5 * Copyright 1999-2001 (c) VA Linux Systems
6 * Copyright 2002-2004 (c) GForge Team
7 * http://fusionforge.org/
9 * This file is part of FusionForge.
11 * FusionForge is free software; you can redistribute it and/or modify
12 * it under the terms of the GNU General Public License as published by
13 * the Free Software Foundation; either version 2 of the License, or
14 * (at your option) any later version.
16 * FusionForge is distributed in the hope that it will be useful,
17 * but WITHOUT ANY WARRANTY; without even the implied warranty of
18 * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
19 * GNU General Public License for more details.
21 * You should have received a copy of the GNU General Public License
22 * along with FusionForge; if not, write to the Free Software
23 * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
28 // get the Group object
30 $group =& group_get_object($group_id);
31 if (!$group || !is_object($group)) {
34 if ($group->isError()) {
35 if($group->isPermissionDeniedError()) {
36 exit_permission_denied($group->getErrorMessage(),'tracker');
38 exit_error($group->getErrorMessage(),'tracker');
43 // Create the ArtifactType object
45 $ath = new ArtifactTypeHtml($group,$atid);
47 if (!$ath || !is_object($ath)) {
48 exit_error(_('ArtifactType could not be created'),'tracker');
50 if ($ath->isError()) {
51 if($ath->isPermissionDeniedError()) {
52 exit_permission_denied($group->getErrorMessage(),'tracker');
54 exit_error($ath->getErrorMessage(),'tracker');
58 switch (getStringFromRequest('func')) {
61 if (!$ath->allowsAnon() && !session_loggedin()) {
62 exit_permission_denied('tracker');
64 include $gfwww.'tracker/add.php';
69 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
70 exit_form_double_submit('tracker');
73 $user_email = getStringFromRequest('user_email');
74 $category_id = getIntFromRequest('category_id');
75 $artifact_group_id = getIntFromRequest('artifact_group_id');
76 $summary = getStringFromRequest('summary');
77 $details = getStringFromRequest('details');
78 $assigned_to = getStringFromRequest('assigned_to');
79 $priority = getStringFromRequest('priority');
80 $extra_fields = getStringFromRequest('extra_fields');
86 $ah=new ArtifactHtml($ath);
88 if (!$ah || !is_object($ah)) {
89 form_release_key(getStringFromRequest('form_key'));
90 exit_error(_('Artifact Could Not Be Created'),'tracker');
91 } else if (!$ath->allowsAnon() && !session_loggedin()) {
92 exit_error(_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'),'tracker');
94 if (empty($user_email)) {
97 if (!validate_email($user_email)) {
98 form_release_key(getStringFromRequest('form_key'));
99 exit_error(_('Invalid Email Address') . htmlspecialchars($user_email),'tracker');
103 $details = "Anonymous message posted by $user_email\n\n".
106 if (!$ah->create($summary,$details,$assigned_to,$priority,$extra_fields)) {
107 form_release_key(getStringFromRequest('form_key'));
108 exit_error($ah->getErrorMessage(),'tracker');
111 // Attach files to this Artifact.
114 for ($i=0; $i<5; $i++) {
115 $f = getUploadedFile("input_file$i");
116 $error = $f['error'];
117 if (isset($error) && $error > 0) {
119 if ($error === 1 || $error === 2) {
120 // UPLOAD_ERR_INI_SIZE or UPLOAD_ERR_FORM_SIZE
121 $ext_feedback .= "<br />ERROR: Skipping attachement $n: file is too large.";
122 } elseif ($error === 3) {
123 // UPLOAD_ERR_PARTIAL
124 $ext_feedback .= "<br />ERROR: Skipping attachement $n: transfert interrupted.";
128 $file_name = $f['name'];
129 $tmp_name = $f['tmp_name'];
132 if (!is_uploaded_file($tmp_name)) {
136 $afh=new ArtifactFileHtml($ah);
137 if (!$afh || !is_object($afh)) {
138 $error_msg .= _('Could Not Create File Object');
139 } elseif ($afh->isError()) {
140 $error_msg .= $afh->getErrorMessage();
142 if (!util_check_fileupload($tmp_name)) {
143 form_release_key(getStringFromRequest('form_key'));
144 //delete the artifact
146 exit_error(_('Invalid filename'),'tracker');
148 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
149 form_release_key(getStringFromRequest('form_key'));
150 //delete the artifact
152 exit_error(_('Could Not Attach File to Item: '.$afh->getErrorMessage()),'tracker');
156 $feedback .= sprintf(_('Item %s successfully created'),'[#'.$ah->getID().']');
157 $feedback .= $ext_feedback;
158 include $gfwww.'tracker/browse.php';
163 case 'massupdate' : {
164 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
165 exit_form_double_submit('tracker');
168 $artifact_id_list = getArrayFromRequest('artifact_id_list');
169 $priority = getStringFromRequest('priority');
170 $status_id = getIntFromRequest('status_id');
171 $category_id = getIntFromRequest('category_id');
172 $artifact_group_id = getIntFromRequest('artifact_group_id');
173 $resolution_id = getIntFromRequest('resolution_id');
174 $assigned_to = getStringFromRequest('assigned_to');
175 $canned_response = getIntFromRequest("canned_response");
176 $extra_fields = getArrayFromRequest('extra_fields');
179 $count=count($artifact_id_list);
181 session_require_perm ('tracker', $ath->getID(), 'manager') ;
183 $artifact_type_id=$ath->getID();
185 for ($i=0; $i < $count; $i++) {
186 $ah=new Artifact($ath,$artifact_id_list[$i]);
187 if (!$ah || !is_object($ah)) {
188 $feedback .= ' ID: '.$artifact_id_list[$i].'::Artifact Could Not Be Created';
189 } else if ($ah->isError()) {
190 $feedback .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
192 $_priority=(($priority != 100) ? $priority : $ah->getPriority());
193 $_status_id=(($status_id != 100) ? $status_id : $ah->getStatusID());
194 //yikes, we want the ability to mass-update to "un-assigned", which is the ID=100, which
195 //conflicts with the "no change" ID! Sorry for messy use of 100.1
196 $_assigned_to=(($assigned_to != '100.1') ? $assigned_to : $ah->getAssignedTo());
199 // get existing extra field data
200 // we will then override individual elements if needed
202 $ef = $ah->getExtraFieldData();
203 $keys = array_keys($ef);
204 foreach ($keys as $efid) {
205 if (is_array($ef[$efid])) {
206 $f = $extra_fields[$efid];
207 // in this case, if $extra_fields is not setted, it
208 // means no option was selected, so we have to delete
209 // the original values
210 if (!is_array($f) || count($f) == 0) {
211 $ef[$efid] = array();
212 } else if (in_array('100', $extra_fields[$efid])) { // "No change" option selected?
215 $ef[$efid] = $f; // replace old values with new values
218 // in some cases (ie: textfields) the value is not passed, but
219 // this doesn't mean we must delete the existing value
220 if (array_key_exists($efid, $extra_fields)) {
221 $f = $extra_fields[$efid];
228 $ef[$efid] = addslashes($ef[$efid]);
233 if (!$ah->update($_priority,$_status_id,$_assigned_to,$_summary,$canned_response,'',$artifact_type_id,$ef)) {
238 $error_msg .= ' ID: '.$artifact_id_list[$i].'::'.$ah->getErrorMessage();
246 $feedback = _('Updated Successfully'); }
248 unset ($extra_fields_choice);
249 include $gfwww.'tracker/browse.php';
253 $artifact_id = getIntFromRequest('artifact_id');
254 $priority = getIntFromRequest('priority');
255 $status_id = getIntFromRequest('status_id');
256 $category_id = getIntFromRequest('category_id');
257 $artifact_group_id = getIntFromRequest('artifact_group_id');
258 $resolution_id = getIntFromRequest('resolution_id');
259 $assigned_to = getStringFromRequest('assigned_to');
260 $summary = getStringFromRequest('summary');
261 $canned_response = getStringFromRequest('canned_response');
262 $details = getStringFromRequest('details');
263 $description = getStringFromRequest('description');
264 $new_artifact_type_id = getIntFromRequest('new_artifact_type_id');
265 $extra_fields = getStringFromRequest('extra_fields');
266 $user_email = getStringFromRequest('user_email', false);
270 Technicians can modify limited fields - to be certain
271 no one is hacking around, we override any fields they don't have
272 permission to change.
274 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
275 exit_form_double_submit('tracker');
278 $ah=new ArtifactHtml($ath,$artifact_id);
279 if (!$ah || !is_object($ah)) {
280 exit_error(_('Artifact Could Not Be Created'),'tracker');
281 } else if ($ah->isError()) {
282 exit_error($ah->getErrorMessage(),'tracker');
283 } else if (!$ath->allowsAnon() && !session_loggedin()) {
284 exit_error(_('Artifact: This ArtifactType Does Not Allow Anonymous Submissions. Please Login.'),'tracker');
289 The following logic causes fields to be overridden
290 in the event that someone tampered with the HTML form
293 if (forge_check_perm ('tracker', $ath->getID(), 'tech')
294 || forge_check_perm ('tracker', $ath->getID(), 'manager')) {
295 //admin and techs can do everything
296 //techs will have certain fields overridden inside the update() function call
297 if (!$ah->update($priority,$status_id,
298 $assigned_to,$summary,$canned_response,$details,$new_artifact_type_id,$extra_fields, $description)) {
299 form_release_key(getStringFromRequest('form_key'));
300 $error_msg .= _('Tracker Item'). ': '.$ah->getErrorMessage();
307 // Everyone else can add comments
309 if ($ah->addMessage($details,$user_email,true)) {
310 $feedback=_('Comment added');
312 if ( (strlen($details)>0) ) { //if there was no message, then it's not an error but addMessage returns false and sets missing params error
313 //some kind of error in creation
314 exit_error($ah->getErrorMessage(),'tracker');
316 // we have to unset the error if the user added a file ( add a file and no comment)
317 if ( (getStringFromRequest('add_file')) ) {
325 //everyone else can only add comments
328 if ($ah->addMessage($details,$user_email,true)) {
329 $feedback=_('Comment added');
331 //some kind of error in creation
332 exit_error($ah->getErrorMessage(),'tracker');
337 // Admin, Techs and Submitter can add files.
338 if (forge_check_perm ('tracker', $ath->getID(), 'tech')
339 || forge_check_perm ('tracker', $ath->getID(), 'manager')
340 || (session_loggedin() && ($ah->getSubmittedBy() == user_getid()))) {
342 // Attach files to this Artifact.
345 for ($i=0; $i<5; $i++) {
346 $f = getUploadedFile("input_file$i");
347 $error = $f['error'];
348 if (isset($error) && $error > 0) {
350 if ($error === 1 || $error === 2) {
351 // UPLOAD_ERR_INI_SIZE or UPLOAD_ERR_FORM_SIZE
352 $ext_feedback .= "<br />" .
353 sprintf(_("ERROR: Skipping attachment %d: file is too large."), $n);
354 } elseif ($error === 3) {
355 // UPLOAD_ERR_PARTIAL
356 $ext_feedback .= "<br />" .
357 sprintf(_("ERROR: Skipping attachment %d: transfer interrupted."), $n);
361 $file_name = $f['name'];
362 $tmp_name = $f['tmp_name'];
366 if (!is_uploaded_file($tmp_name)) {
370 $afh=new ArtifactFileHtml($ah);
371 if (!$afh || !is_object($afh)) {
372 $error_msg .= _('Could Not Create File Object');
373 } elseif ($afh->isError()) {
374 $error_msg .= $afh->getErrorMessage();
376 if (!util_check_fileupload($tmp_name)) {
377 form_release_key(getStringFromRequest('form_key'));
378 exit_error(_('Invalid filename'),'tracker');
380 if (!$afh->upload($tmp_name,$file_name,$type,' ')) {
381 $error_msg .= ' <br />'._('File Upload: Error').':'.$afh->getErrorMessage();
384 $feedback .= ' <br />'._('File Upload: Successful');
389 // Admin and Techs can delete files.
390 if (forge_check_perm ('tracker', $ath->getID(), 'tech')
391 || forge_check_perm ('tracker', $ath->getID(), 'manager')) {
393 // Delete list of files from this artifact
395 $delete_file = getStringFromRequest('delete_file');
397 $count=count($delete_file);
398 for ($i=0; $i<$count; $i++) {
399 $afh=new ArtifactFileHtml($ah,$delete_file[$i]);
400 if (!$afh || !is_object($afh)) {
401 $error_msg .= _('Could Not Create File Object::').$delete_file[$i];
402 } elseif ($afh->isError()) {
403 $error_msg .= $afh->getErrorMessage().'::'.$delete_file[$i];
405 if (!$afh->delete()) {
406 $error_msg .= ' <br />'._('File Delete:').': '.$afh->getErrorMessage();
409 $feedback .= ' <br />'._('File Delete: Successful');
417 // Show just one feedback entry if no errors
420 $feedback = sprintf(_('Item %s successfully updated'),'[#'.$ah->getID().']');
422 $feedback .= $ext_feedback;
423 include $gfwww.'tracker/browse.php';
429 if (!session_loggedin()) {
430 exit_permission_denied();
432 $start = getIntFromRequest('start');
433 $stop = getIntFromRequest('stop');
434 $artifact_id = getIntFromRequest('artifact_id');
436 // Fix to prevent collision with the start variable used in browse.
440 $ah=new ArtifactHtml($ath,$artifact_id);
441 if (!$ah || !is_object($ah)) {
442 exit_error(_('Artifact Could Not Be Created'),'tracker');
443 } else if ($ah->isError()) {
444 exit_error($ah->getErrorMessage(),'tracker');
446 if ($start && $ah->isMonitoring())
447 $feedback = _('Monitoring Started');
448 elseif ($stop && !$ah->isMonitoring())
449 $feedback = _('Monitoring Deactivated');
452 $error_msg = $ah->getErrorMessage();
454 include $gfwww.'tracker/browse.php';
457 $at=new ArtifactType($group,$atid);
458 if (!$at || !is_object($at)) {
459 exit_error(_('Artifact Could Not Be Created'),'tracker');
460 } else if ($at->isError()) {
461 exit_error($at->getErrorMessage(),'tracker');
463 if ($start && $at->isMonitoring())
464 $feedback = _('Monitoring Started');
465 elseif ($stop && !$at->isMonitoring())
466 $feedback = _('Monitoring Deactivated');
469 $feedback=$at->getErrorMessage();
472 include $gfwww.'tracker/browse.php';
482 case 'deleteartifact' : {
483 session_require_perm ('tracker', $ath->getID(), 'manager') ;
485 $aid = getIntFromRequest('aid');
486 $ah= new ArtifactHtml($ath,$aid);
487 if (!$ah || !is_object($ah)) {
488 exit_error(_('Artifact Could Not Be Created'),'tracker');
489 } elseif ($ah->isError()) {
490 exit_error($ah->getErrorMessage(),'tracker');
492 include $gfwww.'tracker/deleteartifact.php';
497 // Handle the actual delete
500 case 'postdeleteartifact' : {
501 if (!form_key_is_valid(getStringFromRequest('form_key'))) {
502 exit_form_double_submit('tracker');
504 session_require_perm ('tracker', $ath->getID(), 'manager') ;
506 $aid = getStringFromRequest('aid');
507 $ah= new ArtifactHtml($ath,$aid);
508 if (!$ah || !is_object($ah)) {
509 exit_error(_('Artifact Could Not Be Created'),'tracker');
510 } elseif ($ah->isError()) {
511 exit_error($ah->getErrorMessage(),'tracker');
513 if (!getStringFromRequest('confirm_delete')) {
514 $warning_msg .= _('Confirmation failed. Artifact not deleted');
517 if (!$ah->delete(true)) {
518 $error_msg .= _('Artifact Delete Failed') . ': '.$ah->getErrorMessage();
520 $feedback .= _('Artifact Deleted Successfully');
523 include $gfwww.'tracker/browse.php';
529 include $gfwww.'tracker/taskmgr.php';
533 include $gfwww.'tracker/browse.php';
537 include $gfwww.'tracker/query.php';
540 case 'downloadcsv' : {
541 include $gfwww.'tracker/downloadcsv.php';
545 $aid = getIntFromRequest('aid');
546 session_redirect('/tracker/download.php?group_id='.$group_id.'&atid='.$atid.'&aid='.$aid.'&file_id='.$file_id);
550 $aid = getIntFromRequest('aid');
553 // users can modify their own tickets in a limited way if they submitted them
554 // even if they are not artifact admins
556 $ah=new ArtifactHtml($ath,$aid);
557 if (!$ah || !is_object($ah)) {
558 exit_error(_('Artifact Could Not Be Created'),'tracker');
559 } else if ($ah->isError()) {
560 exit_error($ah->getErrorMessage(),'tracker');
562 if (forge_check_perm ('tracker', $ath->getID(), 'manager')) {
563 include $gfwww.'tracker/mod.php';
564 } elseif (forge_check_perm ('tracker', $ath->getID(), 'tech')) {
565 include $gfwww.'tracker/mod-limited.php';
567 include $gfwww.'tracker/detail.php';
573 include $gfwww.'tracker/browse.php';
580 // c-file-style: "bsd"