"Michael Sweet "
);
$messages = array(
"Fixed in CVS" =>
"Fixed in CVS - the anonymous CVS repository will be updated at "
."midnight EST.",
"Old STR" =>
"This STR has not been updated by the submitter for two or more weeks "
."and has been closed as required by the Mini-XML Configuration Management "
."Plan. If the issue still requires resolution, please re-submit a new "
."STR.",
"Unresolvable" =>
"We are unable to resolve this problem with the information provided. "
."If you discover new information, please file a new STR referencing "
."this one."
);
$subsystems = array(
"Build Files",
"Config Files",
"Core API",
"Documentation",
"Multiple",
"mxmldoc",
"Sample Programs",
"Web Site"
);
$versions = array(
"2.0cvs",
"1.3",
"1.2",
"1.1.2",
"1.1.1",
"1.1",
"1.0",
"Web Site"
);
$status_text = array(
1 => "Resolved",
2 => "Unresolved",
3 => "Active",
4 => "Pending",
5 => "New"
);
$status_long = array(
1 => "1 - Closed w/Resolution",
2 => "2 - Closed w/o Resolution",
3 => "3 - Active",
4 => "4 - Pending",
5 => "5 - New"
);
$priority_text = array(
1 => "RFE",
2 => "LOW",
3 => "MODERATE",
4 => "HIGH",
5 => "CRITICAL"
);
$priority_long = array(
1 => "1 - Request for Enhancement, e.g. asking for a feature",
2 => "2 - Low, e.g. a documentation error or undocumented side-effect",
3 => "3 - Moderate, e.g. unable to compile the software",
4 => "4 - High, e.g. key functionality not working",
5 => "5 - Critical, e.g. nothing working at all"
);
$scope_text = array(
1 => "M/P",
2 => "OS",
3 => "ALL"
);
$scope_long = array(
1 => "1 - Specific to a machine",
2 => "2 - Specific to an operating system",
3 => "3 - Applies to all machines and operating systems"
);
// Global web vars...
global $_COOKIE, $_FILES, $_POST, $_SERVER;
$argc = $_SERVER["argc"];
$argv = $_SERVER["argv"];
$PHP_SELF = $_SERVER["PHP_SELF"];
$REMOTE_USER = $_SERVER["PHP_AUTH_USER"];
$REQUEST_METHOD = $_SERVER["REQUEST_METHOD"];
$SERVER_NAME = $_SERVER["SERVER_NAME"];
// Function to abbreviate long strings...
function abbreviate($text, $maxlen = 32)
{
if (strlen($text) > $maxlen)
return (substr($text, 0, $maxlen) . "...");
else
return ($text);
}
// Function to notify creator of an STR of changes...
function notify_creator($id, $what = "updated", $contents = "")
{
global $priority_long;
global $scope_long;
global $status_long;
$result = db_query("SELECT * FROM str WHERE id = $id");
if ($result)
{
$contents = wordwrap($contents);
$row = db_next($result);
$prtext = $priority_long[$row['priority']];
$sttext = $status_long[$row['status']];
$sctext = $scope_long[$row['scope']];
if ($row['subsystem'] != "")
$subsystem = $row['subsystem'];
else
$subsystem = "Unassigned";
if ($row['fix_version'] != "")
$fix_version = $row['fix_version'];
else
$fix_version = "Unassigned";
if ($row['create_email'] != $row['modify_email'] &&
$row['create_email'] != $manager)
mail($row['create_email'], "Mini-XML STR #$id $what",
"Your software trouble report #$id has been $what. You can check\n"
."the status of the report and add additional comments and/or files\n"
."at the following URL:\n"
."\n"
." http://www.easysw.com/str.php?L$id\n"
."\n"
." Summary: $row[summary]\n"
." Version: $row[str_version]\n"
." Status: $sttext\n"
." Priority: $prtext\n"
." Scope: $sctext\n"
." Subsystem: $subsystem\n"
."Fix Version: $fix_version\n"
."\n$contents"
."________________________________________________________________\n"
."Thank you for using the Mini-XML Software Trouble Report page!",
"From: noreply@easysw.com\r\n");
$ccresult = db_query("SELECT email FROM strcc WHERE str_id = $id");
if ($ccresult)
{
while ($ccrow = db_next($ccresult))
{
mail($ccrow->email, "Mini-XML STR #$id $what",
"Software trouble report #$id has been $what. You can check\n"
."the status of the report and add additional comments and/or files\n"
."at the following URL:\n"
."\n"
." http://www.easysw.com/str.php?L$id\n"
."\n"
." Summary: $row[summary]\n"
." Version: $row[str_version]\n"
." Status: $sttext\n"
." Priority: $prtext\n"
." Scope: $sctext\n"
." Subsystem: $subsystem\n"
."Fix Version: $fix_version\n"
."\n$contents"
."________________________________________________________________\n"
."Thank you for using the Mini-XML Software Trouble Report page!",
"From: noreply@easysw.com\r\n");
}
db_free($ccresult);
}
if ($row['manager_email'] != "")
$manager = $row['manager_email'];
else
$manager = "mxml";
if ($row['modify_email'] != $manager)
mail($manager, "Mini-XML STR #$id $what",
"The software trouble report #$id assigned to you has been $what.\n"
."You can manage the report and add additional comments and/or files\n"
."at the following URL:\n"
."\n"
." http://www.easysw.com/private/str.php?L$id\n"
."\n"
." Summary: $row[summary]\n"
." Version: $row[str_version]\n"
." Status: $sttext\n"
." Priority: $prtext\n"
." Scope: $sctext\n"
." Subsystem: $subsystem\n"
."Fix Version: $fix_version\n"
."\n$contents",
"From: noreply@easysw.com\r\n");
db_free($result);
}
}
// Get command-line options...
//
// Usage: str.php [operation] [options]
//
// Operations:
//
// B = Batch update selected STRs
// L = List all STRs
// L# = List STR #
// M# = Modify STR #
// T# = Post text for STR #
// F# = Post file for STR #
// N = Post new STR
// U# = Update notification for STR #
//
// Options:
//
// I# = Set first STR
// P# = Set priority filter
// S# = Set status filter
// C# = Set scope filter
// E# = Set email filter
// Qtext = Set search text
$priority = 0;
$status = -2;
$scope = 0;
$search = "";
$index = 0;
$femail = 0;
if ($argc)
{
$op = $argv[0][0];
$id = (int)substr($argv[0], 1);
if ($op != 'L' && $op != 'M' && $op != 'T' && $op != 'F' &&
$op != 'N' && $op != 'U' && $op != 'B')
{
html_header("STR Error");
print("Bad command '$op'!
\n");
html_footer();
exit();
}
if (($op == 'M' || $op == 'B') && !$REMOTE_USER)
{
html_header("STR Error");
print("The '$op' command is not available to you!
\n");
html_footer();
exit();
}
if (($op == 'M' || $op == 'T' || $op == 'F') && !$id)
{
html_header("STR Error");
print("Command '$op' requires an STR number!
\n");
html_footer();
exit();
}
if ($op == 'N' && $id)
{
html_header("STR Error");
print("Command '$op' cannot have an STR number!
\n");
html_footer();
exit();
}
for ($i = 1; $i < $argc; $i ++)
{
$option = substr($argv[$i], 1);
switch ($argv[$i][0])
{
case 'P' : // Set priority filter
$priority = (int)$option;
break;
case 'S' : // Set status filter
$status = (int)$option;
break;
case 'C' : // Set scope filter
$scope = (int)$option;
break;
case 'Q' : // Set search text
$search = $option;
$i ++;
while ($i < $argc)
{
$search .= " $argv[$i]";
$i ++;
}
break;
case 'I' : // Set first STR
$index = (int)$option;
if ($index < 0)
$index = 0;
break;
case 'E' : // Show only problem reports matching the current email
$femail = (int)$option;
break;
default :
html_header("STR Error");
print("Bad option '$argv[$i]'!
\n");
html_footer();
exit();
break;
}
}
}
else
{
$op = 'L';
$id = 0;
}
if ($REQUEST_METHOD == "POST")
{
if (array_key_exists("FPRIORITY", $_POST))
$priority = (int)$_POST["FPRIORITY"];
if (array_key_exists("FSTATUS", $_POST))
$status = (int)$_POST["FSTATUS"];
if (array_key_exists("FSCOPE", $_POST))
$scope = (int)$_POST["FSCOPE"];
if (array_key_exists("FEMAIL", $_POST))
$femail = (int)$_POST["FEMAIL"];
if (array_key_exists("SEARCH", $_POST))
$search = $_POST["SEARCH"];
}
$options = "+P$priority+S$status+C$scope+I$index+E$femail+Q" . urlencode($search);
// B = Batch update selected STRs
// L = List all STRs
// L# = List STR #
// M# = Modify STR #
// T# = Post text for STR #
// F# = Post file for STR #
// N = Post new STR
// U# = Update notification for STR #
switch ($op)
{
case 'B' : // Batch update selected STRs
if ($REQUEST_METHOD != "POST")
{
header("Location: $PHP_SELF?L$options");
break;
}
if (array_key_exists("STATUS", $_POST) &&
($_POST["STATUS"] != "" ||
$_POST["PRIORITY"] != "" ||
$_POST["MANAGER_EMAIL"] != "" ||
$_POST["MESSAGE"] != ""))
{
$time = time();
$manager_email = db_escape($_POST["MANAGER_EMAIL"]);
$modify_email = db_escape($managers[$REMOTE_USER]);
$message = $_POST["MESSAGE"];
if ($message != "")
{
$contents = db_escape($messages[$message]);
$mailmsg = $messages[$message] . "\n\n";
}
else
{
$contents = "";
$mailmsg = "";
}
$query = "modify_date = $time, modify_email = '$modify_email'";
if ($_POST["STATUS"] != "")
$query .= ", status = $_POST[STATUS]";
if ($_POST["PRIORITY"] != "")
$query .= ", priority = $_POST[PRIORITY]";
if ($manager_email != "")
$query .= ", manager_email = '$manager_email'";
reset($_POST);
while (list($key, $val) = each($_POST))
if (substr($key, 0, 3) == "ID_")
{
$id = (int)substr($key, 3);
db_query("UPDATE str SET $query WHERE id = $id");
if ($contents != "")
{
db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,"
."'$modify_email','$contents')");
notify_creator($id, "updated", $mailmsg);
}
}
}
header("Location: $PHP_SELF?L$options");
break;
case 'L' : // List (all) STR(s)
if ($id)
{
html_header("STR #$id");
$result = db_query("SELECT * FROM str WHERE id = $id");
if (db_count($result) != 1)
{
print("Error: STR #$id was not found!
\n");
html_footer();
exit();
}
$row = db_next($result);
print(""
."[ Return to STR List ");
if ($row['status'] >= $STR_STATUS_ACTIVE)
print(" | Post Text "
." | Post File ");
if ($REMOTE_USER)
print(" | Modify STR ");
print(" ]
\n");
$create_email = sanitize_email($row['create_email']);
$manager_email = sanitize_email($row['manager_email']);
$subsystem = $row['subsystem'];
$summary = htmlspecialchars($row['summary'], ENT_QUOTES);
$prtext = $priority_long[$row['priority']];
$sttext = $status_long[$row['status']];
$sctext = $scope_long[$row['scope']];
$str_version = $row['str_version'];
$fix_version = $row['fix_version'];
if ($manager_email == "")
$manager_email = "Unassigned ";
if ($subsystem == "")
$subsystem = "Unassigned ";
if ($fix_version == "")
$fix_version = "Unassigned ";
print("
\n");
if ($row['master_id'] > 0)
print("Duplicate Of: "
."STR "
."#$row[master_id] \n");
if (!$row['is_published'])
print("This STR is "
."currently hidden from public view. \n");
print("Status: $sttext \n");
print("Priority: $prtext \n");
print("Scope: $sctext \n");
print("Subsystem: $subsystem \n");
print("Summary: $summary \n");
print("Version: $str_version \n");
print("Created By: $create_email \n");
print("Assigned To: $manager_email \n");
print("Fix Version: $fix_version \n");
if ($REMOTE_USER)
$email = htmlspecialchars($managers[$REMOTE_USER]);
else if (array_key_exists("FROM", $_COOKIE))
$email = htmlspecialchars($_COOKIE["FROM"]);
else
$email = "";
print("Update Notification: "
.""
." \n");
print("
\n");
db_free($result);
print("Trouble Report Files: ");
if ($row['status'] >= $STR_STATUS_ACTIVE)
print(" [ Post File ]");
print("
\n");
$result = db_query("SELECT * FROM strfile WHERE "
."str_id = $id AND is_published = 1");
if (db_count($result) == 0)
print("No files
\n");
else
{
print("
\n"
."\n");
$line = 0;
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$filename = htmlspecialchars($row['filename']);
print(""
."$email $time $date "
.""
."$filename "
." \n");
$line = 1 - $line;
}
print("
\n");
}
db_free($result);
print("Trouble Report Dialog: ");
if ($row['status'] >= $STR_STATUS_ACTIVE)
print(" [ Post Text ]");
print("
\n");
$result = db_query("SELECT * FROM strtext WHERE "
."str_id = $id AND is_published = 1");
if (db_count($result) == 0)
print("No text
\n");
else
{
print("
\n"
."\n");
$line = 0;
while ($row = db_next($result))
{
$date = date("M d, Y", $row['date']);
$time = date("H:m", $row['date']);
$email = sanitize_email($row['email']);
$contents = quote_text($row['contents']);
print(""
."$email $time $date "
."$contents "
." \n");
$line = 1 - $line;
}
print("
\n");
}
db_free($result);
}
else
{
html_header("STR List");
print("[ Post "
."New Software Trouble Report ]
\n");
print("\n");
print(" \n");
$query = "";
$prefix = "WHERE ";
if ($priority > 0)
{
$query .= "${prefix}priority = $priority";
$prefix = " AND ";
}
if ($status > 0)
{
$query .= "${prefix}status = $status";
$prefix = " AND ";
}
else if ($status == -1) // Show closed
{
$query .= "${prefix}status <= $STR_STATUS_UNRESOLVED";
$prefix = " AND ";
}
else if ($status == -2) // Show open
{
$query .= "${prefix}status >= $STR_STATUS_ACTIVE";
$prefix = " AND ";
}
if ($scope > 0)
{
$query .= "${prefix}scope = $scope";
$prefix = " AND ";
}
if (!$REMOTE_USER)
{
$query .= "${prefix}is_published = 1";
$prefix = " AND ";
}
if ($femail)
{
if ($REMOTE_USER)
{
$query .= "${prefix}(manager_email = '' OR "
." manager_email = '$managers[$REMOTE_USER]')";
$prefix = " AND ";
}
else if (array_key_exists("FROM", $_COOKIE))
{
$email = db_escape($_COOKIE["FROM"]);
$query .= "${prefix}create_email = '$email'";
$prefix = " AND ";
}
}
if ($search)
{
$search_string = str_replace("'", " ", $search);
$search_string = str_replace("\"", " ", $search_string);
$search_string = str_replace("\\", " ", $search_string);
$search_string = str_replace("%20", " ", $search_string);
$search_string = str_replace("%27", " ", $search_string);
$search_string = str_replace(" ", " ", $search_string);
$search_words = explode(' ', $search_string);
// Loop through the array of words, adding them to the
$query .= "${prefix}(";
$prefix = "";
$next = " OR";
$logic = "";
reset($search_words);
while ($keyword = current($search_words))
{
next($search_words);
$keyword = db_escape(ltrim(rtrim($keyword)));
if (strcasecmp($keyword, 'or') == 0)
{
$next = ' OR';
if ($prefix != '')
$prefix = ' OR';
}
else if (strcasecmp($keyword, 'and') == 0)
{
$next = ' AND';
if ($prefix != '')
$prefix = ' AND';
}
else if (strcasecmp($keyword, 'not') == 0)
{
$logic = ' NOT';
}
else
{
if ($keyword == (int)$keyword)
$idsearch = " OR id = " . (int)$keyword;
else
$idsearch = "";
$query .= "$prefix$logic (summary LIKE \"%$keyword%\"$idsearch"
." OR subsystem LIKE \"%$keyword%\""
." OR str_version LIKE \"%$keyword%\""
." OR fix_version LIKE \"%$keyword%\""
." OR manager_email LIKE \"%$keyword%\""
." OR create_email LIKE \"%$keyword%\")";
$prefix = $next;
$logic = '';
}
}
$query .= ")";
}
$result = db_query("SELECT * FROM str $query "
."ORDER BY status DESC, priority DESC, scope DESC, "
."modify_date");
$count = db_count($result);
if ($count == 0)
{
print("No STRs found.
\n");
if (($priority || $status || $scope) && $search != "")
print("[ Search for \"$search \" in all STRs ]
\n");
html_footer();
exit();
}
if ($index >= $count)
$index = $count - ($count % $STR_PAGE_MAX);
if ($index < 0)
$index = 0;
$start = $index + 1;
$end = $index + $STR_PAGE_MAX;
if ($end > $count)
$end = $count;
$prev = $index - $STR_PAGE_MAX;
if ($prev < 0)
$prev = 0;
$next = $index + $STR_PAGE_MAX;
print("$count STR(s) found, showing $start to $end:
\n");
if ($REMOTE_USER)
print("");
print(""
."M/P = Machine/Printer, "
."OS = Operating System."
."
\n");
}
html_footer();
break;
case 'M' : // Modify STR
if ($REQUEST_METHOD == "POST")
{
if (array_key_exists("STATUS", $_POST))
{
$time = time();
$master_id = (int)$_POST["MASTER_ID"];
$summary = db_escape($_POST["SUMMARY"]);
$subsystem = db_escape($_POST["SUBSYSTEM"]);
$create_email = db_escape($_POST["CREATE_EMAIL"]);
$manager_email = db_escape($_POST["MANAGER_EMAIL"]);
$modify_email = db_escape($managers[$REMOTE_USER]);
$contents = db_escape(trim($_POST["CONTENTS"]));
$message = $_POST["MESSAGE"];
db_query("UPDATE str SET "
."master_id = $master_id, "
."is_published = $_POST[IS_PUBLISHED], "
."status = $_POST[STATUS], "
."priority = $_POST[PRIORITY], "
."scope = $_POST[SCOPE], "
."summary = '$summary', "
."subsystem = '$subsystem', "
."str_version = '$_POST[STR_VERSION]', "
."fix_version = '$_POST[FIX_VERSION]', "
."create_email = '$create_email', "
."manager_email = '$manager_email', "
."modify_date = $time, "
."modify_email = '$modify_email' "
."WHERE id = $id");
if ($contents != "")
{
db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,"
."'$modify_email','$contents')");
$contents = trim($_POST["CONTENTS"]) . "\n\n";
}
if ($message != "")
{
$contents = db_escape($messages[$message]);
db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,"
."'$modify_email','$contents')");
$contents = $messages[$message] . "\n\n";
}
header("Location: $PHP_SELF?L$id$options");
notify_creator($id, "updated", $contents);
}
else if (array_key_exists("FILE_ID", $_POST))
{
db_query("UPDATE strfile SET "
."is_published = $_POST[IS_PUBLISHED] "
."WHERE id = $_POST[FILE_ID]");
header("Location: $PHP_SELF?M$id$options");
}
else if (array_key_exists("TEXT_ID", $_POST))
{
db_query("UPDATE strtext SET "
."is_published = $_POST[IS_PUBLISHED] "
."WHERE id = $_POST[TEXT_ID]");
header("Location: $PHP_SELF?M$id$options");
}
else
header("Location: $PHP_SELF?M$id$options");
}
else
{
html_header("STR #$id");
print(""
."[ Return to STR List "
." | Return to STR #$id "
." | Post Text "
." | Post File "
." ]
\n");
$result = db_query("SELECT * FROM str WHERE id = $id");
if (db_count($result) != 1)
{
print("Error: STR #$id was not found!
\n");
html_footer();
exit();
}
$row = db_next($result);
$create_email = htmlspecialchars($row['create_email']);
$manager_email = htmlspecialchars($row['manager_email']);
$summary = htmlspecialchars($row['summary'], ENT_QUOTES);
print("\n");
print("Trouble Report Files: "
."[ Post File ]"
."
\n");
$result = db_query("SELECT * FROM strfile WHERE str_id = $id");
if (db_count($result) == 0)
print("No files
\n");
else
{
print("
\n");
}
db_free($result);
print("Trouble Report Dialog: "
."[ Post Text ]"
."
\n");
$result = db_query("SELECT * FROM strtext WHERE "
."str_id = $id");
if (db_count($result) == 0)
print("No text
\n");
else
{
print("
\n");
}
db_free($result);
html_footer();
}
break;
case 'T' : // Post text for STR #
if ($REQUEST_METHOD == "POST")
{
$contents = $_POST["CONTENTS"];
if (array_key_exists("EMAIL", $_POST))
{
$email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
}
else if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
$email = "";
if (ereg("Anonymous.*", $email))
$email = "";
if ($email != "" && $contents != "")
$havedata = 1;
}
else
{
if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else
$email = $_COOKIE["FROM"];
$contents = "";
if (ereg("Anonymous.*", $email))
$email = "";
}
if ($REQUEST_METHOD == "POST" && $havedata)
{
$time = time();
$temail = db_escape($email);
$tcontents = db_escape($contents);
db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,'$temail',"
."'$tcontents')");
db_query("UPDATE str SET modify_date=$time, modify_email='$temail' "
."WHERE id = $id");
db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE "
."id = $id AND status >= $STR_STATUS_ACTIVE AND "
."status < $STR_STATUS_NEW");
header("Location: $PHP_SELF?L$id$options");
notify_creator($id, "updated", "$contents\n\n");
}
else
{
html_header("Post Text For STR #$id");
print("[ Return to "
."STR #$id ]
\n");
if ($REQUEST_METHOD == "POST")
{
print("Error: Please fill in the fields marked in "
."bold red below and resubmit "
."your trouble report.
\n");
$hstart = "";
$hend = " ";
}
else
{
print(" \n");
$hstart = "";
$hend = "";
}
print(""
."
\n");
html_footer();
}
break;
case 'F' : // Post file for STR #
if ($REQUEST_METHOD == "POST")
{
if (array_key_exists("EMAIL", $_POST))
{
$email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
}
else if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
$email = "";
if (ereg("Anonymous.*", $email))
$email = "";
if (array_key_exists("STRFILE", $_FILES))
{
$filename = $_FILES['STRFILE']['name'];
if ($filename[0] == '.' || $filename[0] == '/')
$filename = "";
}
else
$filename = "";
if ($email != "" && $filename != "")
$havedata = 1;
}
else
{
if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else
$email = $_COOKIE["FROM"];
$filename = "";
if (ereg("Anonymous.*", $email))
$email = "";
}
if ($REQUEST_METHOD == "POST" && $havedata)
{
$time = time();
$temail = db_escape($email);
$tmp_name = $_FILES['STRFILE']['tmp_name'];
$name = $_FILES['STRFILE']['name'];
$tname = db_escape($name);
$infile = fopen($tmp_name, "rb");
if (!$infile)
{
html_header("Error");
print("Error! Unable to open file attachment!
\n");
html_footer();
exit();
}
mkdir("strfiles/$id");
$outfile = fopen("strfiles/$id/$name", "wb");
if (!$outfile)
{
html_header("Error");
print("Error! Unable to save file attachment!
\n");
html_footer();
exit();
}
while ($data = fread($infile, 8192))
fwrite($outfile, $data);
fclose($infile);
fclose($outfile);
db_query("INSERT INTO strfile VALUES(NULL,$id,1,$time,'$temail',"
."'$tname')");
db_query("UPDATE str SET modify_date=$time, modify_email='$temail' "
."WHERE id = $id");
db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE "
."id = $id AND status >= $STR_STATUS_ACTIVE AND "
."status < $STR_STATUS_NEW");
header("Location: $PHP_SELF?L$id$options");
notify_creator($id, "updated", "Added file $name\n\n");
}
else
{
html_header("Post File For STR #$id");
print("[ Return to "
."STR #$id ]
\n");
if ($REQUEST_METHOD == "POST")
{
print("Error: Please fill in the fields marked in "
."bold red below and resubmit "
."your trouble report.
\n");
$hstart = "";
$hend = " ";
}
else
{
print(" \n");
$hstart = "";
$hend = "";
}
print(""
." ");
print("
\n");
html_footer();
}
break;
case 'N' : // Post new STR
$havedata = 0;
if ($REQUEST_METHOD == "POST")
{
$npriority = $_POST["PRIORITY"];
$nscope = $_POST["SCOPE"];
$summary = $_POST["SUMMARY"];
$version = $_POST["VERSION"];
$contents = $_POST["CONTENTS"];
if (array_key_exists("EMAIL", $_POST))
{
$email = $_POST["EMAIL"];
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
}
else if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else if (array_key_exists("FROM", $_COOKIE))
$email = $_COOKIE["FROM"];
else
$email = "";
if (array_key_exists("STRFILE", $_FILES))
{
$filename = $_FILES['STRFILE']['name'];
if ($filename[0] == '.' || $filename[0] == '/')
$filename = "";
}
else
$filename = "";
if ($npriority && $nscope && $summary != "" && $email != "" &&
$version != "" && $contents != "")
$havedata = 1;
}
else
{
if ($REMOTE_USER)
$email = $managers[$REMOTE_USER];
else
$email = $_COOKIE["FROM"];
$npriority = 0;
$nscope = 0;
$summary = "";
$version = "";
$contents = "";
$filename = "";
}
if (ereg("Anonymous.*", $email))
$email = "";
if ($REQUEST_METHOD == "POST" && $havedata)
{
$time = time();
$temail = db_escape($email);
$tsummary = db_escape($summary);
$tcontents = db_escape($contents);
db_query("INSERT INTO str VALUES(NULL,0,"
."$_POST[IS_PUBLISHED],$STR_STATUS_NEW,"
."$npriority,$nscope,'$tsummary','','$version','','',"
."$time,'$temail',$time,'$temail')");
$id = db_insert_id();
db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,'$temail',"
."'$tcontents')");
if ($filename != "")
{
$tmp_name = $_FILES['STRFILE']['tmp_name'];
$name = $_FILES['STRFILE']['name'];
$tname = db_escape($name);
$infile = fopen($tmp_name, "rb");
if (!$infile)
{
html_header("Error");
print("Error! Unable to open file attachment!
\n");
html_footer();
exit();
}
mkdir("strfiles/$id");
$outfile = fopen("strfiles/$id/$name", "wb");
if (!$outfile)
{
html_header("Error");
print("Error! Unable to save file attachment!
\n");
html_footer();
exit();
}
while ($data = fread($infile, 8192))
fwrite($outfile, $data);
fclose($infile);
fclose($outfile);
db_query("INSERT INTO strfile VALUES(NULL,$id,1,$time,'$temail',"
."'$tname')");
}
header("Location: $PHP_SELF?L$id$options");
notify_creator($id, "created", "$contents\n\n");
}
else
{
html_header("New STR");
print("[ Return to "
."STR List ]
\n");
if ($REQUEST_METHOD == "POST")
{
print("Error: Please fill in the fields marked in "
."bold red below and resubmit "
."your trouble report.
\n");
$hstart = "";
$hend = " ";
}
else
{
print("Please use this form to report all bugs and request "
."features in the Mini-XML software. Be sure to include "
."the operating system, compiler, sample programs and/or "
."files, and any other information you can about your "
."problem. Thank you for helping us to make Mini-XML "
."a better library!
\n");
$hstart = "";
$hend = "";
}
print(""
." ");
print("
\n");
html_footer();
}
break;
case 'U' : // Update notification status
// EMAIL and NOTIFICATION variables hold status; add/delete from strcc...
$havedata = 0;
if ($REQUEST_METHOD != "POST")
{
html_header("STR Error");
print("The '$op' command requires a POST request!\n");
html_footer();
exit();
}
$notification = $_POST["NOTIFICATION"];
$email = $_POST["EMAIL"];
if (($notification != "ON" && $notification != "OFF") || $email == "")
{
html_header("STR Error");
print("
Please press your browsers back button and enter an "
."EMail address and choose whether to receive notification "
."messages.
\n");
html_footer();
exit();
}
setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME);
$result = db_query("SELECT * FROM strcc WHERE str_id = $id AND email = '$email'");
html_header("STR #$id Notifications");
if ($notification == "ON")
{
if ($result && db_count($result) > 0)
print("Your email address has already been added to the "
."notification list for STR #$id!
\n");
else
{
db_query("INSERT INTO strcc VALUES(NULL,$id,'$email')");
print("Your email address has been added to the notification list "
."for STR #$id.
\n");
}
}
else if ($result && db_count($result) > 0)
{
db_query("DELETE FROM strcc WHERE str_id = $id AND email = '$email'");
print("Your email address has been removed from the notification list "
."for STR #$id.
\n");
}
else
{
print("Your email address is not on the notification list for "
."STR #$id!
\n");
}
if ($result)
db_free($result);
print("[ Return to STR #$id ]
\n");
html_footer();
break;
}
?>