errorPermission(); } define('MODE_ANY', 1); define('MODE_ALL', 2); define('MODE_RAW', 3); $var = $db->query_first("SHOW VARIABLES LIKE 'ft_min_word_len'"); define('SEARCH_WORD_MIN', $var['Value']); $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = 0 AND dateline < " . (TIMENOW - 3600)); $show['search'] = true; // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'search'; } // ################################################################### if ($_REQUEST['do'] == 'search') { if ($bugsys->in['new']) { $newsearch = true; } else if ($bugsys->in['searchid']) { $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']); } else if ($bugsys->userinfo['userid']) { $cachedsearch = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']); } else { $newsearch = true; } if ($cachedsearch) { $show['cached'] = true; if ($cachedsearch['dateline'] < TIMENOW - 900 OR $bugsys->in['rerun']) { $_REQUEST['do'] = 'process'; $bugsys->in = array_merge(unserialize($cachedsearch['query']), $bugsys->in); $bugsys->debug('rerunning the search'); } else { $search = $cachedsearch; $_POST['do'] = 'results'; } } else { $newsearch = true; } if ($newsearch) { if (!is_array($bugsys->datastore['product'])) { $message->error(_('No products are setup, therefore there can be no bugs and thus search cannot function.')); } if (!is_array($bugsys->datastore['version'])) { $message->error(_('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.')); } $productSelect = ConstructProductSelect(); // ------------------------------------------------------------------- // custom fields $fields = construct_custom_fields(null, true, false, true); $i = 0; foreach ($fields AS $field) { if ($i % 2 == 0) { $customfields['left'] .= $field; } else { $customfields['right'] .= $field; } $i++; } // ------------------------------------------------------------------- // built-in fields $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid'); $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid'); $select['status'] = construct_datastore_select('status', 'status', 'statusid'); $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid'); $searches = ''; if ($bugsys->userinfo['userid']) { $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . $bugsys->userinfo['userid']); while ($search = $db->fetch_array($searchesFetch)) { $value = $search['searchid']; $label = $search['name']; eval('$searches .= "' . $template->fetch('selectoption') . '";'); } } $select['dev'] = ''; foreach ($bugsys->datastore['assignto'] AS $dev) { $value = $dev['userid']; $label = construct_user_display($dev, false); eval('$select[dev] .= "' . $template->fetch('selectoption') . '";'); } eval('$template->flush("' . $template->fetch('search') . '");'); } } // ################################################################### if ($_REQUEST['do'] == 'process') { // ------------------------------------------------------------------- // handle keywords if ($bugsys->in['summary']) { $keywords = preg_split('#\s+#', $bugsys->in['summary']); // TODO - need to have some str to bool conversions foreach ($keywords AS $word) { if (strlen($word) < SEARCH_WORD_MIN) { continue; } if ($bugsys->in['mode'] == MODE_ALL) { $querybuild['text'] .= " +$word"; } else { $querybuild['text'] .= " $word"; } if (!preg_match('#-(.+?)#', trim($word))) { $hilight .= " $word"; } } $hilight = preg_replace('#[^0-9a-zA-Z_ ]#', '', $hilight); $hilight = trim($hilight); $hilight = preg_replace('#\s#', '+', $hilight); $temp = trim($querybuild['text']); if ($bugsys->in['mode'] == MODE_ALL OR $bugsys->in['mode'] == MODE_RAW) { $bool_flag = ' IN BOOLEAN MODE'; } $querybuild['text'] = "AND\n\t\t\t(\n\t\t\t\tMATCH (bug.summary) AGAINST ('$temp'$bool_flag)\n\t\t\t\tOR MATCH (comment.comment) AGAINST ('$temp'$bool_flag)\n\t\t\t)"; } // ------------------------------------------------------------------- // reporter if ($bugsys->in['reporter']) { // force email or name?? make a distinction? // more elegant way to do this? probably $user = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $bugsys->input_escape('reporter')) . "%'"); if ($user['userid']) { $querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]"; } } // ------------------------------------------------------------------- // product/component/version stuff if (is_array($bugsys->in['product'])) { foreach ($bugsys->in['product'] AS $prod) { $product = explode(',', $prod); $product = $bugsys->clean($product, TYPE_UINT); $products[] = $product[0]; $components[] = $product[1]; $versions[] = $product[2]; } $querybuild['pcv'] = "AND bug.product IN (" . implode(',', $products) . ") AND bug.component IN (" . implode(',', $components) . ") AND bug.version IN (" . implode(',', $versions) . ")"; } // ------------------------------------------------------------------- // severity, priority, status, resolution, assignedto // severity if ($bugsys->in['severity']) { $bugsys->input_clean('severity', TYPE_UINT); $querybuild['severity'] = "AND bug.severity IN (" . implode(',', $bugsys->in['severity']) . ")"; } // priority if ($bugsys->in['priority']) { $bugsys->input_clean('priority', TYPE_UINT); $querybuild['priority'] = "AND bug.priority IN (" . implode(',', $bugsys->in['priority']) . ")"; } // status if ($bugsys->in['status']) { $bugsys->input_clean('status', TYPE_UINT); $querybuild['status'] = "AND bug.status IN (" . implode(',', $bugsys->in['status']) . ")"; } // resolution if ($bugsys->in['resolution']) { $bugsys->input_clean('resolution', TYPE_UINT); $querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $bugsys->in['resolution']) . ")"; } // assignment if ($bugsys->in['assignedto']) { $bugsys->input_clean('assignedto', TYPE_UINT); $querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $bugsys->in['assignedto']) . ")"; } // ------------------------------------------------------------------- // date if ($bugsys->in['date']) { // now - (seconds/day * number of days) $dateline = time() - ($bugsys->input_clean('date', TYPE_INT) * 3600); $querybuild['date'] = "AND bug.dateline >= $dateline"; } // ------------------------------------------------------------------- // favorites $bugsys->input_clean('favorite', TYPE_INT); if ($bugsys->in['favorite'] != 0 AND $bugsys->userinfo['userid']) { $favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . $bugsys->userinfo['userid']); while ($favorite = $db->fetch_array($favorites)) { $ids[] = $favorite['bugid']; } $querybuild['favorites'] = "AND bug.bugid " . ($bugsys->in['favorite'] > 0 ? "IN" : "NOT IN") . " (" . implode(', ', $ids) . ")"; } // ------------------------------------------------------------------- // sort by $sortby = array('bugid', 'severity', 'priority', 'status', 'resolution', 'dateline'); $orderby = array('ASC', 'DESC'); $bugsys->in['orderby'] = strtoupper($bugsys->in['orderby']); if (in_array($bugsys->in['sortby'], $sortby) AND in_array($bugsys->in['orderby'], $orderby)) { $sortclause = "ORDER BY " . $bugsys->in['sortby'] . ' ' . $bugsys->in['orderby']; } else if ($bugsys->in['sortby'] == 'relevance') { $sortclause = ''; } else { $sortclause = ''; } // ------------------------------------------------------------------- // custom fields $fields_fetch = $bugsys->db->query(" SELECT bugfield.*, MAX(permission.mask) AS mask FROM " . TABLE_PREFIX . "bugfield AS bugfield LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission ON (bugfield.fieldid = permission.fieldid) WHERE mask <> 0 AND permission.usergroupid IN ({$bugsys->userinfo['usergroupid']}" . (sizeof($bugsys->userinfo['groupids']) != 0 ? ',' . implode(',', $bugsys->userinfo['groupids']) : '') . ") AND bugfield.cansearch = 1 GROUP BY (bugfield.fieldid)" ); while ($field = $bugsys->db->fetch_array($fields_fetch)) { if (!empty($bugsys->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($bugsys->in["custom$field[fieldid]"]))) { if ($field['type'] == 'input_checkbox' AND $bugsys->input_clean("custom$field[fieldid]", TYPE_INT) != 0) { $querybuild[] = "AND bug.custom$field[fieldid] = " . ($bugsys->in["custom$field[fieldid]"] > 0 ? 1 : 0); } else if ($field['type'] == 'input_text') { $querybuild[] = "AND bug.custom$field[fieldid] LIKE '%" . $bugsys->in["custom$field[fieldid]"] . "%'"; } else if ($field['type'] == 'select_single' AND $bugsys->in["custom$field[fieldid]"] != -1) { $temp = unserialize($field['selects']); $querybuild[] = "AND bug.custom$field[fieldid] = '" . trim($temp[ intval($bugsys->in["custom$field[fieldid]"]) ]) . "'"; } } } // ------------------------------------------------------------------- // have to search something if (sizeof($querybuild) < 1) { $message->error(sprintf(_('You have to enter some criteria to search for. Note that words less than %1$d characters are ignored by the search engine (and some other very common words, too).'), SEARCH_WORD_MIN)); } // ------------------------------------------------------------------- // do the search $search = $db->query(" SELECT bug.*, comment.commentid FROM " . TABLE_PREFIX . "bug AS bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid <> 0 AND bug.product IN (" . fetch_on_bits('canviewbugs') . ") AND ( !bug.hidden OR (bug.hidden AND bug.product IN (" . fetch_on_bits('canviewhidden') . "))" . (can_perform('canviewownhidden') ? " OR (bug.hidden AND bug.userid = " . $bugsys->userinfo['userid'] . " AND bug.product IN (" . fetch_on_bits('canviewonhidden') . "))" : "") . " ) " . implode("\n\t\t", $querybuild) . " GROUP BY bug.bugid $sortclause "); $numrows = $db->num_rows($search); if ($numrows < 1) { $message->error(_('No search results were returned that matched your criteria.')); } while ($result = $db->fetch_array($search)) { $ids[] = $result['bugid']; $results[] = $result; } if ($bugsys->userinfo['userid'] AND !$cachedsearch AND !$bugsys->in['rerun']) { $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . $bugsys->userinfo['userid'] . " AND name IS NULL"); } // store the search params $params = $bugsys->in; foreach ($_COOKIE AS $key => $value) { unset($params["$key"]); } if ($cachedsearch) { $search = $cachedsearch; $search['ids'] = implode(',', $ids); $search['resultcount'] = sizeof($results); $db->query("UPDATE " . TABLE_PREFIX . "search SET ids = '$search[ids]', resultcount = $search[resultcount], dateline = " . TIMENOW . " WHERE searchid = " . $cachedsearch['searchid']); } else { $db->query(" INSERT INTO " . TABLE_PREFIX . "search (userid, dateline, query, ids, orderby, hilight, resultcount) VALUES (" . $bugsys->userinfo['userid'] . ", " . TIMENOW . ", '" . $bugsys->escape(serialize($params)) . "', '" . implode(',', $ids) . "', '" . $bugsys->escape($sortclause) . "', '" . $bugsys->escape($hilight) . "', " . sizeof($results) . " )" ); $search = array('searchid' => $db->insert_id(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results)); } $_POST['do'] = 'results'; } // ################################################################### if ($_REQUEST['do'] == 'update') { $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); } $productSelect = ConstructProductSelect(); $show['update'] = true; // ------------------------------------------------------------------- // custom fields $fields = construct_custom_fields(null, true, false, true); $i = 0; foreach ($fields AS $field) { if ($i % 2 == 0) { $customfields['left'] .= $field; } else { $customfields['right'] .= $field; } $i++; } // ------------------------------------------------------------------- // built-in fields $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', 0, 0); $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', 0, 0); $select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0); $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0); $select['dev'] = ''; $value = '0'; $label = ''; $selected = true; eval('$select[dev] .= "' . $template->fetch('selectoption') . '";'); $selected = false; foreach ($bugsys->datastore['assignto'] AS $dev) { $value = $dev['userid']; $label = construct_user_display($dev, false); eval('$select[dev] .= "' . $template->fetch('selectoption') . '";'); } eval('$template->flush("' . $template->fetch('search_update') . '");'); } // ################################################################### if ($_POST['do'] == 'doupdate') { $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); } // find all the bugs that we can edit $bugs = $db->query(" SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) AND product IN (" . fetch_on_bits('canviewbugs') . ") AND ( product IN (" . fetch_on_bits('caneditother') . ") OR (userid = " . $bugsys->userinfo['userid'] . " AND product IN (" . fetch_on_bits('caneditown') . ")) ) "); while ($bug = $db->fetch_array($bugs)) { if (!((can_perform('caneditown', $bug['product']) AND $bugsys->userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['product']) AND $bugsys->userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['product'])) { continue; } $api = new BugApi($bugsys); $api->set('bugid', $bug['bugid']); $api->set_condition(); $api->values = $bug; $log = new Logging(); $log->set_bugid($bug['bugid']); $log->add_data(true, $bug, $log->getCommonFields(), true); if ($bugsys->in['status'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('status', $bugsys->in['status']); } if ($bugsys->in['priority'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('priority', $bugsys->in['priority']); } if ($bugsys->in['severity']) { $api->set('severity', $bugsys->in['severity']); } if ($bugsys->in['resolution'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('resolution', $bugsys->in['resolution']); } if ($bugsys->in['assignedto'] AND can_perform('canassign', $bug['product'])) { $api->set('assignedto', $bugsys->in['assignedto']); } if ($bugsys->in['product']) { $product = explode(',', $bugsys->in['product']); $api->set('product', $product[0]); $api->set('component', $product[1]); $api->set('version', $product[2]); } process_custom_fields($api, $message, false, true); $log->add_data(false, $api->values, $log->getCommonFields(), true); $api->update(); $log->update_history(); } $message->redirect(_('The specified bugs have been updated and you will now return to your search results.'), 'search.php?searchid=' . $bugsys->in['searchid']); } // ################################################################### if ($_REQUEST['do'] == 'export') { if (!$bugsys->in['searchid'] AND $bugsys->userinfo['userid']) { $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . $bugsys->userinfo['userid']); } else if ($bugsys->in['searchid']) { $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']); } else { $message->error(_('The search results are trying to export are invalid. Please start over here and try again.')); } if (!$search) { $message->error(_('Your search has expired because it is older than one hour. Please start over here.')); } $bugs = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby]"); $xml = ' '; while ($bug = $db->fetch_array($bugs)) { $xml .= "\n\t"; ProcessBugDataForDisplay(&$bug); $xml .= "\n\t\t" . $bug['bugid'] . ""; $xml .= "\n\t\t" . $datef->format('r', $bug['dateline']) . ""; if ($bug['userid']) { $xml .= "\n\t\t" . construct_user_display($db->query_first("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $bug[userid]"), false) . ""; } $xml .= "\n\t\t

" . $bug['summary'] . "

"; $xml .= "\n\t\t" . $bug['product'] . ""; if ($bug['component']) { $xml .= "\n\t\t" . $bug['component'] . ""; } $xml .= "\n\t\t" . $bug['version'] . ""; $xml .= "\n\t\t" . $bug['status'] . ""; if ($bug['assignedto']) { $xml .= "\n\t\t" . construct_user_display($bugsys->datastore['assignto']["$bug[assignedto]"], false) . ""; } $xml .= "\n\t\t" . $bug['resolution'] . ""; $xml .= "\n\t\t" . $bug['severity'] . ""; $xml .= "\n\t\t" . $bug['priority'] . ""; $xml .= "\n\t"; } $xml .= "\n"; $funct->download_file($xml, _('bugdar-search-' . $search['searchid'] . '.xml'), true); } // ################################################################### if ($_POST['do'] == 'dosave') { $search = $db->query_first("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $bugsys->input_clean('searchid', TYPE_UINT) . " AND userid = " . $bugsys->userinfo['userid']); if (!$search) { $message->addError(_('The search does not exist.')); } if ($search['name']) { $message->addError(sprintf(_('This search has already been named "%1$s".'), $search['name'])); } if (empty($bugsys->in['name'])) { $message->addError(_('The name cannot be empty.')); } if (!$message->hasErrors()) { $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $bugsys->input_escape('name') . "' WHERE searchid = " . $bugsys->in['searchid']); $message->redirect(_('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']); } else { $_REQUEST['do'] = 'save'; $show['errors'] = true; } } // ################################################################### if ($_REQUEST['do'] == 'save') { if (!$bugsys->userinfo['userid']) { $message->errorPermission(); } eval('$template->flush("' . $template->fetch('search_save') . '");'); } // ################################################################### if ($_POST['do'] == 'results') { if (!$search['ids']) { $message->error(_('No bugs matched your search criteria. Please try again with different search requirements.')); } $searchid = $search['searchid']; $hilight = $search['hilight']; LoadPaginationFramework(); $pagination->setTotal($search['resultcount']); $pagination->splitPages(); $sort = new ListSorter('search'); $show['save'] = ($bugsys->userinfo['userid'] AND !$search['name']); $show['update'] = can_perform('caneditother'); $bugs = ''; $search = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby] LIMIT " . $pagination->fetchLimit($pagination->getPage() - 1) . ", " . $pagination->getPerPage()); while ($bug = $db->fetch_array($search)) { $funct->exec_swap_bg('altcolor', ''); $bug = ProcessBugDataForDisplay($bug, $funct->bgcolour); $bugs .= $sort->constructRow($bug, "&hilight=$hilight"); } $columnHeads = $sort->constructColumnHeaders(false); $show['pagenav'] = ($pagination->getPageCount() > 1); $pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid); eval('$template->flush("' . $template->fetch('search_results') . '");'); } /*=====================================================================*\ || ################################################################### || # $HeadURL$ || # $Id$ || ################################################################### \*=====================================================================*/ ?>