search:
summary | log | graphiclog1 | graphiclog2 | commit | commitdiff | tree | refs | edit | fork
blame | history | raw | HEAD
SOAP API: do not try to unserialize an invalid filter
[mantis.git] / search.php
blob84c4171d70144e52582a0bff8024e8e66eba821f
1 <?php
2 # MantisBT - A PHP based bugtracking system
3
4 # MantisBT is free software: you can redistribute it and/or modify
5 # it under the terms of the GNU General Public License as published by
6 # the Free Software Foundation, either version 2 of the License, or
7 # (at your option) any later version.
8 #
9 # MantisBT is distributed in the hope that it will be useful,
10 # but WITHOUT ANY WARRANTY; without even the implied warranty of
11 # MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
12 # GNU General Public License for more details.
13 #
14 # You should have received a copy of the GNU General Public License
15 # along with MantisBT. If not, see <http://www.gnu.org/licenses/>.
16
17 /**
18 * @package MantisBT
19 * @copyright Copyright (C) 2000 - 2002 Kenzaburo Ito - kenito@300baud.org
20 * @copyright Copyright (C) 2002 - 2011 MantisBT Team - mantisbt-dev@lists.sourceforge.net
21 * @link http://www.mantisbt.org
22 *
23 * @uses core.php
24 * @uses authentication_api.php
25 * @uses config_api.php
26 * @uses constant_inc.php
27 * @uses filter_api.php
28 * @uses filter_constants_inc.php
29 * @uses gpc_api.php
30 * @uses helper_api.php
31 * @uses print_api.php
32 */
33
34 /**
35 * MantisBT Core API's
36 */
37 require_once( 'core.php' );
38 require_api( 'authentication_api.php' );
39 require_api( 'config_api.php' );
40 require_api( 'constant_inc.php' );
41 require_api( 'filter_api.php' );
42 require_api( 'filter_constants_inc.php' );
43 require_api( 'gpc_api.php' );
44 require_api( 'helper_api.php' );
45 require_api( 'print_api.php' );
46
47 auth_ensure_user_authenticated();
48
49 $f_print = gpc_get_bool( 'print' );
50
51 gpc_make_array( FILTER_PROPERTY_CATEGORY_ID );
52 gpc_make_array( FILTER_PROPERTY_SEVERITY );
53 gpc_make_array( FILTER_PROPERTY_STATUS );
54 gpc_make_array( FILTER_PROPERTY_REPORTER_ID );
55 gpc_make_array( FILTER_PROPERTY_HANDLER_ID );
56 gpc_make_array( FILTER_PROPERTY_PROJECT_ID );
57 gpc_make_array( FILTER_PROPERTY_RESOLUTION );
58 gpc_make_array( FILTER_PROPERTY_BUILD );
59 gpc_make_array( FILTER_PROPERTY_VERSION );
60 gpc_make_array( FILTER_PROPERTY_FIXED_IN_VERSION );
61 gpc_make_array( FILTER_PROPERTY_TARGET_VERSION );
62 gpc_make_array( FILTER_PROPERTY_PROFILE_ID );
63 gpc_make_array( FILTER_PROPERTY_PLATFORM );
64 gpc_make_array( FILTER_PROPERTY_OS );
65 gpc_make_array( FILTER_PROPERTY_OS_BUILD );
66 gpc_make_array( FILTER_PROPERTY_PRIORITY );
67 gpc_make_array( FILTER_PROPERTY_MONITOR_USER_ID );
68 gpc_make_array( FILTER_PROPERTY_VIEW_STATE );
69
70 $my_filter = filter_get_default();
71 $my_filter[FILTER_PROPERTY_SEARCH] = gpc_get_string( FILTER_PROPERTY_SEARCH, '' );
72 $my_filter[FILTER_PROPERTY_CATEGORY_ID] = gpc_get_string_array( FILTER_PROPERTY_CATEGORY_ID, META_FILTER_ANY );
73 $my_filter[FILTER_PROPERTY_REPORTER_ID] = gpc_get_string_array( FILTER_PROPERTY_REPORTER_ID, META_FILTER_ANY );
74 $my_filter[FILTER_PROPERTY_HANDLER_ID] = gpc_get_string_array( FILTER_PROPERTY_HANDLER_ID, META_FILTER_ANY );
75 $my_filter[FILTER_PROPERTY_SEVERITY] = gpc_get_string_array( FILTER_PROPERTY_SEVERITY, META_FILTER_ANY );
76
77 $my_filter[FILTER_PROPERTY_STATUS] = gpc_get_string_array( FILTER_PROPERTY_STATUS, META_FILTER_ANY );
78
79 $my_filter[FILTER_PROPERTY_PROJECT_ID] = gpc_get_string_array( FILTER_PROPERTY_PROJECT_ID, META_FILTER_ANY );
80 $my_filter[FILTER_PROPERTY_RESOLUTION] = gpc_get_string_array( FILTER_PROPERTY_RESOLUTION, META_FILTER_ANY );
81 $my_filter[FILTER_PROPERTY_BUILD] = gpc_get_string_array( FILTER_PROPERTY_BUILD, META_FILTER_ANY );
82 $my_filter[FILTER_PROPERTY_FIXED_IN_VERSION] = gpc_get_string_array( FILTER_PROPERTY_FIXED_IN_VERSION, META_FILTER_ANY );
83 $my_filter[FILTER_PROPERTY_TARGET_VERSION] = gpc_get_string_array( FILTER_PROPERTY_TARGET_VERSION, META_FILTER_ANY );
84 $my_filter[FILTER_PROPERTY_PRIORITY] = gpc_get_string_array( FILTER_PROPERTY_PRIORITY, META_FILTER_ANY );
85 $my_filter[FILTER_PROPERTY_MONITOR_USER_ID] = gpc_get_string_array( FILTER_PROPERTY_MONITOR_USER_ID, META_FILTER_ANY );
86 $my_filter[FILTER_PROPERTY_PROFILE_ID] = gpc_get_string_array( FILTER_PROPERTY_PROFILE_ID, META_FILTER_ANY );
87 $my_filter[FILTER_PROPERTY_PLATFORM] = gpc_get_string_array( FILTER_PROPERTY_PLATFORM, META_FILTER_ANY );
88 $my_filter[FILTER_PROPERTY_OS] = gpc_get_string_array( FILTER_PROPERTY_OS, META_FILTER_ANY );
89 $my_filter[FILTER_PROPERTY_OS_BUILD] = gpc_get_string_array( FILTER_PROPERTY_OS_BUILD, META_FILTER_ANY );
90 $my_filter[FILTER_PROPERTY_VIEW_STATE] = gpc_get_string_array( FILTER_PROPERTY_VIEW_STATE, META_FILTER_ANY );
91 $my_filter[FILTER_PROPERTY_VERSION] = gpc_get_string_array( FILTER_PROPERTY_VERSION, META_FILTER_ANY );
92
93 // Filtering by Date
94 $my_filter[FILTER_PROPERTY_FILTER_BY_DATE] = gpc_get_bool( FILTER_PROPERTY_FILTER_BY_DATE );
95 $my_filter[FILTER_PROPERTY_START_MONTH] = gpc_get_int( FILTER_PROPERTY_START_MONTH, META_FILTER_ANY );
96 $my_filter[FILTER_PROPERTY_START_DAY] = gpc_get_int( FILTER_PROPERTY_START_DAY, META_FILTER_ANY );
97 $my_filter[FILTER_PROPERTY_START_YEAR] = gpc_get_int( FILTER_PROPERTY_START_YEAR, META_FILTER_ANY );
98 $my_filter[FILTER_PROPERTY_END_MONTH] = gpc_get_int( FILTER_PROPERTY_END_MONTH, META_FILTER_ANY );
99 $my_filter[FILTER_PROPERTY_END_DAY] = gpc_get_int( FILTER_PROPERTY_END_DAY, META_FILTER_ANY );
100 $my_filter[FILTER_PROPERTY_END_YEAR] = gpc_get_int( FILTER_PROPERTY_END_YEAR, META_FILTER_ANY );
101
102 $my_filter[FILTER_PROPERTY_RELATIONSHIP_TYPE] = gpc_get_int( FILTER_PROPERTY_RELATIONSHIP_TYPE, -1 );
103 $my_filter[FILTER_PROPERTY_RELATIONSHIP_BUG] = gpc_get_int( FILTER_PROPERTY_RELATIONSHIP_BUG, 0 );
104
105 $my_filter[FILTER_PROPERTY_HIDE_STATUS] = gpc_get_int( FILTER_PROPERTY_HIDE_STATUS, config_get( 'hide_status_default' ) );
106 $my_filter[FILTER_PROPERTY_STICKY] = gpc_get_bool( FILTER_PROPERTY_STICKY, config_get( 'show_sticky_issues' ) );
107
108 $my_filter[FILTER_PROPERTY_SORT_FIELD_NAME] = gpc_get_string( FILTER_PROPERTY_SORT_FIELD_NAME, '' );
109 $my_filter[FILTER_PROPERTY_SORT_DIRECTION] = gpc_get_string( FILTER_PROPERTY_SORT_DIRECTION, '' );
110 $my_filter[FILTER_PROPERTY_ISSUES_PER_PAGE] = gpc_get_int( FILTER_PROPERTY_ISSUES_PER_PAGE, config_get( 'default_limit_view' ) );
111
112 $t_highlight_changed = gpc_get_int( FILTER_PROPERTY_HIGHLIGHT_CHANGED, -1 );
113 if ( $t_highlight_changed != -1 ) {
114 $my_filter[FILTER_PROPERTY_HIGHLIGHT_CHANGED] = $t_highlight_changed;
115 }
116
117 # Handle custom fields.
118 $t_custom_fields = array();
119 foreach( $_GET as $t_var_name => $t_var_value ) {
120 if ( strpos( $t_var_name, 'custom_field_' ) === 0 ) {
121 $t_custom_field_id = utf8_substr( $t_var_name, 13 );
122 $t_custom_fields[$t_custom_field_id] = $t_var_value;
123 }
124 }
125
126 $my_filter['custom_fields'] = $t_custom_fields;
127
128 # Must use advanced filter so that the project_id is applied and multiple
129 # selections are handled.
130 $my_filter['_view_type'] = 'advanced';
131
132 $tc_setting_arr = filter_ensure_valid_filter( $my_filter );
133
134 $t_settings_serialized = serialize( $tc_setting_arr );
135 $t_settings_string = config_get( 'cookie_version' ) . '#' . $t_settings_serialized;
136
137 # Store the filter string in the database: its the current filter, so some values won't change
138 $t_project_id = helper_get_current_project();
139 $t_project_id = ( $t_project_id * -1 );
140 $t_row_id = filter_db_set_for_current_user( $t_project_id, false, '', $t_settings_string );
141
142 # set cookie values
143 gpc_set_cookie( config_get( 'view_all_cookie' ), $t_row_id, time()+config_get( 'cookie_time_length' ), config_get( 'cookie_path' ) );
144
145 # redirect to print_all or view_all page
146 if ( $f_print ) {
147 $t_redirect_url = 'print_all_bug_page.php';
148 } else {
149 $t_redirect_url = 'view_all_bug_page.php';
150 }
151
152 print_header_redirect( $t_redirect_url );