Add custom fields tables to the upgrade scripts.

Use config options instead of constants for table names.
Add upgrades to fix the double escaping problems in old db data.

* upgrade_warning.php: go to upgrade_list.php instead of upgrade.php

* upgrade_list.php: new file that gives a list of upgrade sets

* upgrade.php:
* upgrade_advanced.php:
   give a link to return the upgrade list page

* upgrade_inc.php:
* upgrades/0_13_inc.php:
* upgrades/0_14_inc.php:
* upgrades/0_15_inc.php:
* upgrades/0_16_inc.php:
   use config options to get table names

* upgrades/0_17_inc.php:
  + use config options to get table names
  + add upgrade to drop mantis_project_customization table if it exists
  + add upgrades to add the custom fields tables

* db_table_names_inc.php: new file that loads all the table names from
    config options into global variables

* upgrade_escaping.php: new file that does the db escaping fix upgrades

* upgrades/0_17_escaping_fixes_inc.php: new file that actually contains
    the upgrades for the double escaping fixes


git-svn-id: http://mantisbt.svn.sourceforge.net/svnroot/mantisbt/trunk@1853 f5dc347c-c33d-0410-90a0-b07cc1902cb9

admin/db_table_names_inc.php

@@ -0,0 +1,27 @@
+<?php
+	require_once( '../core.php' );
+
+	# Load all the table names for use by the upgrade statements
+	$t_bug_file_table				= config_get( 'mantis_bug_file_table' );
+	$t_bug_history_table			= config_get( 'mantis_bug_history_table' );
+	$t_bug_monitor_table			= config_get( 'mantis_bug_monitor_table' );
+	$t_bug_relationship_table		= config_get( 'mantis_bug_relationship_table' );
+	$t_bug_table					= config_get( 'mantis_bug_table' );
+	$t_bug_text_table				= config_get( 'mantis_bug_text_table' );
+	$t_bugnote_table				= config_get( 'mantis_bugnote_table' );
+	$t_bugnote_text_table			= config_get( 'mantis_bugnote_text_table' );
+	$t_news_table					= config_get( 'mantis_news_table' );
+	$t_project_category_table		= config_get( 'mantis_project_category_table' );
+	$t_project_file_table			= config_get( 'mantis_project_file_table' );
+	$t_project_table				= config_get( 'mantis_project_table' );
+	$t_project_user_list_table		= config_get( 'mantis_project_user_list_table' );
+	$t_project_version_table		= config_get( 'mantis_project_version_table' );
+	$t_user_table					= config_get( 'mantis_user_table' );
+	$t_user_profile_table			= config_get( 'mantis_user_profile_table' );
+	$t_user_pref_table				= config_get( 'mantis_user_pref_table' );
+	$t_user_print_pref_table		= config_get( 'mantis_user_print_pref_table' );
+	$t_custom_field_project_table	= config_get( 'mantis_custom_field_project_table' );
+	$t_custom_field_table      		= config_get( 'mantis_custom_field_table' );
+	$t_custom_field_string_table	= config_get( 'mantis_custom_field_string_table' );
+	$t_upgrade_table				= config_get( 'mantis_upgrade_table' );
+?>

admin/upgrade.php

@@ -26,7 +26,7 @@
 <table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
 	<tr class="top-bar">
 		<td class="links">
-			[ <a href="index.php">Back to Administration</a> ]
+			[ <a href="upgrade_list.php">Back to Upgrade List</a> ]
 			[ <a href="upgrade.php">Refresh view</a> ]
 			[ <a href="upgrade_advanced.php">Advanced</a> ]
 		</td>

admin/upgrade_advanced.php

@@ -10,11 +10,11 @@
 
 	$upgrade_set = new UpgradeSet();
 
+	$upgrade_set->add_items( include( 'upgrades/0_13_inc.php' ) );
 	$upgrade_set->add_items( include( 'upgrades/0_14_inc.php' ) );
 	$upgrade_set->add_items( include( 'upgrades/0_15_inc.php' ) );
 	$upgrade_set->add_items( include( 'upgrades/0_16_inc.php' ) );
 	$upgrade_set->add_items( include( 'upgrades/0_17_inc.php' ) );
-	$upgrade_set->add_items( include( 'upgrades/0_18_inc.php' ) );
 ?>
 <html>
 <head>
@@ -26,7 +26,7 @@
 <table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
 	<tr class="top-bar">
 		<td class="links">
-			[ <a href="index.php">Back to Administration</a> ]
+			[ <a href="upgrade_list.php">Back to Upgrade List</a> ]
 			[ <a href="upgrade_advanced.php">Refresh view</a> ]
 			[ <a href="upgrade.php">Simple</a> ]
 		</td>

admin/upgrade_escaping.php

@@ -0,0 +1,39 @@
+<?php
+	# Mantis - a php based bugtracking system
+	# Copyright (C) 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
+	# Copyright (C) 2002 - 2003  Mantis Team   - mantisbt-dev@lists.sourceforge.net
+	# This program is distributed under the terms and conditions of the GPL
+	# See the README and LICENSE files for details
+?>
+<?php
+	require_once ( 'upgrade_inc.php' );
+
+	$upgrade_set = new UpgradeSet();
+
+	$upgrade_set->add_items( include( 'upgrades/0_17_escaping_fixes_inc.php' ) );
+?>
+<html>
+<head>
+<title> Mantis Administration - String Escaping Database Fixes </title>
+<link rel="stylesheet" type="text/css" href="admin.css" />
+</head>
+<body>
+
+<table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
+	<tr class="top-bar">
+		<td class="links">
+			[ <a href="upgrade_list.php">Back to Upgrade List</a> ]
+			[ <a href="upgrade_escaping.php">Refresh view</a> ]
+		</td>
+		<td class="title">
+			String Escaping Database Fixes
+		</td>
+	</tr>
+</table>
+<br /><br />
+
+<?php
+	$upgrade_set->process_post_data();
+?>
+</body>
+</html>

admin/upgrade_inc.php

@@ -6,10 +6,11 @@
 	# See the README and LICENSE files for details
 ?>
 <?php
-	require( '../core.php' );
+	require_once( '../core.php' );
+
+	require_once( 'db_table_names_inc.php' );
 
 	# Check if the upgrade table has been created yet
-	$t_upgrade_table = config_get( 'mantis_upgrade_table' );
 	$query = "DESCRIBE $t_upgrade_table";
 	$result = db_query( $query, false );
 
@@ -23,7 +24,7 @@
 		db_query( $query );
 
 		# 0.14.0 upgrades (applied to 0.13 db)
-		if ( admin_check_applied( 'mantis_project_table' ) ) {
+		if ( admin_check_applied( $t_project_table ) ) {
 			$t_upgrades = include( 'upgrades/0_13_inc.php' );
 
 			foreach ( $t_upgrades as $t_item ) {
@@ -32,7 +33,7 @@
 		}
 
 		# 0.15.0 upgrades (applied to 0.14 db)
-		if ( admin_check_applied( 'mantis_bug_file_table' ) ) {
+		if ( admin_check_applied( $t_bug_file_table ) ) {
 			$t_upgrades = include( 'upgrades/0_14_inc.php' );
 
 			foreach ( $t_upgrades as $t_item ) {
@@ -41,7 +42,7 @@
 		}
 
 		# 0.16.0 upgrades (applied to 0.15 db)
-		if ( admin_check_applied( 'mantis_bug_history_table' ) ) {
+		if ( admin_check_applied( $t_bug_history_table ) ) {
 			$t_upgrades = include( 'upgrades/0_15_inc.php' );
 
 			foreach ( $t_upgrades as $t_item ) {
@@ -50,7 +51,7 @@
 		}
 
 		# 0.17.0 upgrades (applied to 0.16 db)
-		if ( admin_check_applied( 'mantis_bug_monitor_table' ) ) {
+		if ( admin_check_applied( $t_bug_monitor_table ) ) {
 			$t_upgrades = include( 'upgrades/0_16_inc.php' );
 
 			foreach ( $t_upgrades as $t_item ) {
@@ -166,7 +167,9 @@ function execute() {
 			if ( $result ) {
 				$this->set_applied();
 			} else {
-				$this->error = "Function $this->function_name() returned false";
+				$this->error = "Function $this->function_name() returned false<br />";
+				$this->error .= "Last database error (may not be applicable) was: "
+								. db_error_msg();
 			}
 
 			return $result;

admin/upgrade_list.php

@@ -0,0 +1,26 @@
+<html>
+<head>
+<title> Mantis Administration - Upgrade List </title>
+<link rel="stylesheet" type="text/css" href="admin.css" />
+</head>
+<body>
+<table width="100%" border="0" cellspacing="0" cellpadding="0" bgcolor="#ffffff">
+	<tr class="top-bar">
+		<td class="links">
+			[ <a href="index.php">Back to Administration</a> ]
+		</td>
+		<td class="title">
+			Upgrade Installation
+		</td>
+	</tr>
+</table>
+<br /><br />
+<div align="center">
+	<table width="75%"><tr><td align="center">
+	<h1>List of Upgrade Sets</h1>
+	<p>[ <a href="upgrade.php">Basic upgrade set (required)</a> ]</p>
+	<p>[ <a href="upgrade_escaping.php">String escaping fixes (recommended)</a> ]</p>
+	</td></tr></table>
+</div>
+</body>
+</html>

admin/upgrade_warning.php

@@ -36,7 +36,7 @@
 <div align="center">
 	<table width="80%" bgcolor="#222222" border="0" cellpadding="10" cellspacing="1">
 		<tr bgcolor="#ffffff">
-			<td align="center" nowrap="nowrap"><p>When you have backed up your database click the link below to continue</p>[ <a href="upgrade.php">Upgrade Now</a> ]</td>
+			<td align="center" nowrap="nowrap"><p>When you have backed up your database click the link below to continue</p>[ <a href="upgrade_list.php">Upgrade Now</a> ]</td>
 		</tr>
 	</table>
 </div>

admin/upgrades/0_13_inc.php

@@ -8,12 +8,14 @@
 	# Changes applied to 0.13 database to give us 0.14
 ?>
 <?php
+	require_once( 'db_table_names_inc.php' );
+
 	$upgrades = array();
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-1',
 			'Add mantis_project_table',
-			"CREATE TABLE mantis_project_table (
+			"CREATE TABLE $t_project_table (
 			  id int(7) unsigned zerofill DEFAULT '0000001' NOT NULL auto_increment,
 			  name varchar(128) NOT NULL,
 			  status enum('development','release','stable','obsolete') DEFAULT 'development' NOT NULL,
@@ -28,74 +30,74 @@
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-2',
 			'Insert default project into mantis_project_table',
-			"INSERT INTO mantis_project_table
+			"INSERT INTO $t_project_table
 			  VALUES ( '0000001', 'mantis', 'development', 'on', 'public', 'Mantis.  Report problems with the actual bug tracker here. (Do not remove this account.  You can set it to be disabled or private if you do not wish to see it)' )"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-3',
 			'Add mantis_project_category_table',
-			"CREATE TABLE mantis_project_category_table (
+			"CREATE TABLE $t_project_category_table (
 			  project_id int(7) unsigned zerofill DEFAULT '0000000' NOT NULL,
 			  category varchar(32) NOT NULL )"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-4',
 			'Add mantis_project_version_table',
-			"CREATE TABLE mantis_project_version_table (
+			"CREATE TABLE $t_project_version_table (
 			  project_id int(7) unsigned zerofill DEFAULT '0000000' NOT NULL,
 			  version varchar(32) NOT NULL )"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-5',
 			'Add project_id column to mantis_bug_table',
-			"ALTER TABLE mantis_bug_table ADD project_id INT (7) UNSIGNED ZEROFILL not null AFTER id"
+			"ALTER TABLE $t_bug_table ADD project_id INT (7) UNSIGNED ZEROFILL not null AFTER id"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-6',
 			'Change category column in mantis_bug_table to varchar',
-			"ALTER TABLE mantis_bug_table CHANGE category category VARCHAR (32) not null"
+			"ALTER TABLE $t_bug_table CHANGE category category VARCHAR (32) not null"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-7',
 			'Change version column in mantis_bug_table to varchar',
-			"ALTER TABLE mantis_bug_table CHANGE version version VARCHAR (32) DEFAULT 'none' not null"
+			"ALTER TABLE $t_bug_table CHANGE version version VARCHAR (32) DEFAULT 'none' not null"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-8',
 			'Set project_id to "0000001" for all bugs',
-			"UPDATE mantis_bug_table
+			"UPDATE $t_bug_table
 			  SET project_id='0000001'"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-9',
 			'Add project_id column news table',
-			"ALTER TABLE mantis_news_table ADD project_id INT (7) UNSIGNED ZEROFILL not null AFTER id"
+			"ALTER TABLE $t_news_table ADD project_id INT (7) UNSIGNED ZEROFILL not null AFTER id"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-10',
 			'Set project_id to "0000001" for all news postings',
-			"UPDATE mantis_news_table
+			"UPDATE $t_news_table
 			  SET project_id='0000001'"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-11',
 			'Added login count to user table',
-			"ALTER TABLE mantis_user_table ADD login_count INT not null DEFAULT '0' AFTER access_level"
+			"ALTER TABLE $t_user_table ADD login_count INT not null DEFAULT '0' AFTER access_level"
 		);
 
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-12',
 			'Add manager to access_levels',
-			"ALTER TABLE mantis_user_table 
+			"ALTER TABLE $t_user_table 
 			  CHANGE access_level access_level 
 			  ENUM ('viewer','reporter','updater','developer','manager','administrator') DEFAULT 'viewer'
 			  NOT NULL"
@@ -104,7 +106,7 @@
 	$upgrades[] = new SQLUpgrade( 
 			'0.13-13',
 			'Make username unique',
-			"ALTER TABLE mantis_user_table ADD UNIQUE(username)"
+			"ALTER TABLE $t_user_table ADD UNIQUE(username)"
 		);