From b608c7c5a34d74209af0b1ce2e2a3ae871e027f4 Mon Sep 17 00:00:00 2001 From: Robert Sesek Date: Sun, 19 Dec 2004 05:07:08 +0000 Subject: [PATCH 1/1] r1: Initial import from CVS head. --- admin/admin.css | 252 +++++++++++++++++++ admin/global.php | 71 ++++++ admin/images/tcat.gif | Bin 0 -> 3524 bytes admin/images/thead.gif | Bin 0 -> 2855 bytes admin/options.php | 123 ++++++++++ admin/priority.php | 142 +++++++++++ admin/product.php | 403 +++++++++++++++++++++++++++++++ admin/resolution.php | 142 +++++++++++ admin/severity.php | 142 +++++++++++ admin/status.php | 142 +++++++++++ admin/usergroup.php | 253 +++++++++++++++++++ docs/mycookies.php | 29 +++ docs/recache.php | 41 ++++ docs/roadmap.txt | 52 ++++ includes/adminfunctions.php | 355 +++++++++++++++++++++++++++ includes/config.php.dist | 72 ++++++ includes/db_mysql.php | 134 ++++++++++ includes/functions.php | 230 ++++++++++++++++++ includes/functions_datastore.php | 185 ++++++++++++++ includes/functions_mail.php | 100 ++++++++ includes/init.php | 197 +++++++++++++++ login.php | 109 +++++++++ newreport.php | 217 +++++++++++++++++ register.php | 178 ++++++++++++++ 24 files changed, 3569 insertions(+) create mode 100755 admin/admin.css create mode 100755 admin/global.php create mode 100755 admin/images/tcat.gif create mode 100755 admin/images/thead.gif create mode 100755 admin/options.php create mode 100755 admin/priority.php create mode 100755 admin/product.php create mode 100755 admin/resolution.php create mode 100755 admin/severity.php create mode 100755 admin/status.php create mode 100755 admin/usergroup.php create mode 100755 docs/mycookies.php create mode 100755 docs/recache.php create mode 100755 docs/roadmap.txt create mode 100755 includes/adminfunctions.php create mode 100755 includes/config.php.dist create mode 100755 includes/db_mysql.php create mode 100755 includes/functions.php create mode 100755 includes/functions_datastore.php create mode 100755 includes/functions_mail.php create mode 100755 includes/init.php create mode 100755 login.php create mode 100755 newreport.php create mode 100755 register.php diff --git a/admin/admin.css b/admin/admin.css new file mode 100755 index 0000000..2846a1e --- /dev/null +++ b/admin/admin.css @@ -0,0 +1,252 @@ +/* Admin CSS Class for [#]app[#] [#]version[#] */ +/* (c) 2003 - [#]year[#] Iris Studios, Inc.*/ + +/* ################################################################### */ +/* Body and table elements */ +/* ################################################################### */ + +/* Main window background colour and font colour */ +body +{ + color: #D2D3F0; + background: #68768A; +} + +/* The row that goes on top of all other content */ +.phead +{ + color: #1C1C21; + font-size: 11pt; + font-weight: bold; + text-align: left; + border-bottom: outset 3px; + background: #445B78; + padding: 2px 25px; 2px; 25px; +} + +/* Border area around tables and inbetween spacing */ +.tborder +{ + border: ridge 4px; +} + +/* First row set in all tables */ +.tcat +{ + color: #97A9C4; + background: #38495E url(images/tcat.gif); + border-bottom: outset 1px; +} + +/* Links within the TCAT class */ +.tcat a:link, .tcat a:visited, .tcat a:active +{ + color: #97A9C4; +} + +/* Row under the TCAT row (often used for column headers) */ +td.thead, .thead td, .alt3 +{ + color: #D6E1EC; + font-weight: bold; + background: #445B78 url(images/thead.gif); + border: inset 1px; +} + +/* Links for the THEAD class */ +.thead a:link, .thead a:visited, .thead a:active, .alt3 a:link, .alt3 a:visited, .alt3 a:active +{ + color: #D6E1EC; +} + +/* The first type of row used in the alternation cycle */ +.alt1 +{ + color: #38495E; + background: #8994A4; +} + +/* The second type of row used in the alternation cycle */ +.alt2 +{ + color: #38495E; + background: #ABB2BC; +} + +/* The third alternation, used in special cases */ +.alt3 +{ + border: 0px; +} + +/* The last row in the table (often used for the submit buttons) */ +.tfoot +{ + color: #7D7CA3; + background: #ECE8D8; + border: outset 1px; +} + +/* ################################################################### */ +/* Text elements */ +/* ################################################################### */ + +/* Font settings for all non-styled elements */ +body, p, td, tr, ol, ul +{ + font: 12px verdana, geneva, arial, helvetica, sans-serif; +} + +/* Small text (used in copyright) */ +.smallfont, .copyright, dfn +{ + font: 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; +} + +/* Description text */ +dfn +{ + font-style: italic; +} + +/* Table headings */ +.tcat, .thead, .tfoot +{ + font: 12px tahoma, verdana, geneva, arial, helvetica, sans-serif; +} + +/* Normal links */ +a:link, a:visited, a:active +{ + color: #293F5B; + background: none; +} + +/* Hover links */ +a:hover, .tcat a:hover, .thead a:hover, .tfoot a:hover +{ + color: #D6E1EC; + background: #38495E; +} + +.copyright a:hover, .copyright a:link, .copyright a:visited, .copyright a:active +{ + text-decoration: none; +} + +/* Mono-space */ +.code +{ + font: 9pt 'courier new', courier, monospace; +} + +/* ################################################################### */ +/* Form styling elements */ +/* ################################################################### */ + +/* Input elements in a form */ +input, textarea, select, option +{ + font: 12px verdana, geneva, arial, helvetica, sans-serif; +} + +/* Input formatting */ +.input +{ + font: bold 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; + text-indent: 5px; + margin: 1px; + margin-top: 3px; +} + +/* Button styling */ +.button +{ + color: #000000; + font: bold 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; + margin: 1px; + margin-top: 3px; +} + +/* ################################################################### */ +/* Navigation panel */ +/* ################################################################### */ + +/* The background colour for the navigation frame */ +.nav_body +{ + background: #38495E; +} + +.nav_body a:link, .nav_body a:active, .nav_body a:hover, .nav_body a:visited +{ + color: #FFFFFF; + text-decoration: none; +} + +/* Formatting for groups of nav elements */ +.nav_group +{ + color: #D6E1EC; + background: #445B78; + border: #97A9C4 solid 2px; + border-width: 0px 2px 1px 2px; +} + +/* Nav title border */ +.nav_title +{ + font: 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; + padding: 2px; + border: #97A9C4 solid 2px; + border-width: 0px 2px 2px 2px; +} + +/* Cold nav items */ +.nav_item +{ + font: 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; + padding: 2px 2px 1px 7px; + background: #5D7490; + border-bottom: #97A9C4 solid 1px; +} + +/* Hot nav items */ +.nav_item_hot +{ + font: 11px tahoma, verdana, geneva, arial, helvetica, sans-serif; + padding: 2px 2px 1px 7px; + background: #4A5F78; + border-bottom: #97A9C4 solid 1px; +} + +/* ################################################################### */ +/* Template manager */ +/* ################################################################### */ + +/* The body of the template manager */ +.manager_body +{ + background: #38495E; + color: #FFFFFF; +} + +/* A group of templates */ +.manager_group +{ + background: #28394E; + color: #8994A4; +} + +/* Items in a template group */ +.manager_group_item +{ + background: #364D6F; + color: #AABBD3; +} + + +/*=====================================================================*\ +|| $HeadURL$ +|| $Id$ +\*=====================================================================*/ \ No newline at end of file diff --git a/admin/global.php b/admin/global.php new file mode 100755 index 0000000..038b574 --- /dev/null +++ b/admin/global.php @@ -0,0 +1,71 @@ +page_start('Login', '', 15, '', 'document.cplogin.' . iff($env->userinfo['email'], 'password', 'email') . '.focus();'); + + $admin->form_start('../login.php', 'cplogin', false, 'cplogin'); + $admin->table_start(true, '425'); + $admin->table_head('[#]app[#] Login'); + $admin->row_input('Email', 'email', $env->userinfo['email'], 2, 35, false, false, 'middle'); + $admin->row_input('Password', 'password', '', 2, 35, false, true, 'middle'); + $admin->row_submit('', 'Login'); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_COOKIE[COOKIE_PREFIX . 'adminsession']) +{ + if ($env->userinfo['permissions'] & CANADMINPANEL) + { + if (md5(md5($env->userinfo['authkey']) . md5($env->userinfo['email']) . md5($env->userinfo['userid'])) != $_COOKIE[COOKIE_PREFIX . 'adminsession']) + { + mysetcookie(COOKIE_PREFIX . 'adminsession', ''); + $admin->error('Invalid admin session has been terminated.'); + } + } + else + { + mysetcookie(COOKIE_PREFIX . 'adminsession', ''); + admin_login(); + } +} + +if (!$_COOKIE[COOKIE_PREFIX . 'adminsession']) +{ + admin_login(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/images/tcat.gif b/admin/images/tcat.gif new file mode 100755 index 0000000000000000000000000000000000000000..cdc9bdb024a3c5539c24bd29f3eed496b3e7dc70 GIT binary patch literal 3524 zcmV;#4LkBjNk%w1VI%--0QUd@aD9wYVRSf3UT1WKN?L6@Okrqrggi}QI!a(jSZhdF zYJQ29VQzq2YI{suZhVNAQDAa#e2Z#$hdfPUdW4fuUU5)ga%OUaa(<3US!`Zxem_uS ze2A4gN?$xqVq|cEPF!$CR%v*Hl1Nr-PF!z%hm}4~WMpuHOImGMW_NLZj5_`YI1&!Kv88rPGWh5lSEZ$Y?@X;)--LQ!RRgpof^V_|N7Rbq8QQD#F^Xi{QxPF`_CRA@p|XGT?O zc7u?1gOPfLl08jgS7dfrW_ej=cxrZqS!Q`*aDZcQf^K_@RbzBVR%<& zYJEdeW;jV+A^8LV00000EC2ui03-lx000R80RIUbNU)&6g9sBUT*$DY!-o(fN}NbB zp#UNO1PsI|P=LmP7cFkgC=jENlmAYdL)MsecdcK)Y~|XW%XV$yzkUzcRjluT;sTB#JC6K#u;sy(4@{VBcfvcz zn(`!JPw@QtwQJ3@XH#qKdh>4Ays4#mx4X6R-@uI%U%tF} z@ib|6Ll^%1negemojgxNg&LLa)SQU_|L%m!Gx6oqm*@VBij(u-zo&VY#tC=sRLZE= z&)-Rz|N5mTPI~!?C(eH+h^OBM0RFeZgJnP%A%hJz$e@G}Ubw^tOW;w)5*u#N&4VF6 z$l-=4rnp2m6LN^h5@^7>I_jqW@G`2aq9)-<5><}gD8Ez>43?X@(}kWRGRCSlIF%+SKa6OybUNxRjq@r1ne zvKueGG_>okB-Qro#S>U~;YGk+AR|e^0%$)lRU5&8+$Rb$1Hms0v0ci9D*5Ugs?*hINNOV%{bFMv(7w+u#Oo!)U0y| za3l?f8A(I4w9+)20nHRiQ_Zx~W=zpD(@Rf1#n*L=@b%ba!$EZ&U*|JL9cF*sHrZg; zk$?hqD3HJu3VfYF-FwUboxt67$Q^gzef$0Q;fTv^IO2>ao_GccWFUFulur(MXktUwTp7{VeJ(E?D6q7> zVF^^&!4j{0Wh-H62UM_~K!q@ixlCj-^O?uA zB`P#QhH8>Q6WFAtHm_+-YLejx*Tg0_uXzJa+`yV-U<4z`(1dofvz<*~L_FR3&T2Nn zp76|PJCl+B3`WRe6yFfTD4LLrQHX&NVvq$R460Cuj)D>2kS8PHF^YdCLl#X4ghs`1 zg^g--A1M%nNW~Bck%lw{DG0fS3L-lD_UE@2^;uT4uF+|HEbXU8*l=!gC*==IdRy+ z0`{+pHLMg8A%)6LHW7*71ZAyZS;|t@vX$ioXhkap(e_{lJxD|YR*TvOsI~z!Xl)Nz zI|JAMHej}>t!-^jn}}ZYf**qz#A^A$451|Yu$eIg1gvdK@?a(UGhfZyex=D6x6HUC|tw5=soW>u5sS=jyDtd{X`~+L5xq- zHxr)-aDX!rh5hcA7#b*WehGZwOtc`t4;JtzqygaxN4NzMmT-n4EDZ`D;t+-iaSK3f zh;bMK!y*1Kh!0VP5Lbc4hiJh#Ui{%Iw7?Km$gz$A!2liu0uWXBF_42?1qS4}$3M<- zl7kFnWjOiCPId#7r3?sVxIxOwsIrsmu?;A1!wp(?!z;w>21Qgt%#}EEnali&N+?7B z5wB20ncu7kIbS)>m4I^|_I!d5?0L_X$ioNx?B_gGV$guzvpohK=szEN&#)i@EdHE_ zN$;5tmWG9;DgEb7@0kdD?n57R!3R<6q7S7eH6QqJYGW8<)u(24sYSi&RbQYFw|>D3 zjG^mZ``XvM{&lc_{elbhdH}~pHnMd+fE?st0MPEWv!DHfW-A-oIe0;~jbH==aN7vb z9)P#M4Q^^jqKa(6}K|9t2~XT#2Y&W1Nk;ti~r z#LlD6hN@Sc6>OM9)>-j}rc?dtPLDd(-++TT%;61apF=g?VD_@VK^tl(JK5(@cDPsL z>})T)*@dx(N8n%&IQRnK_aKZ%Jc96kH~bzJFATx|9r1=geBZy|0vDXZ1z*VgDK=mE z%xiuRl)wBvD6e_Xf8p|9h=A%{p!(Lkp7pHSAh?1;e#{W;tbG-z7JGDedRBI`pma}^{Iag=Ko$5syGAx_(`D(45$JZ z&?i4BNO1=Cn_m^|#|8V-e+K#2|NOYXMG*3z|NZZu|M@oy0vLb*2!MZ}e*&ll3aAC0 zpn!kyfDZTvS|EWFxPTMbfDBlHf6xgK*ajZh2A%MMA?Sf2ID#K|f+%Q$AlL?3(1LAH z2&Pa7Ss;Tg=z>{L1Ty4lYCr)L zpaz?8iIhkIGC+xvs0N(~ikAqAohSpB&;_O_1F0wj&Y+5yV2ZEkid_(kt*DC5@QRmE zi!xvfsgMf1SOTfg1-#e=#MlMF*bH5OjL2vUwor`4*bL2RjH$o@B~XpjSOOeyjnt@( y)>w_+h>hQfjo0`9*_)(bwMk`}^MF=Y^D~N??3;hn)KQ{Pp(u-{R=K#LtkOuV{Oc z#LLzC`umNWt@QQxZ-JMXq_p?=`MSf+Ok#eLps=X2z}DK~h?c3u%+;l^zRA$obcLI0 ze3Y%X#CeIH?eFogxyFW-r-PEE>Fn=MWPs`G?@(reSZs#T*WLU4{I|i&*WBY)YlXGG z$wyv$PGo<|(Ad@5;ed~$=j!g0pRvNp(?wi)=j!dXzRF~GkGR3hy2H+(tGbt@v{h<_ zQfPwf?(nj_$3|RvYJHRZ{r>5JY=-#x`d@R5 z{Qdpm*{{`2+r;^ynHxy9Pv<>lz@sPcUG{r&z~ZHIl0qJEB{F%1Qx0|Q7;^*tu+u^^+(eU&1OJRLXVSZq9 zi{a(zvb)HAj-r~Uw_kLOgOR5G{r$np)704D{r>&&^7Z}v{rLI&eU71ijiJuf+?%Gi zMq7DDUU^h$gWKQa!O7G9{{R2}{`vX);^yk&=juvfeZR-j?(y`my2bJH^n8n-{{H>t z>Fh*Xc>n+ZA^8LV00000EC2ui03-lx000R80R0IZNU)&6g9sBUT*$DY!-o(fN}Ncs zqQ#30k7%5tv7^T$>^_S0$kF4PlPFWFT*>leJCy}u{`eu2=FFJ|Xx5aO^CnK86euiP zMj_A8p+=7iMS8SpQ=>_P+M{649=4!Vt75&1H7mBM6uxH7nr%`xY}h7|m^8^)EfTeA z8Dk4K+uBLB)Ecu(BHLWN+3pA)3Oq9#4=b@1dOe za^+8=FOS|Fd2<|ra9|I_y*qd8&Aw;<$4)-``0d=AJ@CZ-R5MTSPn}{I@bfpD z|9*cnHf-#{1}g&+$jX5T0ytoR2p+h{9tIjHAR2CLfyNdX%Ap~K8Coa@hG@uf;T9jd zfyRjyT8M@ugS0rvH!MoR;vh28=%O|VTTw-;-QBgc-T>7 zk$Tv1q>(~S>Ew||;-Q2RSai817F>o2W|&-pIp&sSeu-uSY_{p7ZqiaYU-&hq{;#ptFoFZtFEg5`YIQ+${Opd738YxuDtf@>#u*jAndTj3Ok3ee;ixv zuyZKe?69gFqlzlCG-B;6$sChy8`WB?N+Z zNGGkd2TV8Z^wUsBEwu(zS8esxSZA$u5hWDCHP>C2Aa>Ybhb{KkXOHc**aNif_S?a`)#))(quA?BaUPujW?M%GL7Me6TS}Oi8Joa;f*(* z_&U-k;Q8mEhc5c)q<7LpF~!i)#OkVdV*2V$s1Cd9bQE*C>rI$WM<=QS;QQ~u2QU2a z#H(QZ@yI8y{PN73;Drg$M=!ne(LYc9^wxXv{PwFTLd+_#cn=FPionwS_=8P<@7Hk_di zlTgDO-jIeor6T8r3*~5KchSkb)GXLa0VcQ;O1)g7l*=H7NmjK+~Gel%_Y$DGzSCQv&#Ora=8E z4^WYaL7)4WyYSd9U^&L@FYE%<(i&R7+6}AX#B)XakvPNR8 zUp=cWA|Y0^vbC#d#ef9lI@h^kK(2JPs|5C{SG?YJuXx=nE(W^|T(qJUg($>fx3P^v zG`0}9a4cjKi`c|Qma>X1#3e3)3}7fD6vzn0CF((qP=FR0$^eFFfkBT;h?W|_poTJB z3ye$u%vQ937zQ8!0gc@bqaVB7Z9jDD+u-UJxV(i%Z-cvAA|QbX(QqyiocrAAKDWBk ztu7Lxd);UtVY}a@fepq>1M%8Gyyz|OdDA;y^0s%qCaY(f+j)`ciAObL8!*uuJ?M2IWQ z;Z0EZ!<4Y_H5kE&M?8WTEPio|VeH~-ltUl9sPQ9M+~OARn8my(2PsIgh*y+i$cs2~ zkzY~dQZTs`Nq#bvNde_oAbAm3{=gxAafmK=S<7Jla+rVd0Wy;r%v#>^2iA;$3m~BX z&2GMcoaanuIlnp1ZH6VAZS4t+R&A#1fmtKXhAUA(TYCDJPwU$ zN1x-+Vdy{@!eD_2Xj;>r{&WW-;OR_<`qP;nbq7Z6X;SMT0y=oLt6?4MSd*I8u%@-F zYi(;CKmrnk2sR|_(08O#ngu&V%UOEAOQmf!?G$YBXEe@I@?S@efnT z;@|-9cRcd#i+?-(;Si6w#3xSiid+2R7|*!IH_q{nd;H@d54p%kPV$nQ{NyMEhj>5$ F06V6k2+05d literal 0 HcmV?d00001 diff --git a/admin/options.php b/admin/options.php new file mode 100755 index 0000000..178d8eb --- /dev/null +++ b/admin/options.php @@ -0,0 +1,123 @@ +userinfo['permissions'] & CANADMINTOOLS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + $settings = $_POST['setting']; + + foreach ($settings AS $varname => $value) + { + $DB_sql->query("REPLACE INTO " . TABLE_PREFIX . "setting (varname, value) VALUES ('" . addslasheslike(trim($varname)) . "', '" . addslasheslike(trim($value)) . "')"); + } + + build_settings(); + + $admin->redirect('options.php'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Options'); + + $admin->form_start('options.php', 'update'); + + $settings = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "setting "); + while ($setting = $DB_sql->fetch_array($settings)) + { + $options["$setting[varname]"] = $setting['value']; + } + + $IS_SETTINGS = true; + + unset($settings, $setting); + + foreach ($config AS $varname => $setting) + { + $settings["$setting[0]"][] = $setting; + } + + // Don't let them normal folk see what's going on ;-) + if (!DEVDEBUG) + { + unset($settings['untouchables'], $define['untouchables']); + } + + unset($config); + + foreach ($define AS $group) + { + $admin->table_start(); + $admin->table_head(phrase('settinggroup_' . $group)); + foreach ($settings["$group"] AS $opt) + { + $admin->row_span('" . phrase('setting_' . $opt[1] . '_title') . "", 'thead'); + switch ($opt[2]) + { + case 'textbox': + $admin->row_input(phrase('setting_' . $opt[1] . '_desc'), 'setting[' . $opt[1] . ']', $options["$opt[1]"]); + break; + + case 'yesno': + if (!isset($options["$opt[1]"])) + { + $options["$opt[1]"] = $opt[3]; + } + + $admin->list_item('Yes', '1', iff($options["$opt[1]"], true, false)); + $admin->list_item('No', '0', iff($options["$opt[1]"], false, true)); + $admin->row_list(phrase('setting_' . $opt[1] . '_desc'), 'setting[' . $opt[1] . ']', false); + break; + + default: + eval('$optcode = "' . addslasheslike($opt[3]) . '";'); + $admin->row_text(phrase('setting_' . $opt[1] . '_desc'), $optcode); + break; + } + } + $admin->table_end(); + } + + $admin->table_start(); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/priority.php b/admin/priority.php new file mode 100755 index 0000000..84dc69f --- /dev/null +++ b/admin/priority.php @@ -0,0 +1,142 @@ +userinfo['permissions'] & CANADMINFIELDS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'kill') +{ + sanitize(array('priorityid' => INT)); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]"); + build_priorities(); + $admin->redirect('priority.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + sanitize(array('priorityid' => INT)); + $admin->page_confirm('Are you sure you want to delete this priority? Doing so will revert all bugs to the default priority (which is set in the options panel)?', 'priority.php?do=kill&priorityid=' . $vars['priorityid']); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('priority' => STR, 'displayorder' => INT)); + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "priority (priority, displayorder) VALUES ('" . addslasheslike($vars['priority']) . "', $vars[displayorder])"); + build_priorities(); + $admin->redirect('priority.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add') +{ + $admin->page_start('Add New Priority'); + + $admin->form_start('priority.php', 'insert'); + $admin->table_start(); + $admin->table_head('New Priority'); + $admin->row_input('Priority Title
The title of this priority flag (eg: `Slated for Development` or `Address Now`)
', 'priority'); + $admin->row_input('Display Order
The order in which the priorities are displayed. The higher the number, the lower down in the list it is.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + sanitize(array('priorityid' => INT, 'priority' => STR, 'displayorder' => INT)); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "priority SET priority = '" . addslasheslike($vars['priority']) . "', displayorder = $vars[displayorder] WHERE priorityid = $vars[priorityid]"); + build_priorities(); + $admin->redirect('priority.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'edit') +{ + sanitize(array('priorityid' => INT)); + + $priority = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "priority WHERE priorityid = $vars[priorityid]"); + if (!is_array($priority)) + { + $admin->error('-1'); + } + + $admin->page_start('Edit Priority'); + + $admin->form_start('priority.php', 'update'); + $admin->form_hidden_field('priorityid', $priority['priorityid']); + $admin->table_start(); + $admin->table_head("Edit Priority - $priority[priority] (priorityid: $priority[priorityid])"); + $admin->row_input('Priority Title
The title of this priority flag (eg: `Slated for Development` or `Address Now`)
', 'priority', $priority['priority']); + $admin->row_input('Display Order
The order in which the priorities are displayed. The higher the number, the lower down in the list it is.
', 'displayorder', $priority['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Priority Manager'); + + $priorities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder"); + + $admin->form_start('priority.php', 'null'); + $admin->table_start(); + $admin->table_head('Priority Manager'); + + while ($priority = $DB_sql->fetch_array($priorities)) + { + $admin->row_text("$priority[displayorder]: $priority[priority]", "(priorityid: $priority[priorityid]) [Edit] [Delete]"); + } + $DB_sql->free_result($priorityes); + + $admin->row_span('', 'tfoot', 'center', 3); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/product.php b/admin/product.php new file mode 100755 index 0000000..b456ee2 --- /dev/null +++ b/admin/product.php @@ -0,0 +1,403 @@ +userinfo['permissions'] & CANADMINVERSIONS)) +{ + admin_login(); +} + +function construct_option_list($type, $id, $edit, $addcomponent, $addversion, $delete, $displayorder) +{ + $type_display = substr_replace($type, strtoupper($type{0}), 0, 1); + $type = iff($type == 'component', 'product', $type); + $type_action = iff($type == 'version', 'versionid', 'productid'); + + if ($edit) + { + $opt .= ''; + } + + if ($delete) + { + $opt .= ''; + } + + if ($addcomponent) + { + $opt .= ''; + } + + if ($addversion) + { + $opt .= ''; + } + + $type = strtolower($type); + + $name = $type . '_' . $id; + + $displayorder = iff($displayorder != -1, ' ', ''); + + return $displayorder . ' '; +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'killversion') +{ + sanitize(array('versionid' => INT)); + + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]"); + // #*# figure out what we do with bugs + + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'deleteversion') +{ + sanitize(array('versionid' => INT)); + $admin->page_confirm('Are you sure you want to delete this version? Doing so will do x to the bugs with this version.', 'product.php?do=killversion&versionid=' . $vars['versionid']); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'insertversion') +{ + sanitize(array('productid' => INT, 'version' => STR, 'displayorder' => INT)); + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "version (productid, version, displayorder) VALUES ($vars[productid], '" . addslasheslike($vars['version']) . "', $vars[displayorder])"); + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'addversion') +{ + sanitize(array('productid' => INT)); + + $admin->page_start('Add Version'); + + if ($vars['productid'] != -1) + { + $product = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]"); + if (!is_array($product)) + { + $admin->error('-1'); + } + } + else + { + $vars['productid'] = 0; + } + + $admin->form_start('product.php', 'insertversion'); + $admin->form_hidden_field('productid', $vars['productid']); + $admin->table_start(); + $admin->table_head('Add New Version'); + $admin->row_input('Version Number
This is the version string for this product.
', 'version'); + $admin->row_input('Display Order
The order in which the versions are displayed.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'updateversion') +{ + sanitize(array('versionid' => INT, 'version' => STR, 'displayorder' => INT)); + + if (empty($vars['version'])) + { + $admin->error('Please fill in a version number.'); + } + + $DB_sql->query("UPDATE " . TABLE_PREFIX . "version SET version = '" . addslasheslike($vars['version']) . "', displayorder = $vars[displayorder] WHERE versionid = $vars[versionid]"); + + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'editversion') +{ + sanitize(array('versionid' => INT)); + + $admin->page_start('Edit Version'); + + $version = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "version WHERE versionid = $vars[versionid]"); + if (!is_array($version)) + { + $admin->error('-1'); + } + + $admin->form_start('product.php', 'updateversion'); + $admin->form_hidden_field('versionid', $version['versionid']); + $admin->table_start(); + $admin->table_head('Edit Version - ' . $version['version']); + $admin->row_input('Version Number
This is the version string for this product.
', 'version', $version['version']); + $admin->row_input('Display Order
The order in which the versions are displayed.
', 'displayorder', $version['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'killproduct') +{ + sanitize(array('productid' => INT)); + + $allprods = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid] OR componentmother = $vars[productid]"); + while ($prod = $DB_sql->fetch_array($allprods)) + { + $list[] = $prod['productid']; + } + + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "product WHERE productid IN (" . implode(', ', $list) . ")"); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "version WHERE productid IN (" . implode(', ', $list) . ")"); + // #*# do bug kills here + + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'deleteproduct') +{ + sanitize(array('productid' => INT)); + $admin->page_confirm('Are you sure you want to delete this product and all of it\'s sub-versions and components (as well as any bugs contained within those groups)?', 'product.php?do=killproduct&productid=' . $vars['productid']); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'insertproduct') +{ + sanitize(array('shortname' => STR, 'title' => STR, 'componentmother' => INT, 'description' => STR, 'displayorder' => INT)); + + if (empty($vars['shortname']) OR empty($vars['title'])) + { + $admin->error('please go back and enter both fields'); + } + + $DB_sql->query(" + INSERT INTO " . TABLE_PREFIX . "product + (shortname, title, componentmother, description, displayorder) + VALUES + ('" . addslasheslike($vars['shortname']) . "', '" . addslasheslike($vars['title']) . "', + $vars[componentmother], '" . addslasheslike($vars['description']) . "', $vars[displayorder])"); + + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'addproduct') +{ + sanitize(array('productid' => INT)); + + $admin->page_start('Add New Product'); + + $admin->form_start('product.php', 'insertproduct'); + $admin->form_hidden_field('componentmother', $vars['productid']); + $admin->table_start(); + $admin->table_head('Add Product'); + $admin->row_input('Short Name
The name that can be used to submit email reports. This should be unique.
', 'shortname'); + $admin->row_input('Product Title', 'title'); + $admin->row_textarea('Description
A short description of this product.
', 'description'); + $admin->row_input('Display Order
The order in which the products are displayed.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'updateproduct') +{ + sanitize(array('productid' => INT, 'title' => STR, 'shortname' => STR, 'description' => STR, 'displayorder' => INT)); + + if (empty($vars['shortname']) OR empty($vars['title'])) + { + $admin->error('please go back and fill in both fields'); + } + + if (empty($vars['productid'])) + { + $admin->error('-1'); + } + + $DB_sql->query("UPDATE " . TABLE_PREFIX . "product SET title = '" . addslasheslike($vars['title']) . "', shortname = '" . addslasheslike($vars['shortname']) . "', description = '" . addslasheslike($vars['description']) . "', displayorder = $vars[displayorder] WHERE productid = $vars[productid]"); + + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'editproduct') +{ + sanitize(array('productid' => INT)); + + $admin->page_start('Edit Product'); + + $product = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "product WHERE productid = $vars[productid]"); + + if (!is_array($product)) + { + $admin->error('-1'); + } + + $admin->form_start('product.php', 'updateproduct'); + $admin->form_hidden_field('productid', $product['productid']); + $admin->table_start(); + $admin->table_head('Edit Product - ' . $product['title']); + $admin->row_input('Product Title', 'title', $product['title']); + $admin->row_input('Short Name
The name that can be used to submit email reports. This should be unique.
', 'shortname', $product['shortname']); + $admin->row_textarea('Description
A short description of this product.
', 'description', $product['description']); + $admin->row_input('Display Order
The order in which the products are displayed.
', 'displayorder', $product['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'displayorder') +{ + foreach ((array)$_POST['displayorder'] AS $namebit => $displayorder) + { + $name = explode('_', $namebit); + if ($name[0] == 'product' OR $name[0] == 'version') + { + $id = intval($name[1]); + $order = intval($displayorder); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "$name[0] SET displayorder = $order WHERE $name[0]id = $id"); + } + } + $admin->redirect('product.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Products and Versions'); + + $javascript = << + + +EOF; + + $admin->page_code($javascript); + + $admin->form_start('product.php', 'displayorder'); + + $products = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "product ORDER BY displayorder ASC"); + while ($prod = $DB_sql->fetch_array($products)) + { + if (!$prod['componentmother']) + { + $product["$prod[productid]"] = $prod; + } + else + { + $component["$prod[componentmother]"][] = $prod; + } + $version["$prod[productid]"] = array(); + } + $products = (array)$product; + + $versions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "version ORDER BY displayorder ASC"); + while ($vers = $DB_sql->fetch_array($versions)) + { + $version["$vers[productid]"]["$vers[versionid]"] = $vers; + } + $versions = (array)$version; + + $admin->table_start(); + $admin->table_head('Products / Versions'); + + // Handle our global versions + if (is_array($versions['0'])) + { + $admin->row_text('Global Versions', construct_option_list('product', -1, 0, 0, 1, 0, -1), 'middle', 2, 'alt3'); + foreach ($versions['0'] AS $version) + { + $admin->row_text('-- ' . $version['version'], construct_option_list('version', $version['versionid'], 1, 0, 0, 1, $version['displayorder']), 'middle', 2, 'alt2'); + } + } + + // Now let's do the rest of the versions + foreach ($products AS $product) + { + // Product + $admin->row_text("$product[title]", construct_option_list('product', $product['productid'], 1, 1, 1, 1, $product['displayorder']), 'middle', 2, 'alt3'); + + // Versions + foreach ($versions["$product[productid]"] AS $version) + { + $admin->row_text('-- ' . $version['version'], construct_option_list('version', $version['versionid'], 1, 0, 0, 1, $version['displayorder']), 'middle', 2, 'alt2'); + } + + // Components + foreach ((array)$component["$product[productid]"] AS $comp) + { + $admin->row_text("-- $comp[title]", construct_option_list('component', $comp['productid'], 1, 0, 1, 1, $comp['displayorder']), 'middle', 2, 'alt1'); + + // Component versions + foreach ($versions["$comp[productid]"] AS $version) + { + $admin->row_text('---- ' . $version['version'], construct_option_list('version', $version['versionid'], 1, 0, 0, 1, $version['displayorder']), 'middle', 2, 'alt2'); + } + } + } + + $admin->row_span(' ', 'tfoot', 'center'); + + $admin->table_end(); + + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/resolution.php b/admin/resolution.php new file mode 100755 index 0000000..b3d44de --- /dev/null +++ b/admin/resolution.php @@ -0,0 +1,142 @@ +userinfo['permissions'] & CANADMINFIELDS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'kill') +{ + sanitize(array('resolutionid' => INT)); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]"); + build_resolutions(); + $admin->redirect('resolution.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + sanitize(array('resolutionid' => INT)); + $admin->page_confirm('Are you sure you want to delete this resolution? Doing so will revert all bugs to the default resolution (which is set in the options panel)?', 'resolution.php?do=kill&resolutionid=' . $vars['resolutionid']); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('resolution' => STR, 'displayorder' => INT)); + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "resolution (resolution, displayorder) VALUES ('" . addslasheslike($vars['resolution']) . "', $vars[displayorder])"); + build_resolutions(); + $admin->redirect('resolution.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add') +{ + $admin->page_start('Add New Resolution'); + + $admin->form_start('resolution.php', 'insert'); + $admin->table_start(); + $admin->table_head('New Resolution'); + $admin->row_input('Resolution Title
The title of this resolution flag (eg: `Fixed` or `Bogus`)
', 'resolution'); + $admin->row_input('Display Order
The order in which the resolutions are displayed. The higher the number, the lower down in the list it is.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + sanitize(array('resolutionid' => INT, 'resolution' => STR, 'displayorder' => INT)); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "resolution SET resolution = '" . addslasheslike($vars['resolution']) . "', displayorder = $vars[displayorder] WHERE resolutionid = $vars[resolutionid]"); + build_resolutions(); + $admin->redirect('resolution.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'edit') +{ + sanitize(array('resolutionid' => INT)); + + $resolution = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "resolution WHERE resolutionid = $vars[resolutionid]"); + if (!is_array($resolution)) + { + $admin->error('-1'); + } + + $admin->page_start('Edit Resolution'); + + $admin->form_start('resolution.php', 'update'); + $admin->form_hidden_field('resolutionid', $resolution['resolutionid']); + $admin->table_start(); + $admin->table_head("Edit Resolution - $resolution[resolution] (resolutionid: $resolution[resolutionid])"); + $admin->row_input('Resolution Title
The title of this resolution flag (eg: `Fixed` or `Bogus`)
', 'resolution', $resolution['resolution']); + $admin->row_input('Display Order
The order in which the resolutions are displayed. The higher the number, the lower down in the list it is.
', 'displayorder', $resolution['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Resolution Manager'); + + $resolutions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder"); + + $admin->form_start('resolution.php', 'null'); + $admin->table_start(); + $admin->table_head('Resolution Manager'); + + while ($resolution = $DB_sql->fetch_array($resolutions)) + { + $admin->row_text("$resolution[displayorder]: $resolution[resolution]", "(resolutionid: $resolution[resolutionid]) [Edit] [Delete]"); + } + $DB_sql->free_result($resolutiones); + + $admin->row_span('', 'tfoot', 'center', 3); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/severity.php b/admin/severity.php new file mode 100755 index 0000000..936f586 --- /dev/null +++ b/admin/severity.php @@ -0,0 +1,142 @@ +userinfo['permissions'] & CANADMINFIELDS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'kill') +{ + sanitize(array('severityid' => INT)); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]"); + build_severities(); + $admin->redirect('severity.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + sanitize(array('severityid' => INT)); + $admin->page_confirm('Are you sure you want to delete this severity? Doing so will revert all bugs to the default severity (which is set in the options panel)?', 'severity.php?do=kill&severityid=' . $vars['severityid']); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('severity' => STR, 'displayorder' => INT)); + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "severity (severity, displayorder) VALUES ('" . addslasheslike($vars['severity']) . "', $vars[displayorder])"); + build_severities(); + $admin->redirect('severity.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add') +{ + $admin->page_start('Add New Severity'); + + $admin->form_start('severity.php', 'insert'); + $admin->table_start(); + $admin->table_head('New Severity'); + $admin->row_input('Severity Title
The title of this severity flag (eg: `Major` or `Critical`)
', 'severity'); + $admin->row_input('Display Order
The order in which the severities are displayed. The higher the number, the lower down in the list it is.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + sanitize(array('severityid' => INT, 'severity' => STR, 'displayorder' => INT)); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "severity SET severity = '" . addslasheslike($vars['severity']) . "', displayorder = $vars[displayorder] WHERE severityid = $vars[severityid]"); + build_severities(); + $admin->redirect('severity.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'edit') +{ + sanitize(array('severityid' => INT)); + + $severity = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "severity WHERE severityid = $vars[severityid]"); + if (!is_array($severity)) + { + $admin->error('-1'); + } + + $admin->page_start('Edit Severity'); + + $admin->form_start('severity.php', 'update'); + $admin->form_hidden_field('severityid', $severity['severityid']); + $admin->table_start(); + $admin->table_head("Edit Severity - $severity[severity] (severityid: $severity[severityid])"); + $admin->row_input('Severity Title
The title of this severity flag (eg: `Major` or `Critical`)
', 'severity', $severity['severity']); + $admin->row_input('Display Order
The order in which the severities are displayed. The higher the number, the lower down in the list it is.
', 'displayorder', $severity['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Severity Manager'); + + $severities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder"); + + $admin->form_start('severity.php', 'null'); + $admin->table_start(); + $admin->table_head('Severity Manager'); + + while ($severity = $DB_sql->fetch_array($severities)) + { + $admin->row_text("$severity[displayorder]: $severity[severity]", "(severityid: $severity[severityid]) [Edit] [Delete]"); + } + $DB_sql->free_result($severityes); + + $admin->row_span('', 'tfoot', 'center', 3); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/status.php b/admin/status.php new file mode 100755 index 0000000..4ffcc06 --- /dev/null +++ b/admin/status.php @@ -0,0 +1,142 @@ +userinfo['permissions'] & CANADMINFIELDS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'kill') +{ + sanitize(array('statusid' => INT)); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]"); + build_statuses(); + $admin->redirect('status.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + sanitize(array('statusid' => INT)); + $admin->page_confirm('Are you sure you want to delete this status? Doing so will revert all bugs to the default status (which is set in the options panel)?', 'status.php?do=kill&statusid=' . $vars['statusid']); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('status' => STR, 'displayorder' => INT)); + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "status (status, displayorder) VALUES ('" . addslasheslike($vars['status']) . "', $vars[displayorder])"); + build_statuses(); + $admin->redirect('status.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add') +{ + $admin->page_start('Add New Status'); + + $admin->form_start('status.php', 'insert'); + $admin->table_start(); + $admin->table_head('New Status'); + $admin->row_input('Status Title
The title of this status flag (eg: `Confirmed` or `Closed (Fixed)`)
', 'status'); + $admin->row_input('Display Order
The order in which the statuses ar displayed.
', 'displayorder'); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + sanitize(array('statusid' => INT, 'status' => STR, 'displayorder' => INT)); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "status SET status = '" . addslasheslike($vars['status']) . "', displayorder = $vars[displayorder] WHERE statusid = $vars[statusid]"); + build_statuses(); + $admin->redirect('status.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'edit') +{ + sanitize(array('statusid' => INT)); + + $status = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "status WHERE statusid = $vars[statusid]"); + if (!is_array($status)) + { + $admin->error('-1'); + } + + $admin->page_start('Edit Status'); + + $admin->form_start('status.php', 'update'); + $admin->form_hidden_field('statusid', $status['statusid']); + $admin->table_start(); + $admin->table_head("Edit Status - $status[status] (statusid: $status[statusid])"); + $admin->row_input('Status Title
The title of this status flag (eg: `Confirmed` or `Closed (Fixed)`)
', 'status', $status['status']); + $admin->row_input('Display Order
The order in which the statuses ar displayed.
', 'displayorder', $status['displayorder']); + $admin->row_submit(); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Status Manager'); + + $statuses = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "status"); + + $admin->form_start('status.php', 'null'); + $admin->table_start(); + $admin->table_head('Status Manager'); + + while ($status = $DB_sql->fetch_array($statuses)) + { + $admin->row_text("$status[displayorder]: $status[status]", "(statusid: $status[statusid]) [Edit] [Delete]"); + } + $DB_sql->free_result($statuses); + + $admin->row_span('', 'tfoot', 'center', 3); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/admin/usergroup.php b/admin/usergroup.php new file mode 100755 index 0000000..f114b7b --- /dev/null +++ b/admin/usergroup.php @@ -0,0 +1,253 @@ +userinfo['permissions'] & CANADMINGROUPS)) +{ + admin_login(); +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'modify'; +} + +// ################################################################### + +if ($_REQUEST['do'] == 'kill') +{ + sanitize(array('usergroupid' => INT)); + + if ($vars['usergroupid'] < 7) + { + $admin->error('You can\'t delete a default usergroup.'); + } + + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]"); + $DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = 2 WHERE usergroupid = $vars[usergroupid]"); + + build_usergroups(); + build_assignedto(); + + $admin->redirect('usergroup.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'delete') +{ + sanitize(array('usergroupid' => INT)); + + if ($vars['usergroupid'] < 7) + { + $admin->error('You can\'t delete a default usergroup.'); + } + + $admin->page_confirm('Are you sure you want to delete this usergroup? All users in this group will be set back to the default registered usergroup (id: 2).', 'usergroup.php?do=kill&usergroupid=' . $vars['usergroupid']); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add' OR $_REQUEST['do'] == 'edit') +{ + $add = iff($_REQUEST['do'] == 'add', true, false); + $edit = iff($_REQUEST['do'] == 'edit', true, false); + + sanitize(array('usergroupid' => INT)); + + $admin->page_start(iff($add, 'New Usergroup', 'Edit Usergroup')); + + $admin->form_start('usergroup.php', iff($add, 'insert', 'update')); + + if ($edit) + { + $usergroup = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "usergroup WHERE usergroupid = $vars[usergroupid]"); + if (!is_array($usergroup)) + { + $admin->error('-1'); + } + + $admin->form_hidden_field('usergroupid', $usergroup['usergroupid']); + } + else + { + $usergroup['permissions'] = 319; + } + + // Details + $admin->table_start(); + $admin->table_head('Usergroup Details'); + $admin->row_input('Usergroup Title', 'title', htmlspecialcharslike($usergroup['title'])); + $admin->row_input('Display Title
This is the title that others will be able to see when comments are posted.
', 'displaytitle', htmlspecialcharslike($usergroup['displaytitle'])); + $admin->row_input('Opening Tag Markup
Place all open HTML tags here that will be wrapped around the username.
', 'opentag', htmlspecialcharslike($usergroup['opentag'])); + $admin->row_input('Closing Tag Markup
Place all closed HTML tags that will close any open HTML tags entered above.
', 'closetag', htmlspecialcharslike($usergroup['closetag'])); + $admin->table_end(); + + // Permission + $admin->table_start(); + $admin->table_head('Permission Settings'); + $admin->row_span('General Permissions', 'thead', 'center'); + $admin->row_yesno('Can View the Tracker', 'perm[canviewbugs]', $usergroup['permissions'] & $_PERMISSION['canviewbugs']); + $admin->row_yesno('Can Search Bugs', 'perm[cansearch]', $usergroup['permissions'] & $_PERMISSION['cansearch']); + $admin->row_yesno('Can Subscribe to Bugs', 'perm[cansubscribe]', $usergroup['permissions'] & $_PERMISSION['cansubscribe']); + $admin->row_yesno('Can Be Assigned Bugs', 'perm[canbeassignedto]', $usergroup['permissions'] & $_PERMISSION['canbeassignedto']); + $admin->row_span('Posting/Submitting Permissions', 'thead', 'center'); + $admin->row_yesno('Can Vote on Polls', 'perm[canvote]', $usergroup['permissions'] & $_PERMISSION['canvote']); + $admin->row_yesno('Can Submit Bugs', 'perm[cansubmitbugs]', $usergroup['permissions'] & $_PERMISSION['cansubmitbugs']); + $admin->row_yesno('Can Post Comments', 'perm[canpostcomments]', $usergroup['permissions'] & $_PERMISSION['canpostcomments']); + $admin->row_yesno('Can View Attachments', 'perm[cangetattach]', $usergroup['permissions'] & $_PERMISSION['cangetattach']); + $admin->row_yesno('Can Put Attachments', 'perm[canputattach]', $usergroup['permissions'] & $_PERMISSION['canputattach']); + $admin->row_span('Moderation/Managment Permissions', 'thead', 'center'); + $admin->row_yesno('Can Edit Own Bugs', 'perm[caneditown]', $usergroup['permissions'] & $_PERMISSION['caneditown']); + $admin->row_yesno('Can Edit Others\' Bugs', 'perm[caneditothers]', $usergroup['permissions'] & $_PERMISSION['caneditothers']); + $admin->row_yesno('Can Edit Bug Information', 'perm[caneditinfo]', $usergroup['permissions'] & $_PERMISSION['caneditinfo']); + $admin->row_yesno('Can Assign Bugs', 'perm[canassign]', $usergroup['permissions'] & $_PERMISSION['canassign']); + $admin->row_yesno('Can Change Status', 'perm[canchangestatus]', $usergroup['permissions'] & $_PERMISSION['canchangestatus']); + $admin->row_span('Administrator Permissions', 'thead', 'center'); + $admin->row_yesno('Can Access Control Panel', 'perm[canadminpanel]', $usergroup['permissions'] & $_PERMISSION['canadminpanel']); + $admin->row_yesno('Can Administer Bug Reports', 'perm[canadminbugs]', $usergroup['permissions'] & $_PERMISSION['canadminbugs']); + $admin->row_yesno('Can Administer Products / Components / Versions', 'perm[canadminversions]', $usergroup['permissions'] & $_PERMISSION['canadminversions']); + $admin->row_yesno('Can Administer Additional Bug Fields', 'perm[canadminfields]', $usergroup['permissions'] & $_PERMISSION['canadminfields']); + $admin->row_yesno('Can Administer Users', 'perm[canadminusers]', $usergroup['permissions'] & $_PERMISSION['canadminusers']); + $admin->row_yesno('Can Administer Usergroups', 'perm[canadmingroups]', $usergroup['permissions'] & $_PERMISSION['canadmingroups']); + $admin->row_yesno('Can Administer Settings / Maintenance Tools', 'perm[canadmintools]', $usergroup['permissions'] & $_PERMISSION['canadmintools']); + $admin->table_end(); + + // Submit + $admin->table_start(); + $admin->row_submit(); + $admin->table_end(); + + $admin->form_end(); + + $admin->page_end(); +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR)); + + foreach ($_POST['perm'] AS $permtitle => $binaryswitch) + { + $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch; + } + + $DB_sql->query(" + INSERT INTO " . TABLE_PREFIX . "usergroup + (title, displaytitle, opentag, closetag, permissions) + VALUES + ('" . addslasheslike($vars['title']) . "', + '" . addslasheslike($vars['displaytitle']) . "', + '" . addslasheslike($vars['opentag']) . "', + '" . addslasheslike($vars['closetag']) . "', + $permissionvalue + )" + ); + + build_usergroups(); + + $admin->redirect('usergroup.php?do=modify'); + + /*echo '$permvalue = ' . $permissionvalue; + + echo '
'; + + foreach ($_PERMISSION AS $permtitle => $bitmask) + { + echo $permtitle . ' & $permvalue = ' . ($bitmask & $permissionvalue) . '
'; + } + + //print_r($_POST);*/ +} + +// ################################################################### + +if ($_POST['do'] == 'update') +{ + sanitize(array('usergroupid' => INT, 'title' => STR, 'displaytitle' => STR, 'opentag' => STR, 'closetag' => STR)); + + foreach ($_POST['perm'] AS $permtitle => $binaryswitch) + { + $permissionvalue += $_PERMISSION["$permtitle"] * $binaryswitch; + } + + $DB_sql->query(" + UPDATE " . TABLE_PREFIX . "usergroup + SET title = '" . addslasheslike($vars['title']) . "', + displaytitle = '" . addslasheslike($vars['displaytitle']) . "', + opentag = '" . addslasheslike(unhtmlspecialchars($vars['opentag'])) . "', + closetag = '" . addslasheslike(unhtmlspecialchars($vars['closetag'])) . "', + permissions = $permissionvalue + WHERE usergroupid = $vars[usergroupid]" + ); + + build_usergroups(); + build_assignedto(); + + $admin->redirect('usergroup.php?do=modify'); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'modify') +{ + $admin->page_start('Usergroup Manager'); + + $admin->form_start('usergroup.php', 'null'); + $admin->table_start(); + $admin->table_head('Usergroup Manager', 3); + + $groups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup ORDER BY usergroupid ASC"); + while ($group = $DB_sql->fetch_array($groups)) + { + $usergroups["$group[usergroupid]"] = $group; + } + $DB_sql->free_result($groups); + + $groups = $DB_sql->query(" + SELECT COUNT(user.userid) AS total, user.usergroupid + FROM " . TABLE_PREFIX . "user AS user + LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup USING (usergroupid) + GROUP BY usergroup.usergroupid + ORDER BY usergroup.usergroupid" + ); + while ($group = $DB_sql->fetch_array($groups)) + { + $usergroups["$group[usergroupid]"]['total'] = $group['total']; + } + + $admin->table_column_head(array('Usergroup', 'Number of Users', 'Action')); + foreach ($usergroups AS $group) + { + $admin->row_multi_item(array("$group[title]" => 'l', iff(!$group['total'], '-', $group['total']) => 'c', "[Edit]" . iff($group['usergroupid'] > 6, "[Delete]") => 'c')); + } + + $admin->row_span('', 'tfoot', 'center', 3); + $admin->table_end(); + $admin->form_end(); + + $admin->page_end(); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/docs/mycookies.php b/docs/mycookies.php new file mode 100755 index 0000000..0582c1e --- /dev/null +++ b/docs/mycookies.php @@ -0,0 +1,29 @@ +\r"; + echo "\r"; + echo ''; + echo "\r"; + + foreach ($_COOKIE AS $varname => $value) + { + echo "\r'; + } + + echo '
NameValueDel
" . $varname . '' . $value . '
'; + + echo "\r
\r"; +} +else +{ + foreach ($_POST['del'] AS $remove) + { + setcookie($remove, '', time() - (2 * 900), '/'); + } + + header("Location: mycookies.php"); +} + +?> \ No newline at end of file diff --git a/docs/recache.php b/docs/recache.php new file mode 100755 index 0000000..a8a9ac5 --- /dev/null +++ b/docs/recache.php @@ -0,0 +1,41 @@ +Script initialized

'; + +build_settings(); + +echo '

Settings cached

'; + +build_usergroups(); + +echo '

Usergroups cached

'; + +build_languages(); + +echo '

Languages cached

'; + +build_statuses(); + +echo '

Statuses cached

'; + +build_priorities(); + +echo '

Priorities cached

'; + +build_assignedto(); + +echo '

Developers / assignable users cached

'; + +build_resolutions(); + +echo '

Resolutions cached

'; + +// $Id$ + +?> \ No newline at end of file diff --git a/docs/roadmap.txt b/docs/roadmap.txt new file mode 100755 index 0000000..1a8b90f --- /dev/null +++ b/docs/roadmap.txt @@ -0,0 +1,52 @@ +THIS IS THE ROADMAP FOR BUGTRACK 1.0 AND 1.1. BASE FEATURES SHOULD BE PLACED IN 1.0 WHILE LARGE EXTENSIONS AND ENHANCEMENTS SHOULD BE PLACED IN 1.1. + +ITEMS MARKED '+' ARE DOABLE AND SHOULD BE ADDED. ITEMS MARKED '-' ARE TENTATIVE AND SHOULD BE LOOKED INTO FOR FEASIBILITY. ITEMS MARKED WITH '*' ARE COMPLETED AND SHOULD BE LEFT ON FOR BUILDING A FEATURE LIST. + +SVN: $Id$ + +############################################################################### +BUGTRACK 1.0 + +---------------------------------------- + ALPHA 1 +---------------------------------------- +* Admin CP edit: + * Statuses + * Settings + * Priorities + * Severities + * Products +* Language system set up, but not in use with the exception of settings +* Permissions system ++ Bug system + + Report + + Manage + + Edit + +---------------------------------------- + ALPHA 2 +---------------------------------------- ++ Searching ++ Custom bug fields ++ Phrase admin control panel (start, do not worry about duplicates) + +---------------------------------------- + BETA 1 +---------------------------------------- ++ Move all presentation code out of files and into template system ++ Frame templates in doctype, html setup ++ Email-based reply system + +---------------------------------------- + BETA 2 +---------------------------------------- ++ Create new style ++ Bug statistics ++ Create installer system ++ Attachment uploading + +---------------------------------------- + RELEASE CANDIDATES +---------------------------------------- ++ Create upgrade system ++ Stomp out all remaining bugs \ No newline at end of file diff --git a/includes/adminfunctions.php b/includes/adminfunctions.php new file mode 100755 index 0000000..0a49772 --- /dev/null +++ b/includes/adminfunctions.php @@ -0,0 +1,355 @@ + + + +EOD; + + $this->page_start('Redirect', ':default:', 15, $js); + + $this->page_message('Redirect', 'Please wait to be redirected. If you are not redirected in a few seconds, click here.'); + + $this->page_end(); + } + + function error($message) + { + $this->page_start('Error'); + $this->page_message('Error', $message); + $this->page_end(); + + exit; + } + + // ################################################################### + // ########################### PAGE CONTROL ########################## + // ################################################################### + function page_start($actiontitle, $pageclass = ':default:', $pagemargin = 15, $extra = '', $onload = false, $margin = 0, $dotpath = '.') + { + $title = '[#]app[#] - Administration - ' . $actiontitle; + + echo "\r"; + echo "\r"; + echo "\r\t$title"; + echo "\r\t"; + echo "\r\t" . iff($extra, "\r$extra"); + if (!defined('HIDE_SETUP')) + { + echo "\r\t"; + } + echo "\r\r\r"; + + echo "
\r\r\r"; + } + + function page_code($code) + { + echo "\r\r$code\r\r"; + } + + function page_message($title, $message) + { + $this->table_start(true, '75%'); + $this->table_head($title, 1); + $this->row_span("
$message
", ':swap:', 'left', 1); + $this->table_end(); + } + + function page_confirm($message, $location) + { + $this->page_start('Confirm'); + + $this->page_message('Confirm', $message . '

'); + + $this->page_end(); + } + + function page_end() + { + global $env; + + $copyright = "\r
\r

\r\t[#]app[#] " . $env->options['trackerversion'] . ", © 2003 - " . date('Y') . " Iris Studios, Inc.\r

"; + + if (!defined('HIDE_SETUP')) + { + echo "\r\r
\r$copyright"; + } + else + { + echo "\r\r"; + } + + echo "\r\r\r"; + + exit; + } + + // ################################################################### + // ##################### TABLE SKELETON RENDERING #################### + // ################################################################### + function table_start($break = true, $width = '90%') + { + if ($break) + { + echo '
'; + } + + echo "\r\r"; + } + + function table_head($title, $colspan = 2, $strong = true) + { + echo "\r\t\r\r"; + } + + function table_column_head($columnarray) + { + if (is_array($columnarray)) + { + $render = "\r"; + + foreach ($columnarray AS $header) + { + $render .= "\t\r"; + } + + $render .= "\r"; + + echo $render; + } + } + + function table_end() + { + echo "\r
" . iff($strong, "$title", $title) . "
$header
\r"; + } + + // ################################################################### + // ########################## FORM CREATION ########################## + // ################################################################### + function form_start($action, $do, $enctype = false, $name = 'inputform', $submitmethod = 'post') + { + echo "\r\r
\r"; + $this->form_hidden_field('do', $do); + } + + function form_hidden_field($name, $value) + { + echo "\r"; + } + + function form_end() + { + echo "
\r\r"; + } + + // ################################################################### + // ####################### TABLE ROW RENDERING ####################### + // ################################################################### + function row_span($text, $class = ':swap:', $align = 'left', $colspan = 2) + { + if ($class === ':swap:') + { + global $row_class; + exec_swap_bg(); + $is_style_element = false; + } + else + { + if (preg_match('#:style:(.*?)#i', $class)) + { + $is_style_element = true; + $style = str_replace(':style:', '', $class); + } + else + { + $row_class = $class; + $is_style_element = false; + } + } + + echo "\r\t$text\r"; + } + + function row_multi_item($row_array) + { + global $row_class; + exec_swap_bg(); + + foreach ($row_array AS $item => $align) + { + $row_data["$align"][] = $item; + } + + echo ""; + + foreach ($row_data AS $align_key => $item_array) + { + if ($align_key == 'c') + { + $align = 'center'; + } + else if ($align_key == 'l') + { + $align = 'left'; + } + else if ($align_key == 'r') + { + $align = 'right'; + } + + foreach ($item_array AS $value) + { + echo "\r\t$value"; + } + } + + echo "\r\r"; + } + + function row_text($label, $value = ' ', $valign = 'top', $colspan = 2, $class = -1) + { + global $IS_SETTINGS; + + if ($class == -1) + { + if (!$IS_SETTINGS) + { + global $row_class; + exec_swap_bg(); + } + else + { + $row_class = 'alt2'; + } + } + else + { + $row_class = $class; + } + + echo ""; + echo "\r\t$label"; + echo "\r\t$value"; + + if ($colspan > 2) + { + echo "\r\t "; + } + + echo "\r\r"; + } + + function row_input($label, $name, $value = '', $colspan = 2, $size = 35, $length = false, $password = false, $lalign = 'top') + { + $this->row_text($label, "", $lalign, $colspan); + } + + function row_textarea($label, $name, $value = '', $colspan = 2, $rows = 7, $cols = 50, $code = false, $style = '') + { + $this->row_text($label, "", 'top', $colspan); + } + + function row_tfoot($data, $colspan = 2) + { + echo $this->row_span($data, 'tfoot', 'center'); + } + + function row_submit($extra = false, $submit = ':save:', $reset = ':reset:', $colspan = 2) + { + if ($submit === ':save:') + { + $submit = " Save "; + } + else + { + $submit = " $submit "; + } + + if ($reset === ':reset:') + { + $reset = " Reset "; + } + else + { + $reset = iff($reset, " $reset "); + } + + $output = "\r\t\t"; + $output .= iff($reset, "\r\t\t $extra\r\t"); + $this->row_tfoot($output); + } + + function row_upload($label, $name, $colspan = 2) + { + $this->row_text($label, "", 'top', $colspan); + } + + function list_item($name, $value, $selected = false) + { + global $listitem; + + $listitem[] = "\r\t"; + } + + function row_list($label, $name, $is_jump = true, $colspan = 2) + { + global $listitem; + + foreach ($listitem AS $option) + { + $optionlist .= $option; + } + + $listitem = ''; + + $this->row_text($label, "\r" . iff($is_jump, "\r") . "\r", $colspan); + } + + function row_yesno($label, $name, $value, $colspan = 2) + { + $this->row_text($label, " Yes No", $colspan); + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/includes/config.php.dist b/includes/config.php.dist new file mode 100755 index 0000000..5cf614c --- /dev/null +++ b/includes/config.php.dist @@ -0,0 +1,72 @@ + \ No newline at end of file diff --git a/includes/db_mysql.php b/includes/db_mysql.php new file mode 100755 index 0000000..65565f1 --- /dev/null +++ b/includes/db_mysql.php @@ -0,0 +1,134 @@ +link_id == 0) + { + if ($pconnect) + { + $this->link_id = @mysql_pconnect($server, $user, $password); + } + else + { + $this->link_id = @mysql_connect($server, $user, $password); + } + + if (!$this->link_id) + { + $this->throw('Link-Id == false, can not connect'); + return false; + } + + $candb = @mysql_select_db($this->database, $this->link_id); + if ($candb) + { + return true; + } + else + { + $this->throw('Cannot use the database ' . $this->database); + } + } + } + + function query($qstring) + { + $this->query_id = mysql_query($qstring, $this->link_id); + $this->current_query = $qstring; + $this->query_history[] = $this->current_query; + + if (!$this->query_id) + { + $this->throw('Invalid SQL query: ' . $this->current_query); + } + + return $this->query_id; + } + + function fetch_array($query_id) + { + return @mysql_fetch_array($query_id, MYSQL_ASSOC); + } + + function free_result($query_id) + { + @mysql_free_result($query_id); + $this->query_id = 0; + } + + function query_first($qstring) + { + $resource = $this->query($qstring); + $array = $this->fetch_array($resource); + $this->free_result($resource); + return $array; + } + + function insert_id() + { + return mysql_insert_id($this->link_id); + } + + function num_rows($query_id) + { + return @mysql_num_rows($query_id); + } + + function affected_rows() + { + return @mysql_affected_rows($this->link_id); + } + + function throw($message) + { + if ($this->link_id) + { + $this->error = mysql_error($this->link_id); + $this->errno = mysql_errno($this->link_id); + } + + echo "\r"; + echo "\r\r\r"; + echo "{$this->appname} Error\r\r\r\r\r

An error occured in {$this->appname}

\r\r

\r\t

\r\t\t»"; + echo "Query:\r\t\t
\r\t\t
{$this->current_query}
\r\t\t
\r\t\t»Error Number: "; + echo "{$this->errno}\r\t\t
\r\t\t
\r\t\t»Error Message: {$this->error}\r\t\t"; + echo "
\r\t\t
\r\t\t»File: $_SERVER[PHP_SELF]\r\t
\r

\r\r\r"; + + exit; + + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/includes/functions.php b/includes/functions.php new file mode 100755 index 0000000..722060e --- /dev/null +++ b/includes/functions.php @@ -0,0 +1,230 @@ +language["$args[0]"]) + { + if ($numargs < 2) + { + $phrase = $phrasetext; + } + else + { + if (!($phrase = @call_user_func_array('sprintf', $args))) + { + for ($i = 1; $i < $numargs; $i++) + { + $phrase = str_replace("%{$i}\$s", $args["$i"], $phrase); + } + } + } + return preg_replace('#%([0-9].*?)\$s#', '[ARG \1: UNDEFINED]', $phrase); + } + else + { + return "[UNDEFINED PHRASE: $args[0]]"; + } +} + +// ########################## Start sanitize ######################### +function sanitize($toclean) +{ + global $vars; + + foreach ($toclean AS $varname => $cleaner) + { + $varvalue = $_REQUEST["$varname"]; + switch (strtoupper($cleaner)) + { + case 'STR': + $cleaned = trim($varvalue); + break; + + case 'STR_NOHTML': + $cleaned = htmlspecialchars(trim($varvalue)); + break; + + case 'INT': + $cleaned = intval($varvalue); + break; + + case 'FLOAT': + $cleaned = floatval($varvalue); + break; + + default: break; + } + $vars["$varname"] = $cleaned; + } +} + +// ##################### Start fetch_random_chars #################### +function fetch_random_chars($length = 0) +{ + // Gimme a length! + if (!$length) + { + $length = rand(20, 65); + } + + // Number of ints in our salt + $intcount = rand(0, intval($length / 2)); + + // Number of chars + $charcount = $length - $intcount; + + // Upper-case chars + $upperchars = rand(1, intval($charcount / 2)); + + // Lower-case chars + $lowerchars = $charcount - $upperchars; + + // Generate ints + for ($i = 0; $i < $intcount; $i++) + { + $string[] = rand(0, 9); + } + + // Generate upper chars + for ($i = 0; $i < $upperchars; $i++) + { + $string[] = chr(rand(65, 90)); + } + + // Generate lower chars + for ($i = 0; $i < $lowerchars; $i++) + { + $string[] = chr(rand(97, 122)); + } + + // Randomly key the chars + foreach ($string AS $char) + { + $rand = mt_rand(); + $newstr["$rand"] = $char; + } + + // Sort the chars by thier random assignment + ksort($newstr); + + // Flatten the array + $string = ''; + foreach ($newstr AS $char) + { + $string .= $char; + } + + return $string; +} + +// ######################## Start mysetcookie ######################## +function mysetcookie($name, $value = false, $sticky = true) +{ + // Expire the cookie if it doesn't have a value + if (!$value) + { + setcookie($name, $value, time() - (2 * 900), '/'); + } + else + { + // Make the cookie one that stays? + if ($sticky) + { + $expire = time() + 60 * 60 * 24 * 365; + } + else + { + $expire = 0; + } + setcookie($name, $value, $expire, '/'); + } +} + +// ############################ Start iff ############################ +function iff($condition, $true, $false = null) +{ + return ($condition) ? ($true) : ($false); +} + +// ######################## Start exec_swap_bg ####################### +function exec_swap_bg($class1 = 'alt1', $class2 = 'alt2') +{ + global $row_class; + static $row_count; + + $row_class = iff($row_count % 2, $class1, $class2); + $row_count++; +} + +// ####################### Start addslasheslike ###################### +// leave this named as such for easy typing +function addslasheslike($str) +{ + static $mqgpc; + + if (!isset($mqgpc)) + { + $mqgpc = get_magic_quotes_gpc(); + } + + if ($mqgpc) + { + return $str; + } + else + { + return addslashes($str); + } +} + +// #################### Start htmlspecialcharslike ################### +function htmlspecialcharslike($str) +{ + return str_replace(array('"', '<', '>'), array('"', '<', '>'), $str); +} + +// ##################### Start unhtmlspecialchars #################### +function unhtmlspecialchars($str) +{ + return str_replace(array('"', '<', '>'), array('"', '<', '>'), $str); +} + +// ################## Start fetch_user_display_name ################## +// preps a dispaly name if one isn't set +// should be able to be removed by the final version as registration should set this +function fetch_user_display_name(&$userinfo) +{ + if (!$userinfo['displayname']) + { + $userinfo['displayname'] = ucwords(trim(str_replace(array('@', '.com', '.net', '.edu', '.org', '.info', '.biz'), ' ', $userinfo['email']))); + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/includes/functions_datastore.php b/includes/functions_datastore.php new file mode 100755 index 0000000..1370f6c --- /dev/null +++ b/includes/functions_datastore.php @@ -0,0 +1,185 @@ +query("SELECT * FROM " . TABLE_PREFIX . "language"); + while ($language = $DB_sql->fetch_array($languages)) + { + $tempstore["$language[languageid]"] = $language; + } + + $DB_sql->query(" + ### replacing the language cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('language', '" . addslasheslike(serialize($tempstore)) . "')" + ); + + $env->datastore['language'] = $tempstore; +} + +// ####################### Start build_settings ###################### +function build_settings() +{ + global $DB_sql, $env; + + $settings = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "setting"); + while ($setting = $DB_sql->fetch_array($settings)) + { + $options["$setting[varname]"] = $setting['value']; + } + + $DB_sql->query(" + ### replacing the setting cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('setting', '" . addslasheslike(serialize($options)) . "')" + ); + + $env->datastore['setting'] = $options; +} + +// ###################### Start build_usergroups ##################### +function build_usergroups() +{ + global $DB_sql, $env; + + $usergroups = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "usergroup"); + while ($usergroup = $DB_sql->fetch_array($usergroups)) + { + $groups["$usergroup[usergroupid]"] = $usergroup; + } + + $DB_sql->query(" + ### replacing usergroup cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('usergroup', '" . addslasheslike(serialize($groups)) . "')" + ); + + $env->datastore['usergroup'] = $groups; +} + +// ####################### Start build_statuses ###################### +function build_statuses() +{ + global $DB_sql, $env; + + $statuses = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "status ORDER BY displayorder ASC"); + while ($status = $DB_sql->fetch_array($statuses)) + { + $tempstore["$status[statusid]"] = $status; + } + + $DB_sql->query(" + ### replacing status cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('status', '" . addslasheslike(serialize($tempstore)) . "')" + ); + + $env->datastore['status'] = $tempstore; +} + +// ###################### Start build_severities ##################### +function build_severities() +{ + global $DB_sql, $env; + + $severities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "severity ORDER BY displayorder ASC"); + while ($severity = $DB_sql->fetch_array($severities)) + { + $tempstore["$severity[severityid]"] = $severity; + } + + $DB_sql->query(" + ### replacing severity cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('severity', '" . addslasheslike(serialize($tempstore)) . "')" + ); + + $env->datastore['severity'] = $tempstore; +} + +// ###################### Start build_priorities ##################### +function build_priorities() +{ + global $DB_sql, $env; + + $priorities = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "priority ORDER BY displayorder ASC"); + while ($priority = $DB_sql->fetch_array($priorities)) + { + $tempstore["$priority[priorityid]"] = $priority; + } + + $DB_sql->query(" + ### replacing priority cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('priority', '" . addslasheslike(serialize($tempstore)) . "')" + ); + + $env->datastore['priority'] = $tempstore; +} + +// ###################### Start build_assignedto ##################### +function build_assignedto() +{ + global $DB_sql, $env; + + $users = $DB_sql->query(" + SELECT user.email, user.displayname, user.userid, user.showemail + FROM " . TABLE_PREFIX . "user AS user + LEFT JOIN " . TABLE_PREFIX . "usergroup AS usergroup ON (user.usergroupid = usergroup.usergroupid) + WHERE (usergroup.permissions & " . CANBEASSIGNEDTO . ")" + ); + while ($user = $DB_sql->fetch_array($users)) + { + fetch_user_display_name($user); + $devs["$user[userid]"] = $user; + } + + $DB_sql->query(" + ### replacing developer / assign to cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('assignto', '" . addslasheslike(serialize($devs)) . "')" + ); + + $env->datastore['assignto'] = $devs; +} + +// ##################### Start build_resolutions ##################### +function build_resolutions() +{ + global $DB_sql, $env; + + $resolutions = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "resolution ORDER BY displayorder ASC"); + while ($resolution = $DB_sql->fetch_array($resolutions)) + { + $tempstore["$resolution[resolutionid]"] = $resolution; + } + + $DB_sql->query(" + ### replacing resolution cache ### + REPLACE INTO " . TABLE_PREFIX . "datastore (title, data) + VALUES ('resolution', '" . addslasheslike(serialize($tempstore)) . "')" + ); + + $env->datastore['resolution'] = $tempstore; +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/includes/functions_mail.php b/includes/functions_mail.php new file mode 100755 index 0000000..fb27f85 --- /dev/null +++ b/includes/functions_mail.php @@ -0,0 +1,100 @@ +options['webmasteremail']) + { + $fromemail = fetch_first_line($env->options['webmasteremail']); + } + else + { + // Do we want a sender? + if ($fparam) + { + return false; + } + } + } + + // Work out the recipient + $toemail = fetch_first_line($toemail); + if (!$toemail) + { + return false; + } + + // Work out the subject + $subject = fetch_first_line($subject); + if (!$subject) + { + $subject = $env->options['trackertitle'] . ' Notification'; + } + + // Work out the body + $message = convert_standard_line_breaks($message); + if (!$message) + { + return false; + } + + // Construct mail headers + $headers = convert_standard_line_breaks($headers, "\n"); + $headers .= "From: \"$fromemail\" <" . $env->options['webmasteremail'] . ">\n"; + $headers .= "Return-Path: " . $env->options['webmasteremail'] . "\n"; + $headers .= "X-Mailer: [#]app[#] [#]version[#] Mail\n"; + $headers .= "Content-Type: text/plain; charset=\"" . $env->options['lang_charset'] . "\"\n"; + $headers .= "Content-Transfer-Encoding: 7bit\n"; + + if ($fparam) + { + mail($toemail, $subject, $message, trim($headers), "-f $fromemail"); + } + else + { + mail($toemail, $subject, $message, trim($headers)); + } +} + +// ###################### Start fetch_first_line ##################### +function fetch_first_line($text) +{ + $broken = explode("\r\n", convert_standard_line_breaks($text)); + return $broken[0]; +} + +// ################ Start convert_standard_line_breaks ############### +function convert_standard_line_breaks($text, $convert_to = "\r\n") +{ + return preg_replace("#(\r|\n|\r\n)#s", $convert_to, trim($text)); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/includes/init.php b/includes/init.php new file mode 100755 index 0000000..22fd90a --- /dev/null +++ b/includes/init.php @@ -0,0 +1,197 @@ +appname = '[#]app[#]'; +$DB_sql->database = $database; +$DB_sql->connect($servername, $username, $password, $usepconnect); +define('DEVDEBUG', $debug); +define('TABLE_PREFIX', $tableprefix); +define('COOKIE_PREFIX', $cookieprefix); +unset($database, $servername, $username, $password, $usepconnect, $tableprefix, $cookieprefix); + +// ################################################################### +// Initialize our environment +require_once('./includes/functions_datastore.php'); +require_once('./includes/functions.php'); +class Environment +{ + var $options = array(); + var $userinfo = array(); + var $language = array(); + var $datastore = array(); + + function Environment() + { + global $DB_sql, $vars; + + // Fetch all the datastore caches + $datastoretemp = $DB_sql->query("SELECT * FROM " . TABLE_PREFIX . "datastore"); + while ($store = $DB_sql->fetch_array($datastoretemp)) + { + $this->datastore["$store[title]"] = unserialize($store['data']); + } + + // Assign options and fetch the userinfo + $this->options = $this->datastore['setting']; + unset($this->datastore['setting']); + $this->userinfo = (array)$this->fetch_userinfo(-1, true); + + // Pull our languageid + if ($this->userinfo['userid']) + { + $languageid = $this->userinfo['languageid']; + $language = $this->datastore['language']["$languageid"]; + } + if (!$languageid) + { + foreach ($this->datastore['language'] AS $language) + { + if ($language['default']) + { + $languageid = $language['languageid']; + $language = $this->datastore['language']["$languageid"]; + break; + } + } + } + + // Load language system + if (file_exists("./locale/$language[filename]")) + { + require_once("./locale/$language[filename]"); + $this->language = $language; + $this->options['lang_charset'] = $cfg['charset']; + $this->options['lang_dir'] = $cfg['direction']; + $this->options['lang_code'] = $cfg['languagecode']; + unset($language); + } + else + { + echo "language file (locale/$language[filename]) could not be loaded!"; + exit; + } + } + + function fetch_userinfo($userid = -1, $verify_password = false) + { + global $DB_sql; + + // Get the userid if not specified + if ($userid == -1) + { + $userid = intval($_COOKIE[COOKIE_PREFIX . 'userid']); + } + + // Set the falseinfo stuff + $falseinfo = array( + 'usergroupid' => 1, + 'userid' => 0, + 'email' => '', + 'displayname' => '', + 'permissions' => $this->datastore['usergroup'][1]['permissions'], + 'displaytitle' => $this->datastore['usergroup'][1]['displaytitle'], + 'mdisplayname' => $this->datastore['usergroup'][1]['opentag'] . '' . $this->datastore['usergroup'][1]['closetag'] + ); + + // Get the userinfo + $userinfo = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $userid"); + if (is_array($userinfo)) + { + $userinfo['permissions'] = (int)$this->datastore['usergroup']["$userinfo[usergroupid]"]['permissions']; + $userinfo['displaytitle'] = $this->datastore['usergroup']["$userinfo[usergroupid]"]['displaytitle']; + fetch_user_display_name($userinfo); + $userinfo['mdisplayname'] = $this->datastore['usergroup']["$userinfo[usergroupid]"]['opentag'] . $userinfo['displayname'] . $this->datastore['usergroup']["$userinfo[usergroupid]"]['closetag']; + // Verify that the cookie isn't fake + if ($verify_password) + { + if ($_COOKIE[COOKIE_PREFIX . 'authkey'] == $userinfo['authkey']) + { + return $userinfo; + } + else + { + mysetcookie(COOKIE_PREFIX . 'userid'); + mysetcookie(COOKIE_PREFIX . 'authkey'); + return $falseinfo; + } + } + else + { + return $userinfo; + } + } + else + { + mysetcookie(COOKIE_PREFIX . 'userid'); + mysetcookie(COOKIE_PREFIX . 'authkey'); + return $falseinfo; + } + } +} + +$env = new Environment(); + +// ################################################################### +// Initialize usergroup system +$_PERMISSION = array( + 'canviewbugs' => 1, + 'cansearch' => 2, + 'cansubscribe' => 4, + 'canvote' => 8, + 'cansubmitbugs' => 16, // 5 + 'canpostcomments' => 32, + 'cangetattach' => 64, + 'canputattach' => 128, + 'caneditown' => 256, + 'caneditothers' => 512, // 10 + 'caneditinfo' => 1024, + 'canassign' => 2048, + 'canchangestatus' => 4096, + 'canadminpanel' => 8192, + 'canadminbugs' => 16384, // 15 + 'canadminversions' => 32768, + 'canadminusers' => 65536, + 'canadmingroups' => 131072, + 'canadmintools' => 262144, + 'canadminfields' => 524288, // 20 + 'canbeassignedto' => 1048576 +); + +foreach ($_PERMISSION AS $name => $maskvalue) +{ + define(strtoupper($name), $maskvalue); +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/login.php b/login.php new file mode 100755 index 0000000..3cb2b64 --- /dev/null +++ b/login.php @@ -0,0 +1,109 @@ +userinfo['userid'] AND $_REQUEST['do'] != 'logout' AND $_POST['do'] != 'cplogin') +{ + echo 'You are already logged in.'; + exit; +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + echo << + + +Email:
+Password:
+Remember Me: Yes
+ + +EOF; +} + +// ################################################################### + +if ($_POST['do'] == 'login' OR $_POST['do'] == 'cplogin') +{ + sanitize(array('email' => STR_NOHTML, 'password' => STR, 'rememberme' => INT)); + + if ($_POST['cplogin']) + { + $vars['rememberme'] = 1; + } + + if ($_POST['goindex']) + { + $_SERVER['HTTP_REFERER'] = ''; + } + + if ($_SERVER['HTTP_REFERER']) + { + $url = $_SERVER['HTTP_REFERER']; + } + else + { + $url = 'index.php'; + } + + $userinfo = $DB_sql->query_first("SELECT * FROM user WHERE email = '" . addslasheslike($vars['email']) . "'"); + if (md5(md5($vars['password']) . md5($userinfo['salt'])) == $userinfo['password']) + { + mysetcookie(COOKIE_PREFIX . 'userid', $userinfo['userid'], $vars['rememberme']); + mysetcookie(COOKIE_PREFIX . 'authkey', $userinfo['authkey'], $vars['rememberme']); + } + else + { + mysetcookie(COOKIE_PREFIX . 'userid'); + mysetcookie(COOKIE_PREFIX . 'authkey'); + echo 'Invalid email or password.'; + exit; + } + + if ($_POST['do'] == 'cplogin') + { + mysetcookie(COOKIE_PREFIX . 'adminsession', md5(md5($userinfo['authkey']) . md5($userinfo['email']) . md5($userinfo['userid']))); + } + + echo 'You are now logged in :-)'; + + header("Location: $url"); +} + +// ################################################################### + +if ($_REQUEST['do'] == 'logout') +{ + if ($env->userinfo['userid']) + { + mysetcookie(COOKIE_PREFIX . 'userid'); + mysetcookie(COOKIE_PREFIX . 'authkey'); + } + else + { + echo 'You need to be logged in!'; + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/newreport.php b/newreport.php new file mode 100755 index 0000000..f0cbd45 --- /dev/null +++ b/newreport.php @@ -0,0 +1,217 @@ +userinfo['permissions'] & CANSUBMITBUGS)) +{ + echo 'NO permission'; + exit; +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + $_REQUEST['do'] = 'add'; +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array( + 'product' => INT, + 'component' => INT, + 'version' => INT, + 'summary' => STR, + 'severity' => INT, + 'priority' => INT, + 'status' => INT, + 'resolution' => INT, + 'assignedto' => INT, + 'comment' => STR) + ); + + // check permissions on various input values + if (!$env->userinfo['permissions'] & CANCHANGESTATUS) + { + unset($vars['priority'], $vars['status'], $vars['resolution']); + } + if (!$env->userinfo['permissions'] & CANASSIGN) + { + unset($vars['assignedto']); + } + else + { + // assigned person is not a dev or a valid user + if (!$env->datastore['assignto']["$vars[assignedto]"]['userid']) + { + unset($vars['assignedto']); + } + } +} + +// ################################################################### + +if ($_REQUEST['do'] == 'add') +{ + sanitize(array( + 'product' => INT, + 'component' => INT, + 'version' => INT) + ); + + // the user can hit the back button without reposting data... + if (!$vars['product'] OR !$vars['component'] OR !$vars['version']) + { + $method = 'get'; + } + else + { + $method = 'post'; + } + + echo '
'; + + $do = 'add'; + + if (!$vars['product']) + { + echo 'Product: '; + } + else if (!$vars['component']) + { + echo 'Component: '; + echo ''; + } + else if (!$vars['version']) + { + echo 'Version: '; + echo ''; + echo ''; + } + else + { + $do = 'insert'; + echo '
Summary/Title:
'; + + echo '
Severity:
'; + + if ($env->userinfo['permissions'] & CANCHANGESTATUS) + { + echo '
Priority:
'; + + echo '
Status:
'; + + echo '
Resolution:
'; + } + + if ($env->userinfo['permissions'] & CANASSIGN) + { + echo '
Assigned to:
'; + } + + echo '
Detailed description:
'; + } + + echo '
'; + + echo '
'; +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file diff --git a/register.php b/register.php new file mode 100755 index 0000000..309d418 --- /dev/null +++ b/register.php @@ -0,0 +1,178 @@ +userinfo['userid']) +{ + echo 'Sorry, you are already registered!'; + exit; +} + +if (!$env->options['allownewreg']) +{ + echo 'Sorry, we don\'t allow new registrations!'; + exit; +} + +// ################################################################### + +if (empty($_REQUEST['do'])) +{ + foreach ($env->datastore['language'] AS $languageid => $language) + { + $opts .= ""; + } + + echo << + +Email:
+Confirm Email:
+Display Name:
+Password:
+Confirm Password:
+Show My Email Publicly: Yes
+Language:
+ + +EOF; +} + +// ################################################################### + +if ($_POST['do'] == 'insert') +{ + sanitize(array('email' => STR_NOHTML, 'confirmemail' => STR_NOHTML, 'displayname' => STR_NOHTML, 'password' => STR, 'confirmpassword' => STR, 'showemail' => INT, 'languageid' => INT)); + + if ($vars['email'] != $vars['confirmemail']) + { + $errors[] = 'The emails you entered do not match.'; + } + + if (!$vars['email']) + { + $errors[] = 'The password you specified was blank.'; + } + + if ($vars['password'] != $vars['confirmpassword']) + { + $errors[] = 'The passwords you entered did not match.'; + } + + if (!$vars['password']) + { + $errors[] = 'The password you specified was blank.'; + } + + if (is_array($DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email = '" . addslasheslike($vars['email']) . "'"))) + { + $errors[] = 'The specified email is already in use.'; + } + + if (is_array($errors)) + { + echo implode('
', $errors); + exit; + } + + $salt = fetch_random_chars(15); + + if ($env->options['verifyemail']) + { + $usergroupid = 3; + } + else + { + if ($env->options['moderatenewusers']) + { + $usergroupid = 4; + } + else + { + $usergroupid = 2; + } + } + + $DB_sql->query(" + INSERT INTO " . TABLE_PREFIX . "user + (email, displayname, password, salt, authkey, showemail, languageid, usergroupid) + VALUES + ('" . addslasheslike($vars['email']) . "', + '" . addslasheslike($vars['displayname']) . "', + '" . md5(md5($vars['password']) . md5($salt)) . "', + '$salt', + '" . fetch_random_chars() . "', + $vars[showemail], + $vars[languageid], + $usergroupid + )" + ); + + $userid = $DB_sql->insert_id(); + + // Verify email address + if ($usergroupid == 3) + { + $activationid = fetch_random_chars(25); + + $DB_sql->query("INSERT INTO " . TABLE_PREFIX . "useractivation (userid, activator, dateline, usergroupid) VALUES ($userid, '$activationid', " . NOW . ", 2)"); + + mymail(addslasheslike($vars['email']), 'Welcome to ' . $env->options['trackertitle'], "Hi " . addslasheslike($vars['displayname']) . " you need to activate your account: http://devbox/bugtraq/register.php?do=activate&userid=" . $userid . "&activator=" . $activationid); + + echo 'You now need to activate your account via email.'; + } + else if ($usergroupid == 4 OR $usergroupid == 2) + { + if ($env->options['sendwelcomemail']) + { + mymail(addslasheslike($vars['email']), 'Welcome to ' . $env->options['trackertitle'], "Hi " . addslasheslike($vars['displayname']) . " and welcome to the " . $env->options['trackertitle'] . " bug tracker! Thanks for registering."); + } + + if ($usergroupid == 4) + { + echo 'Your account is pending approval.'; + } + else + { + echo 'Registration complete!'; + } + } +} + +// ################################################################### + +if ($_REQUEST['do'] == 'activate') +{ + sanitize(array('userid' => INT, 'activator' => STR)); + + if ($useractivation = $DB_sql->query_first("SELECT * FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid] AND activator = '" . addslasheslike($vars['activator']) . "'")) + { + $DB_sql->query("UPDATE " . TABLE_PREFIX . "user SET usergroupid = $useractivation[usergroupid] WHERE userid = $vars[userid]"); + $DB_sql->query("DELETE FROM " . TABLE_PREFIX . "useractivation WHERE userid = $vars[userid]"); + echo 'your account is now activated and you can now login'; + } + else + { + echo 'we could not match your registration string. please make sure you entered the correct url'; + } +} + +/*=====================================================================*\ +|| ################################################################### +|| # $HeadURL$ +|| # $Id$ +|| ################################################################### +\*=====================================================================*/ +?> \ No newline at end of file -- 2.43.5