AIR/mxml
1
0
Fork 0
mirror of https://github.com/michaelrsweet/mxml.git synced 2024-11-08 13:39:58 +00:00
Code Issues Packages Projects Releases Wiki Activity

Fix db schema for strtext (missing comma)

Browse Source 
Cleanup STR page.

Add LOGIN_LEVEL global to auth stuff.
This commit is contained in:
Michael R Sweet 2004-05-17 21:00:42 +00:00
parent d5bbf222cd
commit 668a16604d
3 changed files with 92 additions and 73 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
www/data/mxml.sql
View File

@ -1,5 +1,5 @@
--
-- "$Id: mxml.sql,v 1.2 2004/05/17 20:28:52 mike Exp $"
-- "$Id: mxml.sql,v 1.3 2004/05/17 21:00:42 mike Exp $"
--
-- Database schema for the Mini-XML web pages.
--
@ -123,7 +123,7 @@ CREATE TABLE strtext (
id INTEGER PRIMARY KEY, -- Text ID
str_id INTEGER, -- STR number
is_published INTEGER, -- 0 = private, 1 = public
contents TEXT -- Text message
contents TEXT, -- Text message
create_date INTEGER, -- Time/date of creation
create_user VARCHAR(255) -- User that posted the text
);
@ -155,5 +155,5 @@ INSERT INTO users VALUES(NULL, 1, 'mike', 'Michael Sweet <mike@easysw.com>',
1084823565, 'mike', 1084823565, 'mike');
--
-- End of "$Id: mxml.sql,v 1.2 2004/05/17 20:28:52 mike Exp $".
-- End of "$Id: mxml.sql,v 1.3 2004/05/17 21:00:42 mike Exp $".
--

22
www/phplib/auth.php
View File

@ -1,6 +1,6 @@
<?
//
// "$Id: auth.php,v 1.1 2004/05/17 20:28:52 mike Exp $"
// "$Id: auth.php,v 1.2 2004/05/17 21:00:42 mike Exp $"
//
// Authentication functions for PHP pages...
//
@ -22,7 +22,8 @@ include_once "db.php";
// Store the current user in the global variable LOGIN_USER...
//
$LOGIN_USER = auth_current();
$LOGIN_LEVEL = 0;
$LOGIN_USER = auth_current();
//
@ -32,7 +33,7 @@ $LOGIN_USER = auth_current();
function // O - Current username or ""
auth_current()
{
global $_COOKIE, $_SERVER;
global $_COOKIE, $_SERVER, $LOGIN_LEVEL;
// See if the SID cookie is set; if not, the user is not logged in...
@ -55,7 +56,11 @@ auth_current()
// See if it matches the cookie value...
if ($cookie[1] == $sid)
{
$LOGIN_LEVEL = $row["level"];
$_COOKIE["FROM"] = $row["email"];
return ($cookie[0]);
}
}
return ("");
@ -86,8 +91,10 @@ auth_login($name, // I - Username
// See if they match...
if ($row["hash"] == $hash)
{
// Update the username...
$LOGIN_USER = $name;
// Update the username and email...
$LOGIN_USER = $name;
$LOGIN_LEVEL = $row["level"];
$_COOKIE["FROM"] = $row["email"];
// Compute the session ID...
$sid = "$name:" . md5("$_SERVER[REMOTE_ADDR]:$hash");
@ -112,13 +119,14 @@ auth_logout()
global $LOGIN_USER;
$LOGIN_USER = "";
$LOGIN_USER = "";
$LOGIN_LEVEL = 0;
setcookie("SID", "", time() + 90 * 86400, "/");
}
//
// End of "$Id: auth.php,v 1.1 2004/05/17 20:28:52 mike Exp $".
// End of "$Id: auth.php,v 1.2 2004/05/17 21:00:42 mike Exp $".
//
?>

137
www/str.php
View File

@ -146,9 +146,9 @@ notify_creator($id, // I - STR #
else
$fix_version = "Unassigned";
if ($row['create_email'] != $row['modify_email'] &&
$row['create_email'] != $manager)
mail($row['create_email'], "$STR_PROJECT STR #$id $what",
if ($row['create_user'] != $row['modify_user'] &&
$row['create_user'] != $manager)
mail($row['create_user'], "$STR_PROJECT STR #$id $what",
"Your software trouble report #$id has been $what. You can check\n"
."the status of the report and add additional comments and/or files\n"
."at the following URL:\n"
@ -200,7 +200,7 @@ notify_creator($id, // I - STR #
else
$manager = "$STR_EMAIL";
if ($row['modify_email'] != $manager)
if ($row['modify_user'] != $manager)
mail($manager, "$STR_PROJECT STR #$id $what",
"The software trouble report #$id assigned to you has been $what.\n"
."You can manage the report and add additional comments and/or files\n"
@ -380,7 +380,7 @@ switch ($op)
{
$time = time();
$manager_email = db_escape($_POST["MANAGER_EMAIL"]);
$modify_email = db_escape($managers[$LOGIN_USER]);
$modify_user = db_escape($_COOKIE["FROM"]);
$message = $_POST["MESSAGE"];
if ($message != "")
@ -394,7 +394,7 @@ switch ($op)
$mailmsg = "";
}
$query = "modify_date = $time, modify_email = '$modify_email'";
$query = "modify_date = $time, modify_user = '$modify_user'";
if ($_POST["STATUS"] != "")
$query .= ", status = $_POST[STATUS]";
@ -416,7 +416,7 @@ switch ($op)
if ($contents != "")
{
db_query("INSERT INTO strtext VALUES(NULL,$id,1,'$contents',"
."$time,'$modify_email')");
."$time,'$modify_user')");
notify_creator($id, "updated", $mailmsg);
}
@ -444,7 +444,7 @@ switch ($op)
$row = db_next($result);
html_start_links(1);
html_link("Return to STR List", "$PHP_SELF?L$options");
html_link("Return to Support", "$PHP_SELF?L$options");
if ($row['status'] >= $STR_STATUS_ACTIVE)
{
@ -457,7 +457,9 @@ switch ($op)
html_end_links();
$create_email = sanitize_email($row['create_email']);
print("<h1>STR #$id</h1>\n");
$create_user = sanitize_email($row['create_user']);
$manager_email = sanitize_email($row['manager_email']);
$subsystem = $row['subsystem'];
$summary = htmlspecialchars($row['summary'], ENT_QUOTES);
@ -494,13 +496,11 @@ switch ($op)
print("<tr><th align='right'>Subsystem:</th><td>$subsystem</td></tr>\n");
print("<tr><th align='right'>Summary:</th><td>$summary</td></tr>\n");
print("<tr><th align='right'>Version:</th><td>$str_version</td></tr>\n");
print("<tr><th align='right'>Created By:</th><td>$create_email</td></tr>\n");
print("<tr><th align='right'>Created By:</th><td>$create_user</td></tr>\n");
print("<tr><th align='right'>Assigned To:</th><td>$manager_email</td></tr>\n");
print("<tr><th align='right'>Fix Version:</th><td>$fix_version</td></tr>\n");
if ($LOGIN_USER)
$email = htmlspecialchars($managers[$LOGIN_USER]);
else if (array_key_exists("FROM", $_COOKIE))
if (array_key_exists("FROM", $_COOKIE))
$email = htmlspecialchars($_COOKIE["FROM"]);
else
$email = "";
@ -536,9 +536,9 @@ switch ($op)
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$date = date("M d, Y", $row['create_date']);
$time = date("H:m", $row['create_date']);
$email = sanitize_email($row['create_user']);
$filename = htmlspecialchars($row['filename']);
html_start_row();
@ -572,9 +572,9 @@ switch ($op)
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$date = date("M d, Y", $row['create_date']);
$time = date("H:m", $row['create_date']);
$email = sanitize_email($row['create_user']);
$contents = quote_text($row['contents']);
html_start_row();
@ -590,12 +590,14 @@ switch ($op)
}
else
{
html_header("STR List");
html_header("Support");
html_start_links(1);
html_link("Post New Software Trouble Report", "$PHP_SELF?N$options'");
html_end_links();
print("<h1>Support</h1>\n");
print("<form method='POST' action='$PHP_SELF'><p align='center'>"
."Search&nbsp;Words: &nbsp;<input type='text' size='60' name='SEARCH' value='$search'>"
."<input type='submit' value='Search STRs'></p>\n");
@ -641,7 +643,7 @@ switch ($op)
}
print("</select>\n");
if ($LOGIN_USER || array_key_exists("FROM", $_COOKIE))
if (array_key_exists("FROM", $_COOKIE))
{
print("Show:&nbsp;<select name='FEMAIL'>");
print("<option value='0'");
@ -700,16 +702,19 @@ switch ($op)
if ($femail)
{
if (array_key_exists("FROM", $_COOKIE))
$email = db_escape($_COOKIE["FROM"]);
else
$email = "";
if ($LOGIN_USER)
{
$query .= "${prefix}(manager_email = '' OR "
." manager_email = '$managers[$LOGIN_USER]')";
$query .= "${prefix}(manager_email = '' OR manager_email = '$email')";
$prefix = " AND ";
}
else if (array_key_exists("FROM", $_COOKIE))
else if ($email != "")
{
$email = db_escape($_COOKIE["FROM"]);
$query .= "${prefix}create_email = '$email'";
$query .= "${prefix}create_user = '$email'";
$prefix = " AND ";
}
}
@ -764,7 +769,7 @@ switch ($op)
." OR str_version LIKE \"%$keyword%\""
." OR fix_version LIKE \"%$keyword%\""
." OR manager_email LIKE \"%$keyword%\""
." OR create_email LIKE \"%$keyword%\")";
." OR create_user LIKE \"%$keyword%\")";
$prefix = $next;
$logic = '';
}
@ -885,7 +890,7 @@ switch ($op)
html_start_row();
$email = sanitize_email($textrow['email']);
$email = sanitize_email($textrow['create_user']);
$contents = abbreviate(quote_text($textrow['contents']), 128);
print("<td align='center' valign='top' colspan='2'>$email</td>"
@ -971,7 +976,7 @@ switch ($op)
print("</form>");
print("<p>"
."M/P = Machine/Printer, "
."M = Machine, "
."OS = Operating System."
."</p>\n");
}
@ -988,9 +993,9 @@ switch ($op)
$master_id = (int)$_POST["MASTER_ID"];
$summary = db_escape($_POST["SUMMARY"]);
$subsystem = db_escape($_POST["SUBSYSTEM"]);
$create_email = db_escape($_POST["CREATE_EMAIL"]);
$create_user = db_escape($_POST["CREATE_EMAIL"]);
$manager_email = db_escape($_POST["MANAGER_EMAIL"]);
$modify_email = db_escape($managers[$LOGIN_USER]);
$modify_user = db_escape($_COOKIE["FROM"]);
$contents = db_escape(trim($_POST["CONTENTS"]));
$message = $_POST["MESSAGE"];
@ -1004,16 +1009,16 @@ switch ($op)
."subsystem = '$subsystem', "
."str_version = '$_POST[STR_VERSION]', "
."fix_version = '$_POST[FIX_VERSION]', "
."create_email = '$create_email', "
."create_user = '$create_user', "
."manager_email = '$manager_email', "
."modify_date = $time, "
."modify_email = '$modify_email' "
."modify_user = '$modify_user' "
."WHERE id = $id");
if ($contents != "")
{
db_query("INSERT INTO strtext VALUES(NULL,$id,1,'$contents',"
."$time,'$modify_email')");
."$time,'$modify_user')");
$contents = trim($_POST["CONTENTS"]) . "\n\n";
}
@ -1022,7 +1027,7 @@ switch ($op)
$contents = db_escape($messages[$message]);
db_query("INSERT INTO strtext VALUES(NULL,$id,1,'$contents',"
."$time,'$modify_email')");
."$time,'$modify_user')");
$contents = $messages[$message] . "\n\n";
}
@ -1052,15 +1057,17 @@ switch ($op)
}
else
{
html_header("STR #$id");
html_header("Modify STR #$id");
html_start_links(1);
html_link("Return to STR List", "$PHP_SELF?L$options");
html_link("Return to Support", "$PHP_SELF?L$options");
html_link("Return to STR #$id", "$PHP_SELF?L$id$options");
html_link("Post Text", "$PHP_SELF?T$id$options");
html_link("Post File", "$PHP_SELF?F$id$options");
html_end_links();
print("<h1>Modify STR #$id</h1>\n");
$result = db_query("SELECT * FROM str WHERE id = $id");
if (db_count($result) != 1)
{
@ -1071,7 +1078,7 @@ switch ($op)
$row = db_next($result);
$create_email = htmlspecialchars($row['create_email']);
$create_user = htmlspecialchars($row['create_user']);
$manager_email = htmlspecialchars($row['manager_email']);
$summary = htmlspecialchars($row['summary'], ENT_QUOTES);
@ -1154,7 +1161,7 @@ switch ($op)
print("<tr><th align='right'>Created By:</th>"
."<td><input type='text' name='CREATE_EMAIL' maxsize='128' "
."value='$create_email' size='40'></td></tr>\n");
."value='$create_user' size='40'></td></tr>\n");
print("<tr><th align='right'>Assigned To:</th>"
."<td><select name='MANAGER_EMAIL'>"
@ -1226,9 +1233,9 @@ switch ($op)
$line = 0;
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$date = date("M d, Y", $row['create_date']);
$time = date("H:m", $row['create_date']);
$email = sanitize_email($row['create_user']);
$filename = htmlspecialchars($row['filename']);
print("<tr class='data$line'>"
@ -1275,9 +1282,9 @@ switch ($op)
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$date = date("M d, Y", $row['create_date']);
$time = date("H:m", $row['create_date']);
$email = sanitize_email($row['create_user']);
$contents = quote_text($row['contents']);
print("<tr class='data$line'>"
@ -1317,8 +1324,6 @@ switch ($op)
$email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
}
else if ($LOGIN_USER)
$email = $managers[$LOGIN_USER];
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
@ -1332,10 +1337,10 @@ switch ($op)
}
else
{
if ($LOGIN_USER)
$email = $managers[$LOGIN_USER];
if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
$email = $_COOKIE["FROM"];
$email = "";
$contents = "";
@ -1352,7 +1357,7 @@ switch ($op)
db_query("INSERT INTO strtext VALUES(NULL,$id,1,'$tcontents',"
."$time,'$temail')");
db_query("UPDATE str SET modify_date=$time, modify_email='$temail' "
db_query("UPDATE str SET modify_date=$time, modify_user='$temail' "
."WHERE id = $id");
db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE "
."id = $id AND status >= $STR_STATUS_ACTIVE AND "
@ -1370,6 +1375,8 @@ switch ($op)
html_link("Return to STR #$id", "$PHP_SELF?L$id$options");
html_end_links();
print("<h1>Post Text for STR #$id</h1>\n");
if ($REQUEST_METHOD == "POST")
{
print("<p><b>Error:</b> Please fill in the fields marked in "
@ -1425,8 +1432,6 @@ switch ($op)
$email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
}
else if ($LOGIN_USER)
$email = $managers[$LOGIN_USER];
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
@ -1449,10 +1454,10 @@ switch ($op)
}
else
{
if ($LOGIN_USER)
$email = $managers[$LOGIN_USER];
if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
$email = $_COOKIE["FROM"];
$email = "";
$filename = "";
@ -1498,7 +1503,7 @@ switch ($op)
db_query("INSERT INTO strfile VALUES(NULL,$id,1,'$tname',"
."$time,'$temail')");
db_query("UPDATE str SET modify_date=$time, modify_email='$temail' "
db_query("UPDATE str SET modify_date=$time, modify_user='$temail' "
."WHERE id = $id");
db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE "
."id = $id AND status >= $STR_STATUS_ACTIVE AND "
@ -1516,6 +1521,8 @@ switch ($op)
html_link("Return to STR #$id", "$PHP_SELF?L$id$options");
html_end_links();
print("<h1>Post File For STR #$id</h1>\n");
if ($REQUEST_METHOD == "POST")
{
print("<p><b>Error:</b> Please fill in the fields marked in "
@ -1676,12 +1683,14 @@ switch ($op)
}
else
{
html_header("New STR");
html_header("Post New Software Trouble Report");
html_start_links(1);
html_link("Return to STR List", "$PHP_SELF?L$options");
html_link("Return to Support", "$PHP_SELF?L$options");
html_end_links();
print("<h1>Post New Software Trouble Report</h1>\n");
if ($REQUEST_METHOD == "POST")
{
print("<p><b>Error:</b> Please fill in the fields marked in "
@ -1845,6 +1854,12 @@ switch ($op)
html_header("STR #$id Notifications");
html_start_links();
html_link("Return to STR #$id", "$PHP_SELF?L$id$options");
html_end_links();
print("<h1>STR #$id Notifications</h1>\n");
if ($notification == "ON")
{
if ($result && db_count($result) > 0)
@ -1875,10 +1890,6 @@ switch ($op)
if ($result)
db_free($result);
html_start_links();
html_link("Return to STR #$id", "$PHP_SELF?L$id$options");
html_end_links();
html_footer();
break;
}