function sendNotifications()
{
if (!array_key_exists('command', $_REQUEST)) {
echo json_encode(array('success' => false, 'message' => 'Missing parameters'));
exit;
}
$command = $_REQUEST['command'];
switch ($command) {
case 'statusNotify':
if (!array_key_exists('workitem', $_REQUEST)) {
echo json_encode(array('success' => false, 'message' => 'Missing parameters'));
exit;
}
$workitem_id = (int) $_REQUEST['workitem'];
$workitem = new WorkItem();
$workitem->loadById($workitem_id);
Notification::statusNotify($workitem);
error_log('api.php: statusNotify completed');
break;
}
echo json_encode(array('success' => true, 'message' => 'Notifications sent'));
}
public static function getById($id)
{
$workitem = new WorkItem();
$workitem->loadById($id);
return $workitem;
}
/**
* Used on github authorization between projects and users (see github.js)
* Code moved from the old /GitHub.php file
*/
public function connect()
{
$GitHub = new User(Session::uid());
$workitem = new WorkItem();
$workitem->loadById((int) $_GET['job']);
$projectId = $workitem->getProjectId();
$project = new Project($projectId);
$connectResponse = $GitHub->processConnectResponse($project);
if (!$connectResponse['error']) {
if ($GitHub->storeCredentials($connectResponse['data']['access_token'], $project->getGithubId())) {
$journal_message = sprintf("%s has been validated for project ##%s##", $GitHub->getNickname(), $project->getName());
Utils::systemNotification($journal_message);
Utils::redirect('./' . $workitem->getId());
} else {
// Something went wrong updating the users details, close this window and
// display a proper error message to the user
$message = 'Something went wrong and we could not complete the authorization process with GitHub. Please try again.';
}
} else {
// We have an error on the response, close this window and display an error message
// to the user
$message = 'We received an error when trying to complete the authorization process with GitHub. Please notify a member of the O-Team for assistance.';
}
echo $message;
}
public function pull_request($payload)
{
$headLabel = $payload->pull_request->head->label;
$labelComponents = explode(':', $headLabel);
$jobNumber = trim($labelComponents[1]);
// Try to extract job number from head repository label
if (preg_match('/^[0-9]{3,}$/', $labelComponents[1])) {
$workItem = new WorkItem();
// We have what looks like a workitem number, see if it exists
// and if it does, we set job to completed and post comment to
// journal
if ($workItem->idExists($jobNumber) && $payload->pull_request->state == 'closed') {
$workItem->loadById($jobNumber);
$pullRequestNumber = $payload->pull_request->number;
$pullRequestURL = $payload->pull_request->html_url;
$pullRequestBase = $payload->pull_request->base->label;
$pullRequestStatus = $payload->pull_request->merged == 'true' ? "closed and merged" : "closed but not merged";
$message = "#{$jobNumber} - Pull request {$pullRequestNumber}\n\n" . "({$pullRequestURL}) has been {$pullRequestStatus} into {$pullRequestBase}";
Utils::systemNotification($message);
if ($payload->pull_request->merged == 'true') {
$journal_message = "Job #" . $jobNumber . ' has been automatically set to *Merged*';
Utils::systemNotification($journal_message);
$workItem->setStatus('Completed');
$workItem->addFeesToCompletedJob(true);
$workItem->save();
}
}
}
}
public function scanFile($id)
{
set_time_limit(15 * 60);
//scan_files = array();
$sql_get_files = 'SELECT `id`, `userid`,(SELECT `username` FROM `' . USERS . '` where `id`=files.userid)
AS `useremail`, files.workitem AS `worklist_id`, `url`, `title`, `description`
FROM `' . FILES . '` WHERE id=' . $id;
$result = mysql_query($sql_get_files);
$row = mysql_fetch_assoc($result);
// Get the file name.
$file_name = pathinfo(parse_url($row['url'], PHP_URL_PATH), PATHINFO_BASENAME);
// Get the full path and prepare it for the command line.
$real_path = UPLOAD_PATH . '/' . $file_name;
$safe_path = escapeshellarg($real_path);
// Reset the values.
$return = -1;
$out = '';
$cmd = VIRUS_SCAN_CMD . ' ' . $safe_path;
$fct_return = false;
if (!empty($safe_path) && file_exists($real_path) && filesize($real_path) > 0) {
// Execute the command.
exec($cmd, $out, $return);
if ($return == 0) {
//if clean update db
$sql = 'UPDATE `' . FILES . '` SET is_scanned = 1, scan_result = 0 WHERE `id` = ' . $id;
$notify = '';
$fct_return = true;
} else {
$workitem = new WorkItem();
$workitem->loadById($row['worklist_id']);
if ($return == 1) {
// If the file contains a virus send email to the user and update db.
$notify = 'virus-found';
$sql = 'UPDATE `' . FILES . '` SET is_scanned = 1, scan_result = 1 WHERE `id` = ' . $id;
} else {
// <unknown error
$notify = 'virus-error';
$sql = 'UPDATE `' . FILES . '` SET is_scanned = 1, scan_result = 2 WHERE `id` = ' . $id;
}
}
if (mysql_query($sql)) {
// send mail if there's a problem
if (!empty($notify)) {
Notification::workitemNotify(array('type' => $notify, 'workitem' => $workitem, 'emails' => array($row['useremail']), 'file_name' => $file_name, 'file_title' => $row['title']));
if (!Utils::send_email($row['title'], $subject, $message)) {
//Don't fail silently if we can't send the message also
error_log("cron ScanAssets: Utils::send_email failed, msg: " . $message);
}
}
} else {
error_log('error SQL');
}
}
return $fct_return;
}
public function add($reference = '', $isW9 = false)
{
try {
$user = User::find(Session::uid());
if (!$user->getId()) {
return $this->setOutput(array('success' => false, 'message' => 'Not enough rights!'));
}
// Upload data can be POST'ed as raw form data or uploaded via <iframe> and <form>
// using regular multipart/form-data enctype (which is handled by PHP $_FILES).
if (!empty($_FILES['fd-file']) and is_uploaded_file($_FILES['fd-file']['tmp_name'])) {
// Regular multipart/form-data upload.
$name = $_FILES['fd-file']['name'];
$source = fopen($_FILES['fd-file']['tmp_name'], 'r');
$ext = end(explode(".", $name));
$fileName = File::uniqueFilename($ext);
} else {
// Raw POST data.
$name = urldecode(@$_SERVER['HTTP_X_FILE_NAME']);
$source = fopen('php://input', 'r');
$ext = end(explode(".", $name));
$fileName = File::uniqueFilename($ext);
}
$path = UPLOAD_PATH . '/' . $fileName;
$dest = fopen($path, 'w');
while (!feof($source)) {
$chunk = fread($source, 1024);
fwrite($dest, $chunk);
}
fclose($source);
fclose($dest);
$finfo = new finfo(FILEINFO_MIME_TYPE);
$mime = $finfo->file($path);
$title = basename($name);
$url = SERVER_URL . 'uploads/' . $fileName;
$workitem = is_numeric($reference) ? (int) $reference : null;
$projectid = null;
if (is_null($workitem) && strlen(trim($reference))) {
$project = new Project();
if ($project->loadByName(trim($reference))) {
$projectid = $project->getProjectId();
}
}
$file = new File();
$file->setMime($mime)->setUserid($_SESSION['userid'])->setWorkitem($workitem)->setProjectId($projectid)->setTitle($title)->setUrl($url);
$success = $file->save();
$icon = File::getIconFromMime($file->getMime());
if ($icon === false) {
$filetype = 'image';
$icon = 'images/icons/default.png';
}
if ($workitem) {
$workitem_attached = new WorkItem();
$workitem_attached->loadById($workitem);
$journal_message = '@' . $user->getNickname() . ' uploaded an [attachment](' . $file->getUrl() . ') to #' . $workitem;
Utils::systemNotification($journal_message);
}
$isW9 = (bool) $isW9;
if ($isW9) {
Notification::sendW9Request($user, $file->getUrl());
$user->setW9_status('pending-approval');
$user->save();
}
return $this->setOutput(array('success' => true, 'fileid' => $file->getId(), 'url' => $file->getUrl(), 'icon' => $icon, 'title' => $file->getTitle(), 'description' => '', 'filetype' => isset($filetype) ? $filetype : '', 'can_delete' => $isW9 ? false : true));
} catch (Exception $e) {
error_log($e->getMessage());
return $this->setOutput(array('success' => false, 'message' => 'An error occured while uploading to ' . $path . ' please try again!'));
}
}
private function withdrawBid($bid_id, $withdraw_reason)
{
$res = mysql_query('SELECT * FROM `' . BIDS . '` WHERE `id`=' . $bid_id);
$bid = mysql_fetch_object($res);
// checking if is bidder or runner
if (!empty($_SESSION['is_runner']) || $bid->bidder_id == $_SESSION['userid']) {
// getting the job
$res = mysql_query('SELECT * FROM `' . WORKLIST . '` WHERE `id` = ' . $bid->worklist_id);
$job = mysql_fetch_assoc($res);
if (!in_array($job['status'], array('Draft', 'Suggestion', 'Bidding', 'Done'))) {
$creator_fee_desc = 'Creator';
$runner_fee_desc = 'Runner';
$WorkItem = new WorkItem($bid->worklist_id);
$fees = $WorkItem->getFees($WorkItem->getId());
foreach ($fees as $fee) {
if ($fee['desc'] == $creator_fee_desc) {
$this->deleteFee($fee['id']);
}
if ($fee['desc'] == $runner_fee_desc) {
$this->deleteFee($fee['id']);
}
}
}
// additional changes if status is WORKING, SVNHOLD, FUNCTIONAL or REVIEW
if (($job['status'] == 'In Progress' || $job['status'] == 'Review' || $job['status'] == 'QA Ready') && $bid->accepted == 1 && (!empty($_SESSION['is_runner']) || $bid->bidder_id == $_SESSION['userid'])) {
// change status of worklist item
mysql_unbuffered_query("UPDATE `" . WORKLIST . "`\n SET `mechanic_id` = '0',\n `status` = 'Bidding'\n WHERE `id` = {$bid->worklist_id}\n LIMIT 1 ;");
}
// set back to suggested if swb and is only bid
$res = mysql_query('SELECT count(*) AS count_bids FROM `' . BIDS . '` WHERE `worklist_id` = ' . $job['id'] . ' AND `withdrawn` = 0');
$bidCount = mysql_fetch_assoc($res);
if ($bidCount['count_bids'] == 1 && $job['status'] == 'Bidding' && $bid->bidder_id == $_SESSION['userid'] && ($job['runner_id'] = 0)) {
mysql_unbuffered_query("UPDATE `" . WORKLIST . "` SET `status` = 'Suggestion' WHERE `id` = {$bid->worklist_id} LIMIT 1 ;");
}
// change bid to withdrawn and set bids.accepted to 0
mysql_unbuffered_query('UPDATE `' . BIDS . '`
SET `withdrawn` = 1 , `accepted` = 0
WHERE `id` = ' . $bid->id);
// delete the fee entry for this bid
mysql_unbuffered_query('UPDATE `' . FEES . '`
SET `withdrawn` = 1
WHERE `worklist_id` = ' . $bid->worklist_id . '
AND `user_id` = ' . $bid->bidder_id . '
AND `bid_id` = ' . $bid->id);
// Get user
$user = User::find($bid->bidder_id);
// Journal message
$message = 'A bid was deleted from #' . $job['id'];
// Journal notification
Utils::systemNotification($message);
// Sending email to the bidder or runner
$subject = "Bid: " . $job['id'] . " (" . $job['summary'] . ")";
if (!empty($_SESSION['is_runner'])) {
// Send to bidder
$recipient = $user;
$body = "<p>Your bid has been deleted from item #" . $job['id'] . " by: " . $_SESSION['nickname'] . "</p>";
} else {
// Send to runner
$recipient = User::find($job['runner_id']);
$body = "<p>A bid has been deleted from item #" . $job['id'] . " by: " . $_SESSION['nickname'] . "</p>";
}
if (strlen($withdraw_reason) > 0) {
// nl2br is added for proper formatting in email alert 12-MAR-2011 <webdev>
$body .= "<p>Reason: " . nl2br($withdraw_reason) . "</p>";
}
// Continue adding text to email body
$item_link = SERVER_URL . $bid->worklist_id;
$body .= "<p><a href='{$item_link}'>View Item</a></p>";
$body .= "<p>If you think this has been done in error, please contact the job Runner.</p>";
if (!Utils::send_email($recipient->getUsername(), $subject, $body)) {
error_log("withdrawBid: Utils::send_email failed");
}
// Check if there are any active bids remaining
$res = mysql_query("SELECT count(*) AS active_bids FROM `" . BIDS . "` WHERE `worklist_id` = " . $job['id'] . " AND `withdrawn` = 0 AND (NOW() < `bid_expires` OR `bid_expires`='0000-00-00 00:00:00')");
$bids = mysql_fetch_assoc($res);
if ($bids['active_bids'] < 1) {
// There are no active bids, so resend notifications
$workitem = new WorkItem();
$workitem->loadById($job['id']);
Notification::massStatusNotify($workitem);
}
}
}
