;
                 $this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'approval_del_user':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->_actionParams['item'] = $item;
                 $this->_actionParams['user_id'] = (int) $this->request->get('user_id');
                 $this->action = $view;
                 $this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'approval_user_commit':
             $atf =& Docman_ApprovalTableFactoriesFactory::getFromItem($item);
             $table = $atf->getTable();
             $atrf =& new Docman_ApprovalTableReviewerFactory($table, $item);
             if (!$this->userCanRead($item->getId()) || !$atrf->isReviewer($user->getId()) || !$table->isEnabled()) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->_actionParams['item'] = $item;
                 $svState = 0;
                 $sState = (int) $this->request->get('state');
                 if ($sState >= 0 && $sState < 5) {
                     $svState = $sState;
                 }
                 $this->_actionParams['svState'] = $svState;
                 $this->_actionParams['sVersion'] = null;
                 if ($this->request->exist('version')) {
                     $sVersion = (int) $this->request->get('version');
                     switch ($item_factory->getItemTypeForItem($item)) {
                         case PLUGIN_DOCMAN_ITEM_TYPE_WIKI:
                             if ($sVersion <= 0) {
                                 $sVersion = null;
                             }
                         case PLUGIN_DOCMAN_ITEM_TYPE_FILE:
                         case PLUGIN_DOCMAN_ITEM_TYPE_EMBEDDEDFILE:
                             // assume ok: do nothing.
                             break;
                         default:
                             $sVersion = null;
                     }
                     $this->_actionParams['sVersion'] = $sVersion;
                 }
                 $this->_actionParams['usComment'] = $this->request->get('comment');
                 $this->_actionParams['monitor'] = (int) $this->request->get('monitor');
                 $this->action = $view;
                 $this->_viewParams['default_url_params'] = array('action' => 'details', 'section' => 'approval', 'id' => $item->getId());
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'approval_notif_resend':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $this->txt('error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $this->action = $view;
                 $this->_actionParams['item'] = $item;
                 $this->_viewParams['default_url_params'] = array('action' => 'approval_create', 'id' => $item->getId());
                 $this->view = 'RedirectAfterCrud';
             }
             break;
         case 'edit':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 $mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
                 $mdFactory->appendAllListOfValuesToItem($item);
                 $this->view = 'Edit';
             }
             break;
         case 'delete':
             if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
                 $this->_set_deleteView_errorPerms();
             } else {
                 if ($this->request->exist('confirm')) {
                     $this->action = $view;
                     $this->_set_redirectView();
                 } else {
                     $this->view = 'Details';
                 }
             }
             break;
         case 'deleteVersion':
             if (!($this->userCanWrite($item->getId()) && $this->userCanWrite($item->getParentId()))) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_delete'));
                 $this->_set_deleteView_errorPerms();
             } else {
                 if ($this->request->exist('confirm')) {
                     $this->action = $view;
                     $this->_set_redirectView();
                 } else {
                     $this->view = 'Details';
                 }
             }
             break;
         case 'createFolder':
         case 'createDocument':
         case 'createItem':
             if ($this->request->exist('cancel')) {
                 $this->_set_redirectView();
             } else {
                 $i = $this->request->get('item');
                 if (!$i || !isset($i['parent_id'])) {
                     $this->feedback->log('error', 'Missing parameter.');
                     $this->view = 'DocmanError';
                 } else {
                     $parent =& $item_factory->getItemFromDb($i['parent_id']);
                     if (!$parent || $parent->getGroupId() != $this->getGroupId() || !$this->userCanWrite($parent->getId())) {
                         $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_create'));
                         $this->_set_createItemView_errorParentDoesNotExist($item, $get_show_view);
                     } else {
                         //Validations
                         $new_item = $this->createItemFromUserInput();
                         $valid = $this->_validateRequest(array_merge($new_item->accept(new Docman_View_GetFieldsVisitor()), $new_item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request))));
                         if ($user->isMember($this->getGroupId(), 'A') || $user->isMember($this->getGroupId(), 'N1') || $user->isMember($this->getGroupId(), 'N2')) {
                             $news = $this->request->get('news');
                             if ($news) {
                                 $is_news_details = isset($news['details']) && trim($news['details']);
                                 $is_news_summary = isset($news['summary']) && trim($news['summary']);
                                 if ($is_news_details && !$is_news_summary) {
                                     $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_summary'));
                                     $valid = false;
                                 }
                                 if (!$is_news_details && $is_news_summary) {
                                     $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_create_news_details'));
                                     $valid = false;
                                 }
                             }
                         }
                         if ($valid) {
                             $this->action = $view;
                             $this->_set_redirectView();
                         } else {
                             // Propagate return page
                             $this->_viewParams['token'] = $this->request->get('token');
                             $this->_viewParams['force_item'] = $new_item;
                             $this->_viewParams['force_news'] = $this->request->get('news');
                             $this->_viewParams['force_permissions'] = $this->request->get('permissions');
                             $this->_viewParams['force_ordering'] = $this->request->get('ordering');
                             $this->_viewParams['display_permissions'] = $this->request->exist('user_has_displayed_permissions');
                             $this->_viewParams['display_news'] = $this->request->exist('user_has_displayed_news');
                             $this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
                             $this->_set_createItemView_afterCreate($view);
                         }
                     }
                 }
             }
             break;
         case 'update':
             $this->_viewParams['recurseOnDocs'] = false;
             $this->_actionParams['recurseOnDocs'] = false;
             if ($this->request->get('recurse_on_doc') == 1) {
                 $this->_viewParams['recurseOnDocs'] = true;
                 $this->_actionParams['recurseOnDocs'] = true;
             }
         case 'update_wl':
         case 'new_version':
             if (!$this->userCanWrite($item->getId())) {
                 $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_perms_edit'));
                 $this->view = 'Details';
             } else {
                 // For properties update ('update' action), we need to confirm
                 // the recursive application of metadata update.
                 if ($view == 'update' && $this->request->exist('recurse') && !$this->request->exist('cancel')) {
                     $this->_viewParams['recurse'] = $this->request->get('recurse');
                     if (!$this->request->exist('validate_recurse')) {
                         $updateConfirmed = false;
                     } elseif ($this->request->get('validate_recurse') != 'true') {
                         $updateConfirmed = false;
                     } else {
                         $updateConfirmed = true;
                     }
                 } else {
                     $updateConfirmed = true;
                 }
                 $valid = true;
                 if ($this->request->exist('confirm')) {
                     //Validations
                     if ($view == 'update') {
                         $this->updateMetadataFromUserInput($item);
                         $valid = $this->_validateRequest($item->accept(new Docman_View_GetFieldsVisitor()));
                     } else {
                         $this->updateItemFromUserInput($item);
                         $valid = $this->_validateApprovalTable($this->request, $item) && $this->_validateRequest($item->accept(new Docman_View_GetSpecificFieldsVisitor(), array('request' => &$this->request)));
                     }
                     //Actions
                     if ($valid && $updateConfirmed) {
                         if ($view == 'update_wl') {
                             $this->action = 'update';
                         } else {
                             $this->action = $view;
                         }
                     }
                 }
                 //Views
                 if ($valid && $updateConfirmed) {
                     if ($redirect_to = Docman_Token::retrieveUrl($this->request->get('token'))) {
                         $this->_viewParams['redirect_to'] = $redirect_to;
                     }
                     $this->view = 'RedirectAfterCrud';
                 } else {
                     if ($view == 'update_wl') {
                         $this->view = 'Update';
                     } else {
                         if ($view == 'new_version') {
                             // Keep fields values
                             $v = $this->request->get('version');
                             $this->_viewParams['label'] = $v['label'];
                             $this->_viewParams['changelog'] = $v['changelog'];
                             if ($item instanceof Docman_EmbeddedFile) {
                                 $v = $item->getCurrentVersion();
                                 $v->setContent($this->request->get('content'));
                             }
                             $this->view = 'NewVersion';
                         } else {
                             $mdFactory = new Docman_MetadataFactory($this->_viewParams['group_id']);
                             $mdFactory->appendAllListOfValuesToItem($item);
                             if ($this->request->existAndNonEmpty('token')) {
                                 // propagate the token so the user will be
                                 // redirected to the original page even after
                                 // several properties update errors or
                                 // confirmations.
                                 $this->_viewParams['token'] = $this->request->get('token');
                             }
                             $this->_viewParams['updateConfirmed'] = $updateConfirmed;
                             // The item may have changed (new user input)
                             unset($this->_viewParams['item']);
                             $this->_viewParams['item'] =& $item;
                             $this->view = 'Edit';
                         }
                     }
                 }
             }
             break;
         case 'change_view':
             $this->action = $view;
             break;
         case 'install':
             $this->feedback->log('error', $GLOBALS['Language']->getText('plugin_docman', 'error_alreadyinstalled'));
             $this->view = 'DocmanError';
             break;
         case 'search':
             $this->view = 'Table';
             break;
         case 'positionWithinFolder':
             $this->_viewParams['force_ordering'] = $this->request->get('default_position');
             $this->_viewParams['exclude'] = $this->request->get('exclude');
             $this->_viewParams['hierarchy'] =& $this->getItemHierarchy($root);
             $this->view = ucfirst($view);
             break;
         case 'permissionsForItem':
             $this->_viewParams['user_can_manage'] = $this->userCanManage($item->getId());
             $this->view = ucfirst($view);
             break;
         case 'report_settings':
             $this->view = 'ReportSettings';
             break;
         case 'report_del':
             if ($this->request->exist('report_id')) {
                 $this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
                 $this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
                 $this->action = $view;
             }
             $this->_viewParams['default_url_params'] = array('action' => 'report_settings');
             $this->view = 'RedirectAfterCrud';
             break;
         case 'report_upd':
             if ($this->request->exist('report_id')) {
                 $this->_actionParams['sReportId'] = (int) $this->request->get('report_id');
                 $this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
                 $usScope = $this->request->get('scope');
                 if ($usScope === 'I' || $usScope === 'P') {
                     $this->_actionParams['sScope'] = $usScope;
                 }
                 $this->_actionParams['description'] = $this->request->get('description');
                 $this->_actionParams['title'] = $this->request->get('title');
                 $this->_actionParams['sImage'] = (int) $this->request->get('image');
                 $this->action = $view;
             }
             $this->_viewParams['default_url_params'] = array('action' => 'report_settings');
             $this->view = 'RedirectAfterCrud';
             break;
         case 'report_import':
             if ($this->request->exist('import_search_report_from_group')) {
                 $pm = ProjectManager::instance();
                 $srcGroup = $pm->getProjectFromAutocompleter($this->request->get('import_search_report_from_group'));
                 if ($srcGroup && !$srcGroup->isError()) {
                     $this->_actionParams['sGroupId'] = $this->_viewParams['group_id'];
                     $this->_actionParams['sImportGroupId'] = $srcGroup->getGroupId();
                     $this->_actionParams['sImportReportId'] = null;
                     if ($this->request->exist('import_report_id') && trim($this->request->get('import_report_id')) != '') {
                         $this->_actionParams['sImportReportId'] = (int) $this->request->get('import_report_id');
                     }
                     $this->action = $view;
                 }
             }
             $this->_viewParams['default_url_params'] = array('action' => 'report_settings');
             $this->view = 'RedirectAfterCrud';
             break;
         case 'action_lock_add':
             $this->_actionParams['item'] = $item;
             $this->action = 'action_lock_add';
             break;
         case 'action_lock_del':
             $this->_actionParams['item'] = $item;
             $this->action = 'action_lock_del';
             break;
         case 'ajax_reference_tooltip':
             $this->view = 'AjaxReferenceTooltip';
             break;
         default:
             $event_manager =& EventManager::instance();
             $eParams = array('view' => $view, 'docmanPath' => $this->pluginPath, 'docmanThemePath' => $this->themePath);
             $event_manager->processEvent('plugin_docman_after_dispacher', $eParams);
             die(htmlspecialchars($view) . ' is not supported');
             break;
     }
 }
예제 #19
0
//
// SourceForge: Breaking Down the Barriers to Open Source Development
// Copyright 1999-2000 (c) The SourceForge Crew
// http://sourceforge.net
//
//
require_once 'pre.php';
require '../forum/forum_utils.php';
$request =& HTTPRequest::instance();
if (user_isloggedin()) {
    /*
    	User obviously has to be logged in to monitor
    	a thread
    */
    $vForumId = new Valid_UInt('forum_id');
    $vForumId->required();
    if ($request->valid($vForumId)) {
        $forum_id = $request->get('forum_id');
        // Check permissions
        if (!forum_utils_access_allowed($forum_id)) {
            exit_error($Language->getText('global', 'error'), $Language->getText('forum_forum', 'forum_restricted'));
        }
        //If the forum is associated to a private news, non-allowed users shouldn't be able to monitor this forum
        // but they should be able to disable monitoring news that have been set from public to private
        $qry = "SELECT * FROM news_bytes WHERE forum_id=" . db_ei($forum_id);
        $res = db_query($qry);
        if (db_numrows($res) > 0) {
            if (!forum_utils_news_access($forum_id) && !user_monitor_forum($forum_id, user_getid())) {
                exit_error($Language->getText('global', 'error'), $Language->getText('news_admin_index', 'permission_denied'));
            }
        }
예제 #20
0
    exit_no_group();
}
//if the project isn't active, require you to be a member of the super-admin group
if ($project->getStatus() != 'A') {
    session_require(array('group' => 1));
}
$vFunc = new Valid_WhiteList('func', array('member_req_notif_group', 'member_req_notif_message'));
$vFunc->required();
if ($request->isPost() && $request->valid($vFunc)) {
    /*
      updating the database
    */
    switch ($request->get('func')) {
        case 'member_req_notif_group':
            $vUGroups = new Valid_UInt('ugroups');
            $vUGroups->required();
            if ($request->validArray($vUGroups)) {
                $ugroups = $request->get('ugroups');
                // Remove ugroups that are empty or contain no project admins
                $result = ugroup_filter_ugroups_by_project_admin($group_id, $ugroups);
                $nonAdmins = $result['non_admins'];
                $validUgroups = $result['ugroups'];
                if (empty($validUgroups)) {
                    // If no valid ugroups the default one is project admins ugroup
                    $validUgroups = array($GLOBALS['UGROUP_PROJECT_ADMIN']);
                    $GLOBALS['Response']->addFeedback('error', $Language->getText('project_admin_index', 'member_request_delegation_ugroups_all_invalid'));
                } else {
                    // If some selected ugroups are not valid display them to the user.
                    $diff = array_diff($ugroups, $validUgroups);
                    if (!empty($diff)) {
                        $deletedUgroups = array();
 function updatePreferences(&$request)
 {
     $request->valid(new Valid_String('cancel'));
     $nbShow = new Valid_UInt('nb_svn_commits');
     $nbShow->required();
     if (!$request->exist('cancel')) {
         if ($request->valid($nbShow)) {
             $this->_nb_svn_commits = $request->get('nb_svn_commits');
         } else {
             $this->_nb_svn_commits = self::NB_COMMITS_TO_DISPLAY;
         }
         user_set_preference('my_latests_svn_commits_nb_display', $this->_nb_svn_commits);
     }
     return true;
 }
예제 #22
0
 /**
  * Validate the HTTP request for the user members pane
  *
  * @param Integer     $groupId Id of the project
  * @param HTTPRequest $request HTTP request
  *
  * @return Array
  */
 public function validateRequest($groupId, $request)
 {
     $userDao = new UserDao();
     $res = $userDao->firstUsernamesLetters();
     $allowedBeginValues = array();
     foreach ($res as $data) {
         $allowedBeginValues[] = $data['capital'];
     }
     $result['allowed_begin_values'] = $allowedBeginValues;
     $validBegin = new Valid_WhiteList('begin', $allowedBeginValues);
     $validBegin->required();
     $validInProject = new Valid_UInt('in_project');
     $validInProject->required();
     $result['offset'] = $request->exist('browse') ? 0 : $request->getValidated('offset', 'uint', 0);
     $result['number_per_page'] = $request->exist('number_per_page') ? $request->getValidated('number_per_page', 'uint', 0) : 15;
     $result['search'] = $request->getValidated('search', 'string', '');
     $result['begin'] = $request->getValidated('begin', $validBegin, '');
     $result['in_project'] = $request->getValidated('in_project', $validInProject, $groupId);
     $result['user'] = $request->get('user');
     $result['add_user_name'] = $request->get('add_user_name');
     return $result;
 }
예제 #23
0
 $vPath = new Valid_String('_path');
 $vPath->required();
 if ($request->valid($vPath)) {
     $_path = $request->get('_path');
 } else {
     $_path = '';
 }
 // MV: This comes from src/www/svn/index.php, it seems that user can
 // specify a rev_id here
 $vRevId1 = new Valid_UInt('rev_id');
 $vRevId1->required();
 if ($request->valid($vRevId1)) {
     $_rev_id = $request->get('rev_id');
 } else {
     $vRevId2 = new Valid_UInt('_rev_id');
     $vRevId2->required();
     if ($request->valid($vRevId2)) {
         $_rev_id = $request->get('_rev_id');
     } else {
         $_rev_id = '';
     }
 }
 $vCommiter = new Valid_String('_commiter');
 $vCommiter->required();
 if ($request->valid($vCommiter)) {
     $_commiter = $request->get('_commiter');
 } else {
     $_commiter = '';
 }
 $vSrch = new Valid_String('_srch');
 $vSrch->required();
예제 #24
0
<?php

require_once 'pre.php';
require_once 'www/my/my_utils.php';
require_once 'common/widget/WidgetLayoutManager.class.php';
require_once 'common/widget/Valid_Widget.class.php';
$GLOBALS['HTML']->includeJavascriptFile('/scripts/codendi/LayoutManager.js');
$hp = Codendi_HTMLPurifier::instance();
if (user_isloggedin()) {
    $request =& HTTPRequest::instance();
    $lm = new WidgetLayoutManager();
    $vLayoutId = new Valid_UInt('layout_id');
    $vLayoutId->required();
    if ($request->valid($vLayoutId)) {
        $layout_id = $request->get('layout_id');
        $vOwner = new Valid_Widget_Owner('owner');
        $vOwner->required();
        if ($request->valid($vOwner)) {
            $owner = $request->get('owner');
            $owner_id = (int) substr($owner, 1);
            $owner_type = substr($owner, 0, 1);
            switch ($owner_type) {
                case WidgetLayoutManager::OWNER_TYPE_USER:
                    $owner_id = user_getid();
                    $title = $Language->getText('my_index', 'title', array($hp->purify(user_getrealname(user_getid()), CODENDI_PURIFIER_CONVERT_HTML) . ' (' . user_getname() . ')'));
                    my_header(array('title' => $title, 'selected_top_tab' => '/my/'));
                    $lm->displayAvailableWidgets(user_getid(), WidgetLayoutManager::OWNER_TYPE_USER, $layout_id);
                    site_footer(array());
                    break;
                case WidgetLayoutManager::OWNER_TYPE_GROUP:
                    $pm = ProjectManager::instance();
 /**
  * Update preferences
  *
  * @param Array $request HTTP request
  *
  * @return Boolean
  */
 function updatePreferences($request)
 {
     $request->valid(new Valid_String('cancel'));
     $vOffset = new Valid_UInt('plugin_git_user_pushes_offset');
     $vOffset->required();
     $vDays = new Valid_UInt('plugin_git_user_pushes_past_days');
     $vDays->required();
     if (!$request->exist('cancel')) {
         if ($request->valid($vOffset)) {
             $this->offset = $request->get('plugin_git_user_pushes_offset');
         } else {
             $this->offset = 5;
         }
         if ($request->valid($vDays)) {
             $this->pastDays = $request->get('plugin_git_user_pushes_past_days');
         } else {
             $this->pastDays = 30;
         }
         user_set_preference('plugin_git_user_pushes_offset', $this->offset);
         user_set_preference('plugin_git_user_pushes_past_days', $this->pastDays);
     }
     return true;
 }
예제 #26
0
파일: editproc.php 프로젝트: nterray/tuleap
 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA  02111-1307  USA
 */
require_once 'pre.php';
require_once 'www/file/file_utils.php';
$vGroupId = new Valid_GroupId();
$vGroupId->required();
if ($request->valid($vGroupId)) {
    $group_id = $request->get('group_id');
} else {
    exit_no_group();
}
if (!user_isloggedin() || !user_ismember($group_id, 'R2')) {
    exit_permission_denied();
}
$vProcId = new Valid_UInt('proc_id');
$vProcId->required();
if ($request->valid($vProcId)) {
    $proc_id = $request->get('proc_id');
} else {
    $GLOBALS['Response']->redirect('manageprocessors.php?group_id=' . $group_id);
}
file_utils_admin_header(array('title' => $Language->getText('file_admin_manageprocessors', 'update_proc'), 'help' => 'ManageProcessorsList.html'));
$sql = "SELECT name,rank FROM frs_processor WHERE group_id=" . db_ei($group_id) . " AND processor_id=" . db_ei($proc_id);
$result = db_query($sql);
$name = db_result($result, 0, 'name');
$rank = db_result($result, 0, 'rank');
if (db_numrows($result) < 1) {
    #invalid  processor  id
    $feedback .= " " . $Language->getText('file_admin_manageprocessors', 'invalid_procid');
    file_utils_footer(array());
    exit;
 function updatePreferences(&$request)
 {
     $done = false;
     $vContentId = new Valid_UInt('content_id');
     $vContentId->required();
     if (($chart = $request->get('chart')) && $request->valid($vContentId)) {
         $vId = new Valid_Uint('chart_id');
         if ($request->validInArray('chart', $vId)) {
             $id = " chart_id   = " . db_escape_int($chart['chart_id']) . " ";
         } else {
             $id = '';
         }
         $vTitle = new Valid_String('title');
         if ($request->validInArray('chart', $vTitle)) {
             $title = " title = '" . db_escape_string($chart['title']) . "' ";
         } else {
             $title = '';
         }
         if ($id || $title) {
             $sql = "UPDATE plugin_graphontrackersv5_widget_chart SET " . $title . ", " . $id . " WHERE owner_id = " . $this->owner_id . " AND owner_type = '" . $this->owner_type . "' AND id = " . (int) $request->get('content_id');
             $res = db_query($sql);
             $done = true;
         }
     }
     return $done;
 }
 /**
  * Validate date Reminder Id.
  *
  * @param HTTPRequest $request HTTP request
  *
  * @return Integer
  */
 public function validateReminderId(HTTPRequest $request)
 {
     $validReminderId = new Valid_UInt('reminder_id');
     $validReminderId->required();
     if ($request->valid($validReminderId)) {
         return $request->get('reminder_id');
     } else {
         $errorMessage = $GLOBALS['Language']->getText('project_admin_utils', 'tracker_date_reminder_invalid_reminder', array($request->get('reminder_id')));
         throw new Tracker_DateReminderException($errorMessage);
     }
 }
예제 #29
0
 * it under the terms of the GNU General Public License as published by
 * the Free Software Foundation; either version 2 of the License, or
 * (at your option) any later version.
 *
 * Codendi is distributed in the hope that it will be useful,
 * but WITHOUT ANY WARRANTY; without even the implied warranty of
 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 * GNU General Public License for more details.
 *
 * You should have received a copy of the GNU General Public License
 * along with Codendi. If not, see <http://www.gnu.org/licenses/>.
 */
require_once 'pre.php';
$request = HTTPRequest::instance();
$vGroupId = new Valid_UInt('group_id');
$vGroupId->required();
if ($request->valid($vGroupId)) {
    $group_id = $request->get('group_id');
} else {
    exit_no_group();
}
$pm = ProjectManager::instance();
$group = $pm->getProject($group_id);
if (!$group || !is_object($group) || $group->isError()) {
    exit_no_group();
}
$vExport = new Valid_WhiteList('export', array('user_groups', 'user_groups_format'));
$vExport->required();
if ($request->valid($vExport)) {
    $export = $request->get('export');
    $col_list = array('group', 'username', 'realname');
예제 #30
0
function plugin_forumml_show_message($p, $hp, $msg, $id_parent, $purgeCache)
{
    $body = $msg['body'];
    $request = HTTPRequest::instance();
    // Is "ready to display" body already in cache or not
    $bodyIsCached = false;
    if (!empty($msg['cached_html']) && !$purgeCache) {
        $bodyIsCached = true;
    }
    if (PEAR::isError($from_info = Mail_RFC822::parseAddressList($msg['sender'], $GLOBALS['sys_default_domain'])) || !isset($from_info[0]) || !$from_info[0]->personal) {
        $from_info = $hp->purify($msg['sender'], CODENDI_PURIFIER_CONVERT_HTML);
    } else {
        $from_info = '<abbr title="' . $hp->purify($from_info[0]->mailbox . '@' . $from_info[0]->host, CODENDI_PURIFIER_CONVERT_HTML) . '">' . $hp->purify($from_info[0]->personal, CODENDI_PURIFIER_CONVERT_HTML) . '</abbr>';
    }
    echo '<div class="plugin_forumml_message">';
    // specific thread
    echo '<div class="plugin_forumml_message_header boxitemalt" id="plugin_forumml_message_' . $msg['id_message'] . '">';
    echo '<div class="plugin_forumml_message_header_subject">' . $hp->purify($msg['subject'], CODENDI_PURIFIER_CONVERT_HTML) . '</div>';
    echo '<a href="#' . $msg['id_message'] . '" title="message #' . $msg['id_message'] . '">';
    echo '<img src="' . $p->getThemePath() . '/images/ic/comment.png" id="' . $msg['id_message'] . '" style="vertical-align:middle" alt="#' . $msg['id_message'] . '" />';
    echo '</a>';
    echo ' <span class="plugin_forumml_message_header_from">' . $from_info . '</span>';
    echo ' <span class="plugin_forumml_message_header_date">' . $GLOBALS['Language']->getText('plugin_forumml', 'show_message_date', array($msg['date'])) . '</span>';
    echo '&nbsp;<a href="#" id="plugin_forumml_toogle_msg_' . $msg['id_message'] . '" class="plugin_forumml_toggle_font">' . $GLOBALS['Language']->getText('plugin_forumml', 'toggle_font') . '</a>';
    // get CC
    $cc = trim($msg['cc']);
    if ($cc) {
        if (PEAR::isError($cc_info = Mail_RFC822::parseAddressList($cc, $GLOBALS['sys_default_domain']))) {
            $ccs = $hp->purify($cc, CODENDI_PURIFIER_CONVERT_HTML);
        } else {
            $ccs = array();
            foreach ($cc_info as $c) {
                if (!$c->personal) {
                    $ccs[] = $hp->purify($c->mailbox . '@' . $c->host, CODENDI_PURIFIER_CONVERT_HTML);
                } else {
                    $ccs[] = '<abbr title="' . $hp->purify($c->mailbox . '@' . $c->host, CODENDI_PURIFIER_CONVERT_HTML) . '">' . $hp->purify($c->personal, CODENDI_PURIFIER_CONVERT_HTML) . '</abbr>';
                }
            }
            $ccs = implode(', ', $ccs);
        }
        print '<div class="plugin_forumml_message_header_cc">' . $GLOBALS['Language']->getText('plugin_forumml', 'show_message_cc') . ' ' . $ccs . '</div>';
    }
    // Message content
    if (strpos($msg['content_type'], 'multipart/') !== false) {
        $content_type = $msg['msg_type'];
    } else {
        $content_type = $msg['content_type'];
    }
    $is_html = strpos($content_type, "text/html") !== false;
    // get attached files
    if (count($msg['attachments'])) {
        print '<div class="plugin_forumml_message_header_attachments">';
        $first = true;
        foreach ($msg['attachments'] as $attachment) {
            // Special case, this is an HTML email
            if (preg_match('/.html$/i', $attachment['file_name'])) {
                // By default, the first html attachment replaces the default body (text)
                if ($first) {
                    if (!$bodyIsCached && is_file($attachment['file_path'])) {
                        $body = file_get_contents($attachment['file_path']);
                        // Make sure that the body is utf8
                        if (!mb_detect_encoding($body, 'UTF-8', true)) {
                            $body = mb_convert_encoding($body, 'UTF-8');
                        }
                        $is_html = true;
                    }
                    continue;
                } else {
                    $flink = $attachment['file_name'];
                }
            } else {
                $flink = $attachment['file_name'];
            }
            if (!$first) {
                echo ',&nbsp;&nbsp;';
            }
            echo "<img src='" . $p->getThemePath() . "/images/ic/attach.png'/>  <a href='upload.php?group_id=" . $request->get('group_id') . "&list=" . $request->get('list') . "&id=" . $attachment['id_attachment'] . "&topic=" . $id_parent . "'>" . $flink . "</a>";
            $first = false;
        }
        echo '</div>';
    }
    echo '</div>';
    print '<div id="plugin_forumml_message_content_' . $msg['id_message'] . '" class="plugin_forumml_message_content_std">';
    $body = str_replace("\r\n", "\n", $body);
    // If there is no cached html of if user requested to regenerate the cache, do it, otherwise use cached HTML.
    if (!$bodyIsCached) {
        // Purify message body, according to the content-type
        if ($is_html) {
            // Update attachment links
            $body = plugin_forumml_replace_attachment($msg['id_message'], $request->get('group_id'), $request->get('list'), $id_parent, $body);
            // Use CODENDI_PURIFIER_FULL for html mails
            $msg['cached_html'] = $hp->purify($body, CODENDI_PURIFIER_FULL, $request->get('group_id'));
        } else {
            // CODENDI_PURIFIER_FORUMML level : no basic html markups, no forms, no javascript,
            // Allowed: url + automagic links + <blockquote>
            $purified_body = $hp->purify($body, CODENDI_PURIFIER_CONVERT_HTML, $request->get('group_id'));
            $purified_body = str_replace('&gt;', '>', $purified_body);
            $tab_body = '';
            $level = 0;
            $current_level = 0;
            $search_for_quotes = false;
            $maxi = strlen($purified_body);
            for ($i = 0; $i < $maxi; ++$i) {
                if ($search_for_quotes) {
                    if ($purified_body[$i] == ">") {
                        ++$current_level;
                        if ($level < $current_level) {
                            $tab_body .= '<blockquote class="grep">';
                            ++$level;
                        }
                    } else {
                        $search_for_quotes = false;
                        if ($level > $current_level) {
                            $tab_body .= '</blockquote>';
                            --$level;
                        }
                        if ($purified_body[$i] == "\n" && $i < $maxi - 1) {
                            $search_for_quotes = true;
                            $current_level = 0;
                        }
                        $tab_body .= $purified_body[$i];
                    }
                } else {
                    if ($purified_body[$i] == "\n" && $i < $maxi - 1) {
                        $search_for_quotes = true;
                        $current_level = 0;
                    }
                    $tab_body .= $purified_body[$i];
                }
            }
            $purified_body = str_replace('>', '&gt;', $purified_body);
            $msg['cached_html'] = nl2br($tab_body);
        }
        db_query('UPDATE plugin_forumml_message SET cached_html="' . db_es($msg['cached_html']) . '" WHERE id_message=' . $msg['id_message']);
    }
    echo $msg['cached_html'];
    echo '</div>';
    // Reply
    echo '<div class="plugin_forumml_message_footer">';
    // If you click on 'Reply', load reply form
    $vMess = new Valid_UInt('id_mess');
    $vMess->required();
    if ($request->valid($vMess) && $request->get('id_mess') == $msg['id_message']) {
        $vReply = new Valid_WhiteList('reply', array(0, 1));
        $vReply->required();
        if ($request->valid($vReply) && $request->get('reply') == 1) {
            if ($is_html) {
                $body = $hp->purify($body, CODENDI_PURIFIER_STRIP_HTML);
            } else {
                $body = $hp->purify($body, CODENDI_PURIFIER_CONVERT_HTML);
            }
            plugin_forumml_reply($hp, $msg['subject'], $msg['id_message'], $id_parent, $body, $msg['sender']);
        }
    } else {
        print "<a href='message.php?group_id=" . $request->get('group_id') . "&topic=" . $id_parent . "&id_mess=" . $msg['id_message'] . "&reply=1&list=" . $request->get('list') . "#reply-" . $msg['id_message'] . "'>\n                            <img src='" . $p->getThemePath() . "/images/ic/comment_add.png'/>\n                            " . $GLOBALS['Language']->getText('plugin_forumml', 'reply') . "\n                        </a>";
    }
    echo '</div>';
    echo '</div>';
}