errorPermission();
}
define('MODE_ANY', 1);
define('MODE_ALL', 2);
define('MODE_RAW', 3);
$var = $db->queryFirst("SHOW VARIABLES LIKE 'ft_min_word_len'");
define('SEARCH_WORD_MIN', $var['Value']);
$db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = 0 AND dateline < " . (TIMENOW - 3600));
$show['search'] = true;
// ###################################################################
if (empty($_REQUEST['do']))
{
$_REQUEST['do'] = 'search';
}
// ###################################################################
if ($_REQUEST['do'] == 'search')
{
if ($input->in['new'])
{
$newsearch = true;
}
else if ($input->in['searchid'])
{
$cachedsearch = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']);
}
else if (bugdar::$userinfo['userid'])
{
$cachedsearch = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . bugdar::$userinfo['userid']);
}
else
{
$newsearch = true;
}
if ($cachedsearch)
{
$show['cached'] = true;
if ($cachedsearch['dateline'] < TIMENOW - 900 OR $input->in['rerun'])
{
$_REQUEST['do'] = 'process';
$input->in = array_merge(unserialize($cachedsearch['query']), $input->in);
BSApp::debug('rerunning the search');
}
else
{
$search = $cachedsearch;
$_POST['do'] = 'results';
}
}
else
{
$newsearch = true;
}
if ($newsearch)
{
if (!is_array(bugdar::$datastore['product']))
{
$message->error(T('No products are setup, therefore there can be no bugs and thus search cannot function.'));
}
if (!is_array(bugdar::$datastore['version']))
{
$message->error(T('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.'));
}
// -------------------------------------------------------------------
// custom fields
$fields = construct_custom_fields(null, true, false, true);
$i = 0;
foreach ($fields AS $field)
{
if ($i % 2 == 0)
{
$customfields['left'] .= $field;
}
else
{
$customfields['right'] .= $field;
}
$i++;
}
// -------------------------------------------------------------------
// built-in fields
$select['severity'] = construct_datastore_select('severity', 'severity', 'severityid');
$select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid');
$select['status'] = construct_datastore_select('status', 'status', 'statusid');
$select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid');
$searches = '';
if (bugdar::$userinfo['userid'])
{
$searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . bugdar::$userinfo['userid']);
foreach ($searchesFetch as $search)
{
$tpl = new BSTemplate('selectoption');
$tpl->vars = array(
'value' => $search['searchid'],
'label' => $search['name']
);
$searches .= $tpl->evaluate()->getTemplate();
}
}
$select['dev'] = '';
foreach (bugdar::$datastore['assignto'] AS $dev)
{
$tpl = new BSTemplate('selectoption');
$tpl->vars = array(
'value' => $dev['userid'],
'label' => construct_user_display($dev, false)
);
$select['dev'] .= $tpl->evaluate()->getTemplate();
}
$tpl = new BSTemplate('search');
$tpl->vars = array(
'select' => $select,
'productSelect' => construct_product_select(),
'customfields' => $customfields,
'searches' => $searches
);
$tpl->evaluate()->flush();
}
}
// ###################################################################
if ($_REQUEST['do'] == 'process')
{
// -------------------------------------------------------------------
// handle keywords
if ($input->in['summary'])
{
$keywords = preg_split('#\s+#', $input->in['summary']);
// TODO - need to have some str to bool conversions
foreach ($keywords AS $word)
{
if (strlen($word) < SEARCH_WORD_MIN)
{
continue;
}
if ($input->in['mode'] == MODE_ALL)
{
$querybuild['text'] .= " +$word";
}
else
{
$querybuild['text'] .= " $word";
}
if (!preg_match('#-(.+?)#', trim($word)))
{
$hilight .= " $word";
}
}
$hilight = preg_replace('#[^0-9a-zA-Z_ ]#', '', $hilight);
$hilight = trim($hilight);
$hilight = preg_replace('#\s#', '+', $hilight);
$temp = trim($querybuild['text']);
if ($input->in['mode'] == MODE_ALL OR $input->in['mode'] == MODE_RAW)
{
$bool_flag = ' IN BOOLEAN MODE';
}
$querybuild['text'] = "AND\n\t\t\t(\n\t\t\t\tMATCH (bug.summary) AGAINST ('$temp'$bool_flag)\n\t\t\t\tOR MATCH (comment.comment) AGAINST ('$temp'$bool_flag)\n\t\t\t)";
}
// -------------------------------------------------------------------
// reporter
if ($input->in['reporter'])
{
// force email or name?? make a distinction?
// more elegant way to do this? probably
$user = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "%'");
if ($user['userid'])
{
$querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]";
}
}
// -------------------------------------------------------------------
// product/component/version stuff
if (is_array($input->in['product']))
{
foreach ($input->in['product'] AS $prod)
{
$product = explode(',', $prod);
$product = $input->clean($product, TYPE_UINT);
$products[] = $product[0];
$components[] = $product[1];
$versions[] = $product[2];
}
$querybuild['pcv'] = "AND bug.product IN (" . implode(',', $products) . ") AND bug.component IN (" . implode(',', $components) . ") AND bug.version IN (" . implode(',', $versions) . ")";
}
// -------------------------------------------------------------------
// severity, priority, status, resolution, assignedto
// severity
if ($input->in['severity'])
{
$input->inputClean('severity', TYPE_UINT);
$querybuild['severity'] = "AND bug.severity IN (" . implode(',', $input->in['severity']) . ")";
}
// priority
if ($input->in['priority'])
{
$input->inputClean('priority', TYPE_UINT);
$querybuild['priority'] = "AND bug.priority IN (" . implode(',', $input->in['priority']) . ")";
}
// status
if ($input->in['status'])
{
$input->inputClean('status', TYPE_UINT);
$querybuild['status'] = "AND bug.status IN (" . implode(',', $input->in['status']) . ")";
}
// resolution
if ($input->in['resolution'])
{
$input->inputClean('resolution', TYPE_UINT);
$querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $input->in['resolution']) . ")";
}
// assignment
if ($input->in['assignedto'])
{
$input->inputClean('assignedto', TYPE_UINT);
$querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $input->in['assignedto']) . ")";
}
// -------------------------------------------------------------------
// date
if ($input->in['date'])
{
// now - (seconds/day * number of days)
$dateline = time() - ($input->inputClean('date', TYPE_INT) * 3600);
$querybuild['date'] = "AND bug.dateline >= $dateline";
}
// -------------------------------------------------------------------
// favorites
$input->inputClean('favorite', TYPE_INT);
if ($input->in['favorite'] != 0 AND bugdar::$userinfo['userid'])
{
$favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . bugdar::$userinfo['userid']);
foreach ($favorites as $favorite)
{
$ids[] = $favorite['bugid'];
}
$querybuild['favorites'] = "AND bug.bugid " . ($input->in['favorite'] > 0 ? "IN" : "NOT IN") . " (" . implode(', ', $ids) . ")";
}
// -------------------------------------------------------------------
// sort by
$sortby = array('bugid', 'severity', 'priority', 'status', 'resolution', 'dateline');
$orderby = array('ASC', 'DESC');
$input->in['orderby'] = strtoupper($input->in['orderby']);
if (in_array($input->in['sortby'], $sortby) AND in_array($input->in['orderby'], $orderby))
{
$sortclause = "ORDER BY " . $input->in['sortby'] . ' ' . $input->in['orderby'];
}
else if ($input->in['sortby'] == 'relevance')
{
$sortclause = '';
}
else
{
$sortclause = '';
}
// -------------------------------------------------------------------
// custom fields
$fields_fetch = $db->query("
SELECT bugfield.*, MAX(permission.mask) AS mask
FROM " . TABLE_PREFIX . "bugfield AS bugfield
LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission
ON (bugfield.fieldid = permission.fieldid)
WHERE mask <> 0
AND permission.usergroupid IN (" . bugdar::$userinfo['usergroupid'] . (sizeof(bugdar::$userinfo['groupids']) != 0 ? ',' . implode(',', bugdar::$userinfo['groupids']) : '') . ")
AND bugfield.cansearch = 1
GROUP BY (bugfield.fieldid)"
);
foreach ($fields_fetch as $field)
{
if (!empty($input->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($input->in["custom$field[fieldid]"])))
{
if ($field['type'] == 'input_checkbox' AND $input->inputClean("custom$field[fieldid]", TYPE_INT) != 0)
{
$querybuild[] = "AND bug.custom$field[fieldid] = " . ($input->in["custom$field[fieldid]"] > 0 ? 1 : 0);
}
else if ($field['type'] == 'input_text')
{
$querybuild[] = "AND bug.custom$field[fieldid] LIKE '%" . $input->in["custom$field[fieldid]"] . "%'";
}
else if ($field['type'] == 'select_single' AND $input->in["custom$field[fieldid]"] != -1)
{
$temp = unserialize($field['selects']);
$querybuild[] = "AND bug.custom$field[fieldid] = '" . trim($temp[ intval($input->in["custom$field[fieldid]"]) ]) . "'";
}
}
}
// -------------------------------------------------------------------
// have to search something
if (sizeof($querybuild) < 1)
{
$message->error(sprintf(T('You have to enter some criteria to search for. Note that words less than %1$d characters are ignored by the search engine (and some other very common words, too).'), SEARCH_WORD_MIN));
}
// -------------------------------------------------------------------
// do the search
$search = $db->query("
SELECT bug.*, comment.commentid
FROM " . TABLE_PREFIX . "bug AS bug
LEFT JOIN " . TABLE_PREFIX . "comment AS comment
ON (bug.bugid = comment.bugid)
WHERE bug.bugid <> 0
AND bug.product IN (" . fetch_on_bits('canviewbugs') . ")
AND
(
!bug.hidden
OR
(bug.hidden AND bug.product IN (" . fetch_on_bits('canviewhidden') . "))" . (can_perform('canviewownhidden') ? "
OR
(bug.hidden AND bug.userid = " . bugdar::$userinfo['userid'] . " AND bug.product IN (" . fetch_on_bits('canviewonhidden') . "))" : "") . "
)
" . implode("\n\t\t", $querybuild) . "
GROUP BY bug.bugid
$sortclause
");
$numrows = $search->size();
if ($numrows < 1)
{
$message->error(T('No search results were returned that matched your criteria. Please try again with different search requirements.'));
}
foreach ($search as $result)
{
$ids[] = $result['bugid'];
$results[] = $result;
}
if (bugdar::$userinfo['userid'] AND !$cachedsearch AND !$input->in['rerun'])
{
$db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . bugdar::$userinfo['userid'] . " AND name IS NULL");
}
// store the search params
$params = $input->in;
foreach ($_COOKIE AS $key => $value)
{
unset($params["$key"]);
}
if ($cachedsearch)
{
$search = $cachedsearch;
$search['ids'] = implode(',', $ids);
$search['resultcount'] = sizeof($results);
$db->query("UPDATE " . TABLE_PREFIX . "search SET ids = '$search[ids]', resultcount = $search[resultcount], dateline = " . TIMENOW . " WHERE searchid = " . $cachedsearch['searchid']);
}
else
{
$db->query("
INSERT INTO " . TABLE_PREFIX . "search
(userid, dateline, query, ids, orderby, hilight, resultcount)
VALUES
(" . bugdar::$userinfo['userid'] . ",
" . TIMENOW . ", '" . $input->escape(serialize($params)) . "',
'" . implode(',', $ids) . "', '" . $input->escape($sortclause) . "',
'" . $input->escape($hilight) . "',
" . sizeof($results) . "
)"
);
$search = array('searchid' => $db->insertId(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results));
}
$_POST['do'] = 'results';
}
// ###################################################################
if ($_REQUEST['do'] == 'update')
{
$search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']);
if (!$search OR !can_perform('caneditother'))
{
$message->errorPermission();
}
$show['update'] = true;
// -------------------------------------------------------------------
// custom fields
$fields = construct_custom_fields(null, true, false, true);
$i = 0;
foreach ($fields AS $field)
{
if ($i % 2 == 0)
{
$customfields['left'] .= $field;
}
else
{
$customfields['right'] .= $field;
}
$i++;
}
// -------------------------------------------------------------------
// built-in fields
$select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', 0, 0);
$select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', 0, 0);
$select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0);
$select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0);
$tpl = new BSTemplate('selectoption');
$tpl->vars = array(
'value' => 0,
'label' => '',
'selected' => true
);
$select['dev'] = $tpl->evaluate()->getTemplate();
foreach (bugdar::$datastore['assignto'] as $dev)
{
$tpl = new BSTemplate('selectoption');
$tpl->vars = array(
'value' => $dev['userid'],
'label' => construct_user_display($dev, false)
);
$select['dev'] .= $tpl->evaluate()->getTemplate();
}
$tpl = new BSTemplate('search_update');
$tpl->vars = array(
'search' => $search,
'select' => $select,
'customfields' => $customfields,
'productSelect' => construct_product_select()
);
$tpl->evaluate()->flush();
}
// ###################################################################
if ($_POST['do'] == 'doupdate')
{
$search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']);
if (!$search OR !can_perform('caneditother'))
{
$message->errorPermission();
}
// find all the bugs that we can edit
$bugs = $db->query("
SELECT * FROM " . TABLE_PREFIX . "bug
WHERE bugid IN ($search[ids])
AND product IN (" . fetch_on_bits('canviewbugs') . ")
AND
(
product IN (" . fetch_on_bits('caneditother') . ")
OR
(userid = " . bugdar::$userinfo['userid'] . " AND product IN (" . fetch_on_bits('caneditown') . "))
)
");
foreach ($bugs as $bug)
{
if (!((can_perform('caneditown', $bug['product']) AND bugdar::$userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['product']) AND bugdar::$userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['product']))
{
continue;
}
$api = new BugApi();
$api->set('bugid', $bug['bugid']);
$api->values = $bug;
$log = new Logging();
$log->setBugId($bug['bugid']);
$log->addData(true, $bug, $log->getCommonFields(), true);
if ($input->in['status'] AND can_perform('canchangestatus', $bug['product']))
{
$api->set('status', $input->in['status']);
}
if ($input->in['priority'] AND can_perform('canchangestatus', $bug['product']))
{
$api->set('priority', $input->in['priority']);
}
if ($input->in['severity'])
{
$api->set('severity', $input->in['severity']);
}
if ($input->in['resolution'] AND can_perform('canchangestatus', $bug['product']))
{
$api->set('resolution', $input->in['resolution']);
}
if ($input->in['assignedto'] AND can_perform('canassign', $bug['product']))
{
$api->set('assignedto', $input->in['assignedto']);
}
if ($input->in['product'])
{
$product = explode(',', $input->in['product']);
$api->set('product', $product[0]);
$api->set('component', $product[1]);
$api->set('version', $product[2]);
}
process_custom_fields($api, $message, false, true);
$log->addData(false, $api->values, $log->getCommonFields(), true);
$api->update();
$log->updateHistory();
}
$message->redirect(T('The specified bugs have been updated and you will now return to your search results.'), 'search.php?searchid=' . $input->in['searchid']);
}
// ###################################################################
if ($_REQUEST['do'] == 'export')
{
if (!$input->in['searchid'] AND bugdar::$userinfo['userid'])
{
$search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . bugdar::$userinfo['userid']);
}
else if ($input->in['searchid'])
{
$search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']);
}
else
{
$message->error(T('The search results are trying to export are invalid. Please start over here and try again.'));
}
if (!$search)
{
$message->error(T('Your search has expired because it is older than one hour. Please start over here.'));
}
$bugs = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby]");
$xml = '
';
foreach ($bugs as $bug)
{
$xml .= "\n\t";
$bug = ProcessBugDataForDisplay($bug);
$xml .= "\n\t\t" . $bug['bugid'] . "";
$xml .= "\n\t\t" . $datef->format('r', $bug['dateline']) . "";
if ($bug['userid'])
{
$xml .= "\n\t\t" . construct_user_display($db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $bug[userid]"), false) . "";
}
$xml .= "\n\t\t" . $bug['summary'] . "";
$xml .= "\n\t\t" . $bug['product'] . "";
if ($bug['component'])
{
$xml .= "\n\t\t" . $bug['component'] . "";
}
$xml .= "\n\t\t" . $bug['version'] . "";
$xml .= "\n\t\t" . $bug['status'] . "";
if ($bug['assignedto'])
{
$xml .= "\n\t\t" . construct_user_display(bugdar::$datastore['assignto']["$bug[assignedto]"], false) . "";
}
$xml .= "\n\t\t" . $bug['resolution'] . "";
$xml .= "\n\t\t" . $bug['severity'] . "";
$xml .= "\n\t\t" . $bug['priority'] . "";
$xml .= "\n\t";
}
$xml .= "\n";
BSFunctions::download_file($xml, T('bugdar-search-' . $search['searchid'] . '.xml'), true);
}
// ###################################################################
if ($_POST['do'] == 'dosave')
{
$search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']);
if (!$search)
{
$message->addError(T('The search does not exist.'));
}
if ($search['name'])
{
$message->addError(sprintf(T('This search has already been named "%1$s".'), $search['name']));
}
if (empty($input->in['name']))
{
$message->addError(T('The name cannot be empty.'));
}
if (!$message->hasErrors())
{
$db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $input->inputEscape('name') . "' WHERE searchid = " . $input->in['searchid']);
$message->redirect(T('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']);
}
else
{
$_REQUEST['do'] = 'save';
$show['errors'] = true;
}
}
// ###################################################################
if ($_REQUEST['do'] == 'save')
{
if (!bugdar::$userinfo['userid'])
{
$message->errorPermission();
}
$tpl = new BSTemplate('search_save');
$tpl->vars = array(
'message' => $message,
'searchid' => $input->in['searchid'],
'name' => $input->in['name']
);
$tpl->evaluate()->flush();
}
// ###################################################################
if ($_POST['do'] == 'results')
{
if (!$search['ids'])
{
$message->error(T('No bugs matched your search criteria. Please try again with different search requirements.'));
}
$searchid = $search['searchid'];
$hilight = $search['hilight'];
require_once 'includes/pagination.php';
$pagination = new Pagination();
$pagination->processIncomingData();
$pagination->setTotal($search['resultcount']);
$pagination->splitPages();
$sort = new ListSorter('search');
$show['save'] = (bugdar::$userinfo['userid'] AND !$search['name']);
$show['update'] = can_perform('caneditother');
$bugs = '';
$search = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby] LIMIT " . $pagination->fetchLimit($pagination->getPage() - 1) . ", " . $pagination->getPerPage());
foreach ($search as $bug)
{
BSFunctions::swap_css_classes('altcolor', '');
$bug = ProcessBugDataForDisplay($bug, BSFunctions::$cssClass);
$bugs .= $sort->constructRow($bug, "&hilight=$hilight");
}
$columnHeads = $sort->constructColumnHeaders(false);
$show['pagenav'] = ($pagination->getPageCount() > 1);
$pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid);
$tpl = new BSTemplate('search_results');
$tpl->vars = array(
'columnHeads' => $columnHeads,
'bugs' => $bugs,
'searchid' => $searchid
);
$tpl->evaluate()->flush();
}
?>