editreport.php

   1 <?php
   2 /*=====================================================================*\
   3 || ################################################################### ||
   4 || # BugStrike [#]version[#]
   5 || # --------------------------------------------------------------- # ||
   6 || # All parts of this file are ©2002-[#]year[#] Iris Studios, Inc. No     # ||
   7 || # part of this file may be reproduced in any way: part or whole.  # ||
   8 || # --------------------------------------------------------------- # ||
   9 || # ©2002 - [#]year[#] Iris Studios, Inc. | http://www.iris-studios.com   # ||
  10 || ################################################################### ||
  11 \*=====================================================================*/
  12
  13 $fetchtemplates = array(
  14         'editreport',
  15         'pcv_select_row'
  16 );
  17
  18 require_once('./global.php');
  19
  20 $bug = $db->query_first("
  21         SELECT bug.*, user.email, user.displayname, user.showemail
  22         FROM " . TABLE_PREFIX . "bug AS bug
  23         LEFT JOIN " . TABLE_PREFIX . "user AS user
  24                 ON (bug.userid = user.userid)
  25         WHERE bug.bugid = " . intval($bugsys->in['bugid'])
  26 );
  27
  28 if (!$bug)
  29 {
  30         echo 'alert: bad bug';
  31         exit;
  32 }
  33
  34 if (!(((can_perform('caneditown') AND $bugsys->userinfo['userid'] == $comment['userid']) OR can_perform('caneditothers')) AND can_perform('caneditinfo')))
  35 {
  36         echo 'no permission';
  37         exit;
  38 }
  39
  40 // ###################################################################
  41
  42 if (empty($_REQUEST['do']))
  43 {
  44         $_REQUEST['do'] = 'edit';
  45 }
  46
  47 // ###################################################################
  48 /*
  49 #*# do these later once we have delete permissions figured out
  50 if ($_REQUEST['do'] == 'kill')
  51 {
  52         // run code to remove item in database
  53 }
  54
  55 // ###################################################################
  56
  57 if ($_REQUEST['do'] == 'delete')
  58 {
  59         // display delete confirmation message
  60 }*/
  61
  62 // ###################################################################
  63
  64 if ($_POST['do'] == 'update')
  65 {
  66         $pcv = parse_pcv_select($bugsys->in['pcv_select'], true);
  67
  68         if (!$bugsys->in['summary'])
  69         {
  70                 echo 'you need to enter a summary';
  71                 exit;
  72         }
  73         if (!$pcv)
  74         {
  75                 echo 'invalid product/component/version';
  76                 exit;
  77         }
  78
  79         $db->query("
  80                 UPDATE " . TABLE_PREFIX . "bug
  81                 SET summary = '" . $bugsys->in['summary'] . "',
  82                         priority = " . intval($bugsys->in['priority']) . ",
  83                         status = " . intval($bugsys->in['status']) . ",
  84                         resolution = " . intval($bugsys->in['resolution']) . ",
  85                         assignedto = " . intval($bugsys->in['assignedto']) . ",
  86                         productid = " . $pcv['product'] . ",
  87                         componentid = " . $pcv['component'] . ",
  88                         versionid = " . $pcv['version'] . "
  89                 WHERE bugid = $bug[bugid]"
  90         );
  91
  92         if (!$bugsys->in['firstcomment'])
  93         {
  94                 echo 'you need to enter some text in the first comment';
  95                 exit;
  96         }
  97
  98         $bugsys->in['comment_parsed'] = $bugsys->in['firstcomment'];
  99
 100         if (!$bugsys->options['allowhtml'])
 101         {
 102                 $bugsys->in['comment_parsed'] = $bugsys->sanitize($bugsys->in['comment_parsed']);
 103         }
 104
 105         // we could pass this as a GET param, but that's unsafe
 106         $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1");
 107
 108         $db->query("
 109                 UPDATE " . TABLE_PREFIX . "comment
 110                 SET comment = '" . $bugsys->in['firstcomment'] . "',
 111                         comment_parsed = '" . nl2br($bugsys->in['comment_parsed']) . "'
 112                 WHERE commentid = $firstcomment[commentid]"
 113         );
 114
 115         if ($bugsys->in['changeproduct'])
 116         {
 117                 $_REQUEST['do'] = 'editproduct';
 118         }
 119         else
 120         {
 121                 echo "<a href=\"showreport.php?bugid=$bug[bugid]\">done with update bug</a>";
 122         }
 123 }
 124
 125 // ###################################################################
 126
 127 if ($_REQUEST['do'] == 'edit')
 128 {
 129         foreach ($bugsys->datastore['severity'] AS $severity)
 130         {
 131                 $value = $severity['severityid'];
 132                 $selected = (($severity['severityid'] == $bug['severity']) ? true : false);
 133                 $label = $severity['severity'];
 134                 eval('$select[severity] .= "' . $template->fetch('selectoption') . '";');
 135         }
 136
 137         $show['changestatus'] = ((can_perform('canchangestatus')) ? true : false);
 138         if (can_perform('canchangestatus'))
 139         {
 140                 foreach ($bugsys->datastore['priority'] AS $priority)
 141                 {
 142                         $value = $priority['priorityid'];
 143                         $selected = (($priority['priorityid'] == $bug['priority']) ? true : false);
 144                         $label = $priority['priority'];
 145                         eval('$select[priority] .= "' . $template->fetch('selectoption') . '";');
 146                 }
 147
 148                 foreach ($bugsys->datastore['status'] AS $status)
 149                 {
 150                         $value = $status['statusid'];
 151                         $selected = (($status['statusid'] == $bug['status']) ? true : false);
 152                         $label = $status['status'];
 153                         eval('$select[status] .= "' . $template->fetch('selectoption') . '";');
 154                 }
 155
 156                 foreach ($bugsys->datastore['resolution'] AS $resolution)
 157                 {
 158                         $value = $resolution['resolutionid'];
 159                         $selected = (($resolution['resolutionid'] == $bug['resolution']) ? true : false);
 160                         $label = $resolution['resolution'];
 161                         eval('$select[resolution] .= "' . $template->fetch('selectoption') . '";');
 162                 }
 163         }
 164
 165         $show['assign'] = ((can_perform('canassign')) ? true : false);
 166         if (can_perform('canassign'))
 167         {
 168                 foreach ($bugsys->datastore['assignto'] AS $dev)
 169                 {
 170                         $value = $dev['userid'];
 171                         $selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
 172                         $label = construct_user_display($dev, false);
 173                         eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
 174                 }
 175         }
 176
 177         $pcv_select = construct_pcv_select("p$bug[productid]c$bug[componentid]v$bug[versionid]");
 178
 179         $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1");
 180
 181         eval('$template->flush("' . $template->fetch('editreport') . '");');
 182 }
 183
 184 /*=====================================================================*\
 185 || ###################################################################
 186 || # $HeadURL$
 187 || # $Id$
 188 || ###################################################################
 189 \*=====================================================================*/
 190 ?>