[ Index ]

PHP Cross Reference of Eventum

title

Body

[close]

/ -> rss.php (source)

   1  <?php
   2  /* vim: set expandtab tabstop=4 shiftwidth=4 encoding=utf-8: */
   3  // +----------------------------------------------------------------------+
   4  // | Eventum - Issue Tracking System                                      |
   5  // +----------------------------------------------------------------------+
   6  // | Copyright (c) 2003, 2004, 2005, 2006, 2007 MySQL AB                  |
   7  // |                                                                      |
   8  // | This program is free software; you can redistribute it and/or modify |
   9  // | it under the terms of the GNU General Public License as published by |
  10  // | the Free Software Foundation; either version 2 of the License, or    |
  11  // | (at your option) any later version.                                  |
  12  // |                                                                      |
  13  // | This program is distributed in the hope that it will be useful,      |
  14  // | but WITHOUT ANY WARRANTY; without even the implied warranty of       |
  15  // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the        |
  16  // | GNU General Public License for more details.                         |
  17  // |                                                                      |
  18  // | You should have received a copy of the GNU General Public License    |
  19  // | along with this program; if not, write to:                           |
  20  // |                                                                      |
  21  // | Free Software Foundation, Inc.                                       |
  22  // | 59 Temple Place - Suite 330                                          |
  23  // | Boston, MA 02111-1307, USA.                                          |
  24  // +----------------------------------------------------------------------+
  25  // | Authors: João Prado Maia <jpm@mysql.com>                             |
  26  // +----------------------------------------------------------------------+
  27  //
  28  // @(#) $Id: rss.php 3258 2007-02-14 23:25:56Z glen $
  29  
  30  require_once(dirname(__FILE__) . "/init.php");
  31  require_once (APP_INC_PATH . "db_access.php");
  32  require_once (APP_INC_PATH . "class.setup.php");
  33  require_once (APP_INC_PATH . "class.filter.php");
  34  require_once (APP_INC_PATH . "class.issue.php");
  35  require_once (APP_INC_PATH . "class.auth.php");
  36  require_once (APP_INC_PATH . "class.validation.php");
  37  require_once (APP_INC_PATH . "class.project.php");
  38  
  39  $setup = Setup::load();
  40  if (empty($setup['tool_caption'])) {
  41      $setup['tool_caption'] = APP_NAME;
  42  }
  43  
  44  function authenticate()
  45  {
  46      global $setup;
  47  
  48      header('WWW-Authenticate: Basic realm="' . $setup['tool_caption'] . '"');
  49      header('HTTP/1.0 401 Unauthorized');
  50  }
  51  
  52  function returnError($msg)
  53  {
  54      header("Content-Type: text/xml");
  55      echo '<?xml version="1.0"?>' . "\n";
  56  ?>
  57  <rss version="2.0"
  58      xmlns:dc="http://purl.org/dc/elements/1.1/"
  59      xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
  60      xmlns:admin="http://webns.net/mvcb/"
  61      xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
  62      xmlns:content="http://purl.org/rss/1.0/modules/content/">
  63    <channel>
  64      <title>Error!</title>
  65      <link><?php echo APP_BASE_URL; ?></link>
  66      <description><?php echo htmlspecialchars($msg); ?></description>
  67    </channel>
  68  </rss>
  69  <?php
  70  }
  71  
  72  // Extra tweak needed for IIS/ISAPI users since the PHP_AUTH_USER/PW variables are
  73  // not set on that particular platform. Instead what you get is a base64 encoded
  74  // value of the username:password under HTTP_AUTHORIZATION
  75  if (!empty($_SERVER['HTTP_AUTHORIZATION'])) {
  76      $pieces = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6)));
  77      $_SERVER['PHP_AUTH_USER'] = $pieces[0];
  78      $_SERVER['PHP_AUTH_PW'] = $pieces[1];
  79  } elseif ((!empty($_SERVER['ALL_HTTP'])) && (strstr($_SERVER['ALL_HTTP'], 'HTTP_AUTHORIZATION'))) {
  80      preg_match('/HTTP_AUTHORIZATION:Basic (.*)/', $_SERVER['ALL_HTTP'], $matches);
  81      if (count($matches) > 0) {
  82          $pieces = explode(':', base64_decode($matches[1]));
  83          $_SERVER['PHP_AUTH_USER'] = $pieces[0];
  84          $_SERVER['PHP_AUTH_PW'] = $pieces[1];
  85      }
  86  }
  87  
  88  if (!isset($_SERVER['PHP_AUTH_USER'])) {
  89      authenticate();
  90      echo 'Error: You are required to authenticate in order to access the requested RSS feed.';
  91      exit;
  92  } else {
  93      // check the authentication
  94      if (Validation::isWhitespace($_SERVER['PHP_AUTH_USER'])) {
  95          authenticate();
  96          echo 'Error: Please provide your email address.';
  97          exit;
  98      }
  99      if (Validation::isWhitespace($_SERVER['PHP_AUTH_PW'])) {
 100          authenticate();
 101          echo 'Error: Please provide your password.';
 102          exit;
 103      }
 104      // check if user exists
 105      if (!Auth::userExists($_SERVER['PHP_AUTH_USER'])) {
 106          authenticate();
 107          echo 'Error: The user specified does not exist.';
 108          exit;
 109      }
 110      // check if the password matches
 111      if (!Auth::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) {
 112          authenticate();
 113          echo 'Error: The provided email address/password combo is not correct.';
 114          exit;
 115      }
 116      // check if this user did already confirm his account
 117      if (Auth::isPendingUser($_SERVER['PHP_AUTH_USER'])) {
 118          authenticate();
 119          echo 'Error: The provided user still needs to have its account confirmed.';
 120          exit;
 121      }
 122      // check if this user is really an active one
 123      if (!Auth::isActiveUser($_SERVER['PHP_AUTH_USER'])) {
 124          authenticate();
 125          echo 'Error: The provided user is currently set as an inactive user.';
 126          exit;
 127      }
 128  
 129      // check if the required parameter 'custom_id' is really being passed
 130      if (empty($_GET['custom_id'])) {
 131          returnError("Error: The required 'custom_id' parameter was not provided.");
 132          exit;
 133      }
 134  
 135      $usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER']);
 136      // check if the passed 'custom_id' parameter is associated with the usr_id
 137      if ((!Filter::isGlobal($_GET['custom_id'])) && (!Filter::isOwner($_GET['custom_id'], $usr_id))) {
 138          returnError('Error: The provided custom filter ID is not associated with the given email address.');
 139          exit;
 140      }
 141  }
 142  
 143  
 144  $filter = Filter::getDetails($_GET["custom_id"], FALSE);
 145  
 146  Auth::createFakeCookie(User::getUserIDByEmail($_SERVER['PHP_AUTH_USER']), $filter['cst_prj_id']);
 147  
 148  $options = array(
 149      'users'         => $filter['cst_users'],
 150      'keywords'      => $filter['cst_keywords'],
 151      'priority'      => $filter['cst_iss_pri_id'],
 152      'category'      => $filter['cst_iss_prc_id'],
 153      'status'        => $filter['cst_iss_sta_id'],
 154      'hide_closed'   => $filter['cst_hide_closed'],
 155      'sort_by'       => $filter['cst_sort_by'],
 156      'sort_order'    => $filter['cst_sort_order'],
 157      'custom_field'  => $filter['cst_custom_field'],
 158      'search_type'   => $filter['cst_search_type']
 159  );
 160  $issues = Issue::getListing($filter['cst_prj_id'], $options, 0, 'ALL', TRUE);
 161  $issues = $issues['list'];
 162  $project_title = Project::getName($filter['cst_prj_id']);
 163  Issue::getDescriptionByIssues($issues);
 164  
 165  Header("Content-Type: text/xml; charset=" . APP_CHARSET);
 166  echo '<?xml version="1.0" encoding="'. APP_CHARSET .'"?>' . "\n";
 167  ?>
 168  <rss version="2.0"
 169      xmlns:dc="http://purl.org/dc/elements/1.1/"
 170      xmlns:sy="http://purl.org/rss/1.0/modules/syndication/"
 171      xmlns:admin="http://webns.net/mvcb/"
 172      xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#"
 173      xmlns:content="http://purl.org/rss/1.0/modules/content/">
 174    <channel>
 175      <title><?php echo htmlspecialchars($setup['tool_caption']); ?> - <?php echo htmlspecialchars($filter['cst_title']); ?></title>
 176      <link><?php echo APP_BASE_URL; ?></link>
 177      <description>List of issues</description>
 178  <?php foreach($issues as $issue) { ?>
 179      <item>
 180        <title><?php echo '#' . $issue['iss_id'] . " - " . htmlspecialchars($issue['iss_summary']); ?></title>
 181        <link><?php echo APP_BASE_URL . "view.php?id=" . $issue['iss_id']; ?></link>
 182        <description>
 183        Project: <?php echo htmlspecialchars($project_title); ?>&lt;BR&gt;&lt;BR&gt;
 184        Assignment: <?php echo htmlspecialchars($issue['assigned_users']); ?>&lt;BR&gt;
 185        Status: <?php echo htmlspecialchars($issue['sta_title']); ?>&lt;BR&gt;
 186        Priority: <?php echo htmlspecialchars($issue['pri_title']); ?>&lt;BR&gt;
 187        Category: <?php echo htmlspecialchars($issue['prc_title']); ?>&lt;BR&gt;
 188        &lt;BR&gt;<?php echo htmlspecialchars(Link_Filter::activateLinks(nl2br($issue['iss_description']))); ?>&lt;BR&gt;
 189        </description>
 190        <author><?php echo htmlspecialchars($issue['reporter']); ?></author>
 191        <pubDate><?php echo Date_API::getRFC822Date($issue['iss_created_date'], "GMT"); ?></pubDate>
 192      </item>
 193  <?php } ?>
 194  
 195    </channel>
 196  </rss>


Generated: Wed Dec 19 21:21:33 2007 Cross-referenced by PHPXref 0.7