WIP: Project id by query string

account_page.php

@@ -125,7 +125,7 @@
 	<div class="space-10"></div>
 
 <div id="account-update-div" class="form-container">
-	<form id="account-update-form" method="post" action="account_update.php">
+	<form id="account-update-form" method="post" action="<?php echo helper_mantis_url("account_update.php"); ?>">
 
 <div class="widget-box widget-color-blue2">
 	<div class="widget-header widget-header-small">
@@ -320,7 +320,7 @@
 
 <!-- Delete Button -->
 <div class="form-container">
-	<form method="post" action="account_delete.php">
+	<form method="post" action="<?php echo helper_mantis_url("account_delete.php"); ?>">
 		<fieldset>
 			<?php echo form_security_field( 'account_delete' ) ?>
 			<input type="submit" class="btn btn-primary btn-white btn-round" value="<?php echo lang_get( 'delete_account_button' ) ?>" />

account_prefs_inc.php

@@ -67,9 +67,9 @@ function edit_account_prefs( $p_user_id = null, $p_error_if_protected = true, $p
 		$p_user_id = auth_get_current_user_id();
 	}
 
-	$t_redirect_url = $p_redirect_url;
+	$t_redirect_url = helper_mantis_url($p_redirect_url);
 	if( is_blank( $t_redirect_url ) ) {
-		$t_redirect_url = 'account_prefs_page.php';
+		$t_redirect_url = helper_mantis_url('account_prefs_page.php');
 	}
 
 	# protected account check
@@ -106,7 +106,7 @@ function edit_account_prefs( $p_user_id = null, $p_error_if_protected = true, $p
 	<div class="widget-body">
 		<div class="widget-main no-padding">
 			<div id="account-prefs-update-div" class="form-container">
-				<form id="account-prefs-update-form" method="post" action="account_prefs_update.php" class="form-inline">
+				<form id="account-prefs-update-form" method="post" action="<?php echo helper_mantis_url("account_prefs_update.php"); ?>" class="form-inline">
 					<fieldset>
 						<?php echo form_security_field( 'account_prefs_update' ) ?>
 						<input type="hidden" name="user_id" value="<?php echo $p_user_id ?>" />
@@ -407,7 +407,7 @@ class="btn btn-primary btn-white btn-round">
 
 <?php
 	print_form_button(
-		'account_prefs_reset.php',
+		helper_mantis_url('account_prefs_reset.php'),
 		lang_get( 'reset_prefs_button' ),
 		array( 'user_id' => $p_user_id, 'redirect_url' => $t_redirect_url ),
 		null,

account_prof_edit_page.php

@@ -92,7 +92,7 @@
 
 <div class="col-md-12 col-xs-12">
 	<div class="space-10"></div>
-	<form method="post" action="account_prof_update.php">
+	<form method="post" action="<?php echo helper_mantis_url("account_prof_update.php"); ?>">
 		<?php  echo form_security_field( 'account_prof_update' )?>
 		<input type="hidden" name="action" value="update" />
 		<input type="hidden" name="profile_id" value="<?php echo $v_id ?>" />

account_prof_menu_page.php

@@ -234,7 +234,7 @@
 
 <div class="space-10"></div>
 <div id="account-profile-div" class="form-container">
-	<form id="account-profile-form" method="post" action="account_prof_update.php">
+	<form id="account-profile-form" method="post" action="<?php echo helper_mantis_url("account_prof_update.php"); ?>">
 		<fieldset>
 			<?php  echo form_security_field( 'account_prof_update' )?>
 			<input type="hidden" name="action" value="add" />

account_sponsor_page.php

@@ -265,7 +265,7 @@
 <!-- # Edit sponsorship Form BEGIN -->
 <br />
 <div>
-<form method="post" action="account_sponsor_update.php">
+<form method="post" action="<?php echo helper_mantis_url("account_sponsor_update.php"); ?>">
 <?php echo form_security_field( 'account_sponsor_update' ) ?>
 <table class="width100" cellspacing="1">
 	<colgroup>

account_sponsor_update.php

@@ -79,7 +79,7 @@
 
 form_security_purge( 'account_sponsor_update' );
 
-$t_redirect_url = 'account_sponsor_page.php';
+$t_redirect_url = helper_mantis_url('account_sponsor_page.php');
 layout_page_header( null, $t_redirect_url );
 
 layout_page_begin();

account_update.php

@@ -81,7 +81,7 @@
 $f_password        	= gpc_get_string( 'password', '' );
 $f_password_confirm	= gpc_get_string( 'password_confirm', '' );
 
-$t_redirect_url = 'index.php';
+$t_redirect_url = helper_mantis_url('index.php');
 
 $t_update_email = false;
 $t_update_password = false;

adm_config_page.php

@@ -140,7 +140,7 @@
 	<div class="space-10"></div>
 
 	<div id="config-edit-div">
-		<form id="config_set_form" method="post" action="<?php echo ( $t_modify? 'adm_config_set.php' : '' ) ?>">
+		<form id="config_set_form" method="post" action="<?php echo helper_mantis_url( $t_modify? 'adm_config_set.php' : '' ) ?>">
 
 			<!-- Title -->
 			<div class="widget-box widget-color-blue2">

adm_config_report.php

@@ -329,7 +329,7 @@ function check_config_value( $p_config ) {
 <div class="widget-main no-padding">
 	<div class="widget-toolbox padding-8 clearfix">
 		<?php
-		$t_url_new = 'adm_config_page.php?action=' . MANAGE_CONFIG_ACTION_CREATE;
+		$t_url_new = helper_mantis_url( 'adm_config_page.php?action=' . MANAGE_CONFIG_ACTION_CREATE );
 		$t_label = lang_get( 'set_configuration_option_action_' . MANAGE_CONFIG_ACTION_CREATE );
 		print_link_button( $t_url_new, $t_label );
 

admin/move_attachments_page.php

@@ -114,7 +114,7 @@ function get_attachment_stats( $p_file_type, $p_in_db ) {
 <div class="widget-body">
 	<div class="widget-main no-padding">
 
-<form name="move_attachments_project_select" method="post" action="move_attachments.php">
+<form name="move_attachments_project_select" method="post" action="<?php echo helper_mantis_url( 'move_attachments.php' ); ?>">
 <div class="table-responsive">
 <table class="table table-bordered table-condensed table-hover table-striped">
 	<thead>

api_tokens_page.php

@@ -53,7 +53,7 @@
 	<div class="space-10"></div>
 
 <div id="api-token-create-div" class="form-container">
-	<form id="account-create-api-token-form" method="post" action="api_token_create.php">
+	<form id="account-create-api-token-form" method="post" action="<?php echo helper_mantis_url("api_token_create.php"); ?>">
 
 <div class="widget-box widget-color-blue2">
 	<div class="widget-header widget-header-small">
@@ -145,7 +145,7 @@
 				<td><?php echo string_display_line( $u_date_created ) ?></td>
 				<td><?php echo string_display_line( $u_date_used ) ?></td>
 				<td>
-					<form id="revoke-api-token-form" method="post" action="api_token_revoke.php">
+					<form id="revoke-api-token-form" method="post" action="<?php echo helper_mantis_url("api_token_revoke.php"); ?>">
 						<?php echo form_security_field( 'revoke_api_token_form' ); ?>
 						<fieldset>
 							<input id="token_id" type="hidden" name="token_id" value="<?php echo $u_id ; ?>" />

browser_search_plugin.php

@@ -48,7 +48,7 @@
 if( $f_type == 'id' ) {
 	$t_url = $t_path . 'view.php?id={searchTerms}';
 } else {
-	$t_url = $t_path . 'view_all_set.php?type=' . FILTER_ACTION_PARSE_NEW . '&temporary=y&handler_id=[all]&search={searchTerms}';
+	$t_url = $t_path . helper_mantis_url('view_all_set.php?type=' . FILTER_ACTION_PARSE_NEW . '&temporary=y&handler_id=[all]&search={searchTerms}');
 }
 
 header( 'Content-Type: application/opensearchdescription+xml' );

bug_actiongroup.php

@@ -347,11 +347,13 @@
 
 form_security_purge( $t_form_name );
 
+$t_redirect_url = helper_mantis_url('view_all_bug_page.php');
+
 if( count( $t_failed_ids ) > 0 ) {
 	require_css( 'status_config.php' );
 	bug_group_action_print_top();
 	bug_group_action_print_results( $t_failed_ids );
 	bug_group_action_print_bottom();
 } else {
-	print_header_redirect( 'view_all_bug_page.php' );
+	print_header_redirect( $t_redirect_url );
 }

bug_actiongroup_ext_page.php

@@ -61,7 +61,7 @@
 <div class="col-md-12 col-xs-12">
 
 <div id="action-group-div" class="form-container" >
-<form method="post" action="bug_actiongroup_ext.php">
+<form method="post" action="<?php echo helper_mantis_url("bug_actiongroup_ext.php"); ?>">
 	<?php echo form_security_field( $t_form_name ); ?>
 	<input type="hidden" name="action" value="<?php echo string_attribute( $t_external_action ) ?>" />
 	<div class="widget-box widget-color-blue2">

bug_actiongroup_page.php

@@ -269,7 +269,7 @@
 }
 ?>
 <div id="action-group-div" class="form-container">
-	<form method="post" action="bug_actiongroup.php">
+	<form method="post" action="<?php echo helper_mantis_url("bug_actiongroup.php"); ?>">
 		<?php echo form_security_field( $t_form_name ); ?>
 		<input type="hidden" name="action" value="<?php echo string_attribute( $f_action ) ?>" />
 <?php

bug_change_status_page.php

@@ -128,7 +128,7 @@
 <div class="col-md-12 col-xs-12">
 
 	<div id="bug-change-status-div" class="form-container">
-	<form id="bug-change-status-form" name="bug_change_status_form" method="post" action="bug_update.php">
+	<form id="bug-change-status-form" name="bug_change_status_form" method="post" action="<?php echo helper_mantis_url("bug_update.php"); ?>">
 
 	<fieldset>
 

bug_monitor_list_view_inc.php

@@ -0,0 +1,122 @@
+<?php
+# MantisBT - A PHP based bugtracking system
+
+# MantisBT is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 2 of the License, or
+# (at your option) any later version.
+#
+# MantisBT is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+#
+# You should have received a copy of the GNU General Public License
+# along with MantisBT.  If not, see <http://www.gnu.org/licenses/>.
+
+/**
+ * This include file prints out the list of users monitoring the current
+ * bug.	$f_bug_id must be set and be set to the bug id
+ *
+ * @package MantisBT
+ * @copyright Copyright 2000 - 2002  Kenzaburo Ito - kenito@300baud.org
+ * @copyright Copyright 2002  MantisBT Team - mantisbt-dev@lists.sourceforge.net
+ * @link http://www.mantisbt.org
+ *
+ * @uses access_api.php
+ * @uses collapse_api.php
+ * @uses config_api.php
+ * @uses database_api.php
+ * @uses form_api.php
+ * @uses helper_api.php
+ * @uses lang_api.php
+ * @uses print_api.php
+ * @uses user_api.php
+ */
+
+if( !defined( 'BUG_MONITOR_LIST_VIEW_INC_ALLOW' ) ) {
+	return;
+}
+
+require_api( 'access_api.php' );
+require_api( 'collapse_api.php' );
+require_api( 'config_api.php' );
+require_api( 'database_api.php' );
+require_api( 'form_api.php' );
+require_api( 'helper_api.php' );
+require_api( 'lang_api.php' );
+require_api( 'print_api.php' );
+require_api( 'user_api.php' );
+
+if( access_has_bug_level( config_get( 'show_monitor_list_threshold' ), $f_bug_id ) ) {
+	$t_users = bug_get_monitors( $f_bug_id );
+	$t_num_users = sizeof( $t_users );
+
+	echo '<div class="col-md-12 col-xs-12">';
+	echo '<a id="monitors"></a>';
+	echo '<div class="space-10"></div>';
+
+	$t_collapse_block = is_collapsed( 'monitoring' );
+	$t_block_css = $t_collapse_block ? 'collapsed' : '';
+	$t_block_icon = $t_collapse_block ? 'fa-chevron-down' : 'fa-chevron-up';
+?>
+<div id="monitoring" class="widget-box widget-color-blue2 <?php echo $t_block_css ?>">
+	<div class="widget-header widget-header-small">
+		<h4 class="widget-title lighter">
+			<i class="ace-icon fa fa-users"></i>
+			<?php echo lang_get( 'users_monitoring_bug' ) ?>
+		</h4>
+		<div class="widget-toolbar">
+			<a data-action="collapse" href="#">
+				<i class="1 ace-icon fa <?php echo $t_block_icon ?> bigger-125"></i>
+			</a>
+		</div>
+	</div>
+
+	<div class="widget-body">
+		<div class="widget-main no-padding">
+
+			<div class="table-responsive">
+				<table class="table table-bordered table-condensed table-striped">
+<tr>
+	<th class="category" width="15%">
+		<?php echo lang_get( 'monitoring_user_list' ); ?>
+	</th>
+	<td>
+<?php
+		if( 0 == $t_num_users ) {
+			echo lang_get( 'no_users_monitoring_bug' );
+		} else {
+			$t_can_delete_others = access_has_bug_level( config_get( 'monitor_delete_others_bug_threshold' ), $f_bug_id );
+	 		for( $i = 0; $i < $t_num_users; $i++ ) {
+				echo ($i > 0) ? ', ' : '';
+				print_user( $t_users[$i] );
+				if( $t_can_delete_others ) {
+					echo ' <a class="btn btn-xs btn-primary btn-white btn-round" href="' . helper_mantis_url( 'bug_monitor_delete.php' ) . '?bug_id=' . $f_bug_id . '&amp;user_id=' . $t_users[$i] . htmlspecialchars(form_security_param( 'bug_monitor_delete' )) . '"><i class="fa fa-times"></i></a>';
+				}
+	 		}
+		}
+
+		if( access_has_bug_level( config_get( 'monitor_add_others_bug_threshold' ), $f_bug_id ) ) {
+?>
+		<br /><br />
+		<form method="get" action="<?php echo helper_mantis_url("bug_monitor_add.php"); ?>" class="form-inline noprint">
+		<?php echo form_security_field( 'bug_monitor_add' ) ?>
+			<input type="hidden" name="bug_id" value="<?php echo (integer)$f_bug_id; ?>" />
+			<label for="bug_monitor_list_username"><?php echo lang_get( 'username' ) ?></label>
+			<input type="text" class="input-sm" id="bug_monitor_list_username" name="username" />
+			<input type="submit" class="btn btn-primary btn-sm btn-white btn-round" value="<?php echo lang_get( 'add_user_to_monitor' ) ?>" />
+		</form>
+		<?php } ?>
+	</td>
+</tr>
+</table>
+</div>
+</div>
+</div>
+</div>
+</div>
+
+<?php
+} # show monitor list
+

bug_reminder_page.php

@@ -74,7 +74,7 @@
 <?php # Send reminder Form BEGIN ?>
 
 <div id="send-reminder-div" class="col-md-12 col-xs-12">
-<form method="post" action="bug_reminder.php">
+<form method="post" action="<?php echo helper_mantis_url("bug_reminder.php"); ?>">
 <?php echo form_security_field( 'bug_reminder' ) ?>
 <input type="hidden" name="bug_id" value="<?php echo $f_bug_id ?>" />
 <div class="widget-box widget-color-blue2">

bug_report.php

@@ -293,7 +293,7 @@
 
 $t_buttons = array(
 	array( string_get_bug_view_url( $t_issue_id ), sprintf( lang_get( 'view_submitted_bug_link' ), $t_issue_id ) ),
-	array( 'view_all_bug_page.php', lang_get( 'view_bugs_link' ) ),
+	array( helper_mantis_url( 'view_all_bug_page.php' ), lang_get( 'view_bugs_link' ) ),
 );
 
 if( $f_report_stay ) {

bug_report_page.php

@@ -242,7 +242,7 @@
 <div class="col-md-12 col-xs-12">
 <form id="report_bug_form"
 	method="post" <?php echo $t_form_encoding; ?>
-	action="bug_report.php">
+	action="<?php echo helper_mantis_url( 'bug_report.php' ); ?>">
 <?php echo form_security_field( 'bug_report' ) ?>
 <input type="hidden" name="m_id" value="<?php echo $f_master_bug_id ?>" />
 <input type="hidden" name="project_id" value="<?php echo $t_project_id ?>" />

bug_revision_view_page.php

@@ -215,9 +215,9 @@ function show_revision( array $p_revision ) {
 					<div class="btn-group pull-right">
 <?php
 if( !$f_bug_id && !$f_bugnote_id ) {
-	print_small_button( '?bug_id=' . $t_bug_id, lang_get( 'all_revisions' ) );
+	print_small_button( helper_mantis_url('?bug_id=' . $t_bug_id), lang_get( 'all_revisions' ) );
 }
-print_small_button( 'view.php?id=' . $t_bug_id, lang_get( 'back_to_issue' ) );
+print_small_button( helper_mantis_url('view.php?id=' . $t_bug_id), lang_get( 'back_to_issue' ) );
 ?>
 					</div>
 				</div>

bug_sponsorship_list_view_inc.php

@@ -106,7 +106,7 @@
 	<tr>
 		<th class="category" width="15%"><?php echo lang_get( 'sponsor_issue' ) ?></th>
 		<td>
-			<form method="post" action="bug_set_sponsorship.php">
+			<form method="post" action="<?php echo helper_mantis_url("bug_set_sponsorship.php"); ?>">
 				<?php echo form_security_field( 'bug_set_sponsorship' ) ?>
 				<?php echo sponsorship_get_currency() ?>
 				<input type="hidden" name="bug_id" value="<?php echo $f_bug_id ?>" size="4" />

bug_update_page.php

@@ -160,7 +160,7 @@
 ?>
 <div class="col-md-12 col-xs-12">
 <div id="bug-update" class="form-container">
-	<form id="update_bug_form" method="post" action="bug_update.php">
+	<form id="update_bug_form" method="post" action="<?php echo helper_mantis_url("bug_update.php"); ?>">
 		<?php echo form_security_field( 'bug_update' ); ?>
 		<input type="hidden" name="bug_id" value="<?php echo $t_bug_id ?>" />
         <input type="hidden" name="last_updated" value="<?php echo $t_bug->last_updated ?>" />