foreach ($settings AS $varname => $value)
{
- $DB_sql->query("REPLACE INTO " . TABLE_PREFIX . "setting (varname, value) VALUES ('" . addslasheslike(trim($varname)) . "', '" . addslasheslike(trim($value)) . "')");
+ $db->query("REPLACE INTO " . TABLE_PREFIX . "setting (varname, value) VALUES ('" . addslasheslike(trim($varname)) . "', '" . addslasheslike(trim($value)) . "')");
}
build_settings();
$admin->form_start('options.php', 'update');
- $settings = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "setting ");
- while ($setting = $DB_sql->fetch_array($settings))
+ $settings = $db->query("SELECT * FROM " . TABLE_PREFIX . "setting ");
+ while ($setting = $db->fetch_array($settings))
{
$options["$setting[varname]"] = $setting['value'];
}
if ($_REQUEST['do'] == 'kill')
{
sanitize(array('priorityid' => INT));
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]");
build_priorities();
$admin->redirect('priority.php?do=modify');
}
if ($_POST['do'] == 'insert')
{
sanitize(array('priority' => STR, 'displayorder' => INT));
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "priority (priority, displayorder) VALUES ('" . addslasheslike($vars['priority']) . "', $vars[displayorder])");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "priority (priority, displayorder) VALUES ('" . addslasheslike($vars['priority']) . "', $vars[displayorder])");
build_priorities();
$admin->redirect('priority.php?do=modify');
}
if ($_POST['do'] == 'update')
{
sanitize(array('priorityid' => INT, 'priority' => STR, 'displayorder' => INT));
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "priority SET priority = '" . addslasheslike($vars['priority']) . "', displayorder = $vars[displayorder] WHERE priorityid = $vars[priorityid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "priority SET priority = '" . addslasheslike($vars['priority']) . "', displayorder = $vars[displayorder] WHERE priorityid = $vars[priorityid]");
build_priorities();
$admin->redirect('priority.php?do=modify');
}
{
sanitize(array('priorityid' => INT));
- $priority = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]");
+ $priority = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]");
if (!is_array($priority))
{
$admin->error('-1');
{
$admin->page_start(phrase('priority_manager'));
- $priorities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder");
+ $priorities = $db->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder");
$admin->form_start('priority.php', 'null');
$admin->table_start();
$admin->table_head(phrase('priority_manager'));
- while ($priority = $DB_sql->fetch_array($priorities))
+ while ($priority = $db->fetch_array($priorities))
{
$admin->row_text("$priority[displayorder]: <a href=\"priority.php?do=edit&priorityid=$priority[priorityid]\">$priority[priority]</a>", "(priorityid: $priority[priorityid]) <a href=\"priority.php?do=edit&priorityid=$priority[priorityid]\">" . phrase('edit_wraplink') . "</a> <a href=\"priority.php?do=delete&priorityid=$priority[priorityid]\">" . phrase('delete_wraplink') . "</a>");
}
- $DB_sql->free_result($priorityes);
+ $db->free_result($priorityes);
$admin->row_span('<input type="button" name="addug" value=" ' . phrase('add_new_priority') . ' " onclick="window.location = \'priority.php?do=add\';" />', 'tfoot', 'center', 3);
$admin->table_end();
{
sanitize(array('versionid' => INT));
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]");
// #*# figure out what we do with bugs
build_versions();
if ($_REQUEST['do'] == 'insertversion')
{
sanitize(array('productid' => INT, 'version' => STR, 'displayorder' => INT));
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "version (productid, version, displayorder) VALUES ($vars[productid], '" . addslasheslike($vars['version']) . "', $vars[displayorder])");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "version (productid, version, displayorder) VALUES ($vars[productid], '" . addslasheslike($vars['version']) . "', $vars[displayorder])");
build_versions();
$admin->redirect('product.php?do=modify');
}
if ($vars['productid'] != -1)
{
- $product = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]");
+ $product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]");
if (!is_array($product))
{
$admin->error('-1');
$admin->error(phrase('fill_in_version_number'));
}
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "version SET version = '" . addslasheslike($vars['version']) . "', displayorder = $vars[displayorder] WHERE versionid = $vars[versionid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "version SET version = '" . addslasheslike($vars['version']) . "', displayorder = $vars[displayorder] WHERE versionid = $vars[versionid]");
build_versions();
$admin->redirect('product.php?do=modify');
$admin->page_start(phrase('edit_version'));
- $version = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]");
+ $version = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]");
if (!is_array($version))
{
$admin->error('-1');
{
sanitize(array('productid' => INT));
- $allprods = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid] OR componentmother = $vars[productid]");
- while ($prod = $DB_sql->fetch_array($allprods))
+ $allprods = $db->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid] OR componentmother = $vars[productid]");
+ while ($prod = $db->fetch_array($allprods))
{
$list[] = $prod['productid'];
}
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "product WHERE productid IN (" . implode(', ', $list) . ")");
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "version WHERE productid IN (" . implode(', ', $list) . ")");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "product WHERE productid IN (" . implode(', ', $list) . ")");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "version WHERE productid IN (" . implode(', ', $list) . ")");
// #*# do bug kills here
build_products();
$admin->error(phrase('go_back_and_fill_both_fields'));
}
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "product
(shortname, title, componentmother, description, displayorder)
VALUES
$admin->error('-1');
}
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "product SET title = '" . addslasheslike($vars['title']) . "', shortname = '" . addslasheslike($vars['shortname']) . "', description = '" . addslasheslike($vars['description']) . "', displayorder = $vars[displayorder] WHERE productid = $vars[productid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "product SET title = '" . addslasheslike($vars['title']) . "', shortname = '" . addslasheslike($vars['shortname']) . "', description = '" . addslasheslike($vars['description']) . "', displayorder = $vars[displayorder] WHERE productid = $vars[productid]");
build_products();
$admin->redirect('product.php?do=modify');
$admin->page_start(phrase('edit_product'));
- $product = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]");
+ $product = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]");
if (!is_array($product))
{
{
$id = intval($name[1]);
$order = intval($displayorder);
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "$name[0] SET displayorder = $order WHERE $name[0]id = $id");
+ $db->query("UPDATE " . TABLE_PREFIX . "$name[0] SET displayorder = $order WHERE $name[0]id = $id");
}
}
build_products();
$admin->form_start('product.php', 'displayorder');
- $products = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
- while ($prod = $DB_sql->fetch_array($products))
+ $products = $db->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
+ while ($prod = $db->fetch_array($products))
{
if (!$prod['componentmother'])
{
}
$products = (array)$product;
- $versions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder ASC");
- while ($vers = $DB_sql->fetch_array($versions))
+ $versions = $db->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder ASC");
+ while ($vers = $db->fetch_array($versions))
{
$version["$vers[productid]"]["$vers[versionid]"] = $vers;
}
if ($_REQUEST['do'] == 'kill')
{
sanitize(array('resolutionid' => INT));
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]");
build_resolutions();
$admin->redirect('resolution.php?do=modify');
}
if ($_POST['do'] == 'insert')
{
sanitize(array('resolution' => STR, 'displayorder' => INT));
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "resolution (resolution, displayorder) VALUES ('" . addslasheslike($vars['resolution']) . "', $vars[displayorder])");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "resolution (resolution, displayorder) VALUES ('" . addslasheslike($vars['resolution']) . "', $vars[displayorder])");
build_resolutions();
$admin->redirect('resolution.php?do=modify');
}
if ($_POST['do'] == 'update')
{
sanitize(array('resolutionid' => INT, 'resolution' => STR, 'displayorder' => INT));
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "resolution SET resolution = '" . addslasheslike($vars['resolution']) . "', displayorder = $vars[displayorder] WHERE resolutionid = $vars[resolutionid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "resolution SET resolution = '" . addslasheslike($vars['resolution']) . "', displayorder = $vars[displayorder] WHERE resolutionid = $vars[resolutionid]");
build_resolutions();
$admin->redirect('resolution.php?do=modify');
}
{
sanitize(array('resolutionid' => INT));
- $resolution = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]");
+ $resolution = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]");
if (!is_array($resolution))
{
$admin->error('-1');
{
$admin->page_start(phrase('resolution_manager'));
- $resolutions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder");
+ $resolutions = $db->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder");
$admin->form_start('resolution.php', 'null');
$admin->table_start();
$admin->table_head(phrase('resolution_manager'));
- while ($resolution = $DB_sql->fetch_array($resolutions))
+ while ($resolution = $db->fetch_array($resolutions))
{
$admin->row_text("$resolution[displayorder]: <a href=\"resolution.php?do=edit&resolutionid=$resolution[resolutionid]\">$resolution[resolution]</a>", "(resolutionid: $resolution[resolutionid]) <a href=\"resolution.php?do=edit&resolutionid=$resolution[resolutionid]\">" . phrase('edit_wraplink') . "</a> <a href=\"resolution.php?do=delete&resolutionid=$resolution[resolutionid]\">" . phrase('delete_wraplink') . "</a>");
}
- $DB_sql->free_result($resolutiones);
+ $db->free_result($resolutiones);
$admin->row_span('<input type="button" name="addug" value=" ' . phrase('add_new_resolution') . ' " onclick="window.location = \'resolution.php?do=add\';" />', 'tfoot', 'center', 3);
$admin->table_end();
if ($_REQUEST['do'] == 'kill')
{
sanitize(array('severityid' => INT));
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]");
build_severities();
$admin->redirect('severity.php?do=modify');
}
if ($_POST['do'] == 'insert')
{
sanitize(array('severity' => STR, 'displayorder' => INT));
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "severity (severity, displayorder) VALUES ('" . addslasheslike($vars['severity']) . "', $vars[displayorder])");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "severity (severity, displayorder) VALUES ('" . addslasheslike($vars['severity']) . "', $vars[displayorder])");
build_severities();
$admin->redirect('severity.php?do=modify');
}
if ($_POST['do'] == 'update')
{
sanitize(array('severityid' => INT, 'severity' => STR, 'displayorder' => INT));
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "severity SET severity = '" . addslasheslike($vars['severity']) . "', displayorder = $vars[displayorder] WHERE severityid = $vars[severityid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "severity SET severity = '" . addslasheslike($vars['severity']) . "', displayorder = $vars[displayorder] WHERE severityid = $vars[severityid]");
build_severities();
$admin->redirect('severity.php?do=modify');
}
{
sanitize(array('severityid' => INT));
- $severity = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]");
+ $severity = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]");
if (!is_array($severity))
{
$admin->error('-1');
{
$admin->page_start('Severity Manager');
- $severities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder");
+ $severities = $db->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder");
$admin->form_start('severity.php', 'null');
$admin->table_start();
$admin->table_head('Severity Manager');
- while ($severity = $DB_sql->fetch_array($severities))
+ while ($severity = $db->fetch_array($severities))
{
$admin->row_text("$severity[displayorder]: <a href=\"severity.php?do=edit&severityid=$severity[severityid]\">$severity[severity]</a>", "(severityid: $severity[severityid]) <a href=\"severity.php?do=edit&severityid=$severity[severityid]\">" . phrase('edit_wraplink') . "</a> <a href=\"severity.php?do=delete&severityid=$severity[severityid]\">" . phrase('delete_wraplink') . "</a>");
}
- $DB_sql->free_result($severityes);
+ $db->free_result($severityes);
$admin->row_span('<input type="button" name="addug" value=" ' . phrase('add_new_severity') . ' " onclick="window.location = \'severity.php?do=add\';" />', 'tfoot', 'center', 3);
$admin->table_end();
if ($_REQUEST['do'] == 'kill')
{
sanitize(array('statusid' => INT));
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]");
build_statuses();
$admin->redirect('status.php?do=modify');
}
if ($_POST['do'] == 'insert')
{
sanitize(array('status' => STR, 'displayorder' => INT));
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "status (status, displayorder) VALUES ('" . addslasheslike($vars['status']) . "', $vars[displayorder])");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "status (status, displayorder) VALUES ('" . addslasheslike($vars['status']) . "', $vars[displayorder])");
build_statuses();
$admin->redirect('status.php?do=modify');
}
if ($_POST['do'] == 'update')
{
sanitize(array('statusid' => INT, 'status' => STR, 'displayorder' => INT));
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "status SET status = '" . addslasheslike($vars['status']) . "', displayorder = $vars[displayorder] WHERE statusid = $vars[statusid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "status SET status = '" . addslasheslike($vars['status']) . "', displayorder = $vars[displayorder] WHERE statusid = $vars[statusid]");
build_statuses();
$admin->redirect('status.php?do=modify');
}
{
sanitize(array('statusid' => INT));
- $status = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]");
+ $status = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]");
if (!is_array($status))
{
$admin->error('-1');
{
$admin->page_start('Status Manager');
- $statuses = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "status");
+ $statuses = $db->query("SELECT * FROM " . TABLE_PREFIX . "status");
$admin->form_start('status.php', 'null');
$admin->table_start();
$admin->table_head('Status Manager');
- while ($status = $DB_sql->fetch_array($statuses))
+ while ($status = $db->fetch_array($statuses))
{
$admin->row_text("$status[displayorder]: <a href=\"status.php?do=edit&statusid=$status[statusid]\">$status[status]</a>", "(statusid: $status[statusid]) <a href=\"status.php?do=edit&statusid=$status[statusid]\">" . phrase('edit_wraplink') . "</a> <a href=\"status.php?do=delete&statusid=$status[statusid]\">" . phrase('delete_wraplink') . "</a>");
}
- $DB_sql->free_result($statuses);
+ $db->free_result($statuses);
$admin->row_span('<input type="button" name="addug" value=" ' . phrase('add_new_status') . ' " onclick="window.location = \'status.php?do=add\';" />', 'tfoot', 'center', 3);
$admin->table_end();
$admin->error(phrase('cant_delete_default_usergroup'));
}
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = $vars[usergroupid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = $vars[usergroupid]");
build_usergroups();
build_assignedto();
if ($edit)
{
- $usergroup = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
+ $usergroup = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]");
if (!is_array($usergroup))
{
$admin->error('-1');
$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
}
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "usergroup
(title, displaytitle, opentag, closetag, permissions)
VALUES
$permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch;
}
- $DB_sql->query("
+ $db->query("
UPDATE " . TABLE_PREFIX . "usergroup
SET title = '" . addslasheslike($vars['title']) . "',
displaytitle = '" . addslasheslike($vars['displaytitle']) . "',
$admin->table_start();
$admin->table_head(phrase('usergroup_manager'), 3);
- $groups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
- while ($group = $DB_sql->fetch_array($groups))
+ $groups = $db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC");
+ while ($group = $db->fetch_array($groups))
{
$usergroups["$group[usergroupid]"] = $group;
}
- $DB_sql->free_result($groups);
+ $db->free_result($groups);
- $groups = $DB_sql->query("
+ $groups = $db->query("
SELECT COUNT(user.userid) AS total, user.usergroupid
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid)
GROUP BY usergroup.usergroupid
ORDER BY usergroup.usergroupid"
);
- while ($group = $DB_sql->fetch_array($groups))
+ while ($group = $db->fetch_array($groups))
{
$usergroups["$group[usergroupid]"]['total'] = $group['total'];
}
echo "<pre>$sql</pre>";
-$DB_sql->query($sql);
+$db->query($sql);
?>
\ No newline at end of file
if ($_REQUEST['do'] == 'kill')
{
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
header("Location: phrasetools.php");
}
if ($_REQUEST['do'] == 'delete')
{
- $phrase = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
+ $phrase = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
if (!$phrase)
{
echo 'Not a valid phrase!';
if ($_POST['do'] == 'insert')
{
$vars['varname'] = str_replace(' ', '_', $vars['varname']);
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "phrase
(varname, phrasetext)
VALUES
if ($_POST['do'] == 'update')
{
- $DB_sql->query("
+ $db->query("
UPDATE " . TABLE_PREFIX . "phrase
SET varname = '" . addslasheslike(sanitize_name($vars['varname'])) . "',
phrasetext = '" . addslasheslike($vars['phrasetext']) . "'
if ($_REQUEST['do'] == 'edit')
{
- $phrase = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
+ $phrase = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE varname = '" . addslasheslike($vars['varname']) . "'");
if (!$phrase)
{
echo 'Not a valid phrase!';
$where = "varname LIKE '%$vars[varname]%' $use[matcher] phrasetext LIKE '%$vars[phrasetext]%'";
}
- $phrases = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE $where");
- $numrows = $DB_sql->num_rows($phrases);
+ $phrases = $db->query("SELECT * FROM " . TABLE_PREFIX . "phrase WHERE $where");
+ $numrows = $db->num_rows($phrases);
if ($numrows < 1)
{
if ($numrows > 2)
{
- while ($phrase = $DB_sql->fetch_array($phrases))
+ while ($phrase = $db->fetch_array($phrases))
{
echo "<pre><div>\$bugsys->language['<strong><a href=\"phrasetools.php?do=edit&varname=$phrase[varname]\">$phrase[varname]</a></strong>'] =======> " . htmlspecialcharslike($phrase['phrasetext']) . "</div></pre>";
}
}
else
{
- $phrase = $DB_sql->fetch_array($phrases);
+ $phrase = $db->fetch_array($phrases);
header("Location: phrasetools.php?do=edit&varname=$phrase[varname]");
}
}
chdir('./../');
require_once('./global.php');
-$comments = $DB_sql->query("SELECT * FROM comment ORDER BY bugid, dateline ASC");
+$comments = $db->query("SELECT * FROM comment ORDER BY bugid, dateline ASC");
-while ($comment = $DB_sql->fetch_array($comments))
+while ($comment = $db->fetch_array($comments))
{
if (!isset($replace["$comment[bugid]"]))
{
foreach ($replace AS $bugid => $newfields)
{
- $DB_sql->query("UPDATE bug SET initialreport = $newfields[initialreport], dateline = $newfields[dateline], lastposttime = $newfields[lastposttime], lastpostby = $newfields[lastpostby] WHERE bugid = $bugid");
+ $db->query("UPDATE bug SET initialreport = $newfields[initialreport], dateline = $newfields[dateline], lastposttime = $newfields[lastposttime], lastpostby = $newfields[lastpostby] WHERE bugid = $bugid");
echo "<p>Updated $bugid</p>";
}
sanitize(array('commentid' => INT));
-$comment = $DB_sql->query_first("
+$comment = $db->query_first("
SELECT comment.*, user.email, user.showemail, user.displayname
FROM " . TABLE_PREFIX . "comment AS comment
LEFT JOIN " . TABLE_PREFIX . "user AS user
exit;
}
-$bug = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
+$bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
if (!((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')))
{
$vars['comment_parsed'] = htmlspecialcharslike($vars['comment_parsed']);
}
- $DB_sql->query("
+ $db->query("
UPDATE " . TABLE_PREFIX . "comment
SET comment = '" . addslasheslike($vars['comment']) . "',
comment_parsed = '" . addslasheslike(nl2br($vars['comment_parsed'])) . "'
sanitize(array('bugid' => INT));
-$bug = $DB_sql->query_first("
+$bug = $db->query_first("
SELECT bug.*, user.email, user.displayname, user.showemail
FROM " . TABLE_PREFIX . "bug AS bug
LEFT JOIN " . TABLE_PREFIX . "user AS user
exit;
}
- $DB_sql->query("
+ $db->query("
UPDATE " . TABLE_PREFIX . "bug
SET summary = '" . addslasheslike($vars['summary']) . "',
priority = $vars[priority], status = $vars[status],
// it!
$usepconnect = 0;
+// ###################################################################
+// ///////////////////////// PATH TO ISSO
+// -------------------------------------------------------------------
+// The full, hard path to the ISSO framework on your server. This
+// should end in a trailing slash!!
+$pathtoisso = '/htdocs/isso/'
+
// ###################################################################
// ///////////////////////// TABLE PREFIX
// -------------------------------------------------------------------
}
}
-// ########################## Start sanitize #########################
-function sanitize($toclean)
-{
- global $vars;
-
- foreach ($toclean AS $varname => $cleaner)
- {
- $varvalue = $_REQUEST["$varname"];
- switch (strtoupper($cleaner))
- {
- case 'STR':
- $cleaned = trim($varvalue);
- break;
-
- case 'STR_NOHTML':
- $cleaned = htmlspecialcharslike(trim($varvalue));
- break;
-
- case 'INT':
- $cleaned = intval($varvalue);
- break;
-
- case 'FLOAT':
- $cleaned = floatval($varvalue);
- break;
-
- default: break;
- }
- $vars["$varname"] = $cleaned;
- }
-}
-
-// ##################### Start fetch_random_chars ####################
-function fetch_random_chars($length = 0)
-{
- // Gimme a length!
- if (!$length)
- {
- $length = rand(20, 65);
- }
-
- // Number of ints in our salt
- $intcount = rand(0, intval($length / 2));
-
- // Number of chars
- $charcount = $length - $intcount;
-
- // Upper-case chars
- $upperchars = rand(1, intval($charcount / 2));
-
- // Lower-case chars
- $lowerchars = $charcount - $upperchars;
-
- // Generate ints
- for ($i = 0; $i < $intcount; $i++)
- {
- $string[] = rand(0, 9);
- }
-
- // Generate upper chars
- for ($i = 0; $i < $upperchars; $i++)
- {
- $string[] = chr(rand(65, 90));
- }
-
- // Generate lower chars
- for ($i = 0; $i < $lowerchars; $i++)
- {
- $string[] = chr(rand(97, 122));
- }
-
- // Randomly key the chars
- foreach ($string AS $char)
- {
- $rand = mt_rand();
- $newstr["$rand"] = $char;
- }
-
- // Sort the chars by thier random assignment
- ksort($newstr);
-
- // Flatten the array
- $string = '';
- foreach ($newstr AS $char)
- {
- $string .= $char;
- }
-
- return $string;
-}
-
-// ######################## Start mysetcookie ########################
-function mysetcookie($name, $value = false, $sticky = true)
-{
- // Expire the cookie if it doesn't have a value
- if (!$value)
- {
- setcookie($name, $value, time() - (2 * 900), '/');
- }
- else
- {
- // Make the cookie one that stays?
- if ($sticky)
- {
- $expire = time() + 60 * 60 * 24 * 365;
- }
- else
- {
- $expire = 0;
- }
- setcookie($name, $value, $expire, '/');
- }
-}
-
-// ############################ Start iff ############################
-function iff($condition, $true, $false = null)
-{
- return ($condition) ? ($true) : ($false);
-}
-
-// ######################## Start exec_swap_bg #######################
-function exec_swap_bg($class1 = 'alt1', $class2 = 'alt2')
-{
- global $row_class;
- static $row_count;
-
- $row_class = iff($row_count % 2, $class1, $class2);
- $row_count++;
-}
-
-// ####################### Start addslasheslike ######################
-// leave this named as such for easy typing
-function addslasheslike($str)
-{
- static $mqgpc;
-
- if (!isset($mqgpc))
- {
- $mqgpc = get_magic_quotes_gpc();
- }
-
- if ($mqgpc)
- {
- return $str;
- }
- else
- {
- return addslashes($str);
- }
-}
-
-// #################### Start htmlspecialcharslike ###################
-function htmlspecialcharslike($str)
-{
- return str_replace(array('"', '<', '>'), array('"', '<', '>'), $str);
-}
-
-// ##################### Start unhtmlspecialchars ####################
-function unhtmlspecialchars($str)
-{
- return str_replace(array('"', '<', '>'), array('"', '<', '>'), $str);
-}
-
// ################## Start fetch_user_display_name ##################
// preps a dispaly name if one isn't set
// should be able to be removed by the final version as registration should set this
// NB: need to make sure we have the option to turn off just p/c selection without v
function construct_pcv_select($select = '', $prefix = ' ')
{
- global $bugsys, $DB_sql, $tpl;
+ global $bugsys, $tpl;
static $HTML;
if ($HTML)
$selected = ' checked="checked"';
- $products_fetch = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
- while ($product = $DB_sql->fetch_array($products_fetch))
+ $products_fetch = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
+ while ($product = $bugsys->db->fetch_array($products_fetch))
{
if ($product['componentmother'])
{
}
}
- $versions_fetch = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder");
- while ($version = $DB_sql->fetch_array($versions_fetch))
+ $versions_fetch = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder");
+ while ($version = $bugsys->db->fetch_array($versions_fetch))
{
$versions["$version[productid]"]["$version[versionid]"] = $version;
}
// ###################### Start build_languages ######################
function build_languages()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $languages = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "language");
- while ($language = $DB_sql->fetch_array($languages))
+ $languages = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "language");
+ while ($language = $bugsys->db->fetch_array($languages))
{
$tempstore["$language[languageid]"] = $language;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing the language cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('language', '" . addslasheslike(serialize($tempstore)) . "')"
// ####################### Start build_settings ######################
function build_settings()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $settings = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "setting");
- while ($setting = $DB_sql->fetch_array($settings))
+ $settings = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "setting");
+ while ($setting = $bugsys->db->fetch_array($settings))
{
$options["$setting[varname]"] = $setting['value'];
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing the setting cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('setting', '" . addslasheslike(serialize($options)) . "')"
// ###################### Start build_usergroups #####################
function build_usergroups()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $usergroups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup");
- while ($usergroup = $DB_sql->fetch_array($usergroups))
+ $usergroups = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "usergroup");
+ while ($usergroup = $bugsys->db->fetch_array($usergroups))
{
$groups["$usergroup[usergroupid]"] = $usergroup;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing usergroup cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('usergroup', '" . addslasheslike(serialize($groups)) . "')"
// ####################### Start build_statuses ######################
function build_statuses()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $statuses = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "status ORDER BY displayorder ASC");
- while ($status = $DB_sql->fetch_array($statuses))
+ $statuses = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "status ORDER BY displayorder ASC");
+ while ($status = $bugsys->db->fetch_array($statuses))
{
$tempstore["$status[statusid]"] = $status;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing status cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('status', '" . addslasheslike(serialize($tempstore)) . "')"
// ###################### Start build_severities #####################
function build_severities()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $severities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder ASC");
- while ($severity = $DB_sql->fetch_array($severities))
+ $severities = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder ASC");
+ while ($severity = $bugsys->db->fetch_array($severities))
{
$tempstore["$severity[severityid]"] = $severity;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing severity cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('severity', '" . addslasheslike(serialize($tempstore)) . "')"
// ###################### Start build_priorities #####################
function build_priorities()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $priorities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder ASC");
- while ($priority = $DB_sql->fetch_array($priorities))
+ $priorities = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder ASC");
+ while ($priority = $bugsys->db->fetch_array($priorities))
{
$tempstore["$priority[priorityid]"] = $priority;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing priority cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('priority', '" . addslasheslike(serialize($tempstore)) . "')"
// ###################### Start build_assignedto #####################
function build_assignedto()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $users = $DB_sql->query("
+ $users = $bugsys->db->query("
SELECT user.email, user.displayname, user.userid, user.showemail
FROM " . TABLE_PREFIX . "user AS user
LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (user.usergroupid = usergroup.usergroupid)
WHERE (usergroup.permissions & " . CANBEASSIGNEDTO . ")"
);
- while ($user = $DB_sql->fetch_array($users))
+ while ($user = $bugsys->db->fetch_array($users))
{
fetch_user_display_name($user);
$devs["$user[userid]"] = $user;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing developer / assign to cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('assignto', '" . addslasheslike(serialize($devs)) . "')"
// ##################### Start build_resolutions #####################
function build_resolutions()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $resolutions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder ASC");
- while ($resolution = $DB_sql->fetch_array($resolutions))
+ $resolutions = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder ASC");
+ while ($resolution = $bugsys->db->fetch_array($resolutions))
{
$tempstore["$resolution[resolutionid]"] = $resolution;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing resolution cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('resolution', '" . addslasheslike(serialize($tempstore)) . "')"
// ####################### Start build_versions ######################
function build_versions()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $versions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder ASC");
- while ($version = $DB_sql->fetch_array($versions))
+ $versions = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder ASC");
+ while ($version = $bugsys->db->fetch_array($versions))
{
$tempstore["$version[versionid]"] = $version;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing version cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('version', '" . addslasheslike(serialize($tempstore)) . "')"
// ####################### Start build_products ######################
function build_products()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $products = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
- while ($product = $DB_sql->fetch_array($products))
+ $products = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC");
+ while ($product = $bugsys->db->fetch_array($products))
{
$tempstore["$product[productid]"] = $product;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing product / component cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('product', '" . addslasheslike(serialize($tempstore)) . "')"
// ##################### Start build_templatesets ####################
function build_templatesets()
{
- global $DB_sql, $bugsys;
+ global $bugsys;
- $templatesets = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "templateset");
- while ($templateset = $DB_sql->fetch_array($templatesets))
+ $templatesets = $bugsys->db->query("SELECT * FROM " . TABLE_PREFIX . "templateset");
+ while ($templateset = $bugsys->db->fetch_array($templatesets))
{
$tempstore["$templateset[templatesetid]"] = $templateset;
}
- $DB_sql->query("
+ $bugsys->db->query("
### replacing the template set cache ###
REPLACE INTO " . TABLE_PREFIX . "datastore (title, data)
VALUES ('templateset', '" . addslasheslike(serialize($tempstore)) . "')"
// ###################### Start Template::flush ######################
function flush($template)
{
- global $DB_sql;
+ global $db;
ob_start();
if (DEVDEBUG AND $_GET['query'])
{
- if (is_array($DB_sql->query_history))
+ if (is_array($db->query_history))
{
echo '<pre>';
- foreach ($DB_sql->query_history AS $query)
+ foreach ($db->query_history AS $query)
{
echo $query . "\n\n<hr />\n\n";
}
$debug .= "\r<hr /><br />\r<table cellpadding=\"4\" cellspacing=\"1\" border=\"0\" align=\"center\" width=\"99%\" class=\"tborder\">\r<tr>";
$debug .= "\r\t<td width=\"33%\" align=\"center\" class=\"panelback\" style=\"text-align:center\">" . 'construct_debug_info_list()' . "</td>\r\t<td width=\"33%\" align=\"center\" class=\"panelback\" style=\"text-align:center\">$revision</td>";
- $debug .= "\r\t<td width=\"33%\" align=\"center\" class=\"panelback\" style=\"text-align:center\"><a href=\"" . SCRIPT_URI . iff(strpos(SCRIPT_URI, '?') !== false, '&query=1', '?query=1') . "\">Total queries used: " . sizeof($DB_sql->query_history) . "</a>";
+ $debug .= "\r\t<td width=\"33%\" align=\"center\" class=\"panelback\" style=\"text-align:center\"><a href=\"" . SCRIPT_URI . iff(strpos(SCRIPT_URI, '?') !== false, '&query=1', '?query=1') . "\">Total queries used: " . sizeof($db->query_history) . "</a>";
$debug .= "</td>\r</tr>\r<tr>\r\t<td align=\"center\" class=\"panelback\" style=\"text-align:center\" colspan=\"3\">";
$debug .= "\r" . iff(is_array($this->uncached), sizeof($uncached) . " Uncached Template(s)\r<br />\r") . "<select>\r\t<option>TEMPLATE USAGE</option>\r\t" . implode("\r\t", $optlist) . "\r</select>\r</td></tr></table><br />";
error_reporting(E_ALL & ~E_NOTICE);
// ###################################################################
-if (PHP_VERSION < '4.1.0')
-{
- echo 'you do not have a new enough version of PHP';
- exit;
-}
-
-// ###################################################################
-// set quotes runtime
-set_magic_quotes_runtime(0);
+// initialize the database
-// ###################################################################
-// Initialize the database
if (!file_exists('./includes/config.php'))
{
echo 'includes/config.php needs to be present!';
}
require_once('./includes/config.php');
-require_once('./includes/db_mysql.php');
-$DB_sql = new DB_Sql();
-$DB_sql->appname = 'BugStrike';
-$DB_sql->database = $database;
-$DB_sql->connect($servername, $username, $password, $usepconnect);
+define('ISSO_ESCAPE_STRINGS', 1);
+define('ISSO_CHECK_POST_REFERER', 1);
+
+require_once($pathtoisso . 'kernel.php');
+$bugsys =& $_isso;
+$bugsys->application = 'BugStrike';
+$bugsys->apppath = $bugsys->fetch_sourcepath(getcwd());
+$bugsys->appversion = '[#]version[#]';
+$bugsys->debug = $debug;
+$bugsys->sourcepath = $bugsys->fetch_sourcepath($pathtoisso);
+
+$bugsys->load('db_mysql');
+$db->database = $database;
+$db->connect($servername, $username, $password, $usepconnect);
+
+$bugsys->load('functions');
+$bugsys->load('mail');
+
define('DEVDEBUG', $debug);
define('TABLE_PREFIX', $tableprefix);
define('COOKIE_PREFIX', $cookieprefix);
+
unset($database, $servername, $username, $password, $usepconnect, $tableprefix, $cookieprefix);
-// ###################################################################
-// Initialize our environment
require_once('./includes/functions_datastore.php');
require_once('./includes/functions.php');
-class BugTracker
+
+// ###################################################################
+// init the big four
+$bugsys->options = array();
+$bugsys->userinfo = array();
+$bugsys->language = array();
+$bugsys->datastore = array();
+
+// ###################################################################
+// populate our caches
+$datastoretemp = $db->query("SELECT * FROM " . TABLE_PREFIX . "datastore");
+while ($store = $db->fetch_array($datastoretemp))
{
- var $options = array();
- var $userinfo = array();
- var $language = array();
- var $datastore = array();
-
- function BugTracker()
+ $bugsys->datastore["$store[title]"] = unserialize($store['data']);
+}
+$bugsys->options = $bugsys->datastore['setting'];
+unset($bugsys->datastore['setting']);
+
+$mail->from = $bugsys->options['webmasteremail'];
+$mail->fromname = 'BugStrike Notification';
+
+// ###################################################################
+// load userinfo
+$userid = intval($_COOKIE[COOKIE_PREFIX . 'userid']);
+
+$userinfo = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $userid");
+if (is_array($userinfo) AND $_COOKIE[COOKIE_PREFIX . 'authkey'] == $userinfo['authkey'])
+{
+ $userinfo['permissions'] = (int)$bugsys->datastore['usergroup']["$userinfo[usergroupid]"]['permissions'];
+ $userinfo['displaytitle'] = $bugsys->datastore['usergroup']["$userinfo[usergroupid]"]['displaytitle'];
+ fetch_user_display_name($userinfo);
+ $userinfo['mdisplayname'] = $bugsys->datastore['usergroup']["$userinfo[usergroupid]"]['opentag'] . $userinfo['displayname'] . $bugsys->datastore['usergroup']["$userinfo[usergroupid]"]['closetag'];
+ $bugsys->userinfo = $userinfo;
+}
+else
+{
+ mysetcookie(COOKIE_PREFIX . 'userid');
+ mysetcookie(COOKIE_PREFIX . 'authkey');
+ $bugsys->userinfo = array(
+ 'usergroupid' => 1,
+ 'userid' => 0,
+ 'email' => '',
+ 'displayname' => '',
+ 'permissions' => $bugsys->datastore['usergroup'][1]['permissions'],
+ 'displaytitle' => $bugsys->datastore['usergroup'][1]['displaytitle'],
+ 'mdisplayname' => $bugsys->datastore['usergroup'][1]['opentag'] . '' . $bugsys->datastore['usergroup'][1]['closetag']
+ );
+}
+
+// ###################################################################
+// pull our languageid
+if ($bugsys->userinfo['userid'])
+{
+ $languageid = $bugsys->userinfo['languageid'];
+ $language = $bugsys->datastore['language']["$languageid"];
+}
+if (!$languageid)
+{
+ foreach ($bugsys->datastore['language'] AS $language)
{
- global $DB_sql, $vars;
-
- // Fetch all the datastore caches
- $datastoretemp = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "datastore");
- while ($store = $DB_sql->fetch_array($datastoretemp))
+ if ($language['default'])
{
- $this->datastore["$store[title]"] = unserialize($store['data']);
- }
-
- // Assign options and fetch the userinfo
- $this->options = $this->datastore['setting'];
- unset($this->datastore['setting']);
- $this->userinfo = (array)$this->fetch_userinfo(-1, true);
-
- // Pull our languageid
- if ($this->userinfo['userid'])
- {
- $languageid = $this->userinfo['languageid'];
- $language = $this->datastore['language']["$languageid"];
- }
- if (!$languageid)
- {
- foreach ($this->datastore['language'] AS $language)
- {
- if ($language['default'])
- {
- $languageid = $language['languageid'];
- $language = $this->datastore['language']["$languageid"];
- break;
- }
- }
- }
-
- $this->options['lang_id'] = $language['languageid'];
- $this->options['lang_charset'] = $language['charset'];
- $this->options['lang_dir'] = $language['direction'];
- $this->options['lang_code'] = $language['languagecode'];
-
- /*
- // can't use this because not everyone has MySQL >= 4.0.17 ... one day, one day
- $phrases = $DB_sql->query("
- (SELECT varname, phrasetext FROM " . TABLE_PREFIX . "phrase)
- UNION DISTINCT
- (SELECT varname AS lvarname, phrasetext AS lphrasetext FROM " . TABLE_PREFIX . "locale AS locale WHERE languageid = " . $this->options['lang_id'] . ")"
- );
- while ($phrase = $DB_sql->fetch_array($phrases))
- {
- $this->language["$phrase[varname]"] = $phrase['phrasetext'];
- }
- $DB_sql->free_result($phrases);
- */
-
- // load master language
- $phrases = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "phrase");
- while ($phrase = $DB_sql->fetch_array($phrases))
- {
- $this->language["$phrase[varname]"] = $phrase['phrasetext'];
- }
- $DB_sql->free_result($phrases);
-
- // load locale data
- $locale = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "locale WHERE languageid = " . $this->options['lang_id']);
- while ($phrase = $DB_sql->fetch_array($locale))
- {
- $this->language["$phrase[varname]"] = $phrase['phrasetext'];
- }
- $DB_sql->free_result($phrases);
-
- // get the templateset
- if ($this->userinfo['userid'])
- {
- $templatesetid = $this->userinfo['templatesetid'];
- $templateset = $this->datastore['templateset']["$templatesetid"];
- }
- if (!$templatesetid)
- {
- foreach ($this->datastore['templateset'] AS $templateset)
- {
- if ($templateset['default'])
- {
- $templatesetid = $templateset['templatesetid'];
- $templateset = $this->datastore['templateset']["$templatesetid"];
- }
- }
- }
-
- // load the template system
- if (file_exists("./templates/$templateset[shortname]/tsinfo.php"))
- {
- $this->options['ts_includepath'] = "./templates/$templateset[shortname]/";
- }
- else
- {
- echo "template set info (templates/$templateset[shortname]/tsinfo.php) could not be loaded!";
- exit;
+ $languageid = $language['languageid'];
+ $language = $bugsys->datastore['language']["$languageid"];
+ break;
}
}
-
- function fetch_userinfo($userid = -1, $verify_password = false)
+}
+
+$bugsys->options['lang_id'] = $language['languageid'];
+$bugsys->options['lang_charset'] = $language['charset'];
+$bugsys->options['lang_dir'] = $language['direction'];
+$bugsys->options['lang_code'] = $language['languagecode'];
+
+// ###################################################################
+// load master language
+/*
+// can't use this because not everyone has MySQL >= 4.0.17 ... one day, one day
+$phrases = $db->query("
+ (SELECT varname, phrasetext FROM " . TABLE_PREFIX . "phrase)
+ UNION DISTINCT
+ (SELECT varname AS lvarname, phrasetext AS lphrasetext FROM " . TABLE_PREFIX . "locale AS locale WHERE languageid = " . $bugsys->options['lang_id'] . ")"
+);
+while ($phrase = $db->fetch_array($phrases))
+{
+ $bugsys->language["$phrase[varname]"] = $phrase['phrasetext'];
+}
+$db->free_result($phrases);
+*/
+
+$phrases = $db->query("SELECT * FROM " . TABLE_PREFIX . "phrase");
+while ($phrase = $db->fetch_array($phrases))
+{
+ $bugsys->language["$phrase[varname]"] = $phrase['phrasetext'];
+}
+$db->free_result($phrases);
+
+// ###################################################################
+// load locale data
+$locale = $db->query("SELECT * FROM " . TABLE_PREFIX . "locale WHERE languageid = " . $bugsys->options['lang_id']);
+while ($phrase = $db->fetch_array($locale))
+{
+ $bugsys->language["$phrase[varname]"] = $phrase['phrasetext'];
+}
+$db->free_result($phrases);
+
+// ###################################################################
+// get the templateset
+if ($bugsys->userinfo['userid'])
+{
+ $templatesetid = $bugsys->userinfo['templatesetid'];
+ $templateset = $bugsys->datastore['templateset']["$templatesetid"];
+}
+if (!$templatesetid)
+{
+ foreach ($bugsys->datastore['templateset'] AS $templateset)
{
- global $DB_sql;
-
- // Get the userid if not specified
- if ($userid == -1)
+ if ($templateset['default'])
{
- $userid = intval($_COOKIE[COOKIE_PREFIX . 'userid']);
- }
-
- // Set the falseinfo stuff
- $falseinfo = array(
- 'usergroupid' => 1,
- 'userid' => 0,
- 'email' => '',
- 'displayname' => '',
- 'permissions' => $this->datastore['usergroup'][1]['permissions'],
- 'displaytitle' => $this->datastore['usergroup'][1]['displaytitle'],
- 'mdisplayname' => $this->datastore['usergroup'][1]['opentag'] . '' . $this->datastore['usergroup'][1]['closetag']
- );
-
- // Get the userinfo
- $userinfo = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $userid");
- if (is_array($userinfo))
- {
- $userinfo['permissions'] = (int)$this->datastore['usergroup']["$userinfo[usergroupid]"]['permissions'];
- $userinfo['displaytitle'] = $this->datastore['usergroup']["$userinfo[usergroupid]"]['displaytitle'];
- fetch_user_display_name($userinfo);
- $userinfo['mdisplayname'] = $this->datastore['usergroup']["$userinfo[usergroupid]"]['opentag'] . $userinfo['displayname'] . $this->datastore['usergroup']["$userinfo[usergroupid]"]['closetag'];
- // Verify that the cookie isn't fake
- if ($verify_password)
- {
- if ($_COOKIE[COOKIE_PREFIX . 'authkey'] == $userinfo['authkey'])
- {
- return $userinfo;
- }
- else
- {
- mysetcookie(COOKIE_PREFIX . 'userid');
- mysetcookie(COOKIE_PREFIX . 'authkey');
- return $falseinfo;
- }
- }
- else
- {
- return $userinfo;
- }
- }
- else
- {
- mysetcookie(COOKIE_PREFIX . 'userid');
- mysetcookie(COOKIE_PREFIX . 'authkey');
- return $falseinfo;
+ $templatesetid = $templateset['templatesetid'];
+ $templateset = $bugsys->datastore['templateset']["$templatesetid"];
}
}
}
-$bugsys = new BugTracker();
+// ###################################################################
+// load the template system
+if (file_exists("./templates/$templateset[shortname]/tsinfo.php"))
+{
+ $bugsys->options['ts_includepath'] = "./templates/$templateset[shortname]/";
+}
+else
+{
+ echo "template set info (templates/$templateset[shortname]/tsinfo.php) could not be loaded!";
+ exit;
+}
// ###################################################################
// Initialize usergroup system
// #*# pagination needs to be done here
-$bugs_fetch = $DB_sql->query("
+$bugs_fetch = $db->query("
SELECT bug.*, user1.displayname AS firstreport, user2.displayname AS lastpost
FROM " . TABLE_PREFIX . "bug AS bug
LEFT JOIN user AS user1
ORDER BY bug.lastposttime DESC"
);
-while ($bug = $DB_sql->fetch_array($bugs_fetch))
+while ($bug = $db->fetch_array($bugs_fetch))
{
$bug['product'] = $bugsys->datastore['product']["$bug[productid]"]['title'];
$bug['version'] = $bugsys->datastore['version']["$bug[versionid]"]['version'];
eval('$bugs .= "' . $tpl->fetch('trackerhome_bits') . '";');
}
-$DB_sql->free_result($bugs_fetch);
+$db->free_result($bugs_fetch);
$show['newreport'] = iff(can_perform('cansubmitbugs'), true, false);
$url = 'index.php';
}
- $userinfo = $DB_sql->query_first("SELECT * FROM user WHERE email = '" . addslasheslike($vars['email']) . "'");
+ $userinfo = $db->query_first("SELECT * FROM user WHERE email = '" . addslasheslike($vars['email']) . "'");
if (md5(md5($vars['password']) . md5($userinfo['salt'])) == $userinfo['password'])
{
mysetcookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $vars['rememberme']);
$time = time();
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "comment
(bugid, userid, dateline, comment, comment_parsed)
VALUES
)"
);
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $vars[bugid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $vars[bugid]");
echo "<a href=\"showreport.php?bugid=$vars[bugid]\">comment inserted</a>";
}
{
sanitize(array('bugid' => INT));
- $bug = $DB_sql->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX . "bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = $vars[bugid]");
+ $bug = $db->query_first("SELECT bug.*, comment.comment FROM " . TABLE_PREFIX . "bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid = $vars[bugid]");
if (!$bug)
{
echo 'alert: bad bug';
}
// create the bug report
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "bug
(userid, productid, componentid, versionid, summary, severity, priority, status, assignedto, resolution)
VALUES
)"
);
- $bugid = $DB_sql->insert_id();
+ $bugid = $db->insert_id();
$time = time();
// insert the comment to the database
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "comment
(bugid, userid, dateline, comment, comment_parsed)
VALUES
)"
);
- $initialreport = $DB_sql->insert_id();
+ $initialreport = $db->insert_id();
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "bug SET dateline = $time, initialreport = $initialreport, lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $bugid");
+ $db->query("UPDATE " . TABLE_PREFIX . "bug SET dateline = $time, initialreport = $initialreport, lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $bugid");
echo "<a href=\"showreport.php?bugid=$bugid\">bug is done!</a>";
}
$errors[] = 'The password you specified was blank.';
}
- if (is_array($DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . addslasheslike($vars['email']) . "'")))
+ if (is_array($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . addslasheslike($vars['email']) . "'")))
{
$errors[] = 'The specified email is already in use.';
}
}
}
- $DB_sql->query("
+ $db->query("
INSERT INTO " . TABLE_PREFIX . "user
(email, displayname, password, salt, authkey, showemail, languageid, usergroupid)
VALUES
)"
);
- $userid = $DB_sql->insert_id();
+ $userid = $db->insert_id();
// Verify email address
if ($usergroupid == 3)
{
$activationid = fetch_random_chars(25);
- $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)");
+ $db->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)");
mymail(addslasheslike($vars['email']), 'Welcome to ' . $bugsys->options['trackertitle'], "Hi " . addslasheslike($vars['displayname']) . " you need to activate your account: http://devbox/bugtraq/register.php?do=activate&userid=" . $userid . "&activator=" . $activationid);
{
sanitize(array('userid' => INT, 'activator' => STR));
- if ($useractivation = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid] AND activator = '" . addslasheslike($vars['activator']) . "'"))
+ if ($useractivation = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid] AND activator = '" . addslasheslike($vars['activator']) . "'"))
{
- $DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = $vars[userid]");
- $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid]");
+ $db->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = $vars[userid]");
+ $db->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid]");
echo 'your account is now activated and you can now login';
}
else
{
// force email or name?? make a distinction?
// more elegant way to do this? probably
- $user = $DB_sql->query_first("SELECT * FROM user WHERE email = '$vars[reporter]' OR MATCH (displayname) AGAINST ('$vars[reporter]')");
+ $user = $db->query_first("SELECT * FROM user WHERE email = '$vars[reporter]' OR MATCH (displayname) AGAINST ('$vars[reporter]')");
if ($user['userid'])
{
$querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]";
// -------------------------------------------------------------------
// do the search
- $search = $DB_sql->query("
+ $search = $db->query("
SELECT bug.*, comment.commentid,
user1.displayname AS firstreport,
user2.displayname AS lastpost
$sortclause"
);
- $numrows = $DB_sql->num_rows($search);
+ $numrows = $db->num_rows($search);
if ($numrows < 1)
{
exit;
}
- while ($bug = $DB_sql->fetch_array($search))
+ while ($bug = $db->fetch_array($search))
{
$bug['product'] = $bugsys->datastore['product']["$bug[productid]"]['title'];
$bug['version'] = $bugsys->datastore['version']["$bug[versionid]"]['version'];
// get the report
sanitize(array('bugid' => INT, 'hilight' => STR));
-$bug = $DB_sql->query_first("
+$bug = $db->query_first("
SELECT bug.*, user.displayname, user.email, user.showemail
FROM " . TABLE_PREFIX . "bug AS bug
LEFT JOIN " . TABLE_PREFIX . "user AS user
// -------------------------------------------------------------------
// get comments
-$comments_fetch = $DB_sql->query("
+$comments_fetch = $db->query("
SELECT comment.*, user.email, user.showemail, user.displayname
FROM " . TABLE_PREFIX . "comment AS comment
LEFT JOIN " . TABLE_PREFIX . "user AS user
WHERE comment.bugid = $vars[bugid]
ORDER BY comment.dateline ASC"
);
-while ($comment = $DB_sql->fetch_array($comments_fetch))
+while ($comment = $db->fetch_array($comments_fetch))
{
$comment['posttime'] = datelike('standard', $comment['dateline']);
$comment['postby'] = construct_user_display($comment);