src/index.php

   1 <?php
   2 /**
   3  * @file index.php
   4  * Main page to show the error reports
   5  * @author Roland Hieber (roland.hieber@wilhelm-gym.net)
   6  * @date 21.10.2007
   7  * @package iserv_errorreporter
   8  *
   9  * Copyright © 2007 Roland Hieber
  10  *
  11  * Permission is hereby granted, free of charge, to any person obtaining
  12  * copy of this software and associated documentation files (the "Software"),
  13  * to deal in the Software without restriction, including without limitation
  14  * the rights to use, copy, modify, merge, publish, distribute, sublicense,
  15  * and/or sell copies of the Software, and to permit persons to whom the
  16  * Software is furnished to do so, subject to the following conditions:
  17  *
  18  * The above copyright notice and this permission notice shall be included in
  19  * all copies or substantial portions of the Software.
  20  *
  21  * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
  22  * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
  23  * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
  24  * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
  25  * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
  26  * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
  27  * THE SOFTWARE.
  28  */
  29
  30 /** @todo turn this into a class */
  31 require_once("mod_error-reporter/init.inc");
  32 require_once("sec/secure.inc");
  33
  34 html_header("<style type='text/css'>
  35 td.errors-form-description {
  36   width: 12em;
  37 }
  38 </style>");
  39
  40 $getAction = @$_GET["action"];
  41 $getUid = @$_GET["uid"];
  42
  43 $postMachine = @stripslashes($_POST["machine"]);
  44 $postText = @stripslashes($_POST["text"]);
  45 $postHidden = @$_POST["hidden"];
  46 $postSubmit = @$_POST["submit"];
  47
  48 $strError = "";
  49
  50 PageBlue(_c("error-reporter:Report an error"), "mod_error-reporter");
  51
  52 if(!$cfgErrors->userHasAccess()) {
  53   printf("<p class='err'>%s</p>\n", ER_ERROR_ACCESS_DENIED);
  54   _PageBlue();
  55   exit();
  56 }
  57
  58 // Probably we have to delete an error report
  59 if($getAction == "delete" and isset($getUid)) {
  60   // Are you really sure?
  61         if(@$_POST["surely_delete"] == _("Delete")) {
  62     $doc->deleteErrorReport($getUid);
  63     header("Location: {$_SERVER["PHP_SELF"]}");   // Reload to get rid of POST data
  64   } elseif(@$_POST["surely_cancel"] == _("Cancel")) {
  65     header("Location: {$_SERVER["PHP_SELF"]}");
  66   } else {
  67     // Ask the user to delete the message
  68     Title(_c("error-reporter:Delete an error report"));
  69     // Check if the specified report exists
  70     if(!$doc->getErrorReportByID($getUid)) {
  71       echo sprintf("<p class='err'>%s</p>",
  72         _c("error-reporter:The specified error report does not exist!"));
  73       Option(_("Back"), null, "href='".$_SERVER["PHP_SELF"]."'", "back");
  74     } else {
  75       if($cfgErrors->userIsAdmin() or $doc->userIsOwner($getUid)) {
  76         echo sprintf("<form action='%s' method='post'>\n", $view->getDeleteURL($getUid));
  77         echo sprintf("<p>%s</p>",
  78           _c("error-reporter:You are about to delete the following error report:"));
  79         $view->printErrorReport($doc->getErrorReportByID($getUid), true, false);
  80         echo sprintf("<p><input type='submit' class='submit' name='surely_delete' value='%s' />\n".
  81           "&nbsp;<input type='submit' class='submit' name='surely_cancel' value='%s' />\n".
  82           "</p></form>", _("Delete"), _("Cancel"));
  83       } else {
  84         echo sprintf("<p class='err'>%s</p>",
  85           _c("error-reporter:You are not allowed to delete this report."));
  86         Option(_("Back"), null, "href='".$_SERVER["PHP_SELF"]."'", "back");
  87       }
  88     }
  89     _PageBlue();
  90     exit();
  91   }
  92 }
  93
  94 // form for reloading the page via javascript
  95 echo sprintf("<form action='%s' method='get'></form>\n", $_SERVER["PHP_SELF"]);
  96
  97 // probably we have to insert an error report
  98 if(($getAction == "submit" and $postSubmit == _("Insert")))
  99 {
 100   // All fields must be filled out
 101         if((trim($postMachine) == "") or (trim($postText) == "")) {
 102                 $strError = _c("error-reporter:You have to fill out all the fields in the form.");
 103         } else {
 104           // Write to database
 105           $nNewUid = null;
 106           $er = new erErrorReport(time(), $_SESSION["act"], $postMachine, $postText, $postHidden == "true");
 107           try {
 108             $nNewUid = $doc->writeErrorReport($er);
 109           } catch(Exception $e) {
 110       echo sprintf("<p class='err'>%s</p>", $e->getMessage());
 111           }
 112
 113           if($nNewUid !== null) {
 114       echo sprintf("<p class='err'>%s</p>",
 115         _c("error-reporter:The report was submitted. Thank you for your help."));
 116           }
 117
 118                 $postText = "";
 119                 $postMachine = "";
 120                 $postHidden = "false";
 121         }
 122 }
 123
 124 // Show already existent (and visible) error reports
 125 if($doc->getNumErrorReports() > 0) {
 126   Title(_c("error-reporter:Reports that have already been submitted:"));
 127   echo sprintf("<p>%s</p>", _c("error-reporter:These errors should not be resubmitted."));
 128   $view->printErrorReports($doc->getErrorReports(array(ER_ERM_SORT_DATE => ER_ERM_SORT_DESC)));
 129 }
 130
 131 // Form for submitting a new error report
 132 echo "<p />\n";
 133 Title(_c("error-reporter:Report an error"));
 134 Option(_c("error-reporter:Recommened reading"), _c("error-reporter:“How to Report Bugs ".
 135         "Effectively”, by Simon G. Tatham"), "target='_blank' href='".
 136   _c("error-reporter:http://www.chiark.greenend.org.uk/~sgtatham/bugs.html")."'");
 137
 138 // Print the error here
 139 if($strError != "")
 140         echo "<p class='err'>$strError</p>\n";
 141
 142 echo sprintf("<p>%s</p>\n", _c("error-reporter:Please write your report as precise as possible to help ".
 143   "us solve the problem. The more precise the report is, the faster the error can be fixed. ".
 144   "Please include also any error messages you have recieved."));
 145 echo "<form name='form' id='form' method='post' action='?action=submit'>\n<{$GLOBALS["invtbl"]}>\n";
 146 echo sprintf("<tr><td class='errors-form-description'>%s</td>".
 147   "<td><input type='text' name='machine' size='55' value='%s' /></td></tr>\n",
 148   _c("error-reporter:Affected machine:"), q($postMachine));
 149 echo sprintf("<tr><td class='errors-form-description'>%s</td><td>".
 150   "<textarea name='text' cols='40' rows='5'>%s</textarea></td></tr>\n",
 151   _c("error-reporter:Description of the error:"), q($postText));
 152 echo sprintf("<tr><td /><td><input type='hidden' name='hidden' value='false' />".
 153   "<input type='checkbox' id='hidden' name='hidden' value='true'%s><label for='hidden'>%s".
 154   "</label></td></tr>\n", ($postHidden == "true") ? " checked='checked'" : "",
 155   _c("error-reporter:Visible only for administrators (use this if your report is about security issues)"));
 156 echo sprintf("<tr><td /><td><input type='submit' name='submit' value='%s' /></td></tr>\n",
 157   _("Insert"));
 158 echo "</table></form><p />\n";
 159
 160 _PageBlue();
 161 ?>