5 // get the Group object
7 $group =& group_get_object($group_id);
8 if (!$group || !is_object($group)) {
11 if ($group->isError()) {
12 if($group->isPermissionDeniedError()) {
13 exit_permission_denied($group->getErrorMessage());
15 exit_error(_('Error'), $group->getErrorMessage());
19 // Create the ArtifactType object
21 $ath = new ArtifactTypeHtml($group,$atid);
23 if (!$ath || !is_object($ath)) {
24 exit_error('Error','ArtifactType could not be created');
26 if ($ath->isError()) {
27 if($ath->isPermissionDeniedError()) {
28 exit_permission_denied($group->getErrorMessage());
30 exit_error(_('Error'), $ath->getErrorMessage());
33 switch (getStringFromRequest('func')) {
36 if (!$ath->allowsAnon() && !session_loggedin()) {
37 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
44 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
45 exit_form_double_submit();
48 $user_email = getStringFromRequest('user_email');
49 $category_id = getIntFromRequest('category_id');
50 $artifact_group_id = getIntFromRequest('artifact_group_id');
51 $summary = getStringFromRequest('summary');
52 $details = getStringFromRequest('details');
53 $assigned_to = getStringFromRequest('assigned_to');
54 $priority = getStringFromRequest('priority');
55 $extra_fields = getStringFromRequest('extra_fields');
61 $ah=new ArtifactHtml($ath);
63 if (!$ah || !is_object($ah)) {
64 form_release_key(getStringFromRequest('form_key'));
65 exit_error('ERROR','Artifact Could Not Be Created');
66 } else if (!$ath->allowsAnon() && !session_loggedin()) {
67 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
69 if (empty($user_email)) {
72 if (!validate_email($user_email)) {
73 form_release_key(getStringFromRequest('form_key'));
74 exit_error('ERROR', _('Invalid Email Address'));
77 if (!$ah->create($summary,$details,$assigned_to,$priority,$extra_fields)) {
78 form_release_key(getStringFromRequest('form_key'));
79 exit_error('ERROR',$ah->getErrorMessage());
82 // Attach files to this Artifact.
84 for ($i=0; $i<5; $i++) {
85 $error=$_FILES['input_file']['error'][$i];
86 if (isset($error) && $error > 0) {
89 $file_name=$_FILES['input_file']['name'][$i];
90 $tmp_name=$_FILES['input_file']['tmp_name'][$i];
91 if (!is_uploaded_file($tmp_name)) {
94 $size=$_FILES['input_file']['size'][$i];
95 $type=$_FILES['input_file']['type'][$i];
97 $afh=new ArtifactFileHtml($ah);
98 if (!$afh || !is_object($afh)) {
99 $feedback .= 'Could Not Create File Object';
100 // } elseif ($afh->isError()) {
101 // $feedback .= $afh->getErrorMessage();
103 if (!util_check_fileupload($tmp_name)) {
104 form_release_key(getStringFromRequest('form_key'));
105 //delete the artifact
107 exit_error("Error","Invalid filename");
109 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
110 form_release_key(getStringFromRequest('form_key'));
111 //delete the artifact
113 exit_error(' Could Not Attach File to Item: '.$afh->getErrorMessage());
117 $feedback .= _('Item Successfully Created');
118 include 'browse.php';
123 case 'massupdate' : {
124 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
125 exit_form_double_submit();
128 $artifact_id_list = getArrayFromRequest('artifact_id_list');
129 $priority = getStringFromRequest('priority');
130 $status_id = getStringFromRequest('status_id');
131 $category_id = getStringFromRequest('category_id');
132 $artifact_group_id = getStringFromRequest('artifact_group_id');
133 $resolution_id = getStringFromRequest('resolution_id');
134 $assigned_to = getStringFromRequest('assigned_to');
135 $canned_response = getIntFromRequest("canned_response");
136 $extra_fields = getArrayFromRequest('extra_fields');
138 $count=count($artifact_id_list);
140 if (!$ath->userIsAdmin()) {
141 exit_permission_denied();
144 $artifact_type_id=$ath->getID();
146 for ($i=0; $i < $count; $i++) {
147 $ah=new Artifact($ath,$artifact_id_list[$i]);
148 if (!$ah || !is_object($ah)) {
149 $feedback .= ' ID: '.$artifact_id_list[$i].'::Artifact Could Not Be Created';
150 } else if ($ah->isError()) {
151 $feedback .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
153 $_priority=(($priority != 100) ? $priority : $ah->getPriority());
154 $_status_id=(($status_id != 100) ? $status_id : $ah->getStatusID());
155 //yikes, we want the ability to mass-update to "un-assigned", which is the ID=100, which
156 //conflicts with the "no change" ID! Sorry for messy use of 100.1
157 $_assigned_to=(($assigned_to != '100.1') ? $assigned_to : $ah->getAssignedTo());
160 // get existing extra field data
161 // we will then override individual elements if needed
163 $ef = $ah->getExtraFieldData();
164 $keys = array_keys($ef);
165 foreach ($keys as $efid) {
166 if (is_array($ef[$efid])) {
167 $f = $extra_fields[$efid];
168 // in this case, if $extra_fields is not setted, it
169 // means no option was selected, so we have to delete
170 // the original values
171 if (!is_array($f) || count($f) == 0) {
172 $ef[$efid] = array();
173 } else if (in_array('100', $extra_fields[$efid])) { // "No change" option selected?
176 $ef[$efid] = $f; // replace old values with new values
179 // in some cases (ie: textfields) the value is not passed, but
180 // this doesn't mean we must delete the existing value
181 if (array_key_exists($efid, $extra_fields)) {
182 $f = $extra_fields[$efid];
192 if (!$ah->update($_priority,$_status_id,$_assigned_to,$_summary,$canned_response,'',$artifact_type_id,$ef)) {
197 $feedback .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
205 $feedback = _('Updated successfully'); }
207 unset ($extra_fields_choice);
208 include ('browse.php');
212 $artifact_id = getIntFromRequest('artifact_id');
213 $priority = getIntFromRequest('priority');
214 $status_id = getIntFromRequest('status_id');
215 $category_id = getIntFromRequest('category_id');
216 $artifact_group_id = getIntFromRequest('artifact_group_id');
217 $resolution_id = getIntFromRequest('resolution_id');
218 $assigned_to = getStringFromRequest('assigned_to');
219 $summary = getStringFromRequest('summary');
220 $canned_response = getStringFromRequest('canned_response');
221 $details = getStringFromRequest('details');
222 $new_artifact_type_id = getIntFromRequest('new_artifact_type_id');
223 $extra_fields = getStringFromRequest('extra_fields');
227 Technicians can modify limited fields - to be certain
228 no one is hacking around, we override any fields they don't have
229 permission to change.
231 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
232 exit_form_double_submit();
235 $ah=new ArtifactHtml($ath,$artifact_id);
236 if (!$ah || !is_object($ah)) {
237 exit_error('ERROR','Artifact Could Not Be Created');
238 } else if ($ah->isError()) {
239 exit_error('ERROR',$ah->getErrorMessage());
240 } else if (!$ath->allowsAnon() && !session_loggedin()) {
241 exit_error('ERROR',_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'));
246 The following logic causes fields to be overridden
247 in the event that someone tampered with the HTML form
250 if ($ath->userIsAdmin() || $ath->userIsTechnician()) {
252 //admin and techs can do everything
253 //techs will have certain fields overridden inside the update() function call
254 if (!$ah->update($priority,$status_id,
255 $assigned_to,$summary,$canned_response,$details,$new_artifact_type_id,$extra_fields)) {
256 $feedback =_('Tracker Item'). ': '.$ah->getErrorMessage();
263 if (session_loggedin() && ($ah->getSubmittedBy() == user_getid())) {
265 //submitter can only add files & comments
268 if ($ah->addMessage($details,$user_email,true)) {
269 $feedback=_('Comment added');
271 if ( (strlen($details)>0) ) { //if there was no message, then it´s not an error but addMessage returns false and sets missing params error
272 //some kind of error in creation
273 exit_error($ah->getErrorMessage(),$feedback);
275 // we have to unset the error if the user added a file ( add a file and no comment)
276 if ( (getStringFromRequest('add_file')) ) {
284 //everyone else can only add comments
287 if ($ah->addMessage($details,$user_email,true)) {
288 $feedback=_('Comment added');
290 //some kind of error in creation
291 exit_error('ERROR',$ah->getErrorMessage());
298 // Attach files to this Artifact.
300 for ($i=0; $i<5; $i++) {
301 $error=$_FILES['input_file']['error'][$i];
302 if (isset($error) && $error > 0) {
305 $file_name=$_FILES['input_file']['name'][$i];
306 $tmp_name=$_FILES['input_file']['tmp_name'][$i];
307 if (!is_uploaded_file($tmp_name)) {
310 $size=$_FILES['input_file']['size'][$i];
311 $type=$_FILES['input_file']['type'][$i];
313 $afh=new ArtifactFileHtml($ah);
314 if (!$afh || !is_object($afh)) {
315 $feedback .= 'Could Not Create File Object';
316 // } elseif ($afh->isError()) {
317 // $feedback .= $afh->getErrorMessage();
319 if (!util_check_fileupload($tmp_name)) {
320 form_release_key(getStringFromRequest('form_key'));
321 exit_error("Error","Invalid filename");
323 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
324 $feedback .= ' <br />'._('File Upload: Error').':'.$afh->getErrorMessage();
327 $feedback .= ' <br />'._('File Upload: Successful');
333 // Delete list of files from this artifact
335 $delete_file = getStringFromRequest('delete_file');
337 $count=count($delete_file);
338 for ($i=0; $i<$count; $i++) {
339 $afh=new ArtifactFileHtml($ah,$delete_file[$i]);
340 if (!$afh || !is_object($afh)) {
341 $feedback .= 'Could Not Create File Object::'.$delete_file[$i];
342 } elseif ($afh->isError()) {
343 $feedback .= $afh->getErrorMessage().'::'.$delete_file[$i];
345 if (!$afh->delete()) {
346 $feedback .= ' <br />'._('File Delete:').': '.$afh->getErrorMessage();
349 $feedback .= ' <br />'._('File Delete: Successful');
355 // Show just one feedback entry if no errors
358 $feedback = _('Updated successfully');
360 include ('browse.php');
365 $artifact_id = getIntFromRequest('artifact_id');
367 $ah=new ArtifactHtml($ath,$artifact_id);
368 if (!$ah || !is_object($ah)) {
369 exit_error('ERROR','Artifact Could Not Be Created');
370 } else if ($ah->isError()) {
371 exit_error('ERROR',$ah->getErrorMessage());
374 $feedback=$ah->getErrorMessage();
376 include 'browse.php';
379 $at=new ArtifactType($group,$atid);
380 if (!$at || !is_object($at)) {
381 exit_error('ERROR','Artifact Could Not Be Created');
382 } else if ($at->isError()) {
383 exit_error('ERROR',$at->getErrorMessage());
386 $feedback=$at->getErrorMessage();
388 include 'browse.php';
398 case 'deleteartifact' : {
399 if ($ath->userIsAdmin()) {
400 $aid = getStringFromRequest('aid');
401 $ah= new ArtifactHtml($ath,$aid);
402 if (!$ah || !is_object($ah)) {
403 exit_error('ERROR','Artifact Could Not Be Created');
404 } elseif ($ah->isError()) {
405 exit_error('ERROR',$ah->getErrorMessage());
407 include 'deleteartifact.php';
409 exit_permission_denied();
415 // Handle the actual delete
418 case 'postdeleteartifact' : {
419 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
420 exit_form_double_submit();
422 if ($ath->userIsAdmin()) {
423 $aid = getStringFromRequest('aid');
424 $ah= new ArtifactHtml($ath,$aid);
425 if (!$ah || !is_object($ah)) {
426 exit_error('ERROR','Artifact Could Not Be Created');
427 } elseif ($ah->isError()) {
428 exit_error('ERROR',$ah->getErrorMessage());
430 if (!getStringFromRequest('confirm_delete')) {
431 $feedback .= _('Confirmation failed. Artifact not deleted');
434 if (!$ah->delete(true)) {
435 $feedback .= _('Artifact Delete Failed') . ': '.$ah->getErrorMessage();
437 $feedback .= _('Artifact Deleted Successfully');
440 include 'browse.php';
442 exit_permission_denied();
449 include 'taskmgr.php';
453 include 'browse.php';
457 include ('query.php');
460 case 'downloadcsv' : {
461 include ('downloadcsv.php');
465 $aid = getStringFromRequest('aid');
466 Header("Redirect: ".$GLOBALS['sys_urlprefix']."/tracker/download.php?group_id=$group_id&atid=$atid&aid=$aid&file_id=$file_id");
470 $aid = getStringFromRequest('aid');
473 // users can modify their own tickets in a limited way if they submitted them
474 // even if they are not artifact admins
476 $ah=new ArtifactHtml($ath,$aid);
477 if (!$ah || !is_object($ah)) {
478 exit_error('ERROR','Artifact Could Not Be Created');
479 } else if ($ah->isError()) {
480 exit_error('ERROR',$ah->getErrorMessage());
482 if ($ath->userIsAdmin()) {
484 } elseif ($ath->userIsTechnician()) {
485 include 'mod-limited.php';
487 include 'detail.php';
493 include 'browse.php';
500 // c-file-style: "bsd"