Exemplo n.º 1
 function show()
     global $page, $db, $user, $fs, $proj;
     $page->setTitle($fs->prefs['page_title'] . L('reports'));
     $events = array(1 => L('taskopened'), 13 => L('taskreopened'), 2 => L('taskclosed'), 3 => L('taskedited'), 14 => L('assignmentchanged'), 29 => L('events.useraddedtoassignees'), 4 => L('commentadded'), 5 => L('commentedited'), 6 => L('commentdeleted'), 7 => L('attachmentadded'), 8 => L('attachmentdeleted'), 11 => L('relatedadded'), 12 => L('relateddeleted'), 9 => L('notificationadded'), 10 => L('notificationdeleted'), 17 => L('reminderadded'), 18 => L('reminderdeleted'));
     $user_events = array(30 => L('created'), 31 => L('deleted'));
     $page->assign('events', $events);
     $page->assign('user_events', $user_events);
     $sort = strtoupper(Get::enum('sort', array('desc', 'asc')));
     $where = array();
     $params = array();
     $orderby = '';
     switch (Get::val('order')) {
         case 'type':
             $orderby = "h.event_type {$sort}, h.event_date {$sort}";
         case 'user':
             $orderby = "user_id {$sort}, h.event_date {$sort}";
         case 'date':
             $orderby = "h.event_date {$sort}, h.event_type {$sort}";
     foreach (Get::val('events', array()) as $eventtype) {
         $where[] = 'h.event_type = ?';
         $params[] = $eventtype;
     $where = '(' . implode(' OR ', $where) . ')';
     if ($proj->id) {
         $where = $where . 'AND (t.project_id = ?  OR h.event_type > 29) ';
         $params[] = $proj->id;
     if (($fromdate = Req::val('fromdate')) || Req::val('todate')) {
         $where .= ' AND ';
         $todate = Req::val('todate');
         if ($fromdate) {
             $where .= ' h.event_date > ?';
             $params[] = Flyspray::strtotime($fromdate) + 0;
         if ($todate && $fromdate) {
             $where .= ' AND h.event_date < ?';
             $params[] = Flyspray::strtotime($todate) + 86400;
         } else {
             if ($todate) {
                 $where .= ' h.event_date < ?';
                 $params[] = Flyspray::strtotime($todate) + 86400;
     $histories = array();
     if (count(Get::val('events'))) {
         if (Get::num('event_number') > 0) {
         $histories = $db->x->getAll("SELECT h.*, t.*, p.project_prefix\n                                             FROM {history} h\n                                        LEFT JOIN {tasks} t ON h.task_id = t.task_id\n                                        LEFT JOIN {projects} p ON t.project_id = p.project_id\n                                            WHERE {$where}\n                                         ORDER BY {$orderby}", null, $params);
     $page->assign('histories', $histories);
     $page->assign('sort', $sort);
Exemplo n.º 2
 function _onsubmit()
     global $proj;
     // only meant for global fields...
     if (!count(Get::val('ids', array()))) {
         return array(ERROR_RECOVER, L('notasksselected'), CreateUrl('index'));
     $proj = new Project(0);
     $return = $this->handle('action', Req::val('action'));
     $proj = new Project(0);
     return $return;
Exemplo n.º 3
 function show($area = null)
     global $page, $fs, $db, $proj, $user, $conf;
     $perpage = '20';
     if (isset($user->infos['tasks_perpage'])) {
         $perpage = $user->infos['tasks_perpage'];
     $pagenum = max(1, Get::num('pagenum', 1));
     $offset = $perpage * ($pagenum - 1);
     // Get the visibility state of all columns
     $visible = explode(' ', trim($proj->id ? $proj->prefs['visible_columns'] : $fs->prefs['visible_columns']));
     if (!is_array($visible) || !count($visible) || !$visible[0]) {
         $visible = array('id');
     list($tasks, $id_list) = Backend::get_task_list($_GET, $visible, $offset, $perpage);
     $page->assign('tasks', $tasks);
     $page->assign('offset', $offset);
     $page->assign('perpage', $perpage);
     $page->assign('pagenum', $pagenum);
     $page->assign('visible', $visible);
     // List of task IDs for next/previous links
     $_SESSION['tasklist'] = $id_list;
     $page->assign('total', count($id_list));
     // Javascript replacement
     if (Get::val('toggleadvanced')) {
         $advanced_search = intval(!Req::val('advancedsearch'));
         Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
         $_COOKIE['advancedsearch'] = $advanced_search;
     // Update check {{{
     if (Get::has('hideupdatemsg')) {
     } else {
         if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
             if (!isset($_SESSION['latest_version'])) {
                 $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
                 //if for some silly reason we get and empty response, we use the actual version
                 $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
                 $db->x->execParam('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
     if (isset($_SESSION['latest_version']) && version_compare($fs->version, $_SESSION['latest_version'], '<')) {
         $page->assign('updatemsg', true);
     // }}}
     $page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title'] . ': ' . L('tasklist'));
Exemplo n.º 4
define('IN_FS', true);
define('IN_FEED', true);
require_once dirname(__FILE__) . '/header.php';
$page = new FSTpl();
// Set up the basic XML head
header('Content-type: text/html; charset=utf-8');
$max_items = Req::num('num', 10) == 10 ? 10 : 20;
$sql_project = ' 1=1 ';
if ($proj->id) {
    $sql_project = sprintf(' p.project_id = %d', $proj->id);
$feed_type = Req::val('feed_type', 'rss2');
if ($feed_type != 'rss1' && $feed_type != 'rss2') {
    $feed_type = 'atom';
switch (Req::val('topic')) {
    case 'clo':
        $orderby = 'date_closed';
        $closed = 't.is_closed = 1 ';
        $topic = 1;
        $title = 'Recently closed tasks';
    case 'edit':
        $orderby = 'last_edited_time';
        $closed = '1=1';
        $topic = 2;
        $title = 'Recently edited tasks';
        $orderby = 'date_opened';
        $closed = '1=1';
Exemplo n.º 5
    header('Content-Type: application/csv');
    header('Content-Disposition: attachment; filename=' . $outfile);
    header('Content-Transfer-Encoding: text');
    header('Expires: 0');
    header('Cache-Control: must-revalidate');
    header('Pragma: public');
    header('Content-Length: ' . strlen($result));
    // finally send out our data
    printf("%s", $result);
// } }}
// Javascript replacement
if (Get::val('toggleadvanced')) {
    $advanced_search = intval(!Req::val('advancedsearch'));
    Flyspray::setCookie('advancedsearch', $advanced_search, time() + 60 * 60 * 24 * 30);
    $_COOKIE['advancedsearch'] = $advanced_search;
// Update check {{{
if (Get::has('hideupdatemsg')) {
} else {
    if ($conf['general']['update_check'] && $user->perms('is_admin') && $fs->prefs['last_update_check'] < time() - 60 * 60 * 24 * 3) {
        if (!isset($_SESSION['latest_version'])) {
            $latest = Flyspray::remote_request('http://flyspray.org/version.txt', GET_CONTENTS);
            //if for some silly reason we get and empty response, we use the actual version
            $_SESSION['latest_version'] = empty($latest) ? $fs->version : $latest;
            $db->Query('UPDATE {prefs} SET pref_value = ? WHERE pref_name = ?', array(time(), 'last_update_check'));
Exemplo n.º 6
 private function &get_command_from_url()
     $out = new FlySprayCommand();
     if (($action = Req::val('action', false)) === false) {
         $null = null;
         return $null;
     $out->action = $action;
     $out->id = Req::val('id');
     switch ($out->action) {
         case 'close_task':
             $out->ids['comment'] = Req::val('comment', '');
             $out->ids['mark100'] = intval(Req::val('mark100', 1));
         case 'add_comment':
             $out->ids[0] = Req::val('text');
         case 'edit_task':
             $out->ids[Req::val('param', '___')] = Req::val('value');
         case 'assign_to_me':
             $ids_str = Req::val('task_ids', '');
             $ids_arr = explode(',', $ids_str);
             $out->ids = $ids_arr;
         case 'get_task_details':
     return $out;
Exemplo n.º 7
     // ##################
     // denying a PM request
     // ##################
 // ##################
 // denying a PM request
 // ##################
 case 'denypmreq':
     $result = $db->Query("SELECT  task_id, project_id\n                                FROM  {admin_requests}\n                               WHERE  request_id = ?", array(Req::val('req_id')));
     $req_details = $db->FetchRow($result);
     if (!$user->perms('manage_project', $req_details['project_id'])) {
     // Mark the PM request as 'resolved'
     $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
     Flyspray::logEvent($req_details['task_id'], 28, Req::val('deny_reason'));
     $notify->Create(NOTIFY_PM_DENY_REQUEST, $req_details['task_id'], Req::val('deny_reason'));
     $_SESSION['SUCCESS'] = L('pmreqdeniedmsg');
     // ##################
     // adding a dependency
     // ##################
 // ##################
 // adding a dependency
 // ##################
 case 'details.newdep':
     if (!$user->can_edit_task($task)) {
     if (!Post::val('dep_task_id')) {
Exemplo n.º 8
 function _onsubmit()
     global $fs, $db, $proj, $user;
     $proj = new Project(0);
     return $this->handle('action', Req::val('action'));
Exemplo n.º 9
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Remove the folder ' . DIRECTORY_SEPARATOR . 'setup</a> before you start using Flyspray</p>
// Any "do" mode that accepts a task_id or id field should be added here.
if (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) {
    if (Req::num('task_id')) {
        $result = $db->Query('SELECT  project_id
                                FROM  {tasks} WHERE task_id = ?', array(Req::num('task_id')));
        $project_id = $db->FetchOne($result);
if (!isset($project_id)) {
    // Determine which project we want to see
    if (($project_id = Cookie::val('flyspray_project')) == '') {
        $project_id = $fs->prefs['default_project'];
    $project_id = Req::val('project', Req::val('project_id', $project_id));
$proj = new Project($project_id);
# no more project cookie!
Exemplo n.º 10
  * Returns (safe) HTML which displays a field to edit a value
  * @access public
  * @param bool $use_default use default field value or not
  * @param bool $lock lock the field depending on the users perms ornot
  * @param array $task task data
  * @param array $add_options add options to the select?
  * @param array $attrs add attributes to the select
  * @return string
 function edit($use_default = true, $lock = false, $task = array(), $add_options = array(), $attrs = array(), $prefix = '')
     global $user, $proj;
     if ($use_default) {
         $task['field' . $this->id] = $this->prefs['default_value'];
     } else {
         if (!isset($task['field' . $this->id])) {
             $task['field' . $this->id] = '';
     // determine whether or not to lock inputs
     $lock = $lock && $this->prefs['force_default'] && (count($task) > 3 && !$user->can_edit_task($task) || !$user->perms('modify_all_tasks'));
     $html = '';
     switch ($this->prefs['field_type']) {
         case FIELD_LIST:
             if (!$this->prefs['list_id']) {
                 return '';
             $html .= sprintf('<select id="%sfield%d" name="%sfield%d%s" %s ', $prefix, $this->id, $prefix, $this->id, isset($attrs['multiple']) ? '[]' : '', join_attrs($attrs));
             $html .= tpl_disableif($lock) . '>';
             $html .= tpl_options(array_merge($add_options, $proj->get_list($this->prefs, $task['field' . $this->id])), Req::val('field' . $this->id, $task['field' . $this->id]));
             $html .= '</select>';
         case FIELD_DATE:
             $attrs = array();
             if ($lock) {
                 $attrs = array('readonly' => 'readonly');
             $html .= tpl_datepicker($prefix . 'field' . $this->id, '', Req::val('field' . $this->id, $task['field' . $this->id]), $attrs);
         case FIELD_TEXT:
             $html .= sprintf('<input type="text" class="text" id="%sfield%d" name="%sfield%d" value="%s"/>', $prefix, $this->id, $prefix, $this->id, Filters::noXSS(Req::val('field' . $this->id, $task['field' . $this->id])));
         case FIELD_USER:
             $html .= tpl_userselect($prefix . 'field' . $this->id, Req::val('field' . $this->id, $task['field' . $this->id]));
     return $html;
Exemplo n.º 11
/* Here begins the deep flyspray : html rendering                              */
# no cache headers are now in header.php!
// see http://www.w3.org/TR/html401/present/styles.html#h-14.2.1
header('Content-Style-Type: text/css');
header('Content-type: text/html; charset=utf-8');
if ($conf['general']['output_buffering'] == 'gzip' && extension_loaded('zlib')) {
    // Start Output Buffering and gzip encoding if setting is present.
} else {
$page = new FSTpl();
// make sure people are not attempting to manually fiddle with projects they are not allowed to play with
if (Req::has('project') && Req::val('project') != 0 && !$user->can_view_project(Req::val('project'))) {
if ($show_task = Get::val('show_task')) {
    // If someone used the 'show task' form, redirect them
    if (is_numeric($show_task)) {
        Flyspray::Redirect(CreateURL('details', $show_task));
    } else {
        Flyspray::Redirect($baseurl . '?string=' . $show_task);
if (Flyspray::requestDuplicated()) {
    // Check that this page isn't being submitted twice
Exemplo n.º 12
define('IN_FS', true);
header('Content-type: text/html; charset=utf-8');
require_once '../../header.php';
$baseurl = dirname(dirname($baseurl)) . '/';
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'));
} else {
    $user = new User(0, $proj);
// don't allow anonymous users to access this page at all
if ($user->isAnon()) {
if (Req::has('name')) {
    $searchterm = strtolower(Req::val('name'));
// Get the list of users from the global groups above
$get_users = $db->Query('  SELECT  count(u.user_name) AS anz_u_user, 
                                   count(r.user_name) AS anz_r_user 
                             FROM  {users} u
                        LEFT JOIN  {registrations} r ON u.user_name = r.user_name
                            WHERE  Lower(u.user_name) = ? 
                                   Lower(r.user_name) = ?', array($searchterm, $searchterm));
while ($row = $db->FetchRow($get_users)) {
    if ($row['anz_u_user'] > '0' || $row['anz_r_user'] > '0') {
        $html = 'false|' . eL('usernametaken');
    } else {
        $html = 'true';
Exemplo n.º 13
  * show 
  * @access public
  * @return void
 function show()
     global $page, $fs, $db;
     $page->setTitle($fs->prefs['page_title'] . L('lostpw'));
     if (!Req::has('magic_url')) {
         // Step One: user requests magic url
     } else {
         // Step Two: user enters new password
         $check_magic = $db->x->getRow('SELECT user_id, user_name FROM {users} WHERE magic_url = ?', null, array(Req::val('magic_url')));
         if ($check_magic) {
             $page->assign('userinfo', $check_magic);
         } else {
Exemplo n.º 14
 function isAlnum($key)
     return Filters::isAlnum(Req::val($key));
Exemplo n.º 15
 function show()
     global $page, $db, $user, $fs;
     $page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
     if (Get::val('regdone')) {
     } else {
         if ($user->can_register()) {
             // 32 is the length of the magic_url
             if (Req::has('magic_url')) {
                 // If the user came here from their notification link
                 $sql = $db->x->GetOne('SELECT reg_id FROM {registrations} WHERE magic_url = ?', null, Req::val('magic_url'));
                 if (!$sql) {
                     FlysprayDo::error(array(ERROR_INPUT, L('error18')));
             } else {
         } else {
Exemplo n.º 16

  | Register a new user (when confirmation codes is used)   |
  | ~~~~~~~~~~~~~~~~~~~                                     |
if (!defined('IN_FS')) {
    die('Do not access this file directly.');
$page->setTitle($fs->prefs['page_title'] . L('registernewuser'));
if (!$user->isAnon()) {
if ($user->can_register()) {
    // 32 is the length of the magic_url
    if (Req::has('magic_url') && strlen(Req::val('magic_url')) == 32) {
        // If the user came here from their notification link
        $sql = $db->Query('SELECT * FROM {registrations} WHERE magic_url = ?', array(Get::val('magic_url')));
        if (!$db->CountRows($sql)) {
    } else {
} elseif ($user->can_self_register()) {
} else {
Exemplo n.º 17
switch ($area = Req::val('area', 'prefs')) {
    case 'users':
        $id = Flyspray::UserNameToId(Req::val('user_name'));
        if (!$id) {
            $id = Req::val('user_id');
        $theuser = new User($id, $proj);
        if ($theuser->isAnon()) {
            Flyspray::show_error(5, true, null, $_SESSION['prev_page']);
        $page->assign('theuser', $theuser);
    case 'cat':
    case 'editgroup':
        // yeah, utterly stupid, is changed in 1.0 already
        if (Req::val('area') == 'editgroup') {
            $group_details = Flyspray::getGroupDetails(Req::num('id'));
            if (!$group_details || $group_details['project_id'] != $proj->id) {
                Flyspray::Redirect(CreateURL('pm', 'groups', $proj->id));
    case 'groups':
    case 'newuser':
    case 'newuserbulk':
    case 'editallusers':
        $page->assign('groups', Flyspray::ListGroups());
    case 'userrequest':
        $sql = $db->Query("SELECT  *\n                             FROM  {admin_requests}\n                            WHERE  request_type = 3 AND project_id = 0 AND resolved_by = 0\n                         ORDER BY  time_submitted ASC");
        $page->assign('pendings', $db->fetchAllArray($sql));
Exemplo n.º 18
function tpl_datepicker($name, $label = '', $value = 0)
    global $user, $page;
    $date = '';
    if ($value) {
        if (!is_numeric($value)) {
            $value = strtotime($value);
        if (!$user->isAnon()) {
            $st = date('Z') / 3600;
            // server GMT timezone
            $value += ($user->infos['time_zone'] - $st) * 60 * 60;
        $date = date('Y-m-d', intval($value));
        /* It must "look" as a date..
         * XXX : do not blindly copy this code to validate other dates
         * this is mostly a tongue-in-cheek validation
         * 1. it will fail on 32 bit systems on dates < 1970
         * 2. it will produce different results bewteen 32 and 64 bit systems for years < 1970
         * 3. it will not work when year > 2038 on 32 bit systems (see http://en.wikipedia.org/wiki/Year_2038_problem)
         * Fortunately tasks are never opened to be dated on 1970 and maybe our sons or the future flyspray
         * coders may be willing to fix the 2038 issue ( in the strange case 32 bit systems are still used by that year) :-)
    } elseif (Req::has($name) && strlen(Req::val($name))) {
        //strtotime sadly returns -1 on faliure in php < 5.1 instead of false
        $ts = strtotime(Req::val($name));
        foreach (array('m', 'd', 'Y') as $period) {
            //checkdate only accepts arguments of type integer
            ${$period} = intval(date($period, $ts));
        // $ts has to be > 0 to get around php behavior change
        // false is casted to 0 by the ZE
        $date = $ts > 0 && checkdate($m, $d, $Y) ? Req::val($name) : '';
    $subPage = new FSTpl();
    $subPage->assign('name', $name);
    $subPage->assign('date', $date);
    $subPage->assign('label', $label);
    $subPage->assign('dateformat', '%Y-%m-%d');
Exemplo n.º 19
  * area_list
  * @access public
  * @return void
 function area_list()
     global $fs, $db, $proj, $user, $page;
     if (!Req::val('list_id')) {
     $row = $db->x->getRow('SELECT list_type, list_name FROM {lists} WHERE list_id = ?', null, Req::val('list_id'));
     if ($row['list_type'] != LIST_CATEGORY) {
         $page->assign('rows', $proj->get_edit_list(Req::val('list_id')));
     $page->assign('list_type', $row['list_type']);
     $page->assign('list_name', $row['list_name']);
Exemplo n.º 20
 function _onsubmit()
     $action = Req::val('action');
     list($type, $msg, $url) = $this->handle('action', $action, $this->task);
     if ($type != NO_SUBMIT) {
         $this->task = Flyspray::GetTaskDetails(Req::num('task_id'));
     return array($type, $msg, $url);
Exemplo n.º 21
         $userids[] = $row['user_id'];
     } else {
         # user is probably in a global group with assignee permission listed, so no need to show second time in a project group.
 if (is_array(Post::val('rassigned_to'))) {
     $page->assign('assignees', Post::val('rassigned_to'));
 } else {
     $assignees = $db->Query('SELECT user_id FROM {assigned} WHERE task_id = ?', $task_details['task_id']);
     $page->assign('assignees', $db->FetchCol($assignees));
 $page->assign('userlist', $userlist);
 # Build the category select array, a movetask or normal taskedit
 # then in the template just use tpl_select($catselect);
 # keep last category selection
 $catselected = Req::val('product_category', $task_details['product_category']);
 if (isset($move) && $move == 1) {
     # listglobalcats
     $gcats = $proj->listCategories(0);
     if (count($gcats) > 0) {
         foreach ($gcats as $cat) {
             $gcatopts[] = array('value' => $cat['category_id'], 'label' => $cat['category_name']);
             if ($catselected == $cat['category_id']) {
                 $gcatopts[count($gcatopts) - 1]['selected'] = 1;
         $catsel['options'][] = array('optgroup' => 1, 'label' => L('categoriesglobal'), 'options' => $gcatopts);
     # listprojectcats
     $pcats = $proj->listCategories($proj->id);
     if (count($pcats) > 0) {
Exemplo n.º 22
    $where[] = 'h.event_type = ?';
    $params[] = $eventtype;
$where = '(' . implode(' OR ', $where) . ')';
if ($proj->id) {
    $where = $where . 'AND (t.project_id = ?  OR h.event_type > 29) ';
    $params[] = $proj->id;
if (($fromdate = Req::val('fromdate')) || Req::val('todate')) {
    $where .= ' AND ';
    $todate = Req::val('todate');
    if ($fromdate) {
        $where .= ' h.event_date > ?';
        $params[] = Flyspray::strtotime($fromdate) + 0;
    if ($todate && $fromdate) {
        $where .= ' AND h.event_date < ?';
        $params[] = Flyspray::strtotime($todate) + 86400;
    } else {
        if ($todate) {
            $where .= ' h.event_date < ?';
            $params[] = Flyspray::strtotime($todate) + 86400;
if (count(Req::val('events'))) {
    $histories = $db->Query("SELECT h.*\n                        FROM  {history} h\n                   LEFT JOIN {tasks} t ON h.task_id = t.task_id\n                        WHERE {$where}\n                     ORDER BY {$orderby}", $params, Req::num('event_number', -1));
    $histories = $db->FetchAllArray($histories);
$page->uses('histories', 'sort');
Exemplo n.º 23
     $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
     Flyspray::logEvent($req_details['task_id'], 28, Req::val('deny_reason'));
     $notify->Create(NOTIFY_PM_DENY_REQUEST, $req_details['task_id'], Req::val('deny_reason'), null, NOTIFY_BOTH, $proj->prefs['lang_code']);
     $_SESSION['SUCCESS'] = L('pmreqdeniedmsg');
     // ##################
     // deny a new user request
     // ##################
 // ##################
 // deny a new user request
 // ##################
 case 'denyuserreq':
     if ($user->perms('is_admin')) {
         $db->Query("UPDATE  {admin_requests}\n                       SET  resolved_by = ?, time_resolved = ?, deny_reason = ?\n                     WHERE  request_id = ?", array($user->id, time(), Req::val('deny_reason'), Req::val('req_id')));
         // Wrong event constant
         Flyspray::logEvent(0, 28, Req::val('deny_reason'));
         //nee a new event number. need notification. fix smtp first
         // Missing notification constant, can't notify yet...
         $_SESSION['SUCCESS'] = "New user register request denied";
     // ##################
     // adding a dependency
     // ##################
 // ##################
 // adding a dependency
 // ##################
 case 'details.newdep':
     if (!$user->can_edit_task($task)) {
         //TODO: create a better error message
Exemplo n.º 24
    $amails = $db->x->getCol('SELECT email_address
                         FROM {users} u
                    LEFT JOIN {users_in_groups} g ON u.user_id = g.user_id
                        WHERE g.group_id = 1');
    $amails = array_map(create_function('$x', 'return str_replace("@", "#", $x);'), $amails);
    $page->assign('admin_emails', $amails);
// default title
$page->setTitle($fs->prefs['page_title'] . $proj->prefs['project_title']);
$page->assign('do', $do);
if (Flyspray::requestDuplicated()) {
    // Check that this page isn't being submitted twice
    FlysprayDo::error(array(ERROR_INPUT, L('error3')));
/* XXX:
 * there is something fishy in the new design, users actions
 * should never require the admin specific class.
$class = 'FlysprayDo' . $do;
$mode = new $class();
if (isset($_SESSION)) {
    // remove dupe data on error, since no submission happened
    if (isset($_SESSION['ERROR']) && isset($_SESSION['requests_hash'])) {
        $currentrequest = md5(serialize($_POST));
Exemplo n.º 25
    } else {
        // Determine if the user should be remembered on this machine
        if (Req::has('remember_login')) {
            $cookie_time = time() + 60 * 60 * 24 * 30;
            // Set cookies for 30 days
        } else {
            $cookie_time = 0;
            // Set cookies to expire when session ends (browser closes)
        $user = new User($user_id);
        // Set a couple of cookies
        $passweirded = md5($user->infos['user_pass'] . $conf['general']['cookiesalt']);
        Flyspray::setcookie('flyspray_userid', $user->id, $cookie_time);
        Flyspray::setcookie('flyspray_passhash', $passweirded, $cookie_time);
        // If the user had previously requested a password change, remove the magic url
        $remove_magic = $db->Query("UPDATE {users} SET magic_url = '' WHERE user_id = ?", array($user->id));
        // Save for displaying
        if ($user->infos['login_attempts'] > 0) {
            $_SESSION['login_attempts'] = $user->infos['login_attempts'];
        $db->Query('UPDATE {users} SET login_attempts = 0 WHERE user_id = ?', array($user->id));
        $_SESSION['SUCCESS'] = L('loginsuccessful');
} else {
    // If the user didn't provide both a username and a password, show this error:
Exemplo n.º 26
   This is the main script that everything else is included
   in.  Mostly what it does is check the user permissions
   to see what they have access to.
define('IN_FS', true);
require_once dirname(__FILE__) . '/header.php';
// Get available do-modes
$modes = str_replace('.php', '', array_map('basename', glob_compat(BASEDIR . "/scripts/*.php")));
$do = Req::enum('do', $modes, $proj->prefs['default_entry']);
if ($do == 'admin' && Req::has('switch') && Req::val('project') != '0') {
    $do = 'pm';
} elseif ($do == 'pm' && Req::has('switch') && Req::val('project') == '0') {
    $do = 'admin';
} elseif (Req::has('show') || Req::has('switch') && $do == 'details' || $do == 'newtask' && Req::val('project') == '0') {
    $do = 'index';
/* permission stuff */
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'), $proj);
} else {
    $user = new User(0, $proj);
if (Get::val('getfile')) {
    // If a file was requested, deliver it
    $result = $db->Query("SELECT  t.project_id,\n                                  a.orig_name, a.file_name, a.file_type, t.*\n                            FROM  {attachments} a\n                      INNER JOIN  {tasks}       t ON a.task_id = t.task_id\n                           WHERE  attachment_id = ?", array(Get::val('getfile')));
    $task = $db->FetchRow($result);
    list($proj_id, $orig_name, $file_name, $file_type) = $task;