| ︙ | | | ︙ | |
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
const char *zScript;
Blob ril; /* Report Item List */
Stmt q;
int rn = 0;
int cnt = 0;
login_check_credentials();
if( !g.okRdTkt && !g.okNewTkt ){ login_needed(); return; }
style_header("Ticket Main Menu");
if( g.thTrace ) Th_Trace("BEGIN_REPORTLIST<br />\n", -1);
zScript = ticket_reportlist_code();
if( g.thTrace ) Th_Trace("BEGIN_REPORTLIST_SCRIPT<br />\n", -1);
blob_zero(&ril);
ticket_init();
db_prepare(&q, "SELECT rn, title, owner FROM reportfmt ORDER BY title");
while( db_step(&q)==SQLITE_ROW ){
const char *zTitle = db_column_text(&q, 1);
const char *zOwner = db_column_text(&q, 2);
if( zTitle[0] =='_' && !g.okTktFmt ){
continue;
}
rn = db_column_int(&q, 0);
cnt++;
blob_appendf(&ril, "<li>");
if( zTitle[0] == '_' ){
blob_appendf(&ril, "%s", zTitle);
} else {
blob_appendf(&ril, "<a href=\"rptview?rn=%d\" rel=\"nofollow\">%h</a>", rn, zTitle);
}
blob_appendf(&ril, " ");
if( g.okWrite && zOwner && zOwner[0] ){
blob_appendf(&ril, "(by <i>%h</i></i>) ", zOwner);
}
if( g.okTktFmt ){
blob_appendf(&ril, "[<a href=\"rptedit?rn=%d&copy=1\" rel=\"nofollow\">copy</a>] ", rn);
}
if( g.okAdmin
|| (g.okWrTkt && zOwner && fossil_strcmp(g.zLogin,zOwner)==0)
){
blob_appendf(&ril, "[<a href=\"rptedit?rn=%d\" rel=\"nofollow\">edit</a>] ", rn);
}
if( g.okTktFmt ){
blob_appendf(&ril, "[<a href=\"rptsql?rn=%d\" rel=\"nofollow\">sql</a>] ", rn);
}
blob_appendf(&ril, "</li>\n");
}
Th_Store("report_items", blob_str(&ril));
|
|
|
|
|
|
|
|
|
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
|
const char *zScript;
Blob ril; /* Report Item List */
Stmt q;
int rn = 0;
int cnt = 0;
login_check_credentials();
if( !g.perm.RdTkt && !g.perm.NewTkt ){ login_needed(); return; }
style_header("Ticket Main Menu");
if( g.thTrace ) Th_Trace("BEGIN_REPORTLIST<br />\n", -1);
zScript = ticket_reportlist_code();
if( g.thTrace ) Th_Trace("BEGIN_REPORTLIST_SCRIPT<br />\n", -1);
blob_zero(&ril);
ticket_init();
db_prepare(&q, "SELECT rn, title, owner FROM reportfmt ORDER BY title");
while( db_step(&q)==SQLITE_ROW ){
const char *zTitle = db_column_text(&q, 1);
const char *zOwner = db_column_text(&q, 2);
if( zTitle[0] =='_' && !g.perm.TktFmt ){
continue;
}
rn = db_column_int(&q, 0);
cnt++;
blob_appendf(&ril, "<li>");
if( zTitle[0] == '_' ){
blob_appendf(&ril, "%s", zTitle);
} else {
blob_appendf(&ril, "<a href=\"rptview?rn=%d\" rel=\"nofollow\">%h</a>", rn, zTitle);
}
blob_appendf(&ril, " ");
if( g.perm.Write && zOwner && zOwner[0] ){
blob_appendf(&ril, "(by <i>%h</i></i>) ", zOwner);
}
if( g.perm.TktFmt ){
blob_appendf(&ril, "[<a href=\"rptedit?rn=%d&copy=1\" rel=\"nofollow\">copy</a>] ", rn);
}
if( g.perm.Admin
|| (g.perm.WrTkt && zOwner && fossil_strcmp(g.zLogin,zOwner)==0)
){
blob_appendf(&ril, "[<a href=\"rptedit?rn=%d\" rel=\"nofollow\">edit</a>] ", rn);
}
if( g.perm.TktFmt ){
blob_appendf(&ril, "[<a href=\"rptsql?rn=%d\" rel=\"nofollow\">sql</a>] ", rn);
}
blob_appendf(&ril, "</li>\n");
}
Th_Store("report_items", blob_str(&ril));
|
| ︙ | | | ︙ | |
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
|
int i;
for(i=0; i<sizeof(azAllowed)/sizeof(azAllowed[0]); i++){
if( fossil_stricmp(zArg1, azAllowed[i])==0 ) break;
}
if( i>=sizeof(azAllowed)/sizeof(azAllowed[0]) ){
*(char**)pError = mprintf("access to table \"%s\" is restricted",zArg1);
rc = SQLITE_DENY;
}else if( !g.okRdAddr && strncmp(zArg2, "private_", 8)==0 ){
rc = SQLITE_IGNORE;
}
break;
}
default: {
*(char**)pError = mprintf("only SELECT statements are allowed");
rc = SQLITE_DENY;
|
|
|
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
|
int i;
for(i=0; i<sizeof(azAllowed)/sizeof(azAllowed[0]); i++){
if( fossil_stricmp(zArg1, azAllowed[i])==0 ) break;
}
if( i>=sizeof(azAllowed)/sizeof(azAllowed[0]) ){
*(char**)pError = mprintf("access to table \"%s\" is restricted",zArg1);
rc = SQLITE_DENY;
}else if( !g.perm.RdAddr && strncmp(zArg2, "private_", 8)==0 ){
rc = SQLITE_IGNORE;
}
break;
}
default: {
*(char**)pError = mprintf("only SELECT statements are allowed");
rc = SQLITE_DENY;
|
| ︙ | | | ︙ | |
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
|
const char *zTitle;
const char *zSQL;
const char *zOwner;
const char *zClrKey;
Stmt q;
login_check_credentials();
if( !g.okTktFmt ){
login_needed();
return;
}
rn = atoi(PD("rn","0"));
db_prepare(&q, "SELECT title, sqlcode, owner, cols "
"FROM reportfmt WHERE rn=%d",rn);
style_header("SQL For Report Format Number %d", rn);
|
|
|
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
|
const char *zTitle;
const char *zSQL;
const char *zOwner;
const char *zClrKey;
Stmt q;
login_check_credentials();
if( !g.perm.TktFmt ){
login_needed();
return;
}
rn = atoi(PD("rn","0"));
db_prepare(&q, "SELECT title, sqlcode, owner, cols "
"FROM reportfmt WHERE rn=%d",rn);
style_header("SQL For Report Format Number %d", rn);
|
| ︙ | | | ︙ | |
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
|
const char *z;
const char *zOwner;
const char *zClrKey;
char *zSQL;
char *zErr = 0;
login_check_credentials();
if( !g.okTktFmt ){
login_needed();
return;
}
/*view_add_functions(0);*/
rn = atoi(PD("rn","0"));
zTitle = P("t");
zOwner = PD("w",g.zLogin);
|
|
|
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
|
const char *z;
const char *zOwner;
const char *zClrKey;
char *zSQL;
char *zErr = 0;
login_check_credentials();
if( !g.perm.TktFmt ){
login_needed();
return;
}
/*view_add_functions(0);*/
rn = atoi(PD("rn","0"));
zTitle = P("t");
zOwner = PD("w",g.zLogin);
|
| ︙ | | | ︙ | |
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
|
@ <input type="hidden" name="rn" value="%d(rn)" />
@ <p>Report Title:<br />
@ <input type="text" name="t" value="%h(zTitle)" size="60" /></p>
@ <p>Enter a complete SQL query statement against the "TICKET" table:<br />
@ <textarea name="s" rows="20" cols="80">%h(zSQL)</textarea>
@ </p>
login_insert_csrf_secret();
if( g.okAdmin ){
@ <p>Report owner:
@ <input type="text" name="w" size="20" value="%h(zOwner)" />
@ </p>
} else {
@ <input type="hidden" name="w" value="%h(zOwner)" />
}
@ <p>Enter an optional color key in the following box. (If blank, no
@ color key is displayed.) Each line contains the text for a single
@ entry in the key. The first token of each line is the background
@ color for that line.<br />
@ <textarea name="k" rows="8" cols="50">%h(zClrKey)</textarea>
@ </p>
if( !g.okAdmin && fossil_strcmp(zOwner,g.zLogin)!=0 ){
@ <p>This report format is owned by %h(zOwner). You are not allowed
@ to change it.</p>
@ </form>
report_format_hints();
style_footer();
return;
}
|
|
|
|
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
|
@ <input type="hidden" name="rn" value="%d(rn)" />
@ <p>Report Title:<br />
@ <input type="text" name="t" value="%h(zTitle)" size="60" /></p>
@ <p>Enter a complete SQL query statement against the "TICKET" table:<br />
@ <textarea name="s" rows="20" cols="80">%h(zSQL)</textarea>
@ </p>
login_insert_csrf_secret();
if( g.perm.Admin ){
@ <p>Report owner:
@ <input type="text" name="w" size="20" value="%h(zOwner)" />
@ </p>
} else {
@ <input type="hidden" name="w" value="%h(zOwner)" />
}
@ <p>Enter an optional color key in the following box. (If blank, no
@ color key is displayed.) Each line contains the text for a single
@ entry in the key. The first token of each line is the background
@ color for that line.<br />
@ <textarea name="k" rows="8" cols="50">%h(zClrKey)</textarea>
@ </p>
if( !g.perm.Admin && fossil_strcmp(zOwner,g.zLogin)!=0 ){
@ <p>This report format is owned by %h(zOwner). You are not allowed
@ to change it.</p>
@ </form>
report_format_hints();
style_footer();
return;
}
|
| ︙ | | | ︙ | |
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
|
pState->iNewRow = -1;
pState->iBg = -1;
for(i=0; i<nArg; i++){
if( azName[i][0]=='b' && fossil_strcmp(azName[i],"bgcolor")==0 ){
pState->iBg = i;
continue;
}
if( g.okWrite && azName[i][0]=='#' ){
pState->nCol++;
}
if( !pState->isMultirow ){
if( azName[i][0]=='_' ){
pState->isMultirow = 1;
pState->iNewRow = i;
}else{
pState->nCol++;
}
}
}
/* The first time this routine is called, output a table header
*/
@ <tr>
zTid = 0;
for(i=0; i<nArg; i++){
char *zName = azName[i];
if( i==pState->iBg ) continue;
if( pState->iNewRow>=0 && i>=pState->iNewRow ){
if( g.okWrite && zTid ){
@ <th> </th>
zTid = 0;
}
if( zName[0]=='_' ) zName++;
@ </tr><tr><th colspan=%d(pState->nCol)>%h(zName)</th>
}else{
if( zName[0]=='#' ){
zTid = zName;
}
@ <th>%h(zName)</th>
}
}
if( g.okWrite && zTid ){
@ <th> </th>
}
@ </tr>
}
if( azArg==0 ){
@ <tr><td colspan="%d(pState->nCol)">
@ <i>No records match the report criteria</i>
|
|
|
|
|
657
658
659
660
661
662
663
664
665
666
667
668
669
670
671
672
673
674
675
676
677
678
679
680
681
682
683
684
685
686
687
688
689
690
691
692
693
694
695
696
697
698
699
700
701
702
703
704
705
|
pState->iNewRow = -1;
pState->iBg = -1;
for(i=0; i<nArg; i++){
if( azName[i][0]=='b' && fossil_strcmp(azName[i],"bgcolor")==0 ){
pState->iBg = i;
continue;
}
if( g.perm.Write && azName[i][0]=='#' ){
pState->nCol++;
}
if( !pState->isMultirow ){
if( azName[i][0]=='_' ){
pState->isMultirow = 1;
pState->iNewRow = i;
}else{
pState->nCol++;
}
}
}
/* The first time this routine is called, output a table header
*/
@ <tr>
zTid = 0;
for(i=0; i<nArg; i++){
char *zName = azName[i];
if( i==pState->iBg ) continue;
if( pState->iNewRow>=0 && i>=pState->iNewRow ){
if( g.perm.Write && zTid ){
@ <th> </th>
zTid = 0;
}
if( zName[0]=='_' ) zName++;
@ </tr><tr><th colspan=%d(pState->nCol)>%h(zName)</th>
}else{
if( zName[0]=='#' ){
zTid = zName;
}
@ <th>%h(zName)</th>
}
}
if( g.perm.Write && zTid ){
@ <th> </th>
}
@ </tr>
}
if( azArg==0 ){
@ <tr><td colspan="%d(pState->nCol)">
@ <i>No records match the report criteria</i>
|
| ︙ | | | ︙ | |
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
|
zPage[0] = 0;
for(i=0; i<nArg; i++){
char *zData;
if( i==pState->iBg ) continue;
zData = azArg[i];
if( zData==0 ) zData = "";
if( pState->iNewRow>=0 && i>=pState->iNewRow ){
if( zTid && g.okWrite ){
@ <td valign="top"><a href="tktedit/%h(zTid)">edit</a></td>
zTid = 0;
}
if( zData[0] ){
Blob content;
@ </tr><tr style="background-color:%h(zBg)"><td colspan=%d(pState->nCol)>
blob_init(&content, zData, -1);
wiki_convert(&content, 0, 0);
blob_reset(&content);
}
}else if( azName[i][0]=='#' ){
zTid = zData;
if( g.okHistory ){
@ <td valign="top"><a href="tktview?name=%h(zData)">%h(zData)</a></td>
}else{
@ <td valign="top">%h(zData)</td>
}
}else if( zData[0]==0 ){
@ <td valign="top"> </td>
}else{
@ <td valign="top">
@ %h(zData)
@ </td>
}
}
if( zTid && g.okWrite ){
@ <td valign="top"><a href="tktedit/%h(zTid)">edit</a></td>
}
@ </tr>
return 0;
}
/*
|
|
|
|
|
724
725
726
727
728
729
730
731
732
733
734
735
736
737
738
739
740
741
742
743
744
745
746
747
748
749
750
751
752
753
754
755
756
757
758
759
760
761
762
763
764
|
zPage[0] = 0;
for(i=0; i<nArg; i++){
char *zData;
if( i==pState->iBg ) continue;
zData = azArg[i];
if( zData==0 ) zData = "";
if( pState->iNewRow>=0 && i>=pState->iNewRow ){
if( zTid && g.perm.Write ){
@ <td valign="top"><a href="tktedit/%h(zTid)">edit</a></td>
zTid = 0;
}
if( zData[0] ){
Blob content;
@ </tr><tr style="background-color:%h(zBg)"><td colspan=%d(pState->nCol)>
blob_init(&content, zData, -1);
wiki_convert(&content, 0, 0);
blob_reset(&content);
}
}else if( azName[i][0]=='#' ){
zTid = zData;
if( g.perm.History ){
@ <td valign="top"><a href="tktview?name=%h(zData)">%h(zData)</a></td>
}else{
@ <td valign="top">%h(zData)</td>
}
}else if( zData[0]==0 ){
@ <td valign="top"> </td>
}else{
@ <td valign="top">
@ %h(zData)
@ </td>
}
}
if( zTid && g.perm.Write ){
@ <td valign="top"><a href="tktedit/%h(zTid)">edit</a></td>
}
@ </tr>
return 0;
}
/*
|
| ︙ | | | ︙ | |
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
|
char *zClrKey;
int tabs;
Stmt q;
char *zErr1 = 0;
char *zErr2 = 0;
login_check_credentials();
if( !g.okRdTkt ){ login_needed(); return; }
rn = atoi(PD("rn","0"));
if( rn==0 ){
cgi_redirect("reportlist");
return;
}
tabs = P("tablist")!=0;
/* view_add_functions(tabs); */
|
|
|
913
914
915
916
917
918
919
920
921
922
923
924
925
926
927
|
char *zClrKey;
int tabs;
Stmt q;
char *zErr1 = 0;
char *zErr2 = 0;
login_check_credentials();
if( !g.perm.RdTkt ){ login_needed(); return; }
rn = atoi(PD("rn","0"));
if( rn==0 ){
cgi_redirect("reportlist");
return;
}
tabs = P("tablist")!=0;
/* view_add_functions(tabs); */
|
| ︙ | | | ︙ | |
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
|
count = 0;
if( !tabs ){
struct GenerateHTML sState;
db_multi_exec("PRAGMA empty_result_callbacks=ON");
style_submenu_element("Raw", "Raw",
"rptview?tablist=1&%h", PD("QUERY_STRING",""));
if( g.okAdmin
|| (g.okTktFmt && g.zLogin && fossil_strcmp(g.zLogin,zOwner)==0) ){
style_submenu_element("Edit", "Edit", "rptedit?rn=%d", rn);
}
if( g.okTktFmt ){
style_submenu_element("SQL", "SQL", "rptsql?rn=%d",rn);
}
if( g.okNewTkt ){
style_submenu_element("New Ticket", "Create a new ticket",
"%s/tktnew", g.zTop);
}
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
@ <table border="1" cellpadding="2" cellspacing="0" class="report">
|
|
|
|
|
|
955
956
957
958
959
960
961
962
963
964
965
966
967
968
969
970
971
972
973
974
975
976
|
count = 0;
if( !tabs ){
struct GenerateHTML sState;
db_multi_exec("PRAGMA empty_result_callbacks=ON");
style_submenu_element("Raw", "Raw",
"rptview?tablist=1&%h", PD("QUERY_STRING",""));
if( g.perm.Admin
|| (g.perm.TktFmt && g.zLogin && fossil_strcmp(g.zLogin,zOwner)==0) ){
style_submenu_element("Edit", "Edit", "rptedit?rn=%d", rn);
}
if( g.perm.TktFmt ){
style_submenu_element("SQL", "SQL", "rptsql?rn=%d",rn);
}
if( g.perm.NewTkt ){
style_submenu_element("New Ticket", "Create a new ticket",
"%s/tktnew", g.zTop);
}
style_header(zTitle);
output_color_key(zClrKey, 1,
"border=\"0\" cellpadding=\"3\" cellspacing=\"0\" class=\"report\"");
@ <table border="1" cellpadding="2" cellspacing="0" class="report">
|
| ︙ | | | ︙ | |