$t_user_id = gpc_get_int('user_id');
} else {
$t_user_id = user_get_id_by_name($f_username);
if ($t_user_id === false) {
# If we can't find the user by name, attempt to find by email.
$t_user_id = user_get_id_by_email($f_username);
if ($t_user_id === false) {
error_parameters($f_username);
trigger_error(ERROR_USER_BY_NAME_NOT_FOUND, ERROR);
}
}
}
$t_user = user_get_row($t_user_id);
# Ensure that the account to be updated is of equal or lower access to the
# current user.
access_ensure_global_level($t_user['access_level']);
$t_ldap = LDAP == config_get('login_method');
html_page_top();
print_manage_menu();
?>
<br />
<!-- USER INFO -->
<div align="center">
<form method="post" action="manage_user_update.php">
<?php
echo form_security_field('manage_user_update');
?>
<table class="width75" cellspacing="1">
* @uses lang_api.php
* @uses print_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('current_user_api.php');
require_api('event_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
auth_reauthenticate();
access_ensure_global_level(config_get('create_project_threshold'));
html_page_top();
print_manage_menu('manage_proj_create_page.php');
$f_parent_id = gpc_get('parent_id', null);
if (project_table_empty()) {
echo '<br />';
echo '<div id="create-first-project" class="important-msg">';
echo '<ul>';
echo '<li>' . lang_get('create_first_project') . '</li>';
echo '</ul>';
echo '</div>';
}
?>
<div id="manage-project-create-div" class="form-container">
<form method="post" id="manage-project-create-form" action="manage_proj_create.php">
<?php
# Copyright (c) 2012 John Reese
# Licensed under the MIT license
require_once config_get('plugin_path') . 'Source/Source.ViewAPI.php';
access_ensure_global_level(plugin_config_get('view_threshold'));
$f_offset = gpc_get_int('offset', 1);
$f_perpage = 25;
require_once config_get('plugin_path') . 'Source' . DIRECTORY_SEPARATOR . 'Source.FilterAPI.php';
# Generate listing
list($t_filter, $t_permalink) = Source_Generate_Filter();
list($t_changesets, $t_count) = $t_filter->find($f_offset);
$t_repos = SourceRepo::load_by_changesets($t_changesets);
html_page_top1(plugin_lang_get('title'));
html_page_top2();
?>
<br/>
<table class="width100" align="center" cellspacing="1">
<tr>
<td class="form-title" colspan="2"><?php
echo plugin_lang_get('search_changesets');
?>
</td>
<td class="right" colspan="2">
<?php
print_bracket_link(plugin_page('search') . $t_permalink, plugin_lang_get('permalink'));
print_bracket_link(plugin_page('search_page') . $t_permalink, plugin_lang_get('modify_search'));
print_bracket_link(plugin_page('search_page'), plugin_lang_get('new_search'));
?>
$t_email = email_append_domain(trim($f_email));
email_ensure_valid($t_email);
email_ensure_not_disposable($t_email);
}
$c_email = $t_email;
$c_username = $f_username;
$c_realname = $t_realname;
$c_protected = db_prepare_bool($f_protected);
$c_enabled = db_prepare_bool($f_enabled);
$c_user_id = db_prepare_int($f_user_id);
$c_access_level = db_prepare_int($f_access_level);
$t_user_table = db_get_table('user');
$t_old_protected = $t_user['protected'];
# Ensure that users aren't escalating privileges of accounts beyond their
# own global access level.
access_ensure_global_level($f_access_level);
# check that we are not downgrading the last administrator
$t_admin_threshold = config_get_global('admin_site_threshold');
if (user_is_administrator($f_user_id) && $f_access_level < $t_admin_threshold && user_count_level($t_admin_threshold) <= 1) {
trigger_error(ERROR_USER_CHANGE_LAST_ADMIN, ERROR);
}
# Project specific access rights override global levels, hence, for users who are changed
# to be administrators, we have to remove project specific rights.
if ($f_access_level >= $t_admin_threshold && !user_is_administrator($f_user_id)) {
user_delete_project_specific_access_levels($f_user_id);
}
# if the user is already protected and the admin is not removing the
# protected flag then don't update the access level and enabled flag.
# If the user was unprotected or the protected flag is being turned off
# then proceed with a full update.
$query_params = array();
$f_os_build = gpc_get_string('os_build');
$f_description = gpc_get_string('description');
if (profile_is_global($f_profile_id)) {
access_ensure_global_level(config_get('manage_global_profile_threshold'));
profile_update(ALL_USERS, $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description);
form_security_purge('profile_update');
print_header_redirect('manage_prof_menu_page.php');
} else {
profile_update(auth_get_current_user_id(), $f_profile_id, $f_platform, $f_os, $f_os_build, $f_description);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
}
break;
case 'delete':
if (profile_is_global($f_profile_id)) {
access_ensure_global_level(config_get('manage_global_profile_threshold'));
profile_delete(ALL_USERS, $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('manage_prof_menu_page.php');
} else {
profile_delete(auth_get_current_user_id(), $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
}
break;
case 'make_default':
current_user_set_pref('default_profile', $f_profile_id);
form_security_purge('profile_update');
print_header_redirect('account_prof_menu_page.php');
break;
}
<?php
/**************************************************************************
MantisBT Seeder Plugin
Copyright (c) MantisHub - Victor Boctor
All rights reserved.
MIT License
**************************************************************************/
access_ensure_global_level(ADMINISTRATOR);
require_once dirname(dirname(__FILE__)) . '/core/Seeder.php';
html_page_top1();
html_meta_redirect(plugin_page('config_page'));
html_page_top2();
$f_create_issues = gpc_isset('create_issues');
$g_enable_email_notification = OFF;
$t_seeder = new Seeder();
if ($f_create_issues !== OFF) {
$t_project_ids = $t_seeder->createProjects();
$t_seeder->createIssues($t_project_ids);
}
echo '<div class="success-msg">';
echo lang_get('operation_successful');
echo '</div>';
html_page_bottom();
/**
* Delete a tag with the given ID.
* @param integer Tag ID
*/
function tag_delete($p_tag_id)
{
tag_ensure_exists($p_tag_id);
access_ensure_global_level(config_get('tag_edit_threshold'));
$t_bugs = tag_get_bugs_attached($p_tag_id);
foreach ($t_bugs as $t_bug_id) {
tag_bug_detach($p_tag_id, $t_bug_id);
}
$c_tag_id = db_prepare_int($p_tag_id);
$t_tag_table = config_get('mantis_tag_table');
$t_bug_tag_table = config_get('mantis_bug_tag_table');
$query = "DELETE FROM {$t_tag_table}\r\n\t\t\t\t\tWHERE id='{$c_tag_id}'";
db_query($query);
return true;
}
# --------------------------------------------------------
# This page stores the reported bug
require_once 'core.php';
$t_core_path = config_get('core_path');
# helper_ensure_post();
$f_user_id = gpc_get_int('user_id');
$f_project_id = gpc_get_int('project_id');
$f_config_option = gpc_get_string('config_option');
$f_type = gpc_get_string('type');
$f_value = gpc_get_string('value');
if (is_blank($f_config_option)) {
error_parameters('config_option');
trigger_error(ERROR_EMPTY_FIELD, ERROR);
}
if ($f_project_id == ALL_PROJECTS) {
access_ensure_global_level(config_get('set_configuration_threshold'));
} else {
access_ensure_project_level(config_get('set_configuration_threshold'), $f_project_id);
}
# make sure that configuration option specified is a valid one.
$t_not_found_value = '***CONFIG OPTION NOT FOUND***';
if (config_get_global($f_config_option, $t_not_found_value) === $t_not_found_value) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_NOT_FOUND, ERROR);
}
# make sure that configuration option specified can be stored in the database
if (!config_can_set_in_database($f_config_option)) {
error_parameters($f_config_option);
trigger_error(ERROR_CONFIG_OPT_CANT_BE_SET_IN_DB, ERROR);
}
if ($f_type === 'default') {
/**
* Uninstall a plugin from the database.
* @param MantisPlugin $p_plugin Plugin basename.
* @return void
*/
function plugin_uninstall(MantisPlugin $p_plugin)
{
access_ensure_global_level(config_get_global('manage_plugin_threshold'));
if (!plugin_is_installed($p_plugin->basename) || plugin_protected($p_plugin->basename)) {
return;
}
db_param_push();
$t_query = 'DELETE FROM {plugin} WHERE basename=' . db_param();
db_query($t_query, array($p_plugin->basename));
plugin_push_current($p_plugin->basename);
$p_plugin->uninstall();
plugin_pop_current();
}
<?php
require_once __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'uvConst.php';
require_once __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'userprojectapi.php';
auth_reauthenticate();
access_ensure_global_level(plugin_config_get('UserProjectAccessLevel'));
html_page_top1(plugin_lang_get('config_title'));
html_page_top2();
print_manage_menu();
echo '<script type="text/javascript" src="plugins/UserProjectView/javascript/jscolor/jscolor.js"></script>';
echo '<br/>';
echo '<form action="' . plugin_page('config_update') . '" method="post">';
echo form_security_field('plugin_UserProjectView_config_update');
if (userprojectapi::is_mantis_rel()) {
echo '<table align="center" class="width75" cellspacing="1">';
} else {
echo '<div class="form-container">';
echo '<table>';
}
print_config_table_title_row(5, 'config_caption');
print_config_table_row();
echo '<td class="category" colspan="2">';
echo '<span class="required">*</span>' . plugin_lang_get('config_accesslevel');
echo '</td>';
echo '<td width="100px" colspan="5">';
echo '<select name="UserProjectAccessLevel">';
print_enum_string_option_list('access_levels', plugin_config_get('UserProjectAccessLevel', PLUGINS_USERPROJECTVIEW_THRESHOLD_LEVEL_DEFAULT));
echo '</select>';
echo '</td>';
echo '</tr>';
print_config_table_row();
/**
* Delete a tag with the given ID.
* @param integer $p_tag_id The tag ID to delete.
* @return boolean
*/
function tag_delete($p_tag_id)
{
tag_ensure_exists($p_tag_id);
access_ensure_global_level(config_get('tag_edit_threshold'));
$t_bugs = tag_get_bugs_attached($p_tag_id);
foreach ($t_bugs as $t_bug_id) {
tag_bug_detach($p_tag_id, $t_bug_id);
}
$t_query = 'DELETE FROM {tag} WHERE id=' . db_param();
db_query($t_query, array($p_tag_id));
return true;
}
* @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*
* @uses core.php
* @uses access_api.php
* @uses config_api.php
* @uses constant_inc.php
* @uses html_api.php
* @uses lang_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('html_api.php');
require_api('lang_api.php');
if (!config_get('time_tracking_enabled')) {
trigger_error(ERROR_ACCESS_DENIED, ERROR);
}
access_ensure_global_level(config_get('time_tracking_reporting_threshold'));
html_page_top(lang_get('time_tracking_billing_link'));
?>
<br />
<?php
# Work break-down
define('BILLING_INC_ALLOW', true);
include dirname(__FILE__) . DIRECTORY_SEPARATOR . 'billing_inc.php';
html_page_bottom();
<?php
auth_reauthenticate();
access_ensure_global_level(config_get('AccessLevel'));
form_security_validate('plugin_StoryBoard_config_update');
require_once STORYBOARD_CORE_URI . 'storyboard_constant_api.php';
require_once STORYBOARD_CORE_URI . 'storyboard_config_api.php';
require_once STORYBOARD_CORE_URI . 'storyboard_db_api.php';
$storyboard_config_api = new storyboard_config_api();
$storyboard_db_api = new storyboard_db_api();
$option_change = gpc_get_bool('change', false);
$option_addtype = gpc_get_bool('addtype', false);
$option_deltype = gpc_get_bool('deletetype', false);
$option_changetype = gpc_get_bool('changetype', false);
/**
* Submit configuration changes
*/
if ($option_change) {
$storyboard_config_api->updateValue('AccessLevel', ADMINISTRATOR);
$storyboard_config_api->updateButton('ShowInFooter');
if (!empty($_POST['status_cols'])) {
foreach ($_POST['status_cols'] as $status_cols) {
$status_cols = gpc_get_int_array('status_cols');
if (plugin_config_get('status_cols') != $status_cols) {
plugin_config_set('status_cols', $status_cols);
}
}
}
}
/**
* Add a type
# MantisBT is distributed in the hope that it will be useful,
# but WITHOUT ANY WARRANTY; without even the implied warranty of
# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
# GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public License
# along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
/**
* Display warning to users before upgrading MantisBT
* @package MantisBT
* @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
require_once dirname(dirname(__FILE__)) . '/core.php';
access_ensure_global_level(config_get_global('admin_site_threshold'));
$g_error_send_page_header = false;
# suppress page headers in the error handler
# @@@ upgrade list moved to the bottom of upgrade_inc.php
$f_advanced = gpc_get_bool('advanced', false);
html_begin();
?>
<head>
<title>MantisBT Administration - Check Installation </title>
<link rel="stylesheet" type="text/css" href="admin.css" />
</head>
<body>
<table width="100%" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
<tr class="top-bar">
<td class="links">
<?php
require_once 'core/json_api.php';
set_error_handler('json_error_handler');
access_ensure_global_level(plugin_config_get('manage_customers_threshold'));
form_security_validate('manage_customers');
$contents = '';
switch ($_POST['action']) {
case 'deleteGroup':
CustomerManagementDao::deleteGroup(gpc_get_int('customerGroupId'));
break;
case 'deleteService':
CustomerManagementDao::deleteService(gpc_get_int('serviceId'));
break;
case 'deleteCustomer':
CustomerManagementDao::deleteCustomer(gpc_get_int('customerId'));
break;
case 'saveGroup':
CustomerManagementDao::saveGroup(gpc_get_int('id', null), gpc_get_string('name'));
break;
case 'saveService':
CustomerManagementDao::saveService(gpc_get_int('id', null), gpc_get_string('name'));
break;
case 'saveCustomer':
CustomerManagementDao::saveCustomer(gpc_get_int('id', null), gpc_get_string('name'), gpc_get_int('customer_group_id'), gpc_get_string('email'), gpc_get_int_array('service_id', array()));
break;
case 'sendNotification':
CustomerNotifier::notifyCustomers(gpc_get_int_array('customer_id'), gpc_get_string('from'), gpc_get_string('to'));
break;
case 'previewNotification':
$contents = CustomerNotifier::buildNotificationEmails(gpc_get_int_array('customer_id'), gpc_get_string('from'), gpc_get_string('to'));
* @uses user_api.php
*/
require_once 'core.php';
require_api('access_api.php');
require_api('compress_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
require_api('user_api.php');
access_ensure_global_level(config_get('tag_edit_threshold'));
compress_enable();
$t_can_edit = access_has_global_level(config_get('tag_edit_threshold'));
$f_filter = utf8_strtoupper(gpc_get_string('filter', config_get('default_manage_tag_prefix')));
$f_page_number = gpc_get_int('page_number', 1);
# Start Index Menu
$t_prefix_array = array('ALL');
for ($i = 'A'; $i != 'AA'; $i++) {
$t_prefix_array[] = $i;
}
for ($i = 0; $i <= 9; $i++) {
$t_prefix_array[] = (string) $i;
}
if ($f_filter === 'ALL') {
$t_name_filter = '';
} else {
/**
* Delete a tag with the given ID.
* @param integer Tag ID
*/
function tag_delete($p_tag_id)
{
tag_ensure_exists($p_tag_id);
access_ensure_global_level(config_get('tag_edit_threshold'));
$t_bugs = tag_get_bugs_attached($p_tag_id);
foreach ($t_bugs as $t_bug_id) {
tag_bug_detach($p_tag_id, $t_bug_id);
}
$c_tag_id = db_prepare_int($p_tag_id);
$t_tag_table = db_get_table('tag');
$t_bug_tag_table = db_get_table('bug_tag');
$query = "DELETE FROM {$t_tag_table}\n\t\t\t\t\tWHERE id=" . db_param();
db_query_bound($query, array($c_tag_id));
return true;
}
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('custom_field_api.php');
require_api('form_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('string_api.php');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_custom_fields_threshold'));
html_page_top(lang_get('manage_custom_field_link'));
print_manage_menu('manage_custom_field_page.php');
?>
<div class="table-container">
<h2><?php
echo lang_get('custom_fields_setup');
?>
</h2>
<table cellspacing="1" cellpadding="5" border="1">
<tr>
<th class="category"><?php
echo lang_get('custom_field_name');
?>
</th>
/**
* Uninstall a plugin from the database.
* @param string Plugin basename
*/
function plugin_uninstall($p_plugin)
{
access_ensure_global_level(config_get_global('manage_plugin_threshold'));
if (!plugin_is_installed($p_plugin->basename) || plugin_protected($p_plugin->basename)) {
return;
}
$t_plugin_table = db_get_table('plugin');
$t_query = "DELETE FROM {$t_plugin_table} WHERE basename=" . db_param();
db_query_bound($t_query, array($p_plugin->basename));
plugin_push_current($p_plugin->basename);
$p_plugin->uninstall();
plugin_pop_current();
}
* @uses gpc_api.php
* @uses print_api.php
*/
/** @ignore */
define('PLUGINS_DISABLED', true);
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('print_api.php');
form_security_validate('manage_plugin_update');
auth_reauthenticate();
access_ensure_global_level(config_get('manage_plugin_threshold'));
$t_plugin_table = db_get_table('plugin');
$t_query = "SELECT basename FROM {$t_plugin_table}";
$t_result = db_query_bound($t_query);
while ($t_row = db_fetch_array($t_result)) {
$t_basename = $t_row['basename'];
$f_change = gpc_get_bool('change_' . $t_basename, 0);
if (!$f_change) {
continue;
}
$f_priority = gpc_get_int('priority_' . $t_basename, 3);
$f_protected = gpc_get_bool('protected_' . $t_basename, 0);
$t_query = "UPDATE {$t_plugin_table} SET priority=" . db_param() . ', protected=' . db_param() . ' WHERE basename=' . db_param();
db_query_bound($t_query, array($f_priority, $f_protected, $t_basename));
}
form_security_purge('manage_plugin_update');
<?php
require_once __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'uvConst.php';
require_once __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'databaseapi.php';
require_once __DIR__ . DIRECTORY_SEPARATOR . '..' . DIRECTORY_SEPARATOR . 'core' . DIRECTORY_SEPARATOR . 'userprojectapi.php';
auth_reauthenticate();
access_ensure_global_level(config_get('UserProjectAccessLevel', ADMINISTRATOR));
form_security_validate('plugin_UserProjectView_config_update');
$option_reset = gpc_get_bool('reset', false);
$option_change = gpc_get_bool('change', false);
if ($option_reset) {
$databaseapi = new databaseapi();
$databaseapi->reset_plugin();
}
if ($option_change) {
update_single_value('UserProjectAccessLevel', ADMINISTRATOR);
userprojectapi::editPluginInWhiteboardMenu('plugin_access_level', gpc_get_int('UserProjectAccessLevel', ADMINISTRATOR));
update_button('ShowMenu');
userprojectapi::editPluginInWhiteboardMenu('plugin_show_menu', gpc_get_int('ShowMenu'));
update_button('ShowInFooter');
update_button('ShowAvatar');
update_button('IAUHighlighting');
update_color('IAUHBGColor', '#E67C7C');
update_button('URIUHighlighting');
update_color('URIUHBGColor', '#E67C7C');
update_button('NUIHighlighting');
update_color('NUIHBGColor', '#FCBDBD');
update_button('ShowZIU');
update_button('ZIHighlighting');
update_color('ZIHBGColor', '#F8FFCC');
update_button('layer_one_name');
