Permalink
Browse files

patches

  • Loading branch information...
shilin
shilin committed Jul 10, 2014
1 parent 1e84126 commit 651f09801a35533205971cf322483a0e52ad0a1d
@@ -13,6 +13,14 @@
Flyspray::Redirect('setup/index.php');
}
//FIXME: This is currently a workaround for the fact that parts of the code/templates use i.e. "taskid" and "task_id" for the same thing. This should be fixed cleanly, means a bit of work though.
if (isset($_GET["task_id"])) $_GET["taskid"] = $_GET["task_id"];
else if (isset($_GET["taskid"])) $_GET["task_id"] = $_GET["taskid"];
if (isset($_POST["task_id"])) $_POST["taskid"] = $_POST["task_id"];
else if (isset($_POST["taskid"])) $_POST["task_id"] = $_POST["taskid"];
if (isset($_REQUEST["task_id"])) $_REQUEST["taskid"] = $_REQUEST["task_id"];
else if (isset($_REQUEST["taskid"])) $_REQUEST["task_id"] = $_REQUEST["taskid"];
require_once BASEDIR . '/includes/class.gpc.php';
require_once BASEDIR . '/includes/utf8.inc.php';
require_once BASEDIR . '/includes/class.database.php';
@@ -186,6 +186,8 @@ public static function add_to_assignees($user_id, $tasks, $do = false)
{
global $db, $notify;
settype($tasks, 'array');
$user = $GLOBALS['user'];
if ($user_id != $user->id) {
$user = new User($user_id);
@@ -199,7 +201,7 @@ public static function add_to_assignees($user_id, $tasks, $do = false)
$sql = $db->Query(' SELECT *
FROM {tasks}
WHERE ' . substr(str_repeat(' task_id = ? OR ', count($tasks)), 0, -3),
array($tasks));
$tasks);
while ($row = $db->FetchRow($sql)) {
if (!$user->can_add_to_assignees($row) && !$do) {
@@ -479,7 +481,6 @@ public static function create_user($user_name, $password, $real_name, $jabber_id
{
global $fs, $db, $notify, $baseurl;
Flyspray::show_error(strtolower($email));
$user_name = Backend::clean_username($user_name);
// Limit length
@@ -524,7 +525,6 @@ public static function create_user($user_name, $password, $real_name, $jabber_id
else if ($mail != '')
$db->Query("INSERT INTO {user_emails}(id,email_address) VALUES (?,?)",array($user_id,strtolower($mail)));
}
Flyspray::show_error($i);
// Get this user's id for the record
$uid = Flyspray::UserNameToId($user_name);
@@ -775,103 +775,111 @@ public static function add_reminder($task_id, $message, $how_often, $start_time,
public static function create_task($args)
{
global $db, $user, $proj;
$notify = new Notifications();
if ($proj->id != $args['project_id']) {
$proj = new Project($args['project_id']);
}
if (!$user->can_open_task($proj) || count($args) < 3) {
return 0;
}
if (!isset($args)) return 0;
if (!(($item_summary = $args['item_summary']) && ($detailed_desc = $args['detailed_desc']))) {
return 0;
// these are the POST variables that the user MUST send, if one of
// them is missing or if one of them is empty, then we have to abort
$requiredPostArgs = array('item_summary', 'detailed_desc', 'project_id');
foreach ($requiredPostArgs as $required) {
if (empty($args[$required])) return 0;
}
// 2012-12-20 (oliverkoenig): set id of super task
$supertask_id = 0;
if (isset($args['supertask_id'])) {
$supertask_id = $args['supertask_id'];
$notify = new Notifications();
if ($proj->id != $args['project_id']) {
$proj = new Project($args['project_id']);
}
// Some fields can have default values set
if (!$user->perms('modify_all_tasks')) {
$args['closedby_version'] = 0;
$args['task_priority'] = 2;
$args['due_date'] = 0;
$args['item_status'] = STATUS_UNCONFIRMED;
if (!$user->can_open_task($proj)) {
return 0;
}
$param_names = array('task_type', 'item_status',
'product_category', 'product_version', 'closedby_version',
'operating_system', 'task_severity', 'task_priority');
$sql_values = array(time(), time(), $args['project_id'], $item_summary,
$detailed_desc, intval($user->id), 0);
// first populate map with default values
$sql_args = array(
'project_id' => $proj->id,
'date_opened' => time(),
'last_edited_time' => time(),
'opened_by' => intval($user->id),
'percent_complete' => 0,
'mark_private' => 0,
'supertask_id' => 0,
'closedby_version' => 0,
'closure_comment' => '',
'task_priority' => 2,
'due_date' => 0,
'anon_email' => '',
'item_status'=> STATUS_UNCONFIRMED
);
$sql_params = array();
foreach ($param_names as $param_name) {
if (isset($args[$param_name])) {
$sql_params[] = $param_name;
$sql_values[] = $args[$param_name];
// POST variables the user is ALLOWED to provide
$allowedPostArgs = array(
'task_type', 'product_category', 'product_version',
'operating_system', 'task_severity', 'estimated_effort',
'supertask_id', 'item_summary', 'detailed_desc'
);
// these POST variables the user is only ALLOWED to provide if he got the permissions
if ($user->perms('modify_all_tasks')) {
$allowedPostArgs[] = 'closedby_version';
$allowedPostArgs[] = 'task_priority';
$allowedPostArgs[] = 'due_date';
$allowedPostArgs[] = 'item_status';
}
if ($user->perms('manage_project')) {
$allowedPostArgs[] = 'mark_private';
}
// now copy all over all POST variables the user is ALLOWED to provide
// (but only if they are not empty)
foreach ($allowedPostArgs as $allowed) {
if (!empty($args[$allowed])) {
$sql_args[$allowed] = $args[$allowed];
}
}
// Process the due_date
if ( isset($args['due_date']) && ($due_date = $args['due_date']) || ($due_date = 0) ) {
$due_date = Flyspray::strtotime($due_date);
}
$sql_params[] = 'mark_private';
$sql_values[] = intval($user->perms('manage_project') && isset($args['mark_private']) && $args['mark_private'] == '1');
$sql_params[] = 'due_date';
$sql_values[] = $due_date;
$sql_params[] = 'closure_comment';
$sql_values[] = '';
$sql_params[] = 'estimated_effort';
$sql_values[] = $args['estimated_effort'];
// generate unique ID for the new task
//FIXME: This is not concurrency safe. Preferably "INSERT .. RETURNING id" shall be used, which however does not work with all DBs.
$result = $db->Query('SELECT MAX(task_id)+1 FROM {tasks}');
if (!$result) return 0;
$task_id = $db->FetchOne($result);
$task_id = $task_id ? $task_id : 1;
$sql_args['task_id'] = $task_id;
// Token for anonymous users
$token = '';
if ($user->isAnon()) {
if (empty($args['anon_email'])) {
return 0;
}
$token = md5(function_exists('openssl_random_pseudo_bytes') ?
openssl_random_pseudo_bytes(32) :
uniqid(mt_rand(), true));
$sql_params[] = 'task_token';
$sql_values[] = $token;
$sql_params[] = 'anon_email';
$sql_values[] = $args['anon_email'];
} else {
$sql_params[] = 'anon_email';
$sql_values[] = '';
$sql_args['task_token'] = $token;
$sql_args['anon_email'] = $args['anon_email'];
}
$sql_params = join(', ', $sql_params);
// ensure all variables are in correct format
if (!empty($sql_args['due_date'])) {
$sql_args['due_date'] = Flyspray::strtotime($sql_args['due_date']);
}
if (isset($sql_args['mark_private'])) {
$sql_args['mark_private'] = intval($sql_args['mark_private'] == '1');
}
// 2012-12-20 (oliverkoenig): include id of super task
array_unshift($sql_values, $supertask_id);
// split keys and values into two separate arrays
$sql_keys = array();
$sql_values = array();
foreach ($sql_args as $key => $value) {
$sql_keys[] = $key;
$sql_values[] = $value;
}
// +1 for the task_id column;
$sql_placeholder = $db->fill_placeholders($sql_values, 1);
$sql_keys_string = join(', ', $sql_keys);
$result = $db->Query('SELECT MAX(task_id)+1
FROM {tasks}');
$task_id = $db->FetchOne($result);
$task_id = $task_id ? $task_id : 1;
//now, $task_id is always the first element of $sql_values
array_unshift($sql_values, $task_id);
$sql_placeholder = $db->fill_placeholders($sql_values);
$result = $db->Query("INSERT INTO {tasks}
( task_id, supertask_id, date_opened, last_edited_time,
project_id, item_summary,
detailed_desc, opened_by,
percent_complete, $sql_params )
($sql_keys_string)
VALUES ($sql_placeholder)", $sql_values);
/////////////////////////////////////Add tags///////////////////////////////////////
$tagList = explode(';',$args['tags']);
foreach ($tagList as $tag)
@@ -939,7 +947,7 @@ public static function create_task($args)
}
// Reminder for due_date field
if ($due_date) {
if (!empty($sql_args['due_date'])) {
Backend::add_reminder($task_id, L('defaultreminder') . "\n\n" . CreateURL('details', $task_id), 2*24*60*60, time());
}
@@ -381,15 +381,17 @@ public static function GetTaskDetails($task_id, $cache_enabled = false)
* @return array
* @version 1.0
*/
public static function listProjects($active_only = true)
public static function listProjects(/*$active_only = true*/) // FIXME: $active_only would not work since the templates are accessing the returned array implying to be sortyed by project id, which is aparently wrong and error prone ! Same applies to the case when a project was deleted, causing a shift in the project id sequence, hence -> severe bug!
{
global $db;
$query = 'SELECT project_id, project_title FROM {projects}';
if ($active_only) {
$query .= ' WHERE project_is_active = 1';
}
// if ($active_only) {
// $query .= ' WHERE project_is_active = 1';
// }
$query .= ' ORDER BY project_id ASC';
$sql = $db->Query($query);
return $db->fetchAllArray($sql);
@@ -634,7 +636,7 @@ public static function checkLogin($username, $password)
$email_address = $username; //handle multiple email addresses
$temp = $db->Query("SELECT id FROM {user_emails} WHERE email_address = ?",$email_address);
$user_id = $db->FetchRow($temp);
$user_id = $user_id[id];
$user_id = $user_id["id"];
$result = $db->Query("SELECT uig.*, g.group_open, u.account_enabled, u.user_pass,
lock_until, login_attempts
@@ -303,10 +303,11 @@ function listTaskAttachments($tid)
function getActivityProjectCount($startdate, $enddate, $project_id)
{
global $db;
$result = $db->Query("SELECT count(date(from_unixtime(event_date))) as val
//NOTE: from_unixtime() on mysql, to_timestamp() on PostreSQL
$result = $db->Query("SELECT count(date(to_timestamp(event_date))) as val
FROM {history} h left join {tasks} t on t.task_id = h.task_id
WHERE t.project_id = ?
AND date(from_unixtime(event_date)) BETWEEN str_to_date(?, '%m/%d/%Y') and str_to_date(?, '%m/%d/%Y')", array($project_id, $startdate, $enddate));
AND date(to_timestamp(event_date)) BETWEEN date(?) and date(?)", array($project_id, $startdate, $enddate));
return $db->fetchCol($result);
}
/**
@@ -319,10 +320,11 @@ function getActivityProjectCount($startdate, $enddate, $project_id)
function getDayActivityByProject($date, $project_id)
{
global $db;
$result = $db->Query("SELECT count(date(from_unixtime(event_date))) as val
//NOTE: from_unixtime() on mysql, to_timestamp() on PostreSQL
$result = $db->Query("SELECT count(date(to_timestamp(event_date))) as val
FROM {history} h left join {tasks} t on t.task_id = h.task_id
WHERE t.project_id = ?
AND date(from_unixtime(event_date)) = str_to_date(?, '%m/%d/%Y')", array($project_id, $date));
AND date(to_timestamp(event_date)) = date(?)", array($project_id, $date));
return $db->fetchCol($result);
}
/* }}} */
@@ -22,7 +22,7 @@ public function __construct($uid = 0)
array($uid, $uid));
}
if ($uid > 0 && $db->countRows($sql)) {
if ($uid > 0 && $db->countRows($sql) == 1) {
$this->infos = $db->FetchRow($sql);
$this->id = intval($uid);
} else {
@@ -316,12 +316,13 @@ public function logout()
static function getActivityUserCount($startdate, $enddate, $project_id, $userid)
{
global $db;
$result = $db->Query("SELECT count(date(from_unixtime(event_date))) as val
//NOTE: from_unixtime() on mysql, to_timestamp() on PostreSQL
$result = $db->Query("SELECT count(date(to_timestamp(event_date))) as val
FROM {history} h left join {tasks} t on t.task_id = h.task_id
WHERE t.project_id = ? AND h.user_id = ?
AND date(from_unixtime(event_date))
BETWEEN str_to_date(?, '%m/%d/%Y')
AND str_to_date(?, '%m/%d/%Y')", array($project_id, $userid, $startdate, $enddate));
AND date(to_timestamp(event_date))
BETWEEN date(?)
AND date(?)", array($project_id, $userid, $startdate, $enddate));
return $db->fetchCol($result);
}
/**
@@ -35,7 +35,7 @@ function eL($key)
function load_translations()
{
global $proj, $language,$user;
global $proj, $language, $user, $fs;
// Load translations
// if no valid lang_code, return english
// valid == a-z and "_" case insensitive
@@ -68,5 +68,12 @@ function load_translations()
$proj->prefs['project_title'] = L('allprojects');
$proj->prefs['feed_description'] = L('feedforall');
}
for ($i = 6; $i >= 1; $i--) {
$fs->priorities[$i] = L('priority' . $i);
}
for ($i = 5; $i >= 1; $i--) {
$fs->severities[$i] = L('severity' . $i);
}
}
Oops, something went wrong.

0 comments on commit 651f098

Please sign in to comment.