Permalink
Browse files

Fix strict type issues (check_selected) in filters

Use of strict type checking for check_selected() must be disabled when
dealing with projects/subprojects selection lists display. The
alternative (strict checks + type casts) prevents the current filter
from being preselected when editing it, and also causes occasional
errors when displaying the filters.

Also includes HTML/CSS fixes.

Pull request #132
  • Loading branch information...
dregad committed Feb 13, 2014
2 parents b59f66f + 6e86190 commit b90d6fc89712425cdb865b9a844c3ff55e8826e9
Showing with 85 additions and 72 deletions.
  1. +10 −10 core/filter_api.php
  2. +3 −3 core/print_api.php
  3. +72 −59 view_filters_page.php
View
@@ -3387,7 +3387,7 @@ function filter_draw_selection_area2( $p_page_number, $p_for_screen = true, $p_e
echo '<input type="hidden" name="', FILTER_PROPERTY_PROJECT_ID, '[]" value="', string_attribute( $t_current ), '" />';
$t_this_name = '';
if( META_FILTER_CURRENT == $t_current ) {
- $t_this_name = lang_get( 'current' );
+ $t_this_name = '[' . lang_get( 'current' ) . ']';
} else {
$t_this_name = project_get_name( $t_current, false );
}
@@ -4302,28 +4302,28 @@ function print_filter_custom_field_date( $p_field_num, $p_field_id ) {
echo "\n<table cellspacing=\"0\" cellpadding=\"0\"><tr><td>\n";
echo "<select size=\"1\" name=\"custom_field_" . $p_field_id . "_control\">\n";
echo '<option value="' . CUSTOM_FIELD_DATE_ANY . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ANY );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ANY );
echo '>' . lang_get( 'any' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_NONE . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_NONE );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_NONE );
echo '>' . lang_get( 'none' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_BETWEEN . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_BETWEEN );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_BETWEEN );
echo '>' . lang_get( 'between_date' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_ONORBEFORE . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ONORBEFORE );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ONORBEFORE );
echo '>' . lang_get( 'on_or_before_date' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_BEFORE . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_BEFORE );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_BEFORE );
echo '>' . lang_get( 'before_date' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_ON . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ON );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ON );
echo '>' . lang_get( 'on_date' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_AFTER . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_AFTER );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_AFTER );
echo '>' . lang_get( 'after_date' ) . '</option>' . "\n";
echo '<option value="' . CUSTOM_FIELD_DATE_ONORAFTER . '"';
- check_selected( $t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ONORAFTER );
+ check_selected( (int)$t_filter['custom_fields'][$p_field_id][0], CUSTOM_FIELD_DATE_ONORAFTER );
echo '>' . lang_get( 'on_or_after_date' ) . '</option>' . "\n";
echo '</select>' . "\n";
@@ -4344,7 +4344,7 @@ function print_filter_project_id() {
<!-- Project -->
<select <?php echo $t_select_modifier;?> name="<?php echo FILTER_PROPERTY_PROJECT_ID;?>[]">
<option value="<?php echo META_FILTER_CURRENT ?>"
- <?php check_selected( $t_filter[FILTER_PROPERTY_PROJECT_ID], META_FILTER_CURRENT, false );?>>
+ <?php check_selected( $t_filter[FILTER_PROPERTY_PROJECT_ID], META_FILTER_CURRENT );?>>
[<?php echo lang_get( 'current' )?>]
</option>
<?php print_project_option_list( $t_filter[FILTER_PROPERTY_PROJECT_ID] )?>
View
@@ -551,7 +551,7 @@ function print_project_option_list( $p_project_id = null, $p_include_all_project
if( $p_include_all_projects && $p_filter_project_id !== ALL_PROJECTS ) {
echo '<option value="' . ALL_PROJECTS . '"';
if ( $p_project_id !== null ) {
- check_selected( (int)$p_project_id, ALL_PROJECTS, false );
+ check_selected( $p_project_id, ALL_PROJECTS, false );
}
echo '>' . lang_get( 'all_projects' ) . '</option>' . "\n";
}
@@ -563,7 +563,7 @@ function print_project_option_list( $p_project_id = null, $p_include_all_project
}
echo '<option value="' . $t_id . '"';
- check_selected( (int)$p_project_id, $t_id );
+ check_selected( $p_project_id, $t_id, false );
check_disabled( $t_id == $p_filter_project_id || !$t_can_report );
echo '>' . string_attribute( project_get_field( $t_id, 'name' ) ) . '</option>' . "\n";
print_subproject_option_list( $t_id, $p_project_id, $p_filter_project_id, $p_trace, $p_can_report_only );
@@ -591,7 +591,7 @@ function print_subproject_option_list( $p_parent_id, $p_project_id = null, $p_fi
}
echo '<option value="' . $t_full_id . '"';
- check_selected( (string)$p_project_id, (string)$t_full_id );
+ check_selected( $p_project_id, $t_full_id, false );
check_disabled( $t_id == $p_filter_project_id || !$t_can_report );
echo '>'
. str_repeat( '&#160;', count( $p_parents ) )
View
@@ -157,7 +157,9 @@
$t_show_tags = access_has_global_level( config_get( 'tag_view_threshold' ) );
?>
<div class="filter-box">
+
<form method="post" name="filters" action="<?php echo $t_action; ?>">
+
<?php # CSRF protection not required here - form does not result in modifications ?>
<input type="hidden" name="type" value="1" />
<input type="hidden" name="view_type" value="<?php echo $f_view_type; ?>" />
@@ -167,7 +169,9 @@
print '<input type="hidden" name="offset" value="0" />';
}
?>
+
<table class="width100" cellspacing="1">
+
<tr>
<td class="right" colspan="<?php echo ( 8 * $t_custom_cols ); ?>">
<?php
@@ -183,15 +187,17 @@
?>
</td>
</tr>
+
+<!-- Filter row 1 -->
+
<tr class="row-category2">
<th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'reporter' ) ?></th>
<th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'monitored_by' ) ?></th>
<th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'assigned_to' ) ?></th>
<th class="small-caption" colspan="<?php echo ( 2 * $t_custom_cols ); ?>"><?php echo lang_get( 'category' ) ?></th>
<th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'severity' ) ?></th>
<th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'resolution' ) ?></th>
- <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'profile' ) ?></th>
- <!-- <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</td> -->
+ <th class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 7 ) * $t_custom_cols ); ?>"><?php echo lang_get( 'profile' ) ?></th>
</tr>
<tr class="row-1">
<!-- Reporter -->
@@ -219,43 +225,41 @@
<?php print_filter_show_resolution(); ?>
</td>
<!-- Profile -->
- <td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <td colspan="<?php echo ( ( $t_filter_cols - 7 ) * $t_custom_cols ); ?>">
<?php print_filter_show_profile(); ?>
</td>
- <!-- <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</td> -->
</tr>
+<!-- Filter row 2 -->
+
<tr class="row-category2">
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'status' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
- <?php
- if ( 'simple' == $f_view_type ) {
- echo lang_get( 'hide_status' );
- } else {
- echo '&#160;';
- }
- ?>
- </td>
- <?php if ( $t_show_build ) { ?>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'product_build' ) ?></td>
- <?php } else { ?>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">&#160;</td>
- <?php } ?>
- <?php if ( $t_show_product_version ) { ?>
- <td class="small-caption" colspan="<?php echo ( 2 * $t_custom_cols ); ?>"><?php echo lang_get( 'product_version' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'fixed_in_version' ) ?></td>
- <?php } else { ?>
- <td class="small-caption" colspan="<?php echo ( 2 * $t_custom_cols ); ?>">&#160;</td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">&#160;</td>
- <?php } ?>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'priority' ) ?></td>
- <?php if ( $t_show_product_version ) { ?>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'target_version' ) ?></td>
- <?php } else { ?>
- <td class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 7 ) * $t_custom_cols ); ?>">&#160;</td>
- <?php } ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'status' ) ?></td>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <?php echo ( 'simple' == $f_view_type ) ? lang_get( 'hide_status' ) : '&#160;'; ?>
+ </th>
+<?php if ( $t_show_build ) { ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'product_build' ) ?></th>
+<?php } else { ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">&#160;</th>
+<?php } ?>
+
+<?php if ( $t_show_product_version ) { ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'product_version' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'fixed_in_version' ) ?></th>
+<?php } else { ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">&#160;</th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">&#160;</th>
+<?php } ?>
+
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'priority' ) ?></th>
+
+<?php if ( $t_show_product_version ) { ?>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'target_version' ) ?></th>
+<?php } else { ?>
+ <th class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</th>
+<?php } ?>
</tr>
-<tr class="row-1">
+<tr class="row-2">
<!-- Status -->
<td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php print_filter_show_status(); ?>
@@ -277,7 +281,7 @@
} ?>
</td>
<!-- Version -->
- <td colspan="<?php echo ( 2 * $t_custom_cols ); ?>">
+ <td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php if ( $t_show_product_version ) {
print_filter_show_version();
} else {
@@ -297,7 +301,7 @@
<?php print_filter_show_priority(); ?>
</td>
<!-- Target Version -->
- <td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">
<?php if ( $t_show_product_version ) {
print_filter_show_target_version();
} else {
@@ -306,26 +310,28 @@
</td>
</tr>
+<!-- Filter row 3 -->
+
<tr class="row-category2">
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'show' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'view_status' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'sticky' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'changed' ) ?></td>
- <td class="small-caption" colspan="<?php echo ( 3 * $t_custom_cols ); ?>">
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'show' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'view_status' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'sticky' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'changed' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( 3 * $t_custom_cols ); ?>">
<label>
<input type="checkbox" id="use_date_filters"
name="<?php echo FILTER_PROPERTY_FILTER_BY_DATE ?>"
<?php check_checked( $t_filter['filter_by_date'], true ) ?>
/>
<?php echo lang_get( 'use_date_filters' )?>
</label>
- </td>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ </th>
+ <th class="small-caption" colspan="<?php echo ( ( $t_filter_cols -7 ) * $t_custom_cols ); ?>">
<?php echo lang_get( 'bug_relationships' ) ?>
- </td>
- <!-- <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</td> -->
+ </th>
+ <!-- <th colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</th> -->
</tr>
-<tr class="row-2">
+<tr class="row-1">
<!-- Number of bugs per page -->
<td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php print_filter_per_page(); ?>
@@ -342,15 +348,19 @@
<td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php print_filter_highlight_changed(); ?>
</td>
- <td class="left" colspan="<?php echo ( 3 * $t_custom_cols ); ?>">
+ <!-- Date filters -->
+ <td class="left" colspan="<?php echo ( 3 * $t_custom_cols ); ?>">
<?php print_filter_do_filter_by_date( true ); # hide checkbox as it's already been shown ?>
</td>
- <td colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
- <?php print_filter_relationship_type(); ?>
+ <!-- Relationships -->
+ <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">
+ <?php print_filter_relationship_type(); ?>
</td>
- <!-- <td colspan="<?php echo ( ( $t_filter_cols - 8 ) * $t_custom_cols ); ?>">&#160;</td> -->
+ <!-- <td colspan="<?php echo ( ( $t_filter_cols - 7 ) * $t_custom_cols ); ?>">&#160;</td> -->
</tr>
+<!-- Filter row 4 (custom fields) -->
+
<?php
if ( ON == config_get( 'filter_by_custom_fields' ) ) {
@@ -365,13 +375,13 @@
<tr class="row-category2">
<?php
for( $j = 0; $j < $t_per_row; $j++ ) {
- echo '<td class="small-caption" colspan="' . ( 1 * $t_filter_cols ) . '">';
+ echo '<th class="small-caption" colspan="' . ( 1 * $t_filter_cols ) . '">';
if ( isset( $t_accessible_custom_fields_names[$t_base + $j] ) ) {
echo string_display( lang_get_defaulted( $t_accessible_custom_fields_names[$t_base + $j] ) );
} else {
echo '&#160;';
}
- echo '</td>';
+ echo '</th>';
}
?>
</tr>
@@ -403,9 +413,9 @@
?>
<tr class="row-1">
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <th class="small-caption category2" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php echo lang_get( 'sort_label' ) ?>
- </td>
+ </th>
<td colspan="<?php echo ( ( $t_filter_cols - 1 - $t_project_cols ) * $t_custom_cols ); ?>">
<?php
print_filter_show_sort();
@@ -414,9 +424,9 @@
<?php
if ( 'advanced' == $f_view_type ) {
?>
- <td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <th class="small-caption category2" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<?php echo lang_get( 'email_project_label' ) ?>
- </td>
+ </th>
<td colspan="<?php echo( 2 * $t_custom_cols ); ?>">
<?php
print_filter_project_id();
@@ -479,10 +489,12 @@
?>
+<!-- Last Filter row (Search/tags) -->
+
<tr class="row-category2">
-<td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'search' ) ?></td>
-<td class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 2 ) * $t_custom_cols ); ?>"><?php if ( $t_show_tags ) { echo lang_get( 'tags' ); } ?></td>
-<td class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"></td>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"><?php echo lang_get( 'search' ) ?></th>
+ <th class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 2 ) * $t_custom_cols ); ?>"><?php if ( $t_show_tags ) { echo lang_get( 'tags' ); } ?></th>
+ <th class="small-caption" colspan="<?php echo ( 1 * $t_custom_cols ); ?>"></th>
</tr>
<tr class="row-1">
<!-- Search field -->
@@ -493,10 +505,11 @@
<td class="small-caption" colspan="<?php echo ( ( $t_filter_cols - 2 ) * $t_custom_cols ); ?>"><?php if ( $t_show_tags ) { print_filter_tag_string(); } ?></td>
<!-- Submit button -->
- <td class="right" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
+ <td class="center" colspan="<?php echo ( 1 * $t_custom_cols ); ?>">
<input type="submit" name="filter" class="button" value="<?php echo lang_get( 'filter_button' ) ?>" />
</td>
</tr>
+
</table>
</form>
</div>

0 comments on commit b90d6fc

Please sign in to comment.