# MantisBT - A PHP based bugtracking system # Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net # MantisBT is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # MantisBT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. form_security_validate( 'plugin_graph_config_edit' ); auth_reauthenticate( ); access_ensure_global_level( config_get( 'manage_plugin_threshold' ) ); $f_library = gpc_get_int( 'eczlibrary', ON ); $f_window_width = gpc_get_int( 'window_width', 800 ); $f_bar_aspect = (float) gpc_get_string( 'bar_aspect', '0.9' ); $f_summary_graphs_per_row = gpc_get_int( 'summary_graphs_per_row', 2 ); $f_jpgraph_antialias = gpc_get_int( 'jpgraph_antialias', ON ); $f_font = gpc_get_string( 'font', '' ); if ( plugin_config_get( 'eczlibrary' ) != $f_library ) { plugin_config_set( 'eczlibrary', $f_library );
/** * MantisBT Core API's */ require_once( 'core.php' ); require_api( 'access_api.php' ); require_api( 'authentication_api.php' ); require_api( 'config_api.php' ); require_api( 'constant_inc.php' ); require_api( 'database_api.php' ); require_api( 'form_api.php' ); require_api( 'helper_api.php' ); require_api( 'lang_api.php' ); require_api( 'print_api.php' ); require_api( 'user_api.php' ); form_security_validate( 'manage_user_prune' ); auth_reauthenticate(); access_ensure_global_level( config_get( 'manage_user_threshold' ) ); $t_user_table = db_get_table( 'user' ); # Delete the users who have never logged in and are older than 1 week $days_old = (int)7 * SECONDS_PER_DAY; $query = "SELECT id, access_level FROM $t_user_table WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" ); $result = db_query_bound($query, Array( db_now() ) );
* @uses database_api.php * @uses form_api.php * @uses gpc_api.php * @uses print_api.php */ /** @ignore */ define('PLUGINS_DISABLED', true); require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('database_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); form_security_validate('manage_plugin_update'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_plugin_threshold')); $t_plugin_table = db_get_table('plugin'); $t_query = "SELECT basename FROM {$t_plugin_table}"; $t_result = db_query_bound($t_query); while ($t_row = db_fetch_array($t_result)) { $t_basename = $t_row['basename']; $f_change = gpc_get_bool('change_' . $t_basename, 0); if (!$f_change) { continue; } $f_priority = gpc_get_int('priority_' . $t_basename, 3); $f_protected = gpc_get_bool('protected_' . $t_basename, 0); $t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param(); db_query_bound($t_query, array($f_priority, $f_protected, $t_basename));
# GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'email_api.php'; form_security_validate('signup'); $f_username = strip_tags(gpc_get_string('username')); $f_email = strip_tags(gpc_get_string('email')); $f_captcha = gpc_get_string('captcha', ''); $f_username = trim($f_username); $f_email = email_append_domain(trim($f_email)); $f_captcha = utf8_strtolower(trim($f_captcha)); # Retrieve captcha key now, as session might get cleared by logout $t_form_key = session_get_int(CAPTCHA_KEY, null); # force logout on the current user if already authenticated if (auth_is_user_authenticated()) { auth_logout(); } # Check to see if signup is allowed if (OFF == config_get_global('allow_signup')) { print_header_redirect('login_page.php');
# it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # MantisBT is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; /** * requires tag_api */ require_once 'tag_api.php'; form_security_validate('tag_detach'); $f_tag_id = gpc_get_int('tag_id'); $f_bug_id = gpc_get_int('bug_id'); tag_bug_detach($f_tag_id, $f_bug_id); event_signal('EVENT_TAG_DETACHED', array($f_bug_id, array($f_tag_id))); form_security_purge('tag_detach'); print_successful_redirect_to_bug($f_bug_id);
# (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: manage_custom_field_delete.php,v 1.17.2.1 2007-10-13 22:33:27 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'custom_field_api.php'; form_security_validate('manage_custom_field_delete'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_custom_fields_threshold')); $f_field_id = gpc_get_int('field_id'); $f_return = strip_tags(gpc_get_string('return', 'manage_custom_field_page.php')); $t_definition = custom_field_get_definition($f_field_id); if (0 < count(custom_field_get_project_ids($f_field_id))) { helper_ensure_confirmed(lang_get('confirm_used_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button')); } else { helper_ensure_confirmed(lang_get('confirm_custom_field_deletion') . '<br/>' . lang_get('custom_field') . ': ' . string_attribute($t_definition['name']), lang_get('field_delete_button')); } custom_field_destroy($f_field_id); form_security_purge('manage_custom_field_delete'); html_page_top1(); html_meta_redirect($f_return); html_page_top2();
# You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'news_api.php'; require_once 'print_api.php'; news_ensure_enabled(); form_security_validate('news_add'); access_ensure_project_level(config_get('manage_news_threshold')); $f_view_state = gpc_get_int('view_state'); $f_headline = gpc_get_string('headline'); $f_announcement = gpc_get_bool('announcement'); $f_body = gpc_get_string('body'); $t_news_id = news_create(helper_get_current_project(), auth_get_current_user_id(), $f_view_state, $f_announcement, $f_headline, $f_body); form_security_purge('news_add'); $t_news_row = news_get_row($t_news_id); html_page_top(); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />';
*/ require_once( 'core.php' ); require_api( 'authentication_api.php' ); require_api( 'constant_inc.php' ); require_api( 'database_api.php' ); require_api( 'error_api.php' ); require_api( 'form_api.php' ); require_api( 'gpc_api.php' ); require_api( 'html_api.php' ); require_api( 'lang_api.php' ); require_api( 'print_api.php' ); define( 'PRINT_ALL_BUG_OPTIONS_INC_ALLOW', true ); include( dirname( __FILE__ ) . DIRECTORY_SEPARATOR . 'print_all_bug_options_inc.php' ); form_security_validate( 'print_all_bug_options_update' ); auth_ensure_user_authenticated(); $f_user_id = gpc_get_int( 'user_id' ); $f_redirect_url = gpc_get_string( 'redirect_url' ); # the check for the protected state is already done in the form, there is # no need to duplicate it here. # get the fields list $t_field_name_arr = get_field_names(); $field_name_count = count($t_field_name_arr); # check the checkboxes for ($i=0 ; $i <$field_name_count ; $i++) {
* @uses lang_api.php * @uses print_api.php * @uses project_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('manage_user_proj_delete'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id'); user_ensure_exists($f_user_id); $t_user = user_get_row($f_user_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); access_ensure_project_level($t_user['access_level'], $f_project_id); $t_project_name = project_get_name($f_project_id); # Confirm with the user helper_ensure_confirmed(lang_get('remove_user_sure_msg') . '<br/>' . lang_get('project_name_label') . lang_get('word_separator') . $t_project_name, lang_get('remove_user_button')); project_remove_user($f_project_id, $f_user_id); form_security_purge('manage_user_proj_delete'); $t_redirect_url = 'manage_user_edit_page.php?user_id=' . $f_user_id; html_page_top(null, $t_redirect_url); html_operation_successful($t_redirect_url);
* This page stores the reported bug * * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'string_api.php'; require_once 'file_api.php'; require_once 'bug_api.php'; require_once 'custom_field_api.php'; form_security_validate('bug_report'); $t_project_id = null; $f_master_bug_id = gpc_get_int('m_id', 0); if ($f_master_bug_id > 0) { bug_ensure_exists($f_master_bug_id); if (bug_is_readonly($f_master_bug_id)) { error_parameters($f_master_bug_id); trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR); } $t_master_bug = bug_get($f_master_bug_id, true); project_ensure_exists($t_master_bug->project_id); access_ensure_bug_level(config_get('update_bug_threshold', null, null, $t_master_bug->project_id), $f_master_bug_id); $t_project_id = $t_master_bug->project_id; } else { $f_project_id = gpc_get_int('project_id'); project_ensure_exists($f_project_id);
* MantisBT Core API's */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('bug_api.php'); require_api('bugnote_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('error_api.php'); require_api('event_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); require_api('string_api.php'); form_security_validate('bugnote_update'); $f_bugnote_id = gpc_get_int('bugnote_id'); $f_bugnote_text = gpc_get_string('bugnote_text', ''); $f_time_tracking = gpc_get_string('time_tracking', '0:00'); # Check if the current user is allowed to edit the bugnote $t_user_id = auth_get_current_user_id(); $t_reporter_id = bugnote_get_field($f_bugnote_id, 'reporter_id'); if ($t_user_id == $t_reporter_id) { access_ensure_bugnote_level(config_get('bugnote_user_edit_threshold'), $f_bugnote_id); } else { access_ensure_bugnote_level(config_get('update_bugnote_threshold'), $f_bugnote_id); } # Check if the bug is readonly $t_bug_id = bugnote_get_field($f_bugnote_id, 'bug_id'); if (bug_is_readonly($t_bug_id)) { error_parameters($t_bug_id);
* @uses lang_api.php * @uses print_api.php */ /** * MantisBT Core API's */ require_once 'core.php'; require_api('authentication_api.php'); require_api('compress_api.php'); require_api('filter_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); form_security_validate('query_delete'); auth_ensure_user_authenticated(); compress_enable(); $f_query_id = gpc_get_int('source_query_id'); $t_redirect_url = 'query_view_page.php'; if (!filter_db_can_delete_filter($f_query_id)) { print_header_redirect($t_redirect_url); } else { html_page_top(); filter_db_delete_filter($f_query_id); form_security_purge('query_delete'); ?> <br /> <div class="center"> <strong><?php print filter_db_get_name($f_query_id) . ' ' . lang_get('query_deleted');
* @uses lang_api.php * @uses print_api.php * @uses user_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('user_api.php'); form_security_validate('manage_user_reset'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_user_threshold')); $f_user_id = gpc_get_int('user_id'); user_ensure_exists($f_user_id); $t_user = user_get_row($f_user_id); # Ensure that the account to be reset is of equal or lower access to the # current user. access_ensure_global_level($t_user['access_level']); # If the password can be changed, we reset it, otherwise we unlock # the account (i.e. reset failed login count) $t_reset = helper_call_custom_function('auth_can_change_password', array()); if ($t_reset) { $t_result = user_reset_password($f_user_id); } else { $t_result = user_reset_failed_login_count_to_zero($f_user_id);
* @uses config_api.php * @uses constant_inc.php * @uses form_api.php * @uses gpc_api.php * @uses helper_api.php * @uses lang_api.php * @uses print_api.php * @uses project_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('adm_config_delete'); $f_user_id = gpc_get_int('user_id'); $f_project_id = gpc_get_int('project_id'); $f_config_option = gpc_get_string('config_option'); access_ensure_global_level(config_get('set_configuration_threshold')); if ($f_project_id != ALL_PROJECTS) { project_ensure_exists($f_project_id); } helper_ensure_confirmed(lang_get('delete_config_sure_msg'), lang_get('delete_link')); config_delete($f_config_option, $f_user_id, $f_project_id); form_security_purge('adm_config_delete'); print_successful_redirect('adm_config_report.php');
# GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'custom_field_api.php'; form_security_validate('manage_proj_custom_field_add_existing'); auth_reauthenticate(); $f_field_id = gpc_get_int('field_id'); $f_project_id = gpc_get_int('project_id'); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id); custom_field_link($f_field_id, $f_project_id); form_security_purge('manage_proj_custom_field_add_existing'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top(null, $t_redirect_url); ?> <br />
*/ /** * MantisBT Core API's */ require_once( 'core.php' ); require_api( 'access_api.php' ); require_api( 'authentication_api.php' ); require_api( 'config_api.php' ); require_api( 'constant_inc.php' ); require_api( 'form_api.php' ); require_api( 'gpc_api.php' ); require_api( 'print_api.php' ); require_api( 'project_api.php' ); form_security_validate( 'manage_proj_user_copy' ); auth_reauthenticate(); $f_project_id = gpc_get_int( 'project_id' ); $f_other_project_id = gpc_get_int( 'other_project_id' ); $f_copy_from = gpc_get_bool( 'copy_from' ); $f_copy_to = gpc_get_bool( 'copy_to' ); if ( $f_copy_from ) { $t_src_project_id = $f_other_project_id; $t_dst_project_id = $f_project_id; } else if ( $f_copy_to ) { $t_src_project_id = $f_project_id; $t_dst_project_id = $f_other_project_id; } else {
* @uses html_api.php * @uses lang_api.php * @uses news_api.php * @uses print_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('news_api.php'); require_api('print_api.php'); news_ensure_enabled(); form_security_validate('news_update'); $f_news_id = gpc_get_int('news_id'); $f_project_id = gpc_get_int('project_id'); $f_view_state = gpc_get_int('view_state'); $f_headline = gpc_get_string('headline'); $f_announcement = gpc_get_string('announcement', ''); $f_body = gpc_get_string('body', ''); $row = news_get_row($f_news_id); # Check both the old project and the new project access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']); access_ensure_project_level(config_get('manage_news_threshold'), $f_project_id); news_update($f_news_id, $f_project_id, $f_view_state, $f_announcement, $f_headline, $f_body); form_security_purge('news_update'); html_page_top(); echo '<div class="success-msg">'; echo lang_get('operation_successful');
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * Insert the bugnote into the database then redirect to the bug page * * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'bug_api.php'; require_once 'bugnote_api.php'; form_security_validate('bugnote_add'); $f_bug_id = gpc_get_int('bug_id'); $f_private = gpc_get_bool('private'); $f_time_tracking = gpc_get_string('time_tracking', '0:00'); $f_bugnote_text = trim(gpc_get_string('bugnote_text', '')); $t_bug = bug_get($f_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) { # in case the current project is not the same project of the bug we are viewing... # ... override the current project. This to avoid problems with categories and handlers lists etc. $g_project_override = $t_bug->project_id; } if (bug_is_readonly($f_bug_id)) { error_parameters($f_bug_id); trigger_error(ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR); } access_ensure_bug_level(config_get('add_bugnote_threshold'), $f_bug_id);
* @uses config_api.php * @uses event_api.php * @uses form_api.php * @uses gpc_api.php * @uses print_api.php * @uses project_api.php */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('event_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); require_api('project_api.php'); form_security_validate('manage_proj_update'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_name = gpc_get_string('name'); $f_description = gpc_get_string('description'); $f_status = gpc_get_int('status'); $f_view_state = gpc_get_int('view_state'); $f_file_path = gpc_get_string('file_path', ''); $f_enabled = gpc_get_bool('enabled'); $f_inherit_global = gpc_get_bool('inherit_global', 0); access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); project_update($f_project_id, $f_name, $f_description, $f_status, $f_view_state, $f_file_path, $f_enabled, $f_inherit_global); event_signal('EVENT_MANAGE_PROJECT_UPDATE', array($f_project_id)); form_security_purge('manage_proj_update'); print_header_redirect('manage_proj_page.php');
require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); require_api('utility_api.php'); require_api('version_api.php'); auth_ensure_user_authenticated(); helper_begin_long_process(); $f_action = gpc_get_string('action'); $f_custom_field_id = gpc_get_int('custom_field_id', 0); $f_bug_arr = gpc_get_int_array('bug_arr', array()); $f_bug_notetext = gpc_get_string('bugnote_text', ''); $f_bug_noteprivate = gpc_get_bool('private'); $t_form_name = 'bug_actiongroup_' . $f_action; form_security_validate($t_form_name); $t_custom_group_actions = config_get('custom_group_actions'); foreach ($t_custom_group_actions as $t_custom_group_action) { if ($f_action == $t_custom_group_action['action']) { require_once $t_custom_group_action['action_page']; exit; } } $t_failed_ids = array(); if (0 != $f_custom_field_id) { $t_custom_field_def = custom_field_get_definition($f_custom_field_id); } foreach ($f_bug_arr as $t_bug_id) { bug_ensure_exists($t_bug_id); $t_bug = bug_get($t_bug_id, true); if ($t_bug->project_id != helper_get_current_project()) {
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'news_api.php'; require_once 'string_api.php'; news_ensure_enabled(); $f_news_id = gpc_get_int('news_id'); $f_action = gpc_get_string('action', ''); # If deleting item redirect to delete script if ('delete' == $f_action) { form_security_validate('news_delete'); $row = news_get_row($f_news_id); # This check is to allow deleting of news items that were left orphan due to bug #3723 if (project_exists($row['project_id'])) { access_ensure_project_level(config_get('manage_news_threshold'), $row['project_id']); } helper_ensure_confirmed(lang_get('delete_news_sure_msg'), lang_get('delete_news_item_button')); news_delete($f_news_id); form_security_purge('news_delete'); print_header_redirect('news_menu_page.php', true); } # Retrieve news item data and prefix with v_ $row = news_get_row($f_news_id); if ($row) { extract($row, EXTR_PREFIX_ALL, 'v'); }
*/ require_once 'core.php'; require_api('authentication_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('current_user_api.php'); require_api('email_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('string_api.php'); require_api('user_api.php'); require_api('utility_api.php'); form_security_validate('account_update'); auth_ensure_user_authenticated(); current_user_ensure_unprotected(); $f_email = gpc_get_string('email', ''); $f_realname = gpc_get_string('realname', ''); $f_password = gpc_get_string('password', ''); $f_password_confirm = gpc_get_string('password_confirm', ''); // get the user id once, so that if we decide in the future to enable this for // admins / managers to change details of other users. $t_user_id = auth_get_current_user_id(); $t_redirect = 'account_page.php'; $t_email_updated = false; $t_password_updated = false; $t_realname_updated = false; /** @todo Listing what fields were updated is not standard behaviour of MantisBT - it also complicates the code. */ if (OFF == config_get('use_ldap_email')) {
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; form_security_validate('manage_proj_subproj_delete'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_subproject_id = gpc_get_int('subproject_id'); access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); project_hierarchy_remove($f_subproject_id, $f_project_id); form_security_purge('manage_proj_subproj_delete'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top(null, $t_redirect_url); ?> <br /> <div align="center"> <?php echo lang_get('operation_successful') . '<br />'; print_bracket_link($t_redirect_url, lang_get('proceed')); ?>
/** * MantisBT Core API's */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('config_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('helper_api.php'); require_api('html_api.php'); require_api('lang_api.php'); require_api('print_api.php'); require_api('project_api.php'); require_api('user_api.php'); form_security_validate('manage_proj_user_remove'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_user_id = gpc_get_int('user_id', 0); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('project_user_threshold'), $f_project_id); if (0 == $f_user_id) { # Confirm with the user helper_ensure_confirmed(lang_get('remove_all_users_sure_msg'), lang_get('remove_all_users_button')); project_remove_all_users($f_project_id, access_get_project_level($f_project_id)); } else { # Don't allow removal of users from the project who have a higher access level than the current user access_ensure_project_level(access_get_project_level($f_project_id, $f_user_id), $f_project_id);
* @uses print_api.php */ /** * MantisBT Core API's */ require_once 'core.php'; require_api('access_api.php'); require_api('authentication_api.php'); require_api('columns_api.php'); require_api('config_api.php'); require_api('constant_inc.php'); require_api('current_user_api.php'); require_api('form_api.php'); require_api('gpc_api.php'); require_api('print_api.php'); form_security_validate('manage_columns_copy'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_other_project_id = gpc_get_int('other_project_id'); $f_copy_from = gpc_get_bool('copy_from'); $f_copy_to = gpc_get_bool('copy_to'); $f_manage_page = gpc_get_bool('manage_page'); if ($f_copy_from) { $t_src_project_id = $f_other_project_id; $t_dst_project_id = $f_project_id; } else { if ($f_copy_to) { $t_src_project_id = $f_project_id; $t_dst_project_id = $f_other_project_id; } else { trigger_error(ERROR_GENERIC, ERROR);
* * Slack Integration is free software; you can redistribute it and/or * modify it under the terms of the GNU General Public License 2 * as published by the Free Software Foundation. * * Slack Integration is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU General Public License for more details. * * You should have received a copy of the GNU General Public License * along with Slack Integration; if not, write to the Free Software * Foundation, Inc., 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA * or see http://www.gnu.org/licenses/. */ form_security_validate('plugin_Slack_config_edit'); auth_reauthenticate(); access_ensure_global_level(config_get('manage_plugin_threshold')); $f_url_webhook = gpc_get_string('url_webhook'); $f_bot_name = gpc_get_string('bot_name'); $f_bot_icon = gpc_get_string('bot_icon'); $f_skip_bulk = gpc_get_bool('skip_bulk'); $f_default_channel = gpc_get_string('default_channel'); if (plugin_config_get('url_webhook') != $f_url_webhook) { plugin_config_set('url_webhook', $f_url_webhook); } if (plugin_config_get('bot_name') != $f_bot_name) { plugin_config_set('bot_name', $f_bot_name); } if (plugin_config_get('bot_icon') != $f_bot_icon) { plugin_config_set('bot_icon', $f_bot_icon);
# You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * This page updates the users profile information then redirects to * account_prof_menu_page.php * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2014 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'profile_api.php'; form_security_validate('profile_update'); auth_ensure_user_authenticated(); current_user_ensure_unprotected(); $f_action = gpc_get_string('action'); if ($f_action != 'add') { $f_profile_id = gpc_get_int('profile_id'); # Make sure user did select an existing profile from the list if ($f_action != 'make_default' && $f_profile_id == 0) { error_parameters(lang_get('select_profile')); trigger_error(ERROR_EMPTY_FIELD, ERROR); } } switch ($f_action) { case 'edit': form_security_purge('profile_update'); print_header_redirect('account_prof_edit_page.php?profile_id=' . $f_profile_id);
# (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: manage_proj_ver_add.php,v 1.31.2.1 2007-10-13 22:33:45 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; $t_core_path = config_get('core_path'); require_once $t_core_path . 'version_api.php'; form_security_validate('manage_proj_ver_add'); auth_reauthenticate(); $f_project_id = gpc_get_int('project_id'); $f_version = gpc_get_string('version'); $f_add_and_edit = gpc_get_bool('add_and_edit_version'); access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); if (is_blank($f_version)) { trigger_error(ERROR_EMPTY_FIELD, ERROR); } # We reverse the array so that if the user enters multiple versions # they will likely appear with the last item entered at the top of the list # (i.e. in reverse chronological order). Unless we find a way to make the # date_order fields different for each one, however, this is fragile, since # the DB may actually pull the rows out in any order $t_versions = array_reverse(explode('|', $f_version)); $t_version_count = count($t_versions);
# GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with MantisBT. If not, see <http://www.gnu.org/licenses/>. /** * @package MantisBT * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org * @copyright Copyright (C) 2002 - 2012 MantisBT Team - mantisbt-dev@lists.sourceforge.net * @link http://www.mantisbt.org */ /** * MantisBT Core API's */ require_once 'core.php'; require_once 'custom_field_api.php'; form_security_validate('manage_proj_custom_field_update'); auth_reauthenticate(); $f_field_id = gpc_get_int('field_id'); $f_project_id = gpc_get_int('project_id'); $f_sequence = gpc_get_int('sequence'); # We should check both since we are in the project section and an # admin might raise the first threshold and not realize they need # to raise the second access_ensure_project_level(config_get('manage_project_threshold'), $f_project_id); access_ensure_project_level(config_get('custom_field_link_threshold'), $f_project_id); custom_field_set_sequence($f_field_id, $f_project_id, $f_sequence); form_security_purge('manage_proj_custom_field_update'); $t_redirect_url = 'manage_proj_edit_page.php?project_id=' . $f_project_id; html_page_top(null, $t_redirect_url); ?> <br />
# it under the terms of the GNU General Public License as published by # the Free Software Foundation, either version 2 of the License, or # (at your option) any later version. # # Mantis is distributed in the hope that it will be useful, # but WITHOUT ANY WARRANTY; without even the implied warranty of # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the # GNU General Public License for more details. # # You should have received a copy of the GNU General Public License # along with Mantis. If not, see <http://www.gnu.org/licenses/>. # -------------------------------------------------------- # $Id: manage_custom_field_proj_add.php,v 1.2.2.1 2007-10-13 22:33:29 giallu Exp $ # -------------------------------------------------------- require_once 'core.php'; form_security_validate('manage_custom_field_proj_add'); auth_reauthenticate(); $f_field_id = gpc_get_int('field_id'); $f_project_id = gpc_get_int_array('project_id', array()); $f_sequence = gpc_get_int('sequence'); $t_manage_project_threshold = config_get('manage_project_threshold'); foreach ($f_project_id as $t_proj_id) { if (access_has_project_level($t_manage_project_threshold, $t_proj_id)) { if (!custom_field_is_linked($f_field_id, $t_proj_id)) { custom_field_link($f_field_id, $t_proj_id); } custom_field_set_sequence($f_field_id, $t_proj_id, $f_sequence); } } form_security_purge('manage_custom_field_proj_add'); print_header_redirect('manage_custom_field_edit_page.php?field_id=' . $f_field_id);