public function getIssueIDs($options) { // Build the Sphinx client $this->sphinx->SetSortMode(SPH_SORT_RELEVANCE); // $this->sphinx->SetWeights(array(1, 1)); $this->sphinx->SetLimits(0, 500, 100000); $this->sphinx->SetArrayResult(true); if (empty($options['match_mode'])) { $options['match_mode'] = SPH_MATCH_ALL; } $this->sphinx->SetMatchMode($options['match_mode']); $this->sphinx->SetFilter('prj_id', array(Auth::getCurrentProject())); // TODO: Add support for selecting indexes to search $indexes = implode('; ', $this->getIndexes(Auth::getCurrentRole() > User::ROLE_CUSTOMER)); if (isset($options['customer_id']) && !empty($options['customer_id'])) { $this->sphinx->SetFilter('customer_id', array($options['customer_id'])); } $this->keywords = $options['keywords']; $this->match_mode = $options['match_mode']; $res = $this->sphinx->Query($options['keywords'], $indexes); // TODO: report these somehow back to the UI // probably easy to do with Logger framework (add new handler?) if (method_exists($this->sphinx, 'IsConnectError') && $this->sphinx->IsConnectError()) { Logger::app()->error('sphinx_fulltext_search: Network Error'); } if ($this->sphinx->GetLastWarning()) { Logger::app()->warning('sphinx_fulltext_search: ' . $this->sphinx->GetLastWarning()); } if ($this->sphinx->GetLastError()) { Logger::app()->error('sphinx_fulltext_search: ' . $this->sphinx->GetLastError()); } $issue_ids = array(); if (isset($res['matches'])) { foreach ($res['matches'] as $match_details) { // Variable translation $match_id = $match_details['id']; $issue_id = $match_details['attrs']['issue_id']; $weight = $match_details['weight']; $index_id = $match_details['attrs']['index_id']; // if sphinx returns 0 as a weight, make it one because it // did find a match in the result set if ($weight <= 0) { $weight = 1; } $index_name = $this->getIndexNameByID($index_id); $this->matches[$issue_id][] = array('weight' => $weight, 'index' => $index_name, 'match_id' => $match_id); $issue_ids[] = $issue_id; } } return $issue_ids; }
/** * Method used to get the list of changes made against a specific issue. * * @param integer $iss_id The issue ID * @param string $order_by The order to sort the history * @return array The list of changes */ public static function getListing($iss_id, $order_by = 'DESC') { $order_by = DB_Helper::orderBy($order_by); $stmt = "SELECT\n *\n FROM\n {{%issue_history}},\n {{%history_type}}\n WHERE\n htt_id = his_htt_id AND\n his_is_hidden != 1 AND\n his_iss_id=? AND\n his_min_role <= ?\n ORDER BY\n his_id {$order_by}"; $params = array($iss_id, Auth::getCurrentRole()); try { $res = DB_Helper::getInstance()->getAll($stmt, $params); } catch (DbException $e) { return ''; } foreach ($res as &$row) { $row['his_summary'] = Misc::processTokens(ev_gettext($row['his_summary']), $row['his_context']); } return $res; }
/** * Returns the columns that should be displayed for the specified page. * This method will remove columns that should not be displayed, due to * lack of customer integration or insufficient role. * * @param integer $prj_id The ID of the project. * @param string $page The page to return columns for. * @return array An array of columns that should be displayed. */ public static function getColumnsToDisplay($prj_id, $page) { static $returns; // poor man's caching system if (!empty($returns[$prj_id][$page])) { return $returns[$prj_id][$page]; } $current_role = Auth::getCurrentRole(); $data = self::getSelectedColumns($prj_id, $page); $has_customer_integration = CRM::hasCustomerIntegration($prj_id); $only_with_customers = array('iss_customer_id', 'support_level'); // remove groups if there are no groups in the system. if (count(Group::getAssocList($prj_id)) < 1) { unset($data['iss_grp_id']); } // remove category column if there are no categories in the system if (count(Category::getAssocList($prj_id)) < 1) { unset($data['prc_title']); } // remove custom fields column if there are no custom fields if (count(Custom_Field::getFieldsToBeListed($prj_id)) < 1) { unset($data['custom_fields']); } // remove customer field if user has a role of customer if ($current_role == User::getRoleID('Customer')) { unset($data['iss_customer_id']); } foreach ($data as $field => $info) { // remove fields based on role if ($info['min_role'] > $current_role) { unset($data[$field]); continue; } // remove fields based on customer integration if (!$has_customer_integration && in_array($field, $only_with_customers)) { unset($data[$field]); continue; } // get title $data[$field] = self::getColumnInfo($page, $field); if (!isset($data[$field]['width'])) { $data[$field]['width'] = ''; } } $returns[$prj_id][$page] = $data; return $data; }
// | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to: | // | | // | Free Software Foundation, Inc. | // | 51 Franklin Street, Suite 330 | // | Boston, MA 02110-1301, USA. | // +----------------------------------------------------------------------+ // | Authors: Bryan Alsdorf <*****@*****.**> | // +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('select_partners.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $issue_id = @$_POST['issue_id'] ? $_POST['issue_id'] : $_GET['iss_id']; if (!Access::canViewDrafts($issue_id, Auth::getUserID()) || Auth::getCurrentRole() <= User::getRoleID('Standard User')) { $tpl = new Template_Helper(); $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } $prj_id = Issue::getProjectID($issue_id); if (@$_POST['cat'] == 'update') { $res = Partner::selectPartnersForIssue($_POST['issue_id'], @$_POST['partners']); $tpl->assign('update_result', $res); } $tpl->assign(array('issue_id' => $issue_id, 'enabled_partners' => Partner::getPartnersByProject($prj_id), 'partners' => Partner::getPartnersByIssue($issue_id), 'current_user_prefs' => Prefs::get(Auth::getUserID()))); $tpl->displayTemplate();
/** * Method used to remove specific custom filters. * * @return integer 1 if the removals worked properly, any other value otherwise */ public static function remove() { foreach ($_POST['item'] as $cst_id) { $stmt = 'DELETE FROM {{%custom_filter}} WHERE'; $params = array(); if (self::isGlobal($cst_id)) { if (Auth::getCurrentRole() >= User::ROLE_MANAGER) { $stmt .= ' cst_is_global=1 AND '; } else { $stmt .= ' cst_is_global=1 AND cst_usr_id=? AND '; $params[] = Auth::getUserID(); } } else { $stmt .= ' cst_usr_id=? AND '; $params[] = Auth::getUserID(); } $stmt .= ' cst_prj_id=? AND cst_id=?'; $params[] = Auth::getCurrentProject(); $params[] = $cst_id; try { DB_Helper::getInstance()->query($stmt, $params); } catch (DbException $e) { return -1; } } return 1; }
/** * Method used to get the full listing of notes associated with * a specific issue. * * @param integer $issue_id The issue ID * @return array The list of notes */ public static function getListing($issue_id) { $stmt = 'SELECT not_id, not_created_date, not_title, not_usr_id, not_unknown_user, not_has_attachment, not_is_blocked AS has_blocked_message, usr_full_name FROM {{%note}}, {{%user}} WHERE not_usr_id=usr_id AND not_iss_id=? AND not_removed = 0 ORDER BY not_created_date ASC'; try { $res = DB_Helper::getInstance()->getAll($stmt, array($issue_id)); } catch (DbException $e) { return ''; } // only show the internal notes for users with the appropriate permission level $role_id = Auth::getCurrentRole(); $user_role_id = User::ROLE_USER; $t = array(); foreach ($res as &$row) { if ($role_id < $user_role_id) { continue; } // Display not_unknown_user instead of usr_full_name if not null. // This is so the original sender of a blocked email is displayed on the note. if (!empty($row['not_unknown_user'])) { $row['usr_full_name'] = $row['not_unknown_user']; } $t[] = $row; unset($row); } return $t; }
/** * Selects a mail queue entry from the table and returns the contents. * * @param string $id The mail queue entry ID. * @return A string containing the body. */ function getMailQueue($id) { if (Auth::getCurrentRole() < User::getRoleID('Developer')) { return; } $res = Mail_Queue::getEntry($id); if (!empty($_GET["ec_id"])) { return Link_Filter::processText(Auth::getCurrentProject(), nl2br(htmlspecialchars($_GET["ec_id"] . ":" . $id . ":" . $res["maq_headers"] . "\n" . $res["maq_body"]))); } else { return $res["maq_body"]; } }
/** * Method used to remove specific custom filters. * * @access public * @return integer 1 if the removals worked properly, any other value otherwise */ function remove() { global $HTTP_POST_VARS; $items = implode(", ", Misc::escapeInteger($HTTP_POST_VARS["item"])); foreach ($HTTP_POST_VARS["item"] as $cst_id) { $stmt = "DELETE FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "custom_filter\n WHERE"; if (Filter::isGlobal($cst_id)) { if (Auth::getCurrentRole() >= User::getRoleID('Manager')) { $stmt .= " cst_is_global=1 AND "; } else { $stmt .= " \n cst_is_global=1 AND\n cst_usr_id=" . Auth::getUserID() . " AND "; } } else { $stmt .= " cst_usr_id=" . Auth::getUserID() . " AND "; } $stmt .= "\n cst_prj_id=" . Auth::getCurrentProject() . " AND\n cst_id={$cst_id}"; $res = $GLOBALS["db_api"]->dbh->query($stmt); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return -1; } } return 1; }
if (CRM::hasCustomerIntegration($prj_id)) { $sender_email = Mail_Helper::getEmailAddress($email_details['sup_from']); try { $contact = $crm->getContactByEmail($sender_email); $tpl->assign('contact_details', $contact->getDetails()); } catch (CRMException $e) { } } } } } $tpl->assign(array('cats' => Category::getAssocList($prj_id), 'priorities' => Priority::getAssocList($prj_id), 'severities' => Severity::getList($prj_id), 'users' => Project::getUserAssocList($prj_id, 'active', User::getRoleID('Customer')), 'releases' => Release::getAssocList($prj_id), 'custom_fields' => Custom_Field::getListByProject($prj_id, 'report_form'), 'max_attachment_size' => Attachment::getMaxAttachmentSize(), 'max_attachment_bytes' => Attachment::getMaxAttachmentSize(true), 'field_display_settings' => Project::getFieldDisplaySettings($prj_id), 'groups' => Group::getAssocList($prj_id), 'products' => Product::getList(false))); $prefs = Prefs::get($usr_id); $tpl->assign('user_prefs', $prefs); $tpl->assign('zones', Date_Helper::getTimezoneList()); if (Auth::getCurrentRole() == User::getRoleID('Customer')) { $crm = CRM::getInstance(Auth::getCurrentProject()); $customer_contact_id = User::getCustomerContactID($usr_id); $contact = $crm->getContact($customer_contact_id); $customer_id = Auth::getCurrentCustomerID(); $customer = $crm->getCustomer($customer_id); // TODOCRM: Pull contacts via ajax when user selects contract $tpl->assign(array('customer_id' => $customer_id, 'contact_id' => $customer_contact_id, 'customer' => $customer, 'contact' => $contact)); } $clone_iss_id = isset($_GET['clone_iss_id']) ? (int) $_GET['clone_iss_id'] : null; if ($clone_iss_id && Access::canCloneIssue($clone_iss_id, $usr_id)) { $tpl->assign(Issue::getCloneIssueTemplateVariables($clone_iss_id)); } else { $tpl->assign('defaults', $_REQUEST); } $tpl->displayTemplate();
function formatValue($value, $fld_id, $issue_id, $functional = false) { if (!trim($value)) { return ''; } $admin_folder = ''; $roll_id = Auth::getCurrentRole(); if ($roll_id >= User::getRoleID('manager')) { $admin_folder = 'admin/'; } $href = "../" . $admin_folder . "viewTransaction.php?ref={$value}&hide_header=1&nolink=1"; if ($roll_id <= User::getRoleID('reporter')) { return $value; } if (!$functional) { return "<a href='{$href}' target='_top' >{$value}</a>"; } $text = "<a href='javascript:td_showtrans(\"{$href}\");' >{$value}</a> <input type='button' value='Route to Merchant' class='button' onClick='javascript:mercAssign({$issue_id});'> <BR>"; return $text; }
/** * Selects a mail queue entry from the table and returns the contents. * * @param string $id The mail queue entry ID. * @return A string containing the body. */ function getMailQueue($id) { if (Auth::getCurrentRole() < User::getRoleID('Developer')) { return; } $res = Mail_Queue::getEntry($id); if (!Issue::canAccess($res['maq_iss_id'], $GLOBALS['usr_id'])) { return ''; } if (empty($_GET['ec_id'])) { return $res['maq_body']; } return Link_Filter::processText(Auth::getCurrentProject(), nl2br(htmlspecialchars($res['maq_headers'] . "\n" . $res['maq_body']))); }
$_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE] = $_REQUEST['hide_closed']; } if (isset($_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE])) { $hide_closed = $_COOKIE[APP_HIDE_CLOSED_STATS_COOKIE]; } else { $hide_closed = 0; } $tpl->assign('hide_closed', $hide_closed); if ($role_id == User::getRoleID('customer')) { $crm = CRM::getInstance($prj_id); // need the activity dashboard here $contact_id = User::getCustomerContactID($usr_id); $customer_id = Auth::getCurrentCustomerID(); $tpl->assign(array('contact' => $crm->getContact($contact_id), 'customer' => $crm->getCustomer($customer_id))); } else { if (Auth::getCurrentRole() <= User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id)) { $tpl->assign('hide_stats', true); } else { $tpl->assign('hide_stats', false); $tpl->assign('status', Stats::getStatus()); $tpl->assign('releases', Stats::getRelease($hide_closed)); $tpl->assign('categories', Stats::getCategory($hide_closed)); $tpl->assign('priorities', Stats::getPriority($hide_closed)); $tpl->assign('users', Stats::getUser($hide_closed)); $tpl->assign('emails', Stats::getEmailStatus($hide_closed)); $tpl->assign('pie_chart', Stats::getPieChart($hide_closed)); } } if (@$_REQUEST['hide_closed'] == '') { $Stats_Search_Profile = Search_Profile::getProfile($usr_id, $prj_id, 'stats'); if (!empty($Stats_Search_Profile)) {
$tpl->setTemplate("reports/stalled_issues.tpl.html"); Auth::checkAuthentication(APP_COOKIE); if (Auth::getCurrentRole() <= User::getRoleID("Customer")) { echo "Invalid role"; exit; } $prj_id = Auth::getCurrentProject(); if (count(@$_REQUEST['before']) < 1) { $before = date("Y-m-d", time() - MONTH); } else { $before = join('-', $_REQUEST['before']); } if (count(@$_REQUEST['after']) < 1) { $after = date("Y-m-d", time() - YEAR); } else { $after = join('-', $_REQUEST['after']); } if (empty($_REQUEST['sort_order'])) { $_REQUEST['sort_order'] = 'ASC'; } $data = Report::getStalledIssuesByUser($prj_id, @$_REQUEST['developers'], @$_REQUEST['status'], $before, $after, $_REQUEST['sort_order']); $groups = Group::getAssocList($prj_id); $assign_options = array(); if (count($groups) > 0 && Auth::getCurrentRole() > User::getRoleID("Customer")) { foreach ($groups as $grp_id => $grp_name) { $assign_options["grp:{$grp_id}"] = "Group: " . $grp_name; } } $assign_options += Project::getUserAssocList($prj_id, 'active', User::getRoleID('Standard User')); $tpl->assign(array("users" => $assign_options, "before_date" => $before, "after_date" => $after, "data" => $data, "developers" => @$_REQUEST['developers'], "status_list" => Status::getAssocStatusList($prj_id), "status" => @$_REQUEST['status'], "sort_order" => $_REQUEST['sort_order'])); $tpl->displayTemplate();
/** * Method to return the names of the fields which should be displayed on the list issues page. * * @access public * @param integer $prj_id The ID of the project. * @return array An array of custom field names. */ function getFieldsToBeListed($prj_id) { $sql = "SELECT\n fld_id,\n fld_title\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "custom_field,\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "project_custom_field\n WHERE\n fld_id = pcf_fld_id AND\n pcf_prj_id = " . Misc::escapeInteger($prj_id) . " AND\n fld_list_display = 1 AND\n fld_min_role <= " . Auth::getCurrentRole() . "\n ORDER BY\n fld_rank ASC"; $res = $GLOBALS["db_api"]->dbh->getAssoc($sql); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return array(); } else { return $res; } }
/** * Method used to get the list of changes made against a specific issue. * * @access public * @param integer $iss_id The issue ID * @param string $order_by The order to sort the history * @return array The list of changes */ function getListing($iss_id, $order_by = 'DESC') { $stmt = "SELECT\n *\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue_history,\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "history_type\n WHERE\n htt_id = his_htt_id AND\n his_is_hidden != 1 AND\n his_iss_id=" . Misc::escapeInteger($iss_id) . " AND\n htt_role <= " . Auth::getCurrentRole() . "\n ORDER BY\n his_id {$order_by}"; $res = $GLOBALS["db_api"]->dbh->getAll($stmt, DB_FETCHMODE_ASSOC); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return ""; } else { for ($i = 0; $i < count($res); $i++) { $res[$i]["his_created_date"] = Date_API::getFormattedDate($res[$i]["his_created_date"]); $res[$i]["his_summary"] = Mime_Helper::fixEncoding($res[$i]["his_summary"]); } return $res; } }
/** * Method used to get the full listing of notes associated with * a specific issue. * * @access public * @param integer $issue_id The issue ID * @return array The list of notes */ function getListing($issue_id) { $issue_id = Misc::escapeInteger($issue_id); $stmt = "SELECT\n not_id,\n not_created_date,\n not_title,\n not_usr_id,\n not_unknown_user,\n not_has_attachment,\n IF(LENGTH(not_blocked_message) > 0, 1, 0) AS has_blocked_message,\n usr_full_name\n FROM\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "note,\n " . ETEL_USER_TABLE . "\n WHERE\n not_usr_id=usr_id AND\n not_iss_id={$issue_id} AND\n not_removed = 0\n ORDER BY\n not_created_date ASC"; $res = $GLOBALS["db_api"]->dbh->getAll($stmt, DB_FETCHMODE_ASSOC); if (PEAR::isError($res)) { Error_Handler::logError(array($res->getMessage(), $res->getDebugInfo()), __FILE__, __LINE__); return ""; } else { // only show the internal notes for users with the appropriate permission level $role_id = Auth::getCurrentRole(); $t = array(); for ($i = 0; $i < count($res); $i++) { if ($role_id < User::getRoleID('standard user')) { continue; } // Display not_unknown_user instead of usr_full_name if not null. // This is so the original sender of a blocked email is displayed on the note. if (!empty($res[$i]["not_unknown_user"])) { $res[$i]["usr_full_name"] = $res[$i]["not_unknown_user"]; } $res[$i]["not_created_date"] = Date_API::getFormattedDate($res[$i]["not_created_date"]); $t[] = $res[$i]; } return $t; } }
// | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to: | // | | // | Free Software Foundation, Inc. | // | 51 Franklin Street, Suite 330 | // | Boston, MA 02110-1301, USA. | // +----------------------------------------------------------------------+ // | Authors: João Prado Maia <*****@*****.**> | // +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('add_phone_entry.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $issue_id = @$_POST['issue_id'] ? $_POST['issue_id'] : $_GET['iss_id']; if (!Issue::canAccess($issue_id, Auth::getUserID()) || Auth::getCurrentRole() <= User::getRoleID('Customer')) { $tpl = new Template_Helper(); $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } if (@$_POST['cat'] == 'add_phone') { $res = Phone_Support::insert(); $tpl->assign('add_phone_result', $res); } $prj_id = Issue::getProjectID($issue_id); $usr_id = Auth::getUserID(); $tpl->assign(array('issue_id' => $issue_id, 'phone_categories' => Phone_Support::getCategoryAssocList($prj_id), 'current_user_prefs' => Prefs::get($usr_id))); $tpl->displayTemplate();
$res = Support::removeEmails(); $tpl->assign('remove_email_result', $res); } elseif ($cat == 'clear_duplicate') { $res = Issue::clearDuplicateStatus($iss_id); $tpl->assign('clear_duplicate_result', $res); } elseif ($cat == 'delete_phone') { $res = Phone_Support::remove($id); $tpl->assign('delete_phone_result', $res); } elseif ($cat == 'new_status') { $res = Issue::setStatus($iss_id, $status_id, true); if ($res == 1) { History::add($iss_id, $usr_id, 'status_changed', "Issue manually set to status '{status}' by {user}", array('status' => Status::getStatusTitle($status_id), 'user' => User::getFullName($usr_id))); } $tpl->assign('new_status_result', $res); } elseif ($cat == 'authorize_reply') { $res = Authorized_Replier::addUser($iss_id, $usr_id); $tpl->assign('authorize_reply_result', $res); } elseif ($cat == 'remove_quarantine') { if (Auth::getCurrentRole() > User::getRoleID('Developer')) { $res = Issue::setQuarantine($iss_id, 0); $tpl->assign('remove_quarantine_result', $res); } } elseif ($cat == 'selfnotify') { if (Issue::canAccess($iss_id, $usr_id)) { $res = Notification::subscribeUser($usr_id, $iss_id, $usr_id, Notification::getDefaultActions($iss_id)); $tpl->assign('selfnotify_result', $res); } } $tpl->assign('current_user_prefs', Prefs::get($usr_id)); $tpl->assign('cat', $cat); $tpl->displayTemplate();
/** * TODO: merge use of $options and $email arrays to just $email * * @param int $issue_id * @param string $type type of email * @param string $from * @param string $to * @param string $cc * @param string $subject * @param string $body * @param array $options optional parameters * - (int) parent_sup_id * - (array) iaf_ids attachment file ids * - (bool) add_unknown * - (int) ema_id * @return int 1 if it worked, -1 otherwise */ public static function sendEmail($issue_id, $type, $from, $to, $cc, $subject, $body, $options = array()) { $parent_sup_id = $options['parent_sup_id']; $iaf_ids = $options['iaf_ids']; $add_unknown = $options['add_unknown']; $ema_id = $options['ema_id']; $current_usr_id = Auth::getUserID(); $prj_id = Issue::getProjectID($issue_id); // if we are replying to an existing email, set the In-Reply-To: header accordingly $in_reply_to = $parent_sup_id ? self::getMessageIDByID($parent_sup_id) : false; // get ID of whoever is sending this. $sender_usr_id = User::getUserIDByEmail(Mail_Helper::getEmailAddress($from)) ?: false; // remove extra 'Re: ' from subject $subject = Mail_Helper::removeExcessRe($subject, true); $internal_only = false; $message_id = Mail_Helper::generateMessageID(); // process any files being uploaded // from ajax upload, attachment file ids if ($iaf_ids) { // FIXME: is it correct to use sender from post data? $attach_usr_id = $sender_usr_id ?: $current_usr_id; Attachment::attachFiles($issue_id, $attach_usr_id, $iaf_ids, false, 'Attachment originated from outgoing email'); } // hack needed to get the full headers of this web-based email $full_email = self::buildFullHeaders($issue_id, $message_id, $from, $to, $cc, $subject, $body, $in_reply_to, $iaf_ids); // email blocking should only be done if this is an email about an associated issue if ($issue_id) { $user_info = User::getNameEmail($current_usr_id); // check whether the current user is allowed to send this email to customers or not if (!self::isAllowedToEmail($issue_id, $user_info['usr_email'])) { // add the message body as a note $note = Mail_Helper::getCannedBlockedMsgExplanation() . $body; $note_options = array('full_message' => $full_email, 'is_blocked' => true); Note::insertNote($current_usr_id, $issue_id, $subject, $note, $note_options); $email_details = array('from' => $from, 'to' => $to, 'cc' => $cc, 'subject' => $subject, 'body' => &$body, 'message' => &$body, 'title' => $subject); Workflow::handleBlockedEmail($prj_id, $issue_id, $email_details, 'web'); return 1; } } // only send a direct email if the user doesn't want to add the Cc'ed people to the notification list if (($add_unknown || Workflow::shouldAutoAddToNotificationList($prj_id)) && $issue_id) { // add the recipients to the notification list of the associated issue $recipients = array($to); $recipients = array_merge($recipients, self::getRecipientsCC($cc)); foreach ($recipients as $address) { if ($address && !Notification::isIssueRoutingSender($issue_id, $address)) { $actions = Notification::getDefaultActions($issue_id, $address, 'add_unknown_user'); Notification::subscribeEmail($current_usr_id, $issue_id, Mail_Helper::getEmailAddress($address), $actions); } } } else { // Usually when sending out emails associated to an issue, we would // simply insert the email in the table and call the Notification::notifyNewEmail() method, // but on this case we need to actually send the email to the recipients that are not // already in the notification list for the associated issue, if any. // In the case of replying to an email that is not yet associated with an issue, then // we are always directly sending the email, without using any notification list // functionality. if ($issue_id) { // send direct emails only to the unknown addresses, and leave the rest to be // catched by the notification list $from = Notification::getFixedFromHeader($issue_id, $from, 'issue'); // build the list of unknown recipients if ($to) { $recipients = array($to); $recipients = array_merge($recipients, self::getRecipientsCC($cc)); } else { $recipients = self::getRecipientsCC($cc); } $unknowns = array(); foreach ($recipients as $address) { if (!Notification::isSubscribedToEmails($issue_id, $address)) { $unknowns[] = $address; } } if ($unknowns) { $to2 = array_shift($unknowns); $cc2 = implode('; ', $unknowns); // send direct emails self::sendDirectEmail($issue_id, $from, $to2, $cc2, $subject, $body, $_FILES['attachment'], $message_id, $sender_usr_id); } } else { // send direct emails to all recipients, since we don't have an associated issue $project_info = Project::getOutgoingSenderAddress(Auth::getCurrentProject()); // use the project-related outgoing email address, if there is one if (!empty($project_info['email'])) { $from = Mail_Helper::getFormattedName(User::getFullName($current_usr_id), $project_info['email']); } else { // otherwise, use the real email address for the current user $from = User::getFromHeader($current_usr_id); } // send direct emails self::sendDirectEmail($issue_id, $from, $to, $cc, $subject, $body, $_FILES['attachment'], $message_id); } } $email = array('customer_id' => 'NULL', 'issue_id' => $issue_id, 'ema_id' => $ema_id, 'message_id' => $message_id, 'date' => Date_Helper::getCurrentDateGMT(), 'from' => $from, 'to' => $to, 'cc' => $cc, 'subject' => $subject, 'body' => $body, 'full_email' => $full_email); // associate this new email with a customer, if appropriate if (Auth::getCurrentRole() == User::getRoleID('Customer')) { if ($issue_id) { $crm = CRM::getInstance($prj_id); try { $contact = $crm->getContact(User::getCustomerContactID($current_usr_id)); $issue_contract = $crm->getContract(Issue::getContractID($issue_id)); if ($contact->canAccessContract($issue_contract)) { $email['customer_id'] = $issue_contract->getCustomerID(); } } catch (CRMException $e) { } } else { $customer_id = User::getCustomerID($current_usr_id); if ($customer_id && $customer_id != -1) { $email['customer_id'] = $customer_id; } } } $email['has_attachment'] = $iaf_ids ? 1 : 0; $structure = Mime_Helper::decode($full_email, true, false); $email['headers'] = $structure->headers; self::insertEmail($email, $structure, $sup_id); if ($issue_id) { // need to send a notification Notification::notifyNewEmail($current_usr_id, $issue_id, $email, $internal_only, false, $type, $sup_id); // mark this issue as updated $has_customer = $email['customer_id'] && $email['customer_id'] != 'NULL'; if ($has_customer && (!$current_usr_id || User::getRoleByUser($current_usr_id, $prj_id) == User::getRoleID('Customer'))) { Issue::markAsUpdated($issue_id, 'customer action'); } else { if ($sender_usr_id && User::getRoleByUser($sender_usr_id, $prj_id) > User::getRoleID('Customer')) { Issue::markAsUpdated($issue_id, 'staff response'); } else { Issue::markAsUpdated($issue_id, 'user response'); } } History::add($issue_id, $current_usr_id, 'email_sent', 'Outgoing email sent by {user}', array('user' => User::getFullName($current_usr_id))); } return 1; }
/** * Method used to bulk update a list of issues * * @return boolean */ public static function bulkUpdate() { // check if user performing this chance has the proper role if (Auth::getCurrentRole() < User::ROLE_MANAGER) { return -1; } $items = (array) $_POST['item']; $new_status_id = (int) $_POST['status']; $new_release_id = (int) $_POST['release']; $new_priority_id = (int) $_POST['priority']; $new_category_id = (int) $_POST['category']; foreach ($items as $issue_id) { $issue_id = (int) $issue_id; if (!self::canAccess($issue_id, Auth::getUserID())) { continue; } if (self::getProjectID($issue_id) != Auth::getCurrentProject()) { // make sure issue is not in another project continue; } $issue_details = self::getDetails($issue_id); $updated_fields = array(); // update assignment if (count(@$_POST['users']) > 0) { $users = (array) $_POST['users']; // get who this issue is currently assigned too $stmt = 'SELECT isu_usr_id, usr_full_name FROM {{%issue_user}}, {{%user}} WHERE isu_usr_id = usr_id AND isu_iss_id = ?'; try { $current_assignees = DB_Helper::getInstance()->getPair($stmt, array($issue_id)); } catch (DbException $e) { return -1; } foreach ($current_assignees as $usr_id => $usr_name) { if (!in_array($usr_id, $users)) { self::deleteUserAssociation($issue_id, $usr_id, false); } } $new_user_names = array(); $new_assignees = array(); foreach ($users as $usr_id) { $usr_id = (int) $usr_id; $new_user_names[$usr_id] = User::getFullName($usr_id); // check if the issue is already assigned to this person $stmt = 'SELECT COUNT(*) AS total FROM {{%issue_user}} WHERE isu_iss_id=? AND isu_usr_id=?'; $total = DB_Helper::getInstance()->getOne($stmt, array($issue_id, $usr_id)); if ($total > 0) { continue; } else { $new_assignees[] = $usr_id; // add the assignment self::addUserAssociation(Auth::getUserID(), $issue_id, $usr_id, false); Notification::subscribeUser(Auth::getUserID(), $issue_id, $usr_id, Notification::getAllActions()); } } $prj_id = Auth::getCurrentProject(); $usr_ids = self::getAssignedUserIDs($issue_id); Workflow::handleAssignmentChange($prj_id, $issue_id, Auth::getUserID(), $issue_details, $usr_ids, false); Notification::notifyNewAssignment($new_assignees, $issue_id); $updated_fields['Assignment'] = History::formatChanges(implode(', ', $current_assignees), implode(', ', $new_user_names)); } // update status if ($new_status_id) { $old_status_id = self::getStatusID($issue_id); $res = self::setStatus($issue_id, $new_status_id, false); if ($res == 1) { $updated_fields['Status'] = History::formatChanges(Status::getStatusTitle($old_status_id), Status::getStatusTitle($new_status_id)); } } // update release if ($new_release_id) { $old_release_id = self::getRelease($issue_id); $res = self::setRelease($issue_id, $new_release_id); if ($res == 1) { $updated_fields['Release'] = History::formatChanges(Release::getTitle($old_release_id), Release::getTitle($new_release_id)); } } // update priority if ($new_priority_id) { $old_priority_id = self::getPriority($issue_id); $res = self::setPriority($issue_id, $new_priority_id); if ($res == 1) { $updated_fields['Priority'] = History::formatChanges(Priority::getTitle($old_priority_id), Priority::getTitle($new_priority_id)); } } // update category if ($new_category_id) { $old_category_id = self::getCategory($issue_id); $res = self::setCategory($issue_id, $new_category_id); if ($res == 1) { $updated_fields['Category'] = History::formatChanges(Category::getTitle($old_category_id), Category::getTitle($new_category_id)); } } if (count($updated_fields) > 0) { // log the changes $changes = ''; $k = 0; foreach ($updated_fields as $key => $value) { if ($k > 0) { $changes .= '; '; } $changes .= "{$key}: {$value}"; $k++; } $usr_id = Auth::getUserID(); History::add($issue_id, $usr_id, 'issue_bulk_updated', 'Issue updated ({changes}) by {user}', array('changes' => $changes, 'user' => User::getFullName(Auth::getUserID()))); } // close if request if (isset($_REQUEST['closed_status']) && !empty($_REQUEST['closed_status'])) { self::close(Auth::getUserID(), $issue_id, true, 0, $_REQUEST['closed_status'], $_REQUEST['closed_message'], $_REQUEST['notification_list']); } } return true; }
// | it under the terms of the GNU General Public License as published by | // | the Free Software Foundation; either version 2 of the License, or | // | (at your option) any later version. | // | | // | This program is distributed in the hope that it will be useful, | // | but WITHOUT ANY WARRANTY; without even the implied warranty of | // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | // | GNU General Public License for more details. | // | | // | You should have received a copy of the GNU General Public License | // | along with this program; if not, write to: | // | | // | Free Software Foundation, Inc. | // | 59 Temple Place - Suite 330 | // | Boston, MA 02111-1307, USA. | // +----------------------------------------------------------------------+ // | Authors: João Prado Maia <*****@*****.**> | // +----------------------------------------------------------------------+ // // @(#) $Id: s.index.php 1.1 03/09/16 23:01:42-00:00 jpradomaia $ // include_once "../config.inc.php"; include_once APP_INC_PATH . "class.template.php"; include_once APP_INC_PATH . "db_access.php"; Auth::checkAuthentication(APP_COOKIE); if (Auth::getCurrentRole() <= User::getRoleID("Customer")) { Auth::redirect("../main.php"); } $tpl = new Template_API(); $tpl->setTemplate("reports/index.tpl.html"); $tpl->displayTemplate();
// | Boston, MA 02110-1301, USA. | // +----------------------------------------------------------------------+ // | Authors: João Prado Maia <*****@*****.**> | // +----------------------------------------------------------------------+ require_once dirname(__FILE__) . '/../init.php'; $usr_id = Auth::getUserID(); $prj_id = Auth::getCurrentProject(); $tpl = new Template_Helper(); $tpl->setTemplate('view_email.tpl.html'); Auth::checkAuthentication(APP_COOKIE, 'index.php?err=5', true); $issue_id = Support::getIssueFromEmail($_GET['id']); if ($issue_id != 0 && !Issue::canAccess($issue_id, $usr_id) || $issue_id == 0 && User::getRoleByUser($usr_id, $prj_id) < User::ROLE_USER) { $tpl->setTemplate('permission_denied.tpl.html'); $tpl->displayTemplate(); exit; } $email = Support::getEmailDetails($_GET['ema_id'], $_GET['id']); $email['seb_body'] = str_replace('&nbsp;', ' ', $email['seb_body']); $tpl->assign(array('email' => $email, 'issue_id' => $issue_id, 'extra_title' => ev_gettext('Issue #%1$s Email #%3$s: %2$s', $issue_id, $email['sup_subject'], Support::getSequenceByID($_GET['id'])), 'email_accounts' => Email_Account::getAssocList(array_keys(Project::getAssocList(Auth::getUserID())), true), 'recipients' => Mail_Queue::getMessageRecipients(array('customer_email', 'other_email'), $_GET['id']))); if (@$_GET['cat'] == 'list_emails') { $sides = Support::getListingSides($_GET['id']); $tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next'])); } elseif (@$_GET['cat'] == 'move_email' && Auth::getCurrentRole() >= User::getRoleID('Standard User')) { $res = Support::moveEmail(@$_GET['id'], @$_GET['ema_id'], @$_GET['new_ema_id']); $tpl->assign('move_email_result', $res); $tpl->assign('current_user_prefs', Prefs::get(Auth::getUserID())); } else { $sides = Support::getIssueSides($issue_id, $_GET['id']); $tpl->assign(array('previous' => $sides['previous'], 'next' => $sides['next'])); } $tpl->displayTemplate();
/** * Plot various stats charts * * @param string $plotType * @param bool $hide_closed * @return bool return false if no data is available */ public function StatsChart($plotType, $hide_closed) { // don't bother if user has no access $prj_id = Auth::getCurrentProject(); if (Auth::getCurrentRole() <= User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id)) { return false; } $colors = array(); switch ($plotType) { case 'status': $data = Stats::getAssocStatus($hide_closed); $graph_title = ev_gettext('Issues by Status'); // use same colors as defined for statuses foreach ($data as $sta_title => $trash) { $sta_id = Status::getStatusID($sta_title); $status_details = Status::getDetails($sta_id); $colors[] = $status_details['sta_color']; } break; case 'release': $data = Stats::getAssocRelease($hide_closed); $graph_title = ev_gettext('Issues by Release'); break; case 'priority': $data = Stats::getAssocPriority($hide_closed); $graph_title = ev_gettext('Issues by Priority'); break; case 'user': $data = Stats::getAssocUser($hide_closed); $graph_title = ev_gettext('Issues by Assignment'); break; case 'category': $data = Stats::getAssocCategory($hide_closed); $graph_title = ev_gettext('Issues by Category'); break; default: return false; } // check the values coming from the database and if they are all empty, then // output a pre-generated 'No Data Available' picture if (!Stats::hasData($data)) { return false; } $plot = $this->create(360, 200); $plot->SetImageBorderType('plain'); $plot->SetTitle($graph_title); $plot->SetPlotType('pie'); $plot->SetDataType('text-data-single'); if ($colors) { $plot->SetDataColors($colors); } $legend = $dataValue = array(); foreach ($data as $label => $count) { $legend[] = $label . ' (' . $count . ')'; $dataValue[] = array($label, $count); } $plot->SetDataValues($dataValue); foreach ($legend as $label) { $plot->SetLegend($label); } return $plot->DrawGraph(); }
/** * Method used to send an email from the user interface. * * @access public * @return integer 1 if it worked, -1 otherwise */ function sendEmail($parent_sup_id = FALSE) { global $HTTP_POST_VARS, $HTTP_SERVER_VARS; // if we are replying to an existing email, set the In-Reply-To: header accordingly if ($parent_sup_id) { $in_reply_to = Support::getMessageIDByID($parent_sup_id); } else { $in_reply_to = false; } // get ID of whoever is sending this. $sender_usr_id = User::getUserIDByEmail(Mail_API::getEmailAddress($HTTP_POST_VARS["from"])); if (empty($sender_usr_id)) { $sender_usr_id = false; } // get type of email this is if (!empty($HTTP_POST_VARS['type'])) { $type = $HTTP_POST_VARS['type']; } else { $type = ''; } // remove extra 'Re: ' from subject $HTTP_POST_VARS['subject'] = Mail_API::removeExcessRe($HTTP_POST_VARS['subject'], true); $internal_only = false; $message_id = Mail_API::generateMessageID(); // hack needed to get the full headers of this web-based email $full_email = Support::buildFullHeaders($HTTP_POST_VARS["issue_id"], $message_id, $HTTP_POST_VARS["from"], $HTTP_POST_VARS["to"], $HTTP_POST_VARS["cc"], $HTTP_POST_VARS["subject"], $HTTP_POST_VARS["message"], $in_reply_to); // email blocking should only be done if this is an email about an associated issue if (!empty($HTTP_POST_VARS['issue_id'])) { $user_info = User::getNameEmail(Auth::getUserID()); // check whether the current user is allowed to send this email to customers or not if (!Support::isAllowedToEmail($HTTP_POST_VARS["issue_id"], $user_info['usr_email'])) { // add the message body as a note $HTTP_POST_VARS['blocked_msg'] = $full_email; $HTTP_POST_VARS['title'] = $HTTP_POST_VARS["subject"]; $HTTP_POST_VARS['note'] = Mail_API::getCannedBlockedMsgExplanation() . $HTTP_POST_VARS["message"]; Note::insert(Auth::getUserID(), $HTTP_POST_VARS["issue_id"]); Workflow::handleBlockedEmail(Issue::getProjectID($HTTP_POST_VARS['issue_id']), $HTTP_POST_VARS['issue_id'], $HTTP_POST_VARS, 'web'); return 1; } } // only send a direct email if the user doesn't want to add the Cc'ed people to the notification list if (@$HTTP_POST_VARS['add_unknown'] == 'yes') { if (!empty($HTTP_POST_VARS['issue_id'])) { // add the recipients to the notification list of the associated issue $recipients = array($HTTP_POST_VARS['to']); $recipients = array_merge($recipients, Support::getRecipientsCC($HTTP_POST_VARS['cc'])); for ($i = 0; $i < count($recipients); $i++) { if (!empty($recipients[$i]) && !Notification::isIssueRoutingSender($HTTP_POST_VARS["issue_id"], $recipients[$i])) { Notification::subscribeEmail(Auth::getUserID(), $HTTP_POST_VARS["issue_id"], Mail_API::getEmailAddress($recipients[$i]), array('emails')); } } } } else { // Usually when sending out emails associated to an issue, we would // simply insert the email in the table and call the Notification::notifyNewEmail() method, // but on this case we need to actually send the email to the recipients that are not // already in the notification list for the associated issue, if any. // In the case of replying to an email that is not yet associated with an issue, then // we are always directly sending the email, without using any notification list // functionality. if (!empty($HTTP_POST_VARS['issue_id'])) { // send direct emails only to the unknown addresses, and leave the rest to be // catched by the notification list $from = Notification::getFixedFromHeader($HTTP_POST_VARS['issue_id'], $HTTP_POST_VARS['from'], 'issue'); // build the list of unknown recipients if (!empty($HTTP_POST_VARS['to'])) { $recipients = array($HTTP_POST_VARS['to']); $recipients = array_merge($recipients, Support::getRecipientsCC($HTTP_POST_VARS['cc'])); } else { $recipients = Support::getRecipientsCC($HTTP_POST_VARS['cc']); } $unknowns = array(); for ($i = 0; $i < count($recipients); $i++) { if (!Notification::isSubscribedToEmails($HTTP_POST_VARS['issue_id'], $recipients[$i])) { $unknowns[] = $recipients[$i]; } } if (count($unknowns) > 0) { $to = array_shift($unknowns); $cc = implode('; ', $unknowns); // send direct emails Support::sendDirectEmail($HTTP_POST_VARS['issue_id'], $from, $to, $cc, $HTTP_POST_VARS['subject'], $HTTP_POST_VARS['message'], $message_id, $sender_usr_id); } } else { // send direct emails to all recipients, since we don't have an associated issue $project_info = Project::getOutgoingSenderAddress(Auth::getCurrentProject()); // use the project-related outgoing email address, if there is one if (!empty($project_info['email'])) { $from = Mail_API::getFormattedName(User::getFullName(Auth::getUserID()), $project_info['email']); } else { // otherwise, use the real email address for the current user $from = User::getFromHeader(Auth::getUserID()); } // send direct emails Support::sendDirectEmail($HTTP_POST_VARS['issue_id'], $from, $HTTP_POST_VARS['to'], $HTTP_POST_VARS['cc'], $HTTP_POST_VARS['subject'], $HTTP_POST_VARS['message'], $message_id); } } $t = array('customer_id' => 'NULL', 'issue_id' => $HTTP_POST_VARS["issue_id"] ? $HTTP_POST_VARS["issue_id"] : 0, 'ema_id' => $HTTP_POST_VARS['ema_id'], 'message_id' => $message_id, 'date' => Date_API::getCurrentDateGMT(), 'from' => $HTTP_POST_VARS['from'], 'to' => $HTTP_POST_VARS['to'], 'cc' => @$HTTP_POST_VARS['cc'], 'subject' => @$HTTP_POST_VARS['subject'], 'body' => $HTTP_POST_VARS['message'], 'full_email' => $full_email, 'has_attachment' => 0); // associate this new email with a customer, if appropriate if (Auth::getCurrentRole() == User::getRoleID('Customer')) { $customer_id = User::getCustomerID(Auth::getUserID()); if (!empty($customer_id) && $customer_id != -1) { $t['customer_id'] = $customer_id; } } $structure = Mime_Helper::decode($full_email, true, false); $t['headers'] = $structure->headers; $res = Support::insertEmail($t, $structure, $sup_id); if (!empty($HTTP_POST_VARS["issue_id"])) { // need to send a notification Notification::notifyNewEmail(Auth::getUserID(), $HTTP_POST_VARS["issue_id"], $t, $internal_only, false, $type, $sup_id); // mark this issue as updated if (!empty($t['customer_id']) && $t['customer_id'] != 'NULL') { Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'customer action'); } else { if (!empty($sender_usr_id) && User::getRoleByUser($sender_usr_id, Issue::getProjectID($HTTP_POST_VARS['issue_id'])) > User::getRoleID('Customer')) { Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'staff response'); } else { Issue::markAsUpdated($HTTP_POST_VARS["issue_id"], 'user response'); } } // save a history entry for this History::add($HTTP_POST_VARS["issue_id"], Auth::getUserID(), History::getTypeID('email_sent'), 'Outgoing email sent by ' . User::getFullName(Auth::getUserID())); // also update the last_response_date field for the associated issue if (Auth::getCurrentRole() > User::getRoleID('Customer')) { $stmt = "UPDATE\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue\n SET\n iss_last_response_date='" . Date_API::getCurrentDateGMT() . "'\n WHERE\n iss_id=" . Misc::escapeInteger($HTTP_POST_VARS["issue_id"]); $GLOBALS["db_api"]->dbh->query($stmt); $stmt = "UPDATE\n " . APP_DEFAULT_DB . "." . APP_TABLE_PREFIX . "issue\n SET\n iss_first_response_date='" . Date_API::getCurrentDateGMT() . "'\n WHERE\n iss_first_response_date IS NULL AND\n iss_id=" . Misc::escapeInteger($HTTP_POST_VARS["issue_id"]); $GLOBALS["db_api"]->dbh->query($stmt); } } return 1; }
/** * Method to return the names of the fields which should be displayed on the list issues page. * * @param integer $prj_id The ID of the project. * @return array An array of custom field names. */ public static function getFieldsToBeListed($prj_id) { $sql = 'SELECT fld_id, fld_title FROM {{%custom_field}}, {{%project_custom_field}} WHERE fld_id = pcf_fld_id AND pcf_prj_id = ? AND fld_list_display = 1 AND fld_min_role <= ? ORDER BY fld_rank ASC'; try { $res = DB_Helper::getInstance()->getPair($sql, array($prj_id, Auth::getCurrentRole())); } catch (DbException $e) { return array(); } return $res; }
<?php include_once "../../config.inc.php"; include_once APP_INC_PATH . "class.auth.php"; include_once APP_INC_PATH . "class.lock.php"; include_once APP_INC_PATH . "db_access.php"; Auth::checkAuthentication(APP_COOKIE); if (Auth::getCurrentRole() < User::getRoleID("Developer")) { echo "Invalid role"; exit; } $process_id = Lock::getProcessID('irc_bot'); echo "Existing process ID: {$process_id}<br />\n"; if (!empty($process_id)) { // kill current process $kill = `kill {$process_id}`; if (!empty($kill)) { echo "Killed: {$kill}<br />\n"; } } Lock::release('irc_bot'); $start = `cd /var/www/html/eventum/misc/irc/;php -q bot.php > /dev/null &`; if (!empty($start)) { echo "Error: {$start}<br />\n"; } ?> <hr> If there are no error messages above, the bot should have been successfully restarted.
/** * Method to determine if user can access a particular issue * * @param integer $issue_id The ID of the issue. * @param integer $usr_id The ID of the user * @return boolean If the user can access the issue */ public static function canAccessIssue($issue_id, $usr_id) { static $access; if (empty($issue_id)) { return false; } if (isset($access[$issue_id . '-' . $usr_id])) { return $access[$issue_id . '-' . $usr_id]; } $details = Issue::getDetails($issue_id); if (empty($details)) { return true; } $usr_details = User::getDetails($usr_id); $usr_role = User::getRoleByUser($usr_id, $details['iss_prj_id']); $prj_id = $details['iss_prj_id']; $can_access_contract = false; if (CRM::hasCustomerIntegration($prj_id)) { $crm = CRM::getInstance($prj_id); try { if (!empty($usr_details['usr_customer_contact_id']) && !empty($details['iss_customer_contract_id'])) { $contact = $crm->getContact($usr_details['usr_customer_contact_id']); $can_access_contract = $contact->canAccessContract($crm->getContract($details['iss_customer_contract_id'])); } } catch (CRMException $e) { // TODOCRM: Log exception? } } if (empty($usr_role)) { // check if they are even allowed to access the project $return = false; } elseif (CRM::hasCustomerIntegration($details['iss_prj_id']) && $usr_role == User::getRoleID('Customer') && $can_access_contract === false) { // check customer permissions $return = false; } elseif (!empty($usr_details['usr_par_code']) && !Partner::isPartnerEnabledForIssue($usr_details['usr_par_code'], $issue_id)) { // check if the user is a partner $return = false; } elseif ($details['iss_private'] == 1) { // check if the issue is even private // check role, reporter, assignment and group if ($usr_role > User::getRoleID('Developer')) { $return = true; } elseif ($details['iss_usr_id'] == $usr_id) { $return = true; } elseif (Issue::isAssignedToUser($issue_id, $usr_id)) { $return = true; } elseif (!empty($details['iss_grp_id']) && !empty($usr_details['usr_grp_id']) && $details['iss_grp_id'] == $usr_details['usr_grp_id']) { $return = true; } elseif (Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) { $return = true; } else { $return = false; } } elseif (Auth::getCurrentRole() == User::getRoleID('Reporter') && Project::getSegregateReporters($prj_id) && $details['iss_usr_id'] != $usr_id && !Authorized_Replier::isUserAuthorizedReplier($issue_id, $usr_id)) { return false; } else { $return = true; } $access[$issue_id . '-' . $usr_id] = $return; return $return; }
/** * Method used to remove attachments from the database. * * @param integer $iat_id attachment_id. * @param boolean $add_history whether to add history entry. * @return integer Numeric code used to check for any errors */ public static function remove($iat_id, $add_history = true) { $usr_id = Auth::getUserID(); $stmt = 'SELECT iat_iss_id FROM {{%issue_attachment}} WHERE iat_id=?'; $params = array($iat_id); if (Auth::getCurrentRole() < User::ROLE_MANAGER) { $stmt .= ' AND iat_usr_id=?'; $params[] = $usr_id; } try { $res = DB_Helper::getInstance()->getOne($stmt, $params); } catch (DbException $e) { return -1; } if (empty($res)) { return -2; } $issue_id = $res; $files = self::getFileList($iat_id); $stmt = 'DELETE FROM {{%issue_attachment}} WHERE iat_id=? AND iat_iss_id=?'; try { DB_Helper::getInstance()->query($stmt, array($iat_id, $issue_id)); } catch (DbException $e) { return -1; } foreach ($files as $file) { self::removeFile($file['iaf_id']); } if ($add_history) { Issue::markAsUpdated($usr_id); // need to save a history entry for this History::add($issue_id, $usr_id, 'attachment_removed', 'Attachment removed by {user}', array('user' => User::getFullName($usr_id))); } return 1; }
/* * This file is part of the Eventum (Issue Tracking System) package. * * @copyright (c) Eventum Team * @license GNU General Public License, version 2 or later (GPL-2+) * * For the full copyright and license information, * please see the COPYING and AUTHORS files * that were distributed with this source code. */ require_once __DIR__ . '/../../init.php'; $tpl = new Template_Helper(); $tpl->setTemplate('manage/time_tracking.tpl.html'); Auth::checkAuthentication(); $role_id = Auth::getCurrentRole(); if ($role_id < User::ROLE_MANAGER) { Misc::setMessage(ev_gettext('Sorry, you are not allowed to access this page.'), Misc::MSG_ERROR); $tpl->displayTemplate(); exit; } $prj_id = isset($_POST['prj_id']) ? (int) $_POST['prj_id'] : (int) $_GET['prj_id']; $cat = isset($_POST['cat']) ? (string) $_POST['cat'] : null; $tpl->assign('project', Project::getDetails($prj_id)); if ($cat == 'new') { $title = $_POST['title']; $res = Time_Tracking::insertCategory($prj_id, $title); Misc::mapMessages($res, array(1 => array(ev_gettext('Thank you, the time tracking category was added successfully.'), Misc::MSG_INFO), -1 => array(ev_gettext('An error occurred while trying to add the new time tracking category.'), Misc::MSG_INFO), -2 => array(ev_gettext('Please enter the title for this new time tracking category.'), Misc::MSG_ERROR))); } elseif ($cat == 'update') { $title = (string) $_POST['title']; $prj_id = (int) $_POST['prj_id'];
$tpl->setTemplate('reports/stalled_issues.tpl.html'); Auth::checkAuthentication(); if (!Access::canAccessReports(Auth::getUserID())) { echo 'Invalid role'; exit; } $prj_id = Auth::getCurrentProject(); if (count(@$_REQUEST['before']) < 1) { $before = date('Y-m-d', time() - Date_Helper::MONTH); } else { $before = implode('-', $_REQUEST['before']); } if (count(@$_REQUEST['after']) < 1) { $after = date('Y-m-d', time() - Date_Helper::YEAR); } else { $after = implode('-', $_REQUEST['after']); } if (empty($_REQUEST['sort_order'])) { $_REQUEST['sort_order'] = 'ASC'; } $data = Report::getStalledIssuesByUser($prj_id, @$_REQUEST['developers'], @$_REQUEST['status'], $before, $after, $_REQUEST['sort_order']); $groups = Group::getAssocList($prj_id); $assign_options = array(); if (count($groups) > 0 && Auth::getCurrentRole() > User::ROLE_CUSTOMER) { foreach ($groups as $grp_id => $grp_name) { $assign_options["grp:{$grp_id}"] = 'Group: ' . $grp_name; } } $assign_options += Project::getUserAssocList($prj_id, 'active', User::ROLE_USER); $tpl->assign(array('users' => $assign_options, 'before_date' => $before, 'after_date' => $after, 'data' => $data, 'developers' => @$_REQUEST['developers'], 'status_list' => Status::getAssocStatusList($prj_id), 'status' => @$_REQUEST['status'], 'sort_order' => $_REQUEST['sort_order'])); $tpl->displayTemplate();