}
echo "<input type='hidden' name='draftid' id='draftid' value='{$localdraft}' />";
echo "<input type='hidden' name='storepriority' value='" . incident_priority($id) . "' />";
echo "<input type='submit' name='submit' value='{$GLOBALS['strUpdateIncident']}' /></p>";
echo "</form>";
}
if (empty($action)) {
$sql = "SELECT * FROM `{$dbDrafts}` WHERE type = 'update' AND userid = '{$sit[2]}' AND incidentid = '{$id}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
include APPLICATION_INCPATH . 'incident_html_top.inc.php';
if (mysql_num_rows($result) > 0) {
echo "<h2>{$title}</h2>";
echo display_drafts('update', $result);
echo "<p align='center'><a href='" . $_SERVER['PHP_SELF'] . "?action=newupdate&id={$id}'>{$strUpdateNewUpdate}</a></p>";
} else {
//No previous updates - just display the page
display_update_page();
}
} else {
if ($action == "editdraft") {
include APPLICATION_INCPATH . 'incident_html_top.inc.php';
$draftid = cleanvar($_REQUEST['draftid']);
display_update_page($draftid);
} else {
if ($action == "deletedraft") {
$draftid = cleanvar($_REQUEST['draftid']);
if ($draftid != -1) {
$sql = "DELETE FROM `{$dbDrafts}` WHERE id = {$draftid}";
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_ERROR);
}
}
html_redirect("incident_email.php?id={$id}");
exit;
}
$sql = "SELECT * FROM `{$dbDrafts}` WHERE type = 'email' AND userid = '{$sit[2]}' AND incidentid = '{$id}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) > 0) {
include APPLICATION_INCPATH . 'incident_html_top.inc.php';
echo "<h2>{$title}</h2>";
echo display_drafts('email', $result);
echo "<p align='center'><a href='" . $_SERVER['PHP_SELF'] . "?step=1&id={$id}'>{$strNewEmail}</a></p>";
include APPLICATION_INCPATH . 'incident_html_bottom.inc.php';
exit;
} else {
$step = 1;
}
}
switch ($step) {
case 1:
// show form 1
include APPLICATION_INCPATH . 'incident_html_top.inc.php';
?>
<script type="text/javascript">
//<