/**
* Validates the Attach Tags group action.
* Gets called for every bug, but performs the real tag validation only
* the first time. Any invalid tags will be skipped, as there is no simple
* or clean method of presenting these errors to the user.
* @param integer Bug ID
* @return boolean True
*/
function action_attach_tags_validate($p_bug_id)
{
global $g_action_attach_tags_valid;
if (!isset($g_action_attach_tags_valid)) {
$f_tag_string = gpc_get_string('tag_string');
$f_tag_select = gpc_get_string('tag_select');
global $g_action_attach_tags_attach, $g_action_attach_tags_create, $g_action_attach_tags_failed;
$g_action_attach_tags_attach = array();
$g_action_attach_tags_create = array();
$g_action_attach_tags_failed = array();
$t_tags = tag_parse_string($f_tag_string);
$t_can_create = access_has_global_level(config_get('tag_create_threshold'));
foreach ($t_tags as $t_tag_row) {
if (-1 == $t_tag_row['id']) {
if ($t_can_create) {
$g_action_attach_tags_create[] = $t_tag_row;
} else {
$g_action_attach_tags_failed[] = $t_tag_row;
}
} elseif (-2 == $t_tag_row['id']) {
$g_action_attach_tags_failed[] = $t_tag_row;
} else {
$g_action_attach_tags_attach[] = $t_tag_row;
}
}
if (0 < $f_tag_select && tag_exists($f_tag_select)) {
$g_action_attach_tags_attach[] = tag_get($f_tag_select);
}
}
global $g_action_attach_tags_attach, $g_action_attach_tags_create, $g_action_attach_tags_failed;
return true;
}
/**
* Get username, realname and email from for a given user id
* @param integer $p_user_id A valid user identifier.
* @return array
*/
function mci_account_get_array_by_id($p_user_id)
{
$t_result = array();
$t_result['id'] = $p_user_id;
if (user_exists($p_user_id)) {
$t_current_user_id = auth_get_current_user_id();
$t_access_level = user_get_field($t_current_user_id, 'access_level');
$t_can_manage = access_has_global_level(config_get('manage_user_threshold')) && access_has_global_level($t_access_level);
# this deviates from the behaviour of view_user_page.php, but it is more intuitive
$t_is_same_user = $t_current_user_id === $p_user_id;
$t_can_see_realname = access_has_project_level(config_get('show_user_realname_threshold'));
$t_can_see_email = access_has_project_level(config_get('show_user_email_threshold'));
$t_result['name'] = user_get_field($p_user_id, 'username');
if ($t_is_same_user || $t_can_manage || $t_can_see_realname) {
$t_realname = user_get_realname($p_user_id);
if (!empty($t_realname)) {
$t_result['real_name'] = $t_realname;
}
}
if ($t_is_same_user || $t_can_manage || $t_can_see_email) {
$t_email = user_get_email($p_user_id);
if (!empty($t_email)) {
$t_result['email'] = $t_email;
}
}
}
return $t_result;
}
function options()
{
plugin_push_current('CustomerManagement');
if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) {
$options = array(1 => lang_get('yes'), 2 => lang_get('no'));
}
plugin_pop_current();
return $options;
}
public function display($p_bug, $p_columns_target)
{
plugin_push_current('CustomerManagement');
if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) {
$bugData = CustomerManagementDao::getBugData($p_bug->id);
if (count($bugData) > 0) {
$group = CustomerManagementDao::getGroupForCustomer($bugData['customer_id']);
echo string_display_line($group['name']);
}
}
plugin_pop_current();
}
public function display($p_bug, $p_columns_target)
{
plugin_push_current('CustomerManagement');
if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) {
$bugData = CustomerManagementDao::getBugData($p_bug->id);
if (count($bugData) > 0) {
$isBillable = CustomerManagementDao::getService($bugData['is_billable']);
echo string_display_line($isBillable ? lang_get('yes') : lang_get('no'));
}
}
plugin_pop_current();
}
function options()
{
plugin_push_current('CustomerManagement');
if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) {
$options = array();
foreach (CustomerManagementDao::findAllGroups() as $group) {
$options[$group['id']] = $group['name'];
}
}
plugin_pop_current();
return $options;
}
function query($p_filter_input)
{
$invoice = $p_filter_input;
if (is_blank($invoice)) {
return;
}
plugin_push_current('CustomerManagement');
if (access_has_global_level(plugin_config_get('view_customer_fields_threshold'))) {
$t_query = CustomerManagementDao::buildFilterArrayForInvoice($invoice);
}
plugin_pop_current();
return $t_query;
}
/**
* Returns an array of time tracking stats
* @param int $p_project_id project id
* @param string $p_from Starting date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @param string $p_to Ending date (yyyy-mm-dd) inclusive, if blank, then ignored.
* @return array array of bugnote stats
* @access public
*/
function plugin_TimeTracking_stats_get_project_array($p_project_id, $p_from, $p_to)
{
$c_project_id = db_prepare_int($p_project_id);
$c_to = "'" . date("Y-m-d", strtotime("{$p_to}") + SECONDS_PER_DAY - 1) . "'";
$c_from = "'" . $p_from . "'";
//strtotime( $p_from )
if ($c_to === false || $c_from === false) {
error_parameters(array($p_form, $p_to));
trigger_error(ERROR_GENERIC, ERROR);
}
$t_timereport_table = plugin_table('data', 'TimeTracking');
$t_bug_table = db_get_table('mantis_bug_table');
$t_user_table = db_get_table('mantis_user_table');
$t_project_table = db_get_table('mantis_project_table');
if (!is_blank($c_from)) {
$t_from_where = " AND expenditure_date >= {$c_from}";
} else {
$t_from_where = '';
}
if (!is_blank($c_to)) {
$t_to_where = " AND expenditure_date <= {$c_to}";
} else {
$t_to_where = '';
}
if (ALL_PROJECTS != $c_project_id) {
$t_project_where = " AND b.project_id = '{$c_project_id}' ";
} else {
$t_project_where = '';
}
if (!access_has_global_level(plugin_config_get('view_others_threshold'))) {
$t_user_id = auth_get_current_user_id();
$t_user_where = " AND user = '******' ";
} else {
$t_user_where = '';
}
$t_results = array();
$query = "SELECT u.username, p.name as project_name, bug_id, expenditure_date, hours, timestamp, info \nFROM {$t_timereport_table} tr, {$t_bug_table} b, {$t_user_table} u, {$t_project_table} p\nWHERE tr.bug_id=b.id and tr.user=u.id AND p.id = b.project_id\n{$t_project_where} {$t_from_where} {$t_to_where} {$t_user_where}\nORDER BY user, expenditure_date, bug_id";
$result = db_query($query);
while ($row = db_fetch_array($result)) {
$t_results[] = $row;
}
return $t_results;
}
function ERP_print_menu($p_page = '')
{
$t_pages = array('plugin_lang_get' => array('manage_config', 'manage_mailbox'), 'lang_get' => array('documentation_link' => 'view_readme', 'changelog_link' => 'view_changelog'));
if (plugin_config_get('mail_rule_system') == TRUE) {
$t_pages['plugin_lang_get'] = array_merge($t_pages['plugin_lang_get'], array('manage_rule'));
}
if (access_has_global_level(config_get('manage_plugin_threshold'))) {
echo '<div align="center"><p>';
foreach ($t_pages as $t_lang_function => $t_pageset) {
foreach ($t_pageset as $t_page_lang => $t_page_name) {
if (is_int($t_page_lang)) {
$t_page_lang = $t_page_name;
}
$t_page = $p_page !== $t_page_name ? plugin_page($t_page_name) : NULL;
print_bracket_link($t_page, $t_lang_function($t_page_lang));
}
}
echo '</p></div>';
}
}
public function post($request)
{
/**
* Creates a new user.
*
* The user will get a confirmation email, and will have the password provided
* in the incoming representation.
*
* @param $request - The Request we're responding to
*/
if (!access_has_global_level(config_get('manage_user_threshold'))) {
throw new HTTPException(403, "Access denied to create user");
}
$new_user = new User();
$new_user->populate_from_repr($request->body);
$username = $new_user->mantis_data['username'];
$password = $new_user->mantis_data['password'];
$email = email_append_domain($new_user->mantis_data['email']);
$access_level = $new_user->mantis_data['access_level'];
$protected = $new_user->mantis_data['protected'];
$enabled = $new_user->mantis_data['enabled'];
$realname = $new_user->mantis_data['realname'];
if (!user_is_name_valid($username)) {
throw new HTTPException(500, "Invalid username");
} elseif (!user_is_realname_valid($realname)) {
throw new HTTPException(500, "Invalid realname");
}
user_create($username, $password, $email, $access_level, $protected, $enabled, $realname);
$new_user_id = user_get_id_by_name($username);
$new_user_url = User::get_url_from_mantis_id($new_user_id);
$this->rsrc_data = $new_user_url;
$resp = new Response();
$resp->status = 201;
$resp->headers[] = "location: {$new_user_url}";
$resp->body = $this->_repr($request);
return $resp;
}
function helper_show_queries()
{
# Check is authenticated before checking access level, otherwise user gets
# redirected to login_page.php. See #8461.
return ON == config_get('show_queries_count') && auth_is_user_authenticated() && access_has_global_level(config_get('show_queries_threshold'));
}
echo helper_alternate_class();
?>
>
<td><?php
echo $t_tag_row['id'];
?>
</td>
<td><input type="text" <?php
echo helper_get_tab_index();
?>
name="name" value="<?php
echo $t_name;
?>
"/></td>
<td><?php
if (access_has_global_level(config_get('tag_edit_threshold'))) {
if (ON == config_get('use_javascript')) {
$t_username = prepare_user_name($t_tag_row['user_id']);
echo ajax_click_to_edit($t_username, 'user_id', 'entrypoint=user_combobox&user_id=' . $t_tag_row['user_id'] . '&access_level=' . config_get('tag_create_threshold'));
} else {
echo '<select ', helper_get_tab_index(), ' name="user_id">';
print_user_option_list($t_tag_row['user_id'], ALL_PROJECTS, config_get('tag_create_threshold'));
echo '</select>';
}
} else {
echo string_display_line(user_get_name($t_tag_row['user_id']));
}
?>
</td>
<td><?php
echo date(config_get('normal_date_format'), $t_tag_row['date_created']);
/**
* Get current headlines and id prefix with v_
* @return void
*/
function print_news_item_option_list()
{
$t_project_id = helper_get_current_project();
$t_global = access_has_global_level(config_get_global('admin_site_threshold'));
if ($t_global) {
$t_query = 'SELECT id, headline, announcement, view_state FROM {news} ORDER BY date_posted DESC';
} else {
$t_query = 'SELECT id, headline, announcement, view_state FROM {news}
WHERE project_id=' . db_param() . '
ORDER BY date_posted DESC';
}
$t_result = db_query($t_query, $t_global == true ? array() : array($t_project_id));
while ($t_row = db_fetch_array($t_result)) {
$t_headline = string_display($t_row['headline']);
$t_announcement = $t_row['announcement'];
$t_view_state = $t_row['view_state'];
$t_id = $t_row['id'];
$t_notes = array();
$t_note_string = '';
if (1 == $t_announcement) {
array_push($t_notes, lang_get('announcement'));
}
if (VS_PRIVATE == $t_view_state) {
array_push($t_notes, lang_get('private'));
}
if (count($t_notes) > 0) {
$t_note_string = ' [' . implode(' ', $t_notes) . ']';
}
echo '<option value="' . $t_id . '">' . $t_headline . $t_note_string . '</option>';
}
}
require_once 'core.php';
require_api('access_api.php');
require_api('compress_api.php');
require_api('config_api.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('gpc_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('string_api.php');
require_api('user_api.php');
access_ensure_global_level(config_get('tag_edit_threshold'));
compress_enable();
$t_can_edit = access_has_global_level(config_get('tag_edit_threshold'));
$f_filter = utf8_strtoupper(gpc_get_string('filter', config_get('default_manage_tag_prefix')));
$f_page_number = gpc_get_int('page_number', 1);
# Start Index Menu
$t_prefix_array = array('ALL');
for ($i = 'A'; $i != 'AA'; $i++) {
$t_prefix_array[] = $i;
}
for ($i = 0; $i <= 9; $i++) {
$t_prefix_array[] = (string) $i;
}
if ($f_filter === 'ALL') {
$t_name_filter = '';
} else {
$t_name_filter = $f_filter;
}
<?php
# reset the class counter
helper_alternate_class(0);
?>
<!-- SUBPROJECTS -->
<div align="center">
<table class="width75" cellspacing="1">
<!-- Title -->
<tr>
<td class="form-title" colspan="6">
<?php
echo lang_get('subprojects');
# Check the user's global access level before allowing project creation
if (access_has_global_level(config_get('create_project_threshold'))) {
print_button('manage_proj_create_page.php?parent_id=' . $f_project_id, lang_get('create_new_subproject_link'));
}
?>
</td>
</tr>
<!-- Subprojects -->
<form name="update_children_form" action="manage_proj_update_children.php" method="post">
<?php
echo form_security_field('manage_proj_update_children');
?>
<input type="hidden" name="project_id" value="<?php
echo $f_project_id;
?>
" />
/**
* return an array of sub-project IDs of a certain project to which the user has access
* @param integer $p_user_id A valid user identifier.
* @param integer $p_project_id A valid project identifier.
* @param boolean $p_show_disabled Include disabled projects in the resulting array.
* @return array
*/
function user_get_accessible_subprojects($p_user_id, $p_project_id, $p_show_disabled = false)
{
global $g_user_accessible_subprojects_cache;
if (null !== $g_user_accessible_subprojects_cache && auth_get_current_user_id() == $p_user_id && false == $p_show_disabled) {
if (isset($g_user_accessible_subprojects_cache[$p_project_id])) {
return $g_user_accessible_subprojects_cache[$p_project_id];
} else {
return array();
}
}
db_param_push();
if (access_has_global_level(config_get('private_project_threshold'), $p_user_id)) {
$t_enabled_clause = $p_show_disabled ? '' : 'p.enabled = ' . db_param() . ' AND';
$t_query = 'SELECT DISTINCT p.id, p.name, ph.parent_id
FROM {project} p
LEFT JOIN {project_hierarchy} ph
ON ph.child_id = p.id
WHERE ' . $t_enabled_clause . '
ph.parent_id IS NOT NULL
ORDER BY p.name';
$t_result = db_query($t_query, $p_show_disabled ? array() : array(true));
} else {
$t_query = 'SELECT DISTINCT p.id, p.name, ph.parent_id
FROM {project} p
LEFT JOIN {project_user_list} u
ON p.id = u.project_id AND u.user_id=' . db_param() . '
LEFT JOIN {project_hierarchy} ph
ON ph.child_id = p.id
WHERE ' . ($p_show_disabled ? '' : 'p.enabled = ' . db_param() . ' AND ') . '
ph.parent_id IS NOT NULL AND
( p.view_state=' . db_param() . '
OR (p.view_state=' . db_param() . '
AND
u.user_id=' . db_param() . ' )
)
ORDER BY p.name';
$t_param = array($p_user_id, VS_PUBLIC, VS_PRIVATE, $p_user_id);
if (!$p_show_disabled) {
# Insert enabled flag value in 2nd position of parameter array
array_splice($t_param, 1, 0, true);
}
$t_result = db_query($t_query, $t_param);
}
$t_projects = array();
while ($t_row = db_fetch_array($t_result)) {
if (!isset($t_projects[(int) $t_row['parent_id']])) {
$t_projects[(int) $t_row['parent_id']] = array();
}
array_push($t_projects[(int) $t_row['parent_id']], (int) $t_row['id']);
}
if (auth_get_current_user_id() == $p_user_id) {
$g_user_accessible_subprojects_cache = $t_projects;
}
if (!isset($t_projects[(int) $p_project_id])) {
$t_projects[(int) $p_project_id] = array();
}
return $t_projects[(int) $p_project_id];
}
function print_news_item_option_list()
{
$t_mantis_news_table = db_get_table('news');
$t_project_id = helper_get_current_project();
$t_global = access_has_global_level(config_get_global('admin_site_threshold'));
if ($t_global) {
$query = "SELECT id, headline, announcement, view_state\n\t\t\t\tFROM {$t_mantis_news_table}\n\t\t\t\tORDER BY date_posted DESC";
} else {
$query = "SELECT id, headline, announcement, view_state\n\t\t\t\tFROM {$t_mantis_news_table}\n\t\t\t\tWHERE project_id=" . db_param() . "\n\t\t\t\tORDER BY date_posted DESC";
}
$result = db_query_bound($query, $t_global == true ? array() : array($t_project_id));
$news_count = db_num_rows($result);
for ($i = 0; $i < $news_count; $i++) {
$row = db_fetch_array($result);
$t_headline = string_display($row['headline']);
$t_announcement = $row['announcement'];
$t_view_state = $row['view_state'];
$t_id = $row['id'];
$t_notes = array();
$t_note_string = '';
if (1 == $t_announcement) {
array_push($t_notes, lang_get('announcement'));
}
if (VS_PRIVATE == $t_view_state) {
array_push($t_notes, lang_get('private'));
}
if (count($t_notes) > 0) {
$t_note_string = ' [' . implode(' ', $t_notes) . ']';
}
echo "<option value=\"{$t_id}\">{$t_headline}{$t_note_string}</option>";
}
}
# Delete the users who have never logged in and are older than 1 week
$days_old = (int)7 * SECONDS_PER_DAY;
$query = "SELECT id, access_level
FROM $t_user_table
WHERE ( login_count = 0 ) AND ( date_created = last_visit ) AND " . db_helper_compare_days( 0, "date_created", "> $days_old" );
$result = db_query_bound($query, Array( db_now() ) );
if ( !$result ) {
trigger_error( ERROR_GENERIC, ERROR );
}
$count = db_num_rows( $result );
if ( $count > 0 ) {
helper_ensure_confirmed( lang_get( 'confirm_account_pruning' ),
lang_get( 'prune_accounts_button' ) );
}
for ($i=0; $i < $count; $i++) {
$row = db_fetch_array( $result );
# Don't prune accounts with a higher global access level than the current user
if ( access_has_global_level( $row['access_level'] ) ) {
user_delete($row['id']);
}
}
form_security_purge( 'manage_user_prune' );
print_header_redirect( 'manage_user_page.php' );
/**
* print tag fields
* @return void
*/
function print_filter_tag_string()
{
if (!access_has_global_level(config_get('tag_view_threshold'))) {
return;
}
global $g_filter;
$t_tag_string = $g_filter[FILTER_PROPERTY_TAG_STRING];
if ($g_filter[FILTER_PROPERTY_TAG_SELECT] != 0 && tag_exists($g_filter[FILTER_PROPERTY_TAG_SELECT])) {
$t_tag_string .= is_blank($t_tag_string) ? '' : config_get('tag_separator');
$t_tag_string .= tag_get_field($g_filter[FILTER_PROPERTY_TAG_SELECT], 'name');
}
?>
<input type="hidden" id="tag_separator" value="<?php
echo config_get('tag_separator');
?>
" />
<input type="text" name="<?php
echo FILTER_PROPERTY_TAG_STRING;
?>
" id="<?php
echo FILTER_PROPERTY_TAG_STRING;
?>
" size="40" value="<?php
echo string_attribute($t_tag_string);
?>
" />
<select <?php
echo helper_get_tab_index();
?>
name="<?php
echo FILTER_PROPERTY_TAG_SELECT;
?>
" id="<?php
echo FILTER_PROPERTY_TAG_SELECT;
?>
">
<?php
print_tag_option_list();
?>
</select>
<?php
}
*
* @package MantisBT
* @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
* @copyright Copyright (C) 2002 - 2013 MantisBT Team - mantisbt-dev@lists.sourceforge.net
* @link http://www.mantisbt.org
*/
/**
* MantisBT Core API's
*/
require_once 'core.php';
form_security_validate('account_delete');
auth_ensure_user_authenticated();
current_user_ensure_unprotected();
# Only allow users to delete their own accounts if allow_account_delete = ON or
# the user has permission to manage user accounts.
if (OFF == config_get('allow_account_delete') && !access_has_global_level(config_get('manage_user_threshold'))) {
print_header_redirect('account_page.php');
}
# check that we are not deleting the last administrator account
$t_admin_threshold = config_get_global('admin_site_threshold');
if (current_user_is_administrator() && user_count_level($t_admin_threshold) <= 1) {
trigger_error(ERROR_USER_CHANGE_LAST_ADMIN, ERROR);
}
helper_ensure_confirmed(lang_get('confirm_delete_msg'), lang_get('delete_account_button'));
form_security_purge('account_delete');
$t_user_id = auth_get_current_user_id();
auth_logout();
user_delete($t_user_id);
html_page_top1();
html_page_top2a();
?>
function log_print_to_page()
{
if (config_get_global('log_destination') === 'page' && auth_is_user_authenticated() && access_has_global_level(config_get('show_log_threshold'))) {
global $g_log_events, $g_log_levels;
echo "\n\n<!--Mantis Debug Log Output-->";
echo "<hr />\n";
echo "<table id=\"log-event-list\">\n";
echo "\t<thead>\n";
echo "\t\t<tr>\n";
echo "\t\t\t<th>" . lang_get('log_page_number') . "</th>\n";
echo "\t\t\t<th>" . lang_get('log_page_time') . "</th>\n";
echo "\t\t\t<th>" . lang_get('log_page_caller') . "</th>\n";
echo "\t\t\t<th>" . lang_get('log_page_event') . "</th>\n";
echo "\t\t</tr>\n";
echo "\t</thead>\n";
echo "\t<tbody>\n";
$t_unique_queries_count = 0;
$t_total_query_execution_time = 0;
$t_unique_queries = array();
$t_total_queries_count = 0;
$t_total_event_count = count($g_log_events);
if ($t_total_event_count == 0) {
echo "\t</tbody>\n\t</table>\n";
echo "<!--END Mantis Debug Log Output-->\n\n";
return;
}
for ($i = 0; $i < $t_total_event_count; $i++) {
if ($g_log_events[$i][1] == LOG_DATABASE) {
if (!in_array($g_log_events[$i][2][0], $t_unique_queries)) {
$t_unique_queries_count++;
$g_log_events[$i][2][2] = false;
array_push($t_unique_queries, $g_log_events[$i][2][0]);
} else {
$g_log_events[$i][2][2] = true;
}
$t_total_query_execution_time += $g_log_events[$i][2][1];
}
}
$t_count = array();
foreach ($g_log_events as $t_log_event) {
$t_level = $g_log_levels[$t_log_event[1]];
$t_count[$t_log_event[1]]++;
switch ($t_log_event[1]) {
case LOG_DATABASE:
$t_total_queries_count++;
$t_query_duplicate_class = '';
if ($t_log_event[2][2]) {
$t_query_duplicate_class = ' class="duplicate-query"';
}
echo "\t\t<tr{$t_query_duplicate_class}><td>" . $t_level . '-' . $t_count[$t_log_event[1]] . "</td><td>" . $t_log_event[2][1] . "</td><td>" . string_html_specialchars($t_log_event[3]) . "</td><td>" . string_html_specialchars($t_log_event[2][0]) . "</td></tr>\n";
break;
default:
echo "\t\t<tr><td>" . $t_level . '-' . $t_count[$t_log_event[1]] . "</td><td>" . $t_log_event[2][1] . "</td><td>" . string_html_specialchars($t_log_event[3]) . "</td><td>" . string_html_specialchars($t_log_event[2][0]) . "</td></tr>\n";
}
}
# output any summary data
if ($t_unique_queries_count != 0) {
$t_unique_queries_executed = sprintf(lang_get('unique_queries_executed'), $t_unique_queries_count);
echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_unique_queries_executed . "</td></tr>\n";
}
if ($t_total_queries_count != 0) {
$t_total_queries_executed = sprintf(lang_get('total_queries_executed'), $t_total_queries_count);
echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_total_queries_executed . "</td></tr>\n";
}
if ($t_total_query_execution_time != 0) {
$t_total_query_time = sprintf(lang_get('total_query_execution_time'), $t_total_query_execution_time);
echo "\t\t<tr><td>" . $g_log_levels[LOG_DATABASE] . '</td><td colspan="3">' . $t_total_query_time . "</td></tr>\n";
}
echo "\t</tbody>\n\t</table>\n";
}
echo "<!--END Mantis Debug Log Output-->\n\n";
}
function print_manage_menu($p_page = '')
{
$t_manage_user_page = 'manage_user_page.php';
$t_manage_project_menu_page = 'manage_proj_page.php';
$t_manage_custom_field_page = 'manage_custom_field_page.php';
$t_manage_config_page = 'adm_config_report.php';
$t_manage_prof_menu_page = 'manage_prof_menu_page.php';
# $t_documentation_page = 'documentation_page.php';
switch ($p_page) {
case $t_manage_user_page:
$t_manage_user_page = '';
break;
case $t_manage_project_menu_page:
$t_manage_project_menu_page = '';
break;
case $t_manage_custom_field_page:
$t_manage_custom_field_page = '';
break;
case $t_manage_config_page:
$t_manage_config_page = '';
break;
case $t_manage_prof_menu_page:
$t_manage_prof_menu_page = '';
break;
# case $t_documentation_page:
# $t_documentation_page = '';
# break;
}
print '<br /><div align="center">';
if (access_has_global_level(config_get('manage_user_threshold'))) {
print_bracket_link($t_manage_user_page, lang_get('manage_users_link'));
}
if (access_has_project_level(config_get('manage_project_threshold'))) {
print_bracket_link($t_manage_project_menu_page, lang_get('manage_projects_link'));
}
if (access_has_global_level(config_get('manage_custom_fields_threshold'))) {
print_bracket_link($t_manage_custom_field_page, lang_get('manage_custom_field_link'));
}
if (access_has_global_level(config_get('manage_global_profile_threshold'))) {
print_bracket_link($t_manage_prof_menu_page, lang_get('manage_global_profiles_link'));
}
if (access_has_project_level(config_get('view_configuration_threshold'))) {
print_bracket_link($t_manage_config_page, lang_get('manage_config_link'));
}
# print_bracket_link( $t_documentation_page, lang_get( 'documentation_link' ) );
print '</div>';
}
require_once 'core.php';
require_api('access_api.php');
require_api('authentication_api.php');
require_api('config_api.php');
require_api('constant_inc.php');
require_api('database_api.php');
require_api('form_api.php');
require_api('helper_api.php');
require_api('html_api.php');
require_api('lang_api.php');
require_api('print_api.php');
require_api('project_api.php');
require_api('string_api.php');
require_api('user_api.php');
access_ensure_global_level(config_get('view_configuration_threshold'));
$t_read_write_access = access_has_global_level(config_get('set_configuration_threshold'));
html_page_top(lang_get('configuration_report'));
print_manage_menu('adm_permissions_report.php');
print_manage_config_menu('adm_config_report.php');
$t_config_types = array(CONFIG_TYPE_DEFAULT => 'default', CONFIG_TYPE_INT => 'integer', CONFIG_TYPE_FLOAT => 'float', CONFIG_TYPE_COMPLEX => 'complex', CONFIG_TYPE_STRING => 'string');
/**
* returns the configuration type for a given configuration type id
* @param integer $p_type Configuration type identifier to check.
* @return string configuration type
*/
function get_config_type($p_type)
{
global $t_config_types;
if (array_key_exists($p_type, $t_config_types)) {
return $t_config_types[$p_type];
} else {
/**
*
* Deletes a tag
*
* @param string $p_username The user's username
* @param string $p_password The user's password * @param unknown_type $p_tag_id
* @param int $p_tag_id The id of the tag
* @return soap_fault|boolean
*/
function mc_tag_delete($p_username, $p_password, $p_tag_id)
{
$t_user_id = mci_check_login($p_username, $p_password);
if ($t_user_id === false) {
return mci_soap_fault_login_failed();
}
if (!access_has_global_level(config_get('tag_edit_threshold'))) {
return mci_soap_fault_access_denied($t_user_id);
}
if (!tag_exists($p_tag_id)) {
return SoapObjectsFactory::newSoapFault('Client', 'No tag with id ' . $p_tag_id);
}
return tag_delete($p_tag_id);
}
/**
* Check if the user has the specified global access level
* and deny access to the page if not
* @see access_has_global_level
* @param int $p_access_level integer representing access level
* @param int|null $p_user_id integer representing user id, defaults to null to use current user
* @access public
*/
function access_ensure_global_level($p_access_level, $p_user_id = null)
{
if (!access_has_global_level($p_access_level, $p_user_id)) {
access_denied();
}
}
$f_view_type = gpc_get_string('view_type', $f_default_view_type);
if (ADVANCED_ONLY == config_get('view_filters')) {
$f_view_type = 'advanced';
}
if (SIMPLE_ONLY == config_get('view_filters')) {
$f_view_type = 'simple';
}
if (!in_array($f_view_type, array('simple', 'advanced'))) {
$f_view_type = $f_default_view_type;
}
$t_select_modifier = '';
if ('advanced' == $f_view_type) {
$t_select_modifier = 'multiple="multiple" size="10" ';
}
$t_show_version = ON == config_get('show_product_version') || AUTO == config_get('show_product_version') && count(version_get_all_rows_with_subs($t_project_id)) > 0;
$t_show_tags = access_has_global_level(config_get('tag_view_threshold'));
?>
<br />
<form method="post" name="filters" action="<?php
echo $t_action;
?>
">
<input type="hidden" name="type" value="1" />
<input type="hidden" name="view_type" value="<?php
print $f_view_type;
?>
" />
<?php
if ($f_for_screen == false) {
print "<input type=\"hidden\" name=\"print\" value=\"1\" />";
print "<input type=\"hidden\" name=\"offset\" value=\"0\" />";
function user_get_accessible_subprojects($p_user_id, $p_project_id, $p_show_disabled = false)
{
global $g_user_accessible_subprojects_cache;
if (null !== $g_user_accessible_subprojects_cache && auth_get_current_user_id() == $p_user_id && false == $p_show_disabled) {
if (isset($g_user_accessible_subprojects_cache[$p_project_id])) {
return $g_user_accessible_subprojects_cache[$p_project_id];
} else {
return array();
}
}
$c_user_id = db_prepare_int($p_user_id);
$c_project_id = db_prepare_int($p_project_id);
$t_project_table = config_get('mantis_project_table');
$t_project_user_list_table = config_get('mantis_project_user_list_table');
$t_project_hierarchy_table = config_get('mantis_project_hierarchy_table');
$t_enabled_clause = $p_show_disabled ? '' : 'p.enabled = 1 AND';
$t_public = VS_PUBLIC;
$t_private = VS_PRIVATE;
if (access_has_global_level(config_get('private_project_threshold'), $p_user_id)) {
$query = "SELECT DISTINCT p.id, p.name, ph.parent_id\n\t\t\t\t\t FROM {$t_project_table} p\n\t\t\t\t\t LEFT JOIN {$t_project_hierarchy_table} ph\n\t\t\t\t\t ON ph.child_id = p.id\n\t\t\t\t\t WHERE {$t_enabled_clause}\n\t\t\t\t\t \t ph.parent_id IS NOT NULL\n\t\t\t\t\t ORDER BY p.name";
} else {
$query = "SELECT DISTINCT p.id, p.name, ph.parent_id\n\t\t\t\t\t FROM {$t_project_table} p\n\t\t\t\t\t LEFT JOIN {$t_project_user_list_table} u\n\t\t\t\t\t ON p.id = u.project_id AND u.user_id='{$c_user_id}'\n\t\t\t\t\t LEFT JOIN {$t_project_hierarchy_table} ph\n\t\t\t\t\t ON ph.child_id = p.id\n\t\t\t\t\t WHERE {$t_enabled_clause}\n\t\t\t\t\t \tph.parent_id IS NOT NULL AND\n\t\t\t\t\t\t( p.view_state='{$t_public}'\n\t\t\t\t\t\t OR (p.view_state='{$t_private}'\n\t\t\t\t\t\t\t AND\n\t\t\t\t\t\t u.user_id='{$c_user_id}' )\n\t\t\t\t\t\t)\n\t\t\t\t\t ORDER BY p.name";
}
$result = db_query($query);
$row_count = db_num_rows($result);
$t_projects = array();
for ($i = 0; $i < $row_count; $i++) {
$row = db_fetch_array($result);
if (!isset($t_projects[$row['parent_id']])) {
$t_projects[$row['parent_id']] = array();
}
array_push($t_projects[$row['parent_id']], $row['id']);
}
if (auth_get_current_user_id() == $p_user_id) {
$g_user_accessible_subprojects_cache = $t_projects;
}
if (!isset($t_projects[$p_project_id])) {
$t_projects[$p_project_id] = array();
}
return $t_projects[$p_project_id];
}
if (ON == config_get('send_reset_password') && ON == config_get('enable_email_notification')) {
echo lang_get('reset_password_msg');
} else {
echo lang_get('reset_password_msg2');
}
?>
</div>
<?php
}
}
?>
<!-- PROJECT ACCESS (if permissions allow) and user is not ADMINISTRATOR -->
<?php
if (access_has_global_level(config_get('manage_user_threshold')) && !user_is_administrator($t_user_id)) {
?>
<br />
<div align="center">
<table class="width75" cellspacing="1">
<!-- Title -->
<tr>
<td class="form-title" colspan="2">
<?php
echo lang_get('add_user_title');
?>
</td>
</tr>
<!-- Assigned Projects -->
<tr <?php
<!-- GLOBAL CATEGORIES -->
<a name="categories" />
<div align="center">
<table class="width75" cellspacing="1">
<!-- Title -->
<tr>
<td class="form-title" colspan="3">
<?php
echo lang_get('global_categories');
?>
</td>
</tr>
<?php
$t_categories = category_get_all_rows(ALL_PROJECTS);
$t_can_update_global_cat = access_has_global_level(config_get('manage_site_threshold'));
if (count($t_categories) > 0) {
?>
<tr class="row-category">
<td>
<?php
echo lang_get('category');
?>
</td>
<td>
<?php
echo lang_get('assign_to');
?>
</td>
<?php
if ($t_can_update_global_cat) {
# Loop through results
for ($i = 0; $i < $t_issues_count; $i++) {
$t_bug = $t_issues[$i];
$about = $link = $t_path . "view.php?id=" . $t_bug->id;
$title = bug_format_id($t_bug->id) . ': ' . $t_bug->summary;
if ($t_bug->view_state == VS_PRIVATE) {
$title .= ' [' . lang_get('private') . ']';
}
$description = string_rss_links($t_bug->description);
# subject is category.
$subject = category_full_name($t_bug->category_id, false);
# optional DC value
$date = $t_bug->last_updated;
# author of item
$author = '';
if (access_has_global_level(config_get('show_user_email_threshold'))) {
$t_author_name = user_get_name($t_bug->reporter_id);
$t_author_email = user_get_field($t_bug->reporter_id, 'email');
if (!is_blank($t_author_email)) {
if (!is_blank($t_author_name)) {
$author = $t_author_name . ' <' . $t_author_email . '>';
} else {
$author = $t_author_email;
}
}
}
# $comments = 'http://www.example.com/sometext.php?somevariable=somevalue&comments=1'; # url to comment page rss 2.0 value
$comments = $t_path . 'view.php?id=' . $t_bug->id . '#bugnotes';
# optional mod_im value for dispaying a different pic for every item
$image = '';
$rssfile->addRSSItem($about, $title, $link, $description, $subject, $date, $author, $comments, $image);
