[ Index ] |
PHP Cross Reference of Eventum |
[Summary view] [Print] [Text view]
1 <?php 2 /* vim: set expandtab tabstop=4 shiftwidth=4 encoding=utf-8: */ 3 // +----------------------------------------------------------------------+ 4 // | Eventum - Issue Tracking System | 5 // +----------------------------------------------------------------------+ 6 // | Copyright (c) 2003, 2004, 2005, 2006, 2007 MySQL AB | 7 // | | 8 // | This program is free software; you can redistribute it and/or modify | 9 // | it under the terms of the GNU General Public License as published by | 10 // | the Free Software Foundation; either version 2 of the License, or | 11 // | (at your option) any later version. | 12 // | | 13 // | This program is distributed in the hope that it will be useful, | 14 // | but WITHOUT ANY WARRANTY; without even the implied warranty of | 15 // | MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the | 16 // | GNU General Public License for more details. | 17 // | | 18 // | You should have received a copy of the GNU General Public License | 19 // | along with this program; if not, write to: | 20 // | | 21 // | Free Software Foundation, Inc. | 22 // | 59 Temple Place - Suite 330 | 23 // | Boston, MA 02111-1307, USA. | 24 // +----------------------------------------------------------------------+ 25 // | Authors: João Prado Maia <jpm@mysql.com> | 26 // +----------------------------------------------------------------------+ 27 // 28 // @(#) $Id: rss.php 3258 2007-02-14 23:25:56Z glen $ 29 30 require_once(dirname(__FILE__) . "/init.php"); 31 require_once (APP_INC_PATH . "db_access.php"); 32 require_once (APP_INC_PATH . "class.setup.php"); 33 require_once (APP_INC_PATH . "class.filter.php"); 34 require_once (APP_INC_PATH . "class.issue.php"); 35 require_once (APP_INC_PATH . "class.auth.php"); 36 require_once (APP_INC_PATH . "class.validation.php"); 37 require_once (APP_INC_PATH . "class.project.php"); 38 39 $setup = Setup::load(); 40 if (empty($setup['tool_caption'])) { 41 $setup['tool_caption'] = APP_NAME; 42 } 43 44 function authenticate() 45 { 46 global $setup; 47 48 header('WWW-Authenticate: Basic realm="' . $setup['tool_caption'] . '"'); 49 header('HTTP/1.0 401 Unauthorized'); 50 } 51 52 function returnError($msg) 53 { 54 header("Content-Type: text/xml"); 55 echo '<?xml version="1.0"?>' . "\n"; 56 ?> 57 <rss version="2.0" 58 xmlns:dc="http://purl.org/dc/elements/1.1/" 59 xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" 60 xmlns:admin="http://webns.net/mvcb/" 61 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 62 xmlns:content="http://purl.org/rss/1.0/modules/content/"> 63 <channel> 64 <title>Error!</title> 65 <link><?php echo APP_BASE_URL; ?></link> 66 <description><?php echo htmlspecialchars($msg); ?></description> 67 </channel> 68 </rss> 69 <?php 70 } 71 72 // Extra tweak needed for IIS/ISAPI users since the PHP_AUTH_USER/PW variables are 73 // not set on that particular platform. Instead what you get is a base64 encoded 74 // value of the username:password under HTTP_AUTHORIZATION 75 if (!empty($_SERVER['HTTP_AUTHORIZATION'])) { 76 $pieces = explode(':', base64_decode(substr($_SERVER['HTTP_AUTHORIZATION'], 6))); 77 $_SERVER['PHP_AUTH_USER'] = $pieces[0]; 78 $_SERVER['PHP_AUTH_PW'] = $pieces[1]; 79 } elseif ((!empty($_SERVER['ALL_HTTP'])) && (strstr($_SERVER['ALL_HTTP'], 'HTTP_AUTHORIZATION'))) { 80 preg_match('/HTTP_AUTHORIZATION:Basic (.*)/', $_SERVER['ALL_HTTP'], $matches); 81 if (count($matches) > 0) { 82 $pieces = explode(':', base64_decode($matches[1])); 83 $_SERVER['PHP_AUTH_USER'] = $pieces[0]; 84 $_SERVER['PHP_AUTH_PW'] = $pieces[1]; 85 } 86 } 87 88 if (!isset($_SERVER['PHP_AUTH_USER'])) { 89 authenticate(); 90 echo 'Error: You are required to authenticate in order to access the requested RSS feed.'; 91 exit; 92 } else { 93 // check the authentication 94 if (Validation::isWhitespace($_SERVER['PHP_AUTH_USER'])) { 95 authenticate(); 96 echo 'Error: Please provide your email address.'; 97 exit; 98 } 99 if (Validation::isWhitespace($_SERVER['PHP_AUTH_PW'])) { 100 authenticate(); 101 echo 'Error: Please provide your password.'; 102 exit; 103 } 104 // check if user exists 105 if (!Auth::userExists($_SERVER['PHP_AUTH_USER'])) { 106 authenticate(); 107 echo 'Error: The user specified does not exist.'; 108 exit; 109 } 110 // check if the password matches 111 if (!Auth::isCorrectPassword($_SERVER['PHP_AUTH_USER'], $_SERVER['PHP_AUTH_PW'])) { 112 authenticate(); 113 echo 'Error: The provided email address/password combo is not correct.'; 114 exit; 115 } 116 // check if this user did already confirm his account 117 if (Auth::isPendingUser($_SERVER['PHP_AUTH_USER'])) { 118 authenticate(); 119 echo 'Error: The provided user still needs to have its account confirmed.'; 120 exit; 121 } 122 // check if this user is really an active one 123 if (!Auth::isActiveUser($_SERVER['PHP_AUTH_USER'])) { 124 authenticate(); 125 echo 'Error: The provided user is currently set as an inactive user.'; 126 exit; 127 } 128 129 // check if the required parameter 'custom_id' is really being passed 130 if (empty($_GET['custom_id'])) { 131 returnError("Error: The required 'custom_id' parameter was not provided."); 132 exit; 133 } 134 135 $usr_id = User::getUserIDByEmail($_SERVER['PHP_AUTH_USER']); 136 // check if the passed 'custom_id' parameter is associated with the usr_id 137 if ((!Filter::isGlobal($_GET['custom_id'])) && (!Filter::isOwner($_GET['custom_id'], $usr_id))) { 138 returnError('Error: The provided custom filter ID is not associated with the given email address.'); 139 exit; 140 } 141 } 142 143 144 $filter = Filter::getDetails($_GET["custom_id"], FALSE); 145 146 Auth::createFakeCookie(User::getUserIDByEmail($_SERVER['PHP_AUTH_USER']), $filter['cst_prj_id']); 147 148 $options = array( 149 'users' => $filter['cst_users'], 150 'keywords' => $filter['cst_keywords'], 151 'priority' => $filter['cst_iss_pri_id'], 152 'category' => $filter['cst_iss_prc_id'], 153 'status' => $filter['cst_iss_sta_id'], 154 'hide_closed' => $filter['cst_hide_closed'], 155 'sort_by' => $filter['cst_sort_by'], 156 'sort_order' => $filter['cst_sort_order'], 157 'custom_field' => $filter['cst_custom_field'], 158 'search_type' => $filter['cst_search_type'] 159 ); 160 $issues = Issue::getListing($filter['cst_prj_id'], $options, 0, 'ALL', TRUE); 161 $issues = $issues['list']; 162 $project_title = Project::getName($filter['cst_prj_id']); 163 Issue::getDescriptionByIssues($issues); 164 165 Header("Content-Type: text/xml; charset=" . APP_CHARSET); 166 echo '<?xml version="1.0" encoding="'. APP_CHARSET .'"?>' . "\n"; 167 ?> 168 <rss version="2.0" 169 xmlns:dc="http://purl.org/dc/elements/1.1/" 170 xmlns:sy="http://purl.org/rss/1.0/modules/syndication/" 171 xmlns:admin="http://webns.net/mvcb/" 172 xmlns:rdf="http://www.w3.org/1999/02/22-rdf-syntax-ns#" 173 xmlns:content="http://purl.org/rss/1.0/modules/content/"> 174 <channel> 175 <title><?php echo htmlspecialchars($setup['tool_caption']); ?> - <?php echo htmlspecialchars($filter['cst_title']); ?></title> 176 <link><?php echo APP_BASE_URL; ?></link> 177 <description>List of issues</description> 178 <?php foreach($issues as $issue) { ?> 179 <item> 180 <title><?php echo '#' . $issue['iss_id'] . " - " . htmlspecialchars($issue['iss_summary']); ?></title> 181 <link><?php echo APP_BASE_URL . "view.php?id=" . $issue['iss_id']; ?></link> 182 <description> 183 Project: <?php echo htmlspecialchars($project_title); ?><BR><BR> 184 Assignment: <?php echo htmlspecialchars($issue['assigned_users']); ?><BR> 185 Status: <?php echo htmlspecialchars($issue['sta_title']); ?><BR> 186 Priority: <?php echo htmlspecialchars($issue['pri_title']); ?><BR> 187 Category: <?php echo htmlspecialchars($issue['prc_title']); ?><BR> 188 <BR><?php echo htmlspecialchars(Link_Filter::activateLinks(nl2br($issue['iss_description']))); ?><BR> 189 </description> 190 <author><?php echo htmlspecialchars($issue['reporter']); ?></author> 191 <pubDate><?php echo Date_API::getRFC822Date($issue['iss_created_date'], "GMT"); ?></pubDate> 192 </item> 193 <?php } ?> 194 195 </channel> 196 </rss>
title
Description
Body
title
Description
Body
title
Description
Body
title
Body
Generated: Wed Dec 19 21:21:33 2007 | Cross-referenced by PHPXref 0.7 |