"Michael Sweet " ); $messages = array( "Fixed in CVS" => "Fixed in CVS - the anonymous CVS repository will be updated at " ."midnight EST.", "Old STR" => "This STR has not been updated by the submitter for two or more weeks " ."and has been closed as required by the Mini-XML Configuration Management " ."Plan. If the issue still requires resolution, please re-submit a new " ."STR.", "Unresolvable" => "We are unable to resolve this problem with the information provided. " ."If you discover new information, please file a new STR referencing " ."this one." ); $subsystems = array( "Build Files", "Config Files", "Core API", "Documentation", "Multiple", "mxmldoc", "Sample Programs", "Web Site" ); $versions = array( "2.0cvs", "1.3", "1.2", "1.1.2", "1.1.1", "1.1", "1.0", "Web Site" ); $status_text = array( 1 => "Resolved", 2 => "Unresolved", 3 => "Active", 4 => "Pending", 5 => "New" ); $status_long = array( 1 => "1 - Closed w/Resolution", 2 => "2 - Closed w/o Resolution", 3 => "3 - Active", 4 => "4 - Pending", 5 => "5 - New" ); $priority_text = array( 1 => "RFE", 2 => "LOW", 3 => "MODERATE", 4 => "HIGH", 5 => "CRITICAL" ); $priority_long = array( 1 => "1 - Request for Enhancement, e.g. asking for a feature", 2 => "2 - Low, e.g. a documentation error or undocumented side-effect", 3 => "3 - Moderate, e.g. unable to compile the software", 4 => "4 - High, e.g. key functionality not working", 5 => "5 - Critical, e.g. nothing working at all" ); $scope_text = array( 1 => "M/P", 2 => "OS", 3 => "ALL" ); $scope_long = array( 1 => "1 - Specific to a machine", 2 => "2 - Specific to an operating system", 3 => "3 - Applies to all machines and operating systems" ); // Global web vars... global $_COOKIE, $_FILES, $_POST, $_SERVER; $argc = $_SERVER["argc"]; $argv = $_SERVER["argv"]; $PHP_SELF = $_SERVER["PHP_SELF"]; $REMOTE_USER = $_SERVER["PHP_AUTH_USER"]; $REQUEST_METHOD = $_SERVER["REQUEST_METHOD"]; $SERVER_NAME = $_SERVER["SERVER_NAME"]; // Function to abbreviate long strings... function abbreviate($text, $maxlen = 32) { if (strlen($text) > $maxlen) return (substr($text, 0, $maxlen) . "..."); else return ($text); } // Function to notify creator of an STR of changes... function notify_creator($id, $what = "updated", $contents = "") { global $priority_long; global $scope_long; global $status_long; $result = db_query("SELECT * FROM str WHERE id = $id"); if ($result) { $contents = wordwrap($contents); $row = db_next($result); $prtext = $priority_long[$row['priority']]; $sttext = $status_long[$row['status']]; $sctext = $scope_long[$row['scope']]; if ($row['subsystem'] != "") $subsystem = $row['subsystem']; else $subsystem = "Unassigned"; if ($row['fix_version'] != "") $fix_version = $row['fix_version']; else $fix_version = "Unassigned"; if ($row['create_email'] != $row['modify_email'] && $row['create_email'] != $manager) mail($row['create_email'], "Mini-XML STR #$id $what", "Your software trouble report #$id has been $what. You can check\n" ."the status of the report and add additional comments and/or files\n" ."at the following URL:\n" ."\n" ." http://www.easysw.com/str.php?L$id\n" ."\n" ." Summary: $row[summary]\n" ." Version: $row[str_version]\n" ." Status: $sttext\n" ." Priority: $prtext\n" ." Scope: $sctext\n" ." Subsystem: $subsystem\n" ."Fix Version: $fix_version\n" ."\n$contents" ."________________________________________________________________\n" ."Thank you for using the Mini-XML Software Trouble Report page!", "From: noreply@easysw.com\r\n"); $ccresult = db_query("SELECT email FROM strcc WHERE str_id = $id"); if ($ccresult) { while ($ccrow = db_next($ccresult)) { mail($ccrow->email, "Mini-XML STR #$id $what", "Software trouble report #$id has been $what. You can check\n" ."the status of the report and add additional comments and/or files\n" ."at the following URL:\n" ."\n" ." http://www.easysw.com/str.php?L$id\n" ."\n" ." Summary: $row[summary]\n" ." Version: $row[str_version]\n" ." Status: $sttext\n" ." Priority: $prtext\n" ." Scope: $sctext\n" ." Subsystem: $subsystem\n" ."Fix Version: $fix_version\n" ."\n$contents" ."________________________________________________________________\n" ."Thank you for using the Mini-XML Software Trouble Report page!", "From: noreply@easysw.com\r\n"); } db_free($ccresult); } if ($row['manager_email'] != "") $manager = $row['manager_email']; else $manager = "mxml"; if ($row['modify_email'] != $manager) mail($manager, "Mini-XML STR #$id $what", "The software trouble report #$id assigned to you has been $what.\n" ."You can manage the report and add additional comments and/or files\n" ."at the following URL:\n" ."\n" ." http://www.easysw.com/private/str.php?L$id\n" ."\n" ." Summary: $row[summary]\n" ." Version: $row[str_version]\n" ." Status: $sttext\n" ." Priority: $prtext\n" ." Scope: $sctext\n" ." Subsystem: $subsystem\n" ."Fix Version: $fix_version\n" ."\n$contents", "From: noreply@easysw.com\r\n"); db_free($result); } } // Get command-line options... // // Usage: str.php [operation] [options] // // Operations: // // B = Batch update selected STRs // L = List all STRs // L# = List STR # // M# = Modify STR # // T# = Post text for STR # // F# = Post file for STR # // N = Post new STR // U# = Update notification for STR # // // Options: // // I# = Set first STR // P# = Set priority filter // S# = Set status filter // C# = Set scope filter // E# = Set email filter // Qtext = Set search text $priority = 0; $status = -2; $scope = 0; $search = ""; $index = 0; $femail = 0; if ($argc) { $op = $argv[0][0]; $id = (int)substr($argv[0], 1); if ($op != 'L' && $op != 'M' && $op != 'T' && $op != 'F' && $op != 'N' && $op != 'U' && $op != 'B') { html_header("STR Error"); print("

Bad command '$op'!

\n"); html_footer(); exit(); } if (($op == 'M' || $op == 'B') && !$REMOTE_USER) { html_header("STR Error"); print("

The '$op' command is not available to you!

\n"); html_footer(); exit(); } if (($op == 'M' || $op == 'T' || $op == 'F') && !$id) { html_header("STR Error"); print("

Command '$op' requires an STR number!

\n"); html_footer(); exit(); } if ($op == 'N' && $id) { html_header("STR Error"); print("

Command '$op' cannot have an STR number!

\n"); html_footer(); exit(); } for ($i = 1; $i < $argc; $i ++) { $option = substr($argv[$i], 1); switch ($argv[$i][0]) { case 'P' : // Set priority filter $priority = (int)$option; break; case 'S' : // Set status filter $status = (int)$option; break; case 'C' : // Set scope filter $scope = (int)$option; break; case 'Q' : // Set search text $search = $option; $i ++; while ($i < $argc) { $search .= " $argv[$i]"; $i ++; } break; case 'I' : // Set first STR $index = (int)$option; if ($index < 0) $index = 0; break; case 'E' : // Show only problem reports matching the current email $femail = (int)$option; break; default : html_header("STR Error"); print("

Bad option '$argv[$i]'!

\n"); html_footer(); exit(); break; } } } else { $op = 'L'; $id = 0; } if ($REQUEST_METHOD == "POST") { if (array_key_exists("FPRIORITY", $_POST)) $priority = (int)$_POST["FPRIORITY"]; if (array_key_exists("FSTATUS", $_POST)) $status = (int)$_POST["FSTATUS"]; if (array_key_exists("FSCOPE", $_POST)) $scope = (int)$_POST["FSCOPE"]; if (array_key_exists("FEMAIL", $_POST)) $femail = (int)$_POST["FEMAIL"]; if (array_key_exists("SEARCH", $_POST)) $search = $_POST["SEARCH"]; } $options = "+P$priority+S$status+C$scope+I$index+E$femail+Q" . urlencode($search); // B = Batch update selected STRs // L = List all STRs // L# = List STR # // M# = Modify STR # // T# = Post text for STR # // F# = Post file for STR # // N = Post new STR // U# = Update notification for STR # switch ($op) { case 'B' : // Batch update selected STRs if ($REQUEST_METHOD != "POST") { header("Location: $PHP_SELF?L$options"); break; } if (array_key_exists("STATUS", $_POST) && ($_POST["STATUS"] != "" || $_POST["PRIORITY"] != "" || $_POST["MANAGER_EMAIL"] != "" || $_POST["MESSAGE"] != "")) { $time = time(); $manager_email = db_escape($_POST["MANAGER_EMAIL"]); $modify_email = db_escape($managers[$REMOTE_USER]); $message = $_POST["MESSAGE"]; if ($message != "") { $contents = db_escape($messages[$message]); $mailmsg = $messages[$message] . "\n\n"; } else { $contents = ""; $mailmsg = ""; } $query = "modify_date = $time, modify_email = '$modify_email'"; if ($_POST["STATUS"] != "") $query .= ", status = $_POST[STATUS]"; if ($_POST["PRIORITY"] != "") $query .= ", priority = $_POST[PRIORITY]"; if ($manager_email != "") $query .= ", manager_email = '$manager_email'"; reset($_POST); while (list($key, $val) = each($_POST)) if (substr($key, 0, 3) == "ID_") { $id = (int)substr($key, 3); db_query("UPDATE str SET $query WHERE id = $id"); if ($contents != "") { db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time," ."'$modify_email','$contents')"); notify_creator($id, "updated", $mailmsg); } } } header("Location: $PHP_SELF?L$options"); break; case 'L' : // List (all) STR(s) if ($id) { html_header("STR #$id"); $result = db_query("SELECT * FROM str WHERE id = $id"); if (db_count($result) != 1) { print("

Error: STR #$id was not found!

\n"); html_footer(); exit(); } $row = db_next($result); print("

" ."[ Return to STR List"); if ($row['status'] >= $STR_STATUS_ACTIVE) print(" | Post Text" ." | Post File"); if ($REMOTE_USER) print(" | Modify STR"); print(" ]


\n"); $create_email = sanitize_email($row['create_email']); $manager_email = sanitize_email($row['manager_email']); $subsystem = $row['subsystem']; $summary = htmlspecialchars($row['summary'], ENT_QUOTES); $prtext = $priority_long[$row['priority']]; $sttext = $status_long[$row['status']]; $sctext = $scope_long[$row['scope']]; $str_version = $row['str_version']; $fix_version = $row['fix_version']; if ($manager_email == "") $manager_email = "Unassigned"; if ($subsystem == "") $subsystem = "Unassigned"; if ($fix_version == "") $fix_version = "Unassigned"; print("

\n"); if ($row['master_id'] > 0) print("" ."\n"); if (!$row['is_published']) print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); if ($REMOTE_USER) $email = htmlspecialchars($managers[$REMOTE_USER]); else if (array_key_exists("FROM", $_COOKIE)) $email = htmlspecialchars($_COOKIE["FROM"]); else $email = ""; print("\n"); print("
Duplicate Of:STR " ."#$row[master_id]
This STR is " ."currently hidden from public view.
Status:$sttext
Priority:$prtext
Scope:$sctext
Subsystem:$subsystem
Summary:$summary
Version:$str_version
Created By:$create_email
Assigned To:$manager_email
Fix Version:$fix_version
Update Notification:" ."
" ."" ."" ."
Receive EMails " ."Don't Receive EMails" ."
" ."

\n"); db_free($result); print("

Trouble Report Files:"); if ($row['status'] >= $STR_STATUS_ACTIVE) print(" [ Post File ]"); print("

\n"); $result = db_query("SELECT * FROM strfile WHERE " ."str_id = $id AND is_published = 1"); if (db_count($result) == 0) print("

No files

\n"); else { print("

\n" ."" ."\n"); $line = 0; while ($row = db_next($result)) { $date = date("M d, Y", $row['date']); $time = date("H:m", $row['date']); $email = sanitize_email($row['email']); $filename = htmlspecialchars($row['filename']); print("" ."" ."" ."\n"); $line = 1 - $line; } print("
Name/Time/DateFilename
$email
$time $date
" ."$filename

\n"); } db_free($result); print("

Trouble Report Dialog:"); if ($row['status'] >= $STR_STATUS_ACTIVE) print(" [ Post Text ]"); print("

\n"); $result = db_query("SELECT * FROM strtext WHERE " ."str_id = $id AND is_published = 1"); if (db_count($result) == 0) print("

No text

\n"); else { print("

\n" ."" ."\n"); $line = 0; while ($row = db_next($result)) { $date = date("M d, Y", $row['date']); $time = date("H:m", $row['date']); $email = sanitize_email($row['email']); $contents = quote_text($row['contents']); print("" ."" ."" ."\n"); $line = 1 - $line; } print("
Name/Time/DateText
$email
$time $date
$contents

\n"); } db_free($result); } else { html_header("STR List"); print("

[ Post " ."New Software Trouble Report ]

\n"); print("

" ."Search Words:  " ."

\n"); print("

Priority: \n"); print("Status: \n"); print("Scope: \n"); if ($REMOTE_USER || array_key_exists("FROM", $_COOKIE)) { print("Show: \n"); } print("

\n"); print("
\n"); $query = ""; $prefix = "WHERE "; if ($priority > 0) { $query .= "${prefix}priority = $priority"; $prefix = " AND "; } if ($status > 0) { $query .= "${prefix}status = $status"; $prefix = " AND "; } else if ($status == -1) // Show closed { $query .= "${prefix}status <= $STR_STATUS_UNRESOLVED"; $prefix = " AND "; } else if ($status == -2) // Show open { $query .= "${prefix}status >= $STR_STATUS_ACTIVE"; $prefix = " AND "; } if ($scope > 0) { $query .= "${prefix}scope = $scope"; $prefix = " AND "; } if (!$REMOTE_USER) { $query .= "${prefix}is_published = 1"; $prefix = " AND "; } if ($femail) { if ($REMOTE_USER) { $query .= "${prefix}(manager_email = '' OR " ." manager_email = '$managers[$REMOTE_USER]')"; $prefix = " AND "; } else if (array_key_exists("FROM", $_COOKIE)) { $email = db_escape($_COOKIE["FROM"]); $query .= "${prefix}create_email = '$email'"; $prefix = " AND "; } } if ($search) { $search_string = str_replace("'", " ", $search); $search_string = str_replace("\"", " ", $search_string); $search_string = str_replace("\\", " ", $search_string); $search_string = str_replace("%20", " ", $search_string); $search_string = str_replace("%27", " ", $search_string); $search_string = str_replace(" ", " ", $search_string); $search_words = explode(' ', $search_string); // Loop through the array of words, adding them to the $query .= "${prefix}("; $prefix = ""; $next = " OR"; $logic = ""; reset($search_words); while ($keyword = current($search_words)) { next($search_words); $keyword = db_escape(ltrim(rtrim($keyword))); if (strcasecmp($keyword, 'or') == 0) { $next = ' OR'; if ($prefix != '') $prefix = ' OR'; } else if (strcasecmp($keyword, 'and') == 0) { $next = ' AND'; if ($prefix != '') $prefix = ' AND'; } else if (strcasecmp($keyword, 'not') == 0) { $logic = ' NOT'; } else { if ($keyword == (int)$keyword) $idsearch = " OR id = " . (int)$keyword; else $idsearch = ""; $query .= "$prefix$logic (summary LIKE \"%$keyword%\"$idsearch" ." OR subsystem LIKE \"%$keyword%\"" ." OR str_version LIKE \"%$keyword%\"" ." OR fix_version LIKE \"%$keyword%\"" ." OR manager_email LIKE \"%$keyword%\"" ." OR create_email LIKE \"%$keyword%\")"; $prefix = $next; $logic = ''; } } $query .= ")"; } $result = db_query("SELECT * FROM str $query " ."ORDER BY status DESC, priority DESC, scope DESC, " ."modify_date"); $count = db_count($result); if ($count == 0) { print("

No STRs found.

\n"); if (($priority || $status || $scope) && $search != "") print("

[ Search for \"$search\" in all STRs ]

\n"); html_footer(); exit(); } if ($index >= $count) $index = $count - ($count % $STR_PAGE_MAX); if ($index < 0) $index = 0; $start = $index + 1; $end = $index + $STR_PAGE_MAX; if ($end > $count) $end = $count; $prev = $index - $STR_PAGE_MAX; if ($prev < 0) $prev = 0; $next = $index + $STR_PAGE_MAX; print("

$count STR(s) found, showing $start to $end:

\n"); if ($REMOTE_USER) print("
\n"); print("

\n"); if ($count > $STR_PAGE_MAX) { print("\n"); } print("" ."" .""); if ($REMOTE_USER) print(""); print("\n"); $line = 0; if ($REMOTE_USER) $sumlen = 80; else $sumlen = 40; db_seek($result, $index); for ($i = 0; $i < $STR_PAGE_MAX && $row = db_next($result); $i ++) { $date = date("M d, Y", $row['modify_date']); $summary = htmlspecialchars($row['summary'], ENT_QUOTES); $summabbr = htmlspecialchars(abbreviate($row['summary'], $sumlen), ENT_QUOTES); $prtext = $priority_text[$row['priority']]; $sttext = $status_text[$row['status']]; $sctext = $scope_text[$row['scope']]; if ($row['is_published']) print(""); else print(""); print("" ."" ."" ."" ."" ."" .""); if ($REMOTE_USER) { if ($row['manager_email'] != "") $email = sanitize_email($row['manager_email']); else $email = "Unassigned"; print(""); } print("\n"); if ($REMOTE_USER && $row['status'] >= $STR_STATUS_PENDING) { $textresult = db_query("SELECT * FROM strtext " ."WHERE str_id = $row[id] " ."ORDER BY id DESC LIMIT 1"); if ($textresult && db_count($textresult) > 0) { $textrow = db_next($textresult); if ($row['is_published']) print(""); else print(""); $email = sanitize_email($textrow->email); $contents = quote_text(abbreviate($textrow->contents, 128)); print("" ."" ."\n"); db_free($textresult); } } $line = 1 - $line; } db_free($result); if ($REMOTE_USER) { print("\n"); } else print("\n"); if ($count > $STR_PAGE_MAX) { print("\n"); } print("
"); if ($index > 0) print("[ Previous $STR_PAGE_MAX ]"); if ($REMOTE_USER) print(""); else print(""); if ($end < $count) print("[ Next $STR_PAGE_MAX ]"); print("
IdPriorityStatusScopeSummaryVersionLast UpdatedAssigned To
"); if ($REMOTE_USER) print(""); print("" ."$row[id]$prtext$sttext$sctext$summabbr$row[str_version]$date$email
$email$contents
"); print("Status: \n"); print("Priority: \n"); print("Assigned To: \n"); print("
Text: \n"); print(""); print("
" ."
"); if ($index > 0) print("[ Previous $STR_PAGE_MAX ]"); if ($REMOTE_USER) print(""); else print(""); if ($end < $count) print("[ Next $STR_PAGE_MAX ]"); print("
"); if ($REMOTE_USER) print("

"); print("

" ."M/P = Machine/Printer, " ."OS = Operating System." ."

\n"); } html_footer(); break; case 'M' : // Modify STR if ($REQUEST_METHOD == "POST") { if (array_key_exists("STATUS", $_POST)) { $time = time(); $master_id = (int)$_POST["MASTER_ID"]; $summary = db_escape($_POST["SUMMARY"]); $subsystem = db_escape($_POST["SUBSYSTEM"]); $create_email = db_escape($_POST["CREATE_EMAIL"]); $manager_email = db_escape($_POST["MANAGER_EMAIL"]); $modify_email = db_escape($managers[$REMOTE_USER]); $contents = db_escape(trim($_POST["CONTENTS"])); $message = $_POST["MESSAGE"]; db_query("UPDATE str SET " ."master_id = $master_id, " ."is_published = $_POST[IS_PUBLISHED], " ."status = $_POST[STATUS], " ."priority = $_POST[PRIORITY], " ."scope = $_POST[SCOPE], " ."summary = '$summary', " ."subsystem = '$subsystem', " ."str_version = '$_POST[STR_VERSION]', " ."fix_version = '$_POST[FIX_VERSION]', " ."create_email = '$create_email', " ."manager_email = '$manager_email', " ."modify_date = $time, " ."modify_email = '$modify_email' " ."WHERE id = $id"); if ($contents != "") { db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time," ."'$modify_email','$contents')"); $contents = trim($_POST["CONTENTS"]) . "\n\n"; } if ($message != "") { $contents = db_escape($messages[$message]); db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time," ."'$modify_email','$contents')"); $contents = $messages[$message] . "\n\n"; } header("Location: $PHP_SELF?L$id$options"); notify_creator($id, "updated", $contents); } else if (array_key_exists("FILE_ID", $_POST)) { db_query("UPDATE strfile SET " ."is_published = $_POST[IS_PUBLISHED] " ."WHERE id = $_POST[FILE_ID]"); header("Location: $PHP_SELF?M$id$options"); } else if (array_key_exists("TEXT_ID", $_POST)) { db_query("UPDATE strtext SET " ."is_published = $_POST[IS_PUBLISHED] " ."WHERE id = $_POST[TEXT_ID]"); header("Location: $PHP_SELF?M$id$options"); } else header("Location: $PHP_SELF?M$id$options"); } else { html_header("STR #$id"); print("

" ."[ Return to STR List" ." | Return to STR #$id" ." | Post Text" ." | Post File" ." ]


\n"); $result = db_query("SELECT * FROM str WHERE id = $id"); if (db_count($result) != 1) { print("

Error: STR #$id was not found!

\n"); html_footer(); exit(); } $row = db_next($result); $create_email = htmlspecialchars($row['create_email']); $manager_email = htmlspecialchars($row['manager_email']); $summary = htmlspecialchars($row['summary'], ENT_QUOTES); print("
" ."

\n"); print("" ."\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("" ."\n"); print("" ."\n"); print("" ."\n"); print("" ."\n"); print("" ."\n"); print("" ."\n"); print("\n"); print("\n"); print("
Duplicate Of:
Published:"); print("
Status:"); print("\n"); print("
Priority:"); print("
Scope:"); print("
Subsystem:
Summary:
Version:
Created By:
Assigned To:
Fix Version:
Text:"); print("
\n"); print("
" ."

\n"); print("

Trouble Report Files: " ."[ Post File ]" ."

\n"); $result = db_query("SELECT * FROM strfile WHERE str_id = $id"); if (db_count($result) == 0) print("

No files

\n"); else { print("

\n" ."" ."\n"); $line = 0; while ($row = db_next($result)) { $date = date("M d, Y", $row['date']); $time = date("H:m", $row['date']); $email = sanitize_email($row['email']); $filename = htmlspecialchars($row['filename']); print("" ."" ."" ."\n"); $line = 1 - $line; } print("
Name/Time/DateFilename
$email
$time $date
" ."
" .""); if ($row['is_published']) print("" .""); else print("" .""); print("
" ."$filename

\n"); } db_free($result); print("

Trouble Report Dialog: " ."[ Post Text ]" ."

\n"); $result = db_query("SELECT * FROM strtext WHERE " ."str_id = $id"); if (db_count($result) == 0) print("

No text

\n"); else { print("

\n" ."" ."\n"); $line = 0; while ($row = db_next($result)) { $date = date("M d, Y", $row['date']); $time = date("H:m", $row['date']); $email = sanitize_email($row['email']); $contents = quote_text($row['contents']); print("" ."" ."" ."\n"); $line = 1 - $line; } print("
Name/Time/DateText
$email
$time $date
" ."
" .""); if ($row['is_published']) print("" .""); else print("" .""); print("
$contents

\n"); } db_free($result); html_footer(); } break; case 'T' : // Post text for STR # if ($REQUEST_METHOD == "POST") { $contents = $_POST["CONTENTS"]; if (array_key_exists("EMAIL", $_POST)) { $email = $_POST["EMAIL"]; setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); } else if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; else $email = ""; if (ereg("Anonymous.*", $email)) $email = ""; if ($email != "" && $contents != "") $havedata = 1; } else { if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else $email = $_COOKIE["FROM"]; $contents = ""; if (ereg("Anonymous.*", $email)) $email = ""; } if ($REQUEST_METHOD == "POST" && $havedata) { $time = time(); $temail = db_escape($email); $tcontents = db_escape($contents); db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,'$temail'," ."'$tcontents')"); db_query("UPDATE str SET modify_date=$time, modify_email='$temail' " ."WHERE id = $id"); db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE " ."id = $id AND status >= $STR_STATUS_ACTIVE AND " ."status < $STR_STATUS_NEW"); header("Location: $PHP_SELF?L$id$options"); notify_creator($id, "updated", "$contents\n\n"); } else { html_header("Post Text For STR #$id"); print("

[ Return to " ."STR #$id ]

\n"); if ($REQUEST_METHOD == "POST") { print("

Error: Please fill in the fields marked in " ."bold red below and resubmit " ."your trouble report.


\n"); $hstart = ""; $hend = ""; } else { print("
\n"); $hstart = ""; $hend = ""; } print("
" ."

\n"); print("\n"); print("\n"); print("\n"); print("
"); if ($email != "") print("EMail:"); else print("${hstart}EMail:$hend"); $temp = htmlspecialchars($email); print("
"); if ($contents != "") print("Text:"); else print("${hstart}Text:$hend"); $temp = htmlspecialchars($contents); print("
" ."

\n"); html_footer(); } break; case 'F' : // Post file for STR # if ($REQUEST_METHOD == "POST") { if (array_key_exists("EMAIL", $_POST)) { $email = $_POST["EMAIL"]; setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); } else if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; else $email = ""; if (ereg("Anonymous.*", $email)) $email = ""; if (array_key_exists("STRFILE", $_FILES)) { $filename = $_FILES['STRFILE']['name']; if ($filename[0] == '.' || $filename[0] == '/') $filename = ""; } else $filename = ""; if ($email != "" && $filename != "") $havedata = 1; } else { if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else $email = $_COOKIE["FROM"]; $filename = ""; if (ereg("Anonymous.*", $email)) $email = ""; } if ($REQUEST_METHOD == "POST" && $havedata) { $time = time(); $temail = db_escape($email); $tmp_name = $_FILES['STRFILE']['tmp_name']; $name = $_FILES['STRFILE']['name']; $tname = db_escape($name); $infile = fopen($tmp_name, "rb"); if (!$infile) { html_header("Error"); print("

Error! Unable to open file attachment!

\n"); html_footer(); exit(); } mkdir("strfiles/$id"); $outfile = fopen("strfiles/$id/$name", "wb"); if (!$outfile) { html_header("Error"); print("

Error! Unable to save file attachment!

\n"); html_footer(); exit(); } while ($data = fread($infile, 8192)) fwrite($outfile, $data); fclose($infile); fclose($outfile); db_query("INSERT INTO strfile VALUES(NULL,$id,1,$time,'$temail'," ."'$tname')"); db_query("UPDATE str SET modify_date=$time, modify_email='$temail' " ."WHERE id = $id"); db_query("UPDATE str SET status=$STR_STATUS_PENDING WHERE " ."id = $id AND status >= $STR_STATUS_ACTIVE AND " ."status < $STR_STATUS_NEW"); header("Location: $PHP_SELF?L$id$options"); notify_creator($id, "updated", "Added file $name\n\n"); } else { html_header("Post File For STR #$id"); print("

[ Return to " ."STR #$id ]

\n"); if ($REQUEST_METHOD == "POST") { print("

Error: Please fill in the fields marked in " ."bold red below and resubmit " ."your trouble report.


\n"); $hstart = ""; $hend = ""; } else { print("
\n"); $hstart = ""; $hend = ""; } print("
" .""); print("

\n"); print("\n"); print("\n"); print("\n"); print("
"); if ($email != "") print("EMail:"); else print("${hstart}EMail:$hend"); $temp = htmlspecialchars($email); print("
"); if (array_key_exists("STRFILE", $_FILES)) print("File:"); else print("${hstart}File:$hend"); print("
" ."

\n"); html_footer(); } break; case 'N' : // Post new STR $havedata = 0; if ($REQUEST_METHOD == "POST") { $npriority = $_POST["PRIORITY"]; $nscope = $_POST["SCOPE"]; $summary = $_POST["SUMMARY"]; $version = $_POST["VERSION"]; $contents = $_POST["CONTENTS"]; if (array_key_exists("EMAIL", $_POST)) { $email = $_POST["EMAIL"]; setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); } else if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else if (array_key_exists("FROM", $_COOKIE)) $email = $_COOKIE["FROM"]; else $email = ""; if (array_key_exists("STRFILE", $_FILES)) { $filename = $_FILES['STRFILE']['name']; if ($filename[0] == '.' || $filename[0] == '/') $filename = ""; } else $filename = ""; if ($npriority && $nscope && $summary != "" && $email != "" && $version != "" && $contents != "") $havedata = 1; } else { if ($REMOTE_USER) $email = $managers[$REMOTE_USER]; else $email = $_COOKIE["FROM"]; $npriority = 0; $nscope = 0; $summary = ""; $version = ""; $contents = ""; $filename = ""; } if (ereg("Anonymous.*", $email)) $email = ""; if ($REQUEST_METHOD == "POST" && $havedata) { $time = time(); $temail = db_escape($email); $tsummary = db_escape($summary); $tcontents = db_escape($contents); db_query("INSERT INTO str VALUES(NULL,0," ."$_POST[IS_PUBLISHED],$STR_STATUS_NEW," ."$npriority,$nscope,'$tsummary','','$version','',''," ."$time,'$temail',$time,'$temail')"); $id = db_insert_id(); db_query("INSERT INTO strtext VALUES(NULL,$id,1,$time,'$temail'," ."'$tcontents')"); if ($filename != "") { $tmp_name = $_FILES['STRFILE']['tmp_name']; $name = $_FILES['STRFILE']['name']; $tname = db_escape($name); $infile = fopen($tmp_name, "rb"); if (!$infile) { html_header("Error"); print("

Error! Unable to open file attachment!

\n"); html_footer(); exit(); } mkdir("strfiles/$id"); $outfile = fopen("strfiles/$id/$name", "wb"); if (!$outfile) { html_header("Error"); print("

Error! Unable to save file attachment!

\n"); html_footer(); exit(); } while ($data = fread($infile, 8192)) fwrite($outfile, $data); fclose($infile); fclose($outfile); db_query("INSERT INTO strfile VALUES(NULL,$id,1,$time,'$temail'," ."'$tname')"); } header("Location: $PHP_SELF?L$id$options"); notify_creator($id, "created", "$contents\n\n"); } else { html_header("New STR"); print("

[ Return to " ."STR List ]

\n"); if ($REQUEST_METHOD == "POST") { print("

Error: Please fill in the fields marked in " ."bold red below and resubmit " ."your trouble report.


\n"); $hstart = ""; $hend = ""; } else { print("

Please use this form to report all bugs and request " ."features in the Mini-XML software. Be sure to include " ."the operating system, compiler, sample programs and/or " ."files, and any other information you can about your " ."problem. Thank you for helping us to make Mini-XML " ."a better library!


\n"); $hstart = ""; $hend = ""; } print("
" .""); print("

\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("\n"); print("
Security Advisory:" ."
Status:5 - New
"); if ($npriority > 0) print("Priority:"); else print("${hstart}Priority:$hend"); for ($i = 1; $i <= 5; $i ++) { print("$priority_long[$i]
"); } print("
"); if ($nscope > 0) print("Scope:"); else print("${hstart}Scope:$hend"); for ($i = 1; $i <= 3; $i ++) { print("$scope_long[$i]
"); } print("
Subsystem:Unassigned
"); if ($summary != "") print("Summary:"); else print("${hstart}Summary:$hend"); $temp = htmlspecialchars($summary, ENT_QUOTES); print("
"); if ($version != "") print("Version:"); else print("${hstart}Version:$hend"); print("
"); if ($email != "") print("EMail:"); else print("${hstart}EMail:$hend"); $temp = htmlspecialchars($email); print("
Assigned To:Unassigned
Fix Version:Unassigned
"); if ($contents != "") print("Detailed Description of Problem:"); else print("${hstart}Detailed Description of Problem:$hend"); $temp = htmlspecialchars($contents); print("
File:"); print("
" ."

\n"); html_footer(); } break; case 'U' : // Update notification status // EMAIL and NOTIFICATION variables hold status; add/delete from strcc... $havedata = 0; if ($REQUEST_METHOD != "POST") { html_header("STR Error"); print("

The '$op' command requires a POST request!\n"); html_footer(); exit(); } $notification = $_POST["NOTIFICATION"]; $email = $_POST["EMAIL"]; if (($notification != "ON" && $notification != "OFF") || $email == "") { html_header("STR Error"); print("

Please press your browsers back button and enter an " ."EMail address and choose whether to receive notification " ."messages.

\n"); html_footer(); exit(); } setcookie("FROM", "$email", time() + 57600, $PHP_SELF, $SERVER_NAME); $result = db_query("SELECT * FROM strcc WHERE str_id = $id AND email = '$email'"); html_header("STR #$id Notifications"); if ($notification == "ON") { if ($result && db_count($result) > 0) print("

Your email address has already been added to the " ."notification list for STR #$id!

\n"); else { db_query("INSERT INTO strcc VALUES(NULL,$id,'$email')"); print("

Your email address has been added to the notification list " ."for STR #$id.

\n"); } } else if ($result && db_count($result) > 0) { db_query("DELETE FROM strcc WHERE str_id = $id AND email = '$email'"); print("

Your email address has been removed from the notification list " ."for STR #$id.

\n"); } else { print("

Your email address is not on the notification list for " ."STR #$id!

\n"); } if ($result) db_free($result); print("

[ Return to STR #$id ]

\n"); html_footer(); break; } ?>