### Eclipse Workspace Patch 1.0
#P submissions
Index: ajax.js
===================================================================
RCS file: /cvsroot/technology/org.eclipse.dash/submissions/ajax.js,v
retrieving revision 1.52
diff -u -r1.52 ajax.js
--- ajax.js 8 Feb 2010 23:24:18 -0000 1.52
+++ ajax.js 3 Feb 2011 20:08:30 -0000
@@ -844,7 +844,7 @@
}
-function editSlideLink(action,submissoinid,value){
+function editSlideLink(action,submissionid,value){
var node = document.getElementById("slidelink");
var callback =
@@ -859,7 +859,7 @@
}
};
- YAHOO.util.Connect.asyncRequest('POST', "callbacks/edit_slide.php?action="+action+"&submission_id="+submissoinid+"&value="+encodeURIComponent(value), callback);
+ YAHOO.util.Connect.asyncRequest('POST', "callbacks/edit_slide.php?action="+action+"&submission_id="+submissionid+"&value="+encodeURIComponent(value), callback);
node.innerHTML = "
Authors: |
-
+
@@ -810,7 +810,7 @@
$query = "insert into submission_authors set
rank = '".addslashes($rank)."',
submission_id = '".addslashes($submission_id)."',
- PersonID = '".addslashes($auth)."',
+ BugzillaUserID = '".addslashes($auth)."',
role = 'author'
";
$res = conference_sql($query);
@@ -830,7 +830,7 @@
$query = "insert into submission_authors set
rank = 0,
submission_id = '".addslashes($submission_id)."',
- PersonID = '".addslashes($auth)."',
+ BugzillaUserID = '".addslashes($auth)."',
role = 'assistant'
";
$res = conference_sql($query);
@@ -861,7 +861,7 @@
if(trim($need_extra_time) != ""){
$query = "insert into submission_comments set
submission_id = '".addslashes($submission_id)."',
- PersonID = '".addslashes($context->theuser->getFoundationID())."',
+ BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
comment = '".addslashes($need_extra_time)."',
ts = NOW(),
is_private = true";
Index: index.php
===================================================================
RCS file: /cvsroot/technology/org.eclipse.dash/submissions/index.php,v
retrieving revision 1.46
diff -u -r1.46 index.php
--- index.php 20 Nov 2009 20:45:04 -0000 1.46
+++ index.php 3 Feb 2011 20:08:30 -0000
@@ -1,4 +1,4 @@
-theuser->getFoundationID()."'
- and
- submissions.conference_id = ".$context->theconference->getConferenceID()."
- and
- conference_id = ".$context->theconference->getConferenceID()."
- order by submissions.submission_id";
- $res = conference_sql($query);
- $title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');
if(is_user_logged_in()){
- /*
- * get all the results
- */
+ $query = "select /* index.php:13 */ * from submissions AS S
+ INNER JOIN submission_authors AS A on A.submission_id = S.submission_id
+ WHERE A.BugzillaUserID = " . $context->theuser->getBugzillaUserID() . "
+ AND S.conference_id = ".$context->theconference->getConferenceID()."
+ ORDER BY S.submission_id";
+ $res = conference_sql($query);
+ $title = "Your Submission" . (mysql_num_rows($res) > 1 ? 's' : '');
+
$results = array();
while( $row = mysql_fetch_assoc($res) ) {
$results[$row['submission_id']] = $row;
@@ -47,10 +39,10 @@
theuser->getPicture() == true){
- $_GET['PersonID'] = $context->theuser->getFoundationID();
+ $_GET['PersonID'] = $context->theuser->getBugzillaUserID();
include("callbacks/image-upload.php");
}else{
- ?>
+ ?>
@@ -58,20 +50,20 @@
Your Bio
- =show_person( $context->theuser->getFoundationID(),true )?>
+ =show_person( $context->theuser->getBugzillaUserID(),true )?>
theuser->getFoundationID())){
+ if(get_speakers_accepted_submissions($context->theuser->getBugzillaUserID())){
?>
-}?>
+
Index: schedulingTool.php
===================================================================
RCS file: /cvsroot/technology/org.eclipse.dash/submissions/schedulingTool.php,v
retrieving revision 1.2
diff -u -r1.2 schedulingTool.php
--- schedulingTool.php 4 Feb 2009 20:14:20 -0000 1.2
+++ schedulingTool.php 3 Feb 2011 20:08:30 -0000
@@ -22,7 +22,7 @@
-
+
Index: user.php
===================================================================
RCS file: /cvsroot/technology/org.eclipse.dash/submissions/user.php,v
retrieving revision 1.25
diff -u -r1.25 user.php
--- user.php 3 Feb 2010 23:34:05 -0000 1.25
+++ user.php 3 Feb 2011 20:08:30 -0000
@@ -2,32 +2,52 @@
require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( false );
-if(isset($_GET['id'])){
- $person = get_people_information($_GET['id']);
-}
+# sanitize - incoming should be an integer
+if(!preg_match("/^[0-9]+$/", $_GET['id'])) {
+ unset($_GET['id']);
+}
- /*
- * From here down, we are generating an HTML page for the user.
- */
-conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php");
-do_header(false);
+# Array of talks for this user
+$a_talks = array();
-$bio = "";
-/*
- * if the id is set for this user
- */
if(isset($_GET['id'])){
/*
* load their bio
*/
- $query = "select * from speakers where PersonID = '".addslashes($_GET['id'])."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
+ $query = "select * from speakers where BugzillaUserID = '".addslashes($_GET['id'])."' and conference_id = '".addslashes($context->theconference->getConferenceID())."'";
$res = conference_sql($query);
$author_info = mysql_fetch_assoc($res);
if($author_info['bio'] != ""){
$bio = $author_info['bio'];
}
+
+ # Load up talks for this user
+ $query = "select /* user.php:95 */ S.*
+ FROM submissions AS S
+ INNER JOIN submission_authors AS A ON A.submission_id = S.submission_id
+ AND BugzillaUserID = ".addslashes($_GET['id'])."
+ AND role IN ('author','assistant')
+ AND conference_id = ".$context->theconference->getConferenceID()." order by rank asc";
+ $res = conference_sql($query);
+
+ while( $row = mysql_fetch_assoc($res) ) {
+ $a_talks[$row['submission_id']] = $row;
+ }
+
}
+
+conference_include($GLOBALS['FRAGMENTS_DIRECTORY'] . "header.php");
+do_header(false);
+
+ /*
+ * From here down, we are generating an HTML page for the user.
+ */
+
+$bio = "";
+/*
+ * if the id is set for this user
+ */
?>
@@ -36,7 +56,7 @@
- if($context->theuser->getFoundationID() == $_GET['id'] || current_user_has_role("conference_chair") ){
+ if($context->theuser->getBugzillaUserID() == $_GET['id'] || current_user_has_role("conference_chair") ){
$_GET['PersonID'] = $_GET['id'];
include("callbacks/image-upload.php");
}else{
@@ -51,7 +71,7 @@
Bio
- =show_person( $_GET['id'],true, true,true )?>
+ = show_person( $_GET['id'],true, true,true )?>
theuser->getFoundationID() == $_GET['id'] || current_user_has_role("conference_chair") || current_user_has_role("program_committee") || current_user_has_role("registration_master") ){
@@ -84,35 +104,8 @@
-
-
-
-
- $query = "select
- submissions.*
- from
- submissions,
- submission_authors
- where
- submissions.submission_id = submission_authors.submission_id
- and
- PersonID = '".addslashes($_GET['id'])."'
- and
- role in ('author','assistant')
- and
- conference_id = ".$context->theconference->getConferenceID()."
-
- order by rank asc
- ";
- $res = conference_sql($query);
- /*
- * get all the results
- */
- $results = array();
- while( $row = mysql_fetch_assoc($res) ) {
- $results[$row['submission_id']] = $row;
- }
- show_table_of_talks($results,"Submissions","view_talk.php");
+
@@ -141,11 +134,6 @@
}
?>
-
-
-
\ No newline at end of file
Index: view_talk.php
===================================================================
RCS file: /cvsroot/technology/org.eclipse.dash/submissions/view_talk.php,v
retrieving revision 1.62
diff -u -r1.62 view_talk.php
--- view_talk.php 26 Jan 2011 22:00:08 -0000 1.62
+++ view_talk.php 3 Feb 2011 20:08:30 -0000
@@ -2,6 +2,11 @@
require_once( "classes/external_entry_point.php"); // included for globals and disabled check, but not for context or login requirement
external_entry( false );
+# sanitize - incoming should be an integer
+if(!preg_match("/^[0-9]+$/", $_GET['id'])) {
+ unset($_GET['id']);
+}
+
/*
* Create a work flow object for processing submissions
*/
@@ -20,7 +25,7 @@
$errors = "";
if($_GET['cancel_id'] != ""){
- if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getFoundationID() ) ){
+ if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getBugzillaUserID() ) ){
$query = "update submissions set status = 'withdrawn' where submission_id = '".addslashes($_GET['cancel_id'])."'";
conference_sql($query);
}
@@ -73,9 +78,9 @@
if(get_magic_quotes_gpc()) {
$_POST['comment'] = stripslashes($_POST['comment']);
}
- $query = "insert into submission_comments set
+ $query = "insert /* view_talk.php:81 */ into submission_comments set
submission_id = '".addslashes($_POST['submission_id'])."',
- PersonID = '".addslashes($context->theuser->getFoundationID())."',
+ BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."',
comment = '".mysql_real_escape_string($_POST['comment'])."',
ts = NOW()
$private";
@@ -87,7 +92,7 @@
* remove them from the list for this talk
* NOTE: a check to make sure they are already on the list is NOT required before attempting to remove them
*/
- $query = "delete from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and PersonID = '".addslashes($context->theuser->getFoundationID())."'";
+ $query = "delete from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'";
conference_sql($query);
$workflow->on_remove_cc_list($context,$_POST['submission_id']);
}elseif($_POST['ADD'] == "add to cc"){
@@ -95,13 +100,13 @@
* .. if the user asked to be added to the CC list
* and they are not already on the list for this talk...
*/
- $query = "select * from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and PersonID = '".addslashes($context->theuser->getFoundationID())."'";
+ $query = "select * from watching_submissions where submission_id = '".addslashes($_POST['submission_id'])."' and BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."'";
$res = conference_sql($query);
if(mysql_num_rows($res) == 0){
/*
* .. add the user to the CC list for this talk
*/
- $query = "insert into watching_submissions set submission_id = '".addslashes($_POST['submission_id'])."', PersonID = '".addslashes($context->theuser->getFoundationID())."', conference_id = '".addslashes($context->theconference->getConferenceID())."', ts= now()";
+ $query = "insert into watching_submissions set submission_id = '".addslashes($_POST['submission_id'])."', BugzillaUserID = '".addslashes($context->theuser->getBugzillaUserID())."', conference_id = '".addslashes($context->theconference->getConferenceID())."', ts= now()";
conference_sql($query);
$workflow->on_add_cc_list($context,$_POST['submission_id']);
}
@@ -281,7 +286,7 @@
/*
* If this talk is the current users talk
*/
- if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getFoundationID() ) ){
+ if(can_user_edit_submission($a_talk['submission_id'], $context->theuser->getBugzillaUserID() ) ){
/*
* .. then show an 'edit submission' button to allow the to make changes to their talk
*/
@@ -443,8 +448,7 @@
/*
* Show all non private the comments (if any)
*/
- $query = "select
- *
+ $query = "select *
from
submission_comments
where
@@ -457,7 +461,7 @@
$people = array();
while($comment = mysql_fetch_assoc($res)){
$comments[] = $comment;
- $people[] = $comment['PersonID'];
+ $people[] = $comment['BugzillaUserID'];
}
/*
@@ -475,7 +479,7 @@
}
?>
|
Talk Tags
Receive email notification when changes occur to talk tags.
Index: callbacks/edit_category.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_category.php,v retrieving revision 1.6 diff -u -r1.6 edit_category.php --- callbacks/edit_category.php 26 Oct 2009 23:01:10 -0000 1.6 +++ callbacks/edit_category.php 3 Feb 2011 20:08:30 -0000 @@ -12,7 +12,7 @@ conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php"); $workflow = new talk_workflow(); -if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){ +if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){ $a_talk = get_submission_details($_POST['submission_id']); if(isset($_POST['category'])){ if($_POST['category'] != $a_talk['_category']){ Index: callbacks/edit_difficulty.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_difficulty.php,v retrieving revision 1.1 diff -u -r1.1 edit_difficulty.php --- callbacks/edit_difficulty.php 21 Oct 2008 23:24:29 -0000 1.1 +++ callbacks/edit_difficulty.php 3 Feb 2011 20:08:30 -0000 @@ -12,7 +12,7 @@ conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php"); $workflow = new talk_workflow(); -if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){ +if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){ $a_talk = get_submission_details($_POST['submission_id']); $a_talk['difficulties'] = get_talk_difficulties(); Index: callbacks/edit_file_link.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_file_link.php,v retrieving revision 1.2 diff -u -r1.2 edit_file_link.php --- callbacks/edit_file_link.php 30 Oct 2008 17:09:45 -0000 1.2 +++ callbacks/edit_file_link.php 3 Feb 2011 20:08:30 -0000 @@ -1,9 +1,11 @@ theuser->getFoundationID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){ + if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getBugzillaUserID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){ $link = getFileLink($_GET['submission_id']); Index: callbacks/edit_slide.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_slide.php,v retrieving revision 1.10 diff -u -r1.10 edit_slide.php --- callbacks/edit_slide.php 29 Oct 2009 23:21:45 -0000 1.10 +++ callbacks/edit_slide.php 3 Feb 2011 20:08:30 -0000 @@ -1,9 +1,11 @@ theuser->getFoundationID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){ + if(can_user_edit_submission($_GET['submission_id'],$context->theuser->getBugzillaUserID()) or current_user_has_role("conference_chair") or current_user_has_role("program_committee")){ $link = getSlideLink($_GET['submission_id']); Index: callbacks/edit_title.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_title.php,v retrieving revision 1.7 diff -u -r1.7 edit_title.php --- callbacks/edit_title.php 18 Sep 2009 17:58:04 -0000 1.7 +++ callbacks/edit_title.php 3 Feb 2011 20:08:30 -0000 @@ -12,7 +12,7 @@ conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php"); $workflow = new talk_workflow(); -if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){ +if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){ $a_talk = get_submission_details($_POST['submission_id']); if(isset($_POST['title'])){ $_POST['title'] = stripslashes($_POST['title']); Index: callbacks/edit_type.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/edit_type.php,v retrieving revision 1.5 diff -u -r1.5 edit_type.php --- callbacks/edit_type.php 6 Oct 2008 23:58:08 -0000 1.5 +++ callbacks/edit_type.php 3 Feb 2011 20:08:30 -0000 @@ -12,7 +12,7 @@ conference_require_once($GLOBALS['WORKFLOW_DIRECTORY']."talk_workflow.class.php"); $workflow = new talk_workflow(); -if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID())){ +if( isset($_POST['submission_id']) and can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID())){ $a_talk = get_submission_details($_POST['submission_id']); if(isset($_POST['type'])){ if($_POST['type'] != $a_talk['_type']){ Index: callbacks/find_author.php =================================================================== RCS file: /cvsroot/technology/org.eclipse.dash/submissions/callbacks/find_author.php,v retrieving revision 1.14 diff -u -r1.14 find_author.php --- callbacks/find_author.php 8 Feb 2010 23:24:18 -0000 1.14 +++ callbacks/find_author.php 3 Feb 2011 20:08:30 -0000 @@ -28,7 +28,7 @@ /* * .. then author is going to be added to a new submission */ - $exclude[$context->theuser->getFoundationID()] = $context->theuser->getFoundationID(); + $exclude[$context->theuser->getBugzillaUserID()] = $context->theuser->getBugzillaUserID(); /* * Figure out if we are finding a author or a assistant */ @@ -45,7 +45,7 @@ $exclude[$k] = $k; } }elseif( isset($_POST['role']) and isset($_POST['submission_id']) and - can_user_edit_submission($_POST['submission_id'],$context->theuser->getFoundationID()) ){ + can_user_edit_submission($_POST['submission_id'],$context->theuser->getBugzillaUserID()) ){ /* * get all the authors on this talk * use this list to remove them from the list @@ -69,7 +69,7 @@ ?>