search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
SOAP API: do not try to unserialize an invalid filter
[mantis.git] / tag_attach.php
blobde8e95ca01d57f1f5490547389bcf582dea8aced
1 <?php
2 # MantisBT - A PHP based bugtracking system
3
4 # MantisBT is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 2 of the License, or
7 # (at your option) any later version.
8 #
9 # MantisBT is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU General Public License
15 # along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * @package MantisBT
19 * @copyright Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net
20 * @link http://www.mantisbt.org
21 *
22 * @uses core.php
23 * @uses access_api.php
24 * @uses authentication_api.php
25 * @uses bug_api.php
26 * @uses config_api.php
27 * @uses constant_inc.php
28 * @uses event_api.php
29 * @uses form_api.php
30 * @uses gpc_api.php
31 * @uses helper_api.php
32 * @uses html_api.php
33 * @uses lang_api.php
34 * @uses print_api.php
35 * @uses string_api.php
36 * @uses tag_api.php
37 * @uses utility_api.php
38 */
39
40 /**
41 * MantisBT Core API's
42 */
43 require_once( 'core.php' );
44 require_api( 'access_api.php' );
45 require_api( 'authentication_api.php' );
46 require_api( 'bug_api.php' );
47 require_api( 'config_api.php' );
48 require_api( 'constant_inc.php' );
49 require_api( 'event_api.php' );
50 require_api( 'form_api.php' );
51 require_api( 'gpc_api.php' );
52 require_api( 'helper_api.php' );
53 require_api( 'html_api.php' );
54 require_api( 'lang_api.php' );
55 require_api( 'print_api.php' );
56 require_api( 'string_api.php' );
57 require_api( 'tag_api.php' );
58 require_api( 'utility_api.php' );
59
60 form_security_validate( 'tag_attach' );
61
62 $f_bug_id = gpc_get_int( 'bug_id' );
63 $f_tag_select = gpc_get_int( 'tag_select' );
64 $f_tag_string = gpc_get_string( 'tag_string' );
65
66 $t_user_id = auth_get_current_user_id();
67
68 access_ensure_bug_level( config_get( 'tag_attach_threshold' ), $f_bug_id, $t_user_id );
69
70 /** @todo The handling of tag strings which can include multiple tags should be moved
71 * to the APIs. This is to allow other clients of the API to support such
72 * functionality. The access level checks should also be moved to the API.
73 */
74 $t_tags = tag_parse_string( $f_tag_string );
75 $t_can_create = access_has_global_level( config_get( 'tag_create_threshold' ) );
76
77 $t_tags_create = array();
78 $t_tags_attach = array();
79 $t_tags_failed = array();
80
81 foreach ( $t_tags as $t_tag_row ) {
82 if ( -1 == $t_tag_row['id'] ) {
83 if ( $t_can_create ) {
84 $t_tags_create[] = $t_tag_row;
85 } else {
86 $t_tags_failed[] = $t_tag_row;
87 }
88 } else if ( -2 == $t_tag_row['id'] ) {
89 $t_tags_failed[] = $t_tag_row;
90 } else {
91 $t_tags_attach[] = $t_tag_row;
92 }
93 }
94
95 if ( 0 < $f_tag_select && tag_exists( $f_tag_select ) ) {
96 $t_tags_attach[] = tag_get( $f_tag_select );
97 }
98
99 // failed to attach at least one tag
100 if ( count( $t_tags_failed ) > 0 ) {
101 html_page_top( lang_get( 'tag_attach_long' ) . ' ' . bug_format_summary( $f_bug_id, SUMMARY_CAPTION ) );
102 ?>
103 <br/>
104 <table class="width75">
105 <tr class="row-category">
106 <td colspan="2"><?php echo lang_get( 'tag_attach_failed' ) ?></td>
107 </tr>
108 <tr class="spacer"><td colspan="2"></td></tr>
109 <?php
110 $t_tag_string = "";
111 foreach( $t_tags_attach as $t_tag_row ) {
112 if ( !is_blank( $t_tag_string ) ) {
113 $t_tag_string .= config_get( 'tag_separator' );
114 }
115 $t_tag_string .= $t_tag_row['name'];
116 }
117
118 foreach( $t_tags_failed as $t_tag_row ) {
119 echo '<tr ',helper_alternate_class(),'>';
120 if ( -1 == $t_tag_row['id'] ) {
121 echo '<th class="category">', lang_get( 'tag_create_denied' ), '</th>';
122 } else if ( -2 == $t_tag_row['id'] ) {
123 echo '<th class="category">', lang_get( 'tag_invalid_name' ), '</th>';
124 }
125 echo '<td>', string_html_specialchars( $t_tag_row['name'] ), '</td></tr>';
126
127 if ( !is_blank( $t_tag_string ) ) {
128 $t_tag_string .= config_get( 'tag_separator' );
129 }
130 $t_tag_string .= $t_tag_row['name'];
131 }
132 ?>
133 <tr class="spacer"><td colspan="2"></td></tr>
134 <tr <?php echo helper_alternate_class() ?>>
135 <th class="category"><?php echo lang_get( 'tag_attach_long' ) ?></th>
136 <td>
137 <?php
138 print_tag_attach_form( $f_bug_id, $t_tag_string );
139 ?>
140 </td>
141 </tr>
142 </table>
143 <?php
144 html_page_bottom();
145 // end failed to attach tag
146 } else {
147 foreach( $t_tags_create as $t_tag_row ) {
148 $t_tag_row['id'] = tag_create( $t_tag_row['name'], $t_user_id );
149 $t_tags_attach[] = $t_tag_row;
150 }
151
152 foreach( $t_tags_attach as $t_tag_row ) {
153 if ( !tag_bug_is_attached( $t_tag_row['id'], $f_bug_id ) ) {
154 tag_bug_attach( $t_tag_row['id'], $f_bug_id, $t_user_id );
155 }
156 }
157
158 event_signal( 'EVENT_TAG_ATTACHED', array( $f_bug_id, $t_tags_attach ) );
159
160 form_security_purge( 'tag_attach' );
161
162 print_successful_redirect_to_bug( $f_bug_id );
163 }