https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r1460: Add a few sanity checks in the mass-update system just in case
[bugdar.git] / search.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar [#]version[#]
5 || # Copyright 2002-[#]year[#] Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version [#]gpl[#] of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $fetchtemplates = array(
23 'search',
24 'search_results',
25 'search_update',
26 'search_save',
27 'trackerhome_bits',
28 'list_head',
29 'pagenav_bit',
30 'pagenav'
31 );
32
33 define('SVN', '$Id$');
34
35 $focus['search'] = 'focus';
36
37 require_once('./global.php');
38 require_once('./includes/functions_product.php');
39 require_once('./includes/class_sort.php');
40 require_once('./includes/class_logging.php');
41 require_once('./includes/api_bug.php');
42 require_once('./includes/class_api_error.php');
43
44 APIError(array($message, 'error'));
45
46 if (!can_perform('cansearch'))
47 {
48 $message->errorPermission();
49 }
50
51 define('MODE_ANY', 1);
52 define('MODE_ALL', 2);
53 define('MODE_RAW', 3);
54
55 $var = $db->query_first("SHOW VARIABLES LIKE 'ft_min_word_len'");
56 define('SEARCH_WORD_MIN', $var['Value']);
57
58 $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = 0 AND dateline < " . (TIMENOW - 3600));
59
60 $show['search'] = true;
61
62 // ###################################################################
63
64 if (empty($_REQUEST['do']))
65 {
66 $_REQUEST['do'] = 'search';
67 }
68
69 // ###################################################################
70
71 if ($_REQUEST['do'] == 'search')
72 {
73 if ($bugsys->in['new'])
74 {
75 $newsearch = true;
76 }
77 else if ($bugsys->in['searchid'])
78 {
79 $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
80 }
81 else if ($bugsys->userinfo['userid'])
82 {
83 $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']);
84 }
85 else
86 {
87 $newsearch = true;
88 }
89
90 if ($cachedsearch)
91 {
92 $show['cached'] = true;
93 if ($cachedsearch['dateline'] < TIMNOW - 900 OR $bugsys->in['rerun'])
94 {
95 $_REQUEST['do'] = 'process';
96 $bugsys->in = array_merge(unserialize($cachedsearch['query']), $bugsys->in);
97 }
98 else
99 {
100 $search = $cachedsearch;
101 $_POST['do'] = 'results';
102 }
103 }
104 else
105 {
106 $newsearch = true;
107 }
108
109 if ($newsearch)
110 {
111 if (!is_array($bugsys->datastore['product']))
112 {
113 $message->error(_('No products are setup, therefore there can be no bugs and thus search cannot function.'));
114 }
115
116 if (!is_array($bugsys->datastore['version']))
117 {
118 $message->error(_('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.'));
119 }
120
121 $productSelect = ConstructProductSelect();
122
123 // -------------------------------------------------------------------
124 // custom fields
125 $fields = construct_custom_fields(null, true, false, true);
126 $i = 0;
127 foreach ($fields AS $field)
128 {
129 if ($i % 2 == 0)
130 {
131 $customfields['left'] .= $field;
132 }
133 else
134 {
135 $customfields['right'] .= $field;
136 }
137 $i++;
138 }
139
140 // -------------------------------------------------------------------
141 // built-in fields
142 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid');
143 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid');
144 $select['status'] = construct_datastore_select('status', 'status', 'statusid');
145 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid');
146
147 $searches = '';
148 if ($bugsys->userinfo['userid'])
149 {
150 $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . $bugsys->userinfo['userid']);
151 while ($search = $db->fetch_array($searchesFetch))
152 {
153 $value = $search['searchid'];
154 $label = $search['name'];
155 eval('$searches .= "' . $template->fetch('selectoption') . '";');
156 }
157 }
158
159 $select['dev'] = '';
160 foreach ($bugsys->datastore['assignto'] AS $dev)
161 {
162 $value = $dev['userid'];
163 $label = construct_user_display($dev, false);
164 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
165 }
166
167 eval('$template->flush("' . $template->fetch('search') . '");');
168 }
169 }
170
171 // ###################################################################
172
173 if ($_REQUEST['do'] == 'process')
174 {
175 // -------------------------------------------------------------------
176 // handle keywords
177 if ($bugsys->in['summary'])
178 {
179 $keywords = preg_split('#\s+#', $bugsys->in['summary']);
180
181 // TODO - need to have some str to bool conversions
182
183 foreach ($keywords AS $word)
184 {
185 if (strlen($word) < SEARCH_WORD_MIN)
186 {
187 continue;
188 }
189
190 if ($bugsys->in['mode'] == MODE_ALL)
191 {
192 $querybuild['text'] .= " +$word";
193 }
194 else
195 {
196 $querybuild['text'] .= " $word";
197 }
198
199 if (!preg_match('#-(.+?)#', trim($word)))
200 {
201 $hilight .= " $word";
202 }
203 }
204
205 $hilight = preg_replace('#[^0-9a-zA-Z_ ]#', '', $hilight);
206 $hilight = trim($hilight);
207 $hilight = preg_replace('#\s#', '+', $hilight);
208
209 $temp = trim($querybuild['text']);
210
211 if ($bugsys->in['mode'] == MODE_ALL OR $bugsys->in['mode'] == MODE_RAW)
212 {
213 $bool_flag = ' IN BOOLEAN MODE';
214 }
215
216 $querybuild['text'] = "AND\n\t\t\t(\n\t\t\t\tMATCH (bug.summary) AGAINST ('$temp'$bool_flag)\n\t\t\t\tOR MATCH (comment.comment) AGAINST ('$temp'$bool_flag)\n\t\t\t)";
217 }
218
219 // -------------------------------------------------------------------
220 // reporter
221 if ($bugsys->in['reporter'])
222 {
223 // force email or name?? make a distinction?
224 // more elegant way to do this? probably
225 $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "%'");
226 if ($user['userid'])
227 {
228 $querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]";
229 }
230 }
231
232 // -------------------------------------------------------------------
233 // product/component/version stuff
234 if (is_array($bugsys->in['product']))
235 {
236 foreach ($bugsys->in['product'] AS $prod)
237 {
238 $product = explode(',', $prod);
239 $product = $bugsys->clean($product, TYPE_UINT);
240 $products[] = $product[0];
241 $components[] = $product[1];
242 $versions[] = $product[2];
243 }
244 $querybuild['pcv'] = "AND bug.product IN (" . implode(',', $products) . ") AND bug.component IN (" . implode(',', $components) . ") AND bug.version IN (" . implode(',', $versions) . ")";
245 }
246
247 // -------------------------------------------------------------------
248 // severity, priority, status, resolution, assignedto
249
250 // severity
251 if ($bugsys->in['severity'])
252 {
253 $bugsys->input_clean('severity', TYPE_UINT);
254 $querybuild['severity'] = "AND bug.severity IN (" . implode(',', $bugsys->in['severity']) . ")";
255 }
256
257 // priority
258 if ($bugsys->in['priority'])
259 {
260 $bugsys->input_clean('priority', TYPE_UINT);
261 $querybuild['priority'] = "AND bug.priority IN (" . implode(',', $bugsys->in['priority']) . ")";
262 }
263
264 // status
265 if ($bugsys->in['status'])
266 {
267 $bugsys->input_clean('status', TYPE_UINT);
268 $querybuild['status'] = "AND bug.status IN (" . implode(',', $bugsys->in['status']) . ")";
269 }
270
271 // resolution
272 if ($bugsys->in['resolution'])
273 {
274 $bugsys->input_clean('resolution', TYPE_UINT);
275 $querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $bugsys->in['resolution']) . ")";
276 }
277
278 // assignment
279 if ($bugsys->in['assignedto'])
280 {
281 $bugsys->input_clean('assignedto', TYPE_UINT);
282 $querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $bugsys->in['assignedto']) . ")";
283 }
284
285 // -------------------------------------------------------------------
286 // date
287 if ($bugsys->in['date'])
288 {
289 // now - (seconds/day * number of days)
290 $dateline = time() - ($bugsys->input_clean('date', TYPE_INT) * 3600);
291 $querybuild['date'] = "AND bug.dateline >= $dateline";
292 }
293
294 // -------------------------------------------------------------------
295 // favorites
296 $bugsys->input_clean('favorite', TYPE_INT);
297 if ($bugsys->in['favorite'] != 0 AND $bugsys->userinfo['userid'])
298 {
299 $favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $bugsys->userinfo['userid']);
300 while ($favorite = $db->fetch_array($favorites))
301 {
302 $ids[] = $favorite['bugid'];
303 }
304 $querybuild['favorites'] = "AND bug.bugid " . ($bugsys->in['favorite'] > 0 ? "IN" : "NOT IN") . " (" . implode(', ', $ids) . ")";
305 }
306
307 // -------------------------------------------------------------------
308 // sort by
309 $sortby = array('bugid', 'severity', 'priority', 'status', 'resolution', 'dateline');
310 $orderby = array('ASC', 'DESC');
311 $bugsys->in['orderby'] = strtoupper($bugsys->in['orderby']);
312 if (in_array($bugsys->in['sortby'], $sortby) AND in_array($bugsys->in['orderby'], $orderby))
313 {
314 $sortclause = "ORDER BY " . $bugsys->in['sortby'] . ' ' . $bugsys->in['orderby'];
315 }
316 else if ($bugsys->in['sortby'] == 'relevance')
317 {
318 $sortclause = '';
319 }
320 else
321 {
322 $sortclause = '';
323 }
324
325 // -------------------------------------------------------------------
326 // custom fields
327 $fields_fetch = $bugsys->db->query("
328 SELECT bugfield.*
329 FROM " . TABLE_PREFIX . "bugfield AS bugfield
330 LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission
331 ON (bugfield.fieldid = permission.fieldid)
332 WHERE permission.mask <> 0
333 AND permission.usergroupid = {$bugsys->userinfo['usergroupid']}
334 AND bugfield.cansearch = 1"
335 );
336 while ($field = $bugsys->db->fetch_array($fields_fetch))
337 {
338 if (!empty($bugsys->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($bugsys->in["custom$field[fieldid]"])))
339 {
340 if ($field['type'] == 'input_checkbox' AND $bugsys->input_clean("custom$field[fieldid]", TYPE_INT) != 0)
341 {
342 $querybuild[] = "AND bug.custom$field[fieldid] = " . ($bugsys->in["custom$field[fieldid]"] > 0 ? 1 : 0);
343 }
344 else if ($field['type'] == 'input_text')
345 {
346 $querybuild[] = "AND bug.custom$field[fieldid] LIKE '%" . $bugsys->in["custom$field[fieldid]"] . "%'";
347 }
348 else if ($field['type'] == 'select_single' AND $bugsys->in["custom$field[fieldid]"] != -1)
349 {
350 $temp = unserialize($field['selects']);
351 $querybuild[] = "AND bug.custom$field[fieldid] = '" . trim($temp[ intval($bugsys->in["custom$field[fieldid]"]) ]) . "'";
352 }
353 }
354 }
355
356 // -------------------------------------------------------------------
357 // have to search something
358 if (sizeof($querybuild) < 1)
359 {
360 $message->error(sprintf(_('You have to enter some criteria to search for. Note that words less than %1$d characters are ignored by the search engine (and some other very common words, too).'), SEARCH_WORD_MIN));
361 }
362
363 // -------------------------------------------------------------------
364 // do the search
365
366 $search = $db->query("
367 SELECT bug.*, comment.commentid
368 FROM " . TABLE_PREFIX . "bug AS bug
369 LEFT JOIN " . TABLE_PREFIX . "comment AS comment
370 ON (bug.bugid = comment.bugid)
371 WHERE bug.bugid <> 0
372 AND bug.product IN (" . fetch_on_bits('canviewbugs') . ")
373 AND
374 (
375 !bug.hidden
376 OR
377 (bug.hidden AND bug.product IN (" . fetch_on_bits('canviewhidden') . "))" . (can_perform('canviewownhidden') ? "
378 OR
379 (bug.hidden AND bug.userid = " . $bugsys->userinfo['userid'] . " AND bug.product IN (" . fetch_on_bits('canviewonhidden') . "))" : "") . "
380 )
381 " . implode("\n\t\t", $querybuild) . "
382 GROUP BY bug.bugid
383 $sortclause
384 ");
385
386 $numrows = $db->num_rows($search);
387
388 if ($numrows < 1)
389 {
390 $message->error(_('No search results were returned that matched your criteria.'));
391 }
392
393 while ($result = $db->fetch_array($search))
394 {
395 $ids[] = $result['bugid'];
396 $results[] = $result;
397 }
398
399 if ($bugsys->userinfo['userid'] AND $cachedsearch['name'] == null AND !$bugsys->in['rerun'])
400 {
401 $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $bugsys->userinfo['userid'] . " AND name IS NULL");
402 }
403
404 // store the search params
405 $params = $bugsys->in;
406 foreach ($_COOKIE AS $key => $value)
407 {
408 unset($params["$key"]);
409 }
410
411 if ($cachedsearch)
412 {
413 $db->query("UPDATE " . TABLE_PREFIX . "search SET ids = '" . implode(',', $ids) . "', resultcount = " . sizeof($results) . " WHERE searchid = " . $cachedsearch['searchid']);
414 $search = $cachedsearch;
415 }
416 else
417 {
418 $db->query("
419 INSERT INTO " . TABLE_PREFIX . "search
420 (userid, dateline, query, ids, orderby, hilight, resultcount)
421 VALUES
422 (" . $bugsys->userinfo['userid'] . ",
423 " . TIMENOW . ", '" . $bugsys->escape(serialize($params)) . "',
424 '" . implode(',', $ids) . "', '" . $bugsys->escape($sortclause) . "',
425 '" . $bugsys->escape($hilight) . "',
426 " . sizeof($results) . "
427 )"
428 );
429 $search = array('searchid' => $db->insert_id(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results));
430 }
431
432 $_POST['do'] = 'results';
433 }
434
435 // ###################################################################
436
437 if ($_REQUEST['do'] == 'update')
438 {
439 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
440 if (!$search OR !can_perform('caneditother'))
441 {
442 $message->errorPermission();
443 }
444
445 $productSelect = ConstructProductSelect();
446
447 $show['update'] = true;
448
449 // -------------------------------------------------------------------
450 // custom fields
451 $fields = construct_custom_fields(null, true, false, true);
452 $i = 0;
453 foreach ($fields AS $field)
454 {
455 if ($i % 2 == 0)
456 {
457 $customfields['left'] .= $field;
458 }
459 else
460 {
461 $customfields['right'] .= $field;
462 }
463 $i++;
464 }
465
466 // -------------------------------------------------------------------
467 // built-in fields
468 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', 0, 0);
469 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', 0, 0);
470 $select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0);
471 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0);
472
473 $select['dev'] = '';
474 $value = '0';
475 $label = '';
476 $selected = true;
477 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
478 $selected = false;
479 foreach ($bugsys->datastore['assignto'] AS $dev)
480 {
481 $value = $dev['userid'];
482 $label = construct_user_display($dev, false);
483 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
484 }
485
486 eval('$template->flush("' . $template->fetch('search_update') . '");');
487 }
488
489 // ###################################################################
490
491 if ($_POST['do'] == 'doupdate')
492 {
493 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
494 if (!$search OR !can_perform('caneditother'))
495 {
496 $message->errorPermission();
497 }
498
499 // find all the bugs that we can edit
500 $bugs = $db->query("
501 SELECT * FROM " . TABLE_PREFIX . "bug
502 WHERE bugid IN ($search[ids])
503 AND product IN (" . fetch_on_bits('canviewbugs') . ")
504 AND
505 (
506 product IN (" . fetch_on_bits('caneditother') . ")
507 OR
508 (userid = " . $bugsys->userinfo['userid'] . " AND product IN (" . fetch_on_bits('caneditown') . "))
509 )
510 ");
511 while ($bug = $db->fetch_array($bugs))
512 {
513 if (!((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['product']))
514 {
515 continue;
516 }
517
518 $api = new BugApi($bugsys);
519 $api->set('bugid', $bug['bugid']);
520 $api->set_condition();
521 $api->values = $bug;
522
523 $log = new Logging();
524 $log->set_bugid($bug['bugid']);
525 $log->add_data(true, $bug, $log->getCommonFields(), true);
526
527 if ($bugsys->in['status'] AND can_perform('canchangestatus', $bug['product']))
528 {
529 $api->set('status', $bugsys->in['status']);
530 }
531 if ($bugsys->in['priority'] AND can_perform('canchangestatus', $bug['product']))
532 {
533 $api->set('priority', $bugsys->in['priority']);
534 }
535 if ($bugsys->in['severity'])
536 {
537 $api->set('severity', $bugsys->in['severity']);
538 }
539 if ($bugsys->in['resolution'] AND can_perform('canchangestatus', $bug['product']))
540 {
541 $api->set('resolution', $bugsys->in['resolution']);
542 }
543 if ($bugsys->in['assignedto'] AND can_perform('canassign', $bug['product']))
544 {
545 $api->set('assignedto', $bugsys->in['assignedto']);
546 }
547 if ($bugsys->in['product'])
548 {
549 $product = explode(',', $bugsys->in['product']);
550 $api->set('product', $product[0]);
551 $api->set('component', $product[1]);
552 $api->set('version', $product[2]);
553 }
554
555 process_custom_fields($api, $message, false, true);
556
557 $log->add_data(false, $api->values, $log->getCommonFields(), true);
558
559 $api->update();
560 $log->update_history();
561 }
562
563 $message->redirect(_('The specified bugs have been updated and you will now return to your search results.'), 'search.php?searchid=' . $bugsys->in['searchid']);
564 }
565
566 // ###################################################################
567
568 if ($_REQUEST['do'] == 'export')
569 {
570 if (!$bugsys->in['searchid'] AND $bugsys->userinfo['userid'])
571 {
572 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']);
573 }
574 else if ($bugsys->in['searchid'])
575 {
576 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
577 }
578 else
579 {
580 $message->error(_('The search results are trying to export are invalid. Please start over <a href="search.php?new=1">here</a> and try again.'));
581 }
582
583 if (!$search)
584 {
585 $message->error(_('Your search has expired because it is older than one hour. Please start over <a href="search.php?new=1">here</a>.'));
586 }
587
588 $bugs = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby]");
589
590 $xml = '<?xml version="1.0" encoding="' . $language['charset'] . '"?>
591
592 <bugdarExport user="' . $bugsys->unsanitize(construct_user_display($bugsys->userinfo, false)) . '" date="' . $datef->format('r', TIMENOW) . '" searchid="' . $search['searchid'] . '">';
593
594 while ($bug = $db->fetch_array($bugs))
595 {
596 $xml .= "\n\t<bug>";
597
598 ProcessBugDataForDisplay(&$bug);
599
600 $xml .= "\n\t\t<id>" . $bug['bugid'] . "</id>";
601 $xml .= "\n\t\t<dateReported>" . $datef->format('r', $bug['dateline']) . "</dateReported>";
602 if ($bug['userid'])
603 {
604 $xml .= "\n\t\t<reporter>" . construct_user_display($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $bug[userid]"), false) . "</reporter>";
605 }
606 $xml .= "\n\t\t<summary>" . $bug['summary'] . "</summary>";
607 $xml .= "\n\t\t<product>" . $bug['product'] . "</product>";
608 if ($bug['component'])
609 {
610 $xml .= "\n\t\t<component>" . $bug['component'] . "</component>";
611 }
612 $xml .= "\n\t\t<version>" . $bug['version'] . "</version>";
613 $xml .= "\n\t\t<status>" . $bug['status'] . "</status>";
614 if ($bug['assignedto'])
615 {
616 $xml .= "\n\t\t<assignedTo>" . construct_user_display($bugsys->datastore['assignto']["$bug[assignedto]"], false) . "</assignedTo>";
617 }
618 $xml .= "\n\t\t<resolution>" . $bug['resolution'] . "</resolution>";
619 $xml .= "\n\t\t<severity>" . $bug['severity'] . "</severity>";
620 $xml .= "\n\t\t<priority>" . $bug['priority'] . "</priority>";
621
622 $xml .= "\n\t</bug>";
623 }
624
625 $xml .= "\n</bugdarExport>";
626
627 $funct->download_file($xml, _('bugdar-search-' . $search['searchid'] . '.xml'), true);
628 }
629
630 // ###################################################################
631
632 if ($_POST['do'] == 'dosave')
633 {
634 $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']);
635 if (!$search)
636 {
637 $message->addError(_('The search does not exist.'));
638 }
639 if ($search['name'])
640 {
641 $message->addError(sprintf(_('This search has already been named "%1$s".'), $search['name']));
642 }
643 if (empty($bugsys->in['name']))
644 {
645 $message->addError(_('The name cannot be empty.'));
646 }
647
648 if (!$message->hasErrors())
649 {
650 $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $bugsys->input_escape('name') . "' WHERE searchid = " . $bugsys->in['searchid']);
651 $message->redirect(_('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']);
652 }
653 else
654 {
655 $_REQUEST['do'] = 'save';
656 $show['errors'] = true;
657 }
658 }
659
660 // ###################################################################
661
662 if ($_REQUEST['do'] == 'save')
663 {
664 if (!$bugsys->userinfo['userid'])
665 {
666 $message->errorPermission();
667 }
668
669 eval('$template->flush("' . $template->fetch('search_save') . '");');
670 }
671
672 // ###################################################################
673
674 if ($_POST['do'] == 'results')
675 {
676 if (!$search['ids'])
677 {
678 $message->error(_('No bugs matched your search criteria. Please <a href="search.php?new=1">try again</a> with different search requirements.'));
679 }
680
681 $searchid = $search['searchid'];
682 $hilight = $search['hilight'];
683
684 LoadPaginationFramework();
685 $pagination->setTotal($search['resultcount']);
686 $pagination->splitPages();
687
688 $sort = new ListSorter('search');
689
690 $show['save'] = ($bugsys->userinfo['userid'] AND !$search['name']);
691 $show['update'] = can_perform('caneditother');
692
693 $bugs = '';
694 $search = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby] LIMIT " . $pagination->fetchLimit($pagination->getPage() - 1) . ", " . $pagination->getPerPage());
695 while ($bug = $db->fetch_array($search))
696 {
697 $funct->exec_swap_bg($stylevar['alt_color'], '');
698 ProcessBugDataForDisplay(&$bug, $funct->bgcolour);
699 $bugs .= $sort->constructRow($bug, "&amp;hilight=$hilight");
700 }
701
702 $columnHeads = $sort->constructColumnHeaders(false);
703 $show['pagenav'] = ($pagination->getPageCount() > 1);
704 $pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid);
705
706 eval('$template->flush("' . $template->fetch('search_results') . '");');
707 }
708
709 /*=====================================================================*\
710 || ###################################################################
711 || # $HeadURL$
712 || # $Id$
713 || ###################################################################
714 \*=====================================================================*/
715 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.