https://src.bluestatic.org / bugdar.git / blob
summary | shortlog | log | commit | commitdiff | tree
history | raw | HEAD
r533: - Permission check cleanup
[bugdar.git] / showreport.php
1 <?php
2 /*=====================================================================*\
3 || ################################################################### ||
4 || # BugStrike [#]version[#]
5 || # --------------------------------------------------------------- # ||
6 || # Copyright ©2002-[#]year[#] by Iris Studios, Inc. All Rights Reserved. # ||
7 || # This file may not be reproduced in any way without permission. # ||
8 || # --------------------------------------------------------------- # ||
9 || # User License Agreement at http://www.iris-studios.com/license/ # ||
10 || ################################################################### ||
11 \*=====================================================================*/
12
13 $fetchtemplates = array(
14 'showreport',
15 'showreport_attachment',
16 'showreport_comment',
17 'quicksearch',
18 'bugfield_static_text'
19 );
20
21 define('SVN', '$Id$');
22
23 $focus['showreport'] = 'focus';
24
25 require_once('./global.php');
26 require_once('./includes/functions_product.php');
27
28 $bugid = intval($bugsys->in['bugid']);
29
30 // ###################################################################
31
32 if (empty($bugid) OR $_REQUEST['do'] == 'quicksearch')
33 {
34 if (!empty($bugid))
35 {
36 if ($db->query_first("SELECT bugid FROM " . TABLE_PREFIX . "bug WHERE bugid = $bugid"))
37 {
38 header("Location: showreport.php?bugid=$bugid");
39 exit;
40 }
41 else
42 {
43 $error = $lang->getlex('error_invalid_id');
44 }
45 }
46
47 eval('$template->flush("' . $template->fetch('quicksearch') . '");');
48 exit;
49 }
50
51 // ###################################################################
52
53 // -------------------------------------------------------------------
54 // get the report
55 $bug = $db->query_first("
56 SELECT bugvaluefill.*, bug.*, user.email, user.displayname, user.showemail
57 FROM " . TABLE_PREFIX . "bug AS bug
58 LEFT JOIN " . TABLE_PREFIX . "user AS user
59 ON (bug.userid = user.userid)
60 LEFT JOIN " . TABLE_PREFIX . "bugvaluefill AS bugvaluefill
61 ON (bug.bugid = bugvaluefill.bugid)
62 WHERE bug.bugid = " . intval($bugsys->in['bugid'])
63 );
64
65 if (!can_perform('canviewbugs', $bug['productid']))
66 {
67 $message->error_permission();
68 }
69
70 $show['edit'] = ((can_perform('caneditown', $bug['productid']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['productid']) AND $bugsys->userinfo['userid'] != $bug['userid']));
71
72 if (!is_array($bug))
73 {
74 $message->error($lang->getlex('error_invalid_id'));
75 }
76
77 if ($bug['hidden'] AND !can_perform('canviewhidden', $bug['productid']))
78 {
79 $message->error_permission();
80 }
81
82 // ###################################################################
83 // global display items
84
85 $favourite = (bool)$db->query_first("SELECT * FROM " . TABLE_PREFIX . "favourite WHERE bugid = $bug[bugid] AND userid = " . $bugsys->userinfo['userid']);
86 $favouritetext = (($favourite) ? $lang->string('Remove from Favourites') : $lang->string('Add to Favourites'));
87
88 $bug['userinfo'] = construct_user_display($bug);
89 $bug['datetime'] = $datef->format($bugsys->options['dateformat'], $bug['dateline']);
90 $bug['product'] = $bugsys->datastore['product']["$bug[productid]"]['title'];
91 $bug['component'] = (($bug['componentid']) ? $bugsys->datastore['product']["$bug[componentid]"]['title'] : '');
92 $bug['version'] = $bugsys->datastore['version']["$bug[versionid]"]['version'];
93
94 // ###################################################################
95 // edit display
96 if ($show['edit'])
97 {
98 $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', $bug['severity']);
99
100 $show['changestatus'] = ((can_perform('canchangestatus', $bug['productid'])) ? true : false);
101 if (can_perform('canchangestatus', $bug['productid']))
102 {
103 $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', $bug['priority']);
104 $select['status'] = construct_datastore_select('status', 'status', 'statusid', $bug['status']);
105 $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', $bug['resolution']);
106 }
107 else
108 {
109 $bug['status'] = $bugsys->datastore['status']["$bug[status]"]['status'];
110 $bug['resolution'] = $bugsys->datastore['resolution']["$bug[resolution]"]['resolution'];
111 $bug['severity'] = $bugsys->datastore['severity']["$bug[severity]"]['severity'];
112 $bug['priority'] = $bugsys->datastore['priority']["$bug[priority]"]['priority'];
113 }
114
115 $show['assign'] = ((can_perform('canassign', $bug['productid'])) ? true : false);
116 if (can_perform('canassign', $bug['productid']))
117 {
118 foreach ($bugsys->datastore['assignto'] AS $dev)
119 {
120 $value = $dev['userid'];
121 $selected = (($dev['userid'] == $bug['assignedto']) ? true : false);
122 $label = construct_user_display($dev, false);
123 eval('$select[dev] .= "' . $template->fetch('selectoption') . '";');
124 }
125 }
126
127 $pcv_select = construct_pcv_select("p$bug[productid]c$bug[componentid]v$bug[versionid]");
128
129 $firstcomment = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "comment WHERE bugid = $bug[bugid] ORDER BY dateline ASC LIMIT 1");
130
131 if ($bug['duplicateof'])
132 {
133 $duplicate = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[duplicateof]");
134 }
135
136 if ($bug['dependency'])
137 {
138 $dependencies = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($bug[dependency])");
139 while ($dependency = $db->fetch_array($dependencies))
140 {
141 $depends[] = "<a href=\"showreport.php?bugid=$dependency[bugid]\" title=\"$dependency[summary]\">$dependency[bugid]</a>";
142 }
143 $dependencies = implode(' ', $depends);
144 }
145
146 $actions = $db->query("SELECT * FROM " . TABLE_PREFIX . "autoaction ORDER BY name ASC");
147 $select['autoactions'] = '';
148 $show['autoactions'] = false;
149 while ($action = $db->fetch_array($actions))
150 {
151 $label = $action['name'];
152 $value = $action['actionid'];
153 $selected = false;
154 eval('$select[autoaction] .= "' . $template->fetch('selectoption') . '";');
155 $show['autoactions'] = true;
156 }
157 if ($show['autoactions'])
158 {
159 $label = '';
160 $value = 0;
161 $selected = true;
162 eval('$select[autoaction] = "' . $template->fetch('selectoption') . '" . $select[autoaction];');
163 }
164 }
165
166 // ###################################################################
167 // non-edit display
168 else
169 {
170 // -------------------------------------------------------------------
171 // prep display
172 $bug['status'] = $bugsys->datastore['status']["$bug[status]"]['status'];
173 $bug['resolution'] = $bugsys->datastore['resolution']["$bug[resolution]"]['resolution'];
174 $bug['severity'] = $bugsys->datastore['severity']["$bug[severity]"]['severity'];
175 $bug['priority'] = $bugsys->datastore['priority']["$bug[priority]"]['priority'];
176
177 $assigninfo = $bugsys->datastore['assignto']["$bug[assignedto]"];
178 $bug['assigninfo'] = ((is_array($assigninfo)) ? construct_user_display($assigninfo) : '');
179
180 $duplicateof = $db->query_first("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE bugid = $bug[duplicateof]");
181
182 $duplicates = $db->query("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE duplicateof = $bug[bugid]");
183 while ($duplicate = $db->fetch_array($duplicates))
184 {
185 $dupelist[] = "<a href=\"showreport.php?bugid=$duplicate[bugid]\" target=\"_blank\">$duplicate[summary]</a>";
186 }
187 $dupelist = implode(', ', $dupelist);
188
189 if ($bug['dependency'])
190 {
191 $dependencies = $db->query("SELECT bugid, summary FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($bug[dependency])");
192 while ($dependency = $db->fetch_array($dependencies))
193 {
194 $depends[] = "<a href=\"showreport.php?bugid=$dependency[bugid]\" title=\"$dependency[summary]\" target=\"_blank\">$dependency[bugid]</a>";
195 }
196 $dependencies = implode(' ', $depends);
197 }
198 }
199
200 // ###################################################################
201 // custom field output
202
203 $fields = construct_custom_fields($bug);
204 $show['customfields'] = ($fields ? true : false);
205
206 $bugsys->debug('fields modulo: ' . count($fields) % 2);
207 $i = 1;
208 foreach ($fields AS $field)
209 {
210 $bugsys->debug("i = $i");
211 if ($i == 1)
212 {
213 $customfields['right'] .= $field;
214 }
215 else if ($i == 2)
216 {
217 $customfields['left'] .= $field;
218 $i = 0;
219 }
220 $i++;
221 }
222
223 // ###################################################################
224 // other elements
225
226 // -------------------------------------------------------------------
227 // hilight
228 $words = explode(' ', $bugsys->in['hilight']);
229 foreach ($words AS $word)
230 {
231 if (trim($word))
232 {
233 $word = preg_quote($bugsys->unsanitize($word));
234 $hilight[] = $temp = trim(preg_replace('#[^0-9a-zA-Z_ ]#', '', $word));
235 }
236 }
237
238 // -------------------------------------------------------------------
239 // attachments
240 $show['getattachments'] = ((can_perform('cangetattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
241 $show['putattachments'] = ((can_perform('canputattach', $bug['productid']) OR can_perform('caneditattach', $bug['productid'])) ? true : false);
242 $show['attachments'] = ($show['getattachments'] OR $show['putattachments']) ? true : false;
243
244 if ($show['getattachments'] OR $show['putattachments'])
245 {
246 $attachments_fetch = $db->query("
247 SELECT attachment.*, user.email, user.showemail,
248 user.displayname
249 FROM " . TABLE_PREFIX . "attachment AS attachment
250 LEFT JOIN " . TABLE_PREFIX . "user AS user
251 ON (attachment.userid = user.userid)
252 WHERE attachment.bugid = $bug[bugid]
253 ORDER BY attachment.dateline"
254 );
255
256 $attaches = false;
257 while ($attachment = $db->fetch_array($attachments_fetch))
258 {
259 $attaches = true;
260 $show['editattach'] = ((can_perform('caneditattach', $bug['productid']) OR ($attachment['userid'] == $bugsys->userinfo['userid'] AND can_perform('canputattach', $bug['productid']))) ? true : false);
261 $attachment['date'] = $datef->format($bugsys->options['dateformat'], $attachment['dateline']);
262 $attachment['user'] = construct_user_display($attachment, false);
263 eval('$attachments .= "' . $template->fetch('showreport_attachment') . '";');
264 }
265
266 $show['attachments'] = (!$show['putattachments'] AND !$attaches) ? false : true;
267 }
268
269 // -------------------------------------------------------------------
270 // votes
271
272 $vote = $db->query_first("SELECT *, FIND_IN_SET(" . $bugsys->userinfo['userid'] . ", userids) AS uservote FROM " . TABLE_PREFIX . "vote WHERE bugid = $bug[bugid]");
273
274 $vote['total'] = $vote['votefor'] + $vote['voteagainst'];
275 $vote['forpercent'] = round($vote['votefor'] / $vote['total'], 3) * 100;
276 $vote['againstpercent'] = round($vote['voteagainst'] / $vote['total'], 3) * 100;
277
278 $show['vote'] = ((can_perform('canvote', $bug['productid']) AND !$vote['uservote']) ? true : false);
279
280 // -------------------------------------------------------------------
281 // get comments
282 $comments_fetch = $db->query("
283 SELECT comment.*, user.email, user.showemail, user.displayname
284 FROM " . TABLE_PREFIX . "comment AS comment
285 LEFT JOIN " . TABLE_PREFIX . "user AS user
286 ON (comment.userid = user.userid)
287 WHERE comment.bugid = $bug[bugid]" . ((!can_perform('canviewhidden', $bug['productid'])) ? "
288 AND !hidden" : '') . "
289 ORDER BY comment.dateline ASC"
290 );
291 while ($comment = $db->fetch_array($comments_fetch))
292 {
293 $comment['posttime'] = $datef->format($bugsys->options['dateformat'], $comment['dateline']);
294 $comment['postby'] = construct_user_display($comment);
295 $show['editcomment'] = ((can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']) OR (can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid']));
296
297 $bugsys->debug((int)(can_perform('caneditownreply', $bug['productid']) AND $bugsys->userinfo['userid'] == $comment['userid']));
298 $bugsys->debug((int)(can_perform('caneditotherreply', $bug['productid']) AND $bugsys->userinfo['userid'] != $comment['userid']));
299 $bugsys->debug($show['editcomment']);
300
301 if (is_array($hilight))
302 {
303 foreach ($hilight AS $id => $find)
304 {
305 $find = "#($find)#";
306 $replace = "<span style=\"background-color: yellow; font-weight: bold; color: red;\">\\1</span>";
307 $comment['comment_parsed'] = preg_replace($find, $replace, $comment['comment_parsed']);
308 }
309 }
310
311 eval('$comments .= "' . $template->fetch('showreport_comment') . '";');
312 }
313
314 $show['newreply'] = ((can_perform('canpostcomments', $bug['productid'])) ? true : false);
315
316 if (is_array($hilight))
317 {
318 foreach ($hilight AS $id => $find)
319 {
320 $find = "#($find)#";
321 $replace = "<span style=\"background-color: yellow; font-weight: bold; color: red;\">\\1</span>";
322 $bug['summary'] = preg_replace($find, $replace, $bug['summary']);
323 }
324 }
325
326 eval('$template->flush("' . $template->fetch('showreport') . '");');
327
328 /*=====================================================================*\
329 || ###################################################################
330 || # $HeadURL$
331 || # $Id$
332 || ###################################################################
333 \*=====================================================================*/
334 ?>
Open-source PHP-MySQL bug tracking system that has customizable CSS/XHTML templates, email notifications, Atom syndication, internationalization support, and a very simple setup.