SOAP API: do not try to unserialize an invalid filter
[mantis.git] / bugnote_edit_page.php
blob8b6cd4d9528993d322bf3a782d9d91ed8590c937
1 <?php
2 # MantisBT - A PHP based bugtracking system
4 # MantisBT is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 2 of the License, or
7 # (at your option) any later version.
9 # MantisBT is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
14 # You should have received a copy of the GNU General Public License
15 # along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
17 /**
18 * CALLERS
19 * This page is submitted to by the following pages:
20 * - bugnote_inc.php
22 * EXPECTED BEHAVIOUR
23 * Allow the user to modify the text of a bugnote, then submit to
24 * bugnote_update.php with the new text
26 * RESTRICTIONS & PERMISSIONS
27 * - none beyond API restrictions
29 * @package MantisBT
30 * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
31 * @copyright Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net
32 * @link http://www.mantisbt.org
34 * @uses core.php
35 * @uses access_api.php
36 * @uses authentication_api.php
37 * @uses bug_api.php
38 * @uses bugnote_api.php
39 * @uses config_api.php
40 * @uses constant_inc.php
41 * @uses database_api.php
42 * @uses error_api.php
43 * @uses event_api.php
44 * @uses form_api.php
45 * @uses gpc_api.php
46 * @uses helper_api.php
47 * @uses html_api.php
48 * @uses lang_api.php
49 * @uses print_api.php
50 * @uses string_api.php
53 /**
54 * MantisBT Core API's
56 require_once( 'core.php' );
57 require_api( 'access_api.php' );
58 require_api( 'authentication_api.php' );
59 require_api( 'bug_api.php' );
60 require_api( 'bugnote_api.php' );
61 require_api( 'config_api.php' );
62 require_api( 'constant_inc.php' );
63 require_api( 'database_api.php' );
64 require_api( 'error_api.php' );
65 require_api( 'event_api.php' );
66 require_api( 'form_api.php' );
67 require_api( 'gpc_api.php' );
68 require_api( 'helper_api.php' );
69 require_api( 'html_api.php' );
70 require_api( 'lang_api.php' );
71 require_api( 'print_api.php' );
72 require_api( 'string_api.php' );
74 $f_bugnote_id = gpc_get_int( 'bugnote_id' );
75 $t_bug_id = bugnote_get_field( $f_bugnote_id, 'bug_id' );
77 $t_bug = bug_get( $t_bug_id, true );
78 if( $t_bug->project_id != helper_get_current_project() ) {
79 # in case the current project is not the same project of the bug we are viewing...
80 # ... override the current project. This to avoid problems with categories and handlers lists etc.
81 $g_project_override = $t_bug->project_id;
84 # Check if the current user is allowed to edit the bugnote
85 $t_user_id = auth_get_current_user_id();
86 $t_reporter_id = bugnote_get_field( $f_bugnote_id, 'reporter_id' );
88 if ( $t_user_id == $t_reporter_id ) {
89 access_ensure_bugnote_level( config_get( 'bugnote_user_edit_threshold' ), $f_bugnote_id );
90 } else {
91 access_ensure_bugnote_level( config_get( 'update_bugnote_threshold' ), $f_bugnote_id );
94 # Check if the bug is readonly
95 if ( bug_is_readonly( $t_bug_id ) ) {
96 error_parameters( $t_bug_id );
97 trigger_error( ERROR_BUG_READ_ONLY_ACTION_DENIED, ERROR );
100 $t_bugnote_text = string_textarea( bugnote_get_text( $f_bugnote_id ) );
102 # No need to gather the extra information if not used
103 if ( config_get('time_tracking_enabled') &&
104 access_has_bug_level( config_get( 'time_tracking_edit_threshold' ), $t_bug_id ) ) {
105 $t_time_tracking = bugnote_get_field( $f_bugnote_id, "time_tracking" );
106 $t_time_tracking = db_minutes_to_hhmm( $t_time_tracking );
109 # Determine which view page to redirect back to.
110 $t_redirect_url = string_get_bug_view_url( $t_bug_id );
112 html_page_top( bug_format_summary( $t_bug_id, SUMMARY_CAPTION ) );
114 <br />
115 <div>
116 <form method="post" action="bugnote_update.php">
117 <?php echo form_security_field( 'bugnote_update' ) ?>
118 <table class="width75" cellspacing="1">
119 <tr>
120 <td class="form-title">
121 <input type="hidden" name="bugnote_id" value="<?php echo $f_bugnote_id ?>" />
122 <?php echo lang_get( 'edit_bugnote_title' ) ?>
123 </td>
124 <td class="right">
125 <?php print_bracket_link( $t_redirect_url, lang_get( 'go_back' ) ) ?>
126 </td>
127 </tr>
128 <tr class="row-1">
129 <td class="center" colspan="2">
130 <textarea cols="80" rows="10" name="bugnote_text"><?php echo $t_bugnote_text ?></textarea>
131 </td>
132 </tr>
133 <?php if ( config_get('time_tracking_enabled') ) { ?>
134 <?php if ( access_has_bug_level( config_get( 'time_tracking_edit_threshold' ), $t_bug_id ) ) { ?>
135 <tr class="row-2">
136 <td class="center" colspan="2">
137 <strong><?php echo lang_get( 'time_tracking') ?> (HH:MM)</strong><br />
138 <input type="text" name="time_tracking" size="5" value="<?php echo $t_time_tracking ?>" />
139 </td>
140 </tr>
141 <?php } ?>
142 <?php } ?>
144 <?php event_signal( 'EVENT_BUGNOTE_EDIT_FORM', array( $t_bug_id, $f_bugnote_id ) ); ?>
146 <tr>
147 <td class="center" colspan="2">
148 <input type="submit" class="button" value="<?php echo lang_get( 'update_information_button' ) ?>" />
149 </td>
150 </tr>
151 </table>
152 </form>
153 </div>
155 <?php html_page_bottom();