https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
Fix DB_MySQL_PDO::escape_binary().
[bugdar.git] / showreport.php
1 <?php
2 /*=====================================================================*\
3 || ###################################################################
4 || # Bugdar
5 || # Copyright (c)2002-2007 Blue Static
6 || #
7 || # This program is free software; you can redistribute it and/or modify
8 || # it under the terms of the GNU General Public License as published by
9 || # the Free Software Foundation; version 2 of the License.
10 || #
11 || # This program is distributed in the hope that it will be useful, but
12 || # WITHOUT ANY WARRANTY; without even the implied warranty of MERCHANTABILITY
13 || # or FITNESS FOR A PARTICULAR PURPOSE. See the GNU General Public License for
14 || # more details.
15 || #
16 || # You should have received a copy of the GNU General Public License along
17 || # with this program; if not, write to the Free Software Foundation, Inc.,
18 || # 51 Franklin Street, Fifth Floor, Boston, MA 02110-1301, USA
19 || ###################################################################
20 \*=====================================================================*/
21
22 $fetchtemplates = array(
23 'showreport',
24 'showreport_attachment',
25 'showreport_comment',
26 'history_bit',
27 'history_group',
28 'quicksearch',
29 'bugfield_static_text'
30 );
31
32
33 $focus['showreport'] = 'focus';
34
35 require_once('./global.php');
36 require_once('./includes/functions_product.php');
37
38 $bugid = $bugsys->input_clean('bugid', TYPE_UINT);
39
40 // ###################################################################
41
42 if (empty($bugid) OR $_REQUEST['do'] == 'quicksearch')
43 {
44 if (!empty($bugid))
45 {
46 if ($db->query_first("SELECT bugid FROM " . TABLE_PREFIX . "bug WHERE bugid = $bugid"))
47 {
48 header("Location: showreport.php?bugid=$bugid");
49 exit;
50 }
51 else
52 {
53 $error = L_INVALID_ID;
54 }
55 }
56
57 eval('$template->flush("' . $template->fetch('quicksearch') . '");');
58 exit;
59 }
60
61 // ###################################################################
62
63 // -------------------------------------------------------------------
64 // get the report
65 $bug = $db->query_first("
66 SELECT bug.*, user.email, user.displayname, user.showemail
67 FROM " . TABLE_PREFIX . "bug AS bug
68 LEFT JOIN " . TABLE_PREFIX . "user AS user
69 ON (bug.userid = user.userid)
70 WHERE bug.bugid = $bugid"
71 );
72
73 if (!is_array($bug))
74 {
75 $message->error(L_INVALID_ID);
76 }
77
78 if (!check_bug_permissions($bug))
79 {
80 $message->errorPermission();
81 }
82
83 $show['edit'] = ((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid'] AND $bug['userid'] != 0) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid']));
84 $show['delete'] = can_perform('candeletedata', $bug['product']);
85
86 // ###################################################################
87 // edit display
88 if ($show['edit'])
89 {
90 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', $bug['severity']);
91
92 $show['changestatus'] = (can_perform('canchangestatus', $bug['product']) ? true : false);
93 if (can_perform('canchangestatus', $bug['product']))
94 {
95 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', $bug['priority']);
96 $select['status'] = construct_datastore_select('status', 'status', 'statusid', $bug['status']);
97 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', $bug['resolution']);
98 }
99 else
100 {
101 $bug['status'] = bugdar::$datastore['status']["$bug[status]"]['status'];
102 $bug['resolution'] = bugdar::$datastore['resolution']["$bug[resolution]"]['resolution'];
103 $bug['severity'] = bugdar::$datastore['severity']["$bug[severity]"]['severity'];
104 $bug['priority'] = bugdar::$datastore['priority']["$bug[priority]"]['priority'];
105 }
106
107 $show['assign'] = (can_perform('canassign', $bug['product']) ? true : false);
108 if (can_perform('canassign', $bug['product']) AND is_array(bugdar::$datastore['assignto']))
109 {
110 foreach (bugdar::$datastore['assignto'] AS $dev)
111 {
112 $value = $dev['userid'];
113 $selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
114 $label = construct_user_display($dev, false);
115 eval('$select["dev"] .= "' . $template->fetch('selectoption') . '";');
116 }
117 }
118
119 $productSelect = ConstructProductSelect('canviewbugs', "$bug[product],$bug[component],$bug[version]");
120
121 if ($bug['duplicateof'])
122 {
123 $duplicate = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[duplicateof]");
124 }
125
126 if ($bug['dependency'])
127 {
128 $depends = array();
129 $dependencies = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($bug[dependency])");
130 while ($dependency = $db->fetch_array($dependencies))
131 {
132 $depends[] = "<a href=\"showreport.php?bugid=$dependency[bugid]\" title=\"$dependency[summary]\">$dependency[bugid]</a>";
133 }
134 $dependencies = implode(' ', $depends);
135 }
136
137 $select['automations'] = '';
138 $show['automations'] = false;
139 if (is_array(bugdar::$datastore['automation']))
140 {
141 foreach (bugdar::$datastore['automation'] AS $action)
142 {
143 $label = $action['name'];
144 $value = $action['actionid'];
145 $selected = false;
146 eval('$select["automation"] .= "' . $template->fetch('selectoption') . '";');
147 $show['automations'] = true;
148 }
149 if ($show['automations'])
150 {
151 $label = '';
152 $value = 0;
153 $selected = true;
154 eval('$select["automation"] = "' . $template->fetch('selectoption') . '" . $select["automation"];');
155 }
156 }
157 }
158
159 // ###################################################################
160 // non-edit display
161 else
162 {
163 // -------------------------------------------------------------------
164 // prep display
165 $bug['status'] = bugdar::$datastore['status']["$bug[status]"]['status'];
166 $bug['resolution'] = bugdar::$datastore['resolution']["$bug[resolution]"]['resolution'];
167 $bug['severity'] = bugdar::$datastore['severity']["$bug[severity]"]['severity'];
168 $bug['priority'] = bugdar::$datastore['priority']["$bug[priority]"]['priority'];
169
170 $assigninfo = bugdar::$datastore['assignto']["$bug[assignedto]"];
171 $bug['assigninfo'] = ((is_array($assigninfo)) ? construct_user_display($assigninfo) : '');
172
173 $duplicateof = $db->query_first("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[duplicateof]");
174
175 $dupelist = array();
176 $duplicates = $db->query("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE duplicateof = $bug[bugid]");
177 while ($duplicate = $db->fetch_array($duplicates))
178 {
179 $dupelist[] = "<a href=\"showreport.php?bugid=$duplicate[bugid]\" target=\"_blank\">$duplicate[summary]</a>";
180 }
181 $dupelist = implode(', ', $dupelist);
182
183 if ($bug['dependency'])
184 {
185 $depends = array();
186 $dependencies = $db->query("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($bug[dependency])");
187 while ($dependency = $db->fetch_array($dependencies))
188 {
189 $depends[] = "<a href=\"showreport.php?bugid=$dependency[bugid]\" title=\"$dependency[summary]\" target=\"_blank\">$dependency[bugid]</a>";
190 }
191 $dependencies = implode(' ', $depends);
192 }
193 }
194
195 // ###################################################################
196 // global display items
197
198 $show['subscribe'] = can_perform('cansubscribe', $bug['product']);
199
200 $favorite = (bool)$db->query_first("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE bugid = $bug[bugid] AND userid = " . $bugsys->userinfo['userid']);
201 $favoritetext = ($favorite ? T('Remove from Favorites') : T('Add to Favorites'));
202
203 $bug['userinfo'] = construct_user_display($bug);
204 $bug['datetime'] = $datef->format($bugsys->options['dateformat'], $bug['dateline']);
205 $bug['productid'] = $bug['product'];
206 $bug['product'] = bugdar::$datastore['product']["$bug[product]"]['title'];
207 $bug['componentid'] = $bug['component'];
208 $bug['component'] = ($bug['component'] ? bugdar::$datastore['product']["$bug[component]"]['title'] : '');
209 $bug['versionid'] = $bug['version'];
210 $bug['version'] = bugdar::$datastore['version']["$bug[version]"]['version'];
211
212 // ###################################################################
213 // custom field output
214
215 $fields = construct_custom_fields($bug);
216 $i = 0;
217 foreach ($fields AS $field)
218 {
219 if ($i % 2 == 0)
220 {
221 $customfields['left'] .= $field;
222 }
223 else
224 {
225 $customfields['right'] .= $field;
226 }
227 $i++;
228 }
229
230 // ###################################################################
231 // other elements
232
233 // -------------------------------------------------------------------
234 // hilight
235 $words = explode(' ', $bugsys->in['hilight']);
236 foreach ($words AS $word)
237 {
238 if (trim($word))
239 {
240 $word = preg_quote($bugsys->unsanitize($word));
241 $hilight[] = $temp = trim(preg_replace('#[^0-9a-zA-Z_ ]#', '', $word));
242 }
243 }
244
245 // -------------------------------------------------------------------
246 // attachments
247 $show['getattachments'] = ((can_perform('cangetattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
248 $show['putattachments'] = ((can_perform('canputattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
249 $show['attachments'] = ($show['getattachments'] OR $show['putattachments']) ? true : false;
250
251 if ($show['getattachments'] OR $show['putattachments'])
252 {
253 $attachments_fetch = $db->query("
254 SELECT attachment.attachmentid, attachment.filename,
255 attachment.description, attachment.dateline,
256 attachment.userid, attachment.obsolete, user.email,
257 user.showemail, user.displayname
258 FROM " . TABLE_PREFIX . "attachment AS attachment
259 LEFT JOIN " . TABLE_PREFIX . "user AS user
260 ON (attachment.userid = user.userid)
261 WHERE attachment.bugid = $bug[bugid]
262 ORDER BY attachment.dateline"
263 );
264
265 $attaches = false;
266 while ($attachment = $db->fetch_array($attachments_fetch))
267 {
268 $attaches = true;
269 $show['editattach'] = ((can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))) ? true : false);
270 $attachment['date'] = $datef->format($bugsys->options['dateformat'], $attachment['dateline']);
271 $attachment['user'] = construct_user_display($attachment, false);
272 eval('$attachments .= "' . $template->fetch('showreport_attachment') . '";');
273 }
274
275 $show['attachments'] = (!$show['putattachments'] AND !$attaches) ? false : true;
276 }
277
278 // -------------------------------------------------------------------
279 // votes
280
281 $vote = $db->query_first("SELECT *, FIND_IN_SET(" . $bugsys->userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]");
282
283 $vote['total'] = $vote['votefor'] + $vote['voteagainst'];
284 if ($vote['total'] != 0)
285 {
286 $vote['forpercent'] = round($vote['votefor'] / $vote['total'], 3) * 100;
287 $vote['againstpercent'] = round($vote['voteagainst'] / $vote['total'], 3) * 100;
288 }
289 else
290 {
291 $vote['forpercent'] = 0;
292 $vote['againstpercent'] = 0;
293 }
294
295 $show['vote'] = ((can_perform('canvote', $bug['productid']) AND !$vote['uservote']) ? true : false);
296
297 $BUGITEMS = array();
298
299 // -------------------------------------------------------------------
300 // history
301
302 $lookupfields = array(
303 'status' => 'status',
304 'priority' => 'priority',
305 'severity' => 'severity',
306 'resolution' => 'resolution',
307 'version' => 'version',
308 'product' => 'title',
309 'component' => 'title'
310 );
311
312 $customfield_logs = $db->query("
313 SELECT bugfield.*, MAX(permission.mask) AS mask
314 FROM " . TABLE_PREFIX . "bugfield AS bugfield
315 LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission
316 ON (bugfield.fieldid = permission.fieldid)
317 WHERE mask <> 0
318 AND permission.usergroupid IN ({$bugsys->userinfo['usergroupid']}" . (sizeof($bugsys->userinfo['groupids']) != 0 ? ',' . implode(',', $bugsys->userinfo['groupids']) : '') . ")
319 GROUP BY (bugfield.fieldid)"
320 );
321
322 while ($field = $db->fetch_array($customfield_logs))
323 {
324 $fieldlist["$field[fieldid]"] = $field['name'];
325 }
326
327 $logs = array();
328 $logs_fetch = $db->query("
329 SELECT history.*, user.userid, user.email, user.displayname, user.showemail
330 FROM " . TABLE_PREFIX . "history AS history
331 LEFT JOIN " . TABLE_PREFIX . "user AS user
332 ON (user.userid = history.userid)
333 WHERE bugid = $bug[bugid]"
334 );
335 while ($log = $db->fetch_array($logs_fetch))
336 {
337 $log['date'] = $datef->format($bugsys->options['dateformat'], $log['dateline']);
338 $log['user'] = construct_user_display($log);
339
340 $logs["$log[dateline]"]["$log[historyid]"] = $log;
341 ksort($logs["$log[dateline]"]);
342 }
343
344 ksort($logs);
345
346 $toKill = array();
347 $logusers = array();
348
349 foreach ($logs AS $dateline => $logitems)
350 {
351 $changes = '';
352 foreach ($logitems AS $log)
353 {
354 if ($log['field'] == '.' OR ($log['original'] == '' AND $log['changed'] == ''))
355 {
356 $toKill[] = $log['historyid'];
357 continue;
358 }
359
360 if (preg_match('#^(comment|attachment)\.(.*)#', $log['field'], $matches))
361 {
362 if ($matches[1] == 'comment')
363 {
364 $log['field'] = sprintf(T('Comment #%1$s %2$s'), $log['commentid'], ucwords($matches[2]));
365 }
366 else if ($matches[1] == 'attachment')
367 {
368 $log['field'] = sprintf(T('Attachment #2%1$s %2$s'), $log['attachmentid'], ucwords($matches[2]));
369 }
370 }
371 else if (preg_match('#^.?custom(.field)?([0-9]+?)#', $log['field'], $matches))
372 {
373 if ($fieldlist["$matches[2]"])
374 {
375 $log['field'] = $fieldlist["$matches[2]"];
376 }
377 else
378 {
379 continue;
380 }
381 }
382 else if (preg_match('#^\.(.*)#', $log['field'], $matches))
383 {
384 $log['field'] = ucwords($matches[1]);
385
386 if (isset($lookupfields["$matches[1]"]))
387 {
388 $lookup = $matches[1];
389 $log['original'] = bugdar::$datastore["$lookup"]["$log[original]"][ $lookupfields["$lookup"] ];
390 $log['changed'] = bugdar::$datastore["$lookup"]["$log[changed]"][ $lookupfields["$lookup"] ];
391 }
392 else if ($matches[1] == 'assignto' OR $matches[1] == 'assignedto')
393 {
394 if ($log['original'])
395 {
396 if (!$logusers[$log['original']])
397 {
398 $user = new UserAPI($bugsys);
399 $user->set('userid', $log['original']);
400 $user->set_condition();
401 $user->fetch();
402 $logusers[$log['original']] = construct_user_display($user->objdata);
403 }
404 $log['original'] = $logusers[$log['original']];
405 }
406
407 if ($log['changed'])
408 {
409 if (!$logusers[$log['changed']])
410 {
411 $user = new UserAPI($bugsys);
412 $user->set('userid', $log['changed']);
413 $user->set_condition();
414 $user->fetch();
415 $logusers[$log['changed']] = construct_user_display($user->objdata);
416 }
417 $log['changed'] = $logusers[$log['changed']];
418 }
419 }
420 }
421 eval('$changes .= "' . $template->fetch('history_bit') . '";');
422 }
423 eval('$BUGITEMS[$dateline] .= "' . $template->fetch('history_group') . '";');
424 }
425
426 // we can now remove all useless logs
427 if (sizeof($toKill) > 0)
428 {
429 $db->query("DELETE FROM " . TABLE_PREFIX . "history WHERE historyid IN (" . implode(',', $toKill) . ")");
430 }
431
432 // -------------------------------------------------------------------
433 // get comments
434 $comments_fetch = $db->query("
435 SELECT comment.*, user.email, user.showemail, user.displayname
436 FROM " . TABLE_PREFIX . "comment AS comment
437 LEFT JOIN " . TABLE_PREFIX . "user AS user
438 ON (comment.userid = user.userid)
439 WHERE comment.bugid = $bug[bugid]" . (!can_perform('canviewhidden', $bug['productid']) ? "
440 AND !hidden" : '') . "
441 ORDER BY comment.dateline ASC"
442 );
443 $description = null;
444 while ($comment = $db->fetch_array($comments_fetch))
445 {
446 $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
447 $comment['postby'] = construct_user_display($comment);
448 $show['editcomment'] = ((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid']));
449
450 $bugsys->debug('can edit own replies: ' . (int)(can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']));
451 $bugsys->debug('can edit other replies:' . (int)(can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid']));
452 $bugsys->debug('$show[editcomment]: ' . $show['editcomment']);
453
454 if (is_array($hilight))
455 {
456 foreach ($hilight AS $id => $find)
457 {
458 $find = "#($find)#i";
459 $replace = "<span style=\"background-color: yellow; font-weight: bold; color: red;\">\\1</span>";
460 $comment['comment_parsed'] = preg_replace($find, $replace, $comment['comment_parsed']);
461 }
462 }
463
464 eval('$temp = "' . $template->fetch('showreport_comment') . '";');
465 if ($description == null)
466 {
467 $description = $temp;
468 }
469 else
470 {
471 $BUGITEMS[$comment['dateline']] = $temp . $BUGITEMS[$comment['dateline']];
472 }
473 }
474
475 $show['newreply'] = (can_perform('canpostcomments', $bug['productid']) ? true : false);
476
477 $bug['summary_title'] = $bug['summary'];
478 if (is_array($hilight) AND !$show['edit'])
479 {
480 foreach ($hilight AS $id => $find)
481 {
482 $find = "#($find)#i";
483 $replace = "<span style=\"background-color: yellow; font-weight: bold; color: red;\">\\1</span>";
484 $bug['summary'] = preg_replace($find, $replace, $bug['summary']);
485 }
486 }
487
488 ksort($BUGITEMS);
489 $BUGITEMS = implode("\n", $BUGITEMS);
490
491 eval('$template->flush("' . $template->fetch('showreport') . '");');
492
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.