From 2df191e31bee1cdbdddde263805ec2342c7374e5 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 26 Jul 2016 08:36:49 -0600 Subject: [PATCH 001/391] Adding overdue issues to "due alert" emails --- app/helper/notification.php | 12 +++-- app/model/user.php | 7 +-- app/view/notification/user_due_issues.html | 61 +++++++++++++++------- app/view/notification/user_due_issues.txt | 12 ++++- 4 files changed, 65 insertions(+), 27 deletions(-) diff --git a/app/helper/notification.php b/app/helper/notification.php index 87bc3039..15cd2bec 100644 --- a/app/helper/notification.php +++ b/app/helper/notification.php @@ -274,15 +274,17 @@ public function user_reset($user_id) { } /** - * Send a user an email listing the issues due today - * @param ModelUser $user - * @param array $issues + * Send a user an email listing the issues due today and any overdue issues + * @param \Model\User $user + * @param array $due + * @param array $overdue * @return bool */ - public function user_due_issues(\Model\User $user, array $issues) { + public function user_due_issues(\Model\User $user, array $due, array $overdue) { $f3 = \Base::instance(); if($f3->get("mail.from")) { - $f3->set("issues", $issues); + $f3->set("due", $due); + $f3->set("overdue", $overdue); $subject = "Due Today - " . $f3->get("site.name"); $text = $this->_render("notification/user_due_issues.txt"); $body = $this->_render("notification/user_due_issues.html"); diff --git a/app/model/user.php b/app/model/user.php index e0d9ffbf..42c4ee43 100644 --- a/app/model/user.php +++ b/app/model/user.php @@ -174,11 +174,12 @@ public function sendDueAlert($date = '') { // Find issues assigned to user or user's group $issue = new Issue; - $issues = $issue->find(array("due_date = ? AND owner_id IN($ownerStr) AND closed_date IS NULL AND deleted_date IS NULL", $date), array("order" => "priority DESC")); + $due = $issue->find(array("due_date = ? AND owner_id IN($ownerStr) AND closed_date IS NULL AND deleted_date IS NULL", $date), array("order" => "priority DESC")); + $overdue = $issue->find(array("due_date < ? AND owner_id IN($ownerStr) AND closed_date IS NULL AND deleted_date IS NULL", $date), array("order" => "priority DESC")); - if($issues) { + if($due || $overdue) { $notif = new \Helper\Notification; - return $notif->user_due_issues($this, $issues); + return $notif->user_due_issues($this, $due, $overdue); } else { return false; } diff --git a/app/view/notification/user_due_issues.html b/app/view/notification/user_due_issues.html index 166b6b25..0a44657a 100644 --- a/app/view/notification/user_due_issues.html +++ b/app/view/notification/user_due_issues.html @@ -42,24 +42,49 @@ - - - - - - - - - - + + + + + Due today:
+ + + + + + + + + + + + + Overdue:
+ + + + + + + + diff --git a/app/view/notification/user_due_issues.txt b/app/view/notification/user_due_issues.txt index 22b06e4e..d399c1fc 100644 --- a/app/view/notification/user_due_issues.txt +++ b/app/view/notification/user_due_issues.txt @@ -1,7 +1,17 @@ {{ @site.name }} + Issues due today: - + #{{ @issue.id }}: {{ @issue.name }} - {{ @site.url }}issues/{{ @issue.id }} + + + +Overdue issues: + + + #{{ @issue.id }}: {{ @issue.name }} - {{ @site.url }}issues/{{ @issue.id }} - Due {{ date("D, M j, Y", strtotime(@issue.due_date)) }} + + From e11620377b71942f6d198414ea461ba488f0546a Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 26 Jul 2016 08:42:37 -0600 Subject: [PATCH 002/391] Adding user setting to disable due issue emails --- app/controller/user.php | 1 + app/dict/en.ini | 1 + app/view/user/account.html | 6 ++++++ cron/due_alerts.php | 3 +++ 4 files changed, 11 insertions(+) diff --git a/app/controller/user.php b/app/controller/user.php index a7987e91..66ddf6be 100644 --- a/app/controller/user.php +++ b/app/controller/user.php @@ -159,6 +159,7 @@ public function save($f3) { // Update option values $user->option("disable_mde", !empty($post["disable_mde"])); + $user->option("disable_due_alerts", !empty($post["disable_due_alerts"])); } else { diff --git a/app/dict/en.ini b/app/dict/en.ini index b1c6e174..f60c3dfd 100644 --- a/app/dict/en.ini +++ b/app/dict/en.ini @@ -105,6 +105,7 @@ profile=Profile settings=Settings default=Default disable_editor=Disable Editor +disable_due_alerts=Disable Due Issue Emails ; Browse general=General diff --git a/app/view/user/account.html b/app/view/user/account.html index 0df84c30..77ca2b06 100644 --- a/app/view/user/account.html +++ b/app/view/user/account.html @@ -105,6 +105,12 @@ {{ @dict.disable_editor }} +
+ +
diff --git a/cron/due_alerts.php b/cron/due_alerts.php index 13fc40b7..33a78537 100644 --- a/cron/due_alerts.php +++ b/cron/due_alerts.php @@ -10,5 +10,8 @@ $users = $user->getAll(); foreach($users as $u) { + if($u->option('disable_due_alerts')) { + continue; + } $u->sendDueAlert(); } From b58dd951a30925dfc58579f266b6fdda6b0a8921 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Mon, 1 Aug 2016 16:36:22 -0600 Subject: [PATCH 003/391] Fixing that stupid taskboard ID bug that's stupid --- js/taskboard.js | 6 +++--- 1 file changed, 3 insertions(+), 3 deletions(-) diff --git a/js/taskboard.js b/js/taskboard.js index 383c404e..7dcfda82 100644 --- a/js/taskboard.js +++ b/js/taskboard.js @@ -309,10 +309,10 @@ var Taskboard = { type: 'POST', url: Taskboard.addURL, data: data, - success: function() { + success: function(result) { Taskboard.newUnBlock(taskId); - $(card).find('.task-id').html('' + data.taskId + ''); - $(card).attr('id', 'task_' + data.taskId); + $(card).find('.task-id').html('' + result.id + ''); + $(card).attr('id', 'task_' + result.id); Taskboard.makeDraggable(card); }, error: function() { From c015eaab574977a10dd59253fb4395b88f8cc6d0 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 2 Aug 2016 15:36:34 -0600 Subject: [PATCH 004/391] Use full site URL in issue ID links This fixes the links if they're generated in email notifications --- app/helper/view.php | 10 +++++----- 1 file changed, 5 insertions(+), 5 deletions(-) diff --git a/app/helper/view.php b/app/helper/view.php index af6b5721..013dd67f 100644 --- a/app/helper/view.php +++ b/app/helper/view.php @@ -83,7 +83,7 @@ public function parseText($str, $options = array(), $ttl = null) { * @return string */ protected function _parseIds($str) { - $base = \Base::instance()->get("BASE"); + $url = \Base::instance()->get("site.url"); // Find all IDs $count = preg_match_all("/(?<=[^a-z\\/&]#|^#)[0-9]+(?=[^a-z\\/]|$)/i", $str, $matches); @@ -100,7 +100,7 @@ protected function _parseIds($str) { $issue = new \Model\Issue; $issues = $issue->find(array("id IN ($idsStr)")); - return preg_replace_callback("/(?<=[^a-z\\/&]|^)#[0-9]+(?=[^a-z\\/]|$)/i", function($matches) use($base, $issues) { + return preg_replace_callback("/(?<=[^a-z\\/&]|^)#[0-9]+(?=[^a-z\\/]|$)/i", function($matches) use($url, $issues) { $id = ltrim($matches[0], "#"); foreach($issues as $i) { if($i->id == $id) { @@ -111,14 +111,14 @@ protected function _parseIds($str) { if($issue->deleted_date) { $f3 = \Base::instance(); if($f3->get("user.role") == "admin" || $f3->get("user.rank") >= \Model\User::RANK_MANAGER || $f3->get("user.id") == $issue->author_id) { - return "#$id – " . htmlspecialchars($issue->name) . ""; + return "#$id – " . htmlspecialchars($issue->name) . ""; } else { return "#$id"; } } - return "#$id – " . htmlspecialchars($issue->name) . ""; + return "#$id – " . htmlspecialchars($issue->name) . ""; } - return "#$id"; + return "#$id"; }, $str); } From dab9abab7f2b9236925bdf34907d91a78cdabfc9 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 3 Aug 2016 15:00:47 -0600 Subject: [PATCH 005/391] Don't keep all hours on copied issues: Fixes #236 --- app/model/issue.php | 9 +++++---- 1 file changed, 5 insertions(+), 4 deletions(-) diff --git a/app/model/issue.php b/app/model/issue.php index b8c2cc96..6397a5ca 100644 --- a/app/model/issue.php +++ b/app/model/issue.php @@ -412,11 +412,12 @@ function duplicate($recursive = true) { $this->copyto("duplicating_issue"); $f3->clear("duplicating_issue.id"); $f3->clear("duplicating_issue.due_date"); + $f3->clear("duplicating_issue.hours_spent"); $new_issue = new Issue; $new_issue->copyfrom("duplicating_issue"); - $new_issue->clear("due_date"); $new_issue->author_id = $f3->get("user.id"); + $new_issue->hours_remaining = $new_issue->hours_total; $new_issue->created_date = date("Y-m-d H:i:s"); $new_issue->save(); @@ -445,13 +446,13 @@ protected function _duplicateTree($id, $new_id) { $child->copyto("duplicating_issue"); $f3->clear("duplicating_issue.id"); $f3->clear("duplicating_issue.due_date"); + $f3->clear("duplicating_issue.hours_spent"); $new_child = new Issue; $new_child->copyfrom("duplicating_issue"); - $new_child->clear("id"); - $new_child->clear("due_date"); $new_child->author_id = $f3->get("user.id"); - $new_child->set("parent_id", $new_id); + $new_child->hours_remaining = $new_child->hours_total; + $new_child->parent_id = $new_id; $new_child->created_date = date("Y-m-d H:i:s"); $new_child->save(false); From a26f1db75b00a102919e366ff23d98a058aa0ae8 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 3 Aug 2016 15:26:30 -0600 Subject: [PATCH 006/391] Lots of fixes to repeat_cycle on taskboard This should fix #221 --- app/controller/taskboard.php | 6 +++--- js/taskboard.js | 13 +++++++++++++ 2 files changed, 16 insertions(+), 3 deletions(-) diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index e3da0bb7..713baf7f 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -395,7 +395,7 @@ public function edit($f3) { if(!empty($post["hours_spent"]) && !empty($post["burndown"])) { $issue->hours_remaining -= $post["hours_spent"]; } - if($issue->hours_remaining < 0) { + if(!$issue->hours_remaining || $issue->hours_remaining < 0) { $issue->hours_remaining = 0; } if(!empty($post["dueDate"])) { @@ -403,8 +403,8 @@ public function edit($f3) { } else { $issue->due_date = null; } - if(!empty($post["repeat_cycle"])) { - $issue->repeat_cycle = $post["repeat_cycle"]; + if(isset($post["repeat_cycle"])) { + $issue->repeat_cycle = $post["repeat_cycle"] ?: null; } $issue->priority = $post["priority"]; if(!empty($post["storyId"])) { diff --git a/js/taskboard.js b/js/taskboard.js index 7dcfda82..bf55e53a 100644 --- a/js/taskboard.js +++ b/js/taskboard.js @@ -127,6 +127,18 @@ var Taskboard = { priority = $(data).find('.priority').data('val'), repeatCycle = $(data).find('.repeat_cycle').text(); + console.log({ +user: user, +userColor: userColor, +taskId: taskId, +title: title, +description: description, +hours: hours, +date: date, +priority: priority, +repeatCycle: repeatCycle, + }); + $('#task-dialog input#taskId').val(taskId); $('#task-dialog input#title').val(title); $('#task-dialog textarea#description').val(description); @@ -192,6 +204,7 @@ var Taskboard = { }, updateCard: function(card, data) { $(card).find('.title').text(data.title); + $(card).find('.repeat_cycle').text(data.repeat_cycle); if (isNumber(data.hours_spent) && data.burndown && data.hours > 0) { $(card).find('.hours').text(parseFloat(data.hours).toFixed(1) - parseFloat(data.hours_spent)); From c358c671c31c198c49cc930cbbf5d4f31c64c6af Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 3 Aug 2016 15:33:24 -0600 Subject: [PATCH 007/391] Fixing taskboard hour calculation bugs This fixes #149 among other things --- app/controller/taskboard.php | 2 +- app/view/taskboard/index.html | 1 - js/taskboard.js | 20 ++++---------------- 3 files changed, 5 insertions(+), 18 deletions(-) diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index 713baf7f..8967c1d4 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -393,7 +393,7 @@ public function edit($f3) { $issue->hours_remaining = $post["hours"]; $issue->hours_spent += $post["hours_spent"]; if(!empty($post["hours_spent"]) && !empty($post["burndown"])) { - $issue->hours_remaining -= $post["hours_spent"]; + $issue->hours_remaining -= $post["hours_spent"]; } if(!$issue->hours_remaining || $issue->hours_remaining < 0) { $issue->hours_remaining = 0; diff --git a/app/view/taskboard/index.html b/app/view/taskboard/index.html index b199dcef..8707272e 100644 --- a/app/view/taskboard/index.html +++ b/app/view/taskboard/index.html @@ -259,7 +259,6 @@
  - diff --git a/js/taskboard.js b/js/taskboard.js index bf55e53a..7b08d956 100644 --- a/js/taskboard.js +++ b/js/taskboard.js @@ -127,18 +127,6 @@ var Taskboard = { priority = $(data).find('.priority').data('val'), repeatCycle = $(data).find('.repeat_cycle').text(); - console.log({ -user: user, -userColor: userColor, -taskId: taskId, -title: title, -description: description, -hours: hours, -date: date, -priority: priority, -repeatCycle: repeatCycle, - }); - $('#task-dialog input#taskId').val(taskId); $('#task-dialog input#title').val(title); $('#task-dialog textarea#description').val(description); @@ -206,11 +194,11 @@ repeatCycle: repeatCycle, $(card).find('.title').text(data.title); $(card).find('.repeat_cycle').text(data.repeat_cycle); - if (isNumber(data.hours_spent) && data.burndown && data.hours > 0) { - $(card).find('.hours').text(parseFloat(data.hours).toFixed(1) - parseFloat(data.hours_spent)); + if (isNumber(data.hours_spent) && parseInt(data.burndown) && data.hours > 0) { + $(card).find('.hours').text(parseFloat(data.hours) - parseFloat(data.hours_spent)); $(card).find('.hours').show(); } else if (isNumber(data.hours) && data.hours > 0) { - $(card).find('.hours').text(parseFloat(data.hours).toFixed(1)); + $(card).find('.hours').text(parseFloat(data.hours)); $(card).find('.hours').show(); } else { $(card).find('.hours').hide(); @@ -233,7 +221,7 @@ repeatCycle: repeatCycle, $(card).find('.repeat_cycle').text(data.repeat_cycle); if (isNumber(data.hours) && data.hours > 0) { - $(card).find('.hours').text(parseFloat(data.hours).toFixed(1)); + $(card).find('.hours').text(parseFloat(data.hours)); $(card).find('.hours').show(); } else { $(card).find('.hours').hide(); From 3ee3fba27231fe776735d4edde07e3089410460b Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 16 Aug 2016 11:03:11 -0600 Subject: [PATCH 008/391] Preventing redundant To: header in notifications --- app/helper/notification.php | 1 - 1 file changed, 1 deletion(-) diff --git a/app/helper/notification.php b/app/helper/notification.php index 15cd2bec..0533ba82 100644 --- a/app/helper/notification.php +++ b/app/helper/notification.php @@ -17,7 +17,6 @@ public function utf8mail($to, $subject, $body, $text = null) { // Add basic headers $headers = 'MIME-Version: 1.0' . "\r\n"; - $headers .= 'To: '. $to . "\r\n"; $headers .= 'From: '. $f3->get("mail.from") . "\r\n"; // Build multipart message if necessary From a6b5c3da46c1c28c8a2d6507592c130fc8d331f5 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 1 Sep 2016 10:47:25 -0600 Subject: [PATCH 009/391] Fixing a broken Atom feed --- app/controller/index.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controller/index.php b/app/controller/index.php index 2777c23d..f0d90f92 100644 --- a/app/controller/index.php +++ b/app/controller/index.php @@ -323,7 +323,7 @@ public function atom($f3) { if($get["type"] == "assigned") { $issues = $issue->find(array("author_id = ? AND status_closed = 0 AND deleted_date IS NULL", $user->id), $options); } elseif($get["type"] == "created") { - $issues = $issue->find(array("owner = ? AND status_closed = 0 AND deleted_date IS NULL", $user->id), $options); + $issues = $issue->find(array("owner_id = ? AND status_closed = 0 AND deleted_date IS NULL", $user->id), $options); } elseif($get["type"] == "all") { $issues = $issue->find("status_closed = 0 AND deleted_date IS NULL", $options + array("limit" => 50)); } else { From 8489d7fd9c83af36c53a966a2bf75ff6d78632e6 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 1 Sep 2016 11:40:30 -0600 Subject: [PATCH 010/391] Fix backlog unsorted drag/drop handling --- js/backlog.js | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/js/backlog.js b/js/backlog.js index 0301438c..1d1d947f 100644 --- a/js/backlog.js +++ b/js/backlog.js @@ -44,7 +44,7 @@ var Backlog = { }, projectReceive: function(item, sender, receiverSerialized) { var itemId = cleanId('project', $(item).attr('id')), - receiverId = cleanId('sprint', $(item).parent().attr('data-list-id')), + receiverId = $(item).parent().attr('data-list-id'), senderId = $(sender).attr('data-list-id'); if (typeof($(sender).attr('data-list-id') !== 'undefined')) { var senderSerialized = sanitizeSortableArray('project', $(sender).sortable('serialize')), @@ -65,7 +65,7 @@ var Backlog = { }, sameReceive: function(item, receiverSerialized) { var itemId = cleanId('project', $(item).attr('id')), - receiverId = cleanId('sprint', $(item).parent().attr('data-list-id')), + receiverId = $(item).parent().attr('data-list-id'), data = { itemId: itemId, reciever: { From ebcaec0eb1a102e95c0a2fd9df8c9cf9d96179ea Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 1 Sep 2016 11:59:33 -0600 Subject: [PATCH 011/391] XSS vulnerability fixes --- app/controller/admin.php | 26 +++++++++++++++++++++ app/controller/issues.php | 9 +------ app/controller/user.php | 2 +- app/helper/view.php | 3 +++ app/view/admin/sprints/edit.html | 8 +++---- app/view/admin/sprints/new.html | 6 ++--- app/view/admin/users/edit.html | 8 +++---- app/view/blocks/footer.html | 2 +- app/view/blocks/head.html | 2 +- app/view/blocks/issue-list/bulk-update.html | 1 - app/view/issues/search.html | 4 ++-- 11 files changed, 46 insertions(+), 25 deletions(-) diff --git a/app/controller/admin.php b/app/controller/admin.php index f3346945..ac710233 100644 --- a/app/controller/admin.php +++ b/app/controller/admin.php @@ -257,6 +257,26 @@ public function user_save($f3) { } } + // Validate fields + $error = null; + if(!$f3->get("POST.name")) { + $error = "Please enter a name."; + } + if(!preg_match("/#?[0-9a-f]{3,6}/i", $f3->get("POST.task_color"))) { + $error = "Please enter a valid hex color."; + } + if(!preg_match("/[0-9a-z_-]+/i", $f3->get("POST.username"))) { + $error = "Usernames can only contain letters, numbers, hyphens, and underscores."; + } + if(!filter_var($f3->get("POST.email"), FILTER_VALIDATE_EMAIL)) { + $error = "Please enter a valid email address"; + } + if($error) { + $f3->set("error", $error); + $this->_render("admin/users/edit.html"); + return; + } + // Set basic fields $user->username = $f3->get("POST.username"); $user->email = $f3->get("POST.email"); @@ -519,6 +539,12 @@ public function sprint_new($f3) { $start = strtotime($post["start_date"]); $end = strtotime($post["end_date"]); + if(!$start || !$end) { + $f3->set("error", "Please enter a valid start and end date"); + $this->_render("admin/sprints/new.html"); + return; + } + if($end <= $start) { $f3->set("error", "End date must be after start date"); $this->_render("admin/sprints/new.html"); diff --git a/app/controller/issues.php b/app/controller/issues.php index 539697b1..5df9092b 100644 --- a/app/controller/issues.php +++ b/app/controller/issues.php @@ -283,16 +283,9 @@ public function bulk_update($f3) { return; } } - - } else { - $f3->reroute($post["url_path"] . "?" . $post["url_query"]); } - if (!empty($post["url_path"])) { - $f3->reroute($post["url_path"] . "?" . $post["url_query"]); - } else { - $f3->reroute("/issues?" . $post["url_query"]); - } + $f3->reroute("/issues?" . $post["url_query"]); } /** diff --git a/app/controller/user.php b/app/controller/user.php index 66ddf6be..a6f66e97 100644 --- a/app/controller/user.php +++ b/app/controller/user.php @@ -48,7 +48,7 @@ public function dashboard($f3) { if(is_callable(array($helper, $widget))) { $f3->set($widget, $helper->$widget()); } else { - $f3->set("error", "Widget '{$widget}' is not available."); + $f3->set("error", "Widget '" . strip_tags($widget) . "' is not available."); } unset($allWidgets[array_search($widget, $allWidgets)]); } diff --git a/app/helper/view.php b/app/helper/view.php index 013dd67f..711c5691 100644 --- a/app/helper/view.php +++ b/app/helper/view.php @@ -66,6 +66,9 @@ public function parseText($str, $options = array(), $ttl = null) { $str = $this->_parseUrls($str); } + // Simplistic XSS protection + $str = preg_replace("##i", "", $str); + // Pass to any plugin hooks $str = \Helper\Plugin::instance()->callHook("text.parse.after", $str); diff --git a/app/view/admin/sprints/edit.html b/app/view/admin/sprints/edit.html index 59eebe85..736633f3 100644 --- a/app/view/admin/sprints/edit.html +++ b/app/view/admin/sprints/edit.html @@ -10,21 +10,21 @@
{{ @dict.edit_sprint }}
- +
- +
- +
- +
diff --git a/app/view/admin/sprints/new.html b/app/view/admin/sprints/new.html index 2e9df810..188d2b7e 100644 --- a/app/view/admin/sprints/new.html +++ b/app/view/admin/sprints/new.html @@ -12,19 +12,19 @@
- +
- +
- +
diff --git a/app/view/admin/users/edit.html b/app/view/admin/users/edit.html index 7e408b5b..4b9a5752 100644 --- a/app/view/admin/users/edit.html +++ b/app/view/admin/users/edit.html @@ -20,19 +20,19 @@
- +
- +
- +

@@ -73,7 +73,7 @@
{~ if(!empty(@this_user)) @task_color = '#' . @this_user.task_color; elseif(!empty(@POST.task_color)) @task_color = @POST.task_color; ~} - +
diff --git a/app/view/blocks/footer.html b/app/view/blocks/footer.html index fca37a9a..7e53ab24 100644 --- a/app/view/blocks/footer.html +++ b/app/view/blocks/footer.html @@ -5,7 +5,7 @@ ~}
-
{{ @dblog }}
+
{{ @dblog | esc }}
diff --git a/app/view/blocks/head.html b/app/view/blocks/head.html index 3b50774d..3a809433 100644 --- a/app/view/blocks/head.html +++ b/app/view/blocks/head.html @@ -3,7 +3,7 @@ -{{ empty(@title) ? @site.name : @title . ' - ' . @site.name }} +{{ empty(@title) ? @site.name : @title . ' - ' . @site.name | esc }} diff --git a/app/view/blocks/issue-list/bulk-update.html b/app/view/blocks/issue-list/bulk-update.html index b758760c..9dccedf8 100644 --- a/app/view/blocks/issue-list/bulk-update.html +++ b/app/view/blocks/issue-list/bulk-update.html @@ -114,7 +114,6 @@

{{ @dict.bulk_update }}

-
diff --git a/app/view/issues/search.html b/app/view/issues/search.html index c7fc3a40..151031da 100644 --- a/app/view/issues/search.html +++ b/app/view/issues/search.html @@ -19,9 +19,9 @@
From aee7c99445da769c56a0d005e055f79e16ca33d3 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 2 Sep 2016 11:21:08 -0600 Subject: [PATCH 012/391] Fixing some minor XSS issues and other bugs --- app/controller/user.php | 17 +++++++++++++---- app/helper/dashboard.php | 2 ++ app/view/blocks/issue-list/filters.html | 4 ++-- app/view/issues/index.html | 2 +- app/view/issues/search.html | 12 +++++++++--- app/view/user/dashboard.html | 2 +- 6 files changed, 28 insertions(+), 11 deletions(-) diff --git a/app/controller/user.php b/app/controller/user.php index a6f66e97..5dfbabc1 100644 --- a/app/controller/user.php +++ b/app/controller/user.php @@ -41,18 +41,23 @@ public function dashboard($f3) { } // Load dashboard widget data - $allWidgets = array("projects", "subprojects", "tasks", "bugs", "repeat_work", "watchlist", "my_comments", "recent_comments", "open_comments", "issue_tree"); $helper = \Helper\Dashboard::instance(); - foreach($dashboard as $widgets) { - foreach($widgets as $widget) { + $allWidgets = $helper->allWidgets; + $missing = array(); + foreach($dashboard as $k=>$widgets) { + foreach($widgets as $l=>$widget) { if(is_callable(array($helper, $widget))) { $f3->set($widget, $helper->$widget()); } else { $f3->set("error", "Widget '" . strip_tags($widget) . "' is not available."); + $missing[] = array($k, $l); } unset($allWidgets[array_search($widget, $allWidgets)]); } } + foreach($missing as $kl) { + unset($dashboard[$k][$l]); + } $f3->set("unused_widgets", $allWidgets); // Get current sprint if there is one @@ -68,15 +73,19 @@ public function dashboard($f3) { /** * POST /user/dashboard + * Save dashboard widget selections * * @param \Base $f3 */ public function dashboardPost($f3) { + $helper = \Helper\Dashboard::instance(); $user = $f3->get("user_obj"); if($f3->get("POST.action") == "add") { $widgets = $user->option("dashboard"); foreach($f3->get("POST.widgets") as $widget) { - $widgets["left"][] = $widget; + if(in_array($widget, $helper->allWidgets)) { + $widgets["left"][] = $widget; + } } } else { $widgets = json_decode($f3->get("POST.widgets")); diff --git a/app/helper/dashboard.php b/app/helper/dashboard.php index 29b0d956..2a09a09f 100644 --- a/app/helper/dashboard.php +++ b/app/helper/dashboard.php @@ -10,6 +10,8 @@ class Dashboard extends \Prefab { $_projects, $_order = "priority DESC, has_due_date ASC, due_date ASC"; + public $allWidgets = array("projects", "subprojects", "tasks", "bugs", "repeat_work", "watchlist", "my_comments", "recent_comments", "open_comments", "issue_tree"); + public function getIssue() { return $this->_issue === null ? $this->_issue = new \Model\Issue\Detail : $this->_issue; } diff --git a/app/view/blocks/issue-list/filters.html b/app/view/blocks/issue-list/filters.html index 26a7a2e9..410cca6b 100644 --- a/app/view/blocks/issue-list/filters.html +++ b/app/view/blocks/issue-list/filters.html @@ -140,8 +140,8 @@ - - + + diff --git a/app/view/issues/index.html b/app/view/issues/index.html index c0311561..5f7f492b 100644 --- a/app/view/issues/index.html +++ b/app/view/issues/index.html @@ -8,7 +8,7 @@
-

{{ @dict.deleted_success,@GET.deleted | format }} {{ @dict.restore_issue }}

+

{{ @dict.deleted_success,intval(@GET.deleted) | format }} {{ @dict.restore_issue }}
diff --git a/app/view/issues/search.html b/app/view/issues/search.html index 151031da..147fcb01 100644 --- a/app/view/issues/search.html +++ b/app/view/issues/search.html @@ -19,11 +19,17 @@
diff --git a/app/view/user/dashboard.html b/app/view/user/dashboard.html index 5c47d166..e5b0203d 100644 --- a/app/view/user/dashboard.html +++ b/app/view/user/dashboard.html @@ -40,7 +40,7 @@
-

{{ @dict.add_widgets }}

From 52eb072e1212ebb19983f2bf12bc4b4763f81206 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 2 Sep 2016 13:13:31 -0600 Subject: [PATCH 013/391] Fixing dashboard display with invalid widget tags --- app/controller/user.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/controller/user.php b/app/controller/user.php index 5dfbabc1..8d9162b7 100644 --- a/app/controller/user.php +++ b/app/controller/user.php @@ -49,14 +49,14 @@ public function dashboard($f3) { if(is_callable(array($helper, $widget))) { $f3->set($widget, $helper->$widget()); } else { - $f3->set("error", "Widget '" . strip_tags($widget) . "' is not available."); + $f3->set("error", "Some dashboard widgets cannot be displayed."); $missing[] = array($k, $l); } unset($allWidgets[array_search($widget, $allWidgets)]); } } foreach($missing as $kl) { - unset($dashboard[$k][$l]); + unset($dashboard[$kl[0]][$kl[1]]); } $f3->set("unused_widgets", $allWidgets); From 3dba106dd9440750ca1c4e628f7cd8da6537bd31 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 7 Sep 2016 18:25:37 -0600 Subject: [PATCH 014/391] Don't save tags on deleted issues - fixes #240 --- app/model/issue.php | 24 ++++++++++++------------ 1 file changed, 12 insertions(+), 12 deletions(-) diff --git a/app/model/issue.php b/app/model/issue.php index 6397a5ca..0e99be19 100644 --- a/app/model/issue.php +++ b/app/model/issue.php @@ -380,18 +380,18 @@ public function save($notify = true) { */ function saveTags() { $tag = new \Model\Issue\Tag; - $issue_id = $this->id; - $str = $this->description; - $count = preg_match_all("/(?<=[^a-z\\/&]#|^#)[a-z][a-z0-9_-]*[a-z0-9]+(?=[^a-z\\/]|$)/i", $str, $matches); - if($issue_id) { - $tag->deleteByIssueId($issue_id); - } - if ($count) { - foreach ($matches[0] as $match) { - $tag->reset(); - $tag->tag = preg_replace("/[_-]+/", "-", ltrim($match, "#")); - $tag->issue_id = $issue_id; - $tag->save(); + if ($this->id) { + $tag->deleteByIssueId($this->id); + } + if (!$this->deleted_date) { + $count = preg_match_all("/(?<=[^a-z\\/&]#|^#)[a-z][a-z0-9_-]*[a-z0-9]+(?=[^a-z\\/]|$)/i", $this->description, $matches); + if ($count) { + foreach ($matches[0] as $match) { + $tag->reset(); + $tag->tag = preg_replace("/[_-]+/", "-", ltrim($match, "#")); + $tag->issue_id = $this->id; + $tag->save(); + } } } return $this; From a75375569898c161930af6c185dcf13e6208c8e1 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 8 Sep 2016 16:31:43 -0600 Subject: [PATCH 015/391] Adding SVG MIME-Type icons and supporting code --- app/controller/files.php | 111 ++++-------- app/helper/image.php | 55 +++++- app/view/blocks/file/thumb.html | 19 ++ app/view/issues/single.html | 32 ++-- css/style.css | 10 ++ img/mime/16/_404.svg | 1 + img/mime/16/_archive.svg | 1 + img/mime/16/_audio.svg | 1 + img/mime/16/_blank.svg | 1 + img/mime/16/_code.svg | 1 + img/mime/16/_image.svg | 1 + img/mime/16/_video.svg | 1 + img/mime/16/csv.svg | 1 + img/mime/16/doc.svg | 1 + img/mime/16/odg.svg | 1 + img/mime/16/odp.svg | 1 + img/mime/16/ods.svg | 1 + img/mime/16/odt.svg | 1 + img/mime/16/pdf.svg | 1 + img/mime/16/ppt.svg | 1 + img/mime/16/txt.svg | 1 + img/mime/16/xls.svg | 1 + img/mime/96/_404.svg | 1 + img/mime/96/_archive.svg | 1 + img/mime/96/_audio.svg | 1 + img/mime/96/_blank.svg | 1 + img/mime/96/_code.svg | 1 + img/mime/96/_image.svg | 1 + img/mime/96/_video.svg | 1 + img/mime/96/csv.svg | 1 + img/mime/96/doc.svg | 1 + img/mime/96/odg.svg | 302 ++++++++++++++++++++++++++++++++ img/mime/96/odp.svg | 1 + img/mime/96/ods.svg | 1 + img/mime/96/odt.svg | 1 + img/mime/96/pdf.svg | 1 + img/mime/96/ppt.svg | 1 + img/mime/96/txt.svg | 1 + img/mime/96/xls.svg | 1 + img/mime/base.png | Bin 5066 -> 0 bytes img/mime/table.png | Bin 2877 -> 0 bytes 41 files changed, 467 insertions(+), 95 deletions(-) create mode 100644 app/view/blocks/file/thumb.html create mode 100644 img/mime/16/_404.svg create mode 100644 img/mime/16/_archive.svg create mode 100644 img/mime/16/_audio.svg create mode 100644 img/mime/16/_blank.svg create mode 100644 img/mime/16/_code.svg create mode 100644 img/mime/16/_image.svg create mode 100644 img/mime/16/_video.svg create mode 100644 img/mime/16/csv.svg create mode 100644 img/mime/16/doc.svg create mode 100644 img/mime/16/odg.svg create mode 100644 img/mime/16/odp.svg create mode 100644 img/mime/16/ods.svg create mode 100644 img/mime/16/odt.svg create mode 100644 img/mime/16/pdf.svg create mode 100644 img/mime/16/ppt.svg create mode 100644 img/mime/16/txt.svg create mode 100644 img/mime/16/xls.svg create mode 100644 img/mime/96/_404.svg create mode 100644 img/mime/96/_archive.svg create mode 100644 img/mime/96/_audio.svg create mode 100644 img/mime/96/_blank.svg create mode 100644 img/mime/96/_code.svg create mode 100644 img/mime/96/_image.svg create mode 100644 img/mime/96/_video.svg create mode 100644 img/mime/96/csv.svg create mode 100644 img/mime/96/doc.svg create mode 100644 img/mime/96/odg.svg create mode 100644 img/mime/96/odp.svg create mode 100644 img/mime/96/ods.svg create mode 100644 img/mime/96/odt.svg create mode 100644 img/mime/96/pdf.svg create mode 100644 img/mime/96/ppt.svg create mode 100644 img/mime/96/txt.svg create mode 100644 img/mime/96/xls.svg delete mode 100644 img/mime/base.png delete mode 100644 img/mime/table.png diff --git a/app/controller/files.php b/app/controller/files.php index 4ec3e79f..f5f4b7d8 100644 --- a/app/controller/files.php +++ b/app/controller/files.php @@ -5,7 +5,7 @@ class Files extends \Controller { /** - * Forces the framework to use the local filesystem cache method if possible + * Force the framework to use the local filesystem cache method if possible */ protected function _useFileCache() { $f3 = \Base::instance(); @@ -14,6 +14,7 @@ protected function _useFileCache() { /** * Send a file to the browser + * * @param string $file * @param string $mime * @param string $filename @@ -48,6 +49,8 @@ protected function _sendFile($file, $mime = "", $filename = "", $force = true) { } /** + * GET /files/thumb/@size-@id.@format + * * @param \Base $f3 * @param array $params * @throws \Exception @@ -62,11 +65,13 @@ public function thumb($f3, $params) { } // Output cached image if one exists - $hash = $f3->hash($f3->get('VERB') . " " . $f3->get('URI')) . ".thm"; - if($cache->exists($hash, $data)) { - header("Content-type: image/" . $params["format"]); - echo $data; - return; + if($f3->get("DEBUG") < 2) { + $hash = $f3->hash($f3->get('VERB') . " " . $f3->get('URI')) . ".thm"; + if($cache->exists($hash, $data)) { + header("Content-type: image/" . $params["format"]); + echo $data; + return; + } } $file = new \Model\Issue\File(); @@ -77,83 +82,24 @@ public function thumb($f3, $params) { return; } - $fg = 0x000000; - $bg = 0xFFFFFF; - // Generate thumbnail of image file - if(substr($file->content_type, 0, 6) == "image/") { - if(is_file($file->disk_filename)) { - $img = new \Helper\Image($file->disk_filename); - $hide_ext = true; - } else { - $protocol = isset($_SERVER["SERVER_PROTOCOL"]) ? $_SERVER["SERVER_PROTOCOL"] : "HTTP/1.0"; - header($protocol . " 404 Not Found"); - $img = new \Helper\Image("img/404.png"); - } - $img->resize($params["size"], $params["size"]); - - $fg = 0xFFFFFF; - $bg = 0x000000; - } - - // Generate thumbnail of text contents - elseif(substr($file->content_type, 0, 5) == "text/") { - - // Get first 2KB of file - $fh = fopen($file->disk_filename, "r"); - $str = fread($fh, 2048); - fclose($fh); - - // Replace tabs with spaces - $str = str_replace("\t", " ", $str); - - $img = new \Helper\Image(); - $img->create($params["size"], $params["size"]); - $img->fill(0xFFFFFF); - $img->text($str, round(0.05 * $params["size"]), 0, round(0.03 * $params["size"]), round(0.03 * $params["size"]), 0x777777); - - // Show file type icon if available - if($file->content_type == "text/csv" || $file->content_type == "text/tsv") { - $icon = new \Image("img/mime/table.png"); - $img->overlay($icon); - } - } - - // Generate thumbnail of MS Office document - elseif(extension_loaded("zip") - && $file->content_type == "application/vnd.openxmlformats-officedocument.wordprocessingml.document") { - $zip = zip_open($file->disk_filename); - while(($entry = zip_read($zip)) !== false) { - if(preg_match("/word\/media\/image[0-9]+\.(png|jpe?g|gif|bmp|dib)/i", zip_entry_name($entry))) { - $idata = zip_entry_read($entry, zip_entry_filesize($entry)); - $img = new \Helper\Image(); - $img->load($idata); - break; - } - } - - if(!isset($img)) { - $img = new \Helper\Image("img/mime/base.png"); - } - $img->resize($params["size"], $params["size"]); - } - - // Use generic file icon if type is not supported - else { - $img = new \Helper\Image("img/mime/base.png"); - $img->resize($params["size"], $params["size"]); - } - - // Render file extension over image - if(empty($hide_ext)) { - $ext = strtoupper(pathinfo($file->disk_filename, PATHINFO_EXTENSION)); - $img->text($ext, $params["size"]*0.125, 0, round(0.05 * $params["size"]), round(0.05 * $params["size"]), $bg); - $img->text($ext, $params["size"]*0.125, 0, round(0.05 * $params["size"]) - 1, round(0.05 * $params["size"]) - 1, $fg); + /* @todo: Replace with hacky imagefillrectangle and imagecopyresampled + code to render a nice _image.svg-style frame around the thumbnail */ + if(is_file($file->disk_filename)) { + $img = new \Helper\Image($file->disk_filename); + $hide_ext = true; + } else { + header("Content-Type: image/svg+xml"); + readfile("img/mime/96/_404.svg"); + return; } + $img->resize($params["size"], $params["size"]); // Render and cache image $data = $img->dump($params["format"]); - $cache->set($hash, $data, $f3->get("cache_expire.attachments")); + if($f3->get("DEBUG") < 2) { + $cache->set($hash, $data, $f3->get("cache_expire.attachments")); + } // Output image header("Content-type: image/" . $params["format"]); @@ -162,6 +108,8 @@ public function thumb($f3, $params) { } /** + * GET /avatar/@size-@id.@format + * * @param \Base $f3 * @param array $params * @throws \Exception @@ -197,6 +145,8 @@ public function avatar($f3, $params) { } /** + * GET /files/preview/@id + * * @param \Base $f3 * @param array $params * @throws \Exception @@ -230,6 +180,8 @@ public function preview($f3, $params) { } /** + * GET /files/@id/@name + * * @param \Base $f3 * @param array $params * @throws \Exception @@ -248,9 +200,6 @@ public function file($f3, $params) { $file->content_type == "text/plain" || $file->content_type == "application/pdf" ) { - // Don't force download on image and plain text files - // Eventually I'd like to have previews of files some way (more than - // the existing thumbnails), but for now this is how we do it - Alan $force = false; } diff --git a/app/helper/image.php b/app/helper/image.php index a1c2232d..d9069ec0 100644 --- a/app/helper/image.php +++ b/app/helper/image.php @@ -4,14 +4,61 @@ class Image extends \Image { - protected $last_data; + protected $lastData; + + static $mimeMap = array( + "image" => array( + "image/jpeg", + "image/png", + "image/gif", + "image/bmp", + ), + "text" => array( + // @todo: Use these values to generate text file thumbnails + "text/plain", + "text/tsv", + "text/csv", + ), + "icon" => array( + "application/.*zip" => "_archive", + "image/.+" => "_image", + "application/x-photoshop" => "_image", + "application/.*pdf" => "pdf", + "text/[ct]sv" => "csv", + "text/.+" => "txt", + "application/vnd\.oasis\.opendocument\.graphics" => "odg", + "application/vnd\.oasis\.opendocument\.spreadsheet" => "ods", + "application/vnd\.oasis\.opendocument\.presentation" => "odp", + "application/vnd\.oasis\.opendocument\.text" => "odt", + "application/(msword|vnd\.(ms-word|openxmlformats-officedocument\.wordprocessingml.+))" => "doc", + "application/(msexcel|vnd\.(ms-excel|openxmlformats-officedocument\.spreadsheetml.+))" => "xls", + "application/(mspowerpoint|vnd\.(ms-powerpoint|openxmlformats-officedocument\.presentationml.+))" => "ppt", + ) + ); + + /** + * Get an icon name by MIME type + * + * Returns "_blank" when no icon matches + * + * @param string $contentType + * @return string + */ + static function mimeIcon($contentType) { + foreach (self::$mimeMap["icon"] as $regex=>$name) { + if (preg_match("@^" . $regex . "$@i", $contentType)) { + return $name; + } + } + return "_blank"; + } /** * Get the last GD return value, generally from imagettftext - * @return mixed last_data + * @return mixed lastData */ function getLastData() { - return $this->last_data; + return $this->lastData; } /** @@ -70,7 +117,7 @@ function text($text, $size = 9.0, $angle = 0, $x = 0, $y = 0, $color = 0x000000, ); } - $this->last_data = imagettftext($this->data, $size, $angle, $x, $y, $color_id, $font, $text); + $this->lastData = imagettftext($this->data, $size, $angle, $x, $y, $color_id, $font, $text); return $this->save(); } diff --git a/app/view/blocks/file/thumb.html b/app/view/blocks/file/thumb.html new file mode 100644 index 00000000..2973c936 --- /dev/null +++ b/app/view/blocks/file/thumb.html @@ -0,0 +1,19 @@ +
  • + + + + + + + + + + {{ @file.filename | esc }} + + +
    • diff --git a/app/view/issues/single.html b/app/view/issues/single.html index b68b65f6..5fcabe2c 100644 --- a/app/view/issues/single.html +++ b/app/view/issues/single.html @@ -202,13 +202,7 @@

    @@ -217,7 +211,7 @@

    - + @@ -228,8 +222,10 @@

    - - + + @@ -580,6 +576,22 @@ autoclose: true }); + // Add file thumbnail popovers + $('#files-tiles li').each(function() { + $el = $(this); + $el.popover({ + trigger: 'hover', + html: true, + delay: { + show: 250, + hide: 50 + }, + container: 'body', + placement: 'auto right', + content: '' + $el.attr('data-name') + '
    ' + $el.attr('data-user') + '
    ' + $el.attr('data-date') + '
    ' +$el.attr('data-size') + }); + }); + // Handle file deletion $('.file-list').on('click', '.delete', function(e) { var $file = $(this).parents('li, tr'); diff --git a/css/style.css b/css/style.css index 546f29c6..e629f37a 100644 --- a/css/style.css +++ b/css/style.css @@ -194,7 +194,9 @@ select[multiple] { white-space: nowrap; } .file-list li img { + display: block; width: 96px; + height: 96px; } .file-list li .delete { position: absolute; @@ -205,6 +207,14 @@ select[multiple] { .file-list li:hover .delete { visibility: visible; } +.file-list th:first-child, +.file-list td:first-child { + width: 26px; +} +.file-list td:first-child img { + width: 16px; + height: 16px; +} .issue-list .closed { text-decoration: line-through; diff --git a/img/mime/16/_404.svg b/img/mime/16/_404.svg new file mode 100644 index 00000000..750308e9 --- /dev/null +++ b/img/mime/16/_404.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_archive.svg b/img/mime/16/_archive.svg new file mode 100644 index 00000000..8e438e7e --- /dev/null +++ b/img/mime/16/_archive.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_audio.svg b/img/mime/16/_audio.svg new file mode 100644 index 00000000..34961ff5 --- /dev/null +++ b/img/mime/16/_audio.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_blank.svg b/img/mime/16/_blank.svg new file mode 100644 index 00000000..903caeb5 --- /dev/null +++ b/img/mime/16/_blank.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_code.svg b/img/mime/16/_code.svg new file mode 100644 index 00000000..2d293962 --- /dev/null +++ b/img/mime/16/_code.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_image.svg b/img/mime/16/_image.svg new file mode 100644 index 00000000..be9da8cf --- /dev/null +++ b/img/mime/16/_image.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/_video.svg b/img/mime/16/_video.svg new file mode 100644 index 00000000..5b77ce53 --- /dev/null +++ b/img/mime/16/_video.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/csv.svg b/img/mime/16/csv.svg new file mode 100644 index 00000000..3b1a35e5 --- /dev/null +++ b/img/mime/16/csv.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/doc.svg b/img/mime/16/doc.svg new file mode 100644 index 00000000..3112c3be --- /dev/null +++ b/img/mime/16/doc.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/odg.svg b/img/mime/16/odg.svg new file mode 100644 index 00000000..1c55adb1 --- /dev/null +++ b/img/mime/16/odg.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/odp.svg b/img/mime/16/odp.svg new file mode 100644 index 00000000..e0d47c85 --- /dev/null +++ b/img/mime/16/odp.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/ods.svg b/img/mime/16/ods.svg new file mode 100644 index 00000000..45279da5 --- /dev/null +++ b/img/mime/16/ods.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/odt.svg b/img/mime/16/odt.svg new file mode 100644 index 00000000..9ab72d3e --- /dev/null +++ b/img/mime/16/odt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/pdf.svg b/img/mime/16/pdf.svg new file mode 100644 index 00000000..f7d07940 --- /dev/null +++ b/img/mime/16/pdf.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/ppt.svg b/img/mime/16/ppt.svg new file mode 100644 index 00000000..5a50b225 --- /dev/null +++ b/img/mime/16/ppt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/txt.svg b/img/mime/16/txt.svg new file mode 100644 index 00000000..cc78a270 --- /dev/null +++ b/img/mime/16/txt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/16/xls.svg b/img/mime/16/xls.svg new file mode 100644 index 00000000..3fb58a74 --- /dev/null +++ b/img/mime/16/xls.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_404.svg b/img/mime/96/_404.svg new file mode 100644 index 00000000..4e406792 --- /dev/null +++ b/img/mime/96/_404.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_archive.svg b/img/mime/96/_archive.svg new file mode 100644 index 00000000..425dc253 --- /dev/null +++ b/img/mime/96/_archive.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_audio.svg b/img/mime/96/_audio.svg new file mode 100644 index 00000000..f63bb76c --- /dev/null +++ b/img/mime/96/_audio.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_blank.svg b/img/mime/96/_blank.svg new file mode 100644 index 00000000..3a44ecd7 --- /dev/null +++ b/img/mime/96/_blank.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_code.svg b/img/mime/96/_code.svg new file mode 100644 index 00000000..9d5b76c9 --- /dev/null +++ b/img/mime/96/_code.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_image.svg b/img/mime/96/_image.svg new file mode 100644 index 00000000..6bd00758 --- /dev/null +++ b/img/mime/96/_image.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/_video.svg b/img/mime/96/_video.svg new file mode 100644 index 00000000..155d327e --- /dev/null +++ b/img/mime/96/_video.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/csv.svg b/img/mime/96/csv.svg new file mode 100644 index 00000000..ce2c15a2 --- /dev/null +++ b/img/mime/96/csv.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/doc.svg b/img/mime/96/doc.svg new file mode 100644 index 00000000..14389623 --- /dev/null +++ b/img/mime/96/doc.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/odg.svg b/img/mime/96/odg.svg new file mode 100644 index 00000000..0d8ac491 --- /dev/null +++ b/img/mime/96/odg.svg @@ -0,0 +1,302 @@ + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + + image/svg+xml + + + + + + + + + + + + + + + + + + + + + + + + diff --git a/img/mime/96/odp.svg b/img/mime/96/odp.svg new file mode 100644 index 00000000..dfb5b08e --- /dev/null +++ b/img/mime/96/odp.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/ods.svg b/img/mime/96/ods.svg new file mode 100644 index 00000000..a2470d5c --- /dev/null +++ b/img/mime/96/ods.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/odt.svg b/img/mime/96/odt.svg new file mode 100644 index 00000000..3373645e --- /dev/null +++ b/img/mime/96/odt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/pdf.svg b/img/mime/96/pdf.svg new file mode 100644 index 00000000..f032ef6c --- /dev/null +++ b/img/mime/96/pdf.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/ppt.svg b/img/mime/96/ppt.svg new file mode 100644 index 00000000..b77b2d45 --- /dev/null +++ b/img/mime/96/ppt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/txt.svg b/img/mime/96/txt.svg new file mode 100644 index 00000000..c0145145 --- /dev/null +++ b/img/mime/96/txt.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/96/xls.svg b/img/mime/96/xls.svg new file mode 100644 index 00000000..f179a0e6 --- /dev/null +++ b/img/mime/96/xls.svg @@ -0,0 +1 @@ + \ No newline at end of file diff --git a/img/mime/base.png b/img/mime/base.png deleted file mode 100644 index e4a70f70a0e99d203332d78ee7d673a65a8097e2..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 5066 zcmcguXHb*dy8Z$Pp+~BMU?>72y>2>$8fns-bVBGwItqkdbc2A>o3N1{6p-G76lns| zn=}zHu%#>QChqg+%QMIQh_ zDEtE^z|Gt%X8(#CNWC=7d;ox)7XN^NtehJFK&I=gto-1Clc%qzkCUet6t1ic^?Ky# z=7vXMgW$FaSdrPu4auBuAJ z++Pq!n3#xqMz6<5kw7*>vd&hR7+DmT@ZoIbagpm(>&chl%XicAo0SK-wWB1RV2U&i zQ9W@KMH!6s`sc{Lp5B#p0mX1KPA>ogu61DZx!?c+r=ha4_t-m0+5u4D1UVS!)Xwe{ zx)pmxy$#EJ2tq}HI(?IW(*&dF0L9=$*lR#h4TQ?g;4%OThya^Gd%HE@0Y6~F9rk4c zK;@ohJ_Z36FWBfo1<3%E77?ccILQE&qs9rUfT<8b=cw5u1jRkEHPh!nHO!&2_PzcYU2u)555Mkv254!m)Z z2R%;aFSWEMJl5ofnEH0Eo&dmpi)Ys-9xx%wDRN~r;A&6dLcQP)fO3SVcmsfy3a5bK zhgyX`FaW3&g!8^pVm|D;!PiNAtLxfA7x}r3L==p(ryB-=kvX7lJ+ir583E&o8GggU zYa{qckwvUi&nYI=i%Ou|sF6y}i~6T6IIoMRHJp@4sUJ*h%QhDWvP&@KNCY!xMxU~E zX%Nvo<%ABz(dn^kCW~tb>n9jOjWk&Hu8{DfAYn*!4M5 zNm9Zny>4#y)KbkluIB4MdT!W>2*;Xg@NrDhB+&{&9>*#7NOID|D~oV9Jtu&_{ljpa zW?XIDL!V=duPj?kgNY+`V9vp{hD7QGAM{>-^m^_(W?gihd7W+Ff-Kig(ff~6gH;~= z4=(p_Za_A~Hi!`!B1%R@S^A5muMDq?Cz->lUe)VY>&2GRiuq+p4M#G-HH)hXUrsPN zF*=<%SAX?wzP|X9RVV$U$@t)w`q%WYgognXlri*?eQ`*ho7p!=ZXj<4+^EjbdVO=^ z>CHYvAxYt#jLl5yOiv?I-g@3A^vNH{UfzGn^^%!a(6Frhb@@^`xzT~qpkY#(l|cwv z%}CT>t&H?jT7^-0?t>izW&>oIOlfR6veeU1;g3+Wi+Ex)j21>$`47Etw4_(XC($h>UG%EBe)OXq>(AbjP*KMjTW@q74N`3da zA9AZBlSZ!PZW_!QES8X!Flft3AE5=xU5lAtwWtJic$DmBs_Pw~br!0$L-~4wyWlM~rawBn{PH|i09Gu?)4$INIOPk!+SJlH?=J_q&ejG3pom3b`&Fz|NW%DVrEm*^v(w-wY#oUT(({Ppnpv#Uvw|ii zdZna@s)&uQDmJJ7Z_lgPPBt?}l1H4Wq925Qo%%>(`^EMtCX|9ZIyTxQMj_EF&Xj3P zI9)toY(d#)S>>lnn#xi(Qdn22n*Y8yuY9?Hi|m|avskl2uYjZ3(4=XuDcnu-mXrW5 zTEfGvefb=F5WAYYO1}1(F+;H5(ktlINcUlM2}79x4WD$HqE?*FZ!i8-g7B6yJiD_` z8*nF)EU25M8_6y>CNUN_qx_JURcBv=S35Z6TXL&-5a)Z*V!n;0DDJZ7ty+{?i`mk7 z3|anAcM&=1HsQ#W84ppsV|PvG~s74{nA$H zB2^>n9W+n2Mt|*Ij4^SgY-2(_uluBK1=b`T9oohftnC_Z)%78w>mA5-huny4BRXVf zVH#_xYbt2A{Lc1gOfIuLeS89%Zk{onK5T|(A#j5^*7HM0=E94*vWlK2hf&9I$E`0* z{CO5sY31o((y2TsXXolDmyPSNN5`u3g6YFN^DU9}%1uQbvW=~Xl7W$783n^X3=a)| z8cOVrFTS&#KJ^&eWq#axEcR`3-lFy7LVloq-Uwu*J?S`!ID?%ePL`&fG1l zblknMeT3tL7bF~1_0vtCCRxVi4E2+y?(L{k_1$j2%-sv%r<9;H`aP$2mBULVXnpI1 zboqppQhLt++2hI;l8M{?EJzkX7g*MQmRhz!)|rK!MYHaZ{Mgj?Qt-L@{B7zSF#b^q4wNshWM_Gt6n|blxdY2dAQ%` zyI(WEL2J@zl2t8j?Y`~1Eqj?dq1)Gz(~^a5dg$7;8{GEpvE#`WbDreL;$d6RcZRE} z$vi2!#kPZB&y)8jN6QS0p^vyPMh07E1GsmqT6J5k4;8UWv&xIHlL{7>3p0BQVJ@8k z1qWjb>LqrU>Brk6gO4R=sW($ouZRdU4$kdG`R8%pn^1cVeQf{;z5@WLNC5b8g&Vg3z)uJO zwrv1FIs*V0JyWdTs{sJ`2(F@J7&!NBan^&@jG%9&+yK$%76FyG4(%dJVUC(%C5#XF zeEoT#uvO$eXay$a24@rvK?Y|Jx>)c&Z0K3An2TTjwsZR)nShj1#|!L!$9OZE79~NX z4uBz0MSy?^3_$@P0wSm)Zupz2|Ge_=oBy|CI+q_@l3!-umJ41dxthK-Cx11)W7+=X z$3QB#4k73#BlT_h!^otM&{$NuOeo#)*ypvKRr4hA0Gn)11cgAdtSA52URR)z(IfdXmz!aPze?15)dE> zPZ@AXLChZQOtXLqRK5|5Gb-T%OwbR@cBHip`q&jA16^HRUcYIjaE>03GYW9R3zZ0n zl3yUqrjII2s$t-h-9?#@pT5=8K71W~w=uL9K9Q?7LV@2`-ya{>kAATPDUll+8}G|@ z_+!m2r@3`%*-q= z=OZJ9sOTF_2FfliEKsmTK}K?RJLKnipkRG4Fz|)^cJ70=~nH>p;-p&fqLY)k1ZH?)o zDMdjM{!E{q=oQTh`QYz`-P`MUd?El(ksTGZYW>Qp3W^8}T@q>uySh9)tfQeUJ93xPKMyOi`!p#5d7;8|X^W!0ITm9tZq(_4*E~4NaaWn*N)#ieauKymm;Fh7y zl{!0Xwv5;4Lrf;1l6XzJdNGGbAje7U*Rq%`>6s@RG>$yLxrJX)aPu!3*ZeH2tE;);BAHq+a9<*e z58m{*Zru`Nc0`z2wfGO?PcR&gnRO6>r}X$3U;D-JL(Ml|X*^-`Myf0=E+eC(;5MAi zo6#Yb$|z_`GrA+}O8ypAEgv~sj!b|+Q~|y`#gZm&P!O|4$pq|b>FVB=dermw{O*Dq z)zyUGgA`6zS6591F&@mvXE zCNVl0c>HZPmil%=p%)h#1$Bu`$(IjKX~FjSuSYZ9tFvgjA3A4xD|)v)Y8)8XUV9VjF>$?Z^hR@2+OC1qM4l|0n26w zd_-O|nwp9#24f3mi}JcW55m{(cQH>@PdB$H$nH{`E9TotBQ4Wq`Az{Rd}?|cXSb%d zHh0VrJ*3XY&rdw+qpTrDF5zEpxc$q6$JqG>oYx9@%FCO**J1>R$$zC^oI1M!@4IYV zX%@01-B$1ipL18Mf(H(xKqJ9_qy10u i{sHY@8l568B!G!oHUE?6BOu(z5&&1#Q9;9OBK`*vC3{r> diff --git a/img/mime/table.png b/img/mime/table.png deleted file mode 100644 index 3cd8be1bb33521cd53f8baff529ecc77cb06ff5a..0000000000000000000000000000000000000000 GIT binary patch literal 0 HcmV?d00001 literal 2877 zcmV-D3&Qk?P)P000sQ1^@s6t}b<;00009a7bBm000XU z000XU0RWnu7ytkYPiaF#P*7-ZbZ>KLZ*U+IBfRsybQWXdwQbLP>6pAqfylh#{fb6;Z(vMMVS~$e@S=j*ftg6;Uhf59&ghTmgWD0l;*T zI709Y^p6lP1rIRMx#05C~cW=H_Aw*bJ-5DT&Z2n+x)QHX^p z00esgV8|mQcmRZ%02D^@S3L16t`O%c004NIvOKvYIYoh62rY33S640`D9%Y2D-rV&neh&#Q1i z007~1e$oCcFS8neI|hJl{-P!B1ZZ9hpmq0)X0i`JwE&>$+E?>%_LC6RbVIkUx0b+_+BaR3cnT7Zv!AJxW zizFb)h!jyGOOZ85F;a?DAXP{m@;!0_IfqH8(HlgRxt7s3}k3K`kFu>>-2Q$QMFfPW!La{h336o>X zu_CMttHv6zR;&ZNiS=X8v3CR#fknUxHUxJ0uoBa_M6WNWeqIg~6QE69c9o#eyhGvpiOA@W-aonk<7r1(?fC{oI5N*U!4 zfg=2N-7=cNnjjOr{yriy6mMFgG#l znCF=fnQv8CDz++o6_Lscl}eQ+l^ZHARH>?_s@|##Rr6KLRFA1%Q+=*RRWnoLsR`7U zt5vFIcfW3@?wFpwUVxrVZ>QdQz32KIeJ}k~{cZZE^+ya? z2D1z#2HOnI7(B%_ac?{wFUQ;QQA1tBKtrWrm0_3Rgps+?Jfqb{jYbcQX~taRB;#$y zZN{S}1|}gUOHJxc?wV3fxuz+mJ4`!F$IZ;mqRrNsHJd##*D~ju=bP7?-?v~|cv>vB zsJ6IeNwVZxrdjT`yl#bBIa#GxRa#xMMy;K#CDyyGyQdMSxlWT#tDe?p!?5wT$+oGt z8L;Kp2HUQ-ZMJ=3XJQv;x5ci*?vuTfeY$;({XGW_huIFR9a(?@3)XSs8O^N5RyOM=TTmp(3=8^+zpz2r)C z^>JO{deZfso3oq3?Wo(Y?l$ge?uXo;%ru`Vo>?<<(8I_>;8Eq#KMS9gFl*neeosSB zfoHYnBQIkwkyowPu(zdms`p{<7e4kra-ZWq<2*OsGTvEV%s0Td$hXT+!*8Bnh2KMe zBmZRodjHV?r+_5^X9J0WL4jKW`}lf%A-|44I@@LTvf1rHjG(ze6+w@Jt%Bvjts!X0 z?2xS?_ve_-kiKB_KiJlZ$9G`c^=E@oNG)mWWaNo-3TIW8)$Hg0Ub-~8?KhvJ>$ z3*&nim@mj(aCxE5!t{lw7O5^0EIO7zOo&c6l<+|iDySBWCGrz@C5{St!X3hAA}`T4 z(TLbXTq+(;@<=L8dXnssyft|w#WSTW<++3>sgS%(4NTpeI-VAqb|7ssJvzNHgOZVu zaYCvgO_R1~>SyL=cFU|~g|hy|Zi}}s9+d~lYqOB71z9Z$wnC=pR9Yz4DhIM>Wmjgu z&56o6maCpC&F##y%G;1PobR9i?GnNg;gYtchD%p19a!eQtZF&3JaKv33gZ<8D~47E ztUS1iwkmDaPpj=$m#%)jCVEY4fnLGNg2A-`YwHVD3gv};>)hAvT~AmqS>Lr``i7kw zJ{5_It`yrBmlc25DBO7E8;5VoznR>Ww5hAaxn$2~(q`%A-YuS64wkBy=9dm`4cXeX z4c}I@?e+FW+b@^RDBHV(wnMq2zdX3SWv9u`%{xC-q*U}&`cyXV(%rRT*Z6MH?i+i& z_B8C(+grT%{XWUQ+f@NoP1R=AW&26{v-dx)iK^-Nmiuj8txj!m?Z*Ss1N{dh4z}01 z)YTo*JycSU)+_5r4#yw9{+;i4Ee$peRgIj+;v;ZGdF1K$3E%e~4LaI(jC-u%2h$&R z9cLXcYC@Xwnns&bn)_Q~Te?roKGD|d-g^8;+aC{{G(1^(O7m37Y1-+6)01cN&y1aw zoqc{T`P^XJqPBbIW6s}d4{z_f5Om?vMgNQEJG?v2T=KYd^0M3I6IZxbny)%vZR&LD zJpPl@Psh8QyPB@KTx+@RdcC!KX7}kEo;S|j^u2lU7XQ}Oo;f|;z4Ll+_r>@1-xl3| zawq-H%e&ckC+@AhPrP6BKT#_XdT7&;F71j}Joy zkC~6lh7E@6o;W@^IpRNZ{ptLtL(gQ-CY~4mqW;US7Zxvm_|@yz&e53Bp_lTPlfP|z zrTyx_>lv@x#=^!PzR7qqF<$gm`|ZJZ+;<)Cqu&ot2z=00004XF*Lt006O$eEU(80000WV@Og>004R=004l4008;_004mL004C` z008P>0026e000+nl3&F}00013NklDsye59FANCCfp|0YTwD=X_C1_lNO00000 b|NjF3DUf0nDp4Ku00000NkvXXu0mjfziv%f From 1dc4c377f9f7d8dc4fd60218cf2714708ad54242 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 9 Sep 2016 10:56:05 -0600 Subject: [PATCH 016/391] Thumbnails are beautiful now :') --- app/controller/files.php | 64 +++++++++++++++++++++++++++++++++------- 1 file changed, 54 insertions(+), 10 deletions(-) diff --git a/app/controller/files.php b/app/controller/files.php index f5f4b7d8..c6634efb 100644 --- a/app/controller/files.php +++ b/app/controller/files.php @@ -82,21 +82,66 @@ public function thumb($f3, $params) { return; } - // Generate thumbnail of image file - /* @todo: Replace with hacky imagefillrectangle and imagecopyresampled - code to render a nice _image.svg-style frame around the thumbnail */ - if(is_file($file->disk_filename)) { - $img = new \Helper\Image($file->disk_filename); - $hide_ext = true; - } else { + if(!is_file($file->disk_filename)) { header("Content-Type: image/svg+xml"); readfile("img/mime/96/_404.svg"); return; } - $img->resize($params["size"], $params["size"]); + + // Generate thumbnail of image file + $img = new \Helper\Image($file->disk_filename); + + $size = intval($params["size"]); + + // 1.1 fits perfectly but crops shadow, so we compare width vs height + if($img->width() > $img->height()) { + $thumbSize = round($size / 1.1); + } else { + $thumbSize = round($size / 1.2); + } + + // Resize thumbnail + $img->resize($thumbSize, $thumbSize, false); + $tw = $img->width(); + $th = $img->height(); + $ox = round(($size - $tw) / 2); + $oy = round(($size - $th) / 2); + $fs = round($size / 24); + $fb = round($fs * 0.75); + + // Initialize frame image + $frame = imagecreatetruecolor($size, $size); + imagesavealpha($frame, true); + $transparent = imagecolorallocatealpha($frame, 0, 0, 0, 127); + imagefill($frame, 0, 0, $transparent); + + // Draw drop shadow + $cs = imagecolorallocatealpha($frame, 0, 0, 0, 120); + imagefilledrectangle($frame, $ox - $fb, $size - $oy + $fb, $size - $ox + $fb, $size - $oy + round($fb * 1.5), $cs); + imagefilledrectangle($frame, $ox - round($fb / 2), $size - $oy + $fb, $size - $ox + round($fb / 2), $size - $oy + round($fb * 1.625), $cs); + imagefilledrectangle($frame, $ox, $size - $oy + $fb, $size - $ox, $size - $oy + round($fb * 2), $cs); + + // Draw frame + $c0 = imagecolorallocatealpha($frame, 193, 193, 193, 16); + imagefilledrectangle($frame, $ox - $fs, $oy - $fs, $size - $ox + $fs, $size - $oy + $fs, $c0); + $c1 = imagecolorallocate($frame, 243, 243, 243); + imagefilledrectangle($frame, $ox - $fb, $oy - $fb, $size - $ox + $fb, $size - $oy + $fb, $c1); + $c2 = imagecolorallocate($frame, 230, 230, 230); + imagefilledpolygon($frame, array( + $size - $ox + $fb, $oy - $fb, + $size - $ox + $fb, $size - $oy + $fb, + $ox - $fb, $size - $oy + $fb, + ), 3, $c2); + + // Copy thumbnail onto frame + imagecopy($frame, $img->data(), $ox, $oy, 0, 0, $tw, $th); + + // Draw inner shadow thumbnail + $c3 = imagecolorallocatealpha($frame, 0, 0, 0, 100); + imagerectangle($frame, $ox, $oy, $size - $ox, $size - $oy, $c3); // Render and cache image - $data = $img->dump($params["format"]); + $data = call_user_func_array('image' . $params["format"], array($frame)); if($f3->get("DEBUG") < 2) { $cache->set($hash, $data, $f3->get("cache_expire.attachments")); } @@ -104,7 +149,6 @@ public function thumb($f3, $params) { // Output image header("Content-type: image/" . $params["format"]); echo $data; - } /** From cb948477ffb1a8377d2420faef4e06e94bac4841 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 9 Sep 2016 12:06:25 -0600 Subject: [PATCH 017/391] Only render frame/shadow on opaque images --- app/controller/files.php | 55 +++++++++++++++++++++++----------------- 1 file changed, 32 insertions(+), 23 deletions(-) diff --git a/app/controller/files.php b/app/controller/files.php index c6634efb..9d9a9693 100644 --- a/app/controller/files.php +++ b/app/controller/files.php @@ -82,19 +82,23 @@ public function thumb($f3, $params) { return; } + // Load 404 image if original file is missing if(!is_file($file->disk_filename)) { header("Content-Type: image/svg+xml"); readfile("img/mime/96/_404.svg"); return; } - // Generate thumbnail of image file + // Initialize thumbnail image $img = new \Helper\Image($file->disk_filename); - $size = intval($params["size"]); + // Render thumbnail directly if no alpha + $alpha = (imagecolorat($img->data(), 0, 0) & 0x7F000000) >> 24; // 1.1 fits perfectly but crops shadow, so we compare width vs height - if($img->width() > $img->height()) { + if($alpha) { + $thumbSize = $size; + } elseif($img->width() > $img->height()) { $thumbSize = round($size / 1.1); } else { $thumbSize = round($size / 1.2); @@ -110,35 +114,40 @@ public function thumb($f3, $params) { $fb = round($fs * 0.75); // Initialize frame image + $size = intval($params["size"]) ?: 96; $frame = imagecreatetruecolor($size, $size); imagesavealpha($frame, true); $transparent = imagecolorallocatealpha($frame, 0, 0, 0, 127); imagefill($frame, 0, 0, $transparent); - // Draw drop shadow - $cs = imagecolorallocatealpha($frame, 0, 0, 0, 120); - imagefilledrectangle($frame, $ox - $fb, $size - $oy + $fb, $size - $ox + $fb, $size - $oy + round($fb * 1.5), $cs); - imagefilledrectangle($frame, $ox - round($fb / 2), $size - $oy + $fb, $size - $ox + round($fb / 2), $size - $oy + round($fb * 1.625), $cs); - imagefilledrectangle($frame, $ox, $size - $oy + $fb, $size - $ox, $size - $oy + round($fb * 2), $cs); - - // Draw frame - $c0 = imagecolorallocatealpha($frame, 193, 193, 193, 16); - imagefilledrectangle($frame, $ox - $fs, $oy - $fs, $size - $ox + $fs, $size - $oy + $fs, $c0); - $c1 = imagecolorallocate($frame, 243, 243, 243); - imagefilledrectangle($frame, $ox - $fb, $oy - $fb, $size - $ox + $fb, $size - $oy + $fb, $c1); - $c2 = imagecolorallocate($frame, 230, 230, 230); - imagefilledpolygon($frame, array( - $size - $ox + $fb, $oy - $fb, - $size - $ox + $fb, $size - $oy + $fb, - $ox - $fb, $size - $oy + $fb, - ), 3, $c2); + if(!$alpha) { + // Draw drop shadow + $cs = imagecolorallocatealpha($frame, 0, 0, 0, 120); + imagefilledrectangle($frame, $ox - $fb, $size - $oy + $fb, $size - $ox + $fb, $size - $oy + round($fb * 1.5), $cs); + imagefilledrectangle($frame, $ox - round($fb / 2), $size - $oy + $fb, $size - $ox + round($fb / 2), $size - $oy + round($fb * 1.625), $cs); + imagefilledrectangle($frame, $ox, $size - $oy + $fb, $size - $ox, $size - $oy + round($fb * 2), $cs); + + // Draw frame + $c0 = imagecolorallocatealpha($frame, 193, 193, 193, 16); + imagefilledrectangle($frame, $ox - $fs, $oy - $fs, $size - $ox + $fs, $size - $oy + $fs, $c0); + $c1 = imagecolorallocate($frame, 243, 243, 243); + imagefilledrectangle($frame, $ox - $fb, $oy - $fb, $size - $ox + $fb, $size - $oy + $fb, $c1); + $c2 = imagecolorallocate($frame, 230, 230, 230); + imagefilledpolygon($frame, array( + $size - $ox + $fb, $oy - $fb, + $size - $ox + $fb, $size - $oy + $fb, + $ox - $fb, $size - $oy + $fb, + ), 3, $c2); + } // Copy thumbnail onto frame imagecopy($frame, $img->data(), $ox, $oy, 0, 0, $tw, $th); - // Draw inner shadow thumbnail - $c3 = imagecolorallocatealpha($frame, 0, 0, 0, 100); - imagerectangle($frame, $ox, $oy, $size - $ox, $size - $oy, $c3); + if(!$alpha) { + // Draw inner shadow thumbnail + $c3 = imagecolorallocatealpha($frame, 0, 0, 0, 100); + imagerectangle($frame, $ox, $oy, $size - $ox, $size - $oy, $c3); + } // Render and cache image $data = call_user_func_array('image' . $params["format"], array($frame)); From 4053d2481dc2a7059ce8bdb0a557ba3c65296322 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 9 Sep 2016 12:32:23 -0600 Subject: [PATCH 018/391] Fixing thumbnail generation --- app/controller/files.php | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/controller/files.php b/app/controller/files.php index 9d9a9693..dd7c56ad 100644 --- a/app/controller/files.php +++ b/app/controller/files.php @@ -96,6 +96,7 @@ public function thumb($f3, $params) { $alpha = (imagecolorat($img->data(), 0, 0) & 0x7F000000) >> 24; // 1.1 fits perfectly but crops shadow, so we compare width vs height + $size = intval($params["size"]) ?: 96; if($alpha) { $thumbSize = $size; } elseif($img->width() > $img->height()) { @@ -114,7 +115,6 @@ public function thumb($f3, $params) { $fb = round($fs * 0.75); // Initialize frame image - $size = intval($params["size"]) ?: 96; $frame = imagecreatetruecolor($size, $size); imagesavealpha($frame, true); $transparent = imagecolorallocatealpha($frame, 0, 0, 0, 127); From 78bc3d86cf219979e4f0e481242372f5ddae49f4 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Fri, 9 Sep 2016 13:04:05 -0600 Subject: [PATCH 019/391] Adding 3x thumbnail support because Android is awesome --- app/view/blocks/file/thumb.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/view/blocks/file/thumb.html b/app/view/blocks/file/thumb.html index 2973c936..ee54ced4 100644 --- a/app/view/blocks/file/thumb.html +++ b/app/view/blocks/file/thumb.html @@ -7,7 +7,7 @@ - + From 982b34c26514f8a29ef46ca65a8eb24edf07434f Mon Sep 17 00:00:00 2001 From: Fyodor Date: Sat, 10 Sep 2016 06:30:36 +0300 Subject: [PATCH 020/391] hide database pass length in admin panel fix #246 --- app/view/admin/index.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/view/admin/index.html b/app/view/admin/index.html index 49a3d3a9..8ba3d814 100644 --- a/app/view/admin/index.html +++ b/app/view/admin/index.html @@ -41,7 +41,7 @@

    {{ @dict.database }}

    {{ @dict.hostname }}: {{ @db.host }}:{{ @db.port }}
    {{ @dict.schema }}: {{ @db.name }}
    {{ @dict.username }}: {{ @db.user }}
    - {{ @dict.password }}: {{ str_repeat("*", strlen(@db.pass)) }}
    + {{ @dict.password }}: {{ str_repeat("*", 8) }}
    {{ @dict.current_version }}: {{@version}}
    From f5ce159b5a22f31c7de0d25bb2900ee6efaff514 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Mon, 12 Sep 2016 16:49:09 -0600 Subject: [PATCH 021/391] Basic type filtering on backlog --- app/controller/backlog.php | 54 ++++++++++++------------ app/view/backlog/index.html | 84 ++++++++++++++++++++++++++++++------- db/16.09.12.sql | 9 ++++ js/backlog.js | 13 ++++-- 4 files changed, 114 insertions(+), 46 deletions(-) create mode 100644 db/16.09.12.sql diff --git a/app/controller/backlog.php b/app/controller/backlog.php index c9f603fe..75d01a35 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -19,24 +19,16 @@ public function __construct() { * @param array $params */ public function index($f3, $params) { - - if(empty($params["filter"])) { - $params["filter"] = "groups"; - } - - if(empty($params["groupid"])) { - $params["groupid"] = ""; - } + $groupId = $f3->get("GET.group_id"); // Get list of all users in the user's groups - if($params["filter"] == "groups") { + if($groupId != "all" && $groupId != "me") { $group_model = new \Model\User\Group(); - if(!empty($params["groupid"]) && is_numeric($params["groupid"])) { - //Get users list from a specific Group - $users_result = $group_model->find(array("group_id = ?", $params["groupid"])); - + if($groupId && is_numeric($groupId)) { + // Get users list from a specific group + $users_result = $group_model->find(array("group_id = ?", $groupId)); } else { - //Get users list from all groups that you are in + // Get users list from all groups that you are in $groups_result = $group_model->find(array("user_id = ?", $this->_userId)); $filter_users = array($this->_userId); foreach($groups_result as $g) { @@ -49,8 +41,8 @@ public function index($f3, $params) { foreach($users_result as $u) { $filter_users[] = $u["user_id"]; } - } elseif($params["filter"] == "me") { - //Just get your own id + } elseif($groupId == "me") { + // Just get your own id $filter_users = array($this->_userId); } @@ -60,19 +52,25 @@ public function index($f3, $params) { $sprint_model = new \Model\Sprint(); $sprints = $sprint_model->find(array("end_date >= ?", $this->now(false)), array("order" => "start_date ASC")); + $typeIds = $f3->get("GET.type_id") + ? array_filter($f3->split($f3->get("GET.type_id")), "is_numeric") + : array($f3->get("issue_type.project")); + sort($typeIds, SORT_NUMERIC); + $typeStr = implode(",", $typeIds); $issue = new \Model\Issue\Detail(); $sprint_details = array(); foreach($sprints as $sprint) { - $projects = $issue->find(array("deleted_date IS NULL AND sprint_id = ? AND type_id = ? $filter_string", $sprint->id, $f3->get("issue_type.project")), - array('order' => 'priority DESC, due_date') - ); + $projects = $issue->find( + array("deleted_date IS NULL AND sprint_id = ? AND type_id IN ($typeStr) $filter_string", $sprint->id), + array('order' => 'priority DESC, due_date') + ); - if(!empty($params["groupid"])) { + if(!empty($groupId)) { // Add sorted projects $sprintBacklog = array(); $sortModel = new \Model\Issue\Backlog; - $sortModel->load(array("user_id = ? AND sprint_id = ?", $params["groupid"], $sprint->id)); + $sortModel->load(array("user_id = ? AND sprint_id = ? AND type_id = ?", $groupId, $sprint->id, $typeStr)); $sortArray = array(); if($sortModel->id) { $sortArray = json_decode($sortModel->issues); @@ -98,7 +96,7 @@ public function index($f3, $params) { $sprint_details[] = $sprint->cast() + array("projects" => $sprintBacklog); } - $large_projects = $f3->get("db.instance")->exec("SELECT parent_id FROM issue WHERE parent_id IS NOT NULL AND type_id = ?", $f3->get("issue_type.project")); + $large_projects = $f3->get("db.instance")->exec("SELECT parent_id FROM issue WHERE parent_id IS NOT NULL AND type_id IN ($typeStr)"); $large_project_ids = array(); foreach($large_projects as $p) { $large_project_ids[] = $p["parent_id"]; @@ -108,22 +106,22 @@ public function index($f3, $params) { if(!empty($large_project_ids)) { $large_project_ids = implode(",", $large_project_ids); $unset_projects = $issue->find( - array("deleted_date IS NULL AND sprint_id IS NULL AND type_id = ? AND status_closed = '0' AND id NOT IN ({$large_project_ids}) $filter_string", $f3->get("issue_type.project")), + array("deleted_date IS NULL AND sprint_id IS NULL AND type_id IN ($typeStr) AND status_closed = '0' AND id NOT IN ({$large_project_ids}) $filter_string"), array('order' => 'priority DESC, due_date') ); } else { $unset_projects = $issue->find( - array("deleted_date IS NULL AND sprint_id IS NULL AND type_id = ? AND status_closed = '0' $filter_string", $f3->get("issue_type.project")), + array("deleted_date IS NULL AND sprint_id IS NULL AND type_id IN ($typeStr) AND status_closed = '0' $filter_string"), array('order' => 'priority DESC, due_date') ); } // Filter projects into sorted and unsorted arrays if filtering by group - if(!empty($params["groupid"])) { + if($groupId && $groupId != "all") { // Add sorted projects $backlog = array(); $sortModel = new \Model\Issue\Backlog; - $sortModel->load(array("user_id = ? AND sprint_id IS NULL", $params["groupid"])); + $sortModel->load(array("user_id = ? AND sprint_id IS NULL AND type_id = ?", $groupId, $typeStr)); $sortArray = array(); if($sortModel->id) { $sortArray = json_decode($sortModel->issues); @@ -149,7 +147,8 @@ public function index($f3, $params) { $groups = new \Model\User(); $f3->set("groups", $groups->getAllGroups()); - $f3->set("groupid", $params["groupid"]); + $f3->set("groupid", $groupId); + $f3->set("type_ids", $typeIds); $f3->set("sprints", $sprint_details); $f3->set("backlog", $backlog); $f3->set("unsorted", $unsorted); @@ -188,6 +187,7 @@ public function sort($f3) { $backlog->load(array("user_id = ? AND sprint_id IS NULL", $f3->get("POST.user"))); } $backlog->user_id = $f3->get("POST.user"); + $backlog->type_id = $f3->get("POST.type_id"); $backlog->issues = $f3->get("POST.items"); $backlog->save(); } diff --git a/app/view/backlog/index.html b/app/view/backlog/index.html index cdc2bb18..f3581e83 100644 --- a/app/view/backlog/index.html +++ b/app/view/backlog/index.html @@ -12,32 +12,84 @@
    {{ @dict.backlog }}  -
    - - +
    + + +
    +
    + + +
    {{ @dict.add_project }}
    -
      +
      • {{ @project.priority_name }} + {{ @project.type_name }} #{{ @project.id }}  {{ @project.name | esc }} @@ -68,6 +120,7 @@
      • {{ @project.priority_name }} + {{ @project.type_name }} #{{ @project.id }}  {{ @project.name | esc }} @@ -87,6 +140,7 @@
      • {{ @project.priority_name }} + {{ @project.type_name }} #{{ @project.id }}  {{ @project.name | esc }} diff --git a/db/16.09.12.sql b/db/16.09.12.sql new file mode 100644 index 00000000..38e0ce29 --- /dev/null +++ b/db/16.09.12.sql @@ -0,0 +1,9 @@ +# Update issue_backlog table structure +ALTER TABLE issue_backlog ADD COLUMN type_id VARCHAR(30) NULL AFTER user_id; + +UPDATE issue_backlog b +JOIN config c ON c.attribute = 'issue_type.project' +SET b.type_id = c.value; + +# Update version +UPDATE `config` SET `value` = '16.09.12' WHERE `attribute` = 'version'; diff --git a/js/backlog.js b/js/backlog.js index 1d1d947f..6595686c 100644 --- a/js/backlog.js +++ b/js/backlog.js @@ -38,7 +38,6 @@ var Backlog = { } else { Backlog.projectReceived = false; } - Backlog.saveSortOrder(); } }).disableSelection(); }, @@ -61,6 +60,9 @@ var Backlog = { }; Backlog.ajaxUpdateBacklog(data, item); + Backlog.saveSortOrder([sender, $(item).parents('.sortable')]); + } else { + Backlog.saveSortOrder([$(item).parents('.sortable')]); } }, sameReceive: function(item, receiverSerialized) { @@ -75,6 +77,7 @@ var Backlog = { }; Backlog.ajaxUpdateBacklog(data, item); + Backlog.saveSortOrder([$(item).parents('.sortable')]); }, ajaxUpdateBacklog: function(data, item) { var projectId = data.itemId; @@ -92,13 +95,14 @@ var Backlog = { } }); }, - saveSortOrder: function() { - var userId = $('#panel-0 .list-group').attr('data-user-id'); + saveSortOrder: function(elements) { + var userId = $('#panel-0 .list-group').attr('data-user-id'), + typeId = $('#panel-0 .list-group').attr('data-type-id'); if(!userId) return; - $('.panel-body > .list-group.sortable').each(function() { + $(elements).each(function() { var items = []; $(this).find('.list-group-item').each(function() { items.push(parseInt($(this).attr('data-id'))); @@ -107,6 +111,7 @@ var Backlog = { $.post(BASE + '/backlog/sort', { user: userId, sprint_id: $(this).attr('data-list-id'), + type_id: typeId, items: JSON.stringify(items) }).error(function() { console.error('An error occurred saving the sort order.'); From 7e8a022fd2b47fa6c5b76c16716b9d1ff5f38c0f Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Mon, 12 Sep 2016 16:50:02 -0600 Subject: [PATCH 022/391] Only save changed sections on backlog sort --- js/backlog.js | 9 ++++++--- 1 file changed, 6 insertions(+), 3 deletions(-) diff --git a/js/backlog.js b/js/backlog.js index 1d1d947f..94c1c484 100644 --- a/js/backlog.js +++ b/js/backlog.js @@ -38,7 +38,6 @@ var Backlog = { } else { Backlog.projectReceived = false; } - Backlog.saveSortOrder(); } }).disableSelection(); }, @@ -61,6 +60,9 @@ var Backlog = { }; Backlog.ajaxUpdateBacklog(data, item); + Backlog.saveSortOrder([sender, $(item).parents('.sortable')]); + } else { + Backlog.saveSortOrder([$(item).parents('.sortable')]); } }, sameReceive: function(item, receiverSerialized) { @@ -75,6 +77,7 @@ var Backlog = { }; Backlog.ajaxUpdateBacklog(data, item); + Backlog.saveSortOrder([$(item).parents('.sortable')]); }, ajaxUpdateBacklog: function(data, item) { var projectId = data.itemId; @@ -92,13 +95,13 @@ var Backlog = { } }); }, - saveSortOrder: function() { + saveSortOrder: function(elements) { var userId = $('#panel-0 .list-group').attr('data-user-id'); if(!userId) return; - $('.panel-body > .list-group.sortable').each(function() { + $(elements).each(function() { var items = []; $(this).find('.list-group-item').each(function() { items.push(parseInt($(this).attr('data-id'))); From 3c7696bcf25e84da1e7d50c0d75e23c17dbb4836 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 14 Sep 2016 08:50:08 -0600 Subject: [PATCH 023/391] Shaun-style backlog is a thing! --- app/controller/backlog.php | 67 +++++++++++++++++++++++++------ app/routes.ini | 4 +- app/view/backlog/index.html | 8 ++-- js/backlog.js | 79 ++++++++++++++++++++----------------- 4 files changed, 104 insertions(+), 54 deletions(-) diff --git a/app/controller/backlog.php b/app/controller/backlog.php index 75d01a35..1ff8eba1 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -10,10 +10,31 @@ public function __construct() { $this->_userId = $this->_requireLogin(); } + /** + * Merge n sorted arrays into a single array with the same sort order + * + * @param array $arrays Array of sorted arrays to merge + * @return array + */ + protected function _mergeSorted(array $arrays) { + $lengths = array(); + foreach ($arrays as $k=>$v) { + $lengths[$k] = count($v); + } + $max = max($lengths); + $result = array(); + for ($i = 0; $i < $max; $i++) { + foreach ($lengths as $k=>$l) { + if ($l > $i) { + $result[] = $arrays[$k][$i]; + } + } + } + return $result; + } + /** * GET /backlog - * GET /backlog/@filter - * GET /backlog/@filter/@groupid * * @param \Base $f3 * @param array $params @@ -70,10 +91,14 @@ public function index($f3, $params) { // Add sorted projects $sprintBacklog = array(); $sortModel = new \Model\Issue\Backlog; - $sortModel->load(array("user_id = ? AND sprint_id = ? AND type_id = ?", $groupId, $sprint->id, $typeStr)); + $sortOrders = $sortModel->find(array("user_id = ? AND sprint_id = ? AND type_id IN ($typeStr)", $groupId, $sprint->id), array("order" => "type_id ASC")); $sortArray = array(); - if($sortModel->id) { - $sortArray = json_decode($sortModel->issues); + if($sortOrders) { + $orders = array(); + foreach($sortOrders as $order) { + $orders[] = json_decode($order->issues) ?: array(); + } + $sortArray = $this->_mergeSorted($orders); foreach($sortArray as $id) { foreach($projects as $p) { if($p->id == $id) { @@ -121,10 +146,14 @@ public function index($f3, $params) { // Add sorted projects $backlog = array(); $sortModel = new \Model\Issue\Backlog; - $sortModel->load(array("user_id = ? AND sprint_id IS NULL AND type_id = ?", $groupId, $typeStr)); + $sortOrders = $sortModel->find(array("user_id = ? AND sprint_id IS NULL AND type_id IN ($typeStr)", $groupId), array("order" => "type_id ASC")); $sortArray = array(); - if($sortModel->id) { - $sortArray = json_decode($sortModel->issues); + if($sortOrders) { + $orders = array(); + foreach($sortOrders as $order) { + $orders[] = json_decode($order->issues) ?: array(); + } + $sortArray = $this->_mergeSorted($orders); foreach($sortArray as $id) { foreach($unset_projects as $p) { if($p->id == $id) { @@ -158,6 +187,22 @@ public function index($f3, $params) { $this->_render("backlog/index.html"); } + /** + * GET /backlog/@filter + * GET /backlog/@filter/@groupid + * @param \Base $f3 + * @param array $params + */ + public function redirect(\Base $f3, array $params) { + if (isset($params["groupid"]) && intval($params["groupid"]) == $params["groupid"]) { + $f3->reroute("/backlog?group_id=" . $params["groupid"]); + } elseif(in_array($params["filter"], array("me", "all"))) { + $f3->reroute("/backlog?group_id=" . $params["filter"]); + } else { + $f3->reroute("/backlog"); + } + } + /** * POST /edit * @param \Base $f3 @@ -181,12 +226,12 @@ public function sort($f3) { $this->_requireLogin(\Model\User::RANK_MANAGER); $backlog = new \Model\Issue\Backlog; if($f3->get("POST.sprint_id")) { - $backlog->load(array("user_id = ? AND sprint_id = ?", $f3->get("POST.user"), $f3->get("POST.sprint_id"))); + $backlog->load(array("user_id = ? AND type_id = ? AND sprint_id = ?", $f3->get("POST.user_id"), $f3->get("POST.type_id"), $f3->get("POST.sprint_id"))); $backlog->sprint_id = $f3->get("POST.sprint_id"); } else { - $backlog->load(array("user_id = ? AND sprint_id IS NULL", $f3->get("POST.user"))); + $backlog->load(array("user_id = ? AND type_id = ? AND sprint_id IS NULL", $f3->get("POST.user_id"), $f3->get("POST.type_id"))); } - $backlog->user_id = $f3->get("POST.user"); + $backlog->user_id = $f3->get("POST.user_id"); $backlog->type_id = $f3->get("POST.type_id"); $backlog->issues = $f3->get("POST.items"); $backlog->save(); diff --git a/app/routes.ini b/app/routes.ini index 6a731195..ab5c6f95 100644 --- a/app/routes.ini +++ b/app/routes.ini @@ -99,8 +99,8 @@ GET /backlog = Controller\Backlog->index GET /backlog/old = Controller\Backlog->index_old POST /backlog/edit = Controller\Backlog->edit POST /backlog/sort = Controller\Backlog->sort -GET /backlog/@filter = Controller\Backlog->index -GET /backlog/@filter/@groupid = Controller\Backlog->index +GET /backlog/@filter = Controller\Backlog->redirect +GET /backlog/@filter/@groupid = Controller\Backlog->redirect ; Files GET /files/thumb/@size-@id.@format = Controller\Files->thumb diff --git a/app/view/backlog/index.html b/app/view/backlog/index.html index f3581e83..f247786b 100644 --- a/app/view/backlog/index.html +++ b/app/view/backlog/index.html @@ -84,9 +84,9 @@
    -
      +
        -
      • +
      • {{ @project.priority_name }} {{ @project.type_name }} @@ -117,7 +117,7 @@
          -
        • +
        • {{ @project.priority_name }} {{ @project.type_name }} @@ -137,7 +137,7 @@
            -
          • +
          • {{ @project.priority_name }} {{ @project.type_name }} diff --git a/js/backlog.js b/js/backlog.js index 6595686c..7b16f747 100644 --- a/js/backlog.js +++ b/js/backlog.js @@ -5,16 +5,6 @@ function cleanId(identifier, id) { return (id.replace(identifier + '_', '')); } -function sanitizeSortableArray(identifier, sortableString) { - sortableString = sortableString.replace(/&/g, ''); - - var sortableArray = []; - sortableArray = sortableString.split(identifier + '[]='); - sortableArray.splice(0, 1); - - return sortableArray; -} - var Backlog = { updateUrl: BASE + '/backlog/edit', projectReceived: 0, @@ -28,51 +18,55 @@ var Backlog = { $(selector).sortable({ items: 'li:not(.unsortable)', connectWith: '.sortable', + start: function(event, ui) { + // Fade out non-matching types + if($(ui.item).attr('data-type-id')) { + $('.sortable .list-group-item') + .filter(':not([data-type-id="' + $(ui.item).attr('data-type-id') + '"])') + .fadeTo(200, 0.25); + } + }, receive: function(event, ui) { - Backlog.projectReceive($(ui.item), $(ui.sender), sanitizeSortableArray('project', $(this).sortable('serialize'))); + Backlog.projectReceive($(ui.item), $(ui.sender)); Backlog.projectReceived = true; // keep from repeating if changed lists }, stop: function(event, ui) { + // Fade in all items + $('.sortable .list-group-item').fadeTo(150, 1); if (Backlog.projectReceived !== true) { - Backlog.sameReceive($(ui.item), sanitizeSortableArray('project', $(this).sortable('serialize'))); + Backlog.sameReceive($(ui.item)); } else { Backlog.projectReceived = false; } } }).disableSelection(); }, - projectReceive: function(item, sender, receiverSerialized) { + projectReceive: function(item, sender) { var itemId = cleanId('project', $(item).attr('id')), receiverId = $(item).parent().attr('data-list-id'), senderId = $(sender).attr('data-list-id'); - if (typeof($(sender).attr('data-list-id') !== 'undefined')) { - var senderSerialized = sanitizeSortableArray('project', $(sender).sortable('serialize')), - data = { + if ($(item).parent().attr('data-list-id') !== undefined) { + var data = { itemId: itemId, sender: { - senderId: senderId, - senderSerialized: senderSerialized + senderId: senderId }, reciever: { - receiverId: receiverId, - receiverSerialized: receiverSerialized + receiverId: receiverId } }; Backlog.ajaxUpdateBacklog(data, item); Backlog.saveSortOrder([sender, $(item).parents('.sortable')]); - } else { - Backlog.saveSortOrder([$(item).parents('.sortable')]); } }, - sameReceive: function(item, receiverSerialized) { + sameReceive: function(item) { var itemId = cleanId('project', $(item).attr('id')), receiverId = $(item).parent().attr('data-list-id'), data = { itemId: itemId, reciever: { - receiverId: receiverId, - receiverSerialized: receiverSerialized + receiverId: receiverId } }; @@ -96,25 +90,36 @@ var Backlog = { }); }, saveSortOrder: function(elements) { - var userId = $('#panel-0 .list-group').attr('data-user-id'), - typeId = $('#panel-0 .list-group').attr('data-type-id'); + var userId = $('#panel-0 .list-group').attr('data-user-id'); if(!userId) return; $(elements).each(function() { - var items = []; - $(this).find('.list-group-item').each(function() { - items.push(parseInt($(this).attr('data-id'))); + var $el = $(this), + itemsByType = {}; + + if ($el.attr('data-list-id') === undefined) { + return; + } + + $el.find('.list-group-item').each(function() { + var type = $(this).attr('data-type-id'); + if (!(type in itemsByType)) { + itemsByType[type] = []; + } + itemsByType[type].push(parseInt($(this).attr('data-id'))); }); - $.post(BASE + '/backlog/sort', { - user: userId, - sprint_id: $(this).attr('data-list-id'), - type_id: typeId, - items: JSON.stringify(items) - }).error(function() { - console.error('An error occurred saving the sort order.'); + $.each(itemsByType, function(type, items) { + $.post(BASE + '/backlog/sort', { + user_id: userId, + sprint_id: $el.attr('data-list-id'), + type_id: type, + items: JSON.stringify(items) + }).error(function() { + console.error('An error occurred saving the sort order.'); + }); }); }); }, From 57c692c149c0f5edd2bee692b7bc280f0249ea48 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 14 Sep 2016 08:53:18 -0600 Subject: [PATCH 024/391] Moving sorted merge function to Matrix helper --- app/controller/backlog.php | 27 ++------------------------- app/helper/matrix.php | 30 ++++++++++++++++++++++++++++++ 2 files changed, 32 insertions(+), 25 deletions(-) create mode 100644 app/helper/matrix.php diff --git a/app/controller/backlog.php b/app/controller/backlog.php index 1ff8eba1..f9eb8c4b 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -10,29 +10,6 @@ public function __construct() { $this->_userId = $this->_requireLogin(); } - /** - * Merge n sorted arrays into a single array with the same sort order - * - * @param array $arrays Array of sorted arrays to merge - * @return array - */ - protected function _mergeSorted(array $arrays) { - $lengths = array(); - foreach ($arrays as $k=>$v) { - $lengths[$k] = count($v); - } - $max = max($lengths); - $result = array(); - for ($i = 0; $i < $max; $i++) { - foreach ($lengths as $k=>$l) { - if ($l > $i) { - $result[] = $arrays[$k][$i]; - } - } - } - return $result; - } - /** * GET /backlog * @@ -98,7 +75,7 @@ public function index($f3, $params) { foreach($sortOrders as $order) { $orders[] = json_decode($order->issues) ?: array(); } - $sortArray = $this->_mergeSorted($orders); + $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); foreach($sortArray as $id) { foreach($projects as $p) { if($p->id == $id) { @@ -153,7 +130,7 @@ public function index($f3, $params) { foreach($sortOrders as $order) { $orders[] = json_decode($order->issues) ?: array(); } - $sortArray = $this->_mergeSorted($orders); + $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); foreach($sortArray as $id) { foreach($unset_projects as $p) { if($p->id == $id) { diff --git a/app/helper/matrix.php b/app/helper/matrix.php new file mode 100644 index 00000000..ffd3754e --- /dev/null +++ b/app/helper/matrix.php @@ -0,0 +1,30 @@ +$v) { + $lengths[$k] = count($v); + } + $max = max($lengths); + $result = array(); + for ($i = 0; $i < $max; $i++) { + foreach ($lengths as $k=>$l) { + if ($l > $i) { + $result[] = $arrays[$k][$i]; + } + } + } + return $result; + } + +} From e4392e6e8c07fb111c97f7127a2fa778a0a12723 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 14 Sep 2016 10:07:05 -0600 Subject: [PATCH 025/391] Merging filter icon into groups button --- app/view/backlog/index.html | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/app/view/backlog/index.html b/app/view/backlog/index.html index f247786b..69a31667 100644 --- a/app/view/backlog/index.html +++ b/app/view/backlog/index.html @@ -13,11 +13,9 @@
            {{ @dict.backlog }} 
            -
    + @@ -62,6 +63,7 @@ + diff --git a/app/view/backlog/index.html b/app/view/backlog/index.html index 8c6adf8e..796e1aa0 100644 --- a/app/view/backlog/index.html +++ b/app/view/backlog/index.html @@ -51,7 +51,7 @@ {{ @dict.cols.type }}
    {{ @dict.cols.id }} {{ @dict.file_name }} {{ @dict.uploaded_by }} {{ @dict.upload_date }}
    {{ @file.id }}{{ @file.filename | esc }} + + {{ @file.filename | esc }} {{ @file.user_name | esc }} {{ date('M j, Y \a\t g:ia', $this->utc2local(strtotime(@file.created_date))) }} {{ @file.filesize | formatFilesize }}
    +
    + + +
    From 6c029e9795088e1e974250caa9f8d9883edf90b3 Mon Sep 17 00:00:00 2001 From: Sam Allen Date: Wed, 14 Sep 2016 16:07:58 -0600 Subject: [PATCH 029/391] Add Type Filter Functionality to Taskboard --- app/controller/taskboard.php | 34 +++++++++++++++++++++------------- 1 file changed, 21 insertions(+), 13 deletions(-) diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index 6483d4e1..a0271d9b 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -154,12 +154,27 @@ public function index($f3, $params) { $parent_ids_str = implode(",", $parent_ids); $f3->set("tasks", $task_ids_str); - // Find all visible projects or parent tasks - $projects = $issue->find(array( - "id IN ($parent_ids_str) OR (sprint_id = ? AND type_id = ? AND deleted_date IS NULL" - . (empty($filter_users) ? ")" : " AND owner_id IN (" . implode(",", $filter_users) . "))"), - $sprint->id, $f3->get("issue_type.project") - ), array("order" => "owner_id ASC, priority DESC")); + $typeIds = $f3->get("GET.type_id") + ? array_filter($f3->split($f3->get("GET.type_id")), "is_numeric") + : array($f3->get("issue_type.project")); + sort($typeIds, SORT_NUMERIC); + $typeStr = implode(",", $typeIds); + + // Find all visible projects or parent tasks if no type filter is given + if ($typeStr == $f3->get("issue_type.project")) { + $queryArray = array( + "id IN ($parent_ids_str) OR (sprint_id = ? AND type_id = ? AND deleted_date IS NULL" + . (empty($filter_users) ? ")" : " AND owner_id IN (" . implode(",", $filter_users) . "))"), + $sprint->id, $f3->get("issue_type.project") + ); + } else { + $queryArray = array( + "sprint_id = ? AND type_id IN (" . $typeStr . ") AND deleted_date IS NULL" + . (empty($filter_users) ? "" : " AND owner_id IN (" . implode(",", $filter_users) . ")"), + $sprint->id + ); + } + $projects = $issue->find($queryArray, array("order" => "owner_id ASC, priority DESC")); // Sort projects if a filter is given if(!empty($params["filter"]) && is_numeric($params["filter"])) { @@ -215,13 +230,6 @@ public function index($f3, $params) { } - $typeIds = $f3->get("GET.type_id") - ? array_filter($f3->split($f3->get("GET.type_id")), "is_numeric") - : array($f3->get("issue_type.project")); - sort($typeIds, SORT_NUMERIC); - $typeStr = implode(",", $typeIds); - $issue = new \Model\Issue\Detail(); - $f3->set("type_ids", $typeIds); $f3->set("taskboard", array_values($taskboard)); $f3->set("filter", $params["filter"]); From 489a767cdf99602c73052049655f674d146fa221 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 14 Sep 2016 16:44:42 -0600 Subject: [PATCH 030/391] Minor UI and such fixes to new backloggyness --- app/controller/backlog.php | 4 +- app/controller/taskboard.php | 11 +++-- app/view/backlog/index.html | 8 +++- app/view/taskboard/index.html | 86 ++++++++++++++++++----------------- 4 files changed, 58 insertions(+), 51 deletions(-) diff --git a/app/controller/backlog.php b/app/controller/backlog.php index f9eb8c4b..6ff57421 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -14,9 +14,8 @@ public function __construct() { * GET /backlog * * @param \Base $f3 - * @param array $params */ - public function index($f3, $params) { + public function index($f3) { $groupId = $f3->get("GET.group_id"); // Get list of all users in the user's groups @@ -45,7 +44,6 @@ public function index($f3, $params) { } $filter_string = empty($filter_users) ? "" : "AND owner_id IN (" . implode(",", $filter_users) . ")"; - $f3->set("filter", $params["filter"]); $sprint_model = new \Model\Sprint(); $sprints = $sprint_model->find(array("end_date >= ?", $this->now(false)), array("order" => "start_date ASC")); diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index a0271d9b..cd97faae 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -179,10 +179,13 @@ public function index($f3, $params) { // Sort projects if a filter is given if(!empty($params["filter"]) && is_numeric($params["filter"])) { $sortModel = new \Model\Issue\Backlog; - $sortModel->load(array("user_id = ? AND sprint_id = ?", $params["filter"], $sprint->id)); - $sortArray = array(); - if($sortModel->id) { - $sortArray = json_decode($sortModel->issues); + $sortOrders = $sortModel->find(array("user_id = ? AND sprint_id = ?", $params["filter"], $sprint->id)); + if($sortModel) { + $orders = array(); + foreach($sortOrders as $order) { + $orders[] = json_decode($order->issues) ?: array(); + } + $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); usort($projects, function(\Model\Issue $a, \Model\Issue $b) use($sortArray) { $ka = array_search($a->id, $sortArray); $kb = array_search($b->id, $sortArray); diff --git a/app/view/backlog/index.html b/app/view/backlog/index.html index 69a31667..1b484e5d 100644 --- a/app/view/backlog/index.html +++ b/app/view/backlog/index.html @@ -56,13 +56,17 @@ @active = in_array(@type.id, @type_ids); if (@active) { if (@GET.type_id) { - @idStr = implode(',', array_diff(@type_ids, array(@type.id))); + @arr = array_diff(@type_ids, array(@type.id)); + sort(@arr); + @idStr = implode(',', @arr); } else { @idStr = null; } } else { if (@GET.type_id) { - @idStr = implode(',', array_unique(array_merge(array(@type.id), @type_ids))); + @arr = array_unique(array_merge(array(@type.id), @type_ids)); + sort(@arr); + @idStr = implode(',', @arr); } else { @idStr = @type.id; } diff --git a/app/view/taskboard/index.html b/app/view/taskboard/index.html index 89ff14bd..14b59024 100644 --- a/app/view/taskboard/index.html +++ b/app/view/taskboard/index.html @@ -45,50 +45,52 @@
    - - -
    -
    - - +
    -

    {{ @dict.burndown }}

    - -
    - + + -
    + @@ -359,14 +372,15 @@

    {{ @dict.burndown }}

    }); - + diff --git a/js/burndown.js b/js/burndown.js index 805beb5b..a70bda59 100644 --- a/js/burndown.js +++ b/js/burndown.js @@ -20,7 +20,10 @@ var Burndown = { options: { maintainAspectRatio: false, legend: { - position: 'right' + position: 'bottom', + labels: { + boxWidth: 1 + } }, animation: { duration: 250 From 3463f939fb31ca5e6683dbcce5f3bf9b09bf032e Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 4 Oct 2016 11:19:25 -0600 Subject: [PATCH 043/391] Best commit ever. --- js/burndown.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/burndown.js b/js/burndown.js index a70bda59..920a78c8 100644 --- a/js/burndown.js +++ b/js/burndown.js @@ -41,7 +41,7 @@ var Burndown = { min: BurndownRange.start, max: BurndownRange.end, minUnit: 'day', - tooltipFormat: 'ddd MMM D, hA', + tooltipFormat: 'ddd MMM D, h A', displayFormats: { day: 'ddd MMM D', }, From 240853d76ba8402044d79f79160044c0618b899d Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 4 Oct 2016 13:01:10 -0600 Subject: [PATCH 044/391] Use man hours on burndown initial render --- js/burndown.js | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/js/burndown.js b/js/burndown.js index 920a78c8..38584ffe 100644 --- a/js/burndown.js +++ b/js/burndown.js @@ -82,7 +82,7 @@ var Burndown = { Burndown.data.datasets[0].data = finalData; Burndown.data.datasets[1].data = [ - {x: BurndownRange.start, y: 126}, // @todo: replace with actual man hours + {x: BurndownRange.start, y: BurndownManHours || 0}, {x: BurndownRange.end, y: 0} ]; From d616a2eaf43ac95bddf08f51e4f238f60753eb8b Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 4 Oct 2016 13:55:15 -0600 Subject: [PATCH 045/391] Trim weekends from burndown chart --- app/controller/taskboard.php | 4 ++-- app/model/sprint.php | 20 ++++++++++++++++++++ app/view/taskboard/index.html | 4 ++-- 3 files changed, 24 insertions(+), 4 deletions(-) diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index 2ec55b2c..4cfde567 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -296,8 +296,8 @@ public function burndown($f3, $params) { WHERE (f.field = 'hours_remaining' OR f.field IS NULL) AND i.created_date < :date2"; - $start = strtotime($sprint->start_date); - $end = min(strtotime($sprint->end_date . " 23:59:59"), time()); + $start = strtotime($sprint->getFirstWeekday()); + $end = min(strtotime($sprint->getLastWeekday() . " 23:59:59"), time()); $return = []; $cur = $start; diff --git a/app/model/sprint.php b/app/model/sprint.php index 358c2223..5268acd9 100644 --- a/app/model/sprint.php +++ b/app/model/sprint.php @@ -14,5 +14,25 @@ class Sprint extends \Model { protected $_table_name = "sprint"; + public function getFirstWeekday() { + $weekDay = date("w", strtotime($this->start_date)); + if ($weekDay == 0) { + return date("Y-m-d", strtotime($this->start_date . " +1 day")); + } elseif ($weekDay == 6) { + return date("Y-m-d", strtotime($this->start_date . " +2 days")); + } + return $this->start_date; + } + + public function getLastWeekday() { + $weekDay = date("w", strtotime($this->end_date)); + if ($weekDay == 0) { + return date("Y-m-d", strtotime($this->end_date . " -2 days")); + } elseif ($weekDay == 6) { + return date("Y-m-d", strtotime($this->end_date . " -1 day")); + } + return $this->end_date; + } + } diff --git a/app/view/taskboard/index.html b/app/view/taskboard/index.html index 43f66879..e54d7f86 100644 --- a/app/view/taskboard/index.html +++ b/app/view/taskboard/index.html @@ -382,8 +382,8 @@

    {{ @dict.burndown }}

    }, BurndownManHours = parseFloat('{{ @filterGroup->option("man_hours") }}'), BurndownRange = { - start: '{{ @sprint.start_date }} 00:00:00', - end: '{{ @sprint.end_date }} 23:59:59' + start: '{{ @sprint->getFirstWeekday() }} 00:00:00', + end: '{{ @sprint->getLastWeekday() }} 23:59:59' }; From 9cefa68c445b3e06d199815cab4c3d861b69d59e Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 11 Oct 2016 14:38:46 -0600 Subject: [PATCH 046/391] Cleaning up user stats chart --- app/view/user/single.html | 42 +++++++++++++++------------------------ 1 file changed, 16 insertions(+), 26 deletions(-) diff --git a/app/view/user/single.html b/app/view/user/single.html index d0737d59..f01fce7d 100644 --- a/app/view/user/single.html +++ b/app/view/user/single.html @@ -6,19 +6,6 @@     - @@ -42,18 +29,11 @@

    - + + +
    @@ -121,11 +101,20 @@

    options: { maintainAspectRatio: false, legend: { - display: false + position: 'left', + labels: { + boxWidth: 1 + } }, animation: { duration: 250 }, + tooltips: { + mode: 'x-axis', + titleSpacing: 0, + titleMarginBottom: 3, + yPadding: 4, + }, hover: { mode: 'x-axis' }, @@ -144,6 +133,7 @@

    point: { radius: 2, hoverRadius: 3, + hitRadius: 15, } } } From 3a8628a36ea6ff273f9b501b5b0e3061bdda7169 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 19 Oct 2016 14:01:28 -0600 Subject: [PATCH 047/391] Sort backlog and sprint items by type numerically This essentially reverts a change made to the new backlog functionality to avoid semi-unpredictable mixed type sorting behavior at our manager's req. --- app/controller/backlog.php | 4 ++-- app/controller/taskboard.php | 26 +------------------------- app/helper/matrix.php | 10 ++++++++++ 3 files changed, 13 insertions(+), 27 deletions(-) diff --git a/app/controller/backlog.php b/app/controller/backlog.php index 6ff57421..daa8a7f7 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -73,7 +73,7 @@ public function index($f3) { foreach($sortOrders as $order) { $orders[] = json_decode($order->issues) ?: array(); } - $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); + $sortArray = \Helper\Matrix::instance()->merge($orders); foreach($sortArray as $id) { foreach($projects as $p) { if($p->id == $id) { @@ -128,7 +128,7 @@ public function index($f3) { foreach($sortOrders as $order) { $orders[] = json_decode($order->issues) ?: array(); } - $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); + $sortArray = \Helper\Matrix::instance()->merge($orders); foreach($sortArray as $id) { foreach($unset_projects as $p) { if($p->id == $id) { diff --git a/app/controller/taskboard.php b/app/controller/taskboard.php index 4cfde567..b5c2606a 100644 --- a/app/controller/taskboard.php +++ b/app/controller/taskboard.php @@ -8,30 +8,6 @@ public function __construct() { $this->_userId = $this->_requireLogin(); } - /** - * Takes two dates formatted as YYYY-MM-DD and creates an - * inclusive array of the dates between the from and to dates. - * @param string $strDateFrom - * @param string $strDateTo - * @return array - */ - protected function _createDateRangeArray($strDateFrom, $strDateTo) { - $aryRange = array(); - - $iDateFrom = mktime(1,0,0,substr($strDateFrom,5,2),substr($strDateFrom,8,2),substr($strDateFrom,0,4)); - $iDateTo = mktime(1,0,0,substr($strDateTo,5,2),substr($strDateTo,8,2),substr($strDateTo,0,4)); - - if ($iDateTo >= $iDateFrom) { - $aryRange[] = date('Y-m-d', $iDateFrom); // first entry - while ($iDateFrom < $iDateTo) { - $iDateFrom += 86400; // add 24 hours - $aryRange[] = date('Y-m-d', $iDateFrom); - } - } - - return $aryRange; - } - /** * Get a list of users from a filter * @param string $params URL Parameters @@ -186,7 +162,7 @@ public function index($f3, $params) { foreach($sortOrders as $order) { $orders[] = json_decode($order->issues) ?: array(); } - $sortArray = \Helper\Matrix::instance()->mergeSorted($orders); + $sortArray = \Helper\Matrix::instance()->merge($orders); usort($projects, function(\Model\Issue $a, \Model\Issue $b) use($sortArray) { $ka = array_search($a->id, $sortArray); $kb = array_search($b->id, $sortArray); diff --git a/app/helper/matrix.php b/app/helper/matrix.php index ffd3754e..7e5d86d6 100644 --- a/app/helper/matrix.php +++ b/app/helper/matrix.php @@ -27,4 +27,14 @@ public function mergeSorted(array $arrays) { return $result; } + /** + * Run array_merge on an array of arrays + * + * @param array $arrays + * @return array + */ + public function merge(array $arrays) { + return call_user_func_array("array_merge", $arrays); + } + } From 218c11061397d69de624211b330b87c2de16e046 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 3 Nov 2016 13:59:56 -0600 Subject: [PATCH 048/391] Remove IP address restriction on settings Still logs the IP, but won't prevent the session from working --- app/model/session.php | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/app/model/session.php b/app/model/session.php index b9794279..abf73dc4 100644 --- a/app/model/session.php +++ b/app/model/session.php @@ -44,10 +44,9 @@ public function __construct($user_id = null, $auto_save = true) { */ public function loadCurrent() { $f3 = \Base::instance(); - $ip = $f3->get("IP"); $token = $f3->get("COOKIE.".self::COOKIE_NAME); if($token) { - $this->load(array("token = ? AND ip = ?", $token, $ip)); + $this->load(array("token = ?", $token)); $expire = $f3->get("JAR.expire"); // Delete expired sessions @@ -64,6 +63,7 @@ public function loadCurrent() { . "; new date: " . date("Y-m-d H:i:s")); } $this->created = date("Y-m-d H:i:s"); + $this->ip = $f3->get("IP"); $this->save(); $this->setCurrent(); } From 59681a0ad70894a0f43734c63aacc9ab3ab111dd Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Thu, 3 Nov 2016 14:03:59 -0600 Subject: [PATCH 049/391] Rearranging New menu for better flexibility --- app/view/blocks/navbar.html | 21 +++++++++++---------- 1 file changed, 11 insertions(+), 10 deletions(-) diff --git a/app/view/blocks/navbar.html b/app/view/blocks/navbar.html index 2c50d7a0..7452b496 100644 --- a/app/view/blocks/navbar.html +++ b/app/view/blocks/navbar.html @@ -26,19 +26,9 @@ {{ @dict.new }}
  • From 5a7e4fa188189fe70b15835c85d0621bef43e374 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Mon, 7 Nov 2016 16:57:22 -0700 Subject: [PATCH 050/391] Write config.ini with quotes - fixes #259 This also updates the installer to save most config values directly to the database, instead of relying on Config::importAll to import the values from config.ini and rewrite the file on the first run, which never really made sense. Eventually I plan to implement #215 by replacing config.ini with a config.php file, which will work around issues like this more permanently. --- app/model/config.php | 18 +++++++------- install.php | 58 ++++++++++++++++++-------------------------- 2 files changed, 33 insertions(+), 43 deletions(-) diff --git a/app/model/config.php b/app/model/config.php index 80d10bca..4cb9a3f5 100644 --- a/app/model/config.php +++ b/app/model/config.php @@ -38,13 +38,13 @@ public static function loadAll() { */ public static function importAll() { $f3 = \Base::instance(); - $root = $f3->get('ROOT').$f3->get('BASE'); + $root = $f3->get("ROOT") . $f3->get("BASE"); // Import existing config - $ini = parse_ini_file($root.'/config.ini'); - $ini = $ini + parse_ini_file($root.'/config-base.ini'); + $ini = parse_ini_file($root."/config.ini"); + $ini = $ini + parse_ini_file($root."/config-base.ini"); foreach($ini as $key => $val) { - if(substr($key, 0, 3) == 'db.') { + if(substr($key, 0, 3) == "db.") { continue; } $conf = new Config; @@ -55,11 +55,11 @@ public static function importAll() { // Write new config.ini $data = "[globals]\n"; - $data .= "db.host={$ini['db.host']}\n"; - $data .= "db.user={$ini['db.user']}\n"; - $data .= "db.pass={$ini['db.pass']}\n"; - $data .= "db.name={$ini['db.name']}\n"; - file_put_contents($root.'/config.ini', $data); + $data .= "db.host=\"{$ini['db.host']}\"\n"; + $data .= "db.user=\"{$ini['db.user']}\"\n"; + $data .= "db.pass=\"{$ini['db.pass']}\"\n"; + $data .= "db.name=\"{$ini['db.name']}\"\n"; + file_put_contents($root . "/config.ini", $data); } /** diff --git a/install.php b/install.php index 50dc1b56..a3ed3c1d 100644 --- a/install.php +++ b/install.php @@ -56,7 +56,7 @@ $security = \Helper\Security::instance(); $user = new \Model\User; $user->role = "admin"; - $user->rank = 5; // superadmin + $user->rank = \Model\User::RANK_SUPER; $user->name = "Admin"; $user->username = $post["user-username"] ?: "admin"; $user->email = $post["user-email"]; @@ -73,42 +73,32 @@ mkdir("log", 0777, true); } - // Build custom config string - $config = "[globals]"; + // Save configruation options if(!empty($post["language"])) { - $config .= "\nLANGUAGE={$post['language']}"; + \Model\Config::setVal("LANGUAGE", $post["language"]); } - - if($post["parser"] != "both") { - $config .= "\n\n; Parser options"; - if($post["parser"] != "markdown") { - $config .= "\nparse.markdown=false"; - } - if($post["parser"] != "textile") { - $config .= "\nparse.textile=false"; - } + if($post["parser"] == "both") { + \Model\Config::setVal("parse.markdown", 1); + \Model\Config::setVal("parse.textile", 1); + } elseif($post["parser"] == "markdown") { + \Model\Config::setVal("parse.markdown", 0); + \Model\Config::setVal("parse.textile", 1); + } elseif($post["parser"] == "textile") { + \Model\Config::setVal("parse.markdown", 1); + \Model\Config::setVal("parse.textile", 0); } - - // Write configuration file - file_put_contents("config.ini", -"$config - -; Database -db.host={$post['db-host']} -db.port={$post['db-port']} -db.user={$post['db-user']} -db.pass={$post['db-pass']} -db.name={$post['db-name']} - -; Global site configuration -site.name={$post['site-name']} -site.timezone={$post['site-timezone']} -site.public_registration={$post['site-public_registration']} -site.db_sessions=1 - -; Email -mail.from={$post['mail-from']} - "); + \Model\Config::setVal("site.name", $post['site-name']); + \Model\Config::setVal("site.timezone", $post['site-timezone']); + \Model\Config::setVal("site.public_registration", $post['site-public_registration']); + \Model\Config::setVal("mail.from", $post['mail-from']); + + // Write database connection file + $data = "[globals]\n"; + $data .= "db.host=\"{$post['db-host']}\"\n"; + $data .= "db.user=\"{$post['db-user']}\"\n"; + $data .= "db.pass=\"{$post['db-pass']}\"\n"; + $data .= "db.name=\"{$post['db-name']}\"\n"; + file_put_contents("config.ini", $data); $f3->set("success", "Installation complete."); } catch(PDOException $e) { From cab4dc2e84575f05cb1a048c025b67dd259ab31a Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Tue, 8 Nov 2016 10:27:52 -0700 Subject: [PATCH 051/391] Properly escape HTML when possible This still has an issue where enabling both Markdown and Textile together allows raw HTML to be rendered in user text. I haven't figured out a good solution to this yet, but really just don't use Textile anymore and everything's wonderful. Markdown FTW --- app/helper/view.php | 13 ++++++++++--- 1 file changed, 10 insertions(+), 3 deletions(-) diff --git a/app/helper/view.php b/app/helper/view.php index 7cd35987..b5eaaabb 100644 --- a/app/helper/view.php +++ b/app/helper/view.php @@ -51,13 +51,18 @@ public function parseText($str, $options = array(), $ttl = null) { $str = $this->_parseMarkdown($str); } if($options["textile"]) { + $escape = true; if($options["markdown"]) { // Yes, this is hacky. Please open an issue on GitHub if you // know of a better way of supporting Markdown and Textile :) $str = html_entity_decode($str); $str = preg_replace('/^

    |<\/p>$/m', "\n", $str); + $escape = false; } - $str = $this->_parseTextile($str); + $str = $this->_parseTextile($str, $escape); + } + if(!$options["markdown"] && !$options['textile']) { + $str = nl2br(\Base::instance()->encode($str), false); } if($options["emoticons"]) { $str = $this->_parseEmoticons($str); @@ -260,9 +265,10 @@ protected function _parseEmoticons($str) { * @param string $str * @return string */ - protected function _parseTextile($str) { + protected function _parseTextile($str, $escape = true) { $tex = new \Textile\Parser('html5'); $tex->setDimensionlessImages(true); + $tex->setRestricted($escape); return $tex->parse($str); } @@ -271,9 +277,10 @@ protected function _parseTextile($str) { * @param string $str * @return string */ - protected function _parseMarkdown($str) { + protected function _parseMarkdown($str, $escape = true) { $mkd = new \Parsedown(); $mkd->setUrlsLinked(false); + $mkd->setMarkupEscaped($escape); return $mkd->text($str); } From ea0efb2562cbfa593b8d8071fa5dafe2b805d0e4 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Mon, 14 Nov 2016 08:52:21 -0700 Subject: [PATCH 052/391] Strike out closed issue names on recent comment list --- app/view/blocks/issue-comment.html | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/app/view/blocks/issue-comment.html b/app/view/blocks/issue-comment.html index ba72cac8..89ca6805 100644 --- a/app/view/blocks/issue-comment.html +++ b/app/view/blocks/issue-comment.html @@ -6,7 +6,7 @@

    {{ @comment.user_name }} - > {{ @issue.name }} + > {{ @issue.name }} × From 976645a3c658d66ae1967e142ea7095a596e32d5 Mon Sep 17 00:00:00 2001 From: Alan Hardman Date: Wed, 23 Nov 2016 16:08:30 -0700 Subject: [PATCH 053/391] Adding issue type roles Fixes #264 --- app/controller/backlog.php | 10 +++++++--- app/model/issue/type.php | 1 - app/view/admin/config.html | 2 ++ app/view/backlog/index.html | 2 +- 4 files changed, 10 insertions(+), 5 deletions(-) diff --git a/app/controller/backlog.php b/app/controller/backlog.php index daa8a7f7..7af141e3 100644 --- a/app/controller/backlog.php +++ b/app/controller/backlog.php @@ -149,8 +149,12 @@ public function index($f3) { $backlog = $unset_projects; } - $groups = new \Model\User(); - $f3->set("groups", $groups->getAllGroups()); + $type = new \Model\Issue\Type; + $f3->set("project_types", $type->find(["role = ?", "project"])); + + $user = new \Model\User(); + $f3->set("groups", $user->getAllGroups()); + $f3->set("groupid", $groupId); $f3->set("type_ids", $typeIds); $f3->set("sprints", $sprint_details); @@ -225,7 +229,7 @@ public function index_old($f3) { $sprint_details = array(); foreach($sprints as $sprint) { - $projects = $issue->find(array("deleted_date IS NULL AND sprint_id = ? AND type_id = ?", $sprint->id, $f3->get("issue_type.project"))); + $projects = $issue->find(array("deleted_date IS NULL AND sprint_id = ? AND role = ?", $sprint->id, "project")); $sprint_details[] = $sprint->cast() + array("projects" => $projects); } diff --git a/app/model/issue/type.php b/app/model/issue/type.php index b88f43cc..f7ddd42d 100644 --- a/app/model/issue/type.php +++ b/app/model/issue/type.php @@ -13,4 +13,3 @@ class Type extends \Model { protected $_table_name = "issue_type"; } - diff --git a/app/view/admin/config.html b/app/view/admin/config.html index 2d1d998e..4c0271d2 100644 --- a/app/view/admin/config.html +++ b/app/view/admin/config.html @@ -54,6 +54,7 @@

    • {{ @dict.cols.id }} {{ @dict.name }}{{ @dict.role }}
    {{ @item.id }} {{ isset(@dict[@item.name]) ? @dict[@item.name] : str_replace('_', ' ', @item.name) | esc }}{{ ucfirst(isset(@dict[@item.role]) ? @dict[@item.role] : @item.role) | esc }}
    ","
    "],col:[2,"","
    "],tr:[2,"","
    "],td:[3,"","
    "],_default:[0,"",""]};$.optgroup=$.option,$.tbody=$.tfoot=$.colgroup=$.caption=$.thead,$.th=$.td;function _(a,b){var c="undefined"!=typeof a.getElementsByTagName?a.getElementsByTagName(b||"*"):"undefined"!=typeof a.querySelectorAll?a.querySelectorAll(b||"*"):[];return void 0===b||b&&n.nodeName(a,b)?n.merge([a],c):c}function aa(a,b){for(var c=0,d=a.length;d>c;c++)N.set(a[c],"globalEval",!b||N.get(b[c],"globalEval"))}var ba=/<|&#?\w+;/;function ca(a,b,c,d,e){for(var f,g,h,i,j,k,l=b.createDocumentFragment(),m=[],o=0,p=a.length;p>o;o++)if(f=a[o],f||0===f)if("object"===n.type(f))n.merge(m,f.nodeType?[f]:f);else if(ba.test(f)){g=g||l.appendChild(b.createElement("div")),h=(Y.exec(f)||["",""])[1].toLowerCase(),i=$[h]||$._default,g.innerHTML=i[1]+n.htmlPrefilter(f)+i[2],k=i[0];while(k--)g=g.lastChild;n.merge(m,g.childNodes),g=l.firstChild,g.textContent=""}else m.push(b.createTextNode(f));l.textContent="",o=0;while(f=m[o++])if(d&&n.inArray(f,d)>-1)e&&e.push(f);else if(j=n.contains(f.ownerDocument,f),g=_(l.appendChild(f),"script"),j&&aa(g),c){k=0;while(f=g[k++])Z.test(f.type||"")&&c.push(f)}return l}!function(){var a=d.createDocumentFragment(),b=a.appendChild(d.createElement("div")),c=d.createElement("input");c.setAttribute("type","radio"),c.setAttribute("checked","checked"),c.setAttribute("name","t"),b.appendChild(c),l.checkClone=b.cloneNode(!0).cloneNode(!0).lastChild.checked,b.innerHTML="",l.noCloneChecked=!!b.cloneNode(!0).lastChild.defaultValue}();var da=/^key/,ea=/^(?:mouse|pointer|contextmenu|drag|drop)|click/,fa=/^([^.]*)(?:\.(.+)|)/;function ga(){return!0}function ha(){return!1}function ia(){try{return d.activeElement}catch(a){}}function ja(a,b,c,d,e,f){var g,h;if("object"==typeof b){"string"!=typeof c&&(d=d||c,c=void 0);for(h in b)ja(a,h,c,d,b[h],f);return a}if(null==d&&null==e?(e=c,d=c=void 0):null==e&&("string"==typeof c?(e=d,d=void 0):(e=d,d=c,c=void 0)),e===!1)e=ha;else if(!e)return a;return 1===f&&(g=e,e=function(a){return n().off(a),g.apply(this,arguments)},e.guid=g.guid||(g.guid=n.guid++)),a.each(function(){n.event.add(this,b,e,d,c)})}n.event={global:{},add:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=N.get(a);if(r){c.handler&&(f=c,c=f.handler,e=f.selector),c.guid||(c.guid=n.guid++),(i=r.events)||(i=r.events={}),(g=r.handle)||(g=r.handle=function(b){return"undefined"!=typeof n&&n.event.triggered!==b.type?n.event.dispatch.apply(a,arguments):void 0}),b=(b||"").match(G)||[""],j=b.length;while(j--)h=fa.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o&&(l=n.event.special[o]||{},o=(e?l.delegateType:l.bindType)||o,l=n.event.special[o]||{},k=n.extend({type:o,origType:q,data:d,handler:c,guid:c.guid,selector:e,needsContext:e&&n.expr.match.needsContext.test(e),namespace:p.join(".")},f),(m=i[o])||(m=i[o]=[],m.delegateCount=0,l.setup&&l.setup.call(a,d,p,g)!==!1||a.addEventListener&&a.addEventListener(o,g)),l.add&&(l.add.call(a,k),k.handler.guid||(k.handler.guid=c.guid)),e?m.splice(m.delegateCount++,0,k):m.push(k),n.event.global[o]=!0)}},remove:function(a,b,c,d,e){var f,g,h,i,j,k,l,m,o,p,q,r=N.hasData(a)&&N.get(a);if(r&&(i=r.events)){b=(b||"").match(G)||[""],j=b.length;while(j--)if(h=fa.exec(b[j])||[],o=q=h[1],p=(h[2]||"").split(".").sort(),o){l=n.event.special[o]||{},o=(d?l.delegateType:l.bindType)||o,m=i[o]||[],h=h[2]&&new RegExp("(^|\\.)"+p.join("\\.(?:.*\\.|)")+"(\\.|$)"),g=f=m.length;while(f--)k=m[f],!e&&q!==k.origType||c&&c.guid!==k.guid||h&&!h.test(k.namespace)||d&&d!==k.selector&&("**"!==d||!k.selector)||(m.splice(f,1),k.selector&&m.delegateCount--,l.remove&&l.remove.call(a,k));g&&!m.length&&(l.teardown&&l.teardown.call(a,p,r.handle)!==!1||n.removeEvent(a,o,r.handle),delete i[o])}else for(o in i)n.event.remove(a,o+b[j],c,d,!0);n.isEmptyObject(i)&&N.remove(a,"handle events")}},dispatch:function(a){a=n.event.fix(a);var b,c,d,f,g,h=[],i=e.call(arguments),j=(N.get(this,"events")||{})[a.type]||[],k=n.event.special[a.type]||{};if(i[0]=a,a.delegateTarget=this,!k.preDispatch||k.preDispatch.call(this,a)!==!1){h=n.event.handlers.call(this,a,j),b=0;while((f=h[b++])&&!a.isPropagationStopped()){a.currentTarget=f.elem,c=0;while((g=f.handlers[c++])&&!a.isImmediatePropagationStopped())a.rnamespace&&!a.rnamespace.test(g.namespace)||(a.handleObj=g,a.data=g.data,d=((n.event.special[g.origType]||{}).handle||g.handler).apply(f.elem,i),void 0!==d&&(a.result=d)===!1&&(a.preventDefault(),a.stopPropagation()))}return k.postDispatch&&k.postDispatch.call(this,a),a.result}},handlers:function(a,b){var c,d,e,f,g=[],h=b.delegateCount,i=a.target;if(h&&i.nodeType&&("click"!==a.type||isNaN(a.button)||a.button<1))for(;i!==this;i=i.parentNode||this)if(1===i.nodeType&&(i.disabled!==!0||"click"!==a.type)){for(d=[],c=0;h>c;c++)f=b[c],e=f.selector+" ",void 0===d[e]&&(d[e]=f.needsContext?n(e,this).index(i)>-1:n.find(e,this,null,[i]).length),d[e]&&d.push(f);d.length&&g.push({elem:i,handlers:d})}return h]*)\/>/gi,la=/\s*$/g;function pa(a,b){return n.nodeName(a,"table")&&n.nodeName(11!==b.nodeType?b:b.firstChild,"tr")?a.getElementsByTagName("tbody")[0]||a.appendChild(a.ownerDocument.createElement("tbody")):a}function qa(a){return a.type=(null!==a.getAttribute("type"))+"/"+a.type,a}function ra(a){var b=na.exec(a.type);return b?a.type=b[1]:a.removeAttribute("type"),a}function sa(a,b){var c,d,e,f,g,h,i,j;if(1===b.nodeType){if(N.hasData(a)&&(f=N.access(a),g=N.set(b,f),j=f.events)){delete g.handle,g.events={};for(e in j)for(c=0,d=j[e].length;d>c;c++)n.event.add(b,e,j[e][c])}O.hasData(a)&&(h=O.access(a),i=n.extend({},h),O.set(b,i))}}function ta(a,b){var c=b.nodeName.toLowerCase();"input"===c&&X.test(a.type)?b.checked=a.checked:"input"!==c&&"textarea"!==c||(b.defaultValue=a.defaultValue)}function ua(a,b,c,d){b=f.apply([],b);var e,g,h,i,j,k,m=0,o=a.length,p=o-1,q=b[0],r=n.isFunction(q);if(r||o>1&&"string"==typeof q&&!l.checkClone&&ma.test(q))return a.each(function(e){var f=a.eq(e);r&&(b[0]=q.call(this,e,f.html())),ua(f,b,c,d)});if(o&&(e=ca(b,a[0].ownerDocument,!1,a,d),g=e.firstChild,1===e.childNodes.length&&(e=g),g||d)){for(h=n.map(_(e,"script"),qa),i=h.length;o>m;m++)j=e,m!==p&&(j=n.clone(j,!0,!0),i&&n.merge(h,_(j,"script"))),c.call(a[m],j,m);if(i)for(k=h[h.length-1].ownerDocument,n.map(h,ra),m=0;i>m;m++)j=h[m],Z.test(j.type||"")&&!N.access(j,"globalEval")&&n.contains(k,j)&&(j.src?n._evalUrl&&n._evalUrl(j.src):n.globalEval(j.textContent.replace(oa,"")))}return a}function va(a,b,c){for(var d,e=b?n.filter(b,a):a,f=0;null!=(d=e[f]);f++)c||1!==d.nodeType||n.cleanData(_(d)),d.parentNode&&(c&&n.contains(d.ownerDocument,d)&&aa(_(d,"script")),d.parentNode.removeChild(d));return a}n.extend({htmlPrefilter:function(a){return a.replace(ka,"<$1>")},clone:function(a,b,c){var d,e,f,g,h=a.cloneNode(!0),i=n.contains(a.ownerDocument,a);if(!(l.noCloneChecked||1!==a.nodeType&&11!==a.nodeType||n.isXMLDoc(a)))for(g=_(h),f=_(a),d=0,e=f.length;e>d;d++)ta(f[d],g[d]);if(b)if(c)for(f=f||_(a),g=g||_(h),d=0,e=f.length;e>d;d++)sa(f[d],g[d]);else sa(a,h);return g=_(h,"script"),g.length>0&&aa(g,!i&&_(a,"script")),h},cleanData:function(a){for(var b,c,d,e=n.event.special,f=0;void 0!==(c=a[f]);f++)if(L(c)){if(b=c[N.expando]){if(b.events)for(d in b.events)e[d]?n.event.remove(c,d):n.removeEvent(c,d,b.handle);c[N.expando]=void 0}c[O.expando]&&(c[O.expando]=void 0)}}}),n.fn.extend({domManip:ua,detach:function(a){return va(this,a,!0)},remove:function(a){return va(this,a)},text:function(a){return K(this,function(a){return void 0===a?n.text(this):this.empty().each(function(){1!==this.nodeType&&11!==this.nodeType&&9!==this.nodeType||(this.textContent=a)})},null,a,arguments.length)},append:function(){return ua(this,arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=pa(this,a);b.appendChild(a)}})},prepend:function(){return ua(this,arguments,function(a){if(1===this.nodeType||11===this.nodeType||9===this.nodeType){var b=pa(this,a);b.insertBefore(a,b.firstChild)}})},before:function(){return ua(this,arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this)})},after:function(){return ua(this,arguments,function(a){this.parentNode&&this.parentNode.insertBefore(a,this.nextSibling)})},empty:function(){for(var a,b=0;null!=(a=this[b]);b++)1===a.nodeType&&(n.cleanData(_(a,!1)),a.textContent="");return this},clone:function(a,b){return a=null==a?!1:a,b=null==b?a:b,this.map(function(){return n.clone(this,a,b)})},html:function(a){return K(this,function(a){var b=this[0]||{},c=0,d=this.length;if(void 0===a&&1===b.nodeType)return b.innerHTML;if("string"==typeof a&&!la.test(a)&&!$[(Y.exec(a)||["",""])[1].toLowerCase()]){a=n.htmlPrefilter(a);try{for(;d>c;c++)b=this[c]||{},1===b.nodeType&&(n.cleanData(_(b,!1)),b.innerHTML=a);b=0}catch(e){}}b&&this.empty().append(a)},null,a,arguments.length)},replaceWith:function(){var a=[];return ua(this,arguments,function(b){var c=this.parentNode;n.inArray(this,a)<0&&(n.cleanData(_(this)),c&&c.replaceChild(b,this))},a)}}),n.each({appendTo:"append",prependTo:"prepend",insertBefore:"before",insertAfter:"after",replaceAll:"replaceWith"},function(a,b){n.fn[a]=function(a){for(var c,d=[],e=n(a),f=e.length-1,h=0;f>=h;h++)c=h===f?this:this.clone(!0),n(e[h])[b](c),g.apply(d,c.get());return this.pushStack(d)}});var wa,xa={HTML:"block",BODY:"block"};function ya(a,b){var c=n(b.createElement(a)).appendTo(b.body),d=n.css(c[0],"display");return c.detach(),d}function za(a){var b=d,c=xa[a];return c||(c=ya(a,b),"none"!==c&&c||(wa=(wa||n("