?>
</textarea>
</td>
</tr>
<tr class="row-1">
<th class="category">
<?php
echo lang_get('filename');
?>
</th>
<td>
<?php
$t_href = '<a href="file_download.php?file_id=' . $v_id . '&type=doc">';
echo $t_href;
print_file_icon($v_filename);
echo '</a> ' . $t_href . file_get_display_name($v_filename) . '</a>';
?>
</td>
</tr>
<tr class="row-2">
<td class="category">
<?php
echo lang_get('select_file');
?>
<br />
<?php
// FIXME: hard coded "k" in here.
?>
<span class="small"><?php
echo lang_get('max_file_size_label') . lang_get('word_separator') . number_format($t_max_file_size / 1000);
?>
/**
* Copies all attachments from the source bug to the destination bug
*
* Does not perform history logging and does not perform access checks.
*
* @param integer $p_source_bug_id Source Bug.
* @param integer $p_dest_bug_id Destination Bug.
* @return void
*/
function file_copy_attachments($p_source_bug_id, $p_dest_bug_id)
{
$t_query = 'SELECT * FROM {bug_file} WHERE bug_id = ' . db_param();
$t_result = db_query($t_query, array($p_source_bug_id));
$t_count = db_num_rows($t_result);
$t_project_id = bug_get_field($p_source_bug_id, 'project_id');
for ($i = 0; $i < $t_count; $i++) {
$t_bug_file = db_fetch_array($t_result);
# prepare the new diskfile name and then copy the file
$t_source_file = $t_bug_file['folder'] . $t_bug_file['diskfile'];
if (config_get('file_upload_method') == DISK) {
$t_source_file = file_normalize_attachment_path($t_source_file, $t_project_id);
$t_file_path = dirname($t_source_file) . DIRECTORY_SEPARATOR;
} else {
$t_file_path = $t_bug_file['folder'];
}
$t_new_diskfile_name = file_generate_unique_name($t_file_path);
$t_new_diskfile_location = $t_file_path . $t_new_diskfile_name;
$t_new_file_name = file_get_display_name($t_bug_file['filename']);
if (config_get('file_upload_method') == DISK) {
# Skip copy operation if file does not exist (i.e. target bug will have missing attachment)
# @todo maybe we should trigger an error instead in this case ?
if (file_exists($t_source_file)) {
copy($t_source_file, $t_new_diskfile_location);
chmod($t_new_diskfile_location, config_get('attachments_file_permissions'));
}
}
$t_query = 'INSERT INTO {bug_file} (
bug_id, title, description, diskfile, filename, folder,
filesize, file_type, date_added, user_id, content
)
VALUES ( ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ', ' . db_param() . ')';
db_query($t_query, array($p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_file_path, $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['user_id'], $t_bug_file['content']));
}
}
case 'doc':
# Check if project documentation feature is enabled.
if (OFF == config_get('enable_project_documentation')) {
access_denied();
}
access_ensure_project_level(config_get('view_proj_doc_threshold'), $v_project_id);
break;
}
# flush output buffer to protect download
@ob_end_clean();
# Make sure that IE can download the attachments under https.
header('Pragma: public');
header('Content-Type: ' . $v_file_type);
header('Content-Length: ' . $v_filesize);
# Added Quotes (") around file name.
header('Content-Disposition: attachment; filename="' . file_get_display_name($v_filename) . '"');
header('Content-Description: Download Data');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', db_unixtimestamp($v_date_added)));
# To fix an IE bug which causes problems when downloading
# attached files via HTTPS, we disable the "Pragma: no-cache"
# command when IE is used over HTTPS.
global $g_allow_file_cache;
if (isset($_SERVER["HTTPS"]) && "on" == $_SERVER["HTTPS"] && preg_match("/MSIE/", $_SERVER["HTTP_USER_AGENT"])) {
# Suppress "Pragma: no-cache" header.
} else {
if (!isset($g_allow_file_cache)) {
header('Pragma: no-cache');
}
}
header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
# dump file content to the connection.
# Make sure that IE can download the attachments under https.
header('Pragma: public');
# To fix an IE bug which causes problems when downloading
# attached files via HTTPS, we disable the "Pragma: no-cache"
# command when IE is used over HTTPS.
global $g_allow_file_cache;
if (http_is_protocol_https() && is_browser_internet_explorer()) {
# Suppress "Pragma: no-cache" header.
} else {
if (!isset($g_allow_file_cache)) {
header('Pragma: no-cache');
}
}
header('Expires: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', time()));
header('Last-Modified: ' . gmdate('D, d M Y H:i:s \\G\\M\\T', $v_date_added));
$t_filename = file_get_display_name($v_filename);
# For Internet Explorer 8 as per http://blogs.msdn.com/ie/archive/2008/07/02/ie8-security-part-v-comprehensive-protection.aspx
# Don't let IE second guess our content-type!
header('X-Content-Type-Options: nosniff');
http_content_disposition_header($t_filename, $f_show_inline);
header('Content-Length: ' . $v_filesize);
# If finfo is available (always true for PHP >= 5.3.0) we can use it to determine the MIME type of files
$finfo = finfo_get_if_available();
$t_content_type = $v_file_type;
$t_content_type_override = file_get_content_type_override($t_filename);
# dump file content to the connection.
switch (config_get('file_upload_method')) {
case DISK:
$t_local_disk_file = file_normalize_attachment_path($v_diskfile, $t_project_id);
if (file_exists($t_local_disk_file)) {
if ($finfo) {
/**
*
* Copies all attachments from the source bug to the destination bug
*
* <p>Does not perform history logging and does not perform access checks.</p>
*
* @param int $p_source_bug_id
* @param int $p_dest_bug_id
*/
function file_copy_attachments($p_source_bug_id, $p_dest_bug_id)
{
$t_mantis_bug_file_table = db_get_table('bug_file');
$query = 'SELECT * FROM ' . $t_mantis_bug_file_table . ' WHERE bug_id = ' . db_param();
$result = db_query_bound($query, array($p_source_bug_id));
$t_count = db_num_rows($result);
$t_bug_file = array();
for ($i = 0; $i < $t_count; $i++) {
$t_bug_file = db_fetch_array($result);
# prepare the new diskfile name and then copy the file
$t_file_path = dirname($t_bug_file['folder']);
$t_new_diskfile_name = $t_file_path . file_generate_unique_name('bug-' . $t_bug_file['filename'], $t_file_path);
$t_new_file_name = file_get_display_name($t_bug_file['filename']);
if (config_get('file_upload_method') == DISK) {
copy($t_bug_file['diskfile'], $t_new_diskfile_name);
chmod($t_new_diskfile_name, config_get('attachments_file_permissions'));
}
$query = "INSERT INTO {$t_mantis_bug_file_table}\n \t\t\t\t\t\t( bug_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content )\n \t\t\t\t\t\tVALUES ( " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ",\n \t\t\t\t\t\t\t\t " . db_param() . ");";
db_query_bound($query, array($p_dest_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_bug_file['folder'], $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['content']));
}
}
/**
* Copy a bug from one project to another. Also make copies of issue notes, attachments, history,
* email notifications etc.
* @todo Not managed FTP file upload
* @param array p_bug_id integer representing bug id
* @param int p_target_project_id
* @param bool p_copy_custom_fields
* @param bool p_copy_relationships
* @return int representing the new bugid
* @access public
*/
function bug_copy($p_bug_id, $p_target_project_id = null, $p_copy_custom_fields = false, $p_copy_relationships = false, $p_copy_history = false, $p_copy_attachments = false, $p_copy_bugnotes = false, $p_copy_monitoring_users = false)
{
global $g_db;
$t_mantis_custom_field_string_table = db_get_table('custom_field_string');
$t_mantis_bug_file_table = db_get_table('bug_file');
$t_mantis_bugnote_table = db_get_table('bugnote');
$t_mantis_bugnote_text_table = db_get_table('bugnote_text');
$t_mantis_bug_history_table = db_get_table('bug_history');
$t_mantis_db = $g_db;
$t_bug_id = db_prepare_int($p_bug_id);
$t_target_project_id = db_prepare_int($p_target_project_id);
$t_bug_data = bug_get($t_bug_id, true);
# retrieve the project id associated with the bug
if ($p_target_project_id == null || is_blank($p_target_project_id)) {
$t_target_project_id = $t_bug_data->project_id;
}
$t_bug_data->project_id = $t_target_project_id;
$t_new_bug_id = $t_bug_data->create();
# MASC ATTENTION: IF THE SOURCE BUG HAS TO HANDLER THE bug_create FUNCTION CAN TRY TO AUTO-ASSIGN THE BUG
# WE FORCE HERE TO DUPLICATE THE SAME HANDLER OF THE SOURCE BUG
# @todo VB: Shouldn't we check if the handler in the source project is also a handler in the destination project?
bug_set_field($t_new_bug_id, 'handler_id', $t_bug_data->handler_id);
bug_set_field($t_new_bug_id, 'duplicate_id', $t_bug_data->duplicate_id);
bug_set_field($t_new_bug_id, 'status', $t_bug_data->status);
bug_set_field($t_new_bug_id, 'resolution', $t_bug_data->resolution);
bug_set_field($t_new_bug_id, 'projection', $t_bug_data->projection);
bug_set_field($t_new_bug_id, 'date_submitted', $t_bug_data->date_submitted);
bug_set_field($t_new_bug_id, 'last_updated', $t_bug_data->last_updated);
bug_set_field($t_new_bug_id, 'eta', $t_bug_data->eta);
bug_set_field($t_new_bug_id, 'fixed_in_version', $t_bug_data->fixed_in_version);
bug_set_field($t_new_bug_id, 'target_version', $t_bug_data->target_version);
bug_set_field($t_new_bug_id, 'sponsorship_total', 0);
bug_set_field($t_new_bug_id, 'sticky', 0);
bug_set_field($t_new_bug_id, 'due_date', $t_bug_data->due_date);
# COPY CUSTOM FIELDS
if ($p_copy_custom_fields) {
$query = "SELECT field_id, bug_id, value\n\t\t\t\t\t FROM {$t_mantis_custom_field_string_table}\n\t\t\t\t\t WHERE bug_id=" . db_param();
$result = db_query_bound($query, array($t_bug_id));
$t_count = db_num_rows($result);
for ($i = 0; $i < $t_count; $i++) {
$t_bug_custom = db_fetch_array($result);
$c_field_id = db_prepare_int($t_bug_custom['field_id']);
$c_new_bug_id = db_prepare_int($t_new_bug_id);
$c_value = $t_bug_custom['value'];
$query = "INSERT INTO {$t_mantis_custom_field_string_table}\n\t\t\t\t\t\t ( field_id, bug_id, value )\n\t\t\t\t\t\t VALUES (" . db_param() . ', ' . db_param() . ', ' . db_param() . ')';
db_query_bound($query, array($c_field_id, $c_new_bug_id, $c_value));
}
}
# Copy Relationships
if ($p_copy_relationships) {
relationship_copy_all($t_bug_id, $t_new_bug_id);
}
# Copy bugnotes
if ($p_copy_bugnotes) {
$query = "SELECT *\n\t\t\t\t\t FROM {$t_mantis_bugnote_table}\n\t\t\t\t\t WHERE bug_id=" . db_param();
$result = db_query_bound($query, array($t_bug_id));
$t_count = db_num_rows($result);
for ($i = 0; $i < $t_count; $i++) {
$t_bug_note = db_fetch_array($result);
$t_bugnote_text_id = $t_bug_note['bugnote_text_id'];
$query2 = "SELECT *\n\t\t\t\t\t\t FROM {$t_mantis_bugnote_text_table}\n\t\t\t\t\t\t WHERE id=" . db_param();
$result2 = db_query_bound($query2, array($t_bugnote_text_id));
$t_count2 = db_num_rows($result2);
$t_bugnote_text_insert_id = -1;
if ($t_count2 > 0) {
$t_bugnote_text = db_fetch_array($result2);
$query2 = "INSERT INTO {$t_mantis_bugnote_text_table}\n\t\t\t\t\t\t\t ( note )\n\t\t\t\t\t\t\t VALUES ( " . db_param() . ' )';
db_query_bound($query2, array($t_bugnote_text['note']));
$t_bugnote_text_insert_id = db_insert_id($t_mantis_bugnote_text_table);
}
$query2 = "INSERT INTO {$t_mantis_bugnote_table}\n\t\t\t\t\t\t ( bug_id, reporter_id, bugnote_text_id, view_state, date_submitted, last_modified )\n\t\t\t\t\t\t VALUES ( " . db_param() . ",\n\t\t\t\t\t\t \t\t\t" . db_param() . ",\n\t\t\t\t\t\t \t\t\t" . db_param() . ",\n\t\t\t\t\t\t \t\t\t" . db_param() . ",\n\t\t\t\t\t\t \t\t\t" . db_param() . ",\n\t\t\t\t\t\t \t\t\t" . db_param() . ')';
db_query_bound($query2, array($t_new_bug_id, $t_bug_note['reporter_id'], $t_bugnote_text_insert_id, $t_bug_note['view_state'], $t_bug_note['date_submitted'], $t_bug_note['last_modified']));
}
}
# Copy attachments
if ($p_copy_attachments) {
$query = 'SELECT * FROM ' . $t_mantis_bug_file_table . ' WHERE bug_id = ' . db_param();
$result = db_query_bound($query, array($t_bug_id));
$t_count = db_num_rows($result);
$t_bug_file = array();
for ($i = 0; $i < $t_count; $i++) {
$t_bug_file = db_fetch_array($result);
# prepare the new diskfile name and then copy the file
$t_file_path = dirname($t_bug_file['folder']);
$t_new_diskfile_name = $t_file_path . file_generate_unique_name('bug-' . $t_bug_file['filename'], $t_file_path);
$t_new_file_name = file_get_display_name($t_bug_file['filename']);
if (config_get('file_upload_method') == DISK) {
copy($t_bug_file['diskfile'], $t_new_diskfile_name);
chmod($t_new_diskfile_name, config_get('attachments_file_permissions'));
}
$query = "INSERT INTO {$t_mantis_bug_file_table}\n\t\t\t\t\t\t( bug_id, title, description, diskfile, filename, folder, filesize, file_type, date_added, content )\n\t\t\t\t\t\tVALUES ( " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ",\n\t\t\t\t\t\t\t\t " . db_param() . ");";
db_query_bound($query, array($t_new_bug_id, $t_bug_file['title'], $t_bug_file['description'], $t_new_diskfile_name, $t_new_file_name, $t_bug_file['folder'], $t_bug_file['filesize'], $t_bug_file['file_type'], $t_bug_file['date_added'], $t_bug_file['content']));
}
}
# Copy users monitoring bug
if ($p_copy_monitoring_users) {
bug_monitor_copy($t_bug_id, $t_new_bug_id);
}
# COPY HISTORY
history_delete($t_new_bug_id);
# should history only be deleted inside the if statement below?
if ($p_copy_history) {
$query = "SELECT *\n\t\t\t\t\t FROM {$t_mantis_bug_history_table}\n\t\t\t\t\t WHERE bug_id = " . db_param();
$result = db_query_bound($query, array($t_bug_id));
$t_count = db_num_rows($result);
for ($i = 0; $i < $t_count; $i++) {
$t_bug_history = db_fetch_array($result);
$query = "INSERT INTO {$t_mantis_bug_history_table}\n\t\t\t\t\t\t ( user_id, bug_id, date_modified, field_name, old_value, new_value, type )\n\t\t\t\t\t\t VALUES ( " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . ",\n\t\t\t\t\t\t \t\t " . db_param() . " );";
db_query_bound($query, array($t_bug_history['user_id'], $t_new_bug_id, $t_bug_history['date_modified'], $t_bug_history['field_name'], $t_bug_history['old_value'], $t_bug_history['new_value'], $t_bug_history['type']));
}
}
return $t_new_bug_id;
}
function file_delete($p_file_id, $p_table = 'bug')
{
$t_upload_method = config_get('file_upload_method');
$c_file_id = db_prepare_int($p_file_id);
$t_filename = file_get_field($p_file_id, 'filename', $p_table);
$t_diskfile = file_get_field($p_file_id, 'diskfile', $p_table);
if (DISK == $t_upload_method || FTP == $t_upload_method) {
if (FTP == $t_upload_method) {
$ftp = file_ftp_connect();
file_ftp_delete($ftp, $t_diskfile);
file_ftp_disconnect($ftp);
}
if (file_exists($t_diskfile)) {
file_delete_local($t_diskfile);
}
}
if ('bug' == $p_table) {
# log file deletion
$t_bug_id = file_get_field($p_file_id, 'bug_id', 'bug');
history_log_event_special($t_bug_id, FILE_DELETED, file_get_display_name($t_filename));
}
$t_file_table = config_get('mantis_' . $p_table . '_file_table');
$query = "DELETE FROM {$t_file_table}\n\t\t\t\tWHERE id='{$c_file_id}'";
db_query($query);
return true;
}
function file_delete($p_file_id, $p_table = 'bug')
{
$t_upload_method = config_get('file_upload_method');
$c_file_id = db_prepare_int($p_file_id);
$t_filename = file_get_field($p_file_id, 'filename', $p_table);
$t_diskfile = file_get_field($p_file_id, 'diskfile', $p_table);
if ($p_table == 'bug') {
$t_bug_id = file_get_field($p_file_id, 'bug_id', $p_table);
$t_project_id = bug_get_field($t_bug_id, 'project_id');
} else {
$t_project_id = file_get_field($p_file_id, 'project_id', $p_table);
}
if (DISK == $t_upload_method || FTP == $t_upload_method) {
if (FTP == $t_upload_method) {
$ftp = file_ftp_connect();
file_ftp_delete($ftp, $t_diskfile);
file_ftp_disconnect($ftp);
}
$t_local_disk_file = file_normalize_attachment_path($t_diskfile, $t_project_id);
if (file_exists($t_local_disk_file)) {
file_delete_local($t_local_disk_file);
}
}
if ('bug' == $p_table) {
# log file deletion
history_log_event_special($t_bug_id, FILE_DELETED, file_get_display_name($t_filename));
}
$t_file_table = db_get_table($p_table . '_file');
$query = "DELETE FROM {$t_file_table}\n\t\t\t\tWHERE id=" . db_param();
db_query_bound($query, array($c_file_id));
return true;
}
