1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Mantis Configuration. View, edit, update a configuration option. 19 * @package MantisBT 20 * @copyright Copyright 2000 - 2002 Kenzaburo Ito - kenito@300baud.org 21 * @copyright Copyright 2002 MantisBT Team - mantisbt-dev@lists.sourceforge.net 22 * @link http://www.mantisbt.org 23 * 24 * @uses core.php 25 * @uses access_api 26 * @uses config_api 27 * @uses constant_inc.php 28 * @uses error_api 29 * @uses form_api 30 * @uses gpc_api 31 * @uses helper_api 32 * @uses lang_api 33 * @uses layout_api 34 * @uses print_api 35 * @uses string_api 36 * @uses user_api 37 */ 38 39require_once( 'core.php' ); 40require_api( 'access_api.php' ); 41require_api( 'config_api.php' ); 42require_api( 'constant_inc.php' ); 43require_api( 'error_api.php' ); 44require_api( 'form_api.php' ); 45require_api( 'gpc_api.php' ); 46require_api( 'helper_api.php' ); 47require_api( 'lang_api.php' ); 48require_api( 'layout_api.php' ); 49require_api( 'print_api.php' ); 50require_api( 'string_api.php' ); 51require_api( 'user_api.php' ); 52 53access_ensure_global_level( config_get( 'view_configuration_threshold' ) ); 54$t_has_write_access = access_has_global_level( config_get( 'set_configuration_threshold' ) ); 55 56layout_page_header( lang_get( 'configuration_report' ) ); 57layout_page_begin( 'manage_overview_page.php' ); 58 59print_manage_menu( PAGE_CONFIG_DEFAULT ); 60print_manage_config_menu( 'adm_config_report.php' ); 61 62# Get request values 63$f_edit_user_id = gpc_get_int( 'user_id', ALL_USERS ); 64$f_edit_project_id = gpc_get_int( 'project_id', ALL_PROJECTS ); 65$f_edit_option = gpc_get_string( 'config_option', null ); 66$f_edit_action = gpc_get_string( 'action', MANAGE_CONFIG_ACTION_VIEW ); 67 68# Ensure we exclusively use one of the defined, valid actions (XSS protection) 69$t_valid_actions = array( 70 MANAGE_CONFIG_ACTION_CREATE, 71 MANAGE_CONFIG_ACTION_CLONE, 72 MANAGE_CONFIG_ACTION_EDIT, 73 MANAGE_CONFIG_ACTION_VIEW 74); 75$t_edit_action = in_array( $f_edit_action, $t_valid_actions ) 76 ? $f_edit_action 77 : MANAGE_CONFIG_ACTION_CREATE; 78 79# if not creating a new option, the option name is required 80if( MANAGE_CONFIG_ACTION_CREATE != $t_edit_action && null == $f_edit_option ) { 81 error_parameters( 'config_option' ); 82 trigger_error( ERROR_EMPTY_FIELD, ERROR ); 83} 84 85# see if the user can modify configuration options 86$t_modify = MANAGE_CONFIG_ACTION_VIEW != $t_edit_action 87 && $t_has_write_access 88 && config_can_delete( $f_edit_option ); 89 90# if can't modify, switch antion to "view" 91if( !$t_modify ) { 92 $t_edit_action = MANAGE_CONFIG_ACTION_VIEW; 93} 94 95$t_action_label = lang_get( 'set_configuration_option_action_' . $t_edit_action ); 96 97if( MANAGE_CONFIG_ACTION_CREATE != $t_edit_action ) { 98 # retrieve existing config data from database for this option 99 $t_query = new DbQuery( 'SELECT * FROM {config} WHERE config_id = :config AND user_id = :user AND project_id = :project' ); 100 $t_query->bind_values( array( 101 'config' => $f_edit_option, 102 'user' => $f_edit_user_id, 103 'project' => $f_edit_project_id 104 ) ); 105 $t_config_row = $t_query->fetch(); 106 107 if( !$t_config_row ) { 108 # this error will be triggered if the exact config combination does not exist in database 109 error_parameters( $f_edit_option ); 110 trigger_error( ERROR_CONFIG_OPT_NOT_FOUND, ERROR ); 111 } 112 $t_option_user_id = (int)$t_config_row['user_id']; 113 $t_option_project_id = (int)$t_config_row['project_id']; 114 $t_option_id = $t_config_row['config_id']; 115 $t_option_type = $t_config_row['type']; 116 $t_option_value = $t_config_row['value']; 117} else { 118 # action is MANAGE_CONFIG_ACTION_CREATE 119 # prepare new or default values 120 $t_option_user_id = $f_edit_user_id; 121 $t_option_project_id = $f_edit_project_id; 122 $t_option_id = $f_edit_option; 123 $t_option_type = CONFIG_TYPE_DEFAULT; 124 $t_option_value = ''; 125 126 if( null != $t_option_id ) { 127 # if an option has been provided, 128 # make sure that configuration option specified is a valid one. 129 $t_not_found_value = '***CONFIG OPTION NOT FOUND***'; 130 if( config_get( $t_option_id, $t_not_found_value ) === $t_not_found_value ) { 131 error_parameters( $t_option_id ); 132 trigger_error( ERROR_CONFIG_OPT_NOT_FOUND, ERROR ); 133 } 134 } 135} 136 137?> 138 139<div class="col-md-12 col-xs-12"> 140 <div class="space-10"></div> 141 142 <div id="config-edit-div"> 143 <form id="config_set_form" method="post" action="<?php echo ( $t_modify? 'adm_config_set.php' : '' ) ?>"> 144 145 <!-- Title --> 146 <div class="widget-box widget-color-blue2"> 147 <div class="widget-header widget-header-small"> 148 <h4 class="widget-title lighter"> 149 <?php print_icon( 'fa-sliders', 'ace-icon' ); ?> 150 <?php echo $t_action_label; ?> 151 </h4> 152 </div> 153 154 <div class="widget-body"> 155 <div class="widget-main no-padding"> 156 <div id="config-edit-div" class="form-container"> 157 <div class="table-responsive"> 158 159 <table class="table table-bordered table-condensed table-striped"> 160 <fieldset> 161 <?php 162 if( $t_modify ) { 163 echo form_security_field( 'adm_config_set' ); 164 } 165 ?> 166 167 <!-- Username --> 168 <tr> 169 <td class="category"> 170 <?php echo lang_get( 'username' ) ?> 171 </td> 172 <td> 173 <?php 174 if( $t_modify ) { 175 ?> 176 <select id="config-user-id" name="user_id" class="input-sm"> 177 <option value="<?php echo ALL_USERS; ?>" 178 <?php check_selected( $t_option_user_id, ALL_USERS ) ?>> 179 <?php echo lang_get( 'all_users' ); ?> 180 </option> 181 <?php print_user_option_list( $t_option_user_id ) ?> 182 </select> 183 <input type="hidden" name="original_user_id" value="<?php echo $t_option_user_id; ?>" /> 184 <?php 185 } else { 186 $t_username = ALL_USERS == $t_option_user_id ? lang_get( 'all_users' ) : user_get_name( $t_option_user_id ); 187 echo string_display_line( $t_username ); 188 } 189 ?> 190 </td> 191 </tr> 192 193 <!-- Project --> 194 <tr> 195 <td class="category"> 196 <?php echo lang_get( 'project_name' ) ?> 197 </td> 198 <td> 199 <?php 200 if( $t_modify ) { 201 ?> 202 <select id="config-project-id" name="project_id" class="input-sm"> 203 <option value="<?php echo ALL_PROJECTS; ?>" 204 <?php check_selected( $t_option_project_id, ALL_PROJECTS ); ?>> 205 <?php echo lang_get( 'all_projects' ); ?> 206 </option> 207 <?php print_project_option_list( $t_option_project_id, false ) ?> 208 </select> 209 <input type="hidden" name="original_project_id" value="<?php echo $t_option_project_id; ?>" /> 210 <?php 211 } else { 212 echo string_display_line( project_get_name( $t_option_project_id ) ); 213 } 214 ?> 215 </td> 216 </tr> 217 218 <!-- Config option name --> 219 <tr> 220 <td class="category"> 221 <?php echo lang_get( 'configuration_option' ) ?> 222 </td> 223 <td> 224 <?php 225 if( $t_modify ) { 226 ?> 227 <input type="text" name="config_option" class="input-sm" 228 value="<?php echo string_display_line( $t_option_id ); ?>" 229 size="64" maxlength="64" /> 230 <input type="hidden" name="original_config_option" value="<?php echo string_display_line( $t_option_id ); ?>" /> 231 <?php 232 } else { 233 echo string_display_line( $t_option_id ); 234 } 235 ?> 236 </td> 237 </tr> 238 239 <!-- Option type --> 240 <tr> 241 <td class="category"> 242 <?php echo lang_get( 'configuration_option_type' ) ?> 243 </td> 244 <td> 245 <?php 246 if( $t_modify ) { 247 ?> 248 <select id="config-type" name="type" class="input-sm"> 249 <?php print_option_list_from_array( config_get_types(), $t_option_type ); ?> 250 </select> 251 <?php 252 } else { 253 echo string_display_line( config_get_type_string( $t_option_type ) ); 254 } 255 ?> 256 </td> 257 </tr> 258 259 <!-- Option Value --> 260 <tr> 261 <td class="category"> 262 <?php echo lang_get( 'configuration_option_value' ) ?> 263 </td> 264 <td> 265 <?php 266 if( $t_modify ) { 267 ?> 268 <textarea class="form-control" name="value" cols="80" rows="10"><?php 269 echo config_get_value_as_string( $t_option_type, $t_option_value, false ); 270 ?></textarea> 271 <?php 272 } else { 273 echo config_get_value_as_string( $t_option_type, $t_option_value, true ); 274 } 275 ?> 276 </td> 277 </tr> 278 </fieldset> 279 </table> 280 </div> 281 282 </div> 283 <div class="widget-toolbox padding-4 clearfix"> 284 <?php 285 if( $t_modify ) { 286 ?> 287 <input type="hidden" name="action" value="<?php echo $t_edit_action; ?>" /> 288 <input type="submit" name="config_set" class="btn btn-primary btn-white btn-round" 289 value="<?php echo $t_action_label; ?>"/> 290 <?php 291 } 292 ?> 293 </div> 294 </div> 295 </div> 296 </div> 297 </form> 298 </div> 299</div> 300 301<?php 302layout_page_end(); 303