https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r860: Renaming the branch to be the right name
[bugdar.git] / attachment.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # Bugdar [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'newattach',
15 'editattach'
16 );
17
18 define('SVN', '$Id$');
19
20 $focus['showreport'] = 'focus';
21
22 require_once('./global.php');
23
24 if (isset($bugsys->in['attachmentid']))
25 {
26 $attachment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = " . intval($bugsys->in['attachmentid']));
27 if (!$attachment)
28 {
29 $message->error($lang->getlex('error_invalid_id'));
30 }
31 }
32
33 $bug = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = " . (($attachment['attachmentid']) ? $attachment['bugid'] : intval($bugsys->in['bugid'])));
34 if (!$bug)
35 {
36 $message->error($lang->getlex('error_invalid_id'));
37 }
38
39 // setup logging
40 require_once('./includes/class_history.php');
41 $log = new History();
42 $log->bugid = $bug['bugid'];
43
44 // ###################################################################
45
46 if ($_POST['do'] == 'insert')
47 {
48 if (!can_perform('canputattach', $bug['productid']))
49 {
50 $message->error_permission();
51 }
52
53 // max packet size
54 $var = $db->query_first("SHOW VARIABLES LIKE 'max_allowed_packet'");
55 $bugsys->debug("max_allowed_packet = $var[Value]");
56
57 // create alias
58 $FILE =& $_FILES['attachment'];
59
60 // PHP errors
61 switch ($FILE['error'])
62 {
63 case 0: break;
64 case 1: $message->items[] = $lang->string('PHP said the file you uploaded was too big.'); break;
65 case 2: $message->items[] = $lang->string('The file exceeds the allowed upload size.'); break;
66 case 3: $message->items[] = $lang->string('The file was only partially uploaded.'); break;
67 case 4: $message->items[] = $lang->string('The file was not uploaded at all.'); break;
68 case 6: $message->items[] = $lang->string('PHP could not find the /tmp directory.'); break;
69 }
70
71 // did it upload?
72 if (!is_uploaded_file($FILE['tmp_name']))
73 {
74 $message->items[] = $lang->string('The file you specified did not upload.');
75 }
76
77 // #*# put some MIME-type validation here
78
79 if (filesize($FILE['tmp_name']) > $var['Value'])
80 {
81 $message->items[] = $lang->string('The file you specified exceeds MySQL\'s maximum allowed packet.');
82 }
83
84 // insert an attachment
85 if (!$message->items)
86 {
87 $filedata = $bugsys->escape(file_get_contents($FILE['tmp_name']), true, true);
88 $time = TIMENOW;
89
90 $db->query("
91 INSERT INTO " . TABLE_PREFIX . "attachment
92 (bugid, filename, mimetype, filesize,
93 attachment, description, dateline, userid)
94 VALUES
95 ($bug[bugid], '" . $bugsys->escape($FILE['name']) . "',
96 '" . $bugsys->escape($FILE['type']) . "', " . intval($FILE['size']) . ",
97 '$filedata', '" . $bugsys->in['description'] . "', $time,
98 " . $bugsys->userinfo['userid'] . "
99 )"
100 );
101
102 // mark obsoletes
103 $obsoletes = $_POST['obsoletes'];
104 if (count($obsoletes) > 0)
105 {
106 array_walk($obsoletes, 'intval');
107 $db->query("UPDATE " . TABLE_PREFIX . "attachment SET obsolete = 1 WHERE attachmentid IN (" . implode(',', $obsoletes) . ") AND !obsolete AND bugid = $bug[bugid]");
108
109 foreach ($obsoletes AS $attachmentid)
110 {
111 $log->attachmentid = $attachmentid;
112 $log->log($log->diff('obsolete', 0, 1));
113 }
114 }
115
116 // handle comment stuff
117 if (can_perform('canpostcomments', $bug['productid']) AND trim($bugsys->in['comment']))
118 {
119 $bugsys->in['comment_parsed'] = $bugsys->in['comment'];
120
121 if (!$bugsys->options['allowhtml'])
122 {
123 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
124 }
125
126 $db->query("
127 INSERT INTO " . TABLE_PREFIX . "comment
128 (bugid, userid, dateline, comment, comment_parsed)
129 VALUES
130 ($bug[bugid], " . $bugsys->userinfo['userid'] . ",
131 $time, '" . $bugsys->in['comment'] . "',
132 '" . nl2br($bugsys->in['comment_parsed']) . "'
133 )"
134 );
135 }
136
137 // update the last post data
138 $db->query("UPDATE " . TABLE_PREFIX . "bug SET lastposttime = $time, lastpostby = " . $bugsys->userinfo['userid'] . " WHERE bugid = $bug[bugid]");
139
140 $message->redirect($lang->string('The attachment has been added to the bug.'), "showreport.php?bugid=$bug[bugid]");
141 }
142 else
143 {
144 $show['errors'] = true;
145 $_REQUEST['do'] = 'add';
146 $message->error_list_process();
147 }
148 }
149
150 // ###################################################################
151
152 if ($_REQUEST['do'] == 'add')
153 {
154 if (!can_perform('canputattach', $bug['productid']))
155 {
156 $message->error_permission();
157 }
158
159 $MAXFILESIZE = $funct->fetch_max_attachment_size();
160
161 $show['addcomment'] = ((can_perform('canpostcomments', $bug['productid'])) ? true : false);
162 $show['obsoletes'] = false;
163
164 $obsoletes_fetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE bugid = $bug[bugid] AND !obsolete");
165 $obsoletes = '';
166 while ($obsolete = $db->fetch_array($obsoletes_fetch))
167 {
168 $show['obsoletes'] = true;
169 $obsoletes .= "<div><input name=\"obsoletes[]\" type=\"checkbox\" value=\"$obsolete[attachmentid]\"" . (in_array($obsolete['attachmentid'], $bugsys->in['obsoletes']) ? ' checked="checked"' : '') . " /> $obsolete[filename]" . ($obsolete['description'] ? " [$obsolete[description]]" : '') . "</div>\n";
170 }
171
172 eval('$template->flush("' . $template->fetch('newattach') . '");');
173 }
174
175 // ###################################################################
176
177 if ($_POST['do'] == 'update')
178 {
179 if (!(can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))))
180 {
181 $message->error_permission();
182 }
183
184 $db->query("
185 UPDATE " . TABLE_PREFIX . "attachment
186 SET description = '" . $bugsys->in['description'] . "',
187 obsolete = " . intval($bugsys->in['obsolete']) . "
188 WHERE attachmentid = " . intval($bugsys->in['attachmentid'])
189 );
190
191 $hist[1] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "attachment WHERE attachmentid = $attachment[attachmentid]");
192
193 $diff[0] = array_diff_assoc($attachment, $hist[1]);
194 $diff[1] = array_diff_assoc($hist[1], $attachment);
195
196 $log->attachmentid = $attachment['attachmentid'];
197 $log->log($log->diff('description', $diff[0]['description'], $diff[1]['description']));
198 $log->log($log->diff('obsolete', $diff[0]['obsolete'], $diff[1]['obsolete']));
199
200 $message->redirect($lang->string('The attachment was successfully modified.'), "showreport.php?bugid=$bug[bugid]");
201 }
202
203 // ###################################################################
204
205 if ($_REQUEST['do'] == 'edit')
206 {
207 if (!(can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))))
208 {
209 $message->error_permission();
210 }
211
212 $show['delete'] = ((can_perform('caneditattach', $bug['productid'])) ? true : false);
213
214 eval('$template->flush("' . $template->fetch('editattach') . '");');
215 }
216
217 /*=====================================================================*\
218 || ###################################################################
219 || # $HeadURL$
220 || # $Id$
221 || ###################################################################
222 \*=====================================================================*/
223 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.