function checkBugViewAuth($bugID, $requester) { $b = new bug(); $u = new user(); $p = new project(); $b->getAllByPK($bugID); $bug = $b->getNext(); if (isset($bug['bID'])) { if (isset($_SESSION['patrick_stewart']) && $_SESSION['patrick_stewart']) { // see gate for context return array(true, $bug['private']); // public bug, dummy } $whoami = $requester; if ($bug['private']) { // good query. $u->getAllByPK($bug['owner']); $owner = $u->getNext(); $u->getAllByPK($bug['reporter']); $reporter = $u->getNext(); $p->getAllByPK($bug['package']); $project = $p->getNext(); $oid = -10000; $rid = -10000; $pid = -10000; if (isset($owner['uID'])) { $oid = $owner['uID']; } if (isset($reporter['uID'])) { $rid = $reporter['uID']; } if (isset($project['oID'])) { $pid = $project['oID']; } if ($oid != $whoami && $rid != $whoami && $pid != $whoami) { return array(false, $bug['private']); } else { return array(true, $bug['private']); } } else { return array(true, $bug['private']); // public bug, dummy } } else { return array(false, false); // bug iz no good } /* if bug.private: check if is owner check if is reporter check if is asignee check if is project owner check if site administrator / staff any of the above: Yes, otherwise, no else: Yes Query bug, if it's public, don't give a shit. */ }
useScript("tablehover.js"); $Count = $PAGE_MAX_COUNT; if (isset($argv[2])) { $class = htmlentities($argv[1], ENT_QUOTES); $id = htmlentities($argv[2], ENT_QUOTES); // echo "Getting $id bugs filtering by $class"; } $b = new bug(); $b->getAll(); $u = new user(); $p = new project(); $TITLE = "Latest {$Count} bugs"; $i = 0; $CONTENT .= "<h1>Last {$Count} bugs filed</h1>"; $CONTENT .= "\n<table class = 'sortable' >\n\t<tr class = 'nobg' >\n\t\t<th>ID</th> <th> Status </th> <th> Severity </th> <th>Owner</th> <th>Project</th> <th>Private</th> <th>Title</th>\n\t</tr>\n"; while ($row = $b->getNext()) { $u->getAllByPK($row['owner']); $owner = $u->getNext(); if ($owner['uID'] <= 0) { $owner['real_name'] = "Nobody"; } $p->getAllByPK($row['package']); $package = $p->getNext(); if (isset($_SESSION['id'])) { $id = $_SESSION['id']; } else { $id = -1; // NOT -10000!!!!!! } $privacy = checkBugViewAuth($row['bID'], $id); if ($privacy[1]) {
$priv = true; } else { $priv = false; } $o = new user(); $p = new project(); $o->getByCol("username", $owner); $p->getByCol("project_name", $project); $own = $o->getNext(); $pkg = $p->getNext(); $projectID = $pkg['pID']; $ownerID = $own['uID']; $posted_data = array("bug_severity" => $sever, "bug_status" => $status, "package" => $projectID, "owner" => $ownerID, "title" => $title, "private" => $priv, "descr" => $descr); // print_r( $posted_data ); $b->getAllByPK($bugid); $row = $b->getNext(); // print_r( $row ); // searched bug /* --> $row should look like: ** NOTE: IGNORE THE [n] ETC! THEY ARE STUPID IF YOU DON'T QUERY FUR THEM ** Array ( [bID] => 1 <-- PK, bug ID [bug_status] => 1 <-- FK, status table by ID [bug_severity] => 1 <-- FK, severity table by ID [package] => 1 <-- FK, project table by pID [reporter] => 1 <-- FK, user table by uID [owner] => 0 <-- FK, user table by uID [title] => Whube is not done yet <-- Title [descr] => Whube is not done yet, of course! <-- Description ) */