1<?php 2# MantisBT - A PHP based bugtracking system 3 4# MantisBT is free software: you can redistribute it and/or modify 5# it under the terms of the GNU General Public License as published by 6# the Free Software Foundation, either version 2 of the License, or 7# (at your option) any later version. 8# 9# MantisBT is distributed in the hope that it will be useful, 10# but WITHOUT ANY WARRANTY; without even the implied warranty of 11# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 12# GNU General Public License for more details. 13# 14# You should have received a copy of the GNU General Public License 15# along with MantisBT. If not, see <http://www.gnu.org/licenses/>. 16 17/** 18 * Manage filter edit update page 19 * 20 * @package MantisBT 21 * @copyright Copyright 2016 MantisBT Team - mantisbt-dev@lists.sourceforge.net 22 * @link http://www.mantisbt.org 23 * 24 * @uses core.php 25 * @uses filter_api.php 26 */ 27 28require_once( 'core.php' ); 29require_api( 'filter_api.php' ); 30 31form_security_validate( 'manage_filter_edit_update' ); 32 33auth_ensure_user_authenticated(); 34 35$t_errors = array(); 36 37$f_filter_id = gpc_get_int( 'filter_id', null ); 38if( null === $f_filter_id ) { 39 error_parameters( 'FILTER_ID' ); 40 trigger_error( ERROR_EMPTY_FIELD, ERROR ); 41} 42 43$t_filter = filter_get( $f_filter_id, null ); 44if( null === $t_filter ) { 45 access_denied(); 46} 47 48$f_filter_name = gpc_get_string( 'filter_name', null ); 49# Check if filter name has been modified 50# The filter name is now trimmed of white spaces before being saved, if the filter name 51# had untrimmed spaces but the user did not change it, we keep it as is for compatibility 52if( $f_filter_name != filter_get_field( $f_filter_id, 'name' ) ) { 53 $f_filter_name = string_normalize( strip_tags( gpc_get_string( 'filter_name' ) ) ); 54 # Check for a blank name 55 if( is_blank( $f_filter_name ) ) { 56 $t_errors[] = lang_get( 'query_blank_name' ); 57 } 58 # Check name length 59 if( !filter_name_valid_length( $f_filter_name ) ) { 60 $t_errors[] = lang_get( 'query_name_too_long' ); 61 } 62 # Check and make sure they don't already have a query with the same name 63 $t_query_arr = filter_db_get_available_queries(); 64 foreach( $t_query_arr as $t_name ) { 65 if( $f_filter_name == string_normalize( $t_name ) ) { 66 $t_errors[] = lang_get( 'query_dupe_name' ); 67 break; 68 } 69 } 70} else { 71 # filter name will not be updated 72 $f_filter_name = null; 73} 74 75if( access_has_project_level( config_get( 'stored_query_create_shared_threshold' ) ) ) { 76 $f_is_public = gpc_get_bool( 'is_public' ); 77} else { 78 # don't modify it 79 $f_is_public = null; 80} 81 82$f_project_id = gpc_get_int( 'filter_project_id', null ); 83 84$t_editable = filter_db_can_delete_filter( $f_filter_id ); 85if( !$t_editable ) { 86 access_denied(); 87} 88 89$t_filter = filter_gpc_get( $t_filter ); 90 91form_security_purge( 'manage_filter_edit_update' ); 92 93if( empty( $t_errors ) ) { 94 filter_db_update_filter( $f_filter_id, filter_serialize( $t_filter ), $f_project_id, $f_is_public, $f_filter_name ); 95 print_header_redirect( 'manage_filter_page.php' ); 96} 97 98# If there is any error message: 99$t_error_html = '<li>' . implode( '</li><li>', $t_errors ) . '</li>'; 100 101layout_page_header(); 102layout_admin_page_begin(); 103echo '<div class="space-10"></div>'; 104html_operation_failure( 105 helper_mantis_url( 'manage_filter_edit_page.php?filter_id=' . $f_filter_id ), 106 $t_error_html 107 ); 108layout_admin_page_end(); 109