https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r75: Fixed some remnants of the $vars[] sanitize methods.
[bugdar.git] / editreport.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # All parts of this file are ©2002-[#]year[#] Iris Studios, Inc. No # ||
7 || # part of this file may be reproduced in any way: part or whole. # ||
8 || # --------------------------------------------------------------- # ||
9 || # ©2002 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'editreport',
15 'pcv_select_row'
16 );
17
18 require_once('./global.php');
19
20 $bug = $db->query_first("
21 SELECT bug.*, user.email, user.displayname, user.showemail
22 FROM " . TABLE_PREFIX . "bug AS bug
23 LEFT JOIN " . TABLE_PREFIX . "user AS user
24 ON (bug.userid = user.userid)
25 WHERE bug.bugid = " . intval($bugsys->in['bugid'])
26 );
27
28 if (!$bug)
29 {
30 echo 'alert: bad bug';
31 exit;
32 }
33
34 if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
35 {
36 echo 'no permission';
37 exit;
38 }
39
40 // ###################################################################
41
42 if (empty($_REQUEST['do']))
43 {
44 $_REQUEST['do'] = 'edit';
45 }
46
47 // ###################################################################
48 /*
49 #*# do these later once we have delete permissions figured out
50 if ($_REQUEST['do'] == 'kill')
51 {
52 // run code to remove item in database
53 }
54
55 // ###################################################################
56
57 if ($_REQUEST['do'] == 'delete')
58 {
59 // display delete confirmation message
60 }*/
61
62 // ###################################################################
63
64 if ($_POST['do'] == 'update')
65 {
66 $pcv = parse_pcv_select($bugsys->in['pcv_select'], true);
67
68 if (!$bugsys->in['summary'])
69 {
70 echo 'you need to enter a summary';
71 exit;
72 }
73 if (!$bugsys->in['pcv'])
74 {
75 echo 'invalid product/component/version';
76 exit;
77 }
78
79 $db->query("
80 UPDATE " . TABLE_PREFIX . "bug
81 SET summary = '" . $bugsys->in['summary'] . "',
82 priority = " . intval($bugsys->in['priority']) . ",
83 status = " . intval($bugsys->in['status']) . ",
84 resolution = " . intval($bugsys->in['resolution']) . ",
85 assignedto = " . intval($bugsys->in['assignedto']) . ",
86 productid = " . $pcv['product'] . ",
87 componentid = " . $pcv['component'] . ",
88 versionid = " . $pcv['version'] . "
89 WHERE bugid = $bug[bugid]"
90 );
91
92 if ($bugsys->in['changeproduct'])
93 {
94 $_REQUEST['do'] = 'editproduct';
95 }
96 else
97 {
98 echo "<a href=\"showreport.php?bugid=$bug[bugid]\">done with update bug</a>";
99 }
100 }
101
102 // ###################################################################
103
104 if ($_REQUEST['do'] == 'edit')
105 {
106 foreach ($bugsys->datastore['severity'] AS $severity)
107 {
108 $value = $severity['severityid'];
109 $selected = (($severity['severityid'] == $bug['severity']) ? true : false);
110 $label = $severity['severity'];
111 eval('$select[severity] .= "' . $template->fetch('selectoption') . '";');
112 }
113
114 $show['changestatus'] = ((can_perform('canchangestatus')) ? true : false);
115 if (can_perform('canchangestatus'))
116 {
117 foreach ($bugsys->datastore['priority'] AS $priority)
118 {
119 $value = $priority['priorityid'];
120 $selected = (($priority['priorityid'] == $bug['priority']) ? true : false);
121 $label = $priority['priority'];
122 eval('$select[priority] .= "' . $template->fetch('selectoption') . '";');
123 }
124
125 foreach ($bugsys->datastore['status'] AS $status)
126 {
127 $value = $status['statusid'];
128 $selected = (($status['statusid'] == $bug['status']) ? true : false);
129 $label = $status['status'];
130 eval('$select[status] .= "' . $template->fetch('selectoption') . '";');
131 }
132
133 foreach ($bugsys->datastore['resolution'] AS $resolution)
134 {
135 $value = $resolution['resolutionid'];
136 $selected = (($resolution['resolutionid'] == $bug['resolution']) ? true : false);
137 $label = $resolution['resolution'];
138 eval('$select[resolution] .= "' . $template->fetch('selectoption') . '";');
139 }
140 }
141
142 $show['assign'] = ((can_perform('canassign')) ? true : false);
143 if (can_perform('canassign'))
144 {
145 foreach ($bugsys->datastore['assignto'] AS $dev)
146 {
147 $value = $dev['userid'];
148 $selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
149 $label = construct_user_display($dev, false);
150 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
151 }
152 }
153
154 $pcv_select = construct_pcv_select("p$bug[productid]c$bug[componentid]v$bug[versionid]");
155
156 eval('$template->flush("' . $template->fetch('editreport') . '");');
157 }
158
159 /*=====================================================================*\
160 || ###################################################################
161 || # $HeadURL$
162 || # $Id$
163 || ###################################################################
164 \*=====================================================================*/
165 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.