0015538: Issues list is not displayed when $g_limit_reporters is ON - MantisBT - Signup temporarily disabled due to spam

ID	Project	Category	View Status	Date Submitted	Last Update

0015538	mantisbt	bugtracker	public	2013-02-24 16:56	2014-09-23 18:05

Reporter	viktor.minko	Assigned To	dregad
Priority	high	Severity	crash	Reproducibility	always
Status	closed	Resolution	fixed
Product Version	1.2.14
Target Version	1.2.15	Fixed in Version	1.2.15

Summary	0015538: Issues list is not displayed when $g_limit_reporters is ON
Description	When setting $g_limit_reporters = ON, the list of issues in view_all_bug page is not displayed. The log contains next error: PHP Fatal error: Unsupported operand types in /mantis/core/access_api.php on line 425
Steps To Reproduce	Set $g_limit_reporters = ON Log in as administrator Open view_all_bug.php
Additional Information	Error occurres in line: if ( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) && !access_has_project_level( $t_report_bug_threshold + 1, $t_project_id, $p_user_id ) ) { return false; } Suggested fix: if ( $t_limit_reporters && !bug_is_user_reporter( $p_bug_id, $p_user_id ) ) { if (is_int($t_report_bug_threshold) && !access_has_project_level( $t_report_bug_threshold[$i] + 1, $t_project_id, $p_user_id )) { return false; } else if (is_array($t_report_bug_threshold)) { for ($i=0; $i<count($t_report_bug_threshold); $i++) { if (!access_has_project_level( $t_report_bug_threshold[$i] + 1, $t_project_id, $p_user_id )) { return false; } } } }
Tags	No tags attached.

atrol 2013-02-24 17:46 developer ~0035294	viktor.minko, I was not able to reproduce your problem with a fresh install of the latest stable version of MantisBT (1.2.14 at the moment). Please provide detailed, step-by-step instructions to reproduce the issue. Additional information listed below may also be useful: Exact version of PHP, Database, Web server and Operating System Relevant customizations (e.g. changes in config_inc.php, etc) Installed plugins or custom functions ? Was the MantisBT source code modified in any way ? As I was not able to reproduce the issue I didn't have a deeper look, but this line of the suggested fix is wrong if (is_int($t_report_bug_threshold) && !access_has_project_level( $t_report_bug_threshold[$i] + 1, $t_project_id, $p_user_id )) { $i is not set at this place

viktor.minko 2013-02-24 18:00 reporter ~0035296	I will collect necessary info tomorrow. Yes my suggested fix wasn't tested and created on the fly. The idea is that $t_report_bug_threshold can be an array value, but in the current code we have: $t_report_bug_threshold + 1 which is incorrect operation if $t_report_bug_threshold is array.

dregad 2013-02-25 11:30 developer ~0035310	Confirmed. You need to set your workflow so that report_bug_threshold is an array, e.g. array ( 0 => 25, 1 => 55, 2 => 70, 3 => 90 ), and have in the issue list at least one issue which is not reported by the current user.

dregad 2013-02-25 12:04 developer ~0035311	Fixed. Please apply the attached patch manually or download the next nightly build, test and reopen this issue if the problem persists or you notice a regression.

dregad 2013-03-05 04:37 developer ~0035384	Just noticed through testing that in case $g_limit_reporters = ON and current user = administrator, the code incorrectly denies access to issues. This was likely introduced by d42e80c0. Patch follows.

grangeway 2013-04-05 17:56 reporter ~0036079	Marking as 'acknowledged' not resolved/closed to track that change gets ported to master-2.0.x branch

MantisBT: master-1.2.x b3276bbf 2013-02-25 12:01 dregad Details Diff	Fix crash when report_bug_threshold=array in access_has_bug_level When displaying a bug for which the user is not the reporter, $g_limit_reporters=ON and the workflow is set so report_bug_threshold is an array, MantisBT crashes with "PHP Fatal error: Unsupported operand types". This is due to use of '+ 1' to indicate that user should have the next higher access level to view the issue. We now use the same logic but within a foreach loop to check against each array element. Fixes 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master 957b3c09 2013-02-25 12:01 dregad Details Diff	Fix crash when report_bug_threshold=array in access_has_bug_level When displaying a bug for which the user is not the reporter, $g_limit_reporters=ON and the workflow is set so report_bug_threshold is an array, MantisBT crashes with "PHP Fatal error: Unsupported operand types". This is due to use of '+ 1' to indicate that user should have the next higher access level to view the issue. We now use the same logic but within a foreach loop to check against each array element. Fixes 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master-1.2.x d42e80c0 2013-02-26 11:11 dregad Details Diff	Optimize performance of access_has_bug_level() api function Through use of a static array to cache the reporter threshold when $g_limit_reporter = ON and more importantly reducing the total number of API calls, the performance of this function has been improved by 65% (stress tests executed over 2000 iterations, 0.34s vs 0.22s). Issue 0015538, follow up on b3276bbf50abdf53eaa9ef3b20ddb9461aaf1808		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master 5e145289 2013-02-26 11:11 dregad Details Diff	Optimize performance of access_has_bug_level() api function Through use of a static array to cache the reporter threshold when $g_limit_reporter = ON and more importantly reducing the total number of API calls, the performance of this function has been improved by 65% (stress tests executed over 2000 iterations, 0.34s vs 0.22s). Issue 0015538, follow up on b3276bbf50abdf53eaa9ef3b20ddb9461aaf1808		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master-1.2.x 9ec47a05 2013-02-27 05:46 dregad Details Diff	Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug as the final call to access_compare_level() inverted the 2 parameters which caused an incorrect return value to be returned in certain cases, incorrectly denying access to issues. Issue 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master 8ff13c0d 2013-02-27 05:46 dregad Details Diff	Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug as the final call to access_compare_level() inverted the 2 parameters which caused an incorrect return value to be returned in certain cases, incorrectly denying access to issues. Issue 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master f583a458 2013-02-27 05:46 dregad Details Diff	Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug in the call to access_compare_level() when access is limited to issue reporter (inverted parameters caused an incorrect access denied error). See also 9ec47a056156ac32e1f95cd0ec20d4db8bd54d3b. Issue 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File
MantisBT: master-1.2.x df411e20 2013-02-27 05:46 dregad Details Diff	Fix invalid access denied error caused by access_has_bug_level() Commit d42e80c01277eec37c7436a23ec72073c9961c49 changed the code in access_has_bug_level() function, and introduced a bug in the call to access_compare_level() when access is limited to issue reporter (inverted parameters caused an incorrect access denied error). See also 9ec47a056156ac32e1f95cd0ec20d4db8bd54d3b. Issue 0015538		Affected Issues 0015538
	mod - core/access_api.php		Diff File