Пример #1
0
 function action_updateproject()
 {
     global $proj, $db, $baseurl;
     if (Post::val('delete_project')) {
         $url = Post::val('move_to') ? CreateURL(array('pm', 'proj' . Post::num('move_to'), 'prefs')) : $baseurl;
         if (Backend::delete_project($proj->id, Post::val('move_to'))) {
             return array(SUBMIT_OK, L('projectdeleted'), $url);
         } else {
             return array(ERROR_INPUT, L('projectnotdeleted'), $url);
         }
     }
     if (!Post::val('project_title')) {
         return array(ERROR_RECOVER, L('emptytitle'));
     }
     $cols = array('project_title', 'theme_style', 'lang_code', 'default_task', 'default_entry', 'intro_message', 'notify_email', 'notify_jabber', 'notify_subject', 'notify_reply', 'feed_description', 'feed_img_url', 'svn_user', 'svn_url', 'svn_password', 'mail_headers');
     $args = array_map('Post_to0', $cols);
     foreach (array('others_view', 'anon_open', 'send_digest', 'anon_view_tasks', 'anon_group', 'comment_closed', 'auto_assign', 'roadmap_field', 'override_user_lang') as $name) {
         $cols[] = $name;
         $args[] = Post::num($name);
     }
     foreach (array('notify_types', 'changelog_reso', 'syntax_plugins') as $name) {
         $cols[] = $name;
         $args[] = implode(' ', (array) Post::val($name));
     }
     // invalidate the cache if necessary
     if (implode(' ', (array) Post::val('syntax_plugins')) != $proj->prefs['syntax_plugins']) {
         $db->execParam('DELETE FROM {cache} WHERE project_id = ?', $proj->id);
     }
     // carefully check the project prefix...
     $prefix = Post::val('project_prefix');
     // already in use?
     $use = $db->x->GetOne('SELECT project_id FROM {projects} WHERE project_prefix = ? AND project_id != ?', null, array($prefix, $proj->id));
     if (Filters::isAlnum($prefix) && $prefix != 'FS' && !$use) {
         $cols[] = 'project_prefix';
         $args[] = $prefix;
     } else {
         return array(ERROR_RECOVER, L('badprefix'));
     }
     $cols[] = 'last_updated';
     $args[] = time();
     $cols[] = 'default_cat_owner';
     $args[] = Flyspray::UserNameToId(Post::val('default_cat_owner'));
     $db->x->autoExecute('{projects}', array_combine($cols, $args), MDB2_AUTOQUERY_UPDATE, sprintf('project_id = %d', $proj->id));
     $db->x->execParam('UPDATE {projects} SET visible_columns = ? WHERE project_id = ?', array(trim(Post::val('visible_columns')), $proj->id));
     return array(SUBMIT_OK, L('projectupdated'));
 }
Пример #2
0
     // ##################
     // adding a version list item
     // ##################
 // ##################
 // adding a version list item
 // ##################
 case 'pm.add_to_version_list':
 case 'admin.add_to_version_list':
     if (!$user->perms('manage_project') || !isset($list_table_name)) {
         break;
     }
     if (!Post::val('list_name')) {
         Flyspray::show_error(L('fillallfields'));
         break;
     }
     $position = Post::num('list_position');
     if (!$position) {
         $position = $db->FetchOne($db->Query("SELECT max(list_position)+1\n                                                    FROM {$list_table_name}\n                                                   WHERE project_id = ?", array($proj->id)));
     }
     $check = $db->Query("SELECT COUNT(*)\n                               FROM {$list_table_name}\n                              WHERE (project_id = 0 OR project_id = ?)\n                                AND {$list_column_name} = ?", array($proj->id, Post::val('list_name')));
     $itemexists = $db->FetchOne($check);
     if ($itemexists) {
         Flyspray::show_error(sprintf(L('itemexists'), Post::val('list_name')));
         return;
     }
     $db->Query("INSERT INTO  {$list_table_name}\n                                (project_id, {$list_column_name}, list_position, show_in_list, version_tense)\n                        VALUES  (?, ?, ?, ?, ?)", array($proj->id, Post::val('list_name'), intval($position), '1', Post::val('version_tense')));
     $_SESSION['SUCCESS'] = L('listitemadded');
     break;
     // ##################
     // updating the category list
     // ##################
Пример #3
0
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Remove the folder ' . DIRECTORY_SEPARATOR . 'setup</a> before you start using Flyspray</p>
');
}
# load the correct $proj early also for checks on quickedit.php taskediting calls
if (BASEDIR . DIRECTORY_SEPARATOR . 'js' . DIRECTORY_SEPARATOR . 'callbacks' . DIRECTORY_SEPARATOR . 'quickedit.php' == $_SERVER['SCRIPT_FILENAME'] && Post::num('task_id')) {
    $result = $db->Query('SELECT project_id FROM {tasks} WHERE task_id = ?', array(Post::num('task_id')));
    $project_id = $db->FetchOne($result);
} elseif (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) {
    if (Req::num('task_id')) {
        $result = $db->Query('SELECT project_id FROM {tasks} WHERE task_id = ?', array(Req::num('task_id')));
        $project_id = $db->FetchOne($result);
    }
}
if (Req::val('do') == 'pm' && Req::val('area') == 'editgroup') {
    if (Req::num('id')) {
        $result = $db->Query('SELECT project_id FROM {groups} WHERE group_id = ?', array(Req::num('id')));
        $project_id = $db->FetchOne($result);
    }
}
if (!isset($project_id)) {
    $project_id = $fs->prefs['default_project'];
Пример #4
0
 function action_sendcode()
 {
     global $user, $db, $fs, $conf, $baseurl;
     if (!Post::val('user_name') || !Post::val('real_name') || !Post::val('email_address')) {
         // If the form wasn't filled out correctly, show an error
         return array(ERROR_RECOVER, L('registererror'));
     }
     $email = Post::val('email_address');
     $jabber_id = Post::val('jabber_id');
     //email is mandatory
     if (!$email || !Flyspray::check_email($email)) {
         return array(ERROR_RECOVER, L('novalidemail'));
     }
     //jabber_id is optional
     if ($jabber_id && !Jabber::check_jid($jabber_id)) {
         return array(ERROR_RECOVER, L('novalidjabber'));
     }
     $user_name = Backend::clean_username(Post::val('user_name'));
     // Limit lengths
     $real_name = substr(trim(Post::val('real_name')), 0, 100);
     // Remove doubled up spaces and control chars
     $real_name = preg_replace('![\\x00-\\x1f\\s]+!u', ' ', $real_name);
     if (!$user_name || !$real_name) {
         return array(ERROR_RECOVER, L('entervalidusername'));
     }
     // Delete registration codes older than 24 hours
     $yesterday = time() - 86400;
     $db->x->execParam('DELETE FROM {registrations} WHERE reg_time < ?', $yesterday);
     $taken = $db->x->getRow('SELECT u.user_id FROM {users} u, {registrations} r
                               WHERE u.user_name = ? OR r.user_name = ?', null, array($user_name, $user_name));
     if ($taken) {
         return array(ERROR_RECOVER, L('usernametaken'));
     }
     $taken = $db->x->getRow("SELECT user_id\n                                   FROM {users}\n                                  WHERE jabber_id = ? AND jabber_id != NULL\n                                        OR email_address = ? AND email_address != NULL", null, array($jabber_id, $email));
     if ($taken) {
         return array(ERROR_RECOVER, L('emailtaken'));
     }
     if ($fs->prefs['use_recaptcha']) {
         $solution = new reCAPTCHA_Solution();
         $solution->privatekey = $fs->prefs['recaptcha_priv_key'];
         $solution->challenge = Post::val('recaptcha_challenge_field');
         $solution->response = Post::val('recaptcha_response_field');
         $solution->remoteip = $_SERVER['REMOTE_ADDR'];
         if (!$solution->isValid()) {
             return array(ERROR_RECOVER, $solution->error_code);
         }
     }
     $magic_url = substr(md5(uniqid(rand(), true)), 0, 20);
     //send the email first.
     if (Notifications::send(Post::val('email_address'), ADDRESS_EMAIL, NOTIFY_CONFIRMATION, array($baseurl, $magic_url, $user_name))) {
         //email sent succefully, now update the database.
         $reg_values = array('reg_time' => time(), 'user_name' => $user_name, 'real_name' => $real_name, 'email_address' => Post::val('email_address'), 'jabber_id' => Post::val('jabber_id'), 'notify_type' => Post::num('notify_type'), 'magic_url' => $magic_url, 'time_zone' => Post::num('time_zone'));
         // Insert everything into the database
         $query = $db->x->autoExecute('{registrations}', $reg_values);
         if (!PEAR::isError($query)) {
             return array(SUBMIT_OK, L('codesent'), $baseurl);
         }
     } else {
         return array(ERROR_INPUT, L('codenotsent'));
     }
 }
Пример #5
0
 function action_add_to_list()
 {
     global $fs, $db, $proj, $user;
     if (!Post::val('item_name')) {
         return array(ERROR_RECOVER, L('fillallfields'));
     }
     $position = Post::num('list_position');
     if (!$position) {
         $position = intval($db->x->GetOne('SELECT max(list_position)+1
                                           FROM {list_items}
                                          WHERE list_id = ?', null, Post::val('list_id')));
     }
     $cols = array('item_name', 'list_id');
     if (Post::val('version_tense')) {
         $cols[] = 'version_tense';
     }
     $params = array();
     $params[] = $position;
     $params = array_merge($params, array_map('Post_to0', $cols));
     $params[] = 1;
     array_unshift($cols, 'list_position');
     array_push($cols, 'show_in_list');
     $db->x->autoExecute('{list_items}', array_combine($cols, $params));
     return array(SUBMIT_OK, L('listitemadded'));
 }
Пример #6
0
<?php

/*
    This script is the AJAX callback that deletes a user's saved search
*/
define('IN_FS', true);
require_once '../../header.php';
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'));
    $user->check_account_ok();
    if (!Post::has('csrftoken')) {
        header(':', true, 428);
        # 'Precondition Required'
        die('missingtoken');
    } elseif (Post::val('csrftoken') == $_SESSION['csrftoken']) {
        # empty
    } else {
        header(':', true, 412);
        # 'Precondition Failed'
        die('wrongtoken');
    }
    if (!$user->isAnon()) {
        $db->Query('DELETE FROM {searches} WHERE id = ? AND user_id = ?', array(Post::num('id'), $user->id));
        echo $db->AffectedRows();
    }
}
Пример #7
0
 function action_updatenote()
 {
     global $db, $user;
     if (!Post::val('message_subject')) {
         return array(ERROR_RECOVER, L('enternotesubject'));
     }
     $num = $db->x->autoExecute('{notes}', array('message_subject' => Post::val('message_subject'), 'message_body' => Post::val('message_body'), 'last_updated' => time(), 'syntax_plugins' => implode(' ', (array) Post::val('message_body_syntax_plugins'))), MDB2_AUTOQUERY_UPDATE, sprintf('note_id = %d AND user_id = %d', Post::num('note_id'), $user->id));
     if ($num) {
         return array(SUBMIT_OK, L('noteupdated'), CreateUrl(array('myprofile', 'notes'), array('note_id' => Post::val('note_id'))));
     } else {
         return array(ERROR_INPUT, L('notedoesnotexist'));
     }
 }
Пример #8
0
 function action_close($task)
 {
     global $user, $db, $fs, $proj;
     if (!$user->can_close_task($task)) {
         return array(ERROR_PERMS);
     }
     if ($task['is_closed']) {
         return array(ERROR_INPUT, L('taskalreadyclosed'));
     }
     if (!Post::val('resolution_reason')) {
         return array(ERROR_RECOVER, L('noclosereason'));
     }
     if (Post::num('close_after_num') && Post::num('close_after_type')) {
         // prepare auto close
         $db->x->execParam('UPDATE  {tasks}
                          SET  closed_by = ?, closure_comment = ?,
                               resolution_reason = ?, last_edited_time = ?,
                               last_edited_by = ?, close_after = ?, percent_complete = ?
                        WHERE  task_id = ?', array($user->id, Post::val('closure_comment', ''), Post::val('resolution_reason'), time(), $user->id, Post::num('close_after_num') * Post::num('close_after_type'), (bool) Post::num('mark100') * 100, $task['task_id']));
         return array(SUBMIT_OK, L('taskautoclosedmsg'));
     }
     Backend::close_task($task['task_id'], Post::val('resolution_reason'), Post::val('closure_comment', ''), Post::val('mark100', false));
     return array(SUBMIT_OK, L('taskclosedmsg'));
 }
Пример #9
0
}
// Import previous values
$args = $task;
if (is_array($args['assigned_to'])) {
    $args['assigned_to'] = implode(';', $task['assigned_to_uname']);
}
$fieldname = Post::val('field');
switch ($fieldname) {
    case 'summary':
        $args['item_summary'] = Post::val('value');
        break;
    case 'project':
        $args['project_id'] = Post::num('value');
        break;
    case 'progress':
        $args['percent_complete'] = Post::num('value');
        break;
    case 'assigned_to':
        $args['assigned_to'] = Post::val('value');
        $fieldname = 'assignedto';
        break;
    default:
        // now all the custom fields
        $field = new Field(substr($fieldname, 5));
        if ($field->id) {
            $args[$fieldname] = Post::val('value');
        }
}
// Let our backend function do the rest
Backend::edit_task($task, $args);
// let's get the updated value
Пример #10
0
<?php

define('IN_FS', true);
require_once '../../header.php';
// Require inputs
if (!Post::has('detail') || !Post::has('summary') || !Post::has('project_id')) {
    return;
}
// Load user profile
if (Cookie::has('flyspray_userid') && Cookie::has('flyspray_passhash')) {
    $user = new User(Cookie::val('flyspray_userid'));
    $user->check_account_ok();
} else {
    $user = new User(0, $proj);
}
// Require right to open a task on current project
if (!$user->can_open_task($proj)) {
    return;
}
// Prepare SQL params
$params = array('project_id' => Post::num('project_id'), 'summary' => "%" . trim(Post::val('summary')) . "%", 'details' => "%" . trim(Post::val('detail')) . "%");
$sql = $db->Query('SELECT count(*) 
		   FROM {tasks} t
		   WHERE t.project_id = ? 
		   	AND t.item_summary like ? 
		   	AND t.detailed_desc like ?', $params);
$sametask = $db->fetchOne($sql);
echo $sametask;