| ︙ | | | ︙ | |
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
** tkt=TICKETUUID
** page=WIKIPAGE
**
** List attachments.
** Either one of tkt= or page= are supplied or neither. If neither
** are given, all attachments are listed. If one is given, only
** attachments for the designated ticket or wiki page are shown.
** TICKETUUID must be complete
*/
void attachlist_page(void){
const char *zPage = P("page");
const char *zTkt = P("tkt");
Blob sql;
Stmt q;
|
|
|
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
|
** tkt=TICKETUUID
** page=WIKIPAGE
**
** List attachments.
** Either one of tkt= or page= are supplied or neither. If neither
** are given, all attachments are listed. If one is given, only
** attachments for the designated ticket or wiki page are shown.
** TICKETUUID must be complete
*/
void attachlist_page(void){
const char *zPage = P("page");
const char *zTkt = P("tkt");
Blob sql;
Stmt q;
|
| ︙ | | | ︙ | |
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
);
if( zPage ){
if( g.perm.RdWiki==0 ) login_needed();
style_header("Attachments To %h", zPage);
blob_appendf(&sql, " WHERE target=%Q", zPage);
}else if( zTkt ){
if( g.perm.RdTkt==0 ) login_needed();
style_header("Attachments To Ticket %.10s", zTkt);
blob_appendf(&sql, " WHERE target GLOB '%q*'", zTkt);
}else{
if( g.perm.RdTkt==0 && g.perm.RdWiki==0 ) login_needed();
style_header("All Attachments");
}
blob_appendf(&sql, " ORDER BY mtime DESC");
db_prepare(&q, "%s", blob_str(&sql));
|
|
|
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
|
);
if( zPage ){
if( g.perm.RdWiki==0 ) login_needed();
style_header("Attachments To %h", zPage);
blob_appendf(&sql, " WHERE target=%Q", zPage);
}else if( zTkt ){
if( g.perm.RdTkt==0 ) login_needed();
style_header("Attachments To Ticket %S", zTkt);
blob_appendf(&sql, " WHERE target GLOB '%q*'", zTkt);
}else{
if( g.perm.RdTkt==0 && g.perm.RdWiki==0 ) login_needed();
style_header("All Attachments");
}
blob_appendf(&sql, " ORDER BY mtime DESC");
db_prepare(&q, "%s", blob_str(&sql));
|
| ︙ | | | ︙ | |
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
const char *zUser = db_column_text(&q, 5);
const char *zUuid = db_column_text(&q, 6);
int attachid = db_column_int(&q, 7);
const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
int i;
char *zUrlTail;
for(i=0; zFilename[i]; i++){
if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
zFilename = &zFilename[i+1];
i = -1;
}
}
if( strlen(zTarget)==UUID_SIZE && validate16(zTarget,UUID_SIZE) ){
zUrlTail = mprintf("tkt=%s&file=%t", zTarget, zFilename);
}else{
|
|
|
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
|
const char *zUser = db_column_text(&q, 5);
const char *zUuid = db_column_text(&q, 6);
int attachid = db_column_int(&q, 7);
const char *zDispUser = zUser && zUser[0] ? zUser : "anonymous";
int i;
char *zUrlTail;
for(i=0; zFilename[i]; i++){
if( zFilename[i]=='/' && zFilename[i+1]!=0 ){
zFilename = &zFilename[i+1];
i = -1;
}
}
if( strlen(zTarget)==UUID_SIZE && validate16(zTarget,UUID_SIZE) ){
zUrlTail = mprintf("tkt=%s&file=%t", zTarget, zFilename);
}else{
|
| ︙ | | | ︙ | |
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
|
}
zTarget = zPage;
zTargetType = mprintf("Wiki Page <a href=\"%s/wiki?name=%h\">%h</a>",
g.zTop, zPage, zPage);
}else{
if( g.perm.ApndTkt==0 || g.perm.Attach==0 ) login_needed();
if( !db_exists("SELECT 1 FROM tag WHERE tagname='tkt-%q'", zTkt) ){
zTkt = db_text(0, "SELECT substr(tagname,5) FROM tag"
" WHERE tagname GLOB 'tkt-%q*'", zTkt);
if( zTkt==0 ) fossil_redirect_home();
}
zTarget = zTkt;
zTargetType = mprintf("Ticket <a href=\"%s/tktview/%s\">%S</a>",
g.zTop, zTkt, zTkt);
}
|
|
|
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
|
}
zTarget = zPage;
zTargetType = mprintf("Wiki Page <a href=\"%s/wiki?name=%h\">%h</a>",
g.zTop, zPage, zPage);
}else{
if( g.perm.ApndTkt==0 || g.perm.Attach==0 ) login_needed();
if( !db_exists("SELECT 1 FROM tag WHERE tagname='tkt-%q'", zTkt) ){
zTkt = db_text(0, "SELECT substr(tagname,5) FROM tag"
" WHERE tagname GLOB 'tkt-%q*'", zTkt);
if( zTkt==0 ) fossil_redirect_home();
}
zTarget = zTkt;
zTargetType = mprintf("Ticket <a href=\"%s/tktview/%s\">%S</a>",
g.zTop, zTkt, zTkt);
}
|
| ︙ | | | ︙ | |
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
|
){
form_begin(0, "%R/ainfo/%s", zUuid);
@ <p>Confirm you want to delete the attachment shown below.
@ <input type="submit" name="confirm" value="Confirm">
@ </form>
}
isModerator = g.perm.Admin ||
(zTktUuid && g.perm.ModTkt) ||
(zWikiName && g.perm.ModWiki);
if( isModerator && (zModAction = P("modaction"))!=0 ){
if( strcmp(zModAction,"delete")==0 ){
moderation_disapprove(rid);
if( zTktUuid ){
cgi_redirectf("%R/tktview/%s", zTktUuid);
|
|
|
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
|
){
form_begin(0, "%R/ainfo/%s", zUuid);
@ <p>Confirm you want to delete the attachment shown below.
@ <input type="submit" name="confirm" value="Confirm">
@ </form>
}
isModerator = g.perm.Admin ||
(zTktUuid && g.perm.ModTkt) ||
(zWikiName && g.perm.ModWiki);
if( isModerator && (zModAction = P("modaction"))!=0 ){
if( strcmp(zModAction,"delete")==0 ){
moderation_disapprove(rid);
if( zTktUuid ){
cgi_redirectf("%R/tktview/%s", zTktUuid);
|
| ︙ | | | ︙ | |
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
|
@ <tr><th>Filename:</th><td>%h(zName)</td></tr>
zMime = mimetype_from_name(zName);
if( g.perm.Setup ){
@ <tr><th>MIME-Type:</th><td>%h(zMime)</td></tr>
}
@ <tr><th valign="top">Description:</th><td valign="top">%h(zDesc)</td></tr>
@ </table>
|
|
|
498
499
500
501
502
503
504
505
506
507
508
509
510
511
512
|
@ <tr><th>Filename:</th><td>%h(zName)</td></tr>
zMime = mimetype_from_name(zName);
if( g.perm.Setup ){
@ <tr><th>MIME-Type:</th><td>%h(zMime)</td></tr>
}
@ <tr><th valign="top">Description:</th><td valign="top">%h(zDesc)</td></tr>
@ </table>
if( isModerator && modPending ){
@ <div class="section">Moderation</div>
@ <blockquote>
form_begin(0, "%R/ainfo/%s", zUuid);
@ <label><input type="radio" name="modaction" value="delete">
@ Delete this change</label><br />
@ <label><input type="radio" name="modaction" value="approve">
|
| ︙ | | | ︙ | |
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
|
int cnt = 0;
Stmt q;
db_prepare(&q,
"SELECT datetime(mtime%s), filename, user,"
" (SELECT uuid FROM blob WHERE rid=attachid), src"
" FROM attachment"
" WHERE isLatest AND src!='' AND target=%Q"
" ORDER BY mtime DESC",
timeline_utc(), zTarget
);
while( db_step(&q)==SQLITE_ROW ){
const char *zDate = db_column_text(&q, 0);
const char *zFile = db_column_text(&q, 1);
const char *zUser = db_column_text(&q, 2);
const char *zUuid = db_column_text(&q, 3);
|
|
|
555
556
557
558
559
560
561
562
563
564
565
566
567
568
569
|
int cnt = 0;
Stmt q;
db_prepare(&q,
"SELECT datetime(mtime%s), filename, user,"
" (SELECT uuid FROM blob WHERE rid=attachid), src"
" FROM attachment"
" WHERE isLatest AND src!='' AND target=%Q"
" ORDER BY mtime DESC",
timeline_utc(), zTarget
);
while( db_step(&q)==SQLITE_ROW ){
const char *zDate = db_column_text(&q, 0);
const char *zFile = db_column_text(&q, 1);
const char *zUser = db_column_text(&q, 2);
const char *zUuid = db_column_text(&q, 3);
|
| ︙ | | | ︙ | |
580
581
582
583
584
585
586
587
588
|
@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
@ </li>
}
if( cnt ){
@ </ul>
}
db_finalize(&q);
|
|
|
580
581
582
583
584
585
586
587
588
|
@ [%z(href("%R/ainfo/%s",zUuid))details</a>]
@ </li>
}
if( cnt ){
@ </ul>
}
db_finalize(&q);
}
|