r532: - Removing NULL 2nd parameter from can_perform()

author Robert Sesek <rsesek@bluestatic.org>

Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)

committer Robert Sesek <rsesek@bluestatic.org>

Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)
author Robert Sesek <rsesek@bluestatic.org>
Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)
committer Robert Sesek <rsesek@bluestatic.org>
Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)
diff --git a/attachment.php b/attachment.php

index 6bf64a225e18fb904f22a8e34da2fd03d22a25f1..bbd62f4f76530b95c9edcd4930c3d0c96c29012e 100755 (executable)
--- a/attachment.php
+++ b/attachment.php
@@ -45,7 +45,7 @@ $log->bugid = $bug['bugid'];
  
  if ($_POST['do'] == 'insert')
  {
-       if (!can_perform('canputattach', null, $bug['productid']))
+       if (!can_perform('canputattach', $bug['productid']))
         {
                 $message->error_permission();
         }
@@ -108,7 +108,7 @@ if ($_POST['do'] == 'insert')
         }
         
         // handle comment stuff
-       if (can_perform('canpostcomments', null, $bug['productid']) AND trim($bugsys->in['comment']))
+       if (can_perform('canpostcomments', $bug['productid']) AND trim($bugsys->in['comment']))
         {
                 $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
                 
@@ -138,14 +138,14 @@ if ($_POST['do'] == 'insert')
  
  if ($_REQUEST['do'] == 'add')
  {
-       if (!can_perform('canputattach', null, $bug['productid']))
+       if (!can_perform('canputattach', $bug['productid']))
         {
                 $message->error_permission();
         }
         
         $MAXFILESIZE = $funct->fetch_max_attachment_size();
         
-       $show['addcomment'] = ((can_perform('canpostcomments', null, $bug['productid'])) ? true : false);
+       $show['addcomment'] = ((can_perform('canpostcomments', $bug['productid'])) ? true : false);
         $show['obsoletes'] = false;
         
         $obsoletes_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE bugid = $bug[bugid] AND !obsolete");
@@ -163,7 +163,7 @@ if ($_REQUEST['do'] == 'add')
  
  if ($_POST['do'] == 'update')
  {
-       if (!(can_perform('caneditattach', null, $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', null, $bug['productid']))))
+       if (!(can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))))
         {
                 $message->error_permission();
         }
@@ -191,12 +191,12 @@ if ($_POST['do'] == 'update')
  
  if ($_REQUEST['do'] == 'edit')
  {
-       if (!(can_perform('caneditattach', null, $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', null, $bug['productid']))))
+       if (!(can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))))
         {
                 $message->error_permission();
         }
         
-       $show['delete'] = ((can_perform('caneditattach', null, $bug['productid'])) ? true : false);
+       $show['delete'] = ((can_perform('caneditattach', $bug['productid'])) ? true : false);
         
         eval('$template->flush("' . $template->fetch('editattach') . '");');
  }
diff --git a/editcomment.php b/editcomment.php

index 95395c6661fd1d6689a5205a3344615001bd39f1..2d7540f5d5fa562b1c5dd17d8a6220688e0e8923 100644 (file)
--- a/editcomment.php
+++ b/editcomment.php
@@ -35,12 +35,12 @@ if (!$comment)
  
  $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $comment[bugid]");
  
-if (!((can_perform('caneditown', null, $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', null, $bug['productid'])))
+if (!((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])))
  {
         $message->error_permission();
  }
  
-if ($bug['hidden'] AND !can_perform('canviewhidden', null, $bug['productid']))
+if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  {
         $message->error_permissison();
  }
diff --git a/editreport.php b/editreport.php

index 126003203fb754c7df8c998ba560921007e50246..eb2b7d9b47897d4bdfe6ff42cfef3d408777919d 100644 (file)
--- a/editreport.php
+++ b/editreport.php
@@ -26,7 +26,7 @@ $bug = $db->query_first("
         WHERE bug.bugid = " . intval($bugsys->in['bugid'])
  );
  
-if (!(((can_perform('caneditown', null, $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', null, $bug['productid'])) AND can_perform('caneditinfo', null, $bug['productid'])) AND !can_perform('canpostcomments', null, $bug['productid']))
+if (!(((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])) AND can_perform('caneditinfo', $bug['productid'])) AND !can_perform('canpostcomments', $bug['productid']))
  {
         $message->error_permission();
  }
@@ -36,7 +36,7 @@ if (!$bug)
         $message->error($lang->getlex('error_invalid_id'));
  }
  
-if ($bug['hidden'] AND !can_perform('canviewhidden', null, $bug['productid']))
+if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  {
         $message->error_permission();
  }
@@ -52,7 +52,7 @@ if ($_POST['do'] == 'update')
  {
         // -------------------------------------------------------------------
         // process comment stuff
-       if (!(((can_perform('caneditown', null, $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', null, $bug['productid'])) AND can_perform('caneditinfo', null, $bug['productid'])))
+       if (!(((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])) AND can_perform('caneditinfo', $bug['productid'])))
         {
                 $hascomment = (!empty($bugsys->in['comment'])) ? true : false;
                 
@@ -105,7 +105,7 @@ if ($_POST['do'] == 'update')
                 }
         }
         
-       if (!(((can_perform('caneditown', null, $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', null, $bug['productid'])) AND can_perform('caneditinfo', null, $bug['productid'])))
+       if (!(((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])) AND can_perform('caneditinfo', $bug['productid'])))
         {
                 $message->redirect($lang->string('Your reply has been added to the comment list.'), "showreport.php?bugid=$bug[bugid]");
         }
@@ -155,12 +155,12 @@ if ($_POST['do'] == 'update')
                 UPDATE " . TABLE_PREFIX . "bug
                 SET summary = '" . $bugsys->in['summary'] . "',
                         severity = " . intval($bugsys->in['severity']) . "," .
-                               (can_perform('canchangestatus', null, $bug['productid']) ? "
+                               (can_perform('canchangestatus', $bug['productid']) ? "
                                         priority = " . intval($bugsys->in['priority']) . ",
                                         status = " . intval($bugsys->in['status']) . ",
                                         resolution = " . intval($bugsys->in['resolution']) . ","
                                 : '') . "
-                       " . (can_perform('canassign', null, $bug['productid']) ? "assignedto = " . intval($bugsys->in['assignedto']) . "," : '') . "
+                       " . (can_perform('canassign', $bug['productid']) ? "assignedto = " . intval($bugsys->in['assignedto']) . "," : '') . "
                         duplicateof = " . intval($bugsys->in['duplicateof']) . ",
                         dependency = '$dependencies',
                         productid = " . $pcv['product'] . ",
diff --git a/favourite.php b/favourite.php

index 256e43c2b9c70e6b80f00ca93886102723f026fa..174d0480c9027d2ad524d46ff91286f3fe40a933 100644 (file)
--- a/favourite.php
+++ b/favourite.php
@@ -33,7 +33,7 @@ if (empty($_REQUEST['do']))
  if ($_REQUEST['do'] == 'handle')
  {
         $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']));
-       if (!$bug OR (!can_perform('canviewhidden', null, $bug['productid']) AND $bug['hidden']))
+       if (!$bug OR (!can_perform('canviewhidden', $bug['productid']) AND $bug['hidden']))
         {
                 $message->error($lang->getlex('error_invalid_id'));
         }
diff --git a/index.php b/index.php

index 5795d599ab225ce03858941fb834146c6683cd17..78d8eeb633a9b4289dd118bb64f8ecfa3f8b17a6 100644 (file)
--- a/index.php
+++ b/index.php
@@ -32,7 +32,13 @@ if (!can_perform('canviewbugs'))
  // ###################################################################
  
  $pagination = new Pagination('p', 'pp');
-$count = $db->query_first("SELECT COUNT(*) AS count FROM " . TABLE_PREFIX . "bug" . (!can_perform('canviewhidden') ? " WHERE !hidden" : ""));
+$count = $db->query_first("
+       SELECT COUNT(*) AS count
+       FROM " . TABLE_PREFIX . "bug
+       WHERE (!hidden OR (hidden AND productid IN (" . fetch_on_bits('canviewhidden') . ")))
+       AND productid IN (" . fetch_on_bits('canviewbugs') . ")"
+);
+
  $pagination->total = $count['count'];
  $pagination->split_pages();
  
@@ -44,8 +50,9 @@ $bugs_fetch = $db->query("
         LEFT JOIN user AS user2
                 ON (bug.lastpostby = user2.userid)
         LEFT JOIN user AS user3
-               ON (bug.hiddenlastpostby = user3.userid)" . ((!can_perform('canviewhidden')) ? "
-       WHERE !hidden" : "") . "
+               ON (bug.hiddenlastpostby = user3.userid)
+       WHERE bug.productid IN (" . fetch_on_bits('canviewbugs') . ")
+               AND (!hidden OR (hidden AND productid IN (" . fetch_on_bits('canviewhidden') . ")))
         ORDER BY bug." . ((can_perform('canviewhidden')) ? "lastposttime" : "hiddenlastposttime") . " DESC
         LIMIT " . $pagination->fetch_limit($pagination->page - 1) . ", " . $pagination->perpage
  );
@@ -59,7 +66,7 @@ while ($bug = $db->fetch_array($bugs_fetch))
         $bug['status'] = $bugsys->datastore['status']["$bug[status]"]['status'];
         $bug['resolution'] = $bugsys->datastore['resolution']["$bug[resolution]"]['resolution'];
         
-       $bug['hiddendisplay'] = ((!can_perform('canviewhidden', null, $bug['productid']) AND $bug['hiddenlastposttime']) ? true : false);
+       $bug['hiddendisplay'] = ((!can_perform('canviewhidden', $bug['productid']) AND $bug['hiddenlastposttime']) ? true : false);
         
         $bug['lastposttime'] = (($bug['hiddendisplay']) ? $bug['hiddenlastposttime'] : $bug['lastposttime']);
         $bug['lastpost'] = (($bug['hiddendisplay']) ? $bug['hiddenlastpost'] : $bug['lastpost']);
diff --git a/newcomment.php b/newcomment.php

index 39ecd7b3a964654e752554c59446eb197216210f..917bddca647a0d91e478c391506b5143a18c88c2 100644 (file)
--- a/newcomment.php
+++ b/newcomment.php
@@ -20,7 +20,7 @@ if (!$bug)
         $message->error($lang->getlex('error_invalid_id'));
  }
  
-if (!can_perform('canpostcomments', null, $bug['productid'])))
+if (!can_perform('canpostcomments', $bug['productid'])))
  {
         $message->error_permission();
  }
diff --git a/newreport.php b/newreport.php

index d305aa0e59ff78e543af3b4babe602bab8ffe37b..91dde63cbc2ac842fecd84315e658d07d8643658 100755 (executable)
--- a/newreport.php
+++ b/newreport.php
@@ -21,7 +21,7 @@ $focus['newreport'] = 'focus';
  require_once('./global.php');
  require_once('./includes/functions_product.php');
  
-if (!can_perform('cansubmitbugs', null, intval($bugsys->in['productid'])))
+if (!can_perform('cansubmitbugs', intval($bugsys->in['productid'])))
  {
         $message->error_permission();
  }
@@ -39,7 +39,7 @@ if ($_POST['do'] == 'insert')
  {
         // -------------------------------------------------------------------
         // check permissions on various input values
-       if (!can_perform('canchangestatus', null, intval($bugsys->in['productid'])))
+       if (!can_perform('canchangestatus', intval($bugsys->in['productid'])))
         {
                 $bugsys->in['priority'] = $bugsys->options['defaultpriority'];
                 $bugsys->in['status'] = $bugsys->options['defaultstatus'];
@@ -60,7 +60,7 @@ if ($_POST['do'] == 'insert')
                         $bugsys->in['resolution'] = $bugsys->options['defaultresolve'];
                 }
         }
-       if (!can_perform('canassign', null, intval($bugsys->in['productid'])))
+       if (!can_perform('canassign', intval($bugsys->in['productid'])))
         {
                 $bugsys->in['assignedto'] = $bugsys->options['defaultassign'];
         }
diff --git a/showhistory.php b/showhistory.php

index 7066d66a5814cf7d5d2bad3c9cc1c61753c8ae65..623433ed4f86dccce137a6280706fadf12b8005a 100644 (file)
--- a/showhistory.php
+++ b/showhistory.php
@@ -28,7 +28,7 @@ if (!$bug)
         $message->error($lang->getlex('error_invalid_id'));
  }
  
-if ($bug['hidden'] AND !can_perform('canviewhidden', null, $bug['productid']))
+if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  {
         $message->error_permission();
  }
diff --git a/showreport.php b/showreport.php

index 9439125bae98b0ec7bdbba71a84a1cdc2fdbb1f7..5678e93a2ebee97ed703401117397066850db173 100644 (file)
--- a/showreport.php
+++ b/showreport.php
@@ -25,13 +25,6 @@ $focus['showreport'] = 'focus';
  require_once('./global.php');
  require_once('./includes/functions_product.php');
  
-if (!can_perform('canviewbugs'))
-{
-       $message->error_permission();
-}
-
-$show['edit'] = (((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $bug['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')) ? true : false;
-
  $bugid = intval($bugsys->in['bugid']);
  
  // ###################################################################
@@ -69,12 +62,19 @@ $bug = $db->query_first("
         WHERE bug.bugid = " . intval($bugsys->in['bugid'])
  );
  
+if (!can_perform('canviewbugs', $bug['productid']))
+{
+       $message->error_permission();
+}
+
+$show['edit'] = (((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR can_perform('caneditothers', $bug['productid'])) AND can_perform('caneditinfo', $bug['productid'])) ? true : false;
+
  if (!is_array($bug))
  {
         $message->error($lang->getlex('error_invalid_id'));
  }
  
-if ($bug['hidden'] AND !can_perform('canviewhidden', null, $bug['productid']))
+if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
  {
         $message->error_permission();
  }
@@ -97,16 +97,16 @@ if ($show['edit'])
  {
         $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', $bug['severity']);
         
-       $show['changestatus'] = ((can_perform('canchangestatus', null, $bug['productid'])) ? true : false);
-       if (can_perform('canchangestatus', null, $bug['productid']))
+       $show['changestatus'] = ((can_perform('canchangestatus', $bug['productid'])) ? true : false);
+       if (can_perform('canchangestatus', $bug['productid']))
         {
                 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', $bug['priority']);
                 $select['status'] = construct_datastore_select('status', 'status', 'statusid', $bug['status']);
                 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', $bug['resolution']);             
         }
         
-       $show['assign'] = ((can_perform('canassign', null, $bug['productid'])) ? true : false);
-       if (can_perform('canassign', null, $bug['productid']))
+       $show['assign'] = ((can_perform('canassign', $bug['productid'])) ? true : false);
+       if (can_perform('canassign', $bug['productid']))
         {
                 foreach ($bugsys->datastore['assignto'] AS $dev)
                 {
@@ -230,8 +230,8 @@ foreach ($words AS $word)
  
  // -------------------------------------------------------------------
  // attachments
-$show['getattachments'] = ((can_perform('cangetattach', null, $bug['productid']) OR can_perform('caneditattach', null, $bug['productid'])) ? true : false);
-$show['putattachments'] = ((can_perform('canputattach', null, $bug['productid']) OR can_perform('caneditattach', null, $bug['productid'])) ? true : false);
+$show['getattachments'] = ((can_perform('cangetattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
+$show['putattachments'] = ((can_perform('canputattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
  $show['attachments'] = ($show['getattachments'] OR $show['putattachments']) ? true : false;
  
  if ($show['getattachments'] OR $show['putattachments'])
@@ -250,7 +250,7 @@ if ($show['getattachments'] OR $show['putattachments'])
         while ($attachment = $db->fetch_array($attachments_fetch))
         {
                 $attaches = true;
-               $show['editattach'] = ((can_perform('caneditattach', null, $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', null, $bug['productid']))) ? true : false);
+               $show['editattach'] = ((can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))) ? true : false);
                 $attachment['date'] = $datef->format($bugsys->options['dateformat'], $attachment['dateline']);
                 $attachment['user'] = construct_user_display($attachment, false);
                 eval('$attachments .= "' . $template->fetch('showreport_attachment') . '";');
@@ -268,7 +268,7 @@ $vote['total'] = $vote['votefor'] + $vote['voteagainst'];
  $vote['forpercent'] = round($vote['votefor'] / $vote['total'], 3) * 100;
  $vote['againstpercent'] = round($vote['voteagainst'] / $vote['total'], 3) * 100;
  
-$show['vote'] = ((can_perform('canvote', null, $bug['productid']) AND !$vote['uservote']) ? true : false);
+$show['vote'] = ((can_perform('canvote', $bug['productid']) AND !$vote['uservote']) ? true : false);
  
  // -------------------------------------------------------------------
  // get comments
@@ -277,7 +277,7 @@ $comments_fetch = $db->query("
         FROM " . TABLE_PREFIX . "comment AS comment
         LEFT JOIN " . TABLE_PREFIX . "user AS user
                 ON (comment.userid = user.userid)
-       WHERE comment.bugid = $bug[bugid]" . ((!can_perform('canviewhidden', null, $bug['productid'])) ? "
+       WHERE comment.bugid = $bug[bugid]" . ((!can_perform('canviewhidden', $bug['productid'])) ? "
                 AND !hidden" : '') . "
         ORDER BY comment.dateline ASC"
  );
@@ -285,7 +285,7 @@ while ($comment = $db->fetch_array($comments_fetch))
  {
         $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
         $comment['postby'] = construct_user_display($comment);
-       $show['editcomment'] = (((can_perform('caneditown', null, $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', null, $bug['productid'])) ? true : false);
+       $show['editcomment'] = (((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers', $bug['productid'])) ? true : false);
         
         if (is_array($hilight))
         {
@@ -300,7 +300,7 @@ while ($comment = $db->fetch_array($comments_fetch))
         eval('$comments .= "' . $template->fetch('showreport_comment') . '";');
  }
  
-$show['newreply'] = ((can_perform('canpostcomments', null, $bug['productid'])) ? true : false);
+$show['newreply'] = ((can_perform('canpostcomments', $bug['productid'])) ? true : false);
  
  if (is_array($hilight))
  {
diff --git a/vote.php b/vote.php

index 9ce89ddf94d38d562425f4a1925a111f63404942..a55627022ccf7cda897af3d91ba9e7d3f5c0cc0b 100644 (file)
--- a/vote.php
+++ b/vote.php
@@ -30,7 +30,7 @@ if ($_REQUEST['do'] == 'vote')
         $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . intval($bugsys->in['bugid']) . ((!can_perform('canviewhidden')) ? " AND !bug.hidden" : ''));
         $vote =  $db->query_first("SELECT *, FIND_IN_SET(" . $bugsys->userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]");
         
-       if (!can_perform('canvote', null, $bug['productid']))
+       if (!can_perform('canvote', $bug['productid']))
         {
                 $message->error_permission();
         }
author	Robert Sesek <rsesek@bluestatic.org>
	Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)
committer	Robert Sesek <rsesek@bluestatic.org>
	Mon, 10 Oct 2005 22:00:15 +0000 (22:00 +0000)
attachment.php		patch \| blob \| history
editcomment.php		patch \| blob \| history
editreport.php		patch \| blob \| history
favourite.php		patch \| blob \| history
index.php		patch \| blob \| history
newcomment.php		patch \| blob \| history
newreport.php		patch \| blob \| history
showhistory.php		patch \| blob \| history
showreport.php		patch \| blob \| history
vote.php		patch \| blob \| history