diff --git a/ChangeLog b/ChangeLog
index c089349eb2..287f822f8b 100644
--- a/ChangeLog
+++ b/ChangeLog
@@ -36,6 +36,9 @@ To Do:
* Split manage user actions into separate files
* Added several ; in core_API.php that caused errors on some servers
* Added view next/prev XYZ bugs on bug viewing page
+ * Added a string_display() function to prevent HTML tags from screwing up display
+ * Modified version to be an enum.
+ * Added version editing capability
12.06.2000 - 0.10.2
diff --git a/INSTALL b/INSTALL
index 463953fed2..047cdeac92 100644
--- a/INSTALL
+++ b/INSTALL
@@ -54,35 +54,8 @@ is covered in CONFIGURATION.
-------------------------------------------------------------------------------
### Upgrading ###
-------------------------------------------------------------------------------
-=================
-0.9.x to 0.10.x
-=================
-You will need to add a 'protected' field in the mantis_user_table.
-This command will do the trick:
-
-ALTER TABLE mantis_user_table ADD protected VARCHAR (3) not null
-
-=================
-0.10.2 to 0.10.3+
-=================
-
-I've added a profile table and inserted feedback into the main bug table
-Run these queries:
-
-ALTER TABLE mantis_bug_table CHANGE status status ENUM ('new','fdeedback',
- 'acknowledged','confirmed','assigned','resolved') DEFAULT 'new' not null;
-
-CREATE TABLE mantis_user_profile_table (
- id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
- user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
- platform varchar(32) NOT NULL,
- os varchar(32) NOT NULL,
- os_build varchar(16) NOT NULL,
- description text NOT NULL,
- default_profile char(3) NOT NULL,
- PRIMARY KEY (id)
-);
+See the files: UPGRADING and db_upgrade.sql
-------------------------------------------------------------------------------
### Useful links ###
diff --git a/README b/README
index 0b1c69965e..0cce28ad5a 100644
--- a/README
+++ b/README
@@ -51,6 +51,10 @@ Features:
- Projection / ETA
- Items updated since last visit indicators
+The release numbering convention I'm using is major.minor.micro.
+Major indicates a large change in the core package, minor a significant
+amount of feature addition/modification, micro for mostly bug fixes.
+
I'd appreciate an email letting me know if you find this program useful.
I won't publish any information without permission, I'd just like an idea
and knowing I'm helping people will only motivate me more.
diff --git a/UPGRADING b/UPGRADING
new file mode 100644
index 0000000000..657287698f
--- /dev/null
+++ b/UPGRADING
@@ -0,0 +1,51 @@
+# -------------------------------------------------------------------------------
+# Upgrading
+# -------------------------------------------------------------------------------
+
+# Here are the basic steps to upgrade the database tables
+# Take a look in db_upgrade.sql as well.
+
+# =================
+# 0.10.2 to 0.11.0
+# =================
+
+# I've added a profile table and inserted feedback into the main bug table.
+# Also modified version to be an enum (edit using the manage section)
+# Run these queries:
+
+ALTER TABLE mantis_bug_table CHANGE status status ENUM ('new','fdeedback',
+ 'acknowledged','confirmed','assigned','resolved') DEFAULT 'new' not null;
+
+CREATE TABLE mantis_user_profile_table (
+ id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
+ user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
+ platform varchar(32) NOT NULL,
+ os varchar(32) NOT NULL,
+ os_build varchar(16) NOT NULL,
+ description text NOT NULL,
+ default_profile char(3) NOT NULL,
+ PRIMARY KEY (id)
+);
+
+ALTER TABLE mantis_bug_table CHANGE version version ENUM ('none') not null;
+
+CREATE TABLE mantis_user_defaults_table (
+ id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
+ user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
+ hide_resolved char(3) NOT NULL,
+ limit_view int(11) DEFAULT '0' NOT NULL,
+ show_last char(3) NOT NULL,
+ advanced_report char(3) NOT NULL,
+ advanced_view char(3) NOT NULL,
+ PRIMARY KEY (id)
+);
+
+# =================
+# 0.9.x to 0.10.x
+# =================
+
+# You will need to add a 'protected' field in the mantis_user_table.
+# This command will do the trick:
+
+ALTER TABLE mantis_user_table ADD protected VARCHAR (3) not null
+
diff --git a/account_page.php3 b/account_page.php3
index c33b84a5b0..9f0b0df95e 100644
--- a/account_page.php3
+++ b/account_page.php3
@@ -38,7 +38,7 @@
}
diff --git a/bug_update_advanced_page.php3 b/bug_update_advanced_page.php3
index 1dd86207f9..c6f0a07d83 100644
--- a/bug_update_advanced_page.php3
+++ b/bug_update_advanced_page.php3
@@ -74,10 +74,10 @@
$row = mysql_fetch_array( $result );
extract( $row, EXTR_PREFIX_ALL, "v2" );
- $v_summary = string_unsafe( $v_summary );
- $v2_description = string_unsafe( $v2_description );
- $v2_steps_to_reproduce = string_unsafe( $v2_steps_to_reproduce );
- $v2_additional_information = string_unsafe( $v2_additional_information );
+ $v_summary = string_display( $v_summary );
+ $v2_description = string_display( $v2_description );
+ $v2_steps_to_reproduce = string_display( $v2_steps_to_reproduce );
+ $v2_additional_information = string_display( $v2_additional_information );
$v_date_submitted = date( "m-d H:i", sql_to_unix_time( $v_date_submitted ) );
$v_last_updated = date( "m-d H:i", sql_to_unix_time( $v_last_updated ) );
?>
diff --git a/bug_update_page.php3 b/bug_update_page.php3
index 8bb4d7167f..2557f6164b 100644
--- a/bug_update_page.php3
+++ b/bug_update_page.php3
@@ -80,10 +80,10 @@
$row = mysql_fetch_array( $result );
extract( $row, EXTR_PREFIX_ALL, "v2" );
- $v_summary = string_unsafe( $v_summary );
- $v2_description = string_unsafe( $v2_description );
- $v2_steps_to_reproduce = string_unsafe( $v2_steps_to_reproduce );
- $v2_additional_information = string_unsafe( $v2_additional_information );
+ $v_summary = string_display( $v_summary );
+ $v2_description = string_display( $v2_description );
+ $v2_steps_to_reproduce = string_display( $v2_steps_to_reproduce );
+ $v2_additional_information = string_display( $v2_additional_information );
$v_date_submitted = date( "m-d H:i", sql_to_unix_time( $v_date_submitted ) );
$v_last_updated = date( "m-d H:i", sql_to_unix_time( $v_last_updated ) );
?>
diff --git a/bugnote_inc.php b/bugnote_inc.php
index 50aaea0d3b..710c21f6eb 100644
--- a/bugnote_inc.php
+++ b/bugnote_inc.php
@@ -88,7 +88,7 @@
>
- echo string_unsafe( $v3_note ) ?>
+ echo string_display( $v3_note ) ?>
diff --git a/config_inc.php b/config_inc.php
index 6e9556b65a..54068be2dc 100644
--- a/config_inc.php
+++ b/config_inc.php
@@ -19,7 +19,7 @@
#--------------------
# file path variables
- $g_path = "/mantisbt/"; # requires trailing /
+ $g_path = "/mantis/"; # requires trailing /
#--------------------
#--------------------
@@ -150,6 +150,9 @@
$g_manage_category_page = "manage_category_page".$g_php;
$g_manage_category_update = "manage_category_update".$g_php;
+ $g_manage_product_versions_page = "manage_product_versions_page".$g_php;
+ $g_manage_product_versions_update = "manage_product_versions_update".$g_php;
+
# news
$g_news_menu_page = "news_menu_page".$g_php;
$g_news_edit_page = "news_edit_page".$g_php;
@@ -201,12 +204,13 @@
$g_date_partitions = array("1 day","3 days","1 week","1 month","1 year");
#--------------------
+ $g_product_versions = "0.9.0,0.9.1,0.10.0,0.10.1,0.10.2,0.10.3";
+
#--------------------
# html table appearance variables
$g_primary_table_tags = "";
#--------------------
-
#--------------------
# color values
$g_white_color = "#ffffff"; # white
@@ -238,4 +242,4 @@
#version
$g_mantis_version = "0.10.3";
#--------------------
-?>
\ No newline at end of file
+?>
diff --git a/core_API.php b/core_API.php
index e91febb641..f332afa8d2 100644
--- a/core_API.php
+++ b/core_API.php
@@ -133,8 +133,10 @@ function get_enum_string( $p_field_name ) {
} ### end for
}
#--------------------
- function get_enum_count( $t_enum_string ) {
- return count(explode(",",$t_enum_string));
+ # returns the number of items in a list
+ # default delimiter is a ,
+ function get_list_item_count( $t_enum_string, $p_delim_char="," ) {
+ return count(explode($p_delim_char,$t_enum_string));
}
#--------------------
### Used for update pages
@@ -143,7 +145,7 @@ function print_categories( $p_category="" ) {
$t_category_string = get_enum_string( "category" );
$t_str = $t_category_string.",";
- $cat_count = get_enum_count($t_str)-1;
+ $cat_count = get_list_item_count($t_str)-1;
for ($i=0;$i<$cat_count;$i++) {
$t_s = substr( $t_str, 1, strpos($t_str, ",")-2 );
$t_str = substr( $t_str, strpos($t_str, ",")+1, strlen($t_str) );
@@ -162,7 +164,7 @@ function print_list( $p_list, $p_item="" ) {
$t_category_string = get_enum_string( $p_list );
$t_str = $t_category_string.",";
- $entry_count = get_enum_count($t_str)-1;
+ $entry_count = get_list_item_count($t_str)-1;
for ($i=0;$i<$entry_count;$i++) {
$t_s = substr( $t_str, 1, strpos($t_str, ",")-2 );
$t_str = substr( $t_str, strpos($t_str, ",")+1, strlen($t_str) );
@@ -175,13 +177,31 @@ function print_list( $p_list, $p_item="" ) {
} ### end for
}
#--------------------
+ ### Used for update pages
+ function print_list2( $p_list, $p_item="" ) {
+ global $g_mantis_bug_table;
+
+ $t_str = $p_list.",";
+ $entry_count = get_list_item_count( $t_str )-1;
+ for ($i=0;$i<$entry_count;$i++) {
+ $t_s = substr( $t_str, 0, strpos($t_str, ",") );
+ $t_str = substr( $t_str, strpos($t_str, ",")+1, strlen($t_str) );
+ if ( $p_item==$t_s ) {
+ PRINT "$t_s";
+ }
+ else {
+ PRINT " $t_s";
+ }
+ } ### end for
+ }
+ #--------------------
### Used in summary reports
function print_bug_enum_summary( $p_enum, $p_status="" ) {
global $g_mantis_bug_table, $g_primary_color_light, $g_primary_color_dark;
$t_enum_string = get_enum_string( $p_enum );
$t_str = $t_enum_string.",";
- $enum_count = get_enum_count($t_str)-1;
+ $enum_count = get_list_item_count($t_str)-1;
for ($i=0;$i<$enum_count;$i++) {
$t_s = substr( $t_str, 1, strpos($t_str, ",")-2 );
$t_str = substr( $t_str, strpos($t_str, ",")+1, strlen($t_str) );
@@ -463,6 +483,10 @@ function string_unsafe( $p_string ) {
return stripslashes( $p_string );
}
#--------------------
+ function string_display( $p_string ) {
+ return htmlspecialchars(stripslashes( $p_string ));
+ }
+ #--------------------
function string_edit( $p_string ) {
return str_replace( " ", " ", stripslashes( $p_string ) );
}
diff --git a/db_generate.sql b/db_generate.sql
index 6b782d4bc4..569a283989 100644
--- a/db_generate.sql
+++ b/db_generate.sql
@@ -26,7 +26,7 @@ CREATE TABLE mantis_bug_table (
os varchar(32) NOT NULL,
os_build varchar(16) NOT NULL,
platform varchar(32) NOT NULL,
- version varchar(16) NOT NULL,
+ version enum ('none') NOT NULL,
build tinyint(4) DEFAULT '0' NOT NULL,
votes tinyint(4) DEFAULT '0' NOT NULL,
summary varchar(128) NOT NULL,
@@ -127,3 +127,18 @@ CREATE TABLE mantis_user_profile_table (
default_profile char(3) NOT NULL,
PRIMARY KEY (id)
);
+
+#
+# Table structure for table 'mantis_user_defaults_table'
+#
+
+CREATE TABLE mantis_user_defaults_table (
+ id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
+ user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
+ hide_resolved char(3) NOT NULL,
+ limit_view int(11) DEFAULT '0' NOT NULL,
+ show_last char(3) NOT NULL,
+ advanced_report char(3) NOT NULL,
+ advanced_view char(3) NOT NULL,
+ PRIMARY KEY (id)
+);
diff --git a/db_upgrade.sql b/db_upgrade.sql
index 293d4dd0ce..6ab1892ee8 100644
--- a/db_upgrade.sql
+++ b/db_upgrade.sql
@@ -20,11 +20,13 @@ ALTER TABLE mantis_user_table ADD protected VARCHAR (3) not null;
# 0.10.2 to 0.10.3+
# =================
-# I've added a profile table and inserted feedback into the main bug table
+# inserted feedback as a status
ALTER TABLE mantis_bug_table CHANGE status status ENUM ('new','need info',
'acknowledged','confirmed','assigned','resolved') DEFAULT 'new' not null;
+# New user profile tables
+
CREATE TABLE mantis_user_profile_table (
id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
@@ -35,3 +37,21 @@ CREATE TABLE mantis_user_profile_table (
default_profile char(3) NOT NULL,
PRIMARY KEY (id)
);
+
+# Versions has been changed to be an enum(edit by hand or through the manage section
+
+ALTER TABLE mantis_bug_table CHANGE version version ENUM ('none') not null;
+
+# New table for default user preferences
+
+CREATE TABLE mantis_user_defaults_table (
+ id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL auto_increment,
+ user_id int(10) unsigned zerofill DEFAULT '0000000000' NOT NULL,
+ hide_resolved char(3) NOT NULL,
+ limit_view int(11) DEFAULT '0' NOT NULL,
+ show_last char(3) NOT NULL,
+ advanced_report char(3) NOT NULL,
+ advanced_view char(3) NOT NULL,
+ PRIMARY KEY (id)
+);
+
diff --git a/main_page.php3 b/main_page.php3
index 048cb803b6..392b257e39 100644
--- a/main_page.php3
+++ b/main_page.php3
@@ -47,8 +47,8 @@
for ($i=0;$i<$news_count;$i++) {
$row = mysql_fetch_array($result);
extract( $row, EXTR_PREFIX_ALL, "v" );
- $v_headline = string_unsafe( $v_headline );
- $v_body = string_unsafe( $v_body );
+ $v_headline = string_display( $v_headline );
+ $v_body = string_display( $v_body );
$v_date_posted = date( "m-d H:i", sql_to_unix_time( $v_date_posted ) );
## grab the username and email of the poster
@@ -67,7 +67,7 @@
>
>
- echo string_unsafe( $v_headline ) ?> -
+ echo $v_headline ?> -
echo $v_date_posted ?> -
echo $t_poster_name ?>
diff --git a/manage_page.php3 b/manage_page.php3
index 349c1d2bd5..fecda27a1a 100644
--- a/manage_page.php3
+++ b/manage_page.php3
@@ -44,6 +44,7 @@
diff --git a/manage_product_versions_page.php3 b/manage_product_versions_page.php3
new file mode 100644
index 0000000000..de9bd3d454
--- /dev/null
+++ b/manage_product_versions_page.php3
@@ -0,0 +1,64 @@
+
+ # Mantis - a php based bugtracking system
+ # Copyright (C) 2000 Kenzaburo Ito - kenito@300baud.org
+ # This program is distributed under the terms and conditions of the GPL
+ # See the README and LICENSE files for details
+?>
+ include( "core_API.php" ) ?>
+ login_cookie_check() ?>
+ print_html_top() ?>
+ print_head_top() ?>
+ print_title( $g_window_title ) ?>
+ print_css( $g_css_include_file ) ?>
+ include( $g_meta_include_file ) ?>
+ print_head_bottom() ?>
+ print_body_top() ?>
+ print_header( $g_page_title ) ?>
+
+ db_mysql_connect( $g_hostname, $g_db_username, $g_db_password, $g_database_name );
+
+ if ( !access_level_check_greater( "administrator" ) ) {
+ ### need to replace with access error page
+ header( "Location: $g_logout_page" );
+ exit;
+ }
+?>
+
+
+ print_menu( $g_menu_include_file ) ?>
+
+
+
+
+ print_footer() ?>
+ print_body_bottom() ?>
+ print_html_bottom() ?>
\ No newline at end of file
diff --git a/manage_product_versions_update.php3 b/manage_product_versions_update.php3
new file mode 100644
index 0000000000..8774d46253
--- /dev/null
+++ b/manage_product_versions_update.php3
@@ -0,0 +1,60 @@
+
+ # Mantis - a php based bugtracking system
+ # Copyright (C) 2000 Kenzaburo Ito - kenito@300baud.org
+ # This program is distributed under the terms and conditions of the GPL
+ # See the README and LICENSE files for details
+?>
+ include( "core_API.php" ) ?>
+ login_cookie_check() ?>
+
+ db_mysql_connect( $g_hostname, $g_db_username, $g_db_password, $g_database_name );
+
+ if ( !access_level_check_greater( "administrator" ) ) {
+ ### need to replace with access error page
+ header( "Location: $g_logout_page" );
+ exit;
+ }
+
+ ### remove \ from string
+ $f_category = string_unsafe( $f_category );
+ $query = "ALTER TABLE $g_mantis_bug_table
+ CHANGE version
+ version ENUM ($f_category)
+ not null";
+ $result = mysql_query( $query );
+?>
+ print_html_top() ?>
+ print_head_top() ?>
+ print_title( $g_window_title ) ?>
+ print_css( $g_css_include_file ) ?>
+
+ if ( $result ) {
+ print_meta_redirect( $g_manage_category_page, $g_wait_time );
+ }
+?>
+ include( $g_meta_include_file ) ?>
+ print_head_bottom() ?>
+ print_body_top() ?>
+ print_header( $g_page_title ) ?>
+
+
+ print_menu( $g_menu_include_file ) ?>
+
+
+
+
+ if ( $result ) {
+ PRINT "Product versions successfully updated...
";
+ }
+ else {
+ PRINT "ERROR DETECTED: Report this sql statement to \">administrator
";
+ echo $query;
+ }
+?>
+
+Click here to proceed
+
+
+ print_footer() ?>
+ print_body_bottom() ?>
+ print_html_bottom() ?>
\ No newline at end of file
diff --git a/news_add.php3 b/news_add.php3
index be082bc1d3..2b3e637c66 100644
--- a/news_add.php3
+++ b/news_add.php3
@@ -48,8 +48,8 @@
### SUCCESS
if ( $result ) {
- $t_headline = string_unsafe( $f_headline );
- $t_body = string_unsafe( $f_body );
+ $t_headline = string_display( $f_headline );
+ $t_body = string_display( $f_body );
?>
diff --git a/report_bug_advanced_page.php3 b/report_bug_advanced_page.php3
index 17b302ddc7..064ea0574b 100644
--- a/report_bug_advanced_page.php3
+++ b/report_bug_advanced_page.php3
@@ -132,7 +132,9 @@
Product Version
-
+
+ print_list( "version" ) ?>
+
>
diff --git a/view_bug_advanced_page.php3 b/view_bug_advanced_page.php3
index 5d657230e0..97bf42324c 100644
--- a/view_bug_advanced_page.php3
+++ b/view_bug_advanced_page.php3
@@ -64,10 +64,10 @@
$row = mysql_fetch_array( $result );
extract( $row, EXTR_PREFIX_ALL, "v2" );
- $v_summary = string_unsafe( $v_summary );
- $v2_description = string_unsafe( $v2_description );
- $v2_steps_to_reproduce = string_unsafe( $v2_steps_to_reproduce );
- $v2_additional_information = string_unsafe( $v2_additional_information );
+ $v_summary = string_display( $v_summary );
+ $v2_description = string_display( $v2_description );
+ $v2_steps_to_reproduce = string_display( $v2_steps_to_reproduce );
+ $v2_additional_information = string_display( $v2_additional_information );
$v_date_submitted = date( "m-d H:i", $v_date_submitted );
$v_last_updated = date( "m-d H:i", $v_last_updated );
?>
diff --git a/view_bug_all_page.php3 b/view_bug_all_page.php3
index 107f3e62dc..04d4d33a9e 100644
--- a/view_bug_all_page.php3
+++ b/view_bug_all_page.php3
@@ -90,7 +90,7 @@
- colspan=9>
+ colspan=7>
@@ -119,7 +119,7 @@
$row = mysql_fetch_array($result);
extract( $row, EXTR_PREFIX_ALL, "v" );
- $v_summary = string_unsafe( $v_summary );
+ $v_summary = string_display( $v_summary );
$lastupdated = date( "m-d", sql_to_unix_time( $v_last_updated ) );
### alternate row colors
diff --git a/view_bug_page.php3 b/view_bug_page.php3
index 26aab83fb7..8ba68169a9 100644
--- a/view_bug_page.php3
+++ b/view_bug_page.php3
@@ -64,10 +64,10 @@
$row = mysql_fetch_array( $result );
extract( $row, EXTR_PREFIX_ALL, "v2" );
- $v_summary = string_unsafe( $v_summary );
- $v2_description = string_unsafe( $v2_description );
- $v2_steps_to_reproduce = string_unsafe( $v2_steps_to_reproduce );
- $v2_additional_information = string_unsafe( $v2_additional_information );
+ $v_summary = string_display( $v_summary );
+ $v2_description = string_display( $v2_description );
+ $v2_steps_to_reproduce = string_display( $v2_steps_to_reproduce );
+ $v2_additional_information = string_display( $v2_additional_information );
$v_date_submitted = date( "m-d H:i", sql_to_unix_time( $v_date_submitted ) );
$v_last_updated = date( "m-d H:i", sql_to_unix_time( $v_last_updated ) );
?>