/*
** Query the database for all TICKET fields for the specific
** ticket whose name is given by the "name" CGI parameter.
** Load the values for all fields into the interpreter.
**
** Only load those fields which do not already exist as
** variables.
**
** Fields of the TICKET table that begin with "private_" are
** expanded using the db_reveal() function. If g.perm.RdAddr is
** true, then the db_reveal() function will decode the content
** using the CONCEALED table so that the content legible.
** Otherwise, db_reveal() is a no-op and the content remains
** obscured.
*/
static void initializeVariablesFromDb(void){
const char *zName;
Stmt q;
int i, n, size, j;
zName = PD("name","-none-");
db_prepare(&q, "SELECT datetime(tkt_mtime%s) AS tkt_datetime, *"
" FROM ticket WHERE tkt_uuid GLOB '%q*'",
timeline_utc(), zName);
if( db_step(&q)==SQLITE_ROW ){
n = db_column_count(&q);
for(i=0; i<n; i++){
const char *zVal = db_column_text(&q, i);
const char *zName = db_column_name(&q, i);
char *zRevealed = 0;
if( zVal==0 ){
zVal = "";
}else if( strncmp(zName, "private_", 8)==0 ){
zVal = zRevealed = db_reveal(zVal);
}
if( (j = fieldId(zName))>=0 ){
aField[j].zValue = mprintf("%s", zVal);
}else if( memcmp(zName, "tkt_", 4)==0 && Th_Fetch(zName, &size)==0 ){
Th_Store(zName, zVal);
}
free(zRevealed);
}
}
db_finalize(&q);
for(i=0; i<nField; i++){
if( Th_Fetch(aField[i].zName, &size)==0 ){
Th_Store(aField[i].zName, aField[i].zValue);
}
}
}
/*
** Query the database for all TICKET fields for the specific
** ticket whose name is given by the "name" CGI parameter.
** Load the values for all fields into the interpreter.
**
** Only load those fields which do not already exist as
** variables.
**
** Fields of the TICKET table that begin with "private_" are
** expanded using the db_reveal() function. If g.perm.RdAddr is
** true, then the db_reveal() function will decode the content
** using the CONCEALED table so that the content legable.
** Otherwise, db_reveal() is a no-op and the content remains
** obscured.
*/
static void initializeVariablesFromDb(void){
const char *zName;
Stmt q;
int i, n, size, j;
zName = PD("name","-none-");
db_prepare(&q, "SELECT datetime(tkt_mtime,'localtime') AS tkt_datetime, *"
" FROM ticket WHERE tkt_uuid GLOB '%q*'", zName);
if( db_step(&q)==SQLITE_ROW ){
n = db_column_count(&q);
for(i=0; i<n; i++){
const char *zVal = db_column_text(&q, i);
const char *zName = db_column_name(&q, i);
char *zRevealed = 0;
if( zVal==0 ){
zVal = "";
}else if( strncmp(zName, "private_", 8)==0 ){
zVal = zRevealed = db_reveal(zVal);
}
for(j=0; j<nField; j++){
if( fossil_strcmp(azField[j],zName)==0 ){
azValue[j] = mprintf("%s", zVal);
break;
}
}
if( Th_Fetch(zName, &size)==0 ){
Th_Store(zName, zVal);
}
free(zRevealed);
}
}else{
db_finalize(&q);
db_prepare(&q, "PRAGMA table_info(ticket)");
if( Th_Fetch("tkt_uuid",&size)==0 ){
Th_Store("tkt_uuid",zName);
}
while( db_step(&q)==SQLITE_ROW ){
const char *zField = db_column_text(&q, 1);
if( Th_Fetch(zField, &size)==0 ){
Th_Store(zField, "");
}
}
if( Th_Fetch("tkt_datetime",&size)==0 ){
Th_Store("tkt_datetime","");
}
}
db_finalize(&q);
}
/*
** TH1 command: combobox NAME TEXT-LIST NUMLINES
**
** Generate an HTML combobox. NAME is both the name of the
** CGI parameter and the name of a variable that contains the
** currently selected value. TEXT-LIST is a list of possible
** values for the combobox. NUMLINES is 1 for a true combobox.
** If NUMLINES is greater than one then the display is a listbox
** with the number of lines given.
*/
static int comboboxCmd(
Th_Interp *interp,
void *p,
int argc,
const char **argv,
int *argl
){
if( argc!=4 ){
return Th_WrongNumArgs(interp, "combobox NAME TEXT-LIST NUMLINES");
}
if( enableOutput ){
int height;
Blob name;
int nValue;
const char *zValue;
char *z, *zH;
int nElem;
int *aszElem;
char **azElem;
int i;
if( Th_ToInt(interp, argv[3], argl[3], &height) ) return TH_ERROR;
Th_SplitList(interp, argv[2], argl[2], &azElem, &aszElem, &nElem);
blob_init(&name, (char*)argv[1], argl[1]);
zValue = Th_Fetch(blob_str(&name), &nValue);
z = mprintf("<select name=\"%z\" size=\"%d\">",
htmlize(blob_buffer(&name), blob_size(&name)), height);
sendText(z, -1, 0);
free(z);
blob_reset(&name);
for(i=0; i<nElem; i++){
zH = htmlize((char*)azElem[i], aszElem[i]);
if( zValue && aszElem[i]==nValue
&& memcmp(zValue, azElem[i], nValue)==0 ){
z = mprintf("<option value=\"%s\" selected=\"selected\">%s</option>",
zH, zH);
}else{
z = mprintf("<option value=\"%s\">%s</option>", zH, zH);
}
free(zH);
sendText(z, -1, 0);
free(z);
}
sendText("</select>", -1, 0);
Th_Free(interp, azElem);
}
return TH_OK;
}
/*
** Subscript command: submit_ticket
**
** Construct and submit a new ticket artifact. The fields of the artifact
** are the names of the columns in the TICKET table. The content is
** taken from TH variables. If the content is unchanged, the field is
** omitted from the artifact. Fields whose names begin with "private_"
** are concealed using the db_conceal() function.
*/
static int submitTicketCmd(
Th_Interp *interp,
void *pUuid,
int argc,
const char **argv,
int *argl
){
char *zDate;
const char *zUuid;
int i;
int nJ = 0;
Blob tktchng, cksum;
login_verify_csrf_secret();
if( !captcha_is_correct() ){
cgi_printf("<p class=\"generalError\">Error: Incorrect security code.</p>\n");
return TH_OK;
}
zUuid = (const char *)pUuid;
blob_zero(&tktchng);
zDate = date_in_standard_format("now");
blob_appendf(&tktchng, "D %s\n", zDate);
free(zDate);
for(i=0; i<nField; i++){
if( aField[i].zAppend ){
blob_appendf(&tktchng, "J +%s %z\n", aField[i].zName,
fossilize(aField[i].zAppend, -1));
++nJ;
}
}
for(i=0; i<nField; i++){
const char *zValue;
int nValue;
if( aField[i].zAppend ) continue;
zValue = Th_Fetch(aField[i].zName, &nValue);
if( zValue ){
while( nValue>0 && fossil_isspace(zValue[nValue-1]) ){ nValue--; }
if( ((aField[i].mUsed & USEDBY_TICKETCHNG)!=0 && nValue>0)
|| memcmp(zValue, aField[i].zValue, nValue)!=0
|| strlen(aField[i].zValue)!=nValue
){
if( memcmp(aField[i].zName, "private_", 8)==0 ){
zValue = db_conceal(zValue, nValue);
blob_appendf(&tktchng, "J %s %s\n", aField[i].zName, zValue);
}else{
blob_appendf(&tktchng, "J %s %#F\n", aField[i].zName, nValue, zValue);
}
nJ++;
}
}
}
if( *(char**)pUuid ){
zUuid = db_text(0,
"SELECT tkt_uuid FROM ticket WHERE tkt_uuid GLOB '%q*'", P("name")
);
}else{
zUuid = db_text(0, "SELECT lower(hex(randomblob(20)))");
}
*(const char**)pUuid = zUuid;
blob_appendf(&tktchng, "K %s\n", zUuid);
blob_appendf(&tktchng, "U %F\n", g.zLogin ? g.zLogin : "");
md5sum_blob(&tktchng, &cksum);
blob_appendf(&tktchng, "Z %b\n", &cksum);
if( nJ==0 ){
blob_reset(&tktchng);
return TH_OK;
}
if( g.zPath[0]=='d' ){
/* If called from /debug_tktnew or /debug_tktedit... */
cgi_printf("<font color=\"blue\">\n"
"<p>Ticket artifact that would have been submitted:</p>\n"
"<blockquote><pre>%h</pre></blockquote>\n"
"<hr /></font>\n",(blob_str(&tktchng)));
return TH_OK;
}else{
if( g.thTrace ){
Th_Trace("submit_ticket {\n<blockquote><pre>\n%h\n</pre></blockquote>\n"
"}<br />\n",
blob_str(&tktchng));
}
ticket_put(&tktchng, zUuid,
(g.perm.ModTkt==0 && db_get_boolean("modreq-tkt",0)==1));
}
return ticket_change();
}
