https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix DB_MySQL_PDO::escape_binary().
[bugdar.git] / search.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright 2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $fetchtemplates = array(
23 'search',
24 'search_results',
25 'search_update',
26 'search_save',
27 'trackerhome_bits',
28 'list_head',
29 'pagenav_bit',
30 'pagenav'
31 );
32
33
34 $focus['search'] = 'focus';
35
36 require_once('./global.php');
37 require_once('./includes/functions_product.php');
38 require_once('./includes/class_sort.php');
39 require_once('./includes/class_logging.php');
40 require_once('./includes/api_bug.php');
41 require_once('./includes/class_api_error.php');
42
43 APIError(array($message, 'error'));
44
45 if (!can_perform('cansearch'))
46 {
47 $message->errorPermission();
48 }
49
50 define('MODE_ANY', 1);
51 define('MODE_ALL', 2);
52 define('MODE_RAW', 3);
53
54 $var = $db->query_first("SHOW VARIABLES LIKE 'ft_min_word_len'");
55 define('SEARCH_WORD_MIN', $var['Value']);
56
57 $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = 0 AND dateline < " . (TIMENOW - 3600));
58
59 $show['search'] = true;
60
61 // ###################################################################
62
63 if (empty($_REQUEST['do']))
64 {
65 $_REQUEST['do'] = 'search';
66 }
67
68 // ###################################################################
69
70 if ($_REQUEST['do'] == 'search')
71 {
72 if ($bugsys->in['new'])
73 {
74 $newsearch = true;
75 }
76 else if ($bugsys->in['searchid'])
77 {
78 $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
79 }
80 else if ($bugsys->userinfo['userid'])
81 {
82 $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']);
83 }
84 else
85 {
86 $newsearch = true;
87 }
88
89 if ($cachedsearch)
90 {
91 $show['cached'] = true;
92 if ($cachedsearch['dateline'] < TIMENOW - 900 OR $bugsys->in['rerun'])
93 {
94 $_REQUEST['do'] = 'process';
95 $bugsys->in = array_merge(unserialize($cachedsearch['query']), $bugsys->in);
96 $bugsys->debug('rerunning the search');
97 }
98 else
99 {
100 $search = $cachedsearch;
101 $_POST['do'] = 'results';
102 }
103 }
104 else
105 {
106 $newsearch = true;
107 }
108
109 if ($newsearch)
110 {
111 if (!is_array(bugdar::$datastore['product']))
112 {
113 $message->error(T('No products are setup, therefore there can be no bugs and thus search cannot function.'));
114 }
115
116 if (!is_array(bugdar::$datastore['version']))
117 {
118 $message->error(T('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.'));
119 }
120
121 $productSelect = ConstructProductSelect();
122
123 // -------------------------------------------------------------------
124 // custom fields
125 $fields = construct_custom_fields(null, true, false, true);
126 $i = 0;
127 foreach ($fields AS $field)
128 {
129 if ($i % 2 == 0)
130 {
131 $customfields['left'] .= $field;
132 }
133 else
134 {
135 $customfields['right'] .= $field;
136 }
137 $i++;
138 }
139
140 // -------------------------------------------------------------------
141 // built-in fields
142 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid');
143 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid');
144 $select['status'] = construct_datastore_select('status', 'status', 'statusid');
145 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid');
146
147 $searches = '';
148 if ($bugsys->userinfo['userid'])
149 {
150 $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . $bugsys->userinfo['userid']);
151 while ($search = $db->fetch_array($searchesFetch))
152 {
153 $value = $search['searchid'];
154 $label = $search['name'];
155 eval('$searches .= "' . $template->fetch('selectoption') . '";');
156 }
157 }
158
159 $select['dev'] = '';
160 foreach (bugdar::$datastore['assignto'] AS $dev)
161 {
162 $value = $dev['userid'];
163 $label = construct_user_display($dev, false);
164 eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
165 }
166
167 eval('$template->flush("' . $template->fetch('search') . '");');
168 }
169 }
170
171 // ###################################################################
172
173 if ($_REQUEST['do'] == 'process')
174 {
175 // -------------------------------------------------------------------
176 // handle keywords
177 if ($bugsys->in['summary'])
178 {
179 $keywords = preg_split('#\s+#', $bugsys->in['summary']);
180
181 // TODO - need to have some str to bool conversions
182
183 foreach ($keywords AS $word)
184 {
185 if (strlen($word) < SEARCH_WORD_MIN)
186 {
187 continue;
188 }
189
190 $word = str_replace("'", "\'", $word);
191 if ($bugsys->in['mode'] == MODE_ALL)
192 {
193 $querybuild['text'] .= " +$word";
194 }
195 else
196 {
197 $querybuild['text'] .= " $word";
198 }
199
200 if (!preg_match('#-(.+?)#', trim($word)))
201 {
202 $hilight .= " $word";
203 }
204 }
205
206 $hilight = preg_replace('#[^0-9a-zA-Z_ ]#', '', $hilight);
207 $hilight = trim($hilight);
208 $hilight = preg_replace('#\s#', '+', $hilight);
209
210 $temp = trim($querybuild['text']);
211
212 if ($bugsys->in['mode'] == MODE_ALL OR $bugsys->in['mode'] == MODE_RAW)
213 {
214 $bool_flag = ' IN BOOLEAN MODE';
215 }
216
217 $querybuild['text'] = "AND\n\t\t\t(\n\t\t\t\tMATCH (bug.summary) AGAINST ('$temp'$bool_flag)\n\t\t\t\tOR MATCH (comment.comment) AGAINST ('$temp'$bool_flag)\n\t\t\t)";
218 }
219
220 // -------------------------------------------------------------------
221 // reporter
222 if ($bugsys->in['reporter'])
223 {
224 // force email or name?? make a distinction?
225 // more elegant way to do this? probably
226 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "%'");
227 if ($user['userid'])
228 {
229 $querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]";
230 }
231 }
232
233 // -------------------------------------------------------------------
234 // product/component/version stuff
235 if (is_array($bugsys->in['product']))
236 {
237 foreach ($bugsys->in['product'] AS $prod)
238 {
239 $product = explode(',', $prod);
240 $product = $bugsys->clean($product, TYPE_UINT);
241 $products[] = $product[0];
242 $components[] = $product[1];
243 $versions[] = $product[2];
244 }
245 $querybuild['pcv'] = "AND bug.product IN (" . implode(',', $products) . ") AND bug.component IN (" . implode(',', $components) . ") AND bug.version IN (" . implode(',', $versions) . ")";
246 }
247
248 // -------------------------------------------------------------------
249 // severity, priority, status, resolution, assignedto
250
251 // severity
252 if ($bugsys->in['severity'])
253 {
254 $bugsys->input_clean('severity', TYPE_UINT);
255 $querybuild['severity'] = "AND bug.severity IN (" . implode(',', $bugsys->in['severity']) . ")";
256 }
257
258 // priority
259 if ($bugsys->in['priority'])
260 {
261 $bugsys->input_clean('priority', TYPE_UINT);
262 $querybuild['priority'] = "AND bug.priority IN (" . implode(',', $bugsys->in['priority']) . ")";
263 }
264
265 // status
266 if ($bugsys->in['status'])
267 {
268 $bugsys->input_clean('status', TYPE_UINT);
269 $querybuild['status'] = "AND bug.status IN (" . implode(',', $bugsys->in['status']) . ")";
270 }
271
272 // resolution
273 if ($bugsys->in['resolution'])
274 {
275 $bugsys->input_clean('resolution', TYPE_UINT);
276 $querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $bugsys->in['resolution']) . ")";
277 }
278
279 // assignment
280 if ($bugsys->in['assignedto'])
281 {
282 $bugsys->input_clean('assignedto', TYPE_UINT);
283 $querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $bugsys->in['assignedto']) . ")";
284 }
285
286 // -------------------------------------------------------------------
287 // date
288 if ($bugsys->in['date'])
289 {
290 // now - (seconds/day * number of days)
291 $dateline = time() - ($bugsys->input_clean('date', TYPE_INT) * 3600);
292 $querybuild['date'] = "AND bug.dateline >= $dateline";
293 }
294
295 // -------------------------------------------------------------------
296 // favorites
297 $bugsys->input_clean('favorite', TYPE_INT);
298 if ($bugsys->in['favorite'] != 0 AND $bugsys->userinfo['userid'])
299 {
300 $favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $bugsys->userinfo['userid']);
301 while ($favorite = $db->fetch_array($favorites))
302 {
303 $ids[] = $favorite['bugid'];
304 }
305 $querybuild['favorites'] = "AND bug.bugid " . ($bugsys->in['favorite'] > 0 ? "IN" : "NOT IN") . " (" . implode(', ', $ids) . ")";
306 }
307
308 // -------------------------------------------------------------------
309 // sort by
310 $sortby = array('bugid', 'severity', 'priority', 'status', 'resolution', 'dateline');
311 $orderby = array('ASC', 'DESC');
312 $bugsys->in['orderby'] = strtoupper($bugsys->in['orderby']);
313 if (in_array($bugsys->in['sortby'], $sortby) AND in_array($bugsys->in['orderby'], $orderby))
314 {
315 $sortclause = "ORDER BY " . $bugsys->in['sortby'] . ' ' . $bugsys->in['orderby'];
316 }
317 else if ($bugsys->in['sortby'] == 'relevance')
318 {
319 $sortclause = '';
320 }
321 else
322 {
323 $sortclause = '';
324 }
325
326 // -------------------------------------------------------------------
327 // custom fields
328 $fields_fetch = $bugsys->db->query("
329 SELECT bugfield.*, MAX(permission.mask) AS mask
330 FROM " . TABLE_PREFIX . "bugfield AS bugfield
331 LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission
332 ON (bugfield.fieldid = permission.fieldid)
333 WHERE mask <> 0
334 AND permission.usergroupid IN ({$bugsys->userinfo['usergroupid']}" . (sizeof($bugsys->userinfo['groupids']) != 0 ? ',' . implode(',', $bugsys->userinfo['groupids']) : '') . ")
335 AND bugfield.cansearch = 1
336 GROUP BY (bugfield.fieldid)"
337 );
338 while ($field = $bugsys->db->fetch_array($fields_fetch))
339 {
340 if (!empty($bugsys->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($bugsys->in["custom$field[fieldid]"])))
341 {
342 if ($field['type'] == 'input_checkbox' AND $bugsys->input_clean("custom$field[fieldid]", TYPE_INT) != 0)
343 {
344 $querybuild[] = "AND bug.custom$field[fieldid] = " . ($bugsys->in["custom$field[fieldid]"] > 0 ? 1 : 0);
345 }
346 else if ($field['type'] == 'input_text')
347 {
348 $like = str_replace("'", "\'", $bugsys->in["custom$field[fieldid]"]);
349 $querybuild[] = "AND bug.custom$field[fieldid] LIKE '%$like%'";
350 }
351 else if ($field['type'] == 'select_single' AND $bugsys->in["custom$field[fieldid]"] != -1)
352 {
353 $temp = unserialize($field['selects']);
354 $querybuild[] = "AND bug.custom$field[fieldid] = '" . trim($temp[ intval($bugsys->in["custom$field[fieldid]"]) ]) . "'";
355 }
356 }
357 }
358
359 // -------------------------------------------------------------------
360 // have to search something
361 if (sizeof($querybuild) < 1)
362 {
363 $message->error(sprintf(T('You have to enter some criteria to search for. Note that words less than %1$d characters are ignored by the search engine (and some other very common words, too).'), SEARCH_WORD_MIN));
364 }
365
366 // -------------------------------------------------------------------
367 // do the search
368
369 $search = $db->query("
370 SELECT bug.*, comment.commentid
371 FROM " . TABLE_PREFIX . "bug AS bug
372 LEFT JOIN " . TABLE_PREFIX . "comment AS comment
373 ON (bug.bugid = comment.bugid)
374 WHERE bug.bugid <> 0
375 AND bug.product IN (" . fetch_on_bits('canviewbugs') . ")
376 AND
377 (
378 !bug.hidden
379 OR
380 (bug.hidden AND bug.product IN (" . fetch_on_bits('canviewhidden') . "))" . (can_perform('canviewownhidden') ? "
381 OR
382 (bug.hidden AND bug.userid = " . $bugsys->userinfo['userid'] . " AND bug.product IN (" . fetch_on_bits('canviewonhidden') . "))" : "") . "
383 )
384 " . implode("\n\t\t", $querybuild) . "
385 GROUP BY bug.bugid
386 $sortclause
387 ");
388
389 $numrows = $db->num_rows($search);
390
391 if ($numrows < 1)
392 {
393 $message->error(T('No search results were returned that matched your criteria. Please <a href="search.php?new=1">try again</a> with different search requirements.'));
394 }
395
396 while ($result = $db->fetch_array($search))
397 {
398 $ids[] = $result['bugid'];
399 $results[] = $result;
400 }
401
402 if ($bugsys->userinfo['userid'] AND !$cachedsearch AND !$bugsys->in['rerun'])
403 {
404 $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $bugsys->userinfo['userid'] . " AND name IS NULL");
405 }
406
407 // store the search params
408 $params = $bugsys->in;
409 foreach ($_COOKIE AS $key => $value)
410 {
411 unset($params["$key"]);
412 }
413
414 if ($cachedsearch)
415 {
416 $search = $cachedsearch;
417 $search['ids'] = implode(',', $ids);
418 $search['resultcount'] = sizeof($results);
419 $db->query("UPDATE " . TABLE_PREFIX . "search SET ids = '$search[ids]', resultcount = $search[resultcount], dateline = " . TIMENOW . " WHERE searchid = " . $cachedsearch['searchid']);
420 }
421 else
422 {
423 $db->query("
424 INSERT INTO " . TABLE_PREFIX . "search
425 (userid, dateline, query, ids, orderby, hilight, resultcount)
426 VALUES
427 (" . $bugsys->userinfo['userid'] . ",
428 " . TIMENOW . ", '" . $bugsys->escape(serialize($params)) . "',
429 '" . implode(',', $ids) . "', '" . $bugsys->escape($sortclause) . "',
430 '" . $bugsys->escape($hilight) . "',
431 " . sizeof($results) . "
432 )"
433 );
434 $search = array('searchid' => $db->insert_id(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results));
435 }
436
437 $_POST['do'] = 'results';
438 }
439
440 // ###################################################################
441
442 if ($_REQUEST['do'] == 'update')
443 {
444 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
445 if (!$search OR !can_perform('caneditother'))
446 {
447 $message->errorPermission();
448 }
449
450 $productSelect = ConstructProductSelect();
451
452 $show['update'] = true;
453
454 // -------------------------------------------------------------------
455 // custom fields
456 $fields = construct_custom_fields(null, true, false, true);
457 $i = 0;
458 foreach ($fields AS $field)
459 {
460 if ($i % 2 == 0)
461 {
462 $customfields['left'] .= $field;
463 }
464 else
465 {
466 $customfields['right'] .= $field;
467 }
468 $i++;
469 }
470
471 // -------------------------------------------------------------------
472 // built-in fields
473 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', 0, 0);
474 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', 0, 0);
475 $select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0);
476 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0);
477
478 $select['dev'] = '';
479 $value = '0';
480 $label = '';
481 $selected = true;
482 eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
483 $selected = false;
484 foreach (bugdar::$datastore['assignto'] AS $dev)
485 {
486 $value = $dev['userid'];
487 $label = construct_user_display($dev, false);
488 eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
489 }
490
491 eval('$template->flush("' . $template->fetch('search_update') . '");');
492 }
493
494 // ###################################################################
495
496 if ($_POST['do'] == 'doupdate')
497 {
498 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
499 if (!$search OR !can_perform('caneditother'))
500 {
501 $message->errorPermission();
502 }
503
504 // find all the bugs that we can edit
505 $bugs = $db->query("
506 SELECT * FROM " . TABLE_PREFIX . "bug
507 WHERE bugid IN ($search[ids])
508 AND product IN (" . fetch_on_bits('canviewbugs') . ")
509 AND
510 (
511 product IN (" . fetch_on_bits('caneditother') . ")
512 OR
513 (userid = " . $bugsys->userinfo['userid'] . " AND product IN (" . fetch_on_bits('caneditown') . "))
514 )
515 ");
516 while ($bug = $db->fetch_array($bugs))
517 {
518 if (!((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['product']))
519 {
520 continue;
521 }
522
523 $api = new BugApi($bugsys);
524 $api->set('bugid', $bug['bugid']);
525 $api->set_condition();
526 $api->values = $bug;
527
528 $log = new Logging();
529 $log->set_bugid($bug['bugid']);
530 $log->add_data(true, $bug, $log->getCommonFields(), true);
531
532 if ($bugsys->in['status'] AND can_perform('canchangestatus', $bug['product']))
533 {
534 $api->set('status', $bugsys->in['status']);
535 }
536 if ($bugsys->in['priority'] AND can_perform('canchangestatus', $bug['product']))
537 {
538 $api->set('priority', $bugsys->in['priority']);
539 }
540 if ($bugsys->in['severity'])
541 {
542 $api->set('severity', $bugsys->in['severity']);
543 }
544 if ($bugsys->in['resolution'] AND can_perform('canchangestatus', $bug['product']))
545 {
546 $api->set('resolution', $bugsys->in['resolution']);
547 }
548 if ($bugsys->in['assignedto'] AND can_perform('canassign', $bug['product']))
549 {
550 $api->set('assignedto', $bugsys->in['assignedto']);
551 }
552 if ($bugsys->in['product'])
553 {
554 $product = explode(',', $bugsys->in['product']);
555 $api->set('product', $product[0]);
556 $api->set('component', $product[1]);
557 $api->set('version', $product[2]);
558 }
559
560 process_custom_fields($api, $message, false, true);
561
562 $log->add_data(false, $api->values, $log->getCommonFields(), true);
563
564 $api->update();
565 $log->update_history();
566 }
567
568 $message->redirect(T('The specified bugs have been updated and you will now return to your search results.'), 'search.php?searchid=' . $bugsys->in['searchid']);
569 }
570
571 // ###################################################################
572
573 if ($_REQUEST['do'] == 'export')
574 {
575 if (!$bugsys->in['searchid'] AND $bugsys->userinfo['userid'])
576 {
577 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']);
578 }
579 else if ($bugsys->in['searchid'])
580 {
581 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
582 }
583 else
584 {
585 $message->error(T('The search results are trying to export are invalid. Please start over <a href="search.php?new=1">here</a> and try again.'));
586 }
587
588 if (!$search)
589 {
590 $message->error(T('Your search has expired because it is older than one hour. Please start over <a href="search.php?new=1">here</a>.'));
591 }
592
593 $bugs = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby]");
594
595 $xml = '<?xml version="1.0" encoding="' . $language['charset'] . '"?>
596
597 <bugdarExport user="' . $bugsys->unsanitize(construct_user_display($bugsys->userinfo, false)) . '" date="' . $datef->format('r', TIMENOW) . '" searchid="' . $search['searchid'] . '">';
598
599 while ($bug = $db->fetch_array($bugs))
600 {
601 $xml .= "\n\t<bug>";
602
603 $bug = ProcessBugDataForDisplay($bug);
604
605 $xml .= "\n\t\t<id>" . $bug['bugid'] . "</id>";
606 $xml .= "\n\t\t<dateReported>" . $datef->format('r', $bug['dateline']) . "</dateReported>";
607 if ($bug['userid'])
608 {
609 $xml .= "\n\t\t<reporter>" . construct_user_display($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $bug[userid]"), false) . "</reporter>";
610 }
611 $xml .= "\n\t\t<summary>" . $bug['summary'] . "</summary>";
612 $xml .= "\n\t\t<product>" . $bug['product'] . "</product>";
613 if ($bug['component'])
614 {
615 $xml .= "\n\t\t<component>" . $bug['component'] . "</component>";
616 }
617 $xml .= "\n\t\t<version>" . $bug['version'] . "</version>";
618 $xml .= "\n\t\t<status>" . $bug['status'] . "</status>";
619 if ($bug['assignedto'])
620 {
621 $xml .= "\n\t\t<assignedTo>" . construct_user_display(bugdar::$datastore['assignto']["$bug[assignedto]"], false) . "</assignedTo>";
622 }
623 $xml .= "\n\t\t<resolution>" . $bug['resolution'] . "</resolution>";
624 $xml .= "\n\t\t<severity>" . $bug['severity'] . "</severity>";
625 $xml .= "\n\t\t<priority>" . $bug['priority'] . "</priority>";
626
627 $xml .= "\n\t</bug>";
628 }
629
630 $xml .= "\n</bugdarExport>";
631
632 $funct->download_file($xml, T('bugdar-search-' . $search['searchid'] . '.xml'), true);
633 }
634
635 // ###################################################################
636
637 if ($_POST['do'] == 'dosave')
638 {
639 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
640 if (!$search)
641 {
642 $message->addError(T('The search does not exist.'));
643 }
644 if ($search['name'])
645 {
646 $message->addError(sprintf(T('This search has already been named "%1$s".'), $search['name']));
647 }
648 if (empty($bugsys->in['name']))
649 {
650 $message->addError(T('The name cannot be empty.'));
651 }
652
653 if (!$message->hasErrors())
654 {
655 $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $bugsys->input_escape('name') . "' WHERE searchid = " . $bugsys->in['searchid']);
656 $message->redirect(T('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']);
657 }
658 else
659 {
660 $_REQUEST['do'] = 'save';
661 $show['errors'] = true;
662 }
663 }
664
665 // ###################################################################
666
667 if ($_REQUEST['do'] == 'save')
668 {
669 if (!$bugsys->userinfo['userid'])
670 {
671 $message->errorPermission();
672 }
673
674 eval('$template->flush("' . $template->fetch('search_save') . '");');
675 }
676
677 // ###################################################################
678
679 if ($_POST['do'] == 'results')
680 {
681 if (!$search['ids'])
682 {
683 $message->error(T('No bugs matched your search criteria. Please <a href="search.php?new=1">try again</a> with different search requirements.'));
684 }
685
686 $searchid = $search['searchid'];
687 $hilight = $search['hilight'];
688
689 LoadPaginationFramework();
690 $pagination->setTotal($search['resultcount']);
691 $pagination->splitPages();
692
693 $sort = new ListSorter('search');
694
695 $show['save'] = ($bugsys->userinfo['userid'] AND !$search['name']);
696 $show['update'] = can_perform('caneditother');
697
698 $bugs = '';
699 $search = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby] LIMIT " . $pagination->fetchLimit($pagination->getPage() - 1) . ", " . $pagination->getPerPage());
700 while ($bug = $db->fetch_array($search))
701 {
702 $funct->exec_swap_bg('altcolor', '');
703 $bug = ProcessBugDataForDisplay($bug, $funct->bgcolour);
704 $bugs .= $sort->constructRow($bug, "&amp;hilight=$hilight");
705 }
706
707 $columnHeads = $sort->constructColumnHeaders(false);
708 $show['pagenav'] = ($pagination->getPageCount() > 1);
709 $pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid);
710
711 eval('$template->flush("' . $template->fetch('search_results') . '");');
712 }
713
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.