Generate individual project id

Get help from other users here.

Moderators: Developer, Contributor

Post Reply
truefriend-cz
Posts: 65
Joined: Jan 08, 2019 2:14 am

Generate individual project id

Post by truefriend-cz » Jan 21, 2019 11:04 pm

Hi all..

Is that possible to generate individually project id ??
I suppose I will have to change code. Where is this funtion in scripts for set new number for new projects ??

thanx..wait for rly.. :)
Mantis version: 2.19.0, OS: Windows, PHP: 7.3, Charset (PHP, Database): UTF-8, and: little, bad english

atrol
Site Admin
Posts: 7689
Joined: Mar 26, 2008 4:37 pm
Location: Germany

Re: Generate individual project id

Post by atrol » Jan 22, 2019 2:30 am

truefriend-cz wrote:
Jan 21, 2019 11:04 pm
Where is this funtion in scripts for set new number for new projects ??
There is no function in Mantis for it. The project id is set by using the functionality of the underlying database engine (MySQL, Oracle, ...) to create unique keys.
It's part of the database schema definition.
https://github.com/mantisbt/mantisbt/bl ... a.php#L284
Please use Search before posting and read the Manual

Starbuck
Posts: 180
Joined: Feb 13, 2006 9:53 pm
Location: USA
Contact:

Re: Generate individual project id

Post by Starbuck » Jan 23, 2019 2:58 pm

I think this is part of the code you're looking for:
https://github.com/mantisbt/mantisbt/bl ... i.php#L337

Code: Select all

function project_create( $p_name, $p_description, $p_status...
...
$t_query = 'INSERT INTO {project}
   ( name, status, enabled, view_state, file_path, description, inherit_global )
VALUES
   ( ' . db_param() . ', ' . db_param() ....
db_query( $t_query, array( $p_name, ...
# return the id of the new project
return db_insert_id( db_get_table( 'project' ) );
So you see, the table ID is returned by the code that @atrol provided, and the project API is "passive" about how that ID is generated.
If you need to provide your own project ID, you will need to pass the ID into a new overload of the project_create method, and modify the table schema so that it doesn't AUTOINCREMENT. That would not be a good mod.

I recommend creating a separate index/table where the system still returns its own internal ID, but you map your ID as a custom field to the generated project IDs. Many changes will be required to support that but I think it would be a neat enhancement. This system has a sort of inherent fault, which is that it uses random numbers as user-facing identifiers. That's like using a telephone number, name, or other data About a person as a table key - and then we need extra code to change keys throughout the system. The better way is to use completely meaningless unique identifiers for internal purposes, and then to allow the application to associate metadata with whose IDs. Then it's painless to change the metadata, because it's just another data field, not a primary key. As an example, WordPress associates a "slug" with all post types, so that we can refer to pages by name, and slugs can be changed without changing the underlying table record ID. But note that in MantisBT, we don't login with a record key or refer to people as @23, we login with our user ID and refer to people by @name.

Again, the main point here is that MantisBT exposes most of its primary IDs to the UI. To my knowledge there isn't a function like ui_from_id(type,internal_id) which will translate IDs for projects, bugs, users, etc. ... With this function we would need a corresponding id_from_ui(type,external_id) which, for example, will return the internal project ID from the user-facing ID. Doing this would require mass changes everywhere, in all places where an ID is displayed, rather than foo->id we would need to substitute ui_from_id(foo->id). The ID passed into the system from links would still need to be the internal ID.

I haven't looked at the mechanism for creating tags but if that table is also using Integer AUTOINCREMENT I believe there would be elegance to duplicating how tags are used. And I don't recall the feature but I thought we could associate custom names with tickets as well. Maybe that was a plugin. But what I'm suggesting is that there is already a pattern in MantisBT or doing this kind of thing. You might need to just find it and repurpose that pattern for project.

HTH
If you want Mantis to work differently, use or create a plugin. Visit the Plugins forums.
Ask developers to create a plugin that you need - and motivate them to help you!

truefriend-cz
Posts: 65
Joined: Jan 08, 2019 2:14 am

Re: Generate individual project id

Post by truefriend-cz » Jan 23, 2019 3:49 pm

It was about hiding in the URL (as GET) for anonymous user. I do not want to modify the Mantis encoding much - With the database I'm working very little. I'm not an expert.
I solved the problem by changing a few files:

Changing this in login.php:

Code: Select all

print_header_redirect( $t_redirect_url );
to:

Code: Select all

if( isset( $_GET['project_id'] ) ) {
	$selector = 'ID';
	$check_db_exist == '';
	if( mb_substr($_GET['project_id'], 0, strlen($selector)) == $selector ) {
		$project_id_encrypted = ltrim($_GET['project_id'], $selector);
		$project_id_decrypted = openssl_decrypt(hex2bin($project_id_encrypted), 'AES-128-CBC', 'PrivateKey');
	} else {
		$check_db_exist = db_fetch_array(db_query('SELECT COUNT(*) as result FROM {project} WHERE id = '.$_GET['project_id']));
	}
	$check_db_exist = $check_db_exist['result'];
	
	if( $check_db_exist == '1' ) {
		$project_id_encrypted = bin2hex(openssl_encrypt($_GET['project_id'], 'AES-128-CBC', 'PrivateKey'));
		$project_id_decrypted = openssl_decrypt(hex2bin($project_id_encrypted), 'AES-128-CBC', 'PrivateKey');
	
		$file = fopen($g_absolute_path.'/config/DecpryptTable.txt', 'w+');
		fwrite($file, 'Project name: ' . project_get_name ( $project_id_decrypted ) . PHP_EOL);
		fwrite($file, 'Decrypted ID: ' . $project_id_decrypted . PHP_EOL);
		fwrite($file, 'Encrypted ID: ID' . $project_id_encrypted . PHP_EOL);
		fclose($file);
		echo 'Created info file';
		exit();
	}
	if( $check_db_exist == '0' ) {
		exit();
	}


	if( $_GET['action'] == "add" ) {
		gpc_clear_cookie( 'MANTIS_PROJECT_COOKIE' );
		gpc_clear_cookie( 'MANTIS_secure_session' );
		gpc_set_cookie( 'MANTIS_PROJECT_COOKIE', $project_id_decrypted, true );
		print_header_redirect( 'bug_report_page.php' );
	} elseif ( $_GET['action'] == "view" ) {
		gpc_clear_cookie( 'MANTIS_PROJECT_COOKIE' );
		gpc_clear_cookie( 'MANTIS_secure_session' );
		gpc_set_cookie( 'MANTIS_PROJECT_COOKIE', $project_id_decrypted, true );
		print_header_redirect( 'view_all_bug_page.php' );
	} else {
		gpc_clear_cookie( 'MANTIS_PROJECT_COOKIE' );
		gpc_clear_cookie( 'MANTIS_secure_session' );
		gpc_set_cookie( 'MANTIS_PROJECT_COOKIE', $project_id_decrypted, true );
		print_header_redirect( 'view_all_bug_page.php' );
	}
} else {
	if( isset( $_SESSION['user_interactions'] ) AND $f_username == 'anonymous' ) {
		end($_SESSION['user_interactions']);
		$t_logout_redirect = auth_logout_redirect_page();
		auth_logout();
		print_header_redirect( $t_logout_redirect, true, false );
	} else {
		end($_SESSION['user_interactions']);
		print_header_redirect( $t_redirect_url );
//		exit();
	}
}
add to .htaccess:

Code: Select all

RewriteRule ^bugs/add-(.*) /bugs/login.php?username=anonymous&perm_login=false&action=add&project_id=$1
RewriteRule ^bugs/view-(.*) /bugs/login.php?username=anonymous&perm_login=false&action=view&project_id=$1
Accessed from anonymous user as crypted link:

Code: Select all

http://www.domain.tld/bugs/add-ID89278d97289s472r0482094
http://www.domain.tld/bugs/view-ID89278d97289s472r0482094
I dont use anonymous user as standart function ($g_allow_anonymous_login = ON; $g_anonymous_account = 'anonymous';) but it is standart user (due to this problem: https://mantisbt.org/bugs/view.php?id=25184).

---
When I access the exist project_id directly as...:

Code: Select all

http://www.domain.tld/bugs/login.php?username=anonymous&perm_login=false&action=add&project_id=5
http://www.domain.tld/bugs/login.php?username=anonymous&perm_login=false&action=view&project_id=5
or
http://www.domain.tld/bugs/add-5
http://www.domain.tld/bugs/view-5
...then generated txt file in conf directory with crypted string. If not exist in database script is exited.
---
For better changing projects i must changed too bug_report_page.php ... $g_allow_browser_cache = 1; to $g_allow_browser_cache = 0;
---
For block anonymous login from login_page.php i changed end to login_page.php this:

Code: Select all

<?php
session_start(); 
$_SESSION['user_interactions'][] = $_SERVER['HTTP_REFERER'];
layout_login_page_end();
Mantis version: 2.19.0, OS: Windows, PHP: 7.3, Charset (PHP, Database): UTF-8, and: little, bad english

Post Reply