tag. ("errors", "warnings") * @param string $head string to be put above the message * * @return bool true if errors were submitted, false if not */ function display_bug_error($in, $class = 'errors', $head = 'ERROR:') { if (!is_array($in)) { $in = [$in]; } elseif (!count($in)) { return false; } echo "\n"; return true; } /** * Returns array of changes going to be made */ function bug_diff($bug, $in) { $changed = []; if (!empty($in['email']) && (trim($in['email']) != trim($bug['email']))) { $changed['reported_by']['from'] = spam_protect($bug['email'], 'text'); $changed['reported_by']['to'] = spam_protect(txfield('email', $bug, $in), 'text'); } $fields = [ 'sdesc' => 'Summary', 'status' => 'Status', 'bug_type' => 'Type', 'package_name' => 'Package', 'php_os' => 'Operating System', 'php_version' => 'PHP Version', 'assign' => 'Assigned To', 'block_user_comment' => 'Block user comment', 'private' => 'Private report', 'cve_id' => 'CVE-ID' ]; foreach (array_keys($fields) as $name) { if (array_key_exists($name, $in) && array_key_exists($name, $bug)) { $to = trim($in[$name]); $from = trim($bug[$name]); if ($from != $to) { if (in_array($name, ['private', 'block_user_comment'])) { $from = $from == 'Y' ? 'Yes' : 'No'; $to = $to == 'Y' ? 'Yes' : 'No'; } $changed[$name]['from'] = $from; $changed[$name]['to'] = $to; } } } return $changed; } function bug_diff_render_html($diff) { $fields = [ 'sdesc' => 'Summary', 'status' => 'Status', 'bug_type' => 'Type', 'package_name' => 'Package', 'php_os' => 'Operating System', 'php_version' => 'PHP Version', 'assign' => 'Assigned To', 'block_user_comment' => 'Block user comment', 'private' => 'Private report', 'cve_id' => 'CVE-ID' ]; // make diff output aligned $actlength = $maxlength = 0; foreach (array_keys($diff) as $v) { $actlength = strlen($fields[$v]) + 2; $maxlength = ($maxlength < $actlength) ? $actlength : $maxlength; } $changes = ''; return $changes; } /** * Send an email notice about bug aditions and edits * * @param * * @return void */ function mail_bug_updates($bug, $in, $from, $ncomment, $edit = 1, $id = false) { global $tla, $bug_types, $siteBig, $site_method, $site_url, $basedir; $text = []; $headers = []; $changed = bug_diff($bug, $in); $from = str_replace(["\n", "\r"], '', $from); /* Default addresses */ list($mailto, $mailfrom, $bcc, $params) = get_package_mail(oneof(@$in['package_name'], $bug['package_name']), $id, oneof(@$in['bug_type'], $bug['bug_type'])); $headers[] = [' ID', $bug['id']]; switch ($edit) { case 4: $headers[] = [' Patch added by', $from]; $from = "\"{$from}\" <{$mailfrom}>"; break; case 3: $headers[] = [' Comment by', $from]; $from = "\"{$from}\" <{$mailfrom}>"; break; case 2: $from = spam_protect(txfield('email', $bug, $in), 'text'); $headers[] = [' User updated by', $from]; $from = "\"{$from}\" <{$mailfrom}>"; break; default: $headers[] = [' Updated by', $from]; } $fields = [ 'email' => 'Reported by', 'sdesc' => 'Summary', 'status' => 'Status', 'bug_type' => 'Type', 'package_name' => 'Package', 'php_os' => 'Operating System', 'php_version' => 'PHP Version', 'assign' => 'Assigned To', 'block_user_comment' => 'Block user comment', 'private' => 'Private report', 'cve_id' => 'CVE-ID', ]; foreach ($fields as $name => $desc) { $prefix = ' '; if (isset($changed[$name])) { $headers[] = ["-{$desc}", $changed[$name]['from']]; $prefix = '+'; } /* only fields that are set get added. */ if ($f = txfield($name, $bug, $in)) { if ($name == 'email') { $f = spam_protect($f, 'text'); } $foo = isset($changed[$name]['to']) ? $changed[$name]['to'] : $f; $headers[] = [$prefix.$desc, $foo]; } } /* Make header output aligned */ $maxlength = 0; $actlength = 0; foreach ($headers as $v) { $actlength = strlen($v[0]) + 1; $maxlength = (($maxlength < $actlength) ? $actlength : $maxlength); } /* Align header content with headers (if a header contains more than one line, wrap it intelligently) */ $header_text = ''; $spaces = str_repeat(' ', $maxlength + 1); foreach ($headers as $v) { $hcontent = wordwrap($v[1], 72 - $maxlength, "\n{$spaces}"); // wrap and indent $hcontent = rtrim($hcontent); // wordwrap may add spacer to last line $header_text .= str_pad($v[0] . ':', $maxlength) . " {$hcontent}\n"; } if ($ncomment) { # $ncomment = preg_replace('##sUe', "ltrim(strip_tags('\\1'))", $ncomment); $ncomment = preg_replace_callback('##sU', function ($m) { return ltrim(strip_tags($m[0])); }, $ncomment); $text[] = " New Comment:\n\n{$ncomment}"; } $old_comments = get_old_comments($bug['id'], empty($ncomment)); # $old_comments = preg_replace('##sUe', "ltrim(strip_tags('\\1'))", $old_comments); $old_comments = preg_replace_callback('##sU', function ($m) { return ltrim(strip_tags($m[0])); }, $old_comments); $text[] = $old_comments; $wrapped_text = join("\n", $text); /* user text with attention, headers and previous messages */ $user_text = <<< USER_TEXT ATTENTION! Do NOT reply to this email! To reply, use the web interface found at {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug['id']}&edit=2 {$header_text} {$wrapped_text} USER_TEXT; /* developer text with headers, previous messages, and edit link */ $dev_text = <<< DEV_TEXT Edit report at {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug['id']}&edit=1 {$header_text} {$wrapped_text} -- Edit this bug report at {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug['id']}&edit=1 DEV_TEXT; if (preg_match('/.*@php\.net\z/', $bug['email'])) { $user_text = $dev_text; } // Defaults $subj = $bug_types[$bug['bug_type']]; $sdesc = txfield('sdesc', $bug, $in); /* send mail if status was changed, there is a comment, private turned on/off or the bug type was changed to/from Security */ if (empty($in['status']) || $in['status'] != $bug['status'] || $ncomment != '' || (isset($in['private']) && $in['private'] != $bug['private']) || (isset($in['bug_type']) && $in['bug_type'] != $bug['bug_type'] && ($in['bug_type'] == 'Security' || $bug['bug_type'] == 'Security'))) { if (isset($in['bug_type']) && $in['bug_type'] != $bug['bug_type']) { $subj = $bug_types[$bug['bug_type']] . '->' . $bug_types[$in['bug_type']]; } $old_status = $bug['status']; $new_status = $bug['status']; if (isset($in['status']) && $in['status'] != $bug['status'] && $edit != 3) { /* status changed */ $new_status = $in['status']; $subj .= " #{$bug['id']} [{$tla[$old_status]}->{$tla[$new_status]}]"; } elseif ($edit == 4) { /* patch */ $subj .= " #{$bug['id']} [PATCH]"; } elseif ($edit == 3) { /* comment */ $subj .= " #{$bug['id']} [Com]"; } else { /* status did not change and not comment */ $subj .= " #{$bug['id']} [{$tla[$bug['status']]}]"; } // the user gets sent mail with an envelope sender that ignores bounces bugs_mail( $bug['email'], "{$subj}: {$sdesc}", $user_text, "From: {$siteBig} Bug Database <{$mailfrom}>\r\n" . "Bcc: {$bcc}\r\n" . "X-PHP-Bug: {$bug['id']}\r\n" . "X-PHP-Site: {$siteBig}\r\n" . "In-Reply-To: " ); // Spam protection $tmp = $edit != 3 ? $in : $bug; $tmp['new_status'] = $new_status; $tmp['old_status'] = $old_status; foreach (['bug_type', 'php_version', 'package_name', 'php_os'] as $field) { $tmp[$field] = strtok($tmp[$field], "\r\n"); } // but we go ahead and let the default sender get used for the list bugs_mail( $mailto, "{$subj}: {$sdesc}", $dev_text, "From: {$from}\r\n". "X-PHP-Bug: {$bug['id']}\r\n" . "X-PHP-Site: {$siteBig}\r\n" . "X-PHP-Type: {$tmp['bug_type']}\r\n" . "X-PHP-Version: {$tmp['php_version']}\r\n" . "X-PHP-Category: {$tmp['package_name']}\r\n" . "X-PHP-OS: {$tmp['php_os']}\r\n" . "X-PHP-Status: {$tmp['new_status']}\r\n" . "X-PHP-Old-Status: {$tmp['old_status']}\r\n" . "In-Reply-To: ", $params ); } /* if a developer assigns someone else, let that other person know about it */ if ($edit == 1 && $in['assign'] && $in['assign'] != $bug['assign']) { $email = $in['assign'] . '@php.net'; // If the developer assigns him self then skip if ($email == $from) { return; } bugs_mail( $email, $bug_types[$bug['bug_type']] . ' #' . $bug['id'] . ' ' . txfield('sdesc', $bug, $in), "{$in['assign']} you have just been assigned to this bug by {$from}\n\n{$dev_text}", "From: {$from}\r\n" . "X-PHP-Bug: {$bug['id']}\r\n" . "In-Reply-To: " ); } } /** * Turns a unix timestamp into a uniformly formatted date * * If the date is during the current year, the year is omitted. * * @param int $ts the unix timestamp to be formatted * @param string $format format to use * * @return string the formatted date */ function format_date($ts = null, $format = 'Y-m-d H:i e') { if (!$ts) { $ts = time(); } return gmdate($format, (int)$ts - date('Z', (int)$ts)); } /** * Produces a string containing the bug's prior comments * * @param int $bug_id the bug's id number * @param int $all should all existing comments be returned? * * @return string the comments */ function get_old_comments($bug_id, $all = 0) { global $dbh, $site_method, $site_url, $basedir; $divider = str_repeat('-', 72); $max_message_length = 10 * 1024; $max_comments = 5; $output = ''; $count = 0; $res = $dbh->prepare(" SELECT ts, email, comment FROM bugdb_comments WHERE bug = ? AND comment_type != 'log' ORDER BY ts DESC ")->execute([$bug_id]); // skip the most recent unless the caller wanted all comments if (!$all) { $row = $res->fetch(\PDO::FETCH_NUM); if (!$row) { return ''; } } while (($row = $res->fetch(\PDO::FETCH_NUM)) && strlen($output) < $max_message_length && $count++ < $max_comments) { $email = spam_protect($row[1], 'text'); $output .= "[{$row[0]}] {$email}\n\n{$row[2]}\n\n{$divider}\n"; } if (strlen($output) < $max_message_length && $count < $max_comments) { $res = $dbh->prepare("SELECT ts1, email, ldesc FROM bugdb WHERE id = ?")->execute([$bug_id]); if (!$res) { return $output; } $row = $res->fetch(\PDO::FETCH_NUM); if (!$row) { return $output; } $email = spam_protect($row[1], 'text'); return (" Previous Comments: {$divider} {$output}[{$row[0]}] {$email} {$row[2]} {$divider} "); } else { return " Previous Comments: {$divider} {$output} The remainder of the comments for this report are too long. To view the rest of the comments, please view the bug report online at {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug_id} "; } return ''; } /** * Converts any URI's found in the string to hyperlinks * * @param string $text the text to be examined * * @return string the converted string */ function addlinks($text) { $text = htmlspecialchars($text); $text = preg_replace("/((mailto|http|https|ftp|nntp|news):.+?)(>|\\s|\\)|\\.\\s|,\\s|$)/i","\\1\\3",$text); # what the heck is this for? $text = preg_replace("/[.,]?-=-\"/", '"', $text); return $text; } /** * Determine if the given package name is legitimate * * @param string $package_name the name of the package * * @return bool */ function package_exists($package_name) { global $pseudo_pkgs; return isset($pseudo_pkgs[$package_name]); } /** * Validate an email address */ function is_valid_email($email, $phpnet_allowed = true) { if (!$phpnet_allowed) { if (false !== stripos($email, '@php.net')) { return false; } } return (bool)filter_var($email, FILTER_VALIDATE_EMAIL); } /** * Validate an incoming bug report * * @param mixed $in usually $_POST['in'] * @param bool $initial * @param bool $logged_in * * @return array */ function incoming_details_are_valid($in, $initial = 0, $logged_in = false) { global $bug, $dbh, $bug_types, $versions; $errors = []; if (!is_array($in)) { $errors[] = 'Invalid data submitted!'; return $errors; } if ($initial || (!empty($in['email']) && $bug['email'] != $in['email'])) { if (!is_valid_email($in['email'])) { $errors[] = 'Please provide a valid email address.'; } } if (!$logged_in && $initial && (empty($in['passwd']) || !is_string($in['passwd']))) { $errors[] = 'Please provide a password for this bug report.'; } if (isset($in['php_version']) && $in['php_version'] == 'earlier') { $errors[] = 'Please select a valid PHP version. If your PHP version is too old, please upgrade first and see if the problem has not already been fixed.'; } if (empty($in['php_version']) || !is_string($in['php_version']) || ($initial && !in_array($in['php_version'], $versions))) { $errors[] = 'Please select a valid PHP version.'; } if (empty($in['package_name']) || !is_string($in['package_name']) || $in['package_name'] == 'none') { $errors[] = 'Please select an appropriate package.'; } else if (!package_exists($in['package_name'])) { $errors[] = 'Please select an appropriate package.'; } if (empty($in['bug_type']) || !is_string($in['bug_type']) || !array_key_exists($in['bug_type'], $bug_types)) { $errors[] = 'Please select a valid bug type.'; } if (empty($in['sdesc']) || !is_string($in['sdesc'])) { $errors[] = 'You must supply a short description of the bug you are reporting.'; } if ($initial && (empty($in['ldesc']) || !is_string($in['ldesc']))) { $errors[] = 'You must supply a long description of the bug you are reporting.'; } return $errors; } /** * Produces an array of email addresses the report should go to * * @param string $package_name the package's name * * @return array an array of email addresses */ function get_package_mail($package_name, $bug_id = false, $bug_type = 'Bug') { global $dbh, $bugEmail, $docBugEmail, $secBugEmail, $security_distro_people; $to = []; $params = '-f noreply@php.net'; $mailfrom = $bugEmail; if ($bug_type === 'Documentation Problem') { // Documentation problems *always* go to the doc team $to[] = $docBugEmail; } else if ($bug_type == 'Security') { // Security problems *always* go to the sec team $to[] = $secBugEmail; foreach ($security_distro_people as $user) { $to[] = "{$user}@php.net"; } $params = '-f bounce-no-user@php.net'; } else { /* Get package mailing list address */ $res = $dbh->prepare(' SELECT list_email, project FROM bugdb_pseudo_packages WHERE name = ? ')->execute([$package_name]); list($list_email, $project) = $res->fetch(\PDO::FETCH_NUM); if ($project == 'pecl') { $mailfrom = 'pecl-dev@lists.php.net'; } if ($list_email) { if ($list_email == 'systems@php.net') { $params = '-f bounce-no-user@php.net'; } $to[] = $list_email; } else { // Get the maintainers handle if ($project == 'pecl') { $handles = $dbh->prepare("SELECT GROUP_CONCAT(handle) FROM bugdb_packages_maintainers WHERE package_name = ?")->execute([$package_name])->fetch(\PDO::FETCH_NUM)[0]; if ($handles) { foreach (explode(',', $handles) as $handle) { $to[] = $handle .'@php.net'; } } else { $to[] = $mailfrom; } } else { // Fall back to default mailing list $to[] = $bugEmail; } } } /* Include assigned to To list and subscribers in Bcc list */ if ($bug_id) { $bug_id = (int) $bug_id; $assigned = $dbh->prepare("SELECT assign FROM bugdb WHERE id= ? ")->execute([$bug_id])->fetch(\PDO::FETCH_NUM)[0]; if ($assigned) { $assigned .= '@php.net'; if ($assigned && !in_array($assigned, $to)) { $to[] = $assigned; } } $bcc = $dbh->prepare("SELECT email FROM bugdb_subscribe WHERE bug_id=?")->execute([$bug_id])->fetchAll(); $bcc = array_unique($bcc); return [implode(', ', $to), $mailfrom, implode(', ', $bcc), $params]; } else { return [implode(', ', $to), $mailfrom, '', $params]; } } /** * Prepare a query string with the search terms * * @param string $search the term to be searched for * * @return array */ function format_search_string($search, $boolean_search = false) { global $dbh; // Function will be updated to make results more relevant. // Quick hack for indicating ignored words. $min_word_len=3; $words = preg_split("/\s+/", $search); $ignored = $used = []; foreach($words as $match) { if (strlen($match) < $min_word_len) { array_push($ignored, $match); } else { array_push($used, $match); } } if ($boolean_search) { // require all used words (all) if ($boolean_search === 1) { $newsearch = ''; foreach ($used as $word) { $newsearch .= "+$word "; } return [" AND MATCH (bugdb.email,sdesc,ldesc) AGAINST (" . $dbh->quote($newsearch) . " IN BOOLEAN MODE)", $ignored]; // allow custom boolean search (raw) } elseif ($boolean_search === 2) { return [" AND MATCH (bugdb.email,sdesc,ldesc) AGAINST (" . $dbh->quote($search) . " IN BOOLEAN MODE)", $ignored]; } } // require any of the words (any) return [" AND MATCH (bugdb.email,sdesc,ldesc) AGAINST (" . $dbh->quote($search) . ")", $ignored]; } /** * Send the confirmation mail to confirm a subscription removal * * @param integer bug ID * @param string email to remove * @param array bug data * * @return void */ function unsubscribe_hash($bug_id, $email) { global $dbh, $siteBig, $site_method, $site_url, $bugEmail; $now = time(); $hash = crypt($email . $bug_id, $now); $query = " UPDATE bugdb_subscribe SET unsubscribe_date = '{$now}', unsubscribe_hash = ? WHERE bug_id = ? AND email = ? "; $affected = $dbh->prepare($query, null, null)->execute([$hash, $bug_id, $email]); if ($affected > 0) { $hash = urlencode($hash); /* user text with attention, headers and previous messages */ $user_text = <<< USER_TEXT ATTENTION! Do NOT reply to this email! A request has been made to remove your subscription to {$siteBig} bug #{$bug_id} To view the bug in question please use this link: {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug_id} To confirm the removal please use this link: {$site_method}://{$site_url}{$basedir}/bug.php?id={$bug_id}&unsubscribe=1&t={$hash} USER_TEXT; bugs_mail( $email, "[$siteBig-BUG-unsubscribe] #{$bug_id}", $user_text, "From: {$siteBig} Bug Database <{$bugEmail}>\r\n". "X-PHP-Bug: {$bug_id}\r\n". "In-Reply-To: " ); } } /** * Remove a subscribtion * * @param integer bug ID * @param string hash * * @return void */ function unsubscribe($bug_id, $hash) { global $dbh; $bug_id = (int) $bug_id; $query = " SELECT bug_id, email, unsubscribe_date, unsubscribe_hash FROM bugdb_subscribe WHERE bug_id = ? AND unsubscribe_hash = ? LIMIT 1 "; $sub = $dbh->prepare($query)->execute([$bug_id, $hash])->fetch(); if (!$sub) { return false; } $now = time(); $requested_on = $sub['unsubscribe_date']; /* 24hours delay to answer the mail */ if (($now - $requested_on) > 86400) { return false; } $query = " DELETE FROM bugdb_subscribe WHERE bug_id = ? AND unsubscribe_hash = ? AND email = ? "; $dbh->prepare($query)->execute([$bug_id, $hash, $sub['email']]); return true; } /** * Add bug comment */ function bugs_add_comment($bug_id, $from, $from_name, $comment, $type = 'comment') { global $dbh; return $dbh->prepare(" INSERT INTO bugdb_comments (bug, email, reporter_name, comment, comment_type, ts) VALUES (?, ?, ?, ?, ?, NOW()) ")->execute([ $bug_id, $from, $from_name, $comment, $type ]); } /** * Change bug status */ function bugs_status_change($bug_id, $new_status) { global $dbh; return $dbh->prepare(" UPDATE bugdb SET status = ? WHERE id = ? LIMIT 1 ")->execute([$new_status, $bug_id]); } /** * Verify bug password * * @return bool */ function verify_bug_passwd($bug_id, $passwd) { global $dbh; return (bool) $dbh->prepare('SELECT 1 FROM bugdb WHERE id = ? AND passwd = ?')->execute([$bug_id, $passwd])->fetch(\PDO::FETCH_NUM)[0]; } /** * Mailer function. When DEVBOX is defined, this only outputs the parameters as-is. * * @return bool * */ function bugs_mail($to, $subject, $message, $headers = '', $params = '') { if (empty($params)) { $params = '-f noreply@php.net'; } if (DEVBOX === true) { if (defined('DEBUG_MAILS')) { echo '

';
            var_dump(htmlspecialchars($to), htmlspecialchars($subject), htmlspecialchars($message), htmlspecialchars($headers));
            echo '

'; } return true; } return @mail($to, $subject, $message, $headers, $params); } /** * Prints out the XHTML headers and top of the page. * * @param string $title a string to go into the header's

	php.net |  support |  documentation |  report a bug |  advanced search |  search howto |  statistics |  random bug |  my bugs |  admin |  logout login
go to bug id or search bugs for

Copyright © 2001- The PHP Group All rights reserved.	Last updated:

element * * @return string the HTML hyperlink of an email address */ function make_mailto_link($email, $linktext = '', $extras = '') { $tmp = ''; for ($i = 0, $l = strlen($email); $i<$l; $i++) { if ($i % 2) { $tmp .= '&#' . ord($email[$i]) . ';'; } else { $tmp .= '&#x' . dechex(ord($email[$i])) . ';'; } } return "" . ($linktext != '' ? $linktext : $tmp) . ''; } /** * Turns bug/feature request numbers into hyperlinks * * @param string $text the text to check for bug numbers * * @return string the string with bug numbers hyperlinked */ function make_ticket_links($text) { return preg_replace( '/(?a-z])(bug(?:fix)?|feat(?:ure)?|doc(?:umentation)?|req(?:uest)?|duplicated of)\s+#?([0-9]+)/i', "\\0", $text ); } function get_ticket_links($text) { $matches = []; preg_match_all('/(?a-z])(?:bug(?:fix)?|feat(?:ure)?|doc(?:umentation)?|req(?:uest)?|duplicated of)\s+#?([0-9]+)/i', $text, $matches); return $matches[1]; } /** * Generates a random password */ function bugs_gen_passwd($length = 8) { return substr(md5(uniqid(time(), true)), 0, $length); } function bugs_get_hash($passwd) { return hash_hmac('sha256', $passwd, getenv('USER_PWD_SALT')); }