Updating search.php

diff --git a/includes/class_logging.php b/includes/class_logging.php
index 8ba38224238beee841321b6f1a8839fbebe399d5..4612e127d59fb4e4061d3ff76e301aca64f74aec 100644 (file)
--- a/includes/class_logging.php
+++ b/includes/class_logging.php
@@ -92,8 +92,7 @@ class Logging
        */
        function set_bugid($id)
        {
-               global $bugsys;
-               $this->bugid = $bugsys->clean($id, TYPE_UINT);
+               $this->bugid = BSApp::$input->clean($id, TYPE_UINT);
        }
        
        // ###################################################################
@@ -106,8 +105,7 @@ class Logging
        */
        function set_attachmentid($id)
        {
-               global $bugsys;
-               $this->attachmentid = $bugsys->clean($id, TYPE_UINT);
+               $this->attachmentid = BSApp::$input->clean($id, TYPE_UINT);
        }
        
        // ###################################################################
@@ -120,8 +118,7 @@ class Logging
        */
        function set_commentid($id)
        {
-               global $bugsys;
-               $this->commentid = $bugsys->clean($id, TYPE_UINT);
+               $this->commentid = BSApp::$input->clean($id, TYPE_UINT);
        }
        
        // ###################################################################
@@ -194,20 +191,18 @@ class Logging
        */
        function update_history()
        {
-               global $bugsys;
-               
                $this->compare_arrays();
                
                foreach ($this->compared AS $field => $values)
                {
-                       $bugsys->db->query("
+                       BSApp::$db->query("
                                INSERT INTO " . TABLE_PREFIX . "history
                                        (bugid, attachmentid, commentid, dateline, userid, field, original, changed)
                                VALUES
-                                       (" . $bugsys->clean($this->bugid, TYPE_UINT) . ", " . $bugsys->clean($this->attachmentid, TYPE_UINT) . ",
-                                       " . $bugsys->clean($this->commentid, TYPE_UINT) . ", " . TIMENOW . ", " . bugdar::$userinfo['userid'] . ",
-                                       '" . $bugsys->db->escape_string($field) . "', '" . $bugsys->db->escape_string($values['old']) . "',
-                                       '" . $bugsys->db->escape_string($values['new']) . "'
+                                       (" . BSApp::$input->clean($this->bugid, TYPE_UINT) . ", " . BSApp::$input->clean($this->attachmentid, TYPE_UINT) . ",
+                                       " . BSApp::$input->clean($this->commentid, TYPE_UINT) . ", " . TIMENOW . ", " . bugdar::$userinfo['userid'] . ",
+                                       '" . BSApp::$db->escapeString($field) . "', '" . BSApp::$db->escapeString($values['old']) . "',
+                                       '" . BSApp::$db->escapeString($values['new']) . "'
                                )
                        ");
                }

diff --git a/includes/functions.php b/includes/functions.php
index cbc8df827eec8d497ad76bae91b7aa1b4a92c23d..39e419a4147ad7a22596ed7b412a818909e43de5 100755 (executable)
--- a/includes/functions.php
+++ b/includes/functions.php
@@ -384,14 +384,12 @@ function construct_custom_fields($bug = array(), $ignore21mask = false, $nodefau
 */
 function process_custom_fields(&$bugapi, &$msg, $errorbox = false, $searchMode = false)
 {
-       global $bugsys;
-       
        if (!$inputdata)
        {
-               $inputdata =& $bugsys->in;
+               $inputdata = &BSApp::$input->in;
        }
        
-       $fields = $bugsys->db->query("
+       $fields = BSApp::$db->query("
                SELECT bugfield.*, MAX(permission.mask) AS mask
                FROM " . TABLE_PREFIX . "bugfield AS bugfield
                LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission

diff --git a/search.php b/search.php
index 17f548637b816027b9920bb28fdea2053f6e1054..98d6801f7c8a1372bed3138be9f58db1c5af14cf 100644 (file)
--- a/search.php
+++ b/search.php
@@ -41,8 +41,6 @@ require_once('./includes/class_logging.php');
 require_once('./includes/api_bug.php');
 require_once('./includes/class_api_error.php');
 
-APIError(array($message, 'error'));
-
 if (!can_perform('cansearch'))
 {
        $message->errorPermission();
@@ -93,7 +91,7 @@ if ($_REQUEST['do'] == 'search')
                if ($cachedsearch['dateline'] < TIMENOW - 900 OR $input->in['rerun'])
                {
                        $_REQUEST['do'] = 'process';
-                       $bugsys->in = array_merge(unserialize($cachedsearch['query']), $bugsys->in);
+                       $input->in = array_merge(unserialize($cachedsearch['query']), $input->in);
                        BSApp::debug('rerunning the search');
                }
                else
@@ -119,8 +117,6 @@ if ($_REQUEST['do'] == 'search')
                        $message->error(T('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.'));
                }
                
-               $productSelect = ConstructProductSelect();
-               
                // -------------------------------------------------------------------
                // custom fields
                $fields = construct_custom_fields(null, true, false, true);             
@@ -151,21 +147,34 @@ if ($_REQUEST['do'] == 'search')
                        $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . bugdar::$userinfo['userid']);
                        foreach ($searchesFetch as $search)
                        {
-                               $value = $search['searchid'];
-                               $label = $search['name'];
-                               eval('$searches .= "' . $template->fetch('selectoption') . '";');
+                               $tpl = new BSTemplate('selectoption');
+                               $tpl->vars = array(
+                                       'value' => $search['searchid'],
+                                       'label' => $search['name']
+                               );
+                               $searches .= $tpl->evaluate()->getTemplate();
                        }
                }
                
                $select['dev'] = '';
                foreach (bugdar::$datastore['assignto'] AS $dev)
                {
-                       $value = $dev['userid'];
-                       $label = construct_user_display($dev, false);
-                       eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+                       $tpl = new BSTemplate('selectoption');
+                       $tpl->vars = array(
+                               'value' => $dev['userid'],
+                               'label' => construct_user_display($dev, false)
+                       );
+                       $select['dev'] .= $tpl->evaluate()->getTemplate();
                }
-                               
-               eval('$template->flush("' . $template->fetch('search') . '");');
+               
+               $tpl = new BSTemplate('search');
+               $tpl->vars = array(
+                       'select'                => $select,
+                       'productSelect' => ConstructProductSelect(),
+                       'customfields'  => $customfields,
+                       'searches'              => $searches
+               );
+               $tpl->evaluate()->flush();
        }
 }
 
@@ -237,7 +246,7 @@ if ($_REQUEST['do'] == 'process')
                foreach ($input->in['product'] AS $prod)
                {
                        $product = explode(',', $prod);
-                       $product = $bugsys->clean($product, TYPE_UINT);
+                       $product = $input->clean($product, TYPE_UINT);
                        $products[] = $product[0];
                        $components[] = $product[1];
                        $versions[] = $product[2];
@@ -325,13 +334,13 @@ if ($_REQUEST['do'] == 'process')
        
        // -------------------------------------------------------------------
        // custom fields
-       $fields_fetch = $bugsys->db->query("
+       $fields_fetch = $db->query("
                SELECT bugfield.*, MAX(permission.mask) AS mask
                FROM " . TABLE_PREFIX . "bugfield AS bugfield
                LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission
                        ON (bugfield.fieldid = permission.fieldid)
                WHERE mask <> 0
-               AND permission.usergroupid IN ({bugdar::$userinfo['usergroupid']}" . (sizeof(bugdar::$userinfo['groupids']) != 0 ? ',' . implode(',', bugdar::$userinfo['groupids']) : '') . ")
+               AND permission.usergroupid IN (" . bugdar::$userinfo['usergroupid'] . (sizeof(bugdar::$userinfo['groupids']) != 0 ? ',' . implode(',', bugdar::$userinfo['groupids']) : '') . ")
                AND bugfield.cansearch = 1
                GROUP BY (bugfield.fieldid)"
        );
@@ -385,7 +394,7 @@ if ($_REQUEST['do'] == 'process')
                $sortclause
        ");
        
-       $numrows = $db->num_rows($search);
+       $numrows = $search->size();
        
        if ($numrows < 1)
        {
@@ -404,7 +413,7 @@ if ($_REQUEST['do'] == 'process')
        }
        
        // store the search params
-       $params = $bugsys->in;
+       $params = $input->in;
        foreach ($_COOKIE AS $key => $value)
        {
                unset($params["$key"]);
@@ -424,13 +433,13 @@ if ($_REQUEST['do'] == 'process')
                                (userid, dateline, query, ids, orderby, hilight, resultcount)
                        VALUES
                                (" . bugdar::$userinfo['userid'] . ",
-                               " . TIMENOW . ", '" . $bugsys->escape(serialize($params)) . "',
-                               '" . implode(',', $ids) . "', '" . $bugsys->escape($sortclause) . "',
-                               '" . $bugsys->escape($hilight) . "',
+                               " . TIMENOW . ", '" . $input->escape(serialize($params)) . "',
+                               '" . implode(',', $ids) . "', '" . $input->escape($sortclause) . "',
+                               '" . $input->escape($hilight) . "',
                                " . sizeof($results) . "
                        )"
                );
-               $search = array('searchid' => $db->insert_id(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results));
+               $search = array('searchid' => $db->insertId(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results));
        }
        
        $_POST['do'] = 'results';
@@ -446,8 +455,6 @@ if ($_REQUEST['do'] == 'update')
                $message->errorPermission();
        }
        
-       $productSelect = ConstructProductSelect();
-       
        $show['update'] = true;
        
        // -------------------------------------------------------------------
@@ -474,20 +481,32 @@ if ($_REQUEST['do'] == 'update')
        $select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0);
        $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0);
        
-       $select['dev'] = '';
-       $value = '0';
-       $label = '';
-       $selected = true;
-       eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
-       $selected = false;
-       foreach (bugdar::$datastore['assignto'] AS $dev)
+       $tpl = new BSTemplate('selectoption');
+       $tpl->vars = array(
+               'value'         => 0,
+               'label'         => '',
+               'selected'      => true
+       );
+       $select['dev'] = $tpl->evaluate()->getTemplate();
+
+       foreach (bugdar::$datastore['assignto'] as $dev)
        {
-               $value = $dev['userid'];
-               $label = construct_user_display($dev, false);
-               eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
+               $tpl = new BSTemplate('selectoption');
+               $tpl->vars = array(
+                       'value'         => $dev['userid'],
+                       'label'         => construct_user_display($dev, false)
+               );
+               $select['dev'] .= $tpl->evaluate()->getTemplate();
        }
-               
-       eval('$template->flush("' . $template->fetch('search_update') . '");');
+       
+       $tpl = new BSTemplate('search_update');
+       $tpl->vars = array(
+               'search'                => $search,
+               'select'                => $select,
+               'customfields'  => $customfields,
+               'productSelect' => ConstructProductSelect()
+       );
+       $tpl->evaluate()->flush();
 }
 
 // ###################################################################
@@ -521,7 +540,6 @@ if ($_POST['do'] == 'doupdate')
                                
                $api = new BugApi($bugsys);
                $api->set('bugid', $bug['bugid']);
-               $api->set_condition();
                $api->values = $bug;
                                
                $log = new Logging();
@@ -593,7 +611,7 @@ if ($_REQUEST['do'] == 'export')
        
        $xml = '<?xml version="1.0" encoding="' . $language['charset'] . '"?>
 
-<bugdarExport user="' . $bugsys->unsanitize(construct_user_display(bugdar::$userinfo, false)) . '" date="' . $datef->format('r', TIMENOW) . '" searchid="' . $search['searchid'] . '">';
+<bugdarExport user="' . $input->unsanitize(construct_user_display(bugdar::$userinfo, false)) . '" date="' . $datef->format('r', TIMENOW) . '" searchid="' . $search['searchid'] . '">';
 
        foreach ($bugs as $bug)
        {
@@ -651,7 +669,7 @@ if ($_POST['do'] == 'dosave')
        
        if (!$message->hasErrors())
        {
-               $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $bugsys->input_escape('name') . "' WHERE searchid = " . $input->in['searchid']);
+               $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $input->inputEscape('name') . "' WHERE searchid = " . $input->in['searchid']);
                $message->redirect(T('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']);
        }
        else
@@ -670,7 +688,13 @@ if ($_REQUEST['do'] == 'save')
                $message->errorPermission();
        }
        
-       eval('$template->flush("' . $template->fetch('search_save') . '");');
+       $tpl = new BSTemplate('search_save');
+       $tpl->vars = array(
+               'message'       => $message,
+               'searchid'      => $input->in['searchid'],
+               'name'          => $input->in['name']
+       );
+       $tpl->evaluate()->flush();
 }
 
 // ###################################################################
@@ -684,8 +708,10 @@ if ($_POST['do'] == 'results')
        
        $searchid = $search['searchid'];
        $hilight = $search['hilight'];
-               
-       LoadPaginationFramework();
+       
+       require_once 'includes/pagination.php';
+       $pagination = new Pagination();
+       $pagination->processIncomingData();
        $pagination->setTotal($search['resultcount']);
        $pagination->splitPages();
        
@@ -707,7 +733,13 @@ if ($_POST['do'] == 'results')
        $show['pagenav'] = ($pagination->getPageCount() > 1);
        $pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid);
        
-       eval('$template->flush("' . $template->fetch('search_results') . '");');
+       $tpl = new BSTemplate('search_results');
+       $tpl->vars = array(
+               'columnHeads'   => $columnHeads,
+               'bugs'                  => $bugs,
+               'searchid'              => $searchid
+       );
+       $tpl->evaluate()->flush();
 }
 
 /*=====================================================================*\

diff --git a/templates/search.tpl b/templates/search.tpl
index f465366a62d6e57fbb20e1d517d28b41fd72b04e..887a1c6d98ff92fe7d106611a31fbde266335bde 100644 (file)
--- a/templates/search.tpl
+++ b/templates/search.tpl
@@ -50,7 +50,7 @@
 
                <!-- product & version -->
                <fieldset>
-                       <legend>{@"Product / Version"} $help[product]</legend>
+                       <legend><%-T("Product / Version")%> $help[product]</legend>
                        <div class="field"><select name="product[]" size="10" multiple="multiple"><%- $productSelect %></select></div>
                </fieldset>
                <!-- / product & version -->
@@ -71,7 +71,7 @@
 
                <!-- date -->
                <fieldset>
-                       <legend>{@"Date (submitted since)"}</legend>
+                       <legend><%-T("Date (submitted since)")%></legend>
 
                        <div class="field">
                                <select name="date">
@@ -98,7 +98,7 @@
 
                <!-- summary -->
                <fieldset>
-                       <legend>{@"Summary / Comment Text"}</legend>
+                       <legend><%-T("Summary / Comment Text")%></legend>
                        <div class="field"><input type="text" name="summary" size="25" style="width: 100%" /></div>
                </fieldset>
                <!-- / summary -->
@@ -177,4 +177,4 @@
 
 </form>
 
-$footer
\ No newline at end of file
+<%- $footer %>
\ No newline at end of file

diff --git a/templates/search_results.tpl b/templates/search_results.tpl
index be04aee2723d9b003a90762d5131cde3c107e1a1..d8233802553b3428c9dc743869cb061b0ae51a11 100644 (file)
--- a/templates/search_results.tpl
+++ b/templates/search_results.tpl
@@ -11,7 +11,7 @@
 
 <% if ($show['cached']): %>
 <div style="font-weight: bold"><a href="search.php?new=1"><%-T("This search has been cached for your convenience. You can perform a new search by clicking here.")%></a></div>
-<div><a href="search.php?rerun=1&amp;searchid=<%- $searchid %>">{@"Alternatively, you can re-run this search by clicking here."}</a></div>
+<div><a href="search.php?rerun=1&amp;searchid=<%- $searchid %>"><%-T("Alternatively, you can re-run this search by clicking here.")%></a></div>
 <br />
 <% endif %>
 

diff --git a/templates/search_save.tpl b/templates/search_save.tpl
index edd1cfed58864d5af4e663856574bd7478999c23..3212e6c3ab86af03f9c5093784263872286d0ac1 100644 (file)
--- a/templates/search_save.tpl
+++ b/templates/search_save.tpl
@@ -19,7 +19,7 @@
 
 <form action="search.php" name="register" method="post">
 <input type="hidden" name="do" value="dosave" />
-<input type="hidden" name="searchid" value="<%- $input->in['searchid'] %>" />
+<input type="hidden" name="searchid" value="<%- $searchid %>" />
 
 <div align="center" style="margin-top: 10px">
        <div class="box altwidth">
@@ -31,7 +31,7 @@
                        <br />
                        <br />
 
-                       <div><strong><%-T("Name")%>:</strong> <input type="text" name="name" size="30" maxlength="250" value="<%- $input->in['name'] %>" /></div>
+                       <div><strong><%-T("Name")%>:</strong> <input type="text" name="name" size="30" maxlength="250" value="<%- $name %>" /></div>
                </div>
 
                <div class="box-foot box-center">
@@ -43,4 +43,4 @@
 
 </form>
 
-$footer
\ No newline at end of file
+<%- $footer %>
\ No newline at end of file

diff --git a/templates/search_update.tpl b/templates/search_update.tpl
index a2243e43f71e7f9e81e5eed0a72303ac6124c581..f9e2b5d04ce58d36d0243c22a492362d21a254a6 100644 (file)
--- a/templates/search_update.tpl
+++ b/templates/search_update.tpl
@@ -23,7 +23,7 @@
 
                <!-- product & version -->
                <fieldset>
-                       <legend>{@"Product / Version"} $help[product]</legend>
+                       <legend><%-T("Product / Version")%> $help[product]</legend>
                        <div class="field"><select name="product"><option value="">&nbsp;</option><%- $productSelect %></select></div>
                </fieldset>
                <!-- / product & version -->
@@ -86,7 +86,7 @@
                <!-- / favorite -->
                <% endif %>
 
-               <%- $customfields[right] %>
+               <%- $customfields['right'] %>
 
        </div>
        <!-- / RIGHT COLUMN -->
@@ -101,4 +101,4 @@
 
 </form>
 
-$footer
\ No newline at end of file
+<%- $footer %>
\ No newline at end of file