5 // get the Group object
7 $group =& group_get_object($group_id);
8 if (!$group || !is_object($group)) {
11 if ($group->isError()) {
12 if($group->isPermissionDeniedError()) {
13 exit_permission_denied($group->getErrorMessage());
15 exit_error(_('Error'), $group->getErrorMessage());
19 // Create the ArtifactType object
21 $ath = new ArtifactTypeHtml($group,$atid);
23 if (!$ath || !is_object($ath)) {
24 exit_error('Error','ArtifactType could not be created');
26 if ($ath->isError()) {
27 if($ath->isPermissionDeniedError()) {
28 exit_permission_denied($group->getErrorMessage());
30 exit_error(_('Error'), $ath->getErrorMessage());
33 switch (getStringFromRequest('func')) {
36 if (!$ath->allowsAnon() && !session_loggedin()) {
37 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
44 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
45 exit_form_double_submit();
48 $user_email = getStringFromRequest('user_email');
49 $category_id = getIntFromRequest('category_id');
50 $artifact_group_id = getIntFromRequest('artifact_group_id');
51 $summary = getStringFromRequest('summary');
52 $details = getStringFromRequest('details');
53 $assigned_to = getStringFromRequest('assigned_to');
54 $priority = getStringFromRequest('priority');
55 $extra_fields = getStringFromRequest('extra_fields');
61 $ah=new ArtifactHtml($ath);
62 if (!$ah || !is_object($ah)) {
63 form_release_key(getStringFromRequest('form_key'));
64 exit_error('ERROR','Artifact Could Not Be Created');
65 } else if (!$ath->allowsAnon() && !session_loggedin()) {
66 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
68 if (empty($user_email)) {
71 if (!validate_email($user_email)) {
72 form_release_key(getStringFromRequest('form_key'));
73 exit_error('ERROR', _('Invalid Email Address'));
76 if (!$ah->create($summary,$details,$assigned_to,$priority,$extra_fields)) {
77 form_release_key(getStringFromRequest('form_key'));
78 exit_error('ERROR',$ah->getErrorMessage());
81 // Attach files to this Artifact.
83 for ($i=0; $i<5; $i++) {
84 $error=$_FILES['input_file']['error'][$i];
85 if (isset($error) && $error > 0) {
88 $file_name=$_FILES['input_file']['name'][$i];
89 $tmp_name=$_FILES['input_file']['tmp_name'][$i];
90 if (!is_uploaded_file($tmp_name)) {
93 $size=$_FILES['input_file']['size'][$i];
94 $type=$_FILES['input_file']['type'][$i];
96 $afh=new ArtifactFileHtml($ah);
97 if (!$afh || !is_object($afh)) {
98 $feedback .= 'Could Not Create File Object';
99 // } elseif ($afh->isError()) {
100 // $feedback .= $afh->getErrorMessage();
102 if (!util_check_fileupload($tmp_name)) {
103 form_release_key(getStringFromRequest('form_key'));
104 //delete the artifact
106 exit_error("Error","Invalid filename");
108 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
109 form_release_key(getStringFromRequest('form_key'));
110 //delete the artifact
112 exit_error(' Could Not Attach File to Item: '.$afh->getErrorMessage());
116 $feedback .= _('Item Successfully Created');
117 include 'browse.php';
122 case 'massupdate' : {
123 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
124 exit_form_double_submit();
127 $artifact_id_list = getArrayFromRequest('artifact_id_list');
128 $priority = getStringFromRequest('priority');
129 $status_id = getStringFromRequest('status_id');
130 $category_id = getStringFromRequest('category_id');
131 $artifact_group_id = getStringFromRequest('artifact_group_id');
132 $resolution_id = getStringFromRequest('resolution_id');
133 $assigned_to = getStringFromRequest('assigned_to');
134 $canned_response = getIntFromRequest("canned_response");
135 $extra_fields = getArrayFromRequest('extra_fields');
137 $count=count($artifact_id_list);
139 if (!$ath->userIsAdmin()) {
140 exit_permission_denied();
143 $artifact_type_id=$ath->getID();
145 for ($i=0; $i < $count; $i++) {
146 $ah=new Artifact($ath,$artifact_id_list[$i]);
147 if (!$ah || !is_object($ah)) {
148 $feedback .= ' ID: '.$artifact_id_list[$i].'::Artifact Could Not Be Created';
149 } else if ($ah->isError()) {
150 $feedback .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
152 $_priority=(($priority != 100) ? $priority : $ah->getPriority());
153 $_status_id=(($status_id != 100) ? $status_id : $ah->getStatusID());
154 //yikes, we want the ability to mass-update to "un-assigned", which is the ID=100, which
155 //conflicts with the "no change" ID! Sorry for messy use of 100.1
156 $_assigned_to=(($assigned_to != '100.1') ? $assigned_to : $ah->getAssignedTo());
159 // get existing extra field data
160 // we will then override individual elements if needed
162 $ef = $ah->getExtraFieldData();
163 $keys = array_keys($ef);
164 foreach ($keys as $efid) {
165 if (is_array($ef[$efid])) {
166 $f = $extra_fields[$efid];
167 // in this case, if $extra_fields is not setted, it
168 // means no option was selected, so we have to delete
169 // the original values
170 if (!is_array($f) || count($f) == 0) {
171 $ef[$efid] = array();
172 } else if (in_array('100', $extra_fields[$efid])) { // "No change" option selected?
175 $ef[$efid] = $f; // replace old values with new values
178 // in some cases (ie: textfields) the value is not passed, but
179 // this doesn't mean we must delete the existing value
180 if (array_key_exists($efid, $extra_fields)) {
181 $f = $extra_fields[$efid];
191 if (!$ah->update($_priority,$_status_id,$_assigned_to,$_summary,$canned_response,'',$artifact_type_id,$ef)) {
196 $feedback .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
204 $feedback = _('Updated successfully'); }
206 unset ($extra_fields_choice);
207 include ('browse.php');
211 $artifact_id = getIntFromRequest('artifact_id');
212 $priority = getIntFromRequest('priority');
213 $status_id = getIntFromRequest('status_id');
214 $category_id = getIntFromRequest('category_id');
215 $artifact_group_id = getIntFromRequest('artifact_group_id');
216 $resolution_id = getIntFromRequest('resolution_id');
217 $assigned_to = getStringFromRequest('assigned_to');
218 $summary = getStringFromRequest('summary');
219 $canned_response = getStringFromRequest('canned_response');
220 $details = getStringFromRequest('details');
221 $new_artifact_type_id = getIntFromRequest('new_artifact_type_id');
222 $extra_fields = getStringFromRequest('extra_fields');
225 Technicians can modify limited fields - to be certain
226 no one is hacking around, we override any fields they don't have
227 permission to change.
229 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
230 exit_form_double_submit();
233 $ah=new ArtifactHtml($ath,$artifact_id);
234 if (!$ah || !is_object($ah)) {
235 exit_error('ERROR','Artifact Could Not Be Created');
236 } else if ($ah->isError()) {
237 exit_error('ERROR',$ah->getErrorMessage());
238 } else if (!$ath->allowsAnon() && !session_loggedin()) {
239 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
244 The following logic causes fields to be overridden
245 in the event that someone tampered with the HTML form
248 if ($ath->userIsAdmin() || $ath->userIsTechnician()) {
250 //admin and techs can do everything
251 //techs will have certain fields overridden inside the update() function call
252 if (!$ah->update($priority,$status_id,
253 $assigned_to,$summary,$canned_response,$details,$new_artifact_type_id,$extra_fields)) {
254 $feedback =_('Tracker Item'). ': '.$ah->getErrorMessage();
261 if (session_loggedin() && ($ah->getSubmittedBy() == user_getid())) {
263 //submitter can only add files & comments
266 if ($ah->addMessage($details,$user_email,true)) {
267 $feedback=_('Comment added');
269 if ( (strlen($details)>0) ) { //if there was no message, then it´s not an error but addMessage returns false and sets missing params error
270 //some kind of error in creation
271 exit_error($ah->getErrorMessage(),$feedback);
273 // we have to unset the error if the user added a file ( add a file and no comment)
274 if ( (getStringFromRequest('add_file')) ) {
282 //everyone else can only add comments
285 if ($ah->addMessage($details,$user_email,true)) {
286 $feedback=_('Comment added');
288 //some kind of error in creation
289 exit_error('ERROR',$ah->getErrorMessage());
296 // Attach files to this Artifact.
298 for ($i=0; $i<5; $i++) {
299 $error=$_FILES['input_file']['error'][$i];
300 if (isset($error) && $error > 0) {
303 $file_name=$_FILES['input_file']['name'][$i];
304 $tmp_name=$_FILES['input_file']['tmp_name'][$i];
305 if (!is_uploaded_file($tmp_name)) {
308 $size=$_FILES['input_file']['size'][$i];
309 $type=$_FILES['input_file']['type'][$i];
311 $afh=new ArtifactFileHtml($ah);
312 if (!$afh || !is_object($afh)) {
313 $feedback .= 'Could Not Create File Object';
314 // } elseif ($afh->isError()) {
315 // $feedback .= $afh->getErrorMessage();
317 if (!util_check_fileupload($tmp_name)) {
318 form_release_key(getStringFromRequest('form_key'));
319 exit_error("Error","Invalid filename");
321 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
322 $feedback .= ' <br />'._('File Upload: Error').':'.$afh->getErrorMessage();
325 $feedback .= ' <br />'._('File Upload: Successful');
331 // Delete list of files from this artifact
333 $delete_file = getStringFromRequest('delete_file');
335 $count=count($delete_file);
336 for ($i=0; $i<$count; $i++) {
337 $afh=new ArtifactFileHtml($ah,$delete_file[$i]);
338 if (!$afh || !is_object($afh)) {
339 $feedback .= 'Could Not Create File Object::'.$delete_file[$i];
340 } elseif ($afh->isError()) {
341 $feedback .= $afh->getErrorMessage().'::'.$delete_file[$i];
343 if (!$afh->delete()) {
344 $feedback .= ' <br />'._('File Delete:').': '.$afh->getErrorMessage();
347 $feedback .= ' <br />'._('File Delete: Successful');
353 // Show just one feedback entry if no errors
356 $feedback = _('Updated successfully');
358 include ('browse.php');
363 $artifact_id = getIntFromRequest('artifact_id');
365 $ah=new ArtifactHtml($ath,$artifact_id);
366 if (!$ah || !is_object($ah)) {
367 exit_error('ERROR','Artifact Could Not Be Created');
368 } else if ($ah->isError()) {
369 exit_error('ERROR',$ah->getErrorMessage());
372 $feedback=$ah->getErrorMessage();
374 include 'browse.php';
377 $at=new ArtifactType($group,$atid);
378 if (!$at || !is_object($at)) {
379 exit_error('ERROR','Artifact Could Not Be Created');
380 } else if ($at->isError()) {
381 exit_error('ERROR',$at->getErrorMessage());
384 $feedback=$at->getErrorMessage();
386 include 'browse.php';
396 case 'deleteartifact' : {
397 if ($ath->userIsAdmin()) {
398 $aid = getStringFromRequest('aid');
399 $ah= new ArtifactHtml($ath,$aid);
400 if (!$ah || !is_object($ah)) {
401 exit_error('ERROR','Artifact Could Not Be Created');
402 } elseif ($ah->isError()) {
403 exit_error('ERROR',$ah->getErrorMessage());
405 include 'deleteartifact.php';
407 exit_permission_denied();
413 // Handle the actual delete
416 case 'postdeleteartifact' : {
417 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
418 exit_form_double_submit();
420 if ($ath->userIsAdmin()) {
421 $aid = getStringFromRequest('aid');
422 $ah= new ArtifactHtml($ath,$aid);
423 if (!$ah || !is_object($ah)) {
424 exit_error('ERROR','Artifact Could Not Be Created');
425 } elseif ($ah->isError()) {
426 exit_error('ERROR',$ah->getErrorMessage());
428 if (!getStringFromRequest('confirm_delete')) {
429 $feedback .= _('Confirmation failed. Artifact not deleted');
432 if (!$ah->delete(true)) {
433 $feedback .= _('Artifact Delete Failed') . ': '.$ah->getErrorMessage();
435 $feedback .= _('Artifact Deleted Successfully');
438 include 'browse.php';
440 exit_permission_denied();
447 include 'taskmgr.php';
451 include 'browse.php';
455 include ('query.php');
458 case 'downloadcsv' : {
459 include ('downloadcsv.php');
463 $aid = getStringFromRequest('aid');
464 Header("Redirect: ".$GLOBALS['sys_urlprefix']."/tracker/download.php?group_id=$group_id&atid=$atid&aid=$aid&file_id=$file_id");
468 $aid = getStringFromRequest('aid');
471 // users can modify their own tickets in a limited way if they submitted them
472 // even if they are not artifact admins
474 $ah=new ArtifactHtml($ath,$aid);
475 if (!$ah || !is_object($ah)) {
476 exit_error('ERROR','Artifact Could Not Be Created');
477 } else if ($ah->isError()) {
478 exit_error('ERROR',$ah->getErrorMessage());
480 if ($ath->userIsAdmin()) {
482 } elseif ($ath->userIsTechnician()) {
483 include 'mod-limited.php';
485 include 'detail.php';
491 include 'browse.php';
498 // c-file-style: "bsd"