database update: db.inc works here now, no crappy psql -c needed anymore
[iserv-mod-error-reporter.git] / src / index.php
1 <?php
2 /**
3 * @file index.php
4 * Main page to show the error reports
5 * @author Roland Hieber (roland.hieber@wilhelm-gym.net)
6 * @date 21.10.2007
7 * @package iserv_errorreporter
8 *
9 * Copyright © 2007 Roland Hieber
10 *
11 * Permission is hereby granted, free of charge, to any person obtaining
12 * copy of this software and associated documentation files (the "Software"),
13 * to deal in the Software without restriction, including without limitation
14 * the rights to use, copy, modify, merge, publish, distribute, sublicense,
15 * and/or sell copies of the Software, and to permit persons to whom the
16 * Software is furnished to do so, subject to the following conditions:
17 *
18 * The above copyright notice and this permission notice shall be included in
19 * all copies or substantial portions of the Software.
20 *
21 * THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
22 * IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
23 * FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
24 * AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
25 * LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
26 * OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN
27 * THE SOFTWARE.
28 */
29
30 /** @todo turn this into a class */
31 require_once("mod_error-reporter/init.inc");
32 require_once("sec/secure.inc");
33
34 db_user("errorreporter");
35
36 html_header("<style type='text/css'>
37 td.errors-form-description {
38 width: 12em;
39 }
40 </style>");
41
42 $getAction = @$_GET["action"];
43 $getUid = @$_GET["uid"];
44
45 $postMachine = @stripslashes($_POST["machine"]);
46 $postText = @stripslashes($_POST["text"]);
47 $postHidden = @$_POST["hidden"];
48 $postSubmit = @$_POST["submit"];
49
50 $strError = "";
51
52 PageBlue(_c("error-reporter:Report an error"), "mod_error-reporter");
53
54 if(!erConfig::userHasAccess()) {
55 printf("<p class='err'>%s</p>\n", ER_ERROR_ACCESS_DENIED);
56 _PageBlue();
57 exit();
58 }
59
60 // Probably we have to delete an error report
61 if($getAction == "delete" and isset($getUid)) {
62 // Are you really sure?
63 if(@$_POST["surely_delete"] == _("Delete")) {
64 $doc->deleteErrorReport($getUid);
65 // Reload to get rid of POST data
66 header("Location: {$_SERVER["PHP_SELF"]}");
67 } elseif(@$_POST["surely_cancel"] == _("Cancel")) {
68 header("Location: {$_SERVER["PHP_SELF"]}");
69 } else {
70 // Ask the user to delete the message
71 Title(_c("error-reporter:Delete an error report"));
72 // Check if the specified report exists
73 if(!$doc->getErrorReportByID($getUid)) {
74 echo sprintf("<p class='err'>%s</p>",
75 _c("error-reporter:The specified error report does not exist!"));
76 Option(_("Back"), null, "href='".$_SERVER["PHP_SELF"]."'", "back");
77 } else {
78 if(erConfig::userIsAdmin() or $doc->userIsOwner($getUid)) {
79 echo sprintf("<form action='%s' method='post'>\n",
80 $view->getDeleteURL($getUid));
81 echo sprintf("<p>%s</p>", _c("error-reporter:You are about to delete ".
82 "the following error report:"));
83 $view->printErrorReport($doc->getErrorReportByID($getUid), true, false);
84 echo sprintf("<p><input type='submit' class='submit' ".
85 "name='surely_delete' value='%s' />\n&nbsp;<input type='submit' ".
86 "class='submit' name='surely_cancel' value='%s' />\n</p></form>",
87 _("Delete"), _("Cancel"));
88 } else {
89 echo sprintf("<p class='err'>%s</p>",
90 _c("error-reporter:You are not allowed to delete this report."));
91 Option(_("Back"), null, "href='".$_SERVER["PHP_SELF"]."'", "back");
92 }
93 }
94 _PageBlue();
95 exit();
96 }
97 }
98
99 // form for reloading the page via javascript
100 echo sprintf("<form action='%s' method='get'></form>\n", $_SERVER["PHP_SELF"]);
101
102 // probably we have to insert an error report
103 if(($getAction == "submit" and $postSubmit == _c("error-reporter:Submit")))
104 {
105 // All fields must be filled out
106 if((trim($postMachine) == "") or (trim($postText) == "")) {
107 $strError = _c("error-reporter:You have to fill out all the fields in ".
108 "the form.");
109 } else {
110 // Write to database
111 $nNewUid = null;
112 $er = new erErrorReport(time(), $_SESSION["act"], $postMachine, $postText,
113 $postHidden == "true");
114 try {
115 $nNewUid = $doc->writeErrorReport($er);
116 } catch(Exception $e) {
117 echo sprintf("<p class='err'>%s</p>", $e->getMessage());
118 }
119
120 if($nNewUid !== null) {
121 echo sprintf("<p class='err'>%s</p>", _c("error-reporter:The report was ".
122 "submitted. Thank you for your help."));
123 }
124
125 $postText = "";
126 $postMachine = "";
127 $postHidden = "false";
128 }
129 }
130
131 // Show already existent (and visible) error reports
132 if($doc->getNumErrorReports() > 0) {
133 Title(_c("error-reporter:Reports that have already been submitted:"));
134 echo sprintf("<p>%s</p>", _c("error-reporter:These errors should not be ".
135 "resubmitted."));
136 $view->printErrorReports($doc->getErrorReports(array(ER_ERM_SORT_DATE =>
137 ER_ERM_SORT_DESC)));
138 }
139
140 // Form for submitting a new error report
141 echo "<p />\n";
142 Title(_c("error-reporter:Report an error"));
143 Option(_c("error-reporter:Recommened reading"), _c("error-reporter:“How to ".
144 "Report Bugs Effectively”, by Simon G. Tatham"), "target='_blank' href='".
145 _c("error-reporter:http://www.chiark.greenend.org.uk/~sgtatham/bugs.html").
146 "'");
147
148 // Print the error here
149 if($strError != "")
150 echo "<p class='err'>$strError</p>\n";
151
152 echo sprintf("<p>%s</p>\n", _c("error-reporter:Please write your report as ".
153 "precise as possible to help us solve the problem. The more precise the ".
154 "report is, the faster the error can be fixed. Please include also any ".
155 "error messages you have recieved."));
156 echo "<form name='form' id='form' method='post' action='?action=submit'>\n".
157 "<{$GLOBALS["invtbl"]}>\n";
158 echo sprintf("<tr><td class='errors-form-description'>%s</td>".
159 "<td><input type='text' name='machine' size='55' value='%s' /></td></tr>\n",
160 _c("error-reporter:Affected machine:"), q($postMachine));
161 echo sprintf("<tr><td class='errors-form-description'>%s</td><td>".
162 "<textarea name='text' cols='40' rows='5'>%s</textarea></td></tr>\n",
163 _c("error-reporter:Description of the error:"), q($postText));
164 echo sprintf("<tr><td /><td><input type='hidden' name='hidden' ".
165 "value='false' /><input type='checkbox' id='hidden' name='hidden' ".
166 "value='true'%s><label for='hidden'>%s</label></td></tr>\n",
167 ($postHidden == "true") ? " checked='checked'" : "", _c("error-reporter:".
168 "Visible only for administrators (use this if your report is about security ".
169 "issues)"));
170 echo sprintf("<tr><td /><td><input type='submit' name='submit' value='%s' />".
171 "</td></tr>\n", _c("error-reporter:Submit"));
172 echo "</table></form><p />\n";
173
174 _PageBlue();
175 ?>
This page took 0.075281 seconds and 5 git commands to generate.