private bool IsValidPassword(string username, string hashedPassword, string resetKey)
{
var sql = new SQLString("select count(*) from users where us_username = @username and us_password = @password and password_reset_key = @resetKey");
sql.AddParameterWithValue("@username", username);
sql.AddParameterWithValue("@password", hashedPassword);
sql.AddParameterWithValue("@resetKey", resetKey);
return ((int)btnet.DbUtil.execute_scalar(sql)) > 0;
}
private bool IsValidPassword(string username, string hashedPassword, string resetKey)
{
var sql = new SQLString("select count(*) from users where us_username = @username and us_password = @password and password_reset_key = @resetKey");
sql.AddParameterWithValue("@username", username);
sql.AddParameterWithValue("@password", hashedPassword);
sql.AddParameterWithValue("@resetKey", resetKey);
return(((int)btnet.DbUtil.execute_scalar(sql)) > 0);
}
protected void Page_Load(Object sender, EventArgs e)
{
Util.set_context(HttpContext.Current);
Util.do_not_cache(Response);
string guid = Request["id"];
SQLString sql = new SQLString(@"
declare @expiration datetime
set @expiration = dateadd(n,-1 * @minutes,getdate())
select *,
case when el_date < @expiration then 1 else 0 end [expired]
from emailed_links
where el_id = @guid
delete from emailed_links
where el_date < dateadd(n,-240,getdate())");
sql = sql.AddParameterWithValue("minutes", Util.get_setting("RegistrationExpiration", "20"));
sql = sql.AddParameterWithValue("guid", guid.Replace("'", "''"));
DataRow dr = btnet.DbUtil.get_datarow(sql);
if (dr == null)
{
msg.InnerHtml = "The link you clicked on is expired or invalid.<br>Please start over again.";
}
else if ((int)dr["expired"] == 1)
{
msg.InnerHtml = "The link you clicked has expired.<br>Please start over again.";
}
else
{
btnet.User.copy_user(
(string)dr["el_username"],
(string)dr["el_email"],
(string)dr["el_firstname"],
(string)dr["el_lastname"],
"",
(int)dr["el_salt"],
(string)dr["el_password"],
Util.get_setting("SelfRegisteredUserTemplate", "[error - missing user template]"),
false);
// Delete the temp link
sql = new SQLString(@"delete from emailed_links where el_id = @guid");
sql = sql.AddParameterWithValue("guid", guid);
btnet.DbUtil.execute_nonquery(sql);
msg.InnerHtml = "Your registration is complete.";
}
}
///////////////////////////////////////////////////////////////////////
public static int get_bug_permission_level(int bugid, IIdentity identity)
{
/*
* public const int PERMISSION_NONE = 0;
* public const int PERMISSION_READONLY = 1;
* public const int PERMISSION_REPORTER = 3;
* public const int PERMISSION_ALL = 2;
*/
// fetch the revised permission level
var sql = new SQLString(@"
declare @bg_org int
select isnull(pu_permission_level,@dpl),
bg_org
from bugs
left outer join project_user_xref
on pu_project = bg_project
and pu_user = @us
where bg_id = @bg");
;
sql = sql.AddParameterWithValue("@dpl", Util.get_setting("DefaultPermissionLevel", "2"));
sql = sql.AddParameterWithValue("@bg", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("@us", Convert.ToString(identity.GetUserId()));
DataRow dr = btnet.DbUtil.get_datarow(sql);
if (dr == null)
{
return(PermissionLevel.None);
}
int pl = (int)dr[0];
int bg_org = (int)dr[1];
// maybe reduce permissions
var organizationId = identity.GetOrganizationId();
if (bg_org != organizationId)
{
var otherOrgsPermissionLevel = identity.GetOtherOrgsPermissionLevels();
if (otherOrgsPermissionLevel == PermissionLevel.None ||
otherOrgsPermissionLevel == PermissionLevel.ReadOnly)
{
if (otherOrgsPermissionLevel < pl)
{
pl = otherOrgsPermissionLevel;
}
}
}
return(pl);
}
protected void Page_Load(Object sender, EventArgs e)
{
Util.set_context(HttpContext.Current);
Util.do_not_cache(Response);
string guid = Request["id"];
SQLString sql = new SQLString(@"
declare @expiration datetime
set @expiration = dateadd(n,-1 * @minutes,getdate())
select *,
case when el_date < @expiration then 1 else 0 end [expired]
from emailed_links
where el_id = @guid
delete from emailed_links
where el_date < dateadd(n,-240,getdate())" );
sql = sql.AddParameterWithValue("minutes", Util.get_setting("RegistrationExpiration", "20"));
sql = sql.AddParameterWithValue("guid", guid.Replace("'", "''"));
DataRow dr = btnet.DbUtil.get_datarow(sql);
if (dr == null)
{
msg.InnerHtml = "The link you clicked on is expired or invalid.<br>Please start over again.";
}
else if ((int)dr["expired"] == 1)
{
msg.InnerHtml = "The link you clicked has expired.<br>Please start over again.";
}
else
{
btnet.User.copy_user(
(string)dr["el_username"],
(string)dr["el_email"],
(string)dr["el_firstname"],
(string)dr["el_lastname"],
"",
(int)dr["el_salt"],
(string)dr["el_password"],
Util.get_setting("SelfRegisteredUserTemplate", "[error - missing user template]"),
false);
// Delete the temp link
sql = new SQLString(@"delete from emailed_links where el_id = @guid");
sql = sql.AddParameterWithValue("guid", guid);
btnet.DbUtil.execute_nonquery(sql);
msg.InnerHtml = "Your registration is complete.";
}
}
///////////////////////////////////////////////////////////////////////
protected static void write_relationships(HttpResponse Response, int bugid)
{
var sql = new SQLString(@"select bg_id [id],
bg_short_desc [desc],
re_type [comment],
case
when re_direction = 0 then ''
when re_direction = 2 then @child
else @parent end [parent/child]
from bug_relationships
inner join bugs on re_bug2 = bg_id
where re_bug1 = @bg
order by 1");
sql = sql.AddParameterWithValue("bg", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("parent", "parent of " + Convert.ToString(bugid));
sql = sql.AddParameterWithValue("child", "child of " + Convert.ToString(bugid));
DataSet ds_relationships = btnet.DbUtil.get_dataset(sql);
if (ds_relationships.Tables[0].Rows.Count > 0)
{
Response.Write ("<b>Relationships</b><p><table border=1 class=datat><tr>");
Response.Write ("<td class=datah valign=bottom>id</td>");
Response.Write ("<td class=datah valign=bottom>desc</td>");
Response.Write ("<td class=datah valign=bottom>comment</td>");
Response.Write ("<td class=datah valign=bottom>parent/child</td>");
foreach (DataRow dr_relationships in ds_relationships.Tables[0].Rows)
{
Response.Write ("<tr>");
Response.Write ("<td class=datad valign=top align=right>");
Response.Write (Convert.ToString((int) dr_relationships["id"]));
Response.Write ("<td class=datad valign=top>");
Response.Write (Convert.ToString(dr_relationships["desc"]));
Response.Write ("<td class=datad valign=top>");
Response.Write (Convert.ToString(dr_relationships["comment"]));
Response.Write ("<td class=datad valign=top>");
Response.Write (Convert.ToString(dr_relationships["parent/child"]));
}
Response.Write ("</table><p>");
}
}
public static void update_user_password(string username, string unencypted)
{
var salt = GenerateRandomString();
string hashed = Util.HashString(unencypted, Convert.ToString(salt));
var sql = new SQLString("update users set us_password = @hashed, us_salt = @salt where us_username = @username");
sql = sql.AddParameterWithValue("hashed", hashed);
sql = sql.AddParameterWithValue("salt", Convert.ToString(salt));
sql = sql.AddParameterWithValue("username", Convert.ToString(username));
btnet.DbUtil.execute_nonquery(sql);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit dashboard";
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanUseReports())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
ses = (string)Session.SessionID;
var sql = new SQLString(@"
select ds_id, ds_col, ds_row, ds_chart_type, rp_desc
from dashboard_items ds
inner join reports on rp_id = ds_report
where ds_user = @user
order by ds_col, ds_row");
sql = sql.AddParameterWithValue("user", Convert.ToString(User.Identity.GetUserId()));
ds = DbUtil.get_dataset(sql);
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
string ct;
if (good)
{
if (id == 0)
{ // insert new
sql = new SQLString(@"insert into reports
(rp_desc, rp_sql, rp_chart_type)
values (@de, @sq, @ct)" );
}
else
{ // edit existing
sql = new SQLString(@"update reports set
rp_desc = @de,
rp_sql = @sq,
rp_chart_type = @ct
where rp_id = @id" );
sql = sql.AddParameterWithValue("@id", Convert.ToString(id));
}
sql = sql.AddParameterWithValue("@de", desc.Value);
sql = sql.AddParameterWithValue("@sq", Server.HtmlDecode(sql_text.Value));
if (pie.Checked)
{
ct = "pie";
}
else if (bar.Checked)
{
ct = "bar";
}
else if (line.Checked)
{
ct = "line";
}
else
{
ct = "table";
}
sql = sql.AddParameterWithValue("@ct", ct);
DbUtil.execute_nonquery(sql);
Server.Transfer("reports.aspx");
}
else
{
if (id == 0)
{ // insert new
msg.InnerText += "Query was not created.";
}
else
{ // edit existing
msg.InnerText += "Query was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
sql = new SQLString(@"update bug_posts set
bp_comment = @comment,
bp_hidden_from_external_users = @internal
where bp_id = @bugPostId" );
sql = sql.AddParameterWithValue("bugPostId", Convert.ToString(id));
sql = sql.AddParameterWithValue("comment", desc.Value.Replace("'", "''"));
sql = sql.AddParameterWithValue("internal", btnet.Util.bool_to_string(internal_only.Checked));
btnet.DbUtil.execute_nonquery(sql);
if (!internal_only.Checked)
{
btnet.Bug.send_notifications(btnet.Bug.UPDATE, bugid, User.Identity);
}
Response.Redirect("edit_bug.aspx?id=" + Convert.ToString(bugid));
}
else
{
msg.InnerText = "Attachment was not updated.";
}
}
///////////////////////////////////////////////////////////////////////
public static void update_most_recent_login_datetime(int us_id)
{
var sql = new SQLString(@"update users set us_most_recent_login_datetime = getdate() where us_id = @us");
sql = sql.AddParameterWithValue("us", Convert.ToString(us_id));
DbUtil.execute_nonquery(sql);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit dashboard";
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanUseReports())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
ses = (string)Session.SessionID;
var sql = new SQLString(@"
select ds_id, ds_col, ds_row, ds_chart_type, rp_desc
from dashboard_items ds
inner join reports on rp_id = ds_report
where ds_user = @user
order by ds_col, ds_row");
sql = sql.AddParameterWithValue("user", Convert.ToString(User.Identity.GetUserId()));
ds = DbUtil.get_dataset(sql);
}
private string GetSalt(string username)
{
var sql = new SQLString("select us_salt from users where us_username = @username");
sql.AddParameterWithValue("@username", username);
var result = ((string)btnet.DbUtil.execute_scalar(sql));
return result;
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Master.Menu.SelectedItem = "admin";
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit priority";
msg.InnerText = "";
string var = Request.QueryString["id"];
if (var == null)
{
id = 0;
}
else
{
id = Convert.ToInt32(var);
}
if (!IsPostBack)
{
// add or edit?
if (id == 0)
{
sub.Value = "Create";
}
else
{
sub.Value = "Update";
// Get this entry's data from the db and fill in the form
sql = new SQLString(@"select
pr_name, pr_sort_seq, pr_background_color, isnull(pr_style,'') [pr_style], pr_default
from priorities where pr_id = @id");
sql = sql.AddParameterWithValue("id", id);
DataRow dr = btnet.DbUtil.get_datarow(sql);
// Fill in this form
name.Value = (string)dr["pr_name"];
sort_seq.Value = Convert.ToString((int)dr["pr_sort_seq"]);
color.Value = (string)dr["pr_background_color"];
style.Value = (string)dr["pr_style"];
default_selection.Checked = Convert.ToBoolean((int)dr["pr_default"]);
}
}
else
{
on_update();
}
}
private string GetSalt(string username)
{
var sql = new SQLString("select us_salt from users where us_username = @username");
sql.AddParameterWithValue("@username", username);
var result = ((string)btnet.DbUtil.execute_scalar(sql));
return(result);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (Request.QueryString["ses"] != (string)Session["session_cookie"])
{
Response.Write("session in URL doesn't match session cookie");
Response.End();
}
string string_bugid = Util.sanitize_integer(Request["bugid"]);
int bugid = Convert.ToInt32(string_bugid);
int permission_level = Bug.get_bug_permission_level(bugid, User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
string string_tsk_id = Util.sanitize_integer(Request["id"]);
int tsk_id = Convert.ToInt32(string_tsk_id);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete bug_tasks where tsk_id = @tsk_id and tsk_bug = @bugid");
sql = sql.AddParameterWithValue("tsk_id", string_tsk_id);
sql = sql.AddParameterWithValue("bugid", string_bugid);
DbUtil.execute_nonquery(sql);
Response.Redirect("tasks.aspx?bugid=" + string_bugid);
}
else
{
Page.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete task";
back_href.HRef = "tasks.aspx?bugid=" + string_bugid;
sql = new SQLString(@"select tsk_description from bug_tasks where tsk_id = @tsk_id and tsk_bug = @bugid");
sql = sql.AddParameterWithValue("tsk_id", string_tsk_id);
sql = sql.AddParameterWithValue("bugid", string_bugid);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of task: " + Convert.ToString(dr["tsk_description"]);
}
}
///////////////////////////////////////////////////////////////////////
// Send the emails in the queue
protected static void actually_send_the_emails()
{
btnet.Util.write_to_log("actually_send_the_emails");
var sql = new SQLString(@"select * from queued_notifications where qn_status = N'not sent' and qn_retries < 3");
// create a new one, just in case there would be multithreading issues...
// get the pending notifications
DataSet ds = btnet.DbUtil.get_dataset(sql);
foreach (DataRow dr in ds.Tables[0].Rows)
{
string err = "";
try
{
string to = (string)dr["qn_to"];
btnet.Util.write_to_log("sending email to " + to);
// try to send it
err = Email.send_email(
(string)dr["qn_to"],
(string)dr["qn_from"],
"", // cc
(string)dr["qn_subject"],
(string)dr["qn_body"],
MailFormat.Html);
if (err == "")
{
sql = new SQLString("delete from queued_notifications where qn_id = @qn_id");
}
}
catch (Exception e)
{
err = e.Message;
if (e.InnerException != null)
{
err += "; ";
err += e.InnerException.Message;
}
}
if (err != "")
{
sql = new SQLString("update queued_notifications set qn_retries = qn_retries + 1, qn_last_exception = @ex where qn_id = @qn_id");
sql = sql.AddParameterWithValue("@ex", err.Replace("'", "''"));
}
sql = sql.AddParameterWithValue("qn_id", Convert.ToString(dr["qn_id"]));
// update the row or delete the row
btnet.DbUtil.execute_nonquery(sql);
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (Request.QueryString["ses"] != (string)Session["session_cookie"])
{
Response.Write("session in URL doesn't match session cookie");
Response.End();
}
var sql = new SQLString("delete from bug_subscriptions where bs_bug = @bg_id and bs_user = @us_id");
sql = sql.AddParameterWithValue("$bg_id", Util.sanitize_integer(Request["bg_id"]));
sql = sql.AddParameterWithValue("$us_id", Util.sanitize_integer(Request["us_id"]));
DbUtil.execute_nonquery(sql);
Response.Redirect("view_subscribers.aspx?id=" + Util.sanitize_integer(Request["bg_id"]));
}
///////////////////////////////////////////////////////////////////////
public static void apply_post_insert_rules(int bugid)
{
var sql = new SQLString(Util.get_setting("UpdateBugAfterInsertBugAspxSql", ""));
if (!string.IsNullOrEmpty(sql.ToString()))
{
sql = sql.AddParameterWithValue("@BUGID", Convert.ToString(bugid));
btnet.DbUtil.execute_nonquery(sql);
}
}
///////////////////////////////////////////////////////////////////////
public static DataSet get_bug_posts(int bugid, bool external_user, bool history_inline)
{
SQLString sql = new SQLString(@"
/* get_bug_posts */
select
a.bp_bug,
a.bp_comment,
isnull(us_username,'') [us_username],
case rtrim(us_firstname)
when null then isnull(us_lastname, '')
when '' then isnull(us_lastname, '')
else isnull(us_lastname + ', ' + us_firstname,'')
end [us_fullname],
isnull(us_email,'') [us_email],
a.bp_date,
datediff(s,a.bp_date,getdate()) [seconds_ago],
a.bp_id,
a.bp_type,
isnull(a.bp_email_from,'') bp_email_from,
isnull(a.bp_email_to,'') bp_email_to,
isnull(a.bp_email_cc,'') bp_email_cc,
isnull(a.bp_file,'') bp_file,
isnull(a.bp_size,0) bp_size,
isnull(a.bp_content_type,'') bp_content_type,
a.bp_hidden_from_external_users,
isnull(ba.bp_file,'') ba_file, -- intentionally ba
isnull(ba.bp_id,'') ba_id, -- intentionally ba
isnull(ba.bp_size,'') ba_size, -- intentionally ba
isnull(ba.bp_content_type,'') ba_content_type -- intentionally ba
from bug_posts a
left outer join users on us_id = a.bp_user
left outer join bug_posts ba on ba.bp_parent = a.bp_id and ba.bp_bug = a.bp_bug
where a.bp_bug = @id
and a.bp_parent is null");
if (!history_inline)
{
sql.Append("\n and a.bp_type <> 'update'");
}
if (external_user)
{
sql.Append("\n and a.bp_hidden_from_external_users = 0");
}
sql.Append( "\n order by a.bp_id ");
sql.Append( btnet.Util.get_setting("CommentSortOrder","desc"));
sql.Append( ", ba.bp_parent, ba.bp_id");
sql = sql.AddParameterWithValue("@id", Convert.ToString(bugid));
return btnet.DbUtil.get_dataset(sql);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (Request.QueryString["ses"] != (string)Session["session_cookie"])
{
Response.Write("session in URL doesn't match session cookie");
Response.End();
}
var sql = new SQLString("delete from bug_subscriptions where bs_bug = @bg_id and bs_user = @us_id");
sql = sql.AddParameterWithValue("$bg_id", Util.sanitize_integer(Request["bg_id"]));
sql = sql.AddParameterWithValue("$us_id", Util.sanitize_integer(Request["us_id"]));
DbUtil.execute_nonquery(sql);
Response.Redirect("view_subscribers.aspx?id=" + Util.sanitize_integer(Request["bg_id"]));
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Master.Menu.SelectedItem = "admin";
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit priority";
msg.InnerText = "";
string var = Request.QueryString["id"];
if (var == null)
{
id = 0;
}
else
{
id = Convert.ToInt32(var);
}
if (!IsPostBack)
{
// add or edit?
if (id == 0)
{
sub.Value = "Create";
}
else
{
sub.Value = "Update";
// Get this entry's data from the db and fill in the form
sql = new SQLString(@"select
pr_name, pr_sort_seq, pr_background_color, isnull(pr_style,'') [pr_style], pr_default
from priorities where pr_id = @id" );
sql = sql.AddParameterWithValue("id", id);
DataRow dr = btnet.DbUtil.get_datarow(sql);
// Fill in this form
name.Value = (string)dr["pr_name"];
sort_seq.Value = Convert.ToString((int)dr["pr_sort_seq"]);
color.Value = (string)dr["pr_background_color"];
style.Value = (string)dr["pr_style"];
default_selection.Checked = Convert.ToBoolean((int)dr["pr_default"]);
}
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanDeleteBugs())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
string id = Util.sanitize_integer(Request["id"]);
int permission_level = Bug.get_bug_permission_level(Convert.ToInt32(id), User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
if (IsPostBack)
{
Bug.delete_bug(Convert.ToInt32(row_id.Value));
Server.Transfer("bugs.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete " + Util.get_setting("SingularBugLabel", "bug");
back_href.HRef = "edit_bug.aspx?id=" + id;
sql = new SQLString(@"select bg_short_desc from bugs where bg_id = @bugId");
sql = sql.AddParameterWithValue("bugId", id);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of "
+ Util.get_setting("SingularBugLabel", "bug")
+ ": "
+ Convert.ToString(dr["bg_short_desc"]);
row_id.Value = id;
}
}
protected void Page_Load(object sender, EventArgs e)
{
var sql = new SQLString("select us_id, us_email, us_username from users");
using (var reader = DbUtil.execute_reader(sql, System.Data.CommandBehavior.Default))
{
while (reader.Read())
{
var id = reader.GetInt32(0);
var updateQuery = new SQLString("update users set password_reset_key=@resetKey where us_id = @id");
updateQuery.AddParameterWithValue("@id", id);
var resetKey = Util.GenerateRandomString();
updateQuery.AddParameterWithValue("@resetKey", resetKey);
var emailAddress = reader.IsDBNull(1) ? "" : reader.GetString(1);
var username = reader.GetString(2);
DbUtil.execute_nonquery(updateQuery);
SendMail(emailAddress, resetKey, username);
}
}
}
protected void Page_Load(object sender, EventArgs e)
{
var sql = new SQLString("select us_id, us_email, us_username from users");
using (var reader = DbUtil.execute_reader(sql, System.Data.CommandBehavior.Default))
{
while (reader.Read())
{
var id = reader.GetInt32(0);
var updateQuery = new SQLString("update users set password_reset_key=@resetKey where us_id = @id");
updateQuery.AddParameterWithValue("@id", id);
var resetKey = Util.GenerateRandomString();
updateQuery.AddParameterWithValue("@resetKey", resetKey);
var emailAddress = reader.IsDBNull(1) ? "" : reader.GetString(1);
var username = reader.GetString(2);
DbUtil.execute_nonquery(updateQuery);
SendMail(emailAddress, resetKey, username);
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (Request.QueryString["ses"] != (string)Session["session_cookie"])
{
Response.Write("session in URL doesn't match session cookie");
Response.End();
}
string string_bugid = Util.sanitize_integer(Request["bugid"]);
int bugid = Convert.ToInt32(string_bugid);
int permission_level = Bug.get_bug_permission_level(bugid, User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
string string_tsk_id = Util.sanitize_integer(Request["id"]);
int tsk_id = Convert.ToInt32(string_tsk_id);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete bug_tasks where tsk_id = @tsk_id and tsk_bug = @bugid");
sql = sql.AddParameterWithValue("tsk_id", string_tsk_id);
sql = sql.AddParameterWithValue("bugid", string_bugid);
DbUtil.execute_nonquery(sql);
Response.Redirect("tasks.aspx?bugid=" + string_bugid);
}
else
{
Page.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete task";
back_href.HRef = "tasks.aspx?bugid=" + string_bugid;
sql = new SQLString(@"select tsk_description from bug_tasks where tsk_id = @tsk_id and tsk_bug = @bugid");
sql = sql.AddParameterWithValue("tsk_id", string_tsk_id);
sql = sql.AddParameterWithValue("bugid", string_bugid);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of task: " + Convert.ToString(dr["tsk_description"]);
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete priorities where pr_id = @prid");
sql = sql.AddParameterWithValue("prid", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("priorities.aspx");
}
else
{
Master.Menu.SelectedItem = "admin";
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete priority";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from bugs where bg_priority = @id
select pr_name, @cnt [cnt] from priorities where pr_id = @id");
sql = sql.AddParameterWithValue("id", id);
DataRow dr = DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete priority \""
+ Convert.ToString(dr["pr_name"])
+ "\" because some bugs still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["pr_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete orgs where og_id = @orgid");
sql = sql.AddParameterWithValue("orgid", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("orgs.aspx");
}
else
{
Page.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete organization";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from users where us_org = @orgid;
select @cnt = @cnt + count(1) from queries where qu_org = @orgid;
select @cnt = @cnt + count(1) from bugs where bg_org = @orgid;
select og_name, @cnt [cnt] from orgs where og_id = @orgid");
sql = sql.AddParameterWithValue("orgid", id);
DataRow dr = DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete organization \""
+ Convert.ToString(dr["og_name"])
+ "\" because some bugs, users, queries still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["og_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Master.Menu.SelectedItem = "admin";
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit user defined attribute value";
msg.InnerText = "";
string var = Request.QueryString["id"];
if (var == null)
{
id = 0;
}
else
{
id = Convert.ToInt32(var);
}
if (!IsPostBack)
{
// add or edit?
if (id == 0)
{
sub.Value = "Create";
}
else
{
sub.Value = "Update";
// Get this entry's data from the db and fill in the form
sql = new SQLString(@"select udf_name, udf_sort_seq, udf_default from user_defined_attribute where udf_id = @udfid");
sql = sql.AddParameterWithValue("udfid", Convert.ToString(id));
DataRow dr = btnet.DbUtil.get_datarow(sql);
// Fill in this form
name.Value = (string)dr[0];
sort_seq.Value = Convert.ToString((int)dr[1]);
default_selection.Checked = Convert.ToBoolean((int)dr["udf_default"]);
}
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanDeleteBugs())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
string id = Util.sanitize_integer(Request["id"]);
int permission_level = Bug.get_bug_permission_level(Convert.ToInt32(id), User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
if (IsPostBack)
{
Bug.delete_bug(Convert.ToInt32(row_id.Value));
Server.Transfer("bugs.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete " + Util.get_setting("SingularBugLabel", "bug");
back_href.HRef = "edit_bug.aspx?id=" + id;
sql = new SQLString(@"select bg_short_desc from bugs where bg_id = @bugId");
sql = sql.AddParameterWithValue("bugId", id);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of "
+ Util.get_setting("SingularBugLabel", "bug")
+ ": "
+ Convert.ToString(dr["bg_short_desc"]);
row_id.Value = id;
}
}
///////////////////////////////////////////////////////////////////////
public static void delete_bug(int bugid)
{
// delete attachements
string id = Convert.ToString(bugid);
string upload_folder = Util.get_upload_folder();
var sql = new SQLString(@"select bp_id, bp_file from bug_posts where bp_type = 'file' and bp_bug = @bg");
sql = sql.AddParameterWithValue("bg", id);
DataSet ds = btnet.DbUtil.get_dataset(sql);
if (upload_folder != null && upload_folder != "")
{
foreach (DataRow dr in ds.Tables[0].Rows)
{
// create path
StringBuilder path = new StringBuilder(upload_folder);
path.Append("\\");
path.Append(id);
path.Append("_");
path.Append(Convert.ToString(dr["bp_id"]));
path.Append("_");
path.Append(Convert.ToString(dr["bp_file"]));
if (System.IO.File.Exists(path.ToString()))
{
System.IO.File.Delete(path.ToString());
}
}
}
// delete the database entries
sql = new SQLString(@"
delete bug_post_attachments from bug_post_attachments inner join bug_posts on bug_post_attachments.bpa_post = bug_posts.bp_id where bug_posts.bp_bug = @bg
delete from bug_posts where bp_bug = @bg
delete from bug_subscriptions where bs_bug = @bg
delete from bug_relationships where re_bug1 = @bg
delete from bug_relationships where re_bug2 = @bg
delete from bug_user where bu_bug = @bg
delete from bug_tasks where tsk_bug = @bg
delete from bugs where bg_id = @bg");
sql = sql.AddParameterWithValue("bg", id);
btnet.DbUtil.execute_nonquery(sql);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit category";
msg.InnerText = "";
string var = Request.QueryString["id"];
if (var == null)
{
id = 0;
}
else
{
id = Convert.ToInt32(var);
}
if (!IsPostBack)
{
// add or edit?
if (id == 0)
{
sub.Value = "Create";
}
else
{
sub.Value = "Update";
// Get this entry's data from the db and fill in the form
var sql = new SQLString(@"select ct_name, ct_sort_seq, ct_default from categories where ct_id = @categoryId");
sql = sql.AddParameterWithValue("categoryId", Convert.ToString(id));
DataRow dr = btnet.DbUtil.get_datarow(sql);
// Fill in this form
name.Value = (string)dr[0];
sort_seq.Value = Convert.ToString((int)dr[1]);
default_selection.Checked = Convert.ToBoolean((int)dr["ct_default"]);
}
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
sql = new SQLString(@"update bug_posts set
bp_comment = @cm,
bp_comment_search = @cs,
bp_content_type = @cn,
bp_hidden_from_external_users = @internal
where bp_id = @id
select bg_short_desc from bugs where bg_id = @bugid");
if (use_fckeditor)
{
string text = Util.strip_dangerous_tags(comment.Value);
sql = sql.AddParameterWithValue("cm", text.Replace("'", "'"));
sql = sql.AddParameterWithValue("cs", Util.strip_html(comment.Value).Replace("'", "''"));
sql = sql.AddParameterWithValue("cn", "text/html");
}
else
{
sql = sql.AddParameterWithValue("cm", HttpUtility.HtmlDecode(comment.Value).Replace("'", "''"));
sql = sql.AddParameterWithValue("cs", comment.Value.Replace("'", "''"));
sql = sql.AddParameterWithValue("cn", "text/plain");
}
sql = sql.AddParameterWithValue("id", Convert.ToString(id));
sql = sql.AddParameterWithValue("bugid", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("internal", Util.bool_to_string(internal_only.Checked));
DataRow dr = DbUtil.get_datarow(sql);
// Don't send notifications for internal only comments.
// We aren't putting them the email notifications because it that makes it
// easier for them to accidently get forwarded to the "wrong" people...
if (!internal_only.Checked)
{
Bug.send_notifications(Bug.UPDATE, bugid, User.Identity);
WhatsNew.add_news(bugid, (string)dr["bg_short_desc"], "updated", User.Identity);
}
Response.Redirect("edit_bug.aspx?id=" + Convert.ToString(bugid));
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete user_defined_attribute where udf_id = @udfid");
sql = sql.AddParameterWithValue("udfid", Util.sanitize_integer(row_id.Value));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("udfs.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete user defined attribute value";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from bugs where bg_user_defined_attribute = @udfid
select udf_name, @cnt [cnt] from user_defined_attribute where udf_id = @udfid");
sql = sql.AddParameterWithValue("udfid", id);
DataRow dr = btnet.DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete value \""
+ Convert.ToString(dr["udf_name"])
+ "\" because some bugs still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["udf_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete priorities where pr_id = @prid");
sql = sql.AddParameterWithValue("prid", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("priorities.aspx");
}
else
{
Master.Menu.SelectedItem = "admin";
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete priority";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from bugs where bg_priority = @id
select pr_name, @cnt [cnt] from priorities where pr_id = @id" );
sql = sql.AddParameterWithValue("id", id);
DataRow dr = DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete priority \""
+ Convert.ToString(dr["pr_name"])
+ "\" because some bugs still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["pr_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanEditReports())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
SQLString sql;
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"
delete reports where rp_id = @reportId;
delete dashboard_items where ds_report = @reportId");
sql = sql.AddParameterWithValue("reportId", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("reports.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete report";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"select rp_desc from reports where rp_id = @id");
sql = sql.AddParameterWithValue("id", id);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of report: "
+ Convert.ToString(dr["rp_desc"]);
row_id.Value = id;
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete orgs where og_id = @orgid");
sql = sql.AddParameterWithValue("orgid", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("orgs.aspx");
}
else
{
Page.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete organization";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from users where us_org = @orgid;
select @cnt = @cnt + count(1) from queries where qu_org = @orgid;
select @cnt = @cnt + count(1) from bugs where bg_org = @orgid;
select og_name, @cnt [cnt] from orgs where og_id = @orgid" );
sql = sql.AddParameterWithValue("orgid", id);
DataRow dr = DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete organization \""
+ Convert.ToString(dr["og_name"])
+ "\" because some bugs, users, queries still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["og_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
if (id == 0) // insert new
{
sql = new SQLString(@"insert into priorities
(pr_name, pr_sort_seq, pr_background_color, pr_style, pr_default)
values (@na, @ss, @co, @st, @df)" );
}
else // edit existing
{
sql = new SQLString(@"update priorities set
pr_name = @na,
pr_sort_seq = @ss,
pr_background_color = @co,
pr_style = @st,
pr_default = @df
where pr_id = @id" );
sql = sql.AddParameterWithValue("id", Convert.ToString(id));
}
sql = sql.AddParameterWithValue("na", name.Value);
sql = sql.AddParameterWithValue("ss", sort_seq.Value);
sql = sql.AddParameterWithValue("co", color.Value);
sql = sql.AddParameterWithValue("st", style.Value);
sql = sql.AddParameterWithValue("df", Util.bool_to_string(default_selection.Checked));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("priorities.aspx");
}
else
{
if (id == 0) // insert new
{
msg.InnerText = "Priority was not created.";
}
else // edit existing
{
msg.InnerText = "Priority was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"delete user_defined_attribute where udf_id = @udfid");
sql = sql.AddParameterWithValue("udfid", Util.sanitize_integer(row_id.Value));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("udfs.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete user defined attribute value";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from bugs where bg_user_defined_attribute = @udfid
select udf_name, @cnt [cnt] from user_defined_attribute where udf_id = @udfid" );
sql = sql.AddParameterWithValue("udfid", id);
DataRow dr = btnet.DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete value \""
+ Convert.ToString(dr["udf_name"])
+ "\" because some bugs still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["udf_name"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanEditReports())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
SQLString sql;
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"
delete reports where rp_id = @reportId;
delete dashboard_items where ds_report = @reportId");
sql = sql.AddParameterWithValue("reportId", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("reports.aspx");
}
else
{
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete report";
string id = Util.sanitize_integer(Request["id"]);
sql = new SQLString(@"select rp_desc from reports where rp_id = @id");
sql = sql.AddParameterWithValue("id", id);
DataRow dr = DbUtil.get_datarow(sql);
confirm_href.InnerText = "confirm delete of report: "
+ Convert.ToString(dr["rp_desc"]);
row_id.Value = id;
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
if (id == 0) // insert new
{
sql = new SQLString("insert into statuses (st_name, st_sort_seq, st_style, st_default) values (@na, @ss, @st, @df)");
}
else // edit existing
{
sql = new SQLString(@"update statuses set
st_name = @na,
st_sort_seq = @ss,
st_style = @st,
st_default = @df
where st_id = @id" );
sql = sql.AddParameterWithValue("id", id);
}
sql = sql.AddParameterWithValue("na", name.Value);
sql = sql.AddParameterWithValue("ss", sort_seq.Value);
sql = sql.AddParameterWithValue("st", style.Value);
sql = sql.AddParameterWithValue("df", Util.bool_to_string(default_selection.Checked));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("statuses.aspx");
}
else
{
if (id == 0) // insert new
{
msg.InnerText = "Status was not created.";
}
else // edit existing
{
msg.InnerText = "Status was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
protected void on_update()
{
Boolean good = validate();
if (good)
{
SQLString sql;
if (id == 0) // insert new
{
sql = new SQLString("insert into categories (ct_name, ct_sort_seq, ct_default) values (@na, @ss, @df)");
}
else // edit existing
{
sql = new SQLString(@"update categories set
ct_name = @na,
ct_sort_seq = @ss,
ct_default = @df
where ct_id = @id" );
sql = sql.AddParameterWithValue("id", Convert.ToString(id));
}
sql = sql.AddParameterWithValue("na", name.Value);
sql = sql.AddParameterWithValue("ss", sort_seq.Value);
sql = sql.AddParameterWithValue("df", Util.bool_to_string(default_selection.Checked));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("categories.aspx");
}
else
{
if (id == 0) // insert new
{
msg.InnerText = "Category was not created.";
}
else // edit existing
{
msg.InnerText = "Category was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
private void on_update()
{
Boolean good = validate();
if (good)
{
if (id == 0) // insert new
{
sql = new SQLString("insert into user_defined_attribute (udf_name, udf_sort_seq, udf_default) values (@na, @ss, @df)");
}
else // edit existing
{
sql = new SQLString(@"update user_defined_attribute set
udf_name = @na,
udf_sort_seq = @ss,
udf_default = @df
where udf_id = @id" );
sql = sql.AddParameterWithValue("id", Convert.ToString(id));
}
sql = sql.AddParameterWithValue("na", name.Value);
sql = sql.AddParameterWithValue("ss", sort_seq.Value);
sql = sql.AddParameterWithValue("df", Util.bool_to_string(default_selection.Checked));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("udfs.aspx");
}
else
{
if (id == 0) // insert new
{
msg.InnerText = "User defined attribute value was not created.";
}
else // edit existing
{
msg.InnerText = "User defined attribute value was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
public static int get_default_user(int projectid)
{
if (projectid == 0)
{
return(0);
}
var sql = new SQLString(@"select isnull(pj_default_user,0)
from projects
where pj_id = @pj" );
sql = sql.AddParameterWithValue("pj", Convert.ToString(projectid));
object obj = btnet.DbUtil.execute_scalar(sql);
if (obj != null)
{
return((int)obj);
}
else
{
return(0);
}
}
///////////////////////////////////////////////////////////////////////
public void Page_Load(Object sender, EventArgs e)
{
btnet.Util.do_not_cache(Response);
Page.Header.Title = btnet.Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "send email";
msg.InnerText = "";
string string_bp_id = Request["bp_id"];
string string_bg_id = Request["bg_id"];
string request_to = Request["to"];
string reply = Request["reply"];
enable_internal_posts = (Util.get_setting("EnableInternalOnlyPosts", "0") == "1");
if (!enable_internal_posts)
{
include_internal_posts.Visible = false;
include_internal_posts_label.Visible = false;
}
if (!IsPostBack)
{
Session["email_addresses"] = null;
DataRow dr = null;
if (string_bp_id != null)
{
string_bp_id = btnet.Util.sanitize_integer(string_bp_id);
sql = new SQLString(@"select
bp_parent,
bp_file,
bp_id,
bg_id,
bg_short_desc,
bp_email_from,
bp_comment,
bp_email_from,
bp_date,
bp_type,
bp_content_type,
bg_project,
bp_hidden_from_external_users,
isnull(us_signature,'') [us_signature],
isnull(pj_pop3_email_from,'') [pj_pop3_email_from],
isnull(us_email,'') [us_email],
isnull(us_firstname,'') [us_firstname],
isnull(us_lastname,'') [us_lastname]
from bug_posts
inner join bugs on bp_bug = bg_id
inner join users on us_id = @us
left outer join projects on bg_project = pj_id
where bp_id = @id
or (bp_parent = @id and bp_type='file')");
sql = sql.AddParameterWithValue("id", string_bp_id);
sql = sql.AddParameterWithValue("us", Convert.ToString(User.Identity.GetUserId()));
DataView dv = btnet.DbUtil.get_dataview(sql);
dr = null;
if (dv.Count > 0)
{
dv.RowFilter = "bp_id = " + string_bp_id;
if (dv.Count > 0)
{
dr = dv[0].Row;
}
}
int int_bg_id = (int)dr["bg_id"];
int permission_level = btnet.Bug.get_bug_permission_level(int_bg_id, User.Identity);
if (permission_level == PermissionLevel.None)
{
Response.Write("You are not allowed to view this item");
Response.End();
}
if ((int)dr["bp_hidden_from_external_users"] == 1)
{
if (User.Identity.GetIsExternalUser())
{
Response.Write("You are not allowed to view this post");
Response.End();
}
}
string_bg_id = Convert.ToString(dr["bg_id"]);
back_href.HRef = "edit_bug.aspx?id=" + string_bg_id;
bg_id.Value = string_bg_id;
to.Value = dr["bp_email_from"].ToString();
// Work around for a mysterious bug:
// http://sourceforge.net/tracker/?func=detail&aid=2815733&group_id=66812&atid=515837
if (btnet.Util.get_setting("StripDisplayNameFromEmailAddress", "0") == "1")
{
to.Value = Email.simplify_email_address(to.Value);
}
load_from_dropdown(dr, true); // list the project's email address first
if (reply != null && reply == "all")
{
Regex regex = new Regex("\n");
string[] lines = regex.Split((string)dr["bp_comment"]);
string cc_addrs = "";
int max = lines.Length < 5 ? lines.Length : 5;
// gather cc addresses, which might include the current user
for (int i = 0; i < max; i++)
{
if (lines[i].StartsWith("To:") || lines[i].StartsWith("Cc:"))
{
string cc_addr = lines[i].Substring(3, lines[i].Length - 3).Trim();
// don't cc yourself
if (cc_addr.IndexOf(from.SelectedItem.Value) == -1)
{
if (cc_addrs != "")
{
cc_addrs += ",";
}
cc_addrs += cc_addr;
}
}
}
cc.Value = cc_addrs;
}
if (dr["us_signature"].ToString() != "")
{
if (User.Identity.GetUseFCKEditor())
{
body.Value += "<br><br><br>";
body.Value += dr["us_signature"].ToString().Replace("\r\n", "<br>");
body.Value += "<br><br><br>";
}
else
{
body.Value += "\n\n\n";
body.Value += dr["us_signature"].ToString();
body.Value += "\n\n\n";
}
}
if (Request["quote"] != null)
{
Regex regex = new Regex("\n");
string[] lines = regex.Split((string)dr["bp_comment"]);
if (dr["bp_type"].ToString() == "received")
{
if (User.Identity.GetUseFCKEditor())
{
body.Value += "<br><br><br>";
body.Value += ">From: " + dr["bp_email_from"].ToString().Replace("<", "<").Replace(">", ">") + "<br>";
}
else
{
body.Value += "\n\n\n";
body.Value += ">From: " + dr["bp_email_from"] + "\n";
}
}
bool next_line_is_date = false;
for (int i = 0; i < lines.Length; i++)
{
if (i < 4 && (lines[i].IndexOf("To:") == 0 || lines[i].IndexOf("Cc:") == 0))
{
next_line_is_date = true;
if (User.Identity.GetUseFCKEditor())
{
body.Value += ">" + lines[i].Replace("<", "<").Replace(">", ">") + "<br>";
}
else
{
body.Value += ">" + lines[i] + "\n";
}
}
else if (next_line_is_date)
{
next_line_is_date = false;
if (User.Identity.GetUseFCKEditor())
{
body.Value += ">Date: " + Convert.ToString(dr["bp_date"]) + "<br>><br>";
}
else
{
body.Value += ">Date: " + Convert.ToString(dr["bp_date"]) + "\n>\n";
}
}
else
{
if (User.Identity.GetUseFCKEditor())
{
if (Convert.ToString(dr["bp_content_type"]) != "text/html")
{
body.Value += ">" + lines[i].Replace("<", "<").Replace(">", ">") + "<br>";
}
else
{
if (i == 0)
{
body.Value += "<hr>";
}
body.Value += lines[i];
}
}
else
{
body.Value += ">" + lines[i] + "\n";
}
}
}
}
if (reply == "forward")
{
to.Value = "";
//original attachments
//dv.RowFilter = "bp_parent = " + string_bp_id;
dv.RowFilter = "bp_type = 'file'";
foreach (DataRowView drv in dv)
{
attachments_label.InnerText = "Select attachments to forward:";
lstAttachments.Items.Add(new ListItem(drv["bp_file"].ToString(), drv["bp_id"].ToString()));
}
}
}
else if (string_bg_id != null)
{
string_bg_id = btnet.Util.sanitize_integer(string_bg_id);
int permission_level = btnet.Bug.get_bug_permission_level(Convert.ToInt32(string_bg_id), User.Identity);
if (permission_level == PermissionLevel.None
|| permission_level == PermissionLevel.ReadOnly)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
sql = new SQLString(@"select
bg_short_desc,
bg_project,
isnull(us_signature,'') [us_signature],
isnull(us_email,'') [us_email],
isnull(us_firstname,'') [us_firstname],
isnull(us_lastname,'') [us_lastname],
isnull(pj_pop3_email_from,'') [pj_pop3_email_from]
from bugs
inner join users on us_id = @us
left outer join projects on bg_project = pj_id
where bg_id = @bg");
sql = sql.AddParameterWithValue("us", Convert.ToString(User.Identity.GetUserId()));
sql = sql.AddParameterWithValue("bg", string_bg_id);
dr = btnet.DbUtil.get_datarow(sql);
load_from_dropdown(dr, false); // list the user's email first, then the project
back_href.HRef = "edit_bug.aspx?id=" + string_bg_id;
bg_id.Value = string_bg_id;
if (request_to != null)
{
to.Value = request_to;
}
// Work around for a mysterious bug:
// http://sourceforge.net/tracker/?func=detail&aid=2815733&group_id=66812&atid=515837
if (btnet.Util.get_setting("StripDisplayNameFromEmailAddress", "0") == "1")
{
to.Value = Email.simplify_email_address(to.Value);
}
if (dr["us_signature"].ToString() != "")
{
if (User.Identity.GetUseFCKEditor())
{
body.Value += "<br><br><br>";
body.Value += dr["us_signature"].ToString().Replace("\r\n", "<br>");
}
else
{
body.Value += "\n\n\n";
body.Value += dr["us_signature"].ToString();
}
}
}
short_desc.Value = (string)dr["bg_short_desc"];
if (string_bp_id != null || string_bg_id != null)
{
subject.Value = (string)dr["bg_short_desc"]
+ " (" + btnet.Util.get_setting("TrackingIdString", "DO NOT EDIT THIS:")
+ bg_id.Value
+ ")";
// for determining which users to show in "address book"
project = (int)dr["bg_project"];
}
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
sql = new SQLString(@"update bug_posts set
bp_comment = @comment,
bp_hidden_from_external_users = @internal
where bp_id = @bugPostId");
sql = sql.AddParameterWithValue("bugPostId", Convert.ToString(id));
sql = sql.AddParameterWithValue("comment", desc.Value.Replace("'", "''"));
sql = sql.AddParameterWithValue("internal", btnet.Util.bool_to_string(internal_only.Checked));
btnet.DbUtil.execute_nonquery(sql);
if (!internal_only.Checked)
{
btnet.Bug.send_notifications(btnet.Bug.UPDATE, bugid, User.Identity);
}
Response.Redirect("edit_bug.aspx?id=" + Convert.ToString(bugid));
}
else
{
msg.InnerText = "Attachment was not updated.";
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Master.Menu.SelectedItem = Util.get_setting("PluralBugLabel", "bugs");
Util.do_not_cache(Response);
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanEditAndDeletePosts())
{
//
}
else
{
Response.Write("You are not allowed to use this page.");
Response.End();
}
Page.Header.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit attachment";
msg.InnerText = "";
string var = Request.QueryString["id"];
id = Convert.ToInt32(var);
var = Request.QueryString["bug_id"];
bugid = Convert.ToInt32(var);
int permission_level = btnet.Bug.get_bug_permission_level(bugid, User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit this item");
Response.End();
}
if (User.Identity.GetIsExternalUser() || Util.get_setting("EnableInternalOnlyPosts", "0") == "0")
{
internal_only.Visible = false;
internal_only_label.Visible = false;
}
if (!IsPostBack)
{
// Get this entry's data from the db and fill in the form
sql = new SQLString(@"select bp_comment, bp_file, bp_hidden_from_external_users from bug_posts where bp_id = @bugPostId");
sql = sql.AddParameterWithValue("bugPostId", Convert.ToString(id));
DataRow dr = btnet.DbUtil.get_datarow(sql);
// Fill in this form
desc.Value = (string)dr["bp_comment"];
filename.InnerText = (string)dr["bp_file"];
internal_only.Checked = Convert.ToBoolean((int)dr["bp_hidden_from_external_users"]);
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
Boolean good = validate();
if (good)
{
if (tsk_id == 0) // insert new
{
sql = new SQLString(@"
insert into bug_tasks (
tsk_bug,
tsk_created_user,
tsk_created_date,
tsk_last_updated_user,
tsk_last_updated_date,
tsk_assigned_to_user,
tsk_planned_start_date,
tsk_actual_start_date,
tsk_planned_end_date,
tsk_actual_end_date,
tsk_planned_duration,
tsk_actual_duration,
tsk_duration_units,
tsk_percent_complete,
tsk_status,
tsk_sort_sequence,
tsk_description
)
values (
@tsk_bug,
@tsk_created_user,
getdate(),
@tsk_last_updated_user,
getdate(),
@tsk_assigned_to_user,
@tsk_planned_start_date,
@tsk_actual_start_date,
@tsk_planned_end_date,
@tsk_actual_end_date,
@tsk_planned_duration,
@tsk_actual_duration,
@tsk_duration_units,
@tsk_percent_complete,
@tsk_status,
@tsk_sort_sequence,
@tsk_description
);
declare @tsk_id int
select @tsk_id = scope_identity()
insert into bug_posts
(bp_bug, bp_user, bp_date, bp_comment, bp_type)
values(@tsk_bug, @tsk_last_updated_user, getdate(), N'added task ' + convert(varchar, @tsk_id), 'update')");
sql = sql.AddParameterWithValue("tsk_created_user", Convert.ToString(User.Identity.GetUserId()));
}
else // edit existing
{
sql = new SQLString(@"
update bug_tasks set
tsk_last_updated_user = @tsk_last_updated_user,
tsk_last_updated_date = getdate(),
tsk_assigned_to_user = @tsk_assigned_to_user,
tsk_planned_start_date = '@tsk_planned_start_date',
tsk_actual_start_date = '@tsk_actual_start_date',
tsk_planned_end_date = '@tsk_planned_end_date',
tsk_actual_end_date = '@tsk_actual_end_date',
tsk_planned_duration = @tsk_planned_duration,
tsk_actual_duration = @tsk_actual_duration,
tsk_duration_units = @tsk_duration_units,
tsk_percent_complete = @tsk_percent_complete,
tsk_status = @tsk_status,
tsk_sort_sequence = @tsk_sort_sequence,
tsk_description = @tsk_description
where tsk_id = @tsk_id;
insert into bug_posts
(bp_bug, bp_user, bp_date, bp_comment, bp_type)
values(@tsk_bug, @tsk_last_updated_user, getdate(), N'updated task ' + @tsk_id, 'update')");
sql = sql.AddParameterWithValue("tsk_id", Convert.ToString(tsk_id));
}
sql = sql.AddParameterWithValue("tsk_bug", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("tsk_last_updated_user", Convert.ToString(User.Identity.GetUserId()));
sql = sql.AddParameterWithValue("tsk_planned_start_date", format_date_hour_min(
planned_start_date.Value,
planned_start_hour.SelectedItem.Value,
planned_start_min.SelectedItem.Value));
sql = sql.AddParameterWithValue("tsk_actual_start_date", format_date_hour_min(
actual_start_date.Value,
actual_start_hour.SelectedItem.Value,
actual_start_min.SelectedItem.Value));
sql = sql.AddParameterWithValue("tsk_planned_end_date", format_date_hour_min(
planned_end_date.Value,
planned_end_hour.SelectedItem.Value,
planned_end_min.SelectedItem.Value));
sql = sql.AddParameterWithValue("tsk_actual_end_date", format_date_hour_min(
actual_end_date.Value,
actual_end_hour.SelectedItem.Value,
actual_end_min.SelectedItem.Value));
sql = sql.AddParameterWithValue("tsk_planned_duration", format_decimal_for_db(planned_duration.Value));
sql = sql.AddParameterWithValue("tsk_actual_duration", format_decimal_for_db(actual_duration.Value));
sql = sql.AddParameterWithValue("tsk_percent_complete", format_number_for_db(percent_complete.Value));
sql = sql.AddParameterWithValue("tsk_status", status.SelectedItem.Value);
sql = sql.AddParameterWithValue("tsk_sort_sequence", format_number_for_db(sort_sequence.Value));
sql = sql.AddParameterWithValue("tsk_assigned_to_user", assigned_to.SelectedItem.Value);
sql = sql.AddParameterWithValue("tsk_description", desc.Value);
sql = sql.AddParameterWithValue("tsk_duration_units", duration_units.SelectedItem.Value);
DbUtil.execute_nonquery(sql);
Bug.send_notifications(Bug.UPDATE, bugid, User.Identity);
Response.Redirect("tasks.aspx?bugid=" + Convert.ToString(bugid));
}
else
{
if (tsk_id == 0) // insert new
{
msg.InnerText = "Task was not created.";
}
else // edit existing
{
msg.InnerText = "Task was not updated.";
}
}
}
///////////////////////////////////////////////////////////////////////
public static int insert_comment(
int bugid,
int this_usid,
string comment_formated,
string comment_search,
string from,
string cc,
string content_type,
bool internal_only)
{
if (comment_formated != "")
{
var sql = new SQLString(@"
declare @now datetime
set @now = getdate()
insert into bug_posts
(bp_bug, bp_user, bp_date, bp_comment, bp_comment_search, bp_email_from, bp_email_cc, bp_type, bp_content_type,
bp_hidden_from_external_users)
values(
@id,
@us,
@now,
@comment_formatted,
@comment_search,
@from,
@cc,
@type,
@content_type,
@internal)
select scope_identity();");
if (from != null)
{
// Update the bugs timestamp here.
// We don't do it unconditionally because it would mess up the locking.
// The edit_bug.aspx page gets its snapshot timestamp from the update of the bug
// row, not the comment row, so updating the bug again would confuse it.
sql.Append(@"update bugs
set bg_last_updated_date = @now,
bg_last_updated_user = @us
where bg_id = @id");
sql = sql.AddParameterWithValue("@from", from);
sql = sql.AddParameterWithValue("@type", "received"); // received email
}
else
{
sql = sql.AddParameterWithValue("@from", null);
sql = sql.AddParameterWithValue("@type", "comment"); // bug comment
}
sql = sql.AddParameterWithValue("@id", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("@us", Convert.ToString(this_usid));
sql = sql.AddParameterWithValue("@comment_formatted", comment_formated);
sql = sql.AddParameterWithValue("@comment_search", comment_search);
sql = sql.AddParameterWithValue("@content_type", content_type);
if (cc == null)
{
cc = "";
}
sql = sql.AddParameterWithValue("@cc", cc);
sql = sql.AddParameterWithValue("@internal", btnet.Util.bool_to_string(internal_only));
return Convert.ToInt32(btnet.DbUtil.execute_scalar(sql));
}
else
{
return 0;
}
}
///////////////////////////////////////////////////////////////////////
public static void print_bug (HttpResponse Response, DataRow dr, IIdentity identity, bool include_style, bool images_inline, bool history_inline, bool internal_posts)
{
int bugid = Convert.ToInt32(dr["id"]);
string string_bugid = Convert.ToString(bugid);
if (include_style) // when sending emails
{
Response.Write("\n<style>\n");
// If this file exists, use it.
string css_for_email_file = Util.GetAbsolutePath("custom\\btnet_css_for_email.css");
try
{
if (System.IO.File.Exists(css_for_email_file))
{
Response.WriteFile(css_for_email_file);
Response.Write("\n");
}
else
{
css_for_email_file = Util.GetAbsolutePath("btnet_base.css");
Response.WriteFile(css_for_email_file);
Response.Write("\n");
css_for_email_file = Util.GetAbsolutePath("custom\\btnet_custom.css");
if (System.IO.File.Exists(css_for_email_file))
{
Response.WriteFile(css_for_email_file);
Response.Write("\n");
}
}
}
catch (Exception e)
{
btnet.Util.write_to_log("Exception trying to read css file for email \""
+ css_for_email_file
+ "\":"
+ e.Message);
}
// underline links in the emails to make them more obvious
Response.Write("\na {text-decoration: underline; }");
Response.Write("\na:visited {text-decoration: underline; }");
Response.Write("\na:hover {text-decoration: underline; }");
Response.Write("\n</style>\n");
}
Response.Write ("<body style='background:white'>");
Response.Write ("<b>"
+ btnet.Util.capitalize_first_letter(btnet.Util.get_setting("SingularBugLabel","bug"))
+ " ID: <a href="
+ btnet.Util.get_setting("AbsoluteUrlPrefix","http://127.0.0.1/")
+ "edit_bug.aspx?id="
+ string_bugid
+ ">"
+ string_bugid
+ "</a>");
if (btnet.Util.get_setting("EnableMobile", "0") == "1")
{
Response.Write(
" Mobile link: <a href="
+ btnet.Util.get_setting("AbsoluteUrlPrefix", "http://127.0.0.1/")
+ "mbug.aspx?id="
+ string_bugid
+ ">"
+ btnet.Util.get_setting("AbsoluteUrlPrefix", "http://127.0.0.1/")
+ "mbug.aspx?id="
+ string_bugid
+ "</a>");
}
Response.Write("<br>");
Response.Write ("Short desc: <a href="
+ btnet.Util.get_setting("AbsoluteUrlPrefix","http://127.0.0.1/")
+ "edit_bug.aspx?id="
+ string_bugid
+ ">"
+ HttpUtility.HtmlEncode((string)dr["short_desc"])
+ "</a></b><p>");
// start of the table with the bug fields
Response.Write ("\n<table border=1 cellpadding=3 cellspacing=0>");
Response.Write("\n<tr><td>Last changed by<td>"
+ format_username((string)dr["last_updated_user"],(string)dr["last_updated_fullname"])
+ " ");
Response.Write("\n<tr><td>Reported By<td>"
+ format_username((string)dr["reporter"],(string)dr["reporter_fullname"])
+ " ");
Response.Write("\n<tr><td>Reported On<td>" + btnet.Util.format_db_date_and_time(dr["reported_date"]) + " ");
if (identity.GetTagsFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Tags<td>" + dr["bg_tags"] + " ");
if (identity.GetProjectFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Project<td>" + dr["current_project"] + " ");
if (identity.GetOrgFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Organization<td>" + dr["og_name"] + " ");
if (identity.GetCategoryFieldPermissionLevel()> 0)
Response.Write("\n<tr><td>Category<td>" + dr["category_name"] + " ");
if (identity.GetPriorityFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Priority<td>" + dr["priority_name"] + " ");
if (identity.GetAssignedToFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Assigned<td>"
+ format_username((string)dr["assigned_to_username"],(string)dr["assigned_to_fullname"])
+ " ");
if (identity.GetStatusFieldPermissionLevel() > 0)
Response.Write("\n<tr><td>Status<td>" + dr["status_name"] + " ");
if (identity.GetUdfFieldPermissionLevel() > 0)
if (btnet.Util.get_setting("ShowUserDefinedBugAttribute","1") == "1")
{
Response.Write("\n<tr><td>"
+ btnet.Util.get_setting("UserDefinedBugAttributeName","YOUR ATTRIBUTE")
+ "<td>"
+ dr["udf_name"] + " ");
}
// Get custom column info (There's an inefficiency here - we just did this
// same call in get_bug_datarow...)
// create project custom dropdowns
if ((int)dr["project"] != 0)
{
var sql = new SQLString(@"select
isnull(pj_enable_custom_dropdown1,0) [pj_enable_custom_dropdown1],
isnull(pj_enable_custom_dropdown2,0) [pj_enable_custom_dropdown2],
isnull(pj_enable_custom_dropdown3,0) [pj_enable_custom_dropdown3],
isnull(pj_custom_dropdown_label1,'') [pj_custom_dropdown_label1],
isnull(pj_custom_dropdown_label2,'') [pj_custom_dropdown_label2],
isnull(pj_custom_dropdown_label3,'') [pj_custom_dropdown_label3]
from projects where pj_id = @pj");
sql = sql.AddParameterWithValue("pj", Convert.ToString((int)dr["project"]));
DataRow project_dr = btnet.DbUtil.get_datarow(sql);
if (project_dr != null)
{
for (int i = 1; i < 4; i++)
{
if ((int)project_dr["pj_enable_custom_dropdown" + Convert.ToString(i)] == 1)
{
Response.Write("\n<tr><td>");
Response.Write (project_dr["pj_custom_dropdown_label" + Convert.ToString(i)]);
Response.Write ("<td>");
Response.Write (dr["bg_project_custom_dropdown_value" + Convert.ToString(i)]);
Response.Write (" ");
}
}
}
}
Response.Write("\n</table><p>"); // end of the table with the bug fields
// Relationships
if (btnet.Util.get_setting("EnableRelationships", "0") == "1")
{
write_relationships(Response, bugid);
}
// Tasks
if (btnet.Util.get_setting("EnableTasks", "0") == "1")
{
write_tasks(Response, bugid);
}
DataSet ds_posts = get_bug_posts(bugid, identity.GetIsExternalUser(), history_inline);
write_posts (
ds_posts,
Response,
bugid,
0,
false, /* don't write links */
images_inline,
history_inline,
internal_posts, identity);
Response.Write ("</body>");
}
///////////////////////////////////////////////////////////////////////
// This used to send the emails, but not now. Now it just queues
// the emails to be sent, then spawns a thread to send them.
public static void send_notifications(int insert_or_update, // The implementation
int bugid,
IIdentity identity,
int just_to_this_userid,
bool status_changed,
bool assigned_to_changed,
int prev_assigned_to_user)
{
// If there's something worth emailing about, then there's
// probably something worth updating the index about.
// Really, though, we wouldn't want to update the index if it were
// just the status that were changing...
if (btnet.Util.get_setting("EnableSearch", "1") == "1")
{
IBugSearch search = BugSearchFactory.CreateBugSearch();
search.IndexBug(bugid);
}
bool notification_email_enabled = (btnet.Util.get_setting("NotificationEmailEnabled", "1") == "1");
if (!notification_email_enabled)
{
return;
}
// MAW -- 2006/01/27 -- Determine level of change detected
int changeLevel = 0;
if (insert_or_update == INSERT)
{
changeLevel = 1;
}
else if (status_changed)
{
changeLevel = 2;
}
else if (assigned_to_changed)
{
changeLevel = 3;
}
else
{
changeLevel = 4;
}
SQLString sql;
if (just_to_this_userid > 0)
{
sql = new SQLString(@"
/* get notification email for just one user */
select us_email, us_id, us_admin, og.*
from bug_subscriptions
inner join users on bs_user = us_id
inner join orgs og on us_org = og_id
inner join bugs on bg_id = bs_bug
left outer join project_user_xref on pu_user = us_id and pu_project = bg_project
where us_email is not null
and us_enable_notifications = 1
-- @status_change
and us_active = 1
and us_email <> ''
and
case
when
us_org <> bg_org
and og_other_orgs_permission_level < 2
and og_other_orgs_permission_level < isnull(pu_permission_level,@dpl)
then og_other_orgs_permission_level
else
isnull(pu_permission_level,@dpl)
end <> 0
and bs_bug = @id
and us_id = @just_this_usid");
sql = sql.AddParameterWithValue("just_this_usid", Convert.ToString(just_to_this_userid));
}
else
{
// MAW -- 2006/01/27 -- Added different notifications if reported or assigned-to
sql = new SQLString(@"
/* get notification emails for all subscribers */
select us_email, us_id, us_username, us_admin, og.*
from bug_subscriptions
inner join users on bs_user = us_id
inner join orgs og on us_org = og_id
inner join bugs on bg_id = bs_bug
left outer join project_user_xref on pu_user = us_id and pu_project = bg_project
where us_email is not null
and us_enable_notifications = 1
-- @status_change
and us_active = 1
and us_email <> ''
and ( (@cl <= us_reported_notifications and bg_reported_user = bs_user)
or (@cl <= us_assigned_notifications and bg_assigned_to_user = bs_user)
or (@cl <= us_assigned_notifications and @pau = bs_user)
or (@cl <= us_subscribed_notifications))
and
case
when
us_org <> bg_org
and og_other_orgs_permission_level < 2
and og_other_orgs_permission_level < isnull(pu_permission_level,@dpl)
then og_other_orgs_permission_level
else
isnull(pu_permission_level,@dpl)
end <> 0
and bs_bug = @id
and (us_id <> @us or isnull(us_send_notifications_to_self,0) = 1)");
}
sql = sql.AddParameterWithValue("@cl", changeLevel);
sql = sql.AddParameterWithValue("@pau", prev_assigned_to_user);
sql = sql.AddParameterWithValue("@id", bugid);
sql = sql.AddParameterWithValue("@dpl", Convert.ToInt32(btnet.Util.get_setting("DefaultPermissionLevel", "2")));
sql = sql.AddParameterWithValue("@us", identity.GetUserId());
DataSet ds_subscribers = btnet.DbUtil.get_dataset(sql);
if (ds_subscribers.Tables[0].Rows.Count > 0)
{
bool added_to_queue = false;
// Get bug html
DataRow bug_dr = btnet.Bug.get_bug_datarow(bugid, identity);
string from = btnet.Util.get_setting("NotificationEmailFrom", "");
// Format the subject line
string subject = btnet.Util.get_setting("NotificationSubjectFormat", "$THING$:$BUGID$ was $ACTION$ - $SHORTDESC$ $TRACKINGID$");
subject = subject.Replace("$THING$", btnet.Util.capitalize_first_letter(btnet.Util.get_setting("SingularBugLabel", "bug")));
string action = "";
if (insert_or_update == INSERT)
{
action = "added";
}
else
{
action = "updated";
}
subject = subject.Replace("$ACTION$", action);
subject = subject.Replace("$BUGID$", Convert.ToString(bugid));
subject = subject.Replace("$SHORTDESC$", (string)bug_dr["short_desc"]);
string tracking_id = " (";
tracking_id += btnet.Util.get_setting("TrackingIdString", "DO NOT EDIT THIS:");
tracking_id += Convert.ToString(bugid);
tracking_id += ")";
subject = subject.Replace("$TRACKINGID$", tracking_id);
subject = subject.Replace("$PROJECT$", (string)bug_dr["current_project"]);
subject = subject.Replace("$ORGANIZATION$", (string)bug_dr["og_name"]);
subject = subject.Replace("$CATEGORY$", (string)bug_dr["category_name"]);
subject = subject.Replace("$PRIORITY$", (string)bug_dr["priority_name"]);
subject = subject.Replace("$STATUS$", (string)bug_dr["status_name"]);
subject = subject.Replace("$ASSIGNED_TO$", (string)bug_dr["assigned_to_username"]);
// send a separate email to each subscriber
foreach (DataRow dr in ds_subscribers.Tables[0].Rows)
{
string to = (string)dr["us_email"];
// Create a fake response and let the code
// write the html to that response
System.IO.StringWriter writer = new System.IO.StringWriter();
HttpResponse my_response = new HttpResponse(writer);
my_response.Write("<html>");
my_response.Write("<base href=\"" +
btnet.Util.get_setting("AbsoluteUrlPrefix", "http://127.0.0.1/") + "\"/>");
// create a security rec for the user receiving the email
IIdentity identity2 = Security.Security.GetIdentity((string)dr["us_username"]);
PrintBug.print_bug(
my_response,
bug_dr, identity2,
true, // include style
false, // images_inline
true, // history_inline
true); // internal_posts
// at this point "writer" has the bug html
sql = new SQLString(@"
delete from queued_notifications where qn_bug = @bug and qn_to = @to
insert into queued_notifications
(qn_date_created, qn_bug, qn_user, qn_status, qn_retries, qn_to, qn_from, qn_subject, qn_body, qn_last_exception)
values (getdate(), @bug, @user, N''not sent', 0, @to, @from, @subject, @body, N'')");
sql = sql.AddParameterWithValue("@bug", Convert.ToString(bugid));
sql = sql.AddParameterWithValue("@user", Convert.ToString(dr["us_id"]));
sql = sql.AddParameterWithValue("@to", to);
sql = sql.AddParameterWithValue("@from", from);
sql = sql.AddParameterWithValue("@subject", subject);
sql = sql.AddParameterWithValue("@body", writer.ToString());
btnet.DbUtil.execute_nonquery_without_logging(sql);
added_to_queue = true;
} // end loop through ds_subscribers
if (added_to_queue)
{
// spawn a worker thread to send the emails
System.Threading.Thread thread = new System.Threading.Thread(threadproc_notifications);
thread.Start();
}
} // if there are any subscribers
}
///////////////////////////////////////////////////////////////////////
void load_users_dropdowns(int bugid)
{
// What's selected now? Save it before we refresh the dropdown.
string current_value = "";
if (IsPostBack)
{
current_value = assigned_to.SelectedItem.Value;
}
sql = new SQLString(@"
declare @project int
declare @assigned_to int
select @project = bg_project, @assigned_to = bg_assigned_to_user from bugs where bg_id = @bg_id");
// Load the user dropdown, which changes per project
// Only users explicitly allowed will be listed
if (Util.get_setting("DefaultPermissionLevel", "2") == "0")
{
sql.Append(@"
/* users this project */ select us_id, case when @fullnames=1 then us_lastname + ', ' + us_firstname else us_username end us_username
from users
inner join orgs on us_org = og_id
where us_active = 1
and og_can_be_assigned_to = 1
and (@og_other_orgs_permission_level <> 0 or @og_id = og_id or og_external_user = 0)
and us_id in
(select pu_user from project_user_xref
where pu_project = @project
and pu_permission_level <> 0)
order by us_username; ");
}
// Only users explictly DISallowed will be omitted
else
{
sql.Append(@"
/* users this project */ select us_id, case when @fullnames =1 then us_lastname + ', ' + us_firstname else us_username end us_username
from users
inner join orgs on us_org = og_id
where us_active = 1
and og_can_be_assigned_to = 1
and (@og_other_orgs_permission_level <> 0 or @og_id = og_id or og_external_user = 0)
and us_id not in
(select pu_user from project_user_xref
where pu_project = @project
and pu_permission_level = 0)
order by us_username; ");
}
sql.Append("\nselect st_id, st_name from statuses order by st_sort_seq, st_name");
sql.Append("\nselect isnull(@assigned_to,0) ");
sql = sql.AddParameterWithValue("og_id", User.Identity.GetOrganizationId());
sql = sql.AddParameterWithValue("og_other_orgs_permission_level", User.Identity.GetOtherOrgsPermissionLevels());
sql = sql.AddParameterWithValue("bg_id", bugid);
if (Util.get_setting("UseFullNames", "0") == "0")
{
// false condition
sql = sql.AddParameterWithValue("fullnames", 0);
}
else
{
// true condition
sql = sql.AddParameterWithValue("fullnames", 1);
}
DataSet dataSet = DbUtil.get_dataset(sql);
assigned_to.DataSource = new DataView((DataTable)dataSet.Tables[0]);
assigned_to.DataTextField = "us_username";
assigned_to.DataValueField = "us_id";
assigned_to.DataBind();
assigned_to.Items.Insert(0, new ListItem("[not assigned]", "0"));
status.DataSource = new DataView((DataTable)dataSet.Tables[1]);
status.DataTextField = "st_name";
status.DataValueField = "st_id";
status.DataBind();
status.Items.Insert(0, new ListItem("[no status]", "0"));
// by default, assign the entry to the same user to whom the bug is assigned to?
// or should it be assigned to the logged in user?
if (tsk_id == 0)
{
int default_assigned_to_user = (int)dataSet.Tables[2].Rows[0][0];
ListItem li = assigned_to.Items.FindByValue(Convert.ToString(default_assigned_to_user));
if (li != null)
{
li.Selected = true;
}
}
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
msg.InnerText = "";
string string_bugid = Util.sanitize_integer(Request["bugid"]);
bugid = Convert.ToInt32(string_bugid);
int permission_level = Bug.get_bug_permission_level(bugid, User.Identity);
if (permission_level != PermissionLevel.All)
{
Response.Write("You are not allowed to edit tasks for this item");
Response.End();
}
if (User.IsInRole(BtnetRoles.Admin) || User.Identity.GetCanEditTasks())
{
// allowed
}
else
{
Response.Write("You are not allowed to edit tasks");
Response.End();
}
string string_tsk_id = Util.sanitize_integer(Request["id"]);
tsk_id_static.InnerHtml = string_tsk_id;
tsk_id = Convert.ToInt32(string_tsk_id);
if (!IsPostBack)
{
Master.Menu.SelectedItem = "admin";
Page.Title = Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "edit task";
bugid_label.InnerHtml = Util.capitalize_first_letter(Util.get_setting("SingularBugLabel", "bug")) + " ID:";
bugid_static.InnerHtml = Convert.ToString(bugid);
load_users_dropdowns(bugid);
if (Util.get_setting("ShowTaskAssignedTo", "1") == "0")
{
assigned_to_tr.Visible = false;
}
if (Util.get_setting("ShowTaskPlannedStartDate", "1") == "0")
{
planned_start_date_tr.Visible = false;
}
if (Util.get_setting("ShowTaskActualStartDate", "1") == "0")
{
actual_start_date_tr.Visible = false;
}
if (Util.get_setting("ShowTaskPlannedEndDate", "1") == "0")
{
planned_end_date_tr.Visible = false;
}
if (Util.get_setting("ShowTaskActualEndDate", "1") == "0")
{
actual_end_date_tr.Visible = false;
}
if (Util.get_setting("ShowTaskPlannedDuration", "1") == "0")
{
planned_duration_tr.Visible = false;
}
if (Util.get_setting("ShowTaskActualDuration", "1") == "0")
{
actual_duration_tr.Visible = false;
}
if (Util.get_setting("ShowTaskDurationUnits", "1") == "0")
{
duration_units_tr.Visible = false;
}
if (Util.get_setting("ShowTaskPercentComplete", "1") == "0")
{
percent_complete_tr.Visible = false;
}
if (Util.get_setting("ShowTaskStatus", "1") == "0")
{
status_tr.Visible = false;
}
if (Util.get_setting("ShowTaskSortSequence", "1") == "0")
{
sort_sequence_tr.Visible = false;
}
// add or edit?
if (tsk_id == 0)
{
tsk_id_tr.Visible = false;
sub.Value = "Create";
string default_duration_units = Util.get_setting("TaskDefaultDurationUnits", "hours");
duration_units.Items.FindByText(default_duration_units).Selected = true;
string default_hour = Util.get_setting("TaskDefaultHour", "09");
planned_start_hour.Items.FindByText(default_hour).Selected = true;
actual_start_hour.Items.FindByText(default_hour).Selected = true;
planned_end_hour.Items.FindByText(default_hour).Selected = true;
actual_end_hour.Items.FindByText(default_hour).Selected = true;
string default_status = Util.get_setting("TaskDefaultStatus", "[no status]");
status.Items.FindByText(default_status).Selected = true;
}
else
{
// Get this entry's data from the db and fill in the form
sql = new SQLString(@"select * from bug_tasks where tsk_id = @tsk_id and tsk_bug = @bugid");
sql = sql.AddParameterWithValue("tsk_id", Convert.ToString(tsk_id));
sql = sql.AddParameterWithValue("bugid", Convert.ToString(bugid));
DataRow dr = DbUtil.get_datarow(sql);
assigned_to.Items.FindByValue(Convert.ToString(dr["tsk_assigned_to_user"])).Selected = true;
duration_units.Items.FindByText(Convert.ToString(dr["tsk_duration_units"])).Selected = true;
status.Items.FindByValue(Convert.ToString(dr["tsk_status"])).Selected = true;
planned_duration.Value = Util.format_db_value(dr["tsk_planned_duration"]);
actual_duration.Value = Util.format_db_value(dr["tsk_actual_duration"]);
percent_complete.Value = Convert.ToString(dr["tsk_percent_complete"]);
sort_sequence.Value = Convert.ToString(dr["tsk_sort_sequence"]);
desc.Value = Convert.ToString(dr["tsk_description"]);
load_date_hour_min(
planned_start_date,
planned_start_hour,
planned_start_min,
dr["tsk_planned_start_date"]);
load_date_hour_min(
actual_start_date,
actual_start_hour,
actual_start_min,
dr["tsk_actual_start_date"]);
load_date_hour_min(
planned_end_date,
planned_end_hour,
planned_end_min,
dr["tsk_planned_end_date"]);
load_date_hour_min(
actual_end_date,
actual_end_hour,
actual_end_min,
dr["tsk_actual_end_date"]);
sub.Value = "Update";
}
}
else
{
on_update();
}
}
///////////////////////////////////////////////////////////////////////
void on_update()
{
if (!validate()) return;
sql = new SQLString(@"
insert into bug_posts
(bp_bug, bp_user, bp_date, bp_comment, bp_comment_search, bp_email_from, bp_email_to, bp_type, bp_content_type, bp_email_cc)
values(@id, @us, getdate(), @cm, @cs, @fr, @to, 'sent', @ct, @cc);
select scope_identity()
update bugs set
bg_last_updated_user = @us,
bg_last_updated_date = getdate()
where bg_id = @id");
sql = sql.AddParameterWithValue("id", bg_id.Value);
sql = sql.AddParameterWithValue("us", Convert.ToString(User.Identity.GetUserId()));
if (User.Identity.GetUseFCKEditor())
{
string adjusted_body = "Subject: " + subject.Value + "<br><br>";
adjusted_body += btnet.Util.strip_dangerous_tags(body.Value);
sql = sql.AddParameterWithValue("cm", adjusted_body);
sql = sql.AddParameterWithValue("cs", adjusted_body);
sql = sql.AddParameterWithValue("ct", "text/html");
}
else
{
string adjusted_body = "Subject: " + subject.Value + "\n\n";
adjusted_body += HttpUtility.HtmlDecode(body.Value);
sql = sql.AddParameterWithValue("cm", adjusted_body);
sql = sql.AddParameterWithValue("cs", adjusted_body);
sql = sql.AddParameterWithValue("ct", "text/plain");
}
sql = sql.AddParameterWithValue("fr", from.SelectedItem.Value);
sql = sql.AddParameterWithValue("to", to.Value);
sql = sql.AddParameterWithValue("cc", cc.Value);
int comment_id = Convert.ToInt32(btnet.DbUtil.execute_scalar(sql));
int[] attachments = handle_attachments(comment_id);
string body_text;
MailFormat format;
MailPriority priority;
switch (prior.SelectedItem.Value)
{
case "High":
priority = MailPriority.High;
break;
case "Low":
priority = MailPriority.Low;
break;
default:
priority = MailPriority.Normal;
break;
}
if (include_bug.Checked)
{
// white space isn't handled well, I guess.
if (User.Identity.GetUseFCKEditor())
{
body_text = body.Value;
body_text += "<br><br>";
}
else
{
body_text = body.Value.Replace("\n", "<br>");
body_text = body_text.Replace("\t", " ");
body_text = body_text.Replace(" ", " ");
}
body_text += "<hr>" + get_bug_text(Convert.ToInt32(bg_id.Value));
format = MailFormat.Html;
}
else
{
if (User.Identity.GetUseFCKEditor())
{
body_text = body.Value;
format = MailFormat.Html;
}
else
{
body_text = HttpUtility.HtmlDecode(body.Value);
//body_text = body_text.Replace("\n","\r\n");
format = MailFormat.Text;
}
}
string result = Email.send_email( // 9 args
to.Value,
from.SelectedItem.Value,
cc.Value,
subject.Value,
body_text,
format,
priority,
attachments,
return_receipt.Checked);
btnet.Bug.send_notifications(btnet.Bug.UPDATE, Convert.ToInt32(bg_id.Value), User.Identity);
btnet.WhatsNew.add_news(Convert.ToInt32(bg_id.Value), short_desc.Value, "email sent", User.Identity);
if (result == "")
{
Response.Redirect("edit_bug.aspx?id=" + bg_id.Value);
}
else
{
msg.InnerText = result;
}
}
public BugQueryResult ExecuteQuery(IIdentity identity, int start, int length, string orderBy, string sortDirection, bool idOnly, BugQueryFilter[] filters = null)
{
if (!string.IsNullOrEmpty(orderBy) && !_columnNames.Contains(orderBy))
{
throw new ArgumentException("Invalid order by column specified: {0}", orderBy);
}
bool hasFilters = filters != null && filters.Any();
string columnsToSelect = idOnly ? "id" : "*";
var innerSql = GetInnerSql(identity);
var countSql = string.Format("SELECT COUNT(1) FROM ({0}) t", GetInnerSql(identity));
SQLString sqlString = new SQLString(countSql);
sqlString.Append(";");
if (hasFilters)
{
sqlString.Append(countSql);
ApplyWhereClause(sqlString, filters);
sqlString.Append(";");
}
var bugsSql = string.Format("SELECT t.{0} FROM ({1}) t",columnsToSelect, innerSql);
sqlString.Append(bugsSql);
sqlString.Append(" WHERE id IN (");
var innerBugsSql = string.Format("SELECT t.id FROM ({0}) t", innerSql);
sqlString.Append(innerBugsSql);
ApplyWhereClause(sqlString, filters);
if (hasFilters)
{
foreach (var filter in filters)
{
sqlString.AddParameterWithValue(GetCleanParameterName(filter.Column), filter.Value);
}
}
sqlString.Append(" ORDER BY ");
sqlString.Append(BuildDynamicOrderByClause(orderBy, sortDirection));
sqlString.Append(" OFFSET @offset ROWS FETCH NEXT @page_size ROWS ONLY)");
int userId = identity.GetUserId();
sqlString.AddParameterWithValue("@ME", userId);
sqlString.AddParameterWithValue("page_size", length > 0 ? length : MaxLength);
sqlString.AddParameterWithValue("offset", start);
DataSet dataSet = DbUtil.get_dataset(sqlString);
var countUnfiltered = Convert.ToInt32(dataSet.Tables[0].Rows[0][0]);
var countFiltered = hasFilters ? Convert.ToInt32(dataSet.Tables[1].Rows[0][0]) : countUnfiltered;
var bugDataTableIndex = hasFilters ? 2 : 1;
return new BugQueryResult
{
CountUnfiltered = countUnfiltered,
CountFiltered = countFiltered,
Data = dataSet.Tables[bugDataTableIndex]
};
}
///////////////////////////////////////////////////////////////////////
public static NewIds insert_bug(string short_desc, IIdentity identity, string tags, int projectid, int orgid, int categoryid, int priorityid, int statusid, int assigned_to_userid, int udfid, string comment_formated, string comment_search, string @from, string cc, string content_type, bool internal_only, SortedDictionary<string, string> hash_custom_cols, bool send_notifications)
{
if (short_desc.Trim() == "")
{
short_desc = "[No Description]";
}
if (assigned_to_userid == 0)
{
assigned_to_userid = btnet.Util.get_default_user(projectid);
}
var sql = new SQLString(@"insert into bugs
(bg_short_desc,
bg_tags,
bg_reported_user,
bg_last_updated_user,
bg_reported_date,
bg_last_updated_date,
bg_project,
bg_org,
bg_category,
bg_priority,
bg_status,
bg_assigned_to_user,
bg_user_defined_attribute)
values (@short_desc, @tags, @reported_user, @reported_user, getdate(), getdate(),
@project, @org,
@category, @priority, @status, @assigned_user, @udf)");
sql = sql.AddParameterWithValue("@short_desc", short_desc);
sql = sql.AddParameterWithValue("@tags", tags);
sql = sql.AddParameterWithValue("@reported_user", Convert.ToString(identity.GetUserId()));
sql = sql.AddParameterWithValue("@project", Convert.ToString(projectid));
sql = sql.AddParameterWithValue("@org", Convert.ToString(orgid));
sql = sql.AddParameterWithValue("@category", Convert.ToString(categoryid));
sql = sql.AddParameterWithValue("@priority", Convert.ToString(priorityid));
sql = sql.AddParameterWithValue("@status", Convert.ToString(statusid));
sql = sql.AddParameterWithValue("@assigned_user", Convert.ToString(assigned_to_userid));
sql = sql.AddParameterWithValue("@udf", Convert.ToString(udfid));
//TODO: Add custom columns
sql.Append("\nselect scope_identity()");
int bugid = Convert.ToInt32(btnet.DbUtil.execute_scalar(sql));
int postid = btnet.Bug.insert_comment(
bugid,
identity.GetUserId(),
comment_formated,
comment_search,
from,
cc,
content_type,
internal_only);
btnet.Bug.auto_subscribe(bugid);
if (send_notifications)
{
btnet.Bug.send_notifications(btnet.Bug.INSERT, bugid, identity);
}
return new NewIds(bugid, postid);
}
///////////////////////////////////////////////////////////////////////
protected void Page_Load(Object sender, EventArgs e)
{
Util.do_not_cache(Response);
string id = Util.sanitize_integer(Request["id"]);
if (!User.IsInRole(BtnetRoles.Admin))
{
sql = new SQLString(@"select us_created_user, us_admin from users where us_id = @us");
sql = sql.AddParameterWithValue("us", id);
DataRow dr = DbUtil.get_datarow(sql);
if (User.Identity.GetUserId() != (int)dr["us_created_user"])
{
Response.Write("You not allowed to delete this user, because you didn't create it.");
Response.End();
}
else if ((int)dr["us_admin"] == 1)
{
Response.Write("You not allowed to delete this user, because it is an admin.");
Response.End();
}
}
if (IsPostBack)
{
// do delete here
sql = new SQLString(@"
delete from emailed_links where el_username in (select us_username from users where us_id = @us)
delete users where us_id = @us
delete project_user_xref where pu_user = @us
delete bug_subscriptions where bs_user = @us
delete bug_user where bu_user = @us
delete queries where qu_user = @us
delete queued_notifications where qn_user = @us
delete dashboard_items where ds_user = @us");
sql = sql.AddParameterWithValue("us", Util.sanitize_integer(row_id.Value));
DbUtil.execute_nonquery(sql);
Server.Transfer("users.aspx");
}
else
{
Page.Header.Title= Util.get_setting("AppTitle", "BugTracker.NET") + " - "
+ "delete user";
sql = new SQLString(@"declare @cnt int
select @cnt = count(1) from bugs where bg_reported_user = @us or bg_assigned_to_user = @us
if @cnt = 0
begin
select @cnt = count(1) from bug_posts where bp_user = @us
end
select us_username, @cnt [cnt] from users where us_id = @us");
sql = sql.AddParameterWithValue("us", id);
DataRow dr = DbUtil.get_datarow(sql);
if ((int)dr["cnt"] > 0)
{
Response.Write("You can't delete user \""
+ Convert.ToString(dr["us_username"])
+ "\" because some bugs or bug posts still reference it.");
Response.End();
}
else
{
confirm_href.InnerText = "confirm delete of \""
+ Convert.ToString(dr["us_username"])
+ "\"";
row_id.Value = id;
}
}
}
///////////////////////////////////////////////////////////////////////
private void on_update()
{
Boolean good = validate();
if (good)
{
if (id == 0) // insert new
{
sql = new SQLString("insert into user_defined_attribute (udf_name, udf_sort_seq, udf_default) values (@na, @ss, @df)");
}
else // edit existing
{
sql = new SQLString(@"update user_defined_attribute set
udf_name = @na,
udf_sort_seq = @ss,
udf_default = @df
where udf_id = @id");
sql = sql.AddParameterWithValue("id", Convert.ToString(id));
}
sql = sql.AddParameterWithValue("na", name.Value);
sql = sql.AddParameterWithValue("ss", sort_seq.Value);
sql = sql.AddParameterWithValue("df", Util.bool_to_string(default_selection.Checked));
btnet.DbUtil.execute_nonquery(sql);
Server.Transfer("udfs.aspx");
}
else
{
if (id == 0) // insert new
{
msg.InnerText = "User defined attribute value was not created.";
}
else // edit existing
{
msg.InnerText = "User defined attribute value was not updated.";
}
}
}
