* @uses config_api.php
* @uses constant_inc.php
* @uses form_api.php
* @uses gpc_api.php
* @uses helper_api.php
* @uses lang_api.php
* @uses print_api.php
* @uses project_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
form_security_validate('adm_config_delete');
$f_user_id = gpc_get_int('user_id');
$f_project_id = gpc_get_int('project_id');
$f_config_option = gpc_get_string('config_option');
access_ensure_global_level(config_get('set_configuration_threshold'));
if ($f_project_id != ALL_PROJECTS) {
project_ensure_exists($f_project_id);
}
helper_ensure_confirmed(lang_get('delete_config_sure_msg'), lang_get('delete_link'));
config_delete($f_config_option, $f_user_id, $f_project_id);
form_security_purge('adm_config_delete');
print_successful_redirect('adm_config_report.php');
# Delete the users who have never logged in and are older than 1 week
$days_old = (int)7 * SECONDS_PER_DAY;
$query = "SELECT id, access_level
FROM $t_user_table
WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" );
$result = db_query_bound($query, Array( db_now() ) );
if ( !$result ) {
trigger_error( ERROR_GENERIC, ERROR );
}
$count = db_num_rows( $result );
if ( $count > 0 ) {
helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ),
lang_get( 'prune_accounts_button' ) );
}
for ($i=0; $i < $count; $i++) {
$row = db_fetch_array( $result );
# Don't prune accounts with a higher global access level than the current user
if ( access_has_global_level( $row['access_level'] ) ) {
user_delete($row['id']);
}
}
form_security_purge( 'manage_user_prune' );
print_header_redirect( 'manage_user_page.php' );
* @uses print_api.php
*/
/** @ignore */
define('PLUGINS_DISABLED', true);
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
form_security_validate('manage_plugin_update');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_plugin_threshold'));
$t_plugin_table = db_get_table('plugin');
$t_query = "SELECT basename FROM {$t_plugin_table}";
$t_result = db_query_bound($t_query);
while ($t_row = db_fetch_array($t_result)) {
$t_basename = $t_row['basename'];
$f_change = gpc_get_bool('change_' . $t_basename, 0);
if (!$f_change) {
continue;
}
$f_priority = gpc_get_int('priority_' . $t_basename, 3);
$f_protected = gpc_get_bool('protected_' . $t_basename, 0);
$t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param();
db_query_bound($t_query, array($f_priority, $f_protected, $t_basename));
}
form_security_purge('manage_plugin_update');
print_successful_redirect('manage_plugin_page.php');
}
if (ON == config_get('signup_use_captcha') && get_gd_version() > 0 && helper_call_custom_function('auth_can_change_password', array())) {
# captcha image requires GD library and related option to ON
$t_key = utf8_strtolower(utf8_substr(md5(config_get('password_confirm_hash_magic_string') . $t_form_key), 1, 5));
if ($t_key != $f_captcha) {
trigger_error(ERROR_SIGNUP_NOT_MATCHING_CAPTCHA, ERROR);
}
# Clear captcha cache
session_delete(CAPTCHA_IMG);
}
email_ensure_not_disposable($f_email);
# notify the selected group a new user has signed-up
if (user_signup($f_username, $f_email)) {
email_notify_new_account($f_username, $f_email);
}
form_security_purge('signup');
html_page_top1();
html_page_top2a();
?>
<br />
<div align="center">
<table class="width50" cellspacing="1">
<tr>
<td class="center">
<b><?php
echo lang_get('signup_done_title');
?>
</b><br />
<?php
echo "[{$f_username} - {$f_email}] ";
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation, either version 2 of the License, or
# (at your option) any later version.
#
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
/**
* requires tag_api
*/
require_once 'tag_api.php';
form_security_validate('tag_detach');
$f_tag_id = gpc_get_int('tag_id');
$f_bug_id = gpc_get_int('bug_id');
tag_bug_detach($f_tag_id, $f_bug_id);
event_signal('EVENT_TAG_DETACHED', array($f_bug_id, array($f_tag_id)));
form_security_purge('tag_detach');
print_successful_redirect_to_bug($f_bug_id);
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'custom_field_api.php';
form_security_validate('manage_custom_field_delete');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_custom_fields_threshold'));
$f_field_id = gpc_get_int('field_id');
$f_return = strip_tags(gpc_get_string('return', 'manage_custom_field_page.php'));
$t_definition = custom_field_get_definition($f_field_id);
if (0 < count(custom_field_get_project_ids($f_field_id))) {
helper_ensure_confirmed(lang_get('confirm_used_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button'));
} else {
helper_ensure_confirmed(lang_get('confirm_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button'));
}
custom_field_destroy($f_field_id);
form_security_purge('manage_custom_field_delete');
html_page_top1();
html_meta_redirect($f_return);
html_page_top2();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($f_return, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom1(__FILE__);
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'news_api.php';
require_once 'print_api.php';
news_ensure_enabled();
form_security_validate('news_add');
access_ensure_project_level(config_get('manage_news_threshold'));
$f_view_state = gpc_get_int('view_state');
$f_headline = gpc_get_string('headline');
$f_announcement = gpc_get_bool('announcement');
$f_body = gpc_get_string('body');
$t_news_id = news_create(helper_get_current_project(), auth_get_current_user_id(), $f_view_state, $f_announcement, $f_headline, $f_body);
form_security_purge('news_add');
$t_news_row = news_get_row($t_news_id);
html_page_top();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link('news_menu_page.php', lang_get('proceed'));
echo '<br /><br />';
print_news_entry_from_row($t_news_row);
?>
</div>
<?php
* @uses print_api.php
* @uses project_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
form_security_validate('manage_user_proj_delete');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_user_id = gpc_get_int('user_id');
user_ensure_exists($f_user_id);
$t_user = user_get_row($f_user_id);
access_ensure_project_level(config_get('project_user_threshold'), $f_project_id);
access_ensure_project_level($t_user['access_level'], $f_project_id);
$t_project_name = project_get_name($f_project_id);
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('project_name_label') . lang_get('word_separator') . $t_project_name, lang_get('remove_user_button'));
project_remove_user($f_project_id, $f_user_id);
form_security_purge('manage_user_proj_delete');
$t_redirect_url = 'manage_user_edit_page.php?user_id=' . $f_user_id;
html_page_top(null, $t_redirect_url);
html_operation_successful($t_redirect_url);
html_page_bottom();
auth_reauthenticate();
$f_project_id = gpc_get_int( 'project_id' );
$f_other_project_id = gpc_get_int( 'other_project_id' );
$f_copy_from = gpc_get_bool( 'copy_from' );
$f_copy_to = gpc_get_bool( 'copy_to' );
if ( $f_copy_from ) {
$t_src_project_id = $f_other_project_id;
$t_dst_project_id = $f_project_id;
} else if ( $f_copy_to ) {
$t_src_project_id = $f_project_id;
$t_dst_project_id = $f_other_project_id;
} else {
/** @todo Should this become a separate error? */
trigger_error( ERROR_CATEGORY_NO_ACTION, ERROR );
}
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level( config_get( 'manage_project_threshold' ), $t_dst_project_id );
access_ensure_project_level( config_get( 'project_user_threshold' ), $t_dst_project_id );
project_copy_users( $t_dst_project_id, $t_src_project_id, access_get_project_level( $t_dst_project_id ) );
form_security_purge( 'manage_proj_user_copy' );
print_header_redirect( 'manage_proj_edit_page.php?project_id=' . $f_project_id );
require_api('error_api.php');
require_api('event_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
require_api('string_api.php');
form_security_validate('bugnote_update');
$f_bugnote_id = gpc_get_int('bugnote_id');
$f_bugnote_text = gpc_get_string('bugnote_text', '');
$f_time_tracking = gpc_get_string('time_tracking', '0:00');
# Check if the current user is allowed to edit the bugnote
$t_user_id = auth_get_current_user_id();
$t_reporter_id = bugnote_get_field($f_bugnote_id, 'reporter_id');
if ($t_user_id == $t_reporter_id) {
access_ensure_bugnote_level(config_get('bugnote_user_edit_threshold'), $f_bugnote_id);
} else {
access_ensure_bugnote_level(config_get('update_bugnote_threshold'), $f_bugnote_id);
}
# Check if the bug is readonly
$t_bug_id = bugnote_get_field($f_bugnote_id, 'bug_id');
if (bug_is_readonly($t_bug_id)) {
error_parameters($t_bug_id);
trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
$f_bugnote_text = trim($f_bugnote_text) . "\n\n";
bugnote_set_text($f_bugnote_id, $f_bugnote_text);
bugnote_set_time_tracking($f_bugnote_id, $f_time_tracking);
# Plugin integration
event_signal('EVENT_BUGNOTE_EDIT', array($t_bug_id, $f_bugnote_id));
form_security_purge('bugnote_update');
print_successful_redirect(string_get_bug_view_url($t_bug_id) . '#bugnotes');
}
# get user id
$t_user_id = $f_user_id;
$c_export = implode('',$t_prefs_arr);
# update preferences
$t_user_print_pref_table = db_get_table( 'user_print_pref' );
$query = "UPDATE $t_user_print_pref_table
SET print_pref=" . db_param() . "
WHERE user_id=" . db_param();
$result = db_query_bound( $query, Array( $c_export, $t_user_id ) );
form_security_purge( 'print_all_bug_options_update' );
html_page_top( null, $f_redirect_url );
echo '<br /><div>';
if ( $result ) {
print lang_get( 'operation_successful' );
} else {
print error_string( ERROR_GENERIC );
}
echo '<br />';
print_bracket_link( $f_redirect_url, lang_get( 'proceed' ) );
echo '<br /></div>';
html_page_bottom();
if ($f_copy_attachments_from_parent) {
file_copy_attachments($f_master_bug_id, $t_bug_id);
}
}
helper_call_custom_function('issue_create_notify', array($t_bug_id));
# Allow plugins to post-process bug data with the new bug ID
event_signal('EVENT_REPORT_BUG', array($t_bug_data, $t_bug_id));
email_new_bug($t_bug_id);
// log status and resolution changes if they differ from the default
if ($t_bug_data->status != config_get('bug_submit_status')) {
history_log_event($t_bug_id, 'status', config_get('bug_submit_status'));
}
if ($t_bug_data->resolution != config_get('default_bug_resolution')) {
history_log_event($t_bug_id, 'resolution', config_get('default_bug_resolution'));
}
form_security_purge('bug_report');
html_page_top1();
if (!$f_report_stay) {
html_meta_redirect('view_all_bug_page.php');
}
html_page_top2();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link(string_get_bug_view_url($t_bug_id), sprintf(lang_get('view_submitted_bug_link'), $t_bug_id));
print_bracket_link('view_all_bug_page.php', lang_get('view_bugs_link'));
if ($f_report_stay) {
?>
<p>
require_api('form_api.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
form_security_validate('query_delete');
auth_ensure_user_authenticated();
compress_enable();
$f_query_id = gpc_get_int('source_query_id');
$t_redirect_url = 'query_view_page.php';
if (!filter_db_can_delete_filter($f_query_id)) {
print_header_redirect($t_redirect_url);
} else {
html_page_top();
filter_db_delete_filter($f_query_id);
form_security_purge('query_delete');
?>
<br />
<div class="center">
<strong><?php
print filter_db_get_name($f_query_id) . ' ' . lang_get('query_deleted');
?>
</strong>
<form method="post" action="<?php
print $t_redirect_url;
?>
">
<?php
# CSRF protection not required here - form does not result in modifications
?>
<input type="submit" class="button" value="<?php
$f_user_id = gpc_get_int('user_id');
user_ensure_exists($f_user_id);
$t_user = user_get_row($f_user_id);
# Ensure that the account to be reset is of equal or lower access to the
# current user.
access_ensure_global_level($t_user['access_level']);
# If the password can be changed, we reset it, otherwise we unlock
# the account (i.e. reset failed login count)
$t_reset = helper_call_custom_function('auth_can_change_password', array());
if ($t_reset) {
$t_result = user_reset_password($f_user_id);
} else {
$t_result = user_reset_failed_login_count_to_zero($f_user_id);
}
$t_redirect_url = 'manage_user_page.php';
form_security_purge('manage_user_reset');
html_page_top(null, $t_result ? $t_redirect_url : null);
echo '<div class="success-msg">';
if ($t_reset) {
if (false == $t_result) {
# PROTECTED
echo lang_get('account_reset_protected_msg');
} else {
# SUCCESSFUL RESET
if (ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) {
# send the new random password via email
echo lang_get('account_reset_msg');
} else {
# email notification disabled, then set the password to blank
echo lang_get('account_reset_msg2');
}
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'custom_field_api.php';
form_security_validate('manage_proj_custom_field_add_existing');
auth_reauthenticate();
$f_field_id = gpc_get_int('field_id');
$f_project_id = gpc_get_int('project_id');
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id);
custom_field_link($f_field_id, $f_project_id);
form_security_purge('manage_proj_custom_field_add_existing');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom();
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'bug_api.php';
require_once 'bugnote_api.php';
form_security_validate('bugnote_add');
$f_bug_id = gpc_get_int('bug_id');
$f_private = gpc_get_bool('private');
$f_time_tracking = gpc_get_string('time_tracking', '0:00');
$f_bugnote_text = trim(gpc_get_string('bugnote_text', ''));
$t_bug = bug_get($f_bug_id, true);
if ($t_bug->project_id != helper_get_current_project()) {
# in case the current project is not the same project of the bug we are viewing...
# ... override the current project. This to avoid problems with categories and handlers lists etc.
$g_project_override = $t_bug->project_id;
}
if (bug_is_readonly($f_bug_id)) {
error_parameters($f_bug_id);
trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR);
}
access_ensure_bug_level(config_get('add_bugnote_threshold'), $f_bug_id);
// We always set the note time to BUGNOTE, and the API will overwrite it with TIME_TRACKING
// if $f_time_tracking is not 0 and the time tracking feature is enabled.
$t_bugnote_id = bugnote_add($f_bug_id, $f_bugnote_text, $f_time_tracking, $f_private, BUGNOTE);
if (!$t_bugnote_id) {
error_parameters(lang_get('bugnote'));
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
form_security_purge('bugnote_add');
print_successful_redirect_to_bug($f_bug_id);
require_api('news_api.php');
require_api('print_api.php');
news_ensure_enabled();
form_security_validate('news_update');
$f_news_id = gpc_get_int('news_id');
$f_project_id = gpc_get_int('project_id');
$f_view_state = gpc_get_int('view_state');
$f_headline = gpc_get_string('headline');
$f_announcement = gpc_get_string('announcement', '');
$f_body = gpc_get_string('body', '');
$row = news_get_row($f_news_id);
# Check both the old project and the new project
access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']);
access_ensure_project_level(config_get('manage_news_threshold'), $f_project_id);
news_update($f_news_id, $f_project_id, $f_view_state, $f_announcement, $f_headline, $f_body);
form_security_purge('news_update');
html_page_top();
echo '<div class="success-msg">';
echo lang_get('operation_successful');
?>
<br />
print_bracket_link( "news_edit_page.php?news_id=$f_news_id&action=edit", lang_get( 'edit_link' ) );
print_bracket_link( 'news_menu_page.php', lang_get( 'proceed' ) );
echo '<br /><br />';
print_news_entry( $f_headline, $f_body, $row['poster_id'], $f_view_state, $f_announcement, $row['date_posted'] );
echo '</div>';
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with Mantis. If not, see <http://www.gnu.org/licenses/>.
# --------------------------------------------------------
# $Id: manage_custom_field_create.php,v 1.17.2.1 2007-10-13 22:33:26 giallu Exp $
# --------------------------------------------------------
require_once 'core.php';
$t_core_path = config_get('core_path');
require_once $t_core_path . 'custom_field_api.php';
form_security_validate('manage_custom_field_create');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_custom_fields_threshold'));
$f_name = gpc_get_string('name');
$t_field_id = custom_field_create($f_name);
if (ON == config_get('custom_field_edit_after_create')) {
$t_redirect_url = "manage_custom_field_edit_page.php?field_id={$t_field_id}";
} else {
$t_redirect_url = 'manage_custom_field_page.php';
}
form_security_purge('manage_custom_field_create');
html_page_top1();
html_meta_redirect($t_redirect_url);
html_page_top2();
echo '<br />';
echo '<div align="center">';
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
echo '</div>';
html_page_bottom1(__FILE__);
* @uses config_api.php
* @uses event_api.php
* @uses form_api.php
* @uses gpc_api.php
* @uses print_api.php
* @uses project_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('event_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
require_api('project_api.php');
form_security_validate('manage_proj_update');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_name = gpc_get_string('name');
$f_description = gpc_get_string('description');
$f_status = gpc_get_int('status');
$f_view_state = gpc_get_int('view_state');
$f_file_path = gpc_get_string('file_path', '');
$f_enabled = gpc_get_bool('enabled');
$f_inherit_global = gpc_get_bool('inherit_global', 0);
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
project_update($f_project_id, $f_name, $f_description, $f_status, $f_view_state, $f_file_path, $f_enabled, $f_inherit_global);
event_signal('EVENT_MANAGE_PROJECT_UPDATE', array($f_project_id));
form_security_purge('manage_proj_update');
print_header_redirect('manage_proj_page.php');
}
# @todo we need to issue a helper_call_custom_function( 'issue_update_validate', array( $t_bug_id, $t_bug_data, $f_bugnote_text ) );
$t_form_var = 'custom_field_' . $f_custom_field_id;
$t_custom_field_value = gpc_get_custom_field($t_form_var, $t_custom_field_def['type'], null);
custom_field_set_value($f_custom_field_id, $t_bug_id, $t_custom_field_value);
bug_update_date($t_bug_id);
email_bug_updated($t_bug_id);
helper_call_custom_function('issue_update_notify', array($t_bug_id));
break;
default:
trigger_error(ERROR_GENERIC, ERROR);
}
# Bug Action Event
event_signal('EVENT_BUG_ACTION', array($f_action, $t_bug_id));
}
form_security_purge($t_form_name);
$t_redirect_url = 'view_all_bug_page.php';
if (count($t_failed_ids) > 0) {
html_page_top();
echo '<div><br />';
echo '<table class="width75">';
$t_separator = lang_get('word_separator');
foreach ($t_failed_ids as $t_id => $t_reason) {
$t_label = sprintf(lang_get('label'), string_get_bug_view_link($t_id)) . $t_separator;
printf("<tr><td width=\"50%%\">%s%s</td><td>%s</td></tr>\n", $t_label, bug_get_field($t_id, 'summary'), $t_reason);
}
echo '</table><br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
echo '</div>';
html_page_bottom();
} else {
require_once 'news_api.php';
require_once 'string_api.php';
news_ensure_enabled();
$f_news_id = gpc_get_int('news_id');
$f_action = gpc_get_string('action', '');
# If deleting item redirect to delete script
if ('delete' == $f_action) {
form_security_validate('news_delete');
$row = news_get_row($f_news_id);
# This check is to allow deleting of news items that were left orphan due to bug #3723
if (project_exists($row['project_id'])) {
access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']);
}
helper_ensure_confirmed(lang_get('delete_news_sure_msg'), lang_get('delete_news_item_button'));
news_delete($f_news_id);
form_security_purge('news_delete');
print_header_redirect('news_menu_page.php', true);
}
# Retrieve news item data and prefix with v_
$row = news_get_row($f_news_id);
if ($row) {
extract($row, EXTR_PREFIX_ALL, 'v');
}
access_ensure_project_level(config_get('manage_news_threshold'), $v_project_id);
$v_headline = string_attribute($v_headline);
$v_body = string_textarea($v_body);
html_page_top(lang_get('edit_news_title'));
# Edit News Form BEGIN
?>
<br />
<div align="center">
user_ensure_realname_unique($t_username, $t_realname);
user_set_realname($t_user_id, $t_realname);
$t_realname_updated = true;
}
# Update password if the two match and are not empty
if (!is_blank($f_password)) {
if ($f_password != $f_password_confirm) {
trigger_error(ERROR_USER_CREATE_PASSWORD_MISMATCH, ERROR);
} else {
if (!auth_does_password_match($t_user_id, $f_password)) {
user_set_password($t_user_id, $f_password);
$t_password_updated = true;
}
}
}
form_security_purge('account_update');
html_page_top(null, $t_redirect);
echo '<br /><div align="center">';
if ($t_email_updated) {
echo lang_get('email_updated') . '<br />';
}
if ($t_password_updated) {
echo lang_get('password_updated') . '<br />';
}
if ($t_realname_updated) {
echo lang_get('realname_updated') . '<br />';
}
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect, lang_get('proceed'));
echo '</div>';
html_page_bottom();
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
form_security_validate('manage_proj_subproj_delete');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_subproject_id = gpc_get_int('subproject_id');
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
project_hierarchy_remove($f_subproject_id, $f_project_id);
form_security_purge('manage_proj_subproj_delete');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom();
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
require_api('user_api.php');
form_security_validate('manage_proj_user_remove');
auth_reauthenticate();
$f_project_id = gpc_get_int('project_id');
$f_user_id = gpc_get_int('user_id', 0);
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('project_user_threshold'), $f_project_id);
if (0 == $f_user_id) {
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button'));
project_remove_all_users($f_project_id, access_get_project_level($f_project_id));
} else {
# Don't allow removal of users from the project who have a higher access level than the current user
access_ensure_project_level(access_get_project_level($f_project_id, $f_user_id), $f_project_id);
$t_user = user_get_row($f_user_id);
# Confirm with the user
helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('username_label') . lang_get('word_separator') . $t_user['username'], lang_get('remove_user_button'));
project_remove_user($f_project_id, $f_user_id);
}
form_security_purge('manage_proj_user_remove');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
html_operation_successful($t_redirect_url);
html_page_bottom();
# only MANAGERS can set global defaults.for a project
if ($f_manage_page && $t_dst_project_id != ALL_PROJECTS) {
access_ensure_project_level(MANAGER, $t_dst_project_id);
}
# user should only be able to set columns for a project that is accessible.
if ($t_dst_project_id != ALL_PROJECTS) {
access_ensure_project_level(VIEWER, $t_dst_project_id);
}
# Calculate the user id to set the configuration for.
if ($f_manage_page) {
$t_user_id = NO_USER;
} else {
$t_user_id = auth_get_current_user_id();
}
$t_all_columns = columns_get_all();
$t_default = null;
$t_view_issues_page_columns = config_get('view_issues_page_columns', $t_default, $t_user_id, $t_src_project_id);
$t_view_issues_page_columns = columns_remove_invalid($t_view_issues_page_columns, $t_all_columns);
$t_print_issues_page_columns = config_get('print_issues_page_columns', $t_default, $t_user_id, $t_src_project_id);
$t_print_issues_page_columns = columns_remove_invalid($t_print_issues_page_columns, $t_all_columns);
$t_csv_columns = config_get('csv_columns', $t_default, $t_user_id, $t_src_project_id);
$t_csv_columns = columns_remove_invalid($t_csv_columns, $t_all_columns);
$t_excel_columns = config_get('excel_columns', $t_default, $t_user_id, $t_src_project_id);
$t_excel_columns = columns_remove_invalid($t_excel_columns, $t_all_columns);
config_set('view_issues_page_columns', $t_view_issues_page_columns, $t_user_id, $t_dst_project_id);
config_set('print_issues_page_columns', $t_print_issues_page_columns, $t_user_id, $t_dst_project_id);
config_set('csv_columns', $t_csv_columns, $t_user_id, $t_dst_project_id);
config_set('excel_columns', $t_excel_columns, $t_user_id, $t_dst_project_id);
form_security_purge('manage_columns_copy');
$t_redirect_url = $f_manage_page ? 'manage_config_columns_page.php' : 'account_manage_columns_page.php';
print_header_redirect($t_redirect_url);
*
* You should have received a copy of the GNU General Public License
* along with Slack Integration; if not, write to the Free Software
* Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
* or see http://www.gnu.org/licenses/.
*/
form_security_validate('plugin_Slack_config_edit');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_plugin_threshold'));
$f_url_webhook = gpc_get_string('url_webhook');
$f_bot_name = gpc_get_string('bot_name');
$f_bot_icon = gpc_get_string('bot_icon');
$f_skip_bulk = gpc_get_bool('skip_bulk');
$f_default_channel = gpc_get_string('default_channel');
if (plugin_config_get('url_webhook') != $f_url_webhook) {
plugin_config_set('url_webhook', $f_url_webhook);
}
if (plugin_config_get('bot_name') != $f_bot_name) {
plugin_config_set('bot_name', $f_bot_name);
}
if (plugin_config_get('bot_icon') != $f_bot_icon) {
plugin_config_set('bot_icon', $f_bot_icon);
}
if (plugin_config_get('skip_bulk') != $f_skip_bulk) {
plugin_config_set('skip_bulk', $f_skip_bulk);
}
if (plugin_config_get('default_channel') != $f_default_channel) {
plugin_config_set('default_channel', $f_default_channel);
}
form_security_purge('plugin_Slack_config_edit');
print_successful_redirect(plugin_page('config', true));
$f_os_build = gpc_get_string('os_build');
$f_description = gpc_get_string('description');
if (profile_is_global($f_profile_id)) {
access_ensure_global_level(config_get('manage_global_profile_threshold'));
profile_update(ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description);
form_security_purge('profile_update');
print_header_redirect('manage_prof_menu_page.php');
} else {
profile_update(auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
}
break;
case 'delete':
if (profile_is_global($f_profile_id)) {
access_ensure_global_level(config_get('manage_global_profile_threshold'));
profile_delete(ALL_USERS, $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('manage_prof_menu_page.php');
} else {
profile_delete(auth_get_current_user_id(), $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
}
break;
case 'make_default':
current_user_set_pref('default_profile', $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
break;
}
continue;
}
$t_version = trim($t_version);
if (version_is_unique($t_version, $f_project_id)) {
version_add($f_project_id, $t_version);
} else {
if (1 == $t_version_count) {
# We only error out on duplicates when a single value was
# given. If multiple values were given, we just add the
# ones we can. The others already exist so it isn't really
# an error.
trigger_error(ERROR_VERSION_DUPLICATE, ERROR);
}
}
}
form_security_purge('manage_proj_ver_add');
if (true == $f_add_and_edit) {
$t_version_id = version_get_id($t_version, $f_project_id);
$t_redirect_url = 'manage_proj_ver_edit_page.php?version_id=' . $t_version_id;
} else {
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
}
html_page_top1();
html_meta_redirect($t_redirect_url);
html_page_top2();
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_once 'custom_field_api.php';
form_security_validate('manage_proj_custom_field_update');
auth_reauthenticate();
$f_field_id = gpc_get_int('field_id');
$f_project_id = gpc_get_int('project_id');
$f_sequence = gpc_get_int('sequence');
# We should check both since we are in the project section and an
# admin might raise the first threshold and not realize they need
# to raise the second
access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id);
access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id);
custom_field_set_sequence($f_field_id, $f_project_id, $f_sequence);
form_security_purge('manage_proj_custom_field_update');
$t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id;
html_page_top(null, $t_redirect_url);
?>
<br />
<div align="center">
<?php
echo lang_get('operation_successful') . '<br />';
print_bracket_link($t_redirect_url, lang_get('proceed'));
?>
</div>
<?php
html_page_bottom();
case 'arial':
case 'verdana':
case 'trebuchet':
case 'verasans':
case 'times':
case 'georgia':
case 'veraserif':
case 'courier':
case 'veramono':
plugin_config_set( 'font', $f_font );
break;
default:
plugin_config_set( 'font', 'arial' );
}
}
if ( current_user_is_administrator() ) {
$f_jpgraph_path = gpc_get_string( 'jpgraph_path', '' );
if ( plugin_config_get( 'jpgraph_path' ) != $f_jpgraph_path ) {
plugin_config_set( 'jpgraph_path', $f_jpgraph_path );
}
}
if ( plugin_config_get( 'jpgraph_antialias' ) != $f_jpgraph_antialias ) {
plugin_config_set( 'jpgraph_antialias', $f_jpgraph_antialias );
}
form_security_purge( 'plugin_graph_config_edit' );
print_successful_redirect( plugin_page( 'config', true ) );
