+<?php

+

+namespace Action;

+

+use Model\Task;

+

+/**

+ * Set a category automatically according to the color

+ *

+ * @package action

+ * @author Frederic Guillot

+ */

+class TaskAssignCategoryColor extends Base

+{

+ /**

+ * Task model

+ *

+ * @accesss private

+ * @var \Model\Task

+ */

+ private $task;

+

+ /**

+ * Constructor

+ *

+ * @access public

+ * @param integer $project_id Project id

+ * @param \Model\Task $task Task model instance

+ */

+ public function __construct($project_id, Task $task)

+ {

+ parent::__construct($project_id);

+ $this->task = $task;

+ }

+

+ /**

+ * Get the required parameter for the action (defined by the user)

+ *

+ * @access public

+ * @return array

+ */

+ public function getActionRequiredParameters()

+ {

+ return array(

+ 'color_id' => t('Color'),

+ 'category_id' => t('Category'),

+ );

+ }

+

+ /**

+ * Get the required parameter for the event

+ *

+ * @access public

+ * @return string[]

+ */

+ public function getEventRequiredParameters()

+ {

+ return array(

+ 'task_id',

+ 'color_id',

+ );

+ }

+

+ /**

+ * Execute the action

+ *

+ * @access public

+ * @param array $data Event data dictionary

+ * @return bool True if the action was executed or false when not executed

+ */

+ public function doAction(array $data)

+ {

+ if ($data['color_id'] == $this->getParam('color_id')) {

+

+ $this->task->update(array(

+ 'id' => $data['task_id'],

+ 'category_id' => $this->getParam('category_id'),

+ ));

+

+ return true;

+ }

+

+ return false;

+ }

+}

+ $this->checkCSRFParam();

+use Core\Security;

+ * @property \Model\SubTask $subTask

+ * Application forbidden page

+ *

+ * @access public

+ */

+ public function forbidden()

+ {

+ $this->response->html($this->template->layout('app_forbidden', array('title' => t('Access Forbidden'))));

+ }

+

+ /**

+ * Check if the CSRF token from the URL is correct

+ *

+ * @access protected

+ */

+ protected function checkCSRFParam()

+ {

+ if (! Security::validateCSRFToken($this->request->getStringParam('csrf_token'))) {

+ $this->forbidden();

+ }

+ }

+

+ /**

+ $this->forbidden();

+use Core\Security;

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ if ($this->request->isAjax()) {

+ $project_id = $this->request->getIntegerParam('project_id');

+ $values = $this->request->getValues();

+ if ($project_id > 0 && ! $this->project->isUserAllowed($project_id, $this->acl->getUserId())) {

+ $this->response->text('Not Authorized', 401);

+ }

+

+ if (isset($values['positions'])) {

+ $this->board->saveTasksPosition($values['positions']);

+ }

+ $this->response->html(

+ $this->template->load('board_show', array(

+ 'current_project_id' => $project_id,

+ 'board' => $this->board->get($project_id),

+ 'categories' => $this->category->getList($project_id, false),

+ )),

+ 201

+ );

+ }

+ else {

+ $this->response->status(401);

+ }

+ if ($this->request->isAjax()) {

+ $project_id = $this->request->getIntegerParam('project_id');

+ $timestamp = $this->request->getIntegerParam('timestamp');

+ if ($project_id > 0 && ! $this->project->isUserAllowed($project_id, $this->acl->getUserId())) {

+ $this->response->text('Not Authorized', 401);

+ }

+

+ if ($this->project->isModifiedSince($project_id, $timestamp)) {

+ $this->response->html(

+ $this->template->load('board_show', array(

+ 'current_project_id' => $project_id,

+ 'board' => $this->board->get($project_id),

+ 'categories' => $this->category->getList($project_id, false),

+ ))

+ );

+ }

+ else {

+ $this->response->status(304);

+ }

+ $this->response->status(401);

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ 'max_size' => ini_get('upload_max_filesize'),

+

+ if ($this->file->upload($task['project_id'], $task['id'], 'files') === true) {

+ $this->response->redirect('?controller=task&action=show&task_id='.$task['id'].'#attachments');

+ }

+ else {

+ $this->session->flashError(t('Unable to upload the file.'));

+ $this->response->redirect('?controller=file&action=create&task_id='.$task['id']);

+ }

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+

+<?php

+

+namespace Controller;

+

+/**

+ * SubTask controller

+ *

+ * @package controller

+ * @author Frederic Guillot

+ */

+class Subtask extends Base

+{

+ /**

+ * Get the current subtask

+ *

+ * @access private

+ * @return array

+ */

+ private function getSubtask()

+ {

+ $subtask = $this->subTask->getById($this->request->getIntegerParam('subtask_id'));

+

+ if (! $subtask) {

+ $this->notfound();

+ }

+

+ return $subtask;

+ }

+

+ /**

+ * Creation form

+ *

+ * @access public

+ */

+ public function create()

+ {

+ $task = $this->getTask();

+

+ $this->response->html($this->taskLayout('subtask_create', array(

+ 'values' => array(

+ 'task_id' => $task['id'],

+ ),

+ 'errors' => array(),

+ 'users_list' => $this->project->getUsersList($task['project_id']),

+ 'task' => $task,

+ 'menu' => 'tasks',

+ 'title' => t('Add a sub-task')

+ )));

+ }

+

+ /**

+ * Validation and creation

+ *

+ * @access public

+ */

+ public function save()

+ {

+ $task = $this->getTask();

+ $values = $this->request->getValues();

+

+ list($valid, $errors) = $this->subTask->validate($values);

+

+ if ($valid) {

+

+ if ($this->subTask->create($values)) {

+ $this->session->flash(t('Sub-task added successfully.'));

+ }

+ else {

+ $this->session->flashError(t('Unable to create your sub-task.'));

+ }

+

+ if (isset($values['another_subtask']) && $values['another_subtask'] == 1) {

+ $this->response->redirect('?controller=subtask&action=create&task_id='.$task['id']);

+ }

+

+ $this->response->redirect('?controller=task&action=show&task_id='.$task['id'].'#subtasks');

+ }

+

+ $this->response->html($this->taskLayout('subtask_create', array(

+ 'values' => $values,

+ 'errors' => $errors,

+ 'users_list' => $this->project->getUsersList($task['project_id']),

+ 'task' => $task,

+ 'menu' => 'tasks',

+ 'title' => t('Add a sub-task')

+ )));

+ }

+

+ /**

+ * Edit form

+ *

+ * @access public

+ */

+ public function edit()

+ {

+ $task = $this->getTask();

+ $subtask = $this->getSubTask();

+

+ $this->response->html($this->taskLayout('subtask_edit', array(

+ 'values' => $subtask,

+ 'errors' => array(),

+ 'users_list' => $this->project->getUsersList($task['project_id']),

+ 'status_list' => $this->subTask->getStatusList(),

+ 'subtask' => $subtask,

+ 'task' => $task,

+ 'menu' => 'tasks',

+ 'title' => t('Edit a sub-task')

+ )));

+ }

+

+ /**

+ * Update and validate a subtask

+ *

+ * @access public

+ */

+ public function update()

+ {

+ $task = $this->getTask();

+ $subtask = $this->getSubtask();

+

+ $values = $this->request->getValues();

+ list($valid, $errors) = $this->subTask->validate($values);

+

+ if ($valid) {

+

+ if ($this->subTask->update($values)) {

+ $this->session->flash(t('Sub-task updated successfully.'));

+ }

+ else {

+ $this->session->flashError(t('Unable to update your sub-task.'));

+ }

+

+ $this->response->redirect('?controller=task&action=show&task_id='.$task['id'].'#subtasks');

+ }

+

+ $this->response->html($this->taskLayout('subtask_edit', array(

+ 'values' => $values,

+ 'errors' => $errors,

+ 'users_list' => $this->project->getUsersList($task['project_id']),

+ 'status_list' => $this->subTask->getStatusList(),

+ 'subtask' => $subtask,

+ 'task' => $task,

+ 'menu' => 'tasks',

+ 'title' => t('Edit a sub-task')

+ )));

+ }

+

+ /**

+ * Confirmation dialog before removing a subtask

+ *

+ * @access public

+ */

+ public function confirm()

+ {

+ $task = $this->getTask();

+ $subtask = $this->getSubtask();

+

+ $this->response->html($this->taskLayout('subtask_remove', array(

+ 'subtask' => $subtask,

+ 'task' => $task,

+ 'menu' => 'tasks',

+ 'title' => t('Remove a sub-task')

+ )));

+ }

+

+ /**

+ * Remove a subtask

+ *

+ * @access public

+ */

+ public function remove()

+ {

+ $this->checkCSRFParam();

+ $task = $this->getTask();

+ $subtask = $this->getSubtask();

+

+ if ($this->subTask->remove($subtask['id'])) {

+ $this->session->flash(t('Sub-task removed successfully.'));

+ }

+ else {

+ $this->session->flashError(t('Unable to remove this sub-task.'));

+ }

+

+ $this->response->redirect('?controller=task&action=show&task_id='.$task['id'].'#subtasks');

+ }

+}

+ 'subtasks' => $this->subTask->getAll($task['id']),

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ if (isset($_SESSION['user'])) {

+ $this->response->redirect('?controller=app');

+ }

+ $this->checkCSRFParam();

+ $this->checkCSRFParam();

+ if (! $this->isEventTriggered($eventName)) {

+ $this->lastEvent = $eventName;

+ $this->events[] = $eventName;

+

+ if (isset($this->listeners[$eventName])) {

+ foreach ($this->listeners[$eventName] as $listener) {

+ if ($listener->execute($data)) {

+ $this->lastListener = get_class($listener);

+ }

+ * Check if an event have been triggered

+ *

+ * @access public

+ * @param string $eventName Event name

+ * @return bool

+ */

+ public function isEventTriggered($eventName)

+ {

+ return in_array($eventName, $this->events);

+ }

+

+ /**

+ * Flush the list of triggered events

+ *

+ * @access public

+ */

+ public function clearTriggeredEvents()

+ {

+ $this->events = array();

+ $this->lastEvent = '';

+ }

+

+ /**

+use Core\Security;

+

+

+ if (Security::validateCSRFFormToken($_POST)) {

+ return $_POST;

+ }

+

+ return array();

+ return $this->getHeader('X-Requested-With') === 'XMLHttpRequest';

+ }

+

+ /**

+ * Return a HTTP header value

+ *

+ * @access public

+ * @param string $name Header name

+ * @return string

+ */

+ public function getHeader($name)

+ {

+ $name = 'HTTP_'.str_replace('-', '_', strtoupper($name));

+ return isset($_SERVER[$name]) ? $_SERVER[$name] : '';

+ * Send no cache headers

+ *

+ * @access public

+ */

+ public function nocache()

+ {

+ header('Pragma: no-cache');

+ header('Expires: Sat, 26 Jul 1997 05:00:00 GMT');

+

+ // Use no-store due to a Chrome bug: https://code.google.com/p/chromium/issues/detail?id=28035

+ header('Cache-Control: no-store, must-revalidate');

+ }

+

+ /**

+ $this->nocache();

+ $this->nocache();

+ $this->nocache();

+ $this->nocache();

+ $this->nocache();

+<?php

+

+namespace Core;

+

+/**

+ * Security class

+ *

+ * @package core

+ * @author Frederic Guillot

+ */

+class Security

+{

+ /**

+ * Generate a random token with different methods: openssl or /dev/urandom or fallback to uniqid()

+ *

+ * @static

+ * @access public

+ * @return string Random token

+ */

+ public static function generateToken()

+ {

+ if (function_exists('openssl_random_pseudo_bytes')) {

+ return bin2hex(\openssl_random_pseudo_bytes(30));

+ }

+ else if (ini_get('open_basedir') === '' && strtoupper(substr(PHP_OS, 0, 3)) !== 'WIN') {

+ return hash('sha256', file_get_contents('/dev/urandom', false, null, 0, 30));

+ }

+

+ return hash('sha256', uniqid(mt_rand(), true));

+ }

+

+ /**

+ * Generate and store a CSRF token in the current session

+ *

+ * @static

+ * @access public

+ * @return string Random token

+ */

+ public static function getCSRFToken()

+ {

+ $nonce = self::generateToken();

+

+ if (empty($_SESSION['csrf_tokens'])) {

+ $_SESSION['csrf_tokens'] = array();

+ }

+

+ $_SESSION['csrf_tokens'][$nonce] = true;

+

+ return $nonce;

+ }

+

+ /**

+ * Check if the token exists for the current session (a token can be used only one time)

+ *

+ * @static

+ * @access public

+ * @param string $token CSRF token

+ * @return bool

+ */

+ public static function validateCSRFToken($token)

+ {

+ if (isset($_SESSION['csrf_tokens'][$token])) {

+ unset($_SESSION['csrf_tokens'][$token]);

+ return true;

+ }

+

+ return false;

+ }

+

+ /**

+ * Check if the token used in a form is correct and then remove the value

+ *

+ * @static

+ * @access public

+ * @param array $values Form values

+ * @return bool

+ */

+ public static function validateCSRFFormToken(array &$values)

+ {

+ if (! empty($values['csrf_token']) && self::validateCSRFToken($values['csrf_token'])) {

+ unset($values['csrf_token']);

+ return true;

+ }

+

+ return false;

+ }

+}

+ const SESSION_LIFETIME = 7200; // 2 hours

+ ! empty($_SERVER['HTTPS']),

+ // Flush all sessions variables

+ $_SESSION = array();

+

+ // Destroy the session cookie

+ if (ini_get('session.use_cookies')) {

+ $params = session_get_cookie_params();

+

+ setcookie(

+ session_name(),

+ '',

+ time() - 42000,

+ $params['path'],

+ $params['domain'],

+ $params['secure'],

+ $params['httponly']

+ );

+ }

+

+ // Destroy session data

+ $format = $this->get($format, $format);

+

+ if (strtoupper(substr(PHP_OS, 0, 3)) === 'WIN') {

+ $format = str_replace('%e', '%d', $format);

+ $format = str_replace('%G', '%Y', $format);

+ $format = str_replace('%k', '%H', $format);

+ }

+

+ return strftime($format, (int) $timestamp);

+ 'Passwords don\'t match' => 'Passwörter passen nicht zusammen',

+ // 'Assign automatically a color based on a category' => '',

+ // 'Assign automatically a category based on a color' => '',

+ // 'Time tracking' => '',

+ // 'Estimate:' => '',

+ // 'Spent:' => '',

+ // 'Do you really want to remove this sub-task?' => '',

+ // 'Remaining:' => '',

+ // 'hours' => '',

+ // 'spent' => '',

+ // 'estimated' => '',

+ // 'Sub-Tasks' => '',

+ // 'Add a sub-task' => '',

+ // 'Original Estimate' => '',

+ // 'Create another sub-task' => '',

+ // 'Time Spent' => '',

+ // 'Edit a sub-task' => '',

+ // 'Remove a sub-task' => '',

+ // 'The time must be a numeric value' => '',

+ // 'Todo' => '',

+ // 'In progress' => '',

+ // 'Done' => '',

+ // 'Sub-task removed successfully.' => '',

+ // 'Unable to remove this sub-task.' => '',

+ // 'Sub-task updated successfully.' => '',

+ // 'Unable to update your sub-task.' => '',

+ // 'Unable to create your sub-task.' => '',

+ // 'Sub-task added successfully.' => '',

+ // 'Maximum size: ' => '',

+ // 'Unable to upload the file.' => '',

+ 'Passwords don\'t match' => 'Las contraseñas no corresponden',

+ // 'Assign automatically a color based on a category' => '',

+ // 'Assign automatically a category based on a color' => '',

+ // 'Time tracking' => '',

+ // 'Estimate:' => '',

+ // 'Spent:' => '',

+ // 'Do you really want to remove this sub-task?' => '',

+ // 'Remaining:' => '',

+ // 'hours' => '',

+ // 'spent' => '',

+ // 'estimated' => '',

+ // 'Sub-Tasks' => '',

+ // 'Add a sub-task' => '',

+ // 'Original Estimate' => '',

+ // 'Create another sub-task' => '',

+ // 'Time Spent' => '',

+ // 'Edit a sub-task' => '',

+ // 'Remove a sub-task' => '',

+ // 'The time must be a numeric value' => '',

+ // 'Todo' => '',

+ // 'In progress' => '',

+ // 'Done' => '',

+ // 'Sub-task removed successfully.' => '',

+ // 'Unable to remove this sub-task.' => '',

+ // 'Sub-task updated successfully.' => '',

+ // 'Unable to update your sub-task.' => '',

+ // 'Unable to create your sub-task.' => '',

+ // 'Sub-task added successfully.' => '',

+ // 'Maximum size: ' => '',

+ // 'Unable to upload the file.' => '',

+ 'Passwords don\'t match' => 'Les mots de passe ne correspondent pas',

+ 'Assign automatically a color based on a category' => 'Assigner automatiquement une couleur par rapport à une catégorie définie',

+ 'Assign automatically a category based on a color' => 'Assigner automatiquement une catégorie par rapport à une couleur définie',

+ 'Time tracking' => 'Gestion du temps',

+ 'Estimate:' => 'Estimation :',

+ 'Spent:' => 'Passé :',

+ 'Do you really want to remove this sub-task?' => 'Voulez-vous vraiment supprimer cette sous-tâche ?',

+ 'Remaining:' => 'Restant :',

+ 'hours' => 'heures',

+ 'spent' => 'passé',

+ 'estimated' => 'estimé',

+ 'Sub-Tasks' => 'Sous-Tâches',

+ 'Add a sub-task' => 'Ajouter une sous-tâche',

+ 'Original Estimate' => 'Estimation originale',

+ 'Create another sub-task' => 'Créer une autre sous-tâche',

+ 'Time Spent' => 'Temps passé',

+ 'Edit a sub-task' => 'Modifier une sous-tâche',

+ 'Remove a sub-task' => 'Supprimer une sous-tâche',

+ 'The time must be a numeric value' => 'Le temps doit-être une valeur numérique',

+ 'Todo' => 'À faire',

+ 'In progress' => 'En cours',

+ 'Done' => 'Terminé',

+ 'Sub-task removed successfully.' => 'Sous-tâche supprimée avec succès.',

+ 'Unable to remove this sub-task.' => 'Impossible de supprimer cette sous-tâche.',

+ 'Sub-task updated successfully.' => 'Sous-tâche mise à jour avec succès.',

+ 'Unable to update your sub-task.' => 'Impossible de mettre à jour votre sous-tâche.',

+ 'Unable to create your sub-task.' => 'Impossible de créer votre sous-tâche.',

+ 'Sub-task added successfully.' => 'Sous-tâche ajouté avec succès.',

+ 'Maximum size: ' => 'Taille maximum : ',

+ 'Unable to upload the file.' => 'Impossible de transférer le fichier.',

+ 'Passwords don\'t match' => 'Hasła nie pasują do siebie',

+ // 'Assign automatically a color based on a category' => '',

+ // 'Assign automatically a category based on a color' => '',

+ // 'Time tracking' => '',

+ // 'Estimate:' => '',

+ // 'Spent:' => '',

+ // 'Do you really want to remove this sub-task?' => '',

+ // 'Remaining:' => '',

+ // 'hours' => '',

+ // 'spent' => '',

+ // 'estimated' => '',

+ // 'Sub-Tasks' => '',

+ // 'Add a sub-task' => '',

+ // 'Original Estimate' => '',

+ // 'Create another sub-task' => '',

+ // 'Time Spent' => '',

+ // 'Edit a sub-task' => '',

+ // 'Remove a sub-task' => '',

+ // 'The time must be a numeric value' => '',

+ // 'Todo' => '',

+ // 'In progress' => '',

+ // 'Done' => '',

+ // 'Sub-task removed successfully.' => '',

+ // 'Unable to remove this sub-task.' => '',

+ // 'Sub-task updated successfully.' => '',

+ // 'Unable to update your sub-task.' => '',

+ // 'Unable to create your sub-task.' => '',

+ // 'Sub-task added successfully.' => '',

+ // 'Maximum size: ' => '',

+ // 'Unable to upload the file.' => '',

+ 'Passwords don\'t match' => 'As senhas não conferem',

+ // 'Assign automatically a color based on a category' => '',

+ // 'Assign automatically a category based on a color' => '',

+ // 'Time tracking' => '',

+ // 'Estimate:' => '',

+ // 'Spent:' => '',

+ // 'Do you really want to remove this sub-task?' => '',

+ // 'Remaining:' => '',

+ // 'hours' => '',

+ // 'spent' => '',

+ // 'estimated' => '',

+ // 'Sub-Tasks' => '',

+ // 'Add a sub-task' => '',

+ // 'Original Estimate' => '',

+ // 'Create another sub-task' => '',

+ // 'Time Spent' => '',

+ // 'Edit a sub-task' => '',

+ // 'Remove a sub-task' => '',

+ // 'The time must be a numeric value' => '',

+ // 'Todo' => '',

+ // 'In progress' => '',

+ // 'Done' => '',

+ // 'Sub-task removed successfully.' => '',

+ // 'Unable to remove this sub-task.' => '',

+ // 'Sub-task updated successfully.' => '',

+ // 'Unable to update your sub-task.' => '',

+ // 'Unable to create your sub-task.' => '',

+ // 'Sub-task added successfully.' => '',

+ // 'Maximum size: ' => '',

+ // 'Unable to upload the file.' => '',

+ 'subtask' => array('create', 'save', 'edit', 'update', 'confirm', 'remove'),

+ 'TaskAssignColorCategory' => t('Assign automatically a color based on a category'),

+ 'TaskAssignCategoryColor' => t('Assign automatically a category based on a color'),

+ case 'TaskAssignCategoryColor':

+ $className = '\Action\TaskAssignCategoryColor';

+ return new $className($project_id, new Task($this->db, $this->event));

+require __DIR__.'/../../vendor/SimpleValidator/Validators/Numeric.php';

+use Core\Security;

+ $timezones = timezone_identifiers_list();

+ $this->db->table(self::TABLE)->update(array('webhooks_token' => Security::generateToken()));

+ $this->db->table(Project::TABLE)->eq('id', $project_id)->update(array('token' => Security::generateToken()));

+ * Remove all files for a given task

+ *

+ * @access public

+ * @param integer $task_id Task id

+ * @return bool

+ */

+ public function removeAll($task_id)

+ {

+ $files = $this->getAll($task_id);

+

+ foreach ($files as $file) {

+ $this->remove($file['id']);

+ }

+ }

+

+ /**

+ $result = array();

+ $result[] = $this->create(

+

+ return count(array_unique($result)) === 1;

+use Core\Security;

+ $values['token'] = Security::generateToken();

+use Core\Security;

+

+ $token = hash('sha256', $user_id.$user_agent.$ip.Security::generateToken());

+ $sequence = Security::generateToken();

+ $new_sequence = Security::generateToken();

+<?php

+

+namespace Model;

+

+use SimpleValidator\Validator;

+use SimpleValidator\Validators;

+

+/**

+ * Subtask model

+ *

+ * @package model

+ * @author Frederic Guillot

+ */

+class SubTask extends Base

+{

+ /**

+ * SQL table name

+ *

+ * @var string

+ */

+ const TABLE = 'task_has_subtasks';

+

+ /**

+ * Task "done" status

+ *

+ * @var integer

+ */

+ const STATUS_DONE = 2;

+

+ /**

+ * Task "in progress" status

+ *

+ * @var integer

+ */

+ const STATUS_INPROGRESS = 1;

+

+ /**

+ * Task "todo" status

+ *

+ * @var integer

+ */

+ const STATUS_TODO = 0;

+

+ /**

+ * Get available status

+ *

+ * @access public

+ * @return array

+ */

+ public function getStatusList()

+ {

+ $status = array(

+ self::STATUS_TODO => t('Todo'),

+ self::STATUS_INPROGRESS => t('In progress'),

+ self::STATUS_DONE => t('Done'),

+ );

+

+ asort($status);

+

+ return $status;

+ }

+

+ /**

+ * Get all subtasks for a given task

+ *

+ * @access public

+ * @param integer $task_id Task id

+ * @return array

+ */

+ public function getAll($task_id)

+ {

+ $status = $this->getStatusList();

+ $subtasks = $this->db->table(self::TABLE)

+ ->eq('task_id', $task_id)

+ ->columns(self::TABLE.'.*', User::TABLE.'.username')

+ ->join(User::TABLE, 'id', 'user_id')

+ ->findAll();

+

+ foreach ($subtasks as &$subtask) {

+ $subtask['status_name'] = $status[$subtask['status']];

+ }

+

+ return $subtasks;

+ }

+

+ /**

+ * Get a subtask by the id

+ *

+ * @access public

+ * @param integer $subtask_id Subtask id

+ * @return array

+ */

+ public function getById($subtask_id)

+ {

+ return $this->db->table(self::TABLE)->eq('id', $subtask_id)->findOne();

+ }

+

+ /**

+ * Create

+ *

+ * @access public

+ * @param array $values Form values

+ * @return bool

+ */

+ public function create(array $values)

+ {

+ if (isset($values['another_subtask'])) {

+ unset($values['another_subtask']);

+ }

+

+ if (isset($values['time_estimated']) && empty($values['time_estimated'])) {

+ $values['time_estimated'] = 0;

+ }

+

+ if (isset($values['time_spent']) && empty($values['time_spent'])) {

+ $values['time_spent'] = 0;

+ }

+

+ return $this->db->table(self::TABLE)->save($values);

+ }

+

+ /**

+ * Update

+ *

+ * @access public

+ * @param array $values Form values

+ * @return bool

+ */

+ public function update(array $values)

+ {

+ if (isset($values['time_estimated']) && empty($values['time_estimated'])) {

+ $values['time_estimated'] = 0;

+ }

+

+ if (isset($values['time_spent']) && empty($values['time_spent'])) {

+ $values['time_spent'] = 0;

+ }

+

+ return $this->db->table(self::TABLE)->eq('id', $values['id'])->save($values);

+ }

+

+ /**

+ * Remove

+ *

+ * @access public

+ * @param integer $subtask_id Subtask id

+ * @return bool

+ */

+ public function remove($subtask_id)

+ {

+ return $this->db->table(self::TABLE)->eq('id', $subtask_id)->remove();

+ }

+

+ /**

+ * Validate creation/modification

+ *

+ * @access public

+ * @param array $values Form values

+ * @return array $valid, $errors [0] = Success or not, [1] = List of errors

+ */

+ public function validate(array $values)

+ {

+ $v = new Validator($values, array(

+ new Validators\Required('task_id', t('The task id is required')),

+ new Validators\Integer('task_id', t('The task id must be an integer')),

+ new Validators\Required('title', t('The title is required')),

+ new Validators\MaxLength('title', t('The maximum length is %d characters', 100), 100),

+ new Validators\Integer('user_id', t('The user id must be an integer')),

+ new Validators\Integer('status', t('The status must be an integer')),

+ new Validators\Numeric('time_estimated', t('The time must be a numeric value')),

+ new Validators\Numeric('time_spent', t('The time must be a numeric value')),

+ ));

+

+ return array(

+ $v->execute(),

+ $v->getErrors()

+ );

+ }

+}

+ $events = array(

+ self::EVENT_CREATE_UPDATE,

+ self::EVENT_UPDATE,

+ );

+ $file = new File($this->db, $this->event);

+ $file->removeAll($task_id);

+

+ $this->event->clearTriggeredEvents();

+

+ new Validators\Equals('password', 'confirmation', t('Passwords don\'t match')),

+ new Validators\Equals('password', 'confirmation', t('Passwords don\'t match')),

+const VERSION = 18;

+

+function version_18($pdo)

+{

+ $pdo->exec("

+ CREATE TABLE task_has_subtasks (

+ id INT NOT NULL AUTO_INCREMENT,

+ title VARCHAR(255),

+ status INT DEFAULT 0,

+ time_estimated INT DEFAULT 0,

+ time_spent INT DEFAULT 0,

+ task_id INT,

+ user_id INT,

+ PRIMARY KEY (id),

+ FOREIGN KEY(task_id) REFERENCES tasks(id) ON DELETE CASCADE

+ ) ENGINE=InnoDB CHARSET=utf8"

+ );

+}

+ VALUES ('".\Core\Security::generateToken()."')

+const VERSION = 18;

+

+function version_18($pdo)

+{

+ $pdo->exec("

+ CREATE TABLE task_has_subtasks (

+ id INTEGER PRIMARY KEY,

+ title TEXT COLLATE NOCASE,

+ status INTEGER DEFAULT 0,

+ time_estimated INTEGER DEFAULT 0,

+ time_spent INTEGER DEFAULT 0,

+ task_id INTEGER,

+ user_id INTEGER,

+ FOREIGN KEY(task_id) REFERENCES tasks(id) ON DELETE CASCADE

+ )"

+ );

+}

+ $rq->execute(array(\Core\Security::generateToken(), $result['id']));

+ VALUES ('en_US', '".\Core\Security::generateToken()."')

+ <?= Helper\form_csrf() ?>

+ <?= Helper\form_csrf() ?>

+ <a href="?controller=action&amp;action=remove&amp;action_id=<?= $action['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= t('Access Forbidden') ?>

+ <?= Helper\form_csrf() ?>

+ <?= Helper\form_csrf() ?>

+ <a href="?controller=board&amp;action=moveUp&amp;project_id=<?= $project['id'] ?>&amp;column_id=<?= $column['id'].Helper\param_csrf() ?>"><?= t('Move Up') ?></a>

+ <a href="?controller=board&amp;action=moveDown&amp;project_id=<?= $project['id'] ?>&amp;column_id=<?= $column['id'].Helper\param_csrf() ?>"><?= t('Move Down') ?></a>

+ <?= Helper\form_csrf() ?>

+<?= Helper\js('assets/js/board.js') ?>

+ <a href="?controller=board&amp;action=remove&amp;column_id=<?= $column['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+<table id="board" data-project-id="<?= $current_project_id ?>" data-time="<?= time() ?>" data-check-interval="<?= BOARD_CHECK_INTERVAL ?>" data-csrf-token=<?= \Core\Security::getCSRFToken() ?>>

+ <?= Helper\form_csrf() ?>

+ <?= Helper\form_csrf() ?>

+ <a href="?controller=category&amp;action=remove&amp;project_id=<?= $project['id'] ?>&amp;category_id=<?= $category['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= Helper\form_csrf() ?>

+ <?= Helper\form_csrf() ?>

+ <h2><?= t('Remove a comment') ?></h2>

+ <a href="?controller=comment&amp;action=remove&amp;task_id=<?= $task['id'] ?>&amp;comment_id=<?= $comment['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= Helper\form_csrf() ?>

+

+ <li><a href="?controller=config&amp;action=tokens<?= Helper\param_csrf() ?>"><?= t('Reset all tokens') ?></a></li>

+ <a href="?controller=config&amp;action=downloadDb<?= Helper\param_csrf() ?>"><?= t('Download the database') ?></a>

+ <a href="?controller=config&amp;action=optimizeDb <?= Helper\param_csrf() ?>"><?= t('Optimize the database') ?></a>

+ <td><a href="?controller=config&amp;action=removeRememberMeToken&amp;id=<?= $session['id'].Helper\param_csrf() ?>"><?= t('Remove') ?></a></td>

+ <?= Helper\form_csrf() ?>

+ <div class="form-help"><?= t('Maximum size: ') ?><?= is_integer($max_size) ? Helper\format_bytes($max_size) : $max_size ?></div>

+ <a href="?controller=file&amp;action=remove&amp;task_id=<?= $task['id'] ?>&amp;file_id=<?= $file['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+<div class="page-header">

+ <h2><?= t('Attachments') ?></h2>

+</div>

+

+<ul class="task-show-files">

+<?php foreach ($files as $file): ?>

+ <li>

+ <a href="?controller=file&amp;action=download&amp;file_id=<?= $file['id'] ?>&amp;task_id=<?= $task['id'] ?>"><?= Helper\escape($file['name']) ?></a>

+ <span class="task-show-file-actions">

+ <?php if ($file['is_image']): ?>

+ <a href="?controller=file&amp;action=open&amp;file_id=<?= $file['id'] ?>&amp;task_id=<?= $task['id'] ?>" class="popover"><?= t('open') ?></a>,

+ <?php endif ?>

+ <a href="?controller=file&amp;action=confirm&amp;file_id=<?= $file['id'] ?>&amp;task_id=<?= $task['id'] ?>"><?= t('remove') ?></a>

+ </span>

+ </li>

+<?php endforeach ?>

+</ul> \ No newline at end of file

+ <?= Helper\js('assets/js/jquery-1.11.1.min.js') ?>

+ <?= Helper\js('assets/js/jquery-ui-1.10.4.custom.min.js') ?>

+ <?= Helper\js('assets/js/jquery.ui.touch-punch.min.js') ?>

+ <?= Helper\css('assets/css/app.css') ?>

+ <?= Helper\css('assets/css/font-awesome.min.css') ?>

+ <a href="?controller=user&amp;action=logout<?= Helper\param_csrf() ?>"><?= t('Logout') ?></a>

+ <?= Helper\form_csrf() ?>

+ <a href="?controller=project&amp;action=disable&amp;project_id=<?= $project['id'].Helper\param_csrf() ?>"><?= t('Disable') ?></a>

+ <a href="?controller=project&amp;action=enable&amp;project_id=<?= $project['id'].Helper\param_csrf() ?>"><?= t('Enable') ?></a>

+ <?= Helper\form_csrf() ?>

+ <a href="?controller=project&amp;action=remove&amp;project_id=<?= $project['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= Helper\form_csrf() ?>

+

+ (<a href="?controller=project&amp;action=revoke&amp;project_id=<?= $project['id'] ?>&amp;user_id=<?= $user_id.Helper\param_csrf() ?>"><?= t('revoke') ?></a>)

+<div class="page-header">

+ <h2><?= t('Add a sub-task') ?></h2>

+</div>

+

+<form method="post" action="?controller=subtask&amp;action=save&amp;task_id=<?= $task['id'] ?>" autocomplete="off">

+

+ <?= Helper\form_csrf() ?>

+

+ <?= Helper\form_hidden('task_id', $values) ?>

+

+ <?= Helper\form_label(t('Title'), 'title') ?>

+ <?= Helper\form_text('title', $values, $errors, array('required autofocus')) ?><br/>

+

+ <?= Helper\form_label(t('Assignee'), 'user_id') ?>

+ <?= Helper\form_select('user_id', $users_list, $values, $errors) ?><br/>

+

+ <?= Helper\form_label(t('Original Estimate'), 'time_estimated') ?>

+ <?= Helper\form_numeric('time_estimated', $values, $errors) ?> <?= t('hours') ?><br/>

+

+ <?= Helper\form_checkbox('another_subtask', t('Create another sub-task'), 1, isset($values['another_subtask']) && $values['another_subtask'] == 1) ?>

+

+ <div class="form-actions">

+ <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/>

+ <?= t('or') ?>

+ <a href="?controller=task&amp;action=show&amp;task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a>

+ </div>

+</form>

+<div class="page-header">

+ <h2><?= t('Edit a sub-task') ?></h2>

+</div>

+

+<form method="post" action="?controller=subtask&amp;action=update&amp;task_id=<?= $task['id'] ?>&amp;subtask_id=<?= $subtask['id'] ?>" autocomplete="off">

+

+ <?= Helper\form_csrf() ?>

+

+ <?= Helper\form_hidden('id', $values) ?>

+ <?= Helper\form_hidden('task_id', $values) ?>

+

+ <?= Helper\form_label(t('Title'), 'title') ?>

+ <?= Helper\form_text('title', $values, $errors, array('required autofocus')) ?><br/>

+

+ <?= Helper\form_label(t('Status'), 'status') ?>

+ <?= Helper\form_select('status', $status_list, $values, $errors) ?><br/>

+

+ <?= Helper\form_label(t('Assignee'), 'user_id') ?>

+ <?= Helper\form_select('user_id', $users_list, $values, $errors) ?><br/>

+

+ <?= Helper\form_label(t('Original Estimate'), 'time_estimated') ?>

+ <?= Helper\form_numeric('time_estimated', $values, $errors) ?> <?= t('hours') ?><br/>

+

+ <?= Helper\form_label(t('Time Spent'), 'time_spent') ?>

+ <?= Helper\form_numeric('time_spent', $values, $errors) ?> <?= t('hours') ?><br/>

+

+ <div class="form-actions">

+ <input type="submit" value="<?= t('Save') ?>" class="btn btn-blue"/>

+ <?= t('or') ?>

+ <a href="?controller=task&amp;action=show&amp;task_id=<?= $task['id'] ?>"><?= t('cancel') ?></a>

+ </div>

+</form>

+<div class="page-header">

+ <h2><?= t('Remove a sub-task') ?></h2>

+</div>

+

+<div class="confirm">

+ <p class="alert alert-info">

+ <?= t('Do you really want to remove this sub-task?') ?>

+ </p>

+

+ <p><strong><?= Helper\escape($subtask['title']) ?></strong></p>

+

+ <div class="form-actions">

+ <a href="?controller=subtask&amp;action=remove&amp;task_id=<?= $task['id'] ?>&amp;subtask_id=<?= $subtask['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= t('or') ?> <a href="?controller=task&amp;action=show&amp;task_id=<?= $task['id'] ?>#subtasks"><?= t('cancel') ?></a>

+ </div>

+</div> \ No newline at end of file

+<div class="page-header">

+ <h2><?= t('Sub-Tasks') ?></h2>

+</div>

+

+<?php

+

+$total_spent = 0;

+$total_estimated = 0;

+$total_remaining = 0;

+

+?>

+

+<table class="subtasks-table">

+ <tr>

+ <th width="40%"><?= t('Title') ?></th>

+ <th><?= t('Status') ?></th>

+ <th><?= t('Assignee') ?></th>

+ <th><?= t('Time tracking') ?></th>

+ <th><?= t('Actions') ?></th>

+ </tr>

+ <?php foreach ($subtasks as $subtask): ?>

+ <tr>

+ <td><?= Helper\escape($subtask['title']) ?></td>

+ <td><?= Helper\escape($subtask['status_name']) ?></td>

+ <td>

+ <?php if (! empty($subtask['username'])): ?>

+ <?= Helper\escape($subtask['username']) ?>

+ <?php endif ?>

+ </td>

+ <td>

+ <?php if (! empty($subtask['time_spent'])): ?>

+ <strong><?= Helper\escape($subtask['time_spent']).'h' ?></strong> <?= t('spent') ?>

+ <?php endif ?>

+

+ <?php if (! empty($subtask['time_estimated'])): ?>

+ <strong><?= Helper\escape($subtask['time_estimated']).'h' ?></strong> <?= t('estimated') ?>

+ <?php endif ?>

+ </td>

+ <td>

+ <a href="?controller=subtask&amp;action=edit&amp;task_id=<?= $task['id'] ?>&amp;subtask_id=<?= $subtask['id'] ?>"><?= t('Edit') ?></a>

+ <?= t('or') ?>

+ <a href="?controller=subtask&amp;action=confirm&amp;task_id=<?= $task['id'] ?>&amp;subtask_id=<?= $subtask['id'] ?>"><?= t('Remove') ?></a>

+ </td>

+ </tr>

+ <?php

+ $total_estimated += $subtask['time_estimated'];

+ $total_spent += $subtask['time_spent'];

+ $total_remaining = $total_estimated - $total_spent;

+ ?>

+ <?php endforeach ?>

+</table>

+

+<div class="subtasks-time-tracking">

+ <h4><?= t('Time tracking') ?></h4>

+ <ul>

+ <li><?= t('Estimate:') ?> <strong><?= Helper\escape($total_estimated) ?></strong> <?= t('hours') ?></li>

+ <li><?= t('Spent:') ?> <strong><?= Helper\escape($total_spent) ?></strong> <?= t('hours') ?></li>

+ <li><?= t('Remaining:') ?> <strong><?= Helper\escape($total_remaining > 0 ? $total_remaining : 0) ?></strong> <?= t('hours') ?></li>

+ </ul>

+</div> \ No newline at end of file

+ <a href="?controller=task&amp;action=close&amp;task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= Helper\form_csrf() ?>

+

+ <?= Helper\form_csrf() ?>

+

+

+<?= Helper\js('assets/js/task.js') ?>

+ <?= Helper\form_csrf() ?>

+

+ <a href="?controller=task&amp;action=open&amp;task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <a href="?controller=task&amp;action=remove&amp;task_id=<?= $task['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+ <?= Helper\template('file_show', array('task' => $task, 'files' => $files)) ?>

+</div>

+<?php endif ?>

+

+<?php if (! empty($subtasks)): ?>

+<div id="subtasks" class="task-show-section">

+ <?= Helper\template('subtask_show', array('task' => $task, 'subtasks' => $subtasks)) ?>

+ <li><a href="?controller=subtask&amp;action=create&amp;task_id=<?= $task['id'] ?>"><?= t('Add a sub-task') ?></a></li>

+ <?= Helper\form_csrf() ?>

+

+ <a href="?controller=user&amp;action=google<?= Helper\param_csrf() ?>"><?= t('Link my Google Account') ?></a>

+ <a href="?controller=user&amp;action=unlinkGoogle<?= Helper\param_csrf() ?>"><?= t('Unlink my Google Account') ?></a>

+ <?= Helper\form_csrf() ?>

+

+ <?= Helper\form_csrf() ?>

+

+ <a href="?controller=user&amp;action=remove&amp;user_id=<?= $user['id'].Helper\param_csrf() ?>" class="btn btn-red"><?= t('Yes') ?></a>

+function param_csrf()

+{

+ return '&amp;csrf_token='.\Core\Security::getCSRFToken();

+}

+

+function js($filename)

+{

+ return '<script type="text/javascript" src="'.$filename.'?'.filemtime($filename).'"></script>';

+}

+

+function css($filename)

+{

+ return '<link rel="stylesheet" href="'.$filename.'?'.filemtime($filename).'" media="screen">';

+}

+

+function form_csrf()

+{

+ return '<input type="hidden" name="csrf_token" value="'.\Core\Security::getCSRFToken().'"/>';

+}

+

+

+function form_numeric($name, $values = array(), array $errors = array(), array $attributes = array(), $class = '')

+{

+ return form_input('text', $name, $values, $errors, $attributes, $class.' form-numeric');

+}