xref: /web-bugs/www/patch-add.php (revision 3c344392) 
1<?php
2
3use App\Repository\BugRepository;
4use App\Repository\PatchRepository;
5use App\Utils\Captcha;
6use App\Utils\PatchTracker;
7
8// Obtain common includes
9require_once '../include/prepend.php';
10
11$patchTracker = $container->get(PatchTracker::class);
12$patchRepository = $container->get(PatchRepository::class);
13
14session_start();
15
16// Authenticate
17bugs_authenticate($user, $pw, $logged_in, $user_flags);
18
19$canpatch = true;
20
21/// Input vars
22$bug_id = !empty($_REQUEST['bug']) ? (int) $_REQUEST['bug'] : 0;
23if (empty($bug_id)) {
24    $bug_id = !empty($_REQUEST['bug_id']) ? (int) $_REQUEST['bug_id'] : 0;
25}
26
27if (empty($bug_id)) {
28    response_header('Error :: no bug selected');
29    display_bug_error('No bug selected to add a patch to (no bug or bug_id!)');
30    response_footer();
31    exit;
32}
33
34$bugRepository = $container->get(BugRepository::class);
35
36if (!($buginfo = $bugRepository->findOneById($bug_id))) {
37    response_header('Error :: invalid bug selected');
38    display_bug_error("Invalid bug #{$bug_id} selected");
39    response_footer();
40    exit;
41}
42
43$package_name = $buginfo['package_name'];
44
45// captcha is not necessary if the user is logged in
46if (!$logged_in) {
47    $captcha = $container->get(Captcha::class);
48}
49
50$show_bug_info = bugs_has_access($bug_id, $buginfo, $pw, $user_flags);
51
52if (!$show_bug_info) {
53    response_header('Private report');
54    display_bug_error("The bug #{$bug_id} is not available to public");
55    response_footer();
56    exit;
57}
58
59$patch_name = (!empty($_GET['patchname']) && is_string($_GET['patchname'])) ? $_GET['patchname'] : '';
60$patch_name = (!empty($_POST['name']) && is_string($_POST['name'])) ? $_POST['name'] : $patch_name;
61$patch_name_url = urlencode($patch_name);
62
63if (isset($_POST['addpatch'])) {
64    if (!isset($_POST['obsoleted'])) {
65        $_POST['obsoleted'] = [];
66    }
67
68    // Check that patch name is given (required always)
69    if (empty($patch_name)) {
70        $patches = $patchRepository->findAllByBugId($bug_id);
71        $errors[] = 'No patch name entered';
72        include "{$ROOT_DIR}/templates/addpatch.php";
73        exit;
74    }
75
76    if (!$logged_in) {
77        try {
78            $errors = [];
79
80            $email = isset($_POST['email']) ? $_POST['email'] : '';
81
82            if (!is_valid_email($email, $logged_in)) {
83                $errors[] = 'Email address must be valid!';
84            }
85
86            /**
87             * Check if session answer is set, then compare
88             * it with the post captcha value. If it's not
89             * the same, then it's an incorrect password.
90             */
91            if (!isset($_SESSION['answer']) || $_POST['captcha'] != $_SESSION['answer']) {
92                $errors[] = 'Incorrect Captcha';
93            }
94
95            if (count($errors)) {
96                throw new \Exception('');
97            }
98
99            try {
100                $revision = $patchTracker->attach($bug_id, 'patch', $patch_name, $email, $_POST['obsoleted']);
101            } catch (\Exception $e) {
102                $patches = $patchRepository->findAllByBugId($bug_id);
103                $errors[] = $e->getMessage();
104                $errors[] = 'Could not attach patch "'.htmlspecialchars($patch_name).'" to Bug #'.$bug_id;
105                include "{$ROOT_DIR}/templates/addpatch.php";
106
107                exit;
108            }
109        } catch (\Exception $e) {
110            $patches = $patchRepository->findAllByBugId($bug_id);
111            include "{$ROOT_DIR}/templates/addpatch.php";
112            exit;
113        }
114    } else {
115        $email = $auth_user->email;
116
117        try {
118            $revision = $patchTracker->attach($bug_id, 'patch', $patch_name, $auth_user->email, $_POST['obsoleted']);
119        } catch (\Exception $e) {
120            $patches = $patchRepository->findAllByBugId($bug_id);
121            $errors = [
122                $e->getMessage(),
123                'Could not attach patch "'.htmlspecialchars($patch_name, ENT_QUOTES).'" to Bug #'.$bug_id
124            ];
125            include "{$ROOT_DIR}/templates/addpatch.php";
126
127            exit;
128        }
129    }
130
131    // Add a comment to the bug report.
132    $patch_url = "{$site_method}://{$site_url}{$basedir}/patch-display.php?bug={$bug_id}&patch={$patch_name_url}&revision={$revision}";
133
134    $text = <<<TXT
135The following patch has been added/updated:
136
137Patch Name: {$patch_name}
138Revision:   {$revision}
139URL:        {$patch_url}
140TXT;
141
142    $res = bugs_add_comment($bug_id, $email, $auth_user->name, $text, 'patch');
143
144    // Send emails
145    mail_bug_updates($buginfo, $buginfo, $email, $text, 4, $bug_id);
146
147    $patches = $patchRepository->findAllByBugId($bug_id);
148    $errors = [];
149    include "{$ROOT_DIR}/templates/patchadded.php";
150    exit;
151}
152
153$email = isset($_GET['email']) ? $_GET['email'] : '';
154$patches = $patchRepository->findAllByBugId($bug_id);
155
156include "{$ROOT_DIR}/templates/addpatch.php";
157