1<?php 2 3use App\Repository\BugRepository; 4use App\Repository\PatchRepository; 5use App\Utils\Captcha; 6use App\Utils\PatchTracker; 7 8// Obtain common includes 9require_once '../include/prepend.php'; 10 11$patchTracker = $container->get(PatchTracker::class); 12$patchRepository = $container->get(PatchRepository::class); 13 14session_start(); 15 16// Authenticate 17bugs_authenticate($user, $pw, $logged_in, $user_flags); 18 19$canpatch = true; 20 21/// Input vars 22$bug_id = !empty($_REQUEST['bug']) ? (int) $_REQUEST['bug'] : 0; 23if (empty($bug_id)) { 24 $bug_id = !empty($_REQUEST['bug_id']) ? (int) $_REQUEST['bug_id'] : 0; 25} 26 27if (empty($bug_id)) { 28 response_header('Error :: no bug selected'); 29 display_bug_error('No bug selected to add a patch to (no bug or bug_id!)'); 30 response_footer(); 31 exit; 32} 33 34$bugRepository = $container->get(BugRepository::class); 35 36if (!($buginfo = $bugRepository->findOneById($bug_id))) { 37 response_header('Error :: invalid bug selected'); 38 display_bug_error("Invalid bug #{$bug_id} selected"); 39 response_footer(); 40 exit; 41} 42 43$package_name = $buginfo['package_name']; 44 45// captcha is not necessary if the user is logged in 46if (!$logged_in) { 47 $captcha = $container->get(Captcha::class); 48} 49 50$show_bug_info = bugs_has_access($bug_id, $buginfo, $pw, $user_flags); 51 52if (!$show_bug_info) { 53 response_header('Private report'); 54 display_bug_error("The bug #{$bug_id} is not available to public"); 55 response_footer(); 56 exit; 57} 58 59$patch_name = (!empty($_GET['patchname']) && is_string($_GET['patchname'])) ? $_GET['patchname'] : ''; 60$patch_name = (!empty($_POST['name']) && is_string($_POST['name'])) ? $_POST['name'] : $patch_name; 61$patch_name_url = urlencode($patch_name); 62 63if (isset($_POST['addpatch'])) { 64 if (!isset($_POST['obsoleted'])) { 65 $_POST['obsoleted'] = []; 66 } 67 68 // Check that patch name is given (required always) 69 if (empty($patch_name)) { 70 $patches = $patchRepository->findAllByBugId($bug_id); 71 $errors[] = 'No patch name entered'; 72 include "{$ROOT_DIR}/templates/addpatch.php"; 73 exit; 74 } 75 76 if (!$logged_in) { 77 try { 78 $errors = []; 79 80 $email = isset($_POST['email']) ? $_POST['email'] : ''; 81 82 if (!is_valid_email($email, $logged_in)) { 83 $errors[] = 'Email address must be valid!'; 84 } 85 86 /** 87 * Check if session answer is set, then compare 88 * it with the post captcha value. If it's not 89 * the same, then it's an incorrect password. 90 */ 91 if (!isset($_SESSION['answer']) || $_POST['captcha'] != $_SESSION['answer']) { 92 $errors[] = 'Incorrect Captcha'; 93 } 94 95 if (count($errors)) { 96 throw new \Exception(''); 97 } 98 99 try { 100 $revision = $patchTracker->attach($bug_id, 'patch', $patch_name, $email, $_POST['obsoleted']); 101 } catch (\Exception $e) { 102 $patches = $patchRepository->findAllByBugId($bug_id); 103 $errors[] = $e->getMessage(); 104 $errors[] = 'Could not attach patch "'.htmlspecialchars($patch_name).'" to Bug #'.$bug_id; 105 include "{$ROOT_DIR}/templates/addpatch.php"; 106 107 exit; 108 } 109 } catch (\Exception $e) { 110 $patches = $patchRepository->findAllByBugId($bug_id); 111 include "{$ROOT_DIR}/templates/addpatch.php"; 112 exit; 113 } 114 } else { 115 $email = $auth_user->email; 116 117 try { 118 $revision = $patchTracker->attach($bug_id, 'patch', $patch_name, $auth_user->email, $_POST['obsoleted']); 119 } catch (\Exception $e) { 120 $patches = $patchRepository->findAllByBugId($bug_id); 121 $errors = [ 122 $e->getMessage(), 123 'Could not attach patch "'.htmlspecialchars($patch_name, ENT_QUOTES).'" to Bug #'.$bug_id 124 ]; 125 include "{$ROOT_DIR}/templates/addpatch.php"; 126 127 exit; 128 } 129 } 130 131 // Add a comment to the bug report. 132 $patch_url = "{$site_method}://{$site_url}{$basedir}/patch-display.php?bug={$bug_id}&patch={$patch_name_url}&revision={$revision}"; 133 134 $text = <<<TXT 135The following patch has been added/updated: 136 137Patch Name: {$patch_name} 138Revision: {$revision} 139URL: {$patch_url} 140TXT; 141 142 $res = bugs_add_comment($bug_id, $email, $auth_user->name, $text, 'patch'); 143 144 // Send emails 145 mail_bug_updates($buginfo, $buginfo, $email, $text, 4, $bug_id); 146 147 $patches = $patchRepository->findAllByBugId($bug_id); 148 $errors = []; 149 include "{$ROOT_DIR}/templates/patchadded.php"; 150 exit; 151} 152 153$email = isset($_GET['email']) ? $_GET['email'] : ''; 154$patches = $patchRepository->findAllByBugId($bug_id); 155 156include "{$ROOT_DIR}/templates/addpatch.php"; 157