1<?php
2# MantisBT - A PHP based bugtracking system
3
4# MantisBT is free software: you can redistribute it and/or modify
5# it under the terms of the GNU General Public License as published by
6# the Free Software Foundation, either version 2 of the License, or
7# (at your option) any later version.
8#
9# MantisBT is distributed in the hope that it will be useful,
10# but WITHOUT ANY WARRANTY; without even the implied warranty of
11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
12# GNU General Public License for more details.
13#
14# You should have received a copy of the GNU General Public License
15# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
16
17/**
18 * This page stores the reported bug
19 *
20 * @package MantisBT
21 * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
22 * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
23 * @link http://www.mantisbt.org
24 *
25 * @uses core.php
26 * @uses authentication_api.php
27 * @uses constant_inc.php
28 * @uses custom_field_api.php
29 * @uses error_api.php
30 * @uses file_api.php
31 * @uses form_api.php
32 * @uses gpc_api.php
33 * @uses helper_api.php
34 * @uses html_api.php
35 * @uses lang_api.php
36 * @uses print_api.php
37 * @uses string_api.php
38 * @uses utility_api.php
39 */
40
41require_once( 'core.php' );
42require_api( 'constant_inc.php' );
43require_api( 'custom_field_api.php' );
44require_api( 'error_api.php' );
45require_api( 'file_api.php' );
46require_api( 'form_api.php' );
47require_api( 'gpc_api.php' );
48require_api( 'helper_api.php' );
49require_api( 'html_api.php' );
50require_api( 'lang_api.php' );
51require_api( 'print_api.php' );
52require_api( 'string_api.php' );
53require_api( 'utility_api.php' );
54
55form_security_validate( 'bug_report' );
56
57$f_master_bug_id = gpc_get_int( 'm_id', 0 );
58$f_rel_type = gpc_get_int( 'rel_type', BUG_REL_NONE );
59$f_copy_notes_from_parent = gpc_get_bool( 'copy_notes_from_parent', false );
60$f_copy_attachments_from_parent = gpc_get_bool( 'copy_attachments_from_parent', false );
61$f_report_stay = gpc_get_bool( 'report_stay', false );
62
63$t_clone_info = array(
64	'master_issue_id' => $f_master_bug_id,
65	'relationship_type' => $f_rel_type,
66	'copy_notes' => $f_copy_notes_from_parent,
67	'copy_files' => $f_copy_attachments_from_parent
68);
69
70if( $f_master_bug_id > 0 ) {
71	bug_ensure_exists( $f_master_bug_id );
72
73	# User can view the master bug
74	access_ensure_bug_level( config_get( 'view_bug_threshold' ), $f_master_bug_id );
75
76	if( bug_is_readonly( $f_master_bug_id ) ) {
77		error_parameters( $f_master_bug_id );
78		trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
79	}
80	$t_master_bug = bug_get( $f_master_bug_id, true );
81	$t_project_id = $t_master_bug->project_id;
82} else {
83	$f_project_id = gpc_get_int( 'project_id' );
84	$t_project_id = $f_project_id;
85}
86
87$t_issue = array(
88	'project' => array( 'id' => $t_project_id ),
89	'reporter' => array( 'id' => auth_get_current_user_id() ),
90	'summary' => gpc_get_string( 'summary' ),
91	'description' => gpc_get_string( 'description' ),
92);
93
94$t_tag_string = '';
95$f_tag_select = gpc_get_int( 'tag_select', 0 );
96if( $f_tag_select != 0 ) {
97	$t_tag_string = tag_get_name( $f_tag_select );
98}
99
100$f_tag_string = gpc_get_string( 'tag_string', '' );
101if( !is_blank( $f_tag_string ) ) {
102	$t_tag_string = is_blank( $t_tag_string ) ? $f_tag_string : ',' . $f_tag_string;
103}
104
105$t_tags = tag_parse_string( $t_tag_string );
106if( !empty( $t_tags ) ) {
107	$t_issue['tags'] = array();
108	foreach( $t_tags as $t_tag ) {
109		$t_issue['tags'][] = array( 'name' => $t_tag['name'] );
110	}
111}
112
113$f_files = gpc_get_file( 'ufile', null );
114if( $f_files !== null && !empty( $f_files ) ) {
115	$t_issue['files'] = helper_array_transpose( $f_files );
116}
117
118$t_build = gpc_get_string( 'build', '' );
119if( !is_blank( $t_build ) ) {
120	$t_issue['build'] = $t_build;
121}
122
123$t_platform = gpc_get_string( 'platform', '' );
124if( !is_blank( $t_platform ) ) {
125	$t_issue['platform'] = $t_platform;
126}
127
128$t_os = gpc_get_string( 'os', '' );
129if( !is_blank( $t_os ) ) {
130	$t_issue['os'] = $t_os;
131}
132
133$t_os_build = gpc_get_string( 'os_build', '' );
134if( !is_blank( $t_os_build ) ) {
135	$t_issue['os_build'] = $t_os_build;
136}
137
138$t_version = gpc_get_string( 'product_version', '' );
139if( !is_blank( $t_version ) ) {
140	$t_issue['version'] = array( 'name' => $t_version );
141}
142
143$t_target_version = gpc_get_string( 'target_version', '' );
144if( !is_blank( $t_target_version ) ) {
145	$t_issue['target_version'] = array( 'name' => $t_target_version );
146}
147
148$t_profile_id = gpc_get_int( 'profile_id', 0 );
149if( $t_profile_id != 0 ) {
150	$t_issue['profile'] = array( 'id' => $t_profile_id );
151}
152
153$t_handler_id = gpc_get_int( 'handler_id', NO_USER );
154if( $t_handler_id != NO_USER ) {
155	$t_issue['handler'] = array( 'id' => $t_handler_id );
156}
157
158$t_monitors = gpc_get_int_array( 'monitors', array() );
159if( $t_monitors ) {
160	# The API expects a list of arrays with 'id' as key
161	$t_list = array();
162	foreach( $t_monitors as $t_monitor_id ) {
163		$t_list[] = array( 'id' => $t_monitor_id );
164	}
165	$t_issue['monitors'] = $t_list;
166}
167
168$t_view_state = gpc_get_int( 'view_state', 0 );
169if( $t_view_state != 0 ) {
170	$t_issue['view_state'] = array( 'id' => $t_view_state );
171}
172
173$t_category_id = gpc_get_int( 'category_id', 0 );
174if( $t_category_id != 0 ) {
175	$t_issue['category'] = array( 'id' => $t_category_id );
176}
177
178$t_reproducibility = gpc_get_int( 'reproducibility', 0 );
179if( $t_reproducibility != 0 ) {
180	$t_issue['reproducibility'] = array( 'id' => $t_reproducibility );
181}
182
183$t_severity = gpc_get_int( 'severity', 0 );
184if( $t_severity != 0 ) {
185	$t_issue['severity'] = array( 'id' => $t_severity );
186}
187
188$t_priority = gpc_get_int( 'priority', 0 );
189if( $t_priority != 0 ) {
190	$t_issue['priority'] = array( 'id' => $t_priority );
191}
192
193# @TODO decide what to do with projection field - see #27577
194# According to PHPDoc for $g_bug_report_page_fields, projection is not allowed
195# in the list; bug_report_page.php does not display it, so it does not really
196# make sense to process it here.
197$t_projection = gpc_get_int( 'projection', 0 );
198if( $t_projection != 0 ) {
199	$t_issue['projection'] = array( 'id' => $t_projection );
200}
201
202$t_eta = gpc_get_int( 'eta', 0 );
203if( $t_eta != 0 ) {
204	$t_issue['eta'] = array( 'id' => $t_eta );
205}
206
207$t_resolution = gpc_get_int( 'resolution', 0 );
208if( $t_resolution != 0 ) {
209	$t_issue['resolution'] = array( 'id' => $t_resolution );
210}
211
212$t_status = gpc_get_int( 'status', 0 );
213if( $t_status != 0 ) {
214	$t_issue['status'] = array( 'id' => $t_status );
215}
216
217$t_steps_to_reproduce = gpc_get_string( 'steps_to_reproduce', null );
218if( $t_steps_to_reproduce !== null ) {
219	$t_issue['steps_to_reproduce'] = $t_steps_to_reproduce;
220}
221
222$t_additional_info = gpc_get_string( 'additional_info', null );
223if( $t_additional_info !== null ) {
224	$t_issue['additional_information'] = $t_additional_info;
225}
226
227$t_due_date = gpc_get_string( 'due_date', null );
228if( $t_due_date !== null ) {
229	$t_issue['due_date'] = $t_due_date;
230}
231
232# Validate the custom fields before adding the bug.
233$t_related_custom_field_ids = custom_field_get_linked_ids( $t_project_id );
234$t_custom_fields = array();
235foreach( $t_related_custom_field_ids as $t_id ) {
236	$t_def = custom_field_get_definition( $t_id );
237
238	# Produce an error if the field is required but wasn't posted
239	if( gpc_isset_custom_field( $t_id, $t_def['type'] ) ) {
240		$t_custom_fields[] = array(
241			'field' => array( 'id' => $t_id ),
242			'value' => gpc_get_custom_field( 'custom_field_' . $t_id, $t_def['type'], null )
243		);
244	}
245}
246
247if( !empty( $t_custom_fields ) ) {
248	$t_issue['custom_fields'] = $t_custom_fields;
249}
250
251$t_data = array(
252	'payload' => array( 'issue' => $t_issue ),
253);
254
255if( $f_master_bug_id > 0 ) {
256	$t_data['options'] = array( 'clone_info' => $t_clone_info );
257}
258
259$t_command = new IssueAddCommand( $t_data );
260$t_result = $t_command->execute();
261$t_issue_id = (int)$t_result['issue_id'];
262
263form_security_purge( 'bug_report' );
264
265layout_page_header_begin();
266
267if( $f_report_stay ) {
268	$t_fields = array(
269		'category_id', 'severity', 'reproducibility', 'profile_id', 'platform',
270		'os', 'os_build', 'target_version', 'build', 'view_state', 'due_date'
271	);
272
273	$t_issue = bug_get( $t_issue_id );
274
275	$t_data = array();
276	foreach( $t_fields as $t_field ) {
277		$t_data[$t_field] = $t_issue->$t_field;
278	}
279
280	$t_data['product_version'] = $t_issue->version;
281	$t_data['report_stay'] = 1;
282
283	$t_report_more_bugs_url = string_get_bug_report_url() . '?' . http_build_query( $t_data );
284
285	html_meta_redirect( $t_report_more_bugs_url );
286} else {
287	html_meta_redirect( string_get_bug_view_url( $t_issue_id ) );
288}
289
290layout_page_header_end();
291
292layout_page_begin( 'bug_report_page.php' );
293
294$t_buttons = array(
295	array( string_get_bug_view_url( $t_issue_id ), sprintf( lang_get( 'view_submitted_bug_link' ), $t_issue_id ) ),
296	array( 'view_all_bug_page.php', lang_get( 'view_bugs_link' ) ),
297);
298
299if( $f_report_stay ) {
300	$t_buttons[] = array( $t_report_more_bugs_url, lang_get( 'report_more_bugs' ) );
301}
302
303html_operation_confirmation( $t_buttons, '', CONFIRMATION_TYPE_SUCCESS );
304
305layout_page_end();
306