forked from flyspray/flyspray
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathheader.php
113 lines (100 loc) · 3.81 KB
/
header.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
<?php
// cant easly for the time being because of globals
require_once dirname(__FILE__) . '/includes/fix.inc.php';
require_once dirname(__FILE__) . '/includes/class.flyspray.php';
require_once dirname(__FILE__) . '/includes/constants.inc.php';
require_once BASEDIR . '/includes/i18n.inc.php';
require_once BASEDIR . '/includes/class.tpl.php';
require_once BASEDIR . '/includes/class.csp.php';
// Get the translation for the wrapper page (this page)
setlocale(LC_ALL, str_replace('-', '_', L('locale')) . '.utf8');
// make browsers back button work
header('Expires: -1');
header('Pragma: no-cache');
header('Cache-Control: no-store, no-cache, must-revalidate, post-check=0, pre-check=0');
if(is_readable(BASEDIR . '/vendor/autoload.php')){
// Use composer autoloader
require 'vendor/autoload.php';
}else{
Flyspray::redirect('setup/composertest.php');
exit;
}
$csp= new ContentSecurityPolicy();
# deny everything first, then whitelist what is required.
$csp->add('default-src', "'none'");
// If it is empty, take the user to the setup page
if (!$conf) {
Flyspray::redirect('setup/index.php');
}
$db = new Database();
$db->dbOpenFast($conf['database']);
$fs = new Flyspray();
// If version number of database and files do not match, run upgrader
if (Flyspray::base_version($fs->version) != Flyspray::base_version($fs->prefs['fs_ver'])) {
Flyspray::redirect('setup/upgrade.php');
}
if (is_readable(BASEDIR . '/setup/index.php') && strpos($fs->version, 'dev') === false) {
die('<div style="text-align:center;padding:20px;font-family:sans-serif;font-size:16px;">
<p>If you are upgrading, please <a href="setup/upgrade.php"
style="
margin:2em;
background-color: white;
border: 1px solid #bbb;
border-radius: 4px;
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Go to the upgrade settings</a></p>
<p>If you have finished Flyspray installation or an upgrade, please <a href="setup/cleanupaftersetup.php"
style="
margin:2em;
background-color: white;
border: 1px solid #bbb;
border-radius: 4px;
box-shadow: 0 1px 1px #ddd;
color: #565656;
cursor: pointer;
display: inline-block;
font-family: sans-serif;
font-size: 100%;
font-weight: bold;
line-height: 130%;
padding: 8px 13px 8px 10px;
text-decoration: none;
">Remove the folder '.DIRECTORY_SEPARATOR.'setup</a> before you start using Flyspray</p>
');
}
# load the correct $proj early also for checks on quickedit.php taskediting calls
if( (BASEDIR.DIRECTORY_SEPARATOR.'js'.DIRECTORY_SEPARATOR.'callbacks'.DIRECTORY_SEPARATOR.'quickedit.php' == $_SERVER['SCRIPT_FILENAME']) && Post::num('task_id')){
$result = $db->query('SELECT project_id FROM {tasks} WHERE task_id = ?', array(Post::num('task_id')));
$project_id = $db->fetchOne($result);
}
# Any "do" mode that accepts a task_id field should be added here.
elseif (in_array(Req::val('do'), array('details', 'depends', 'editcomment'))) {
if (Req::num('task_id')) {
$result = $db->query('SELECT project_id FROM {tasks} WHERE task_id = ?', array(Req::num('task_id')));
$project_id = $db->fetchOne($result);
}
}
if (Req::val('do') =='pm' && Req::val('area')=='editgroup') {
if (Req::num('id')) {
$result = $db->query('SELECT project_id FROM {groups} WHERE group_id = ?', array(Req::num('id')));
$project_id = $db->fetchOne($result);
}
}
if (!isset($project_id)) {
$project_id = $fs->prefs['default_project'];
# Force default value if input format is not allowed
if(is_array(Req::val('project'))) {
Req::set('project', $fs->prefs['default_project']);
}
$project_id = Req::val('project', Req::val('project_id', $project_id));
}
$proj = new Project($project_id);