https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r206: Allow bugs to be hidden for security reasons or if they want to look deleted.
[bugdar.git] / editreport.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2002-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2002 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'editreport',
15 'pcv_select_row'
16 );
17
18 require_once('./global.php');
19
20 $bug = $db->query_first("
21 SELECT bugvaluefill.*, bug.*, user.email, user.displayname, user.showemail
22 FROM " . TABLE_PREFIX . "bug AS bug
23 LEFT JOIN " . TABLE_PREFIX . "user AS user
24 ON (bug.userid = user.userid)
25 LEFT JOIN " . TABLE_PREFIX . "bugvaluefill AS bugvaluefill
26 ON (bug.bugid = bugvaluefill.bugid)
27 WHERE bug.bugid = " . intval($bugsys->in['bugid'])
28 );
29
30 if (!$bug)
31 {
32 $message->error('alert: bad bug');
33 }
34
35 if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
36 {
37 $message->error_permission();
38 }
39
40 if ($bug['hidden'] AND !can_perform('canviewhiddenbugs'))
41 {
42 $message->error_permission();
43 }
44
45 // setup logging
46 require_once('./includes/class_history.php');
47 $log = new History();
48 $log->bugid = $bug['bugid'];
49
50 // ###################################################################
51
52 if (empty($_REQUEST['do']))
53 {
54 $_REQUEST['do'] = 'edit';
55 }
56
57 // ###################################################################
58 /*
59 #*# do these later once we have delete permissions figured out
60 if ($_REQUEST['do'] == 'kill')
61 {
62 // run code to remove item in database
63 }
64
65 // ###################################################################
66
67 if ($_REQUEST['do'] == 'delete')
68 {
69 // display delete confirmation message
70 }*/
71
72 // ###################################################################
73
74 if ($_POST['do'] == 'update')
75 {
76 $pcv = parse_pcv_select($bugsys->in['pcv_select'], true);
77
78 if (!$bugsys->in['summary'])
79 {
80 $message->error('you need to enter a summary');
81 }
82 if (!$pcv)
83 {
84 $message->error('invalid product/component/version');
85 }
86
87 $hist[0] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[bugid]");
88 $hist2[0] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bugvaluefill WHERE bugid = $bug[bugid]");
89
90 process_custom_fields($bug['bugid']);
91
92 $db->query("
93 UPDATE " . TABLE_PREFIX . "bug
94 SET summary = '" . $bugsys->in['summary'] . "',
95 priority = " . intval($bugsys->in['priority']) . ",
96 status = " . intval($bugsys->in['status']) . ",
97 severity = " . intval($bugsys->in['severity']) . ",
98 resolution = " . intval($bugsys->in['resolution']) . ",
99 assignedto = " . intval($bugsys->in['assignedto']) . ",
100 productid = " . $pcv['product'] . ",
101 componentid = " . $pcv['component'] . ",
102 versionid = " . $pcv['version'] . ",
103 hidden = " . intval($bugsys->in['hidden']) . "
104 WHERE bugid = $bug[bugid]"
105 );
106
107 // -------------------------------------------------------------------
108 // do diff history
109
110 $hist[1] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[bugid]");
111 $hist2[1] = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bugvaluefill WHERE bugid = $bug[bugid]");
112
113 $diff[0] = array_diff_assoc($hist[0], $hist[1]);
114 $diff[1] = array_diff_assoc($hist[1], $hist[0]);
115
116 $lookupindex = array(
117 'status' => 'status',
118 'severity' => 'severity',
119 'priority' => 'priority',
120 'versionid' => 'version',
121 'assignedto' => 'assignto',
122 'resolution' => 'resolution',
123 'productid' => 'product',
124 'componentid' => 'product'
125 );
126
127 $log->language = 'log_update_bug';
128
129 foreach ($diff AS $num => $diffs)
130 {
131 foreach ($diffs AS $key => $value)
132 {
133 if (!isset($lookupindex["$key"]))
134 {
135 continue;
136 }
137
138 $ref = $lookupindex["$key"];
139 $temp =& $bugsys->datastore["$ref"]["$value"];
140 $thevalue = $temp["$ref"];
141 $idbit = ' (id: ' . $temp["$ref" . 'id'] . ')';
142
143 if ($key == 'assignedto')
144 {
145 $thevalue = (($temp['userid']) ? construct_user_display($temp) : '');
146 $idbit = '';
147 }
148 else if ($key == 'productid' OR $key == 'componentid')
149 {
150 $ref = 'product';
151 $thevalue = $temp['title'];
152 }
153
154 $diff["$num"]["$key"] = (($thevalue) ? $thevalue . $idbit : '');
155 }
156 }
157
158 foreach ($diff[1] AS $key => $value)
159 {
160 $log->log($log->diff($key, $diff[0]["$key"], $diff[1]["$key"]));
161 }
162
163 $diff2[0] = array_diff_assoc($hist2[0], $hist2[1]);
164 $diff2[1] = array_diff_assoc($hist2[1], $hist2[0]);
165
166 foreach ($diff2[1] AS $key => $value)
167 {
168 $log->log($log->diff('custom_' . $key, $diff2[0]["$key"], $diff2[1]["$key"]));
169 }
170
171 // -------------------------------------------------------------------
172 // process comment stuff
173
174 if (!$bugsys->in['firstcomment'])
175 {
176 $message->error('you need to enter some text in the first comment');
177 }
178
179 $bugsys->in['comment_parsed'] = $bugsys->in['firstcomment'];
180
181 if (!$bugsys->options['allowhtml'])
182 {
183 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
184 }
185
186 // we could pass this as a GET param, but that's unsafe
187 $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1");
188
189 $db->query("
190 UPDATE " . TABLE_PREFIX . "comment
191 SET comment = '" . $bugsys->in['firstcomment'] . "',
192 comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "'
193 WHERE commentid = $firstcomment[commentid]"
194 );
195
196 $message->redirect('done with update bug', "showreport.php?bugid=$bug[bugid]");
197 }
198
199 // ###################################################################
200
201 if ($_REQUEST['do'] == 'edit')
202 {
203 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', $bug['severity']);
204
205 $show['changestatus'] = ((can_perform('canchangestatus')) ? true : false);
206 if (can_perform('canchangestatus'))
207 {
208 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', $bug['priority']);
209 $select['status'] = construct_datastore_select('status', 'status', 'statusid', $bug['status']);
210 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', $bug['resolution']);
211 }
212
213 $show['assign'] = ((can_perform('canassign')) ? true : false);
214 if (can_perform('canassign'))
215 {
216 foreach ($bugsys->datastore['assignto'] AS $dev)
217 {
218 $value = $dev['userid'];
219 $selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
220 $label = construct_user_display($dev, false);
221 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
222 }
223 }
224
225 $pcv_select = construct_pcv_select("p$bug[productid]c$bug[componentid]v$bug[versionid]");
226
227 $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1");
228
229 $customfields = construct_custom_fields($bug);
230
231 eval('$template->flush("' . $template->fetch('editreport') . '");');
232 }
233
234 /*=====================================================================*\
235 || ###################################################################
236 || # $HeadURL$
237 || # $Id$
238 || ###################################################################
239 \*=====================================================================*/
240 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.