errorPermission(); } define('MODE_ANY', 1); define('MODE_ALL', 2); define('MODE_RAW', 3); $var = $db->queryFirst("SHOW VARIABLES LIKE 'ft_min_word_len'"); define('SEARCH_WORD_MIN', $var['Value']); $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = 0 AND dateline < " . (TIMENOW - 3600)); $show['search'] = true; // ################################################################### if (empty($_REQUEST['do'])) { $_REQUEST['do'] = 'search'; } // ################################################################### if ($_REQUEST['do'] == 'search') { if ($input->in['new']) { $newsearch = true; } else if ($input->in['searchid']) { $cachedsearch = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); } else if (bugdar::$userinfo['userid']) { $cachedsearch = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . bugdar::$userinfo['userid']); } else { $newsearch = true; } if ($cachedsearch) { $show['cached'] = true; if ($cachedsearch['dateline'] < TIMENOW - 900 OR $input->in['rerun']) { $_REQUEST['do'] = 'process'; $input->in = array_merge(unserialize($cachedsearch['query']), $input->in); BSApp::debug('rerunning the search'); } else { $search = $cachedsearch; $_POST['do'] = 'results'; } } else { $newsearch = true; } if ($newsearch) { if (!is_array(bugdar::$datastore['product'])) { $message->error(T('No products are setup, therefore there can be no bugs and thus search cannot function.')); } if (!is_array(bugdar::$datastore['version'])) { $message->error(T('No versions have been added underneath your product(s), there can be no bugs and thus search cannot function.')); } // ------------------------------------------------------------------- // custom fields $fields = construct_custom_fields(null, true, false, true); $i = 0; foreach ($fields AS $field) { if ($i % 2 == 0) { $customfields['left'] .= $field; } else { $customfields['right'] .= $field; } $i++; } // ------------------------------------------------------------------- // built-in fields $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid'); $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid'); $select['status'] = construct_datastore_select('status', 'status', 'statusid'); $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid'); $searches = ''; if (bugdar::$userinfo['userid']) { $searchesFetch = $db->query("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NOT NULL AND userid = " . bugdar::$userinfo['userid']); foreach ($searchesFetch as $search) { $tpl = new BSTemplate('selectoption'); $tpl->vars = array( 'value' => $search['searchid'], 'label' => $search['name'] ); $searches .= $tpl->evaluate()->getTemplate(); } } $select['dev'] = ''; foreach (bugdar::$datastore['assignto'] AS $dev) { $tpl = new BSTemplate('selectoption'); $tpl->vars = array( 'value' => $dev['userid'], 'label' => construct_user_display($dev, false) ); $select['dev'] .= $tpl->evaluate()->getTemplate(); } $tpl = new BSTemplate('search'); $tpl->vars = array( 'select' => $select, 'productSelect' => construct_product_select(), 'customfields' => $customfields, 'searches' => $searches ); $tpl->evaluate()->flush(); } } // ################################################################### if ($_REQUEST['do'] == 'process') { // ------------------------------------------------------------------- // handle keywords if ($input->in['summary']) { $keywords = preg_split('#\s+#', $input->in['summary']); // TODO - need to have some str to bool conversions foreach ($keywords AS $word) { if (strlen($word) < SEARCH_WORD_MIN) { continue; } if ($input->in['mode'] == MODE_ALL) { $querybuild['text'] .= " +$word"; } else { $querybuild['text'] .= " $word"; } if (!preg_match('#-(.+?)#', trim($word))) { $hilight .= " $word"; } } $hilight = preg_replace('#[^0-9a-zA-Z_ ]#', '', $hilight); $hilight = trim($hilight); $hilight = preg_replace('#\s#', '+', $hilight); $temp = trim($querybuild['text']); if ($input->in['mode'] == MODE_ALL OR $input->in['mode'] == MODE_RAW) { $bool_flag = ' IN BOOLEAN MODE'; } $querybuild['text'] = "AND\n\t\t\t(\n\t\t\t\tMATCH (bug.summary) AGAINST ('$temp'$bool_flag)\n\t\t\t\tOR MATCH (comment.comment) AGAINST ('$temp'$bool_flag)\n\t\t\t)"; } // ------------------------------------------------------------------- // reporter if ($input->in['reporter']) { // force email or name?? make a distinction? // more elegant way to do this? probably $user = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE email LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "' OR displayname LIKE '%" . str_replace('%', '\%', $input->inputEscape('reporter')) . "%'"); if ($user['userid']) { $querybuild['reporter'] = "AND bug.userid = $user[userid] OR comment.userid = $user[userid]"; } } // ------------------------------------------------------------------- // product/component/version stuff if (is_array($input->in['product'])) { foreach ($input->in['product'] AS $prod) { $product = explode(',', $prod); $product = $input->clean($product, TYPE_UINT); $products[$product[0]] = $product[0]; $components[$product[1]] = $product[1]; $versions[$product[2]] = $product[2]; } $querybuild['pcv'] = "AND bug.product IN (" . implode(',', $products) . ") AND bug.component IN (" . implode(',', $components) . ") AND bug.version IN (" . implode(',', $versions) . ")"; } // ------------------------------------------------------------------- // severity, priority, status, resolution, assignedto // severity if ($input->in['severity']) { $input->inputClean('severity', TYPE_UINT); $querybuild['severity'] = "AND bug.severity IN (" . implode(',', $input->in['severity']) . ")"; } // priority if ($input->in['priority']) { $input->inputClean('priority', TYPE_UINT); $querybuild['priority'] = "AND bug.priority IN (" . implode(',', $input->in['priority']) . ")"; } // status if ($input->in['status']) { $input->inputClean('status', TYPE_UINT); $querybuild['status'] = "AND bug.status IN (" . implode(',', $input->in['status']) . ")"; } // resolution if ($input->in['resolution']) { $input->inputClean('resolution', TYPE_UINT); $querybuild['resolution'] = "AND bug.resolution IN (" . implode(',', $input->in['resolution']) . ")"; } // assignment if ($input->in['assignedto']) { $input->inputClean('assignedto', TYPE_UINT); $querybuild['assignedto'] = "AND bug.assignedto IN (" . implode(',', $input->in['assignedto']) . ")"; } // ------------------------------------------------------------------- // date if ($input->in['date']) { // now - (seconds/day * number of days) $dateline = time() - ($input->inputClean('date', TYPE_INT) * 3600); $querybuild['date'] = "AND bug.dateline >= $dateline"; } // ------------------------------------------------------------------- // favorites $input->inputClean('favorite', TYPE_INT); if ($input->in['favorite'] != 0 AND bugdar::$userinfo['userid']) { $favorites = $db->query("SELECT * FROM " . TABLE_PREFIX . "favorite WHERE userid = " . bugdar::$userinfo['userid']); foreach ($favorites as $favorite) { $ids[] = $favorite['bugid']; } $querybuild['favorites'] = "AND bug.bugid " . ($input->in['favorite'] > 0 ? "IN" : "NOT IN") . " (" . implode(', ', $ids) . ")"; } // ------------------------------------------------------------------- // sort by $sortby = array('bugid', 'severity', 'priority', 'status', 'resolution', 'dateline'); $orderby = array('ASC', 'DESC'); $input->in['orderby'] = strtoupper($input->in['orderby']); if (in_array($input->in['sortby'], $sortby) AND in_array($input->in['orderby'], $orderby)) { $sortclause = "ORDER BY " . $input->in['sortby'] . ' ' . $input->in['orderby']; } else if ($input->in['sortby'] == 'relevance') { $sortclause = ''; } else { $sortclause = ''; } // ------------------------------------------------------------------- // custom fields $fields_fetch = $db->query(" SELECT bugfield.*, MAX(permission.mask) AS mask FROM " . TABLE_PREFIX . "bugfield AS bugfield LEFT JOIN " . TABLE_PREFIX . "bugfieldpermission AS permission ON (bugfield.fieldid = permission.fieldid) WHERE mask <> 0 AND permission.usergroupid IN (" . bugdar::$userinfo['usergroupid'] . (sizeof(bugdar::$userinfo['groupids']) != 0 ? ',' . implode(',', bugdar::$userinfo['groupids']) : '') . ") AND bugfield.cansearch = 1 GROUP BY (bugfield.fieldid)" ); foreach ($fields_fetch as $field) { if (!empty($input->in["custom$field[fieldid]"]) OR ($field['type'] == 'select_single' AND isset($input->in["custom$field[fieldid]"]))) { if ($field['type'] == 'input_checkbox' AND $input->inputClean("custom$field[fieldid]", TYPE_INT) != 0) { $querybuild[] = "AND bug.custom$field[fieldid] = " . ($input->in["custom$field[fieldid]"] > 0 ? 1 : 0); } else if ($field['type'] == 'input_text') { $querybuild[] = "AND bug.custom$field[fieldid] LIKE '%" . $input->in["custom$field[fieldid]"] . "%'"; } else if ($field['type'] == 'select_single' AND $input->in["custom$field[fieldid]"] != -1) { $temp = unserialize($field['selects']); $querybuild[] = "AND bug.custom$field[fieldid] = '" . trim($temp[ intval($input->in["custom$field[fieldid]"]) ]) . "'"; } } } // ------------------------------------------------------------------- // have to search something if (sizeof($querybuild) < 1) { $message->error(sprintf(T('You have to enter some criteria to search for. Note that words less than %1$d characters are ignored by the search engine (and some other very common words, too).'), SEARCH_WORD_MIN)); } // ------------------------------------------------------------------- // do the search $search = $db->query(" SELECT bug.*, comment.commentid FROM " . TABLE_PREFIX . "bug AS bug LEFT JOIN " . TABLE_PREFIX . "comment AS comment ON (bug.bugid = comment.bugid) WHERE bug.bugid <> 0 AND bug.product IN (" . fetch_on_bits('canviewbugs') . ") AND ( !bug.hidden OR (bug.hidden AND bug.product IN (" . fetch_on_bits('canviewhidden') . "))" . (can_perform('canviewownhidden') ? " OR (bug.hidden AND bug.userid = " . bugdar::$userinfo['userid'] . " AND bug.product IN (" . fetch_on_bits('canviewonhidden') . "))" : "") . " ) " . implode("\n\t\t", $querybuild) . " GROUP BY bug.bugid $sortclause "); $numrows = $search->size(); if ($numrows < 1) { $message->error(T('No search results were returned that matched your criteria. Please try again with different search requirements.')); } foreach ($search as $result) { $ids[] = $result['bugid']; $results[] = $result; } if (bugdar::$userinfo['userid'] AND !$cachedsearch AND !$input->in['rerun']) { $db->query("DELETE FROM " . TABLE_PREFIX . "search WHERE userid = " . bugdar::$userinfo['userid'] . " AND name IS NULL"); } // store the search params $params = $input->in; foreach ($_COOKIE AS $key => $value) { unset($params["$key"]); } if ($cachedsearch) { $search = $cachedsearch; $search['ids'] = implode(',', $ids); $search['resultcount'] = sizeof($results); $db->query("UPDATE " . TABLE_PREFIX . "search SET ids = '$search[ids]', resultcount = $search[resultcount], dateline = " . TIMENOW . " WHERE searchid = " . $cachedsearch['searchid']); } else { $db->query(" INSERT INTO " . TABLE_PREFIX . "search (userid, dateline, query, ids, orderby, hilight, resultcount) VALUES (" . bugdar::$userinfo['userid'] . ", " . TIMENOW . ", '" . $input->escape(serialize($params)) . "', '" . implode(',', $ids) . "', '" . $input->escape($sortclause) . "', '" . $input->escape($hilight) . "', " . sizeof($results) . " )" ); $search = array('searchid' => $db->insertId(), 'ids' => implode(',', $ids), 'orderby' => $sortclause, 'hilight' => $hilight, 'resultcount' => sizeof($results)); } $_POST['do'] = 'results'; } // ################################################################### if ($_REQUEST['do'] == 'update') { $search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); } $show['update'] = true; // ------------------------------------------------------------------- // custom fields $fields = construct_custom_fields(null, true, false, true); $i = 0; foreach ($fields AS $field) { if ($i % 2 == 0) { $customfields['left'] .= $field; } else { $customfields['right'] .= $field; } $i++; } // ------------------------------------------------------------------- // built-in fields $select['severity'] = construct_datastore_select('severity', 'severity', 'severityid', 0, 0); $select['priority'] = construct_datastore_select('priority', 'priority', 'priorityid', 0, 0); $select['status'] = construct_datastore_select('status', 'status', 'statusid', 0, 0); $select['resolution'] = construct_datastore_select('resolution', 'resolution', 'resolutionid', 0, 0); $tpl = new BSTemplate('selectoption'); $tpl->vars = array( 'value' => 0, 'label' => '', 'selected' => true ); $select['dev'] = $tpl->evaluate()->getTemplate(); foreach (bugdar::$datastore['assignto'] as $dev) { $tpl = new BSTemplate('selectoption'); $tpl->vars = array( 'value' => $dev['userid'], 'label' => construct_user_display($dev, false) ); $select['dev'] .= $tpl->evaluate()->getTemplate(); } $tpl = new BSTemplate('search_update'); $tpl->vars = array( 'search' => $search, 'select' => $select, 'customfields' => $customfields, 'productSelect' => construct_product_select() ); $tpl->evaluate()->flush(); } // ################################################################### if ($_POST['do'] == 'doupdate') { $search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search OR !can_perform('caneditother')) { $message->errorPermission(); } // find all the bugs that we can edit $bugs = $db->query(" SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) AND product IN (" . fetch_on_bits('canviewbugs') . ") AND ( product IN (" . fetch_on_bits('caneditother') . ") OR (userid = " . bugdar::$userinfo['userid'] . " AND product IN (" . fetch_on_bits('caneditown') . ")) ) "); foreach ($bugs as $bug) { if (!((can_perform('caneditown', $bug['product']) AND bugdar::$userinfo['userid'] == $bug['userid']) OR (can_perform('caneditother', $bug['product']) AND bugdar::$userinfo['userid'] != $bug['userid'])) AND !can_perform('canpostcomments', $bug['product'])) { continue; } $api = new BugApi(); $api->set('bugid', $bug['bugid']); $api->values = $bug; $log = new Logging(); $log->setBugId($bug['bugid']); $log->addData(true, $bug, $log->getCommonFields(), true); if ($input->in['status'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('status', $input->in['status']); } if ($input->in['priority'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('priority', $input->in['priority']); } if ($input->in['severity']) { $api->set('severity', $input->in['severity']); } if ($input->in['resolution'] AND can_perform('canchangestatus', $bug['product'])) { $api->set('resolution', $input->in['resolution']); } if ($input->in['assignedto'] AND can_perform('canassign', $bug['product'])) { $api->set('assignedto', $input->in['assignedto']); } if ($input->in['product']) { $product = explode(',', $input->in['product']); $api->set('product', $product[0]); $api->set('component', $product[1]); $api->set('version', $product[2]); } process_custom_fields($api, $message, false, true); $log->addData(false, $api->values, $log->getCommonFields(), true); $api->update(); $log->updateHistory(); } $message->redirect(T('The specified bugs have been updated and you will now return to your search results.'), 'search.php?searchid=' . $input->in['searchid']); } // ################################################################### if ($_REQUEST['do'] == 'export') { if (!$input->in['searchid'] AND bugdar::$userinfo['userid']) { $search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE name IS NULL AND userid = " . bugdar::$userinfo['userid']); } else if ($input->in['searchid']) { $search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); } else { $message->error(T('The search results are trying to export are invalid. Please start over here and try again.')); } if (!$search) { $message->error(T('Your search has expired because it is older than one hour. Please start over here.')); } $bugs = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby]"); $xml = ' '; foreach ($bugs as $bug) { $xml .= "\n\t"; $bug = ProcessBugDataForDisplay($bug); $xml .= "\n\t\t" . $bug['bugid'] . ""; $xml .= "\n\t\t" . $datef->format('r', $bug['dateline']) . ""; if ($bug['userid']) { $xml .= "\n\t\t" . construct_user_display($db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "user WHERE userid = $bug[userid]"), false) . ""; } $xml .= "\n\t\t

" . $bug['summary'] . "

"; $xml .= "\n\t\t" . $bug['product'] . ""; if ($bug['component']) { $xml .= "\n\t\t" . $bug['component'] . ""; } $xml .= "\n\t\t" . $bug['version'] . ""; $xml .= "\n\t\t" . $bug['status'] . ""; if ($bug['assignedto']) { $xml .= "\n\t\t" . construct_user_display(bugdar::$datastore['assignto']["$bug[assignedto]"], false) . ""; } $xml .= "\n\t\t" . $bug['resolution'] . ""; $xml .= "\n\t\t" . $bug['severity'] . ""; $xml .= "\n\t\t" . $bug['priority'] . ""; $xml .= "\n\t"; } $xml .= "\n"; BSFunctions::download_file($xml, T('bugdar-search-' . $search['searchid'] . '.xml'), true); } // ################################################################### if ($_POST['do'] == 'dosave') { $search = $db->queryFirst("SELECT * FROM " . TABLE_PREFIX . "search WHERE searchid = " . $input->inputClean('searchid', TYPE_UINT) . " AND userid = " . bugdar::$userinfo['userid']); if (!$search) { $message->addError(T('The search does not exist.')); } if ($search['name']) { $message->addError(sprintf(T('This search has already been named "%1$s".'), $search['name'])); } if (empty($input->in['name'])) { $message->addError(T('The name cannot be empty.')); } if (!$message->hasErrors()) { $db->query("UPDATE " . TABLE_PREFIX . "search SET name = '" . $input->inputEscape('name') . "' WHERE searchid = " . $input->in['searchid']); $message->redirect(T('Your search has been saved.'), 'search.php?searchid=' . $search['searchid']); } else { $_REQUEST['do'] = 'save'; $show['errors'] = true; } } // ################################################################### if ($_REQUEST['do'] == 'save') { if (!bugdar::$userinfo['userid']) { $message->errorPermission(); } $tpl = new BSTemplate('search_save'); $tpl->vars = array( 'message' => $message, 'searchid' => $input->in['searchid'], 'name' => $input->in['name'] ); $tpl->evaluate()->flush(); } // ################################################################### if ($_POST['do'] == 'results') { if (!$search['ids']) { $message->error(T('No bugs matched your search criteria. Please try again with different search requirements.')); } $searchid = $search['searchid']; $hilight = $search['hilight']; require_once 'includes/pagination.php'; $pagination = new Pagination(); $pagination->processIncomingData(); $pagination->setTotal($search['resultcount']); $pagination->splitPages(); $sort = new ListSorter('search'); $show['save'] = (bugdar::$userinfo['userid'] AND !$search['name']); $show['update'] = can_perform('caneditother'); $bugs = ''; $search = $db->query("SELECT * FROM " . TABLE_PREFIX . "bug WHERE bugid IN ($search[ids]) $search[orderby] LIMIT " . $pagination->fetchLimit($pagination->getPage() - 1) . ", " . $pagination->getPerPage()); foreach ($search as $bug) { BSFunctions::swap_css_classes('altcolor', ''); $bug = ProcessBugDataForDisplay($bug, BSFunctions::$cssClass); $bugs .= $sort->constructRow($bug, "&hilight=$hilight"); } $columnHeads = $sort->constructColumnHeaders(false); $show['pagenav'] = ($pagination->getPageCount() > 1); $pagenav = $pagination->constructPageNav('search.php?searchid=' . $searchid); $tpl = new BSTemplate('search_results'); $tpl->vars = array( 'columnHeads' => $columnHeads, 'bugs' => $bugs, 'searchid' => $searchid ); $tpl->evaluate()->flush(); } ?>