function get_download_type_icon($id_type)
{
$type = get_db_row("tdownload_type", "id", $id_type);
if ($type) {
$image = print_image("images/download_type/" . $type["icon"], true, array('title' => safe_output($type["name"]), 'alt' => ''));
} else {
$image = print_image("images/download_type/default.png", true, array('title' => __('Without type'), 'alt' => ''));
}
return $image;
}
/**
* Sends an email to a group.
*
* If the group doesn't have an email configured, the email is only sent
* to the default user.
*
* @param int Group id.
* @param string Email subject.
* @param string Email body.
*/
function send_group_email($id_group, $subject, $body)
{
$group = get_db_row("tgrupo", "id_grupo", $id_group);
$name = $group['nombre'];
$email = $group['email'];
/* If the group has no email, use the email of the risponsable */
if ($email == '') {
$email = get_user_email($group['id_user_default']);
}
integria_sendmail($email, $subject, $body);
}
function check_workunit_permission($id_workunit)
{
global $config;
// Delete workunit with ACL / Project manager check
$workunit = get_db_row('tworkunit', 'id', $id_workunit);
if ($workunit === false) {
return false;
}
$id_user = $workunit["id_user"];
$id_task = get_db_value("id_task", "tworkunit_task", "id_workunit", $workunit["id"]);
$id_project = get_db_value("id_project", "ttask", "id", $id_task);
if ($id_user != $config["id_user"] && !give_acl($config["id_user"], 0, "PM") && !project_manager_check($id_project)) {
return false;
}
return true;
}
/**
* Sends an email to a group.
*
* If the group doesn't have an email configured, the email is only sent
* to the default user.
*
* @param int Group id.
* @param string Email subject.
* @param string Email body.
*/
function send_group_email($id_group, $subject, $body)
{
$group = get_db_row("tgrupo", "id_grupo", $id_group);
$name = $group['nombre'];
$emails_group = $group['email_group'];
$emails_forced_email = $group['forced_email'];
/* If the group has no email, use the email of the risponsable */
$email = get_user_email($group['id_user_default']);
integria_sendmail($email, $subject, $body, false, "", $group['email_from']);
if ($emails_group == '') {
$email_group = explode(',', $emails_group);
foreach ($email_group as $k) {
integria_sendmail($k, $subject, $body, false, "", $group['email_from']);
}
}
}
public function loadWithID($id)
{
$result = false;
if (!empty($id) && is_numeric($id)) {
$fileRow = get_db_row(self::$dbTable, 'id_attachment', $id);
if (!empty($fileRow)) {
$this->id = $id;
$this->description = (string) safe_output($fileRow['description']);
$this->uploader = (string) safe_output($fileRow['id_usuario']);
$this->created = !empty($fileRow['timestamp']) ? strtotime($fileRow['timestamp']) : false;
$this->name = (string) safe_output($fileRow['filename']);
$this->publicKey = (string) safe_output($fileRow['public_key']);
// File info
if (!empty($fileRow) && !empty($this->uploader)) {
$filename = (string) safe_output($fileRow['filename']);
if (!empty($filename)) {
$this->loadFileInfo(self::$fileSharingDir . "/" . $this->uploader . "/" . $this->id . "_" . $filename);
}
$result = true;
}
}
}
return $result;
}
break;
case "details":
echo strtoupper(__('Contact details'));
break;
case "incidents":
echo strtoupper(__('Tickets'));
break;
case "inventory":
echo strtoupper(__('Inventory'));
break;
default:
echo strtoupper(__('Details'));
}
echo '</li>';
echo '</ul>';
$contact = get_db_row('tcompany_contact', 'id', $id);
echo '<div class="under_tabs_info">' . sprintf(__('Contact: %s'), $contact['fullname']) . '</div>';
}
switch ($op) {
case "incidents":
include "contact_incidents.php";
break;
case "inventory":
include "contact_inventory.php";
break;
case "details":
include "contact_manage.php";
break;
case "files":
include "contact_files.php";
break;
include_once ("include/functions_graph.php");
check_login ();
$id_grupo = "";
$creacion_incidente = "";
$id = (int) get_parameter ('id');
$clean_output = get_parameter('clean_output');
if (! $id) {
require ("general/noaccess.php");
exit;
}
$incident = get_db_row ('tincidencia', 'id_incidencia', $id);
//user with IR and incident creator see the information
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
$standalone_check = enterprise_hook("manage_standalone", array($incident));
if (($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl) || ($standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check)) {
audit_db ($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to ticket #".$id);
include ("general/noaccess.php");
exit;
}
//Clean output we need to print incident title header :)
if ($clean_output) {
echo '<h1 class="ticket_clean_report_title">'.__("Statistics")."</h1>";
}
if (!$standard_encoding){
if($os_csv != "W"){
echo mb_convert_encoding($line, 'UTF-16LE', 'UTF-8'). "\n";
} else {
echo $line . "\n";
}
}else{
echo $line . "\n";
}
}
exit;
}
if ($render_html == 1){
$report = get_db_row ('tinventory_reports', 'id', $id);
if ($report === false)
return;
ini_set ("memory_limit", "3072M");
ini_set ("max_execution_time", 600);
echo "<h2>".__('Custom report')."</h2>";
echo "<h4>".$report['name'];
echo "<div id='button-bar-title'><ul>";
echo "<li><a href='index.php?sec=projects&sec2=operation/inventories/inventory_reports'>".print_image ("images/flecha_volver.png", true, array("title" => __("Back to Report")))."</a></li>";
echo "</ul></div>";
echo "</h4>";
$config['mysql_result_type'] = MYSQL_ASSOC;
$rows = get_db_all_rows_sql (clean_output ($report['sql']));
function mail_workorder($id_wo, $mode, $id_note = false, $wo_info = false, $note_info = false)
{
global $config;
$wo = $wo_info;
if (!$wo_info) {
$wo = get_db_row("ttodo", "id", $id_wo);
}
// Only send mails when creator is different than owner
if ($wo['assigned_user'] == $wo['created_by_user']) {
return;
}
$MACROS["_sitename_"] = $config['sitename'];
$MACROS["_wo_id_"] = $wo['id'];
$MACROS["_wo_name_"] = $wo['name'];
$MACROS["_wo_last_update_"] = $wo['last_update'];
$MACROS["_wo_created_by_user_"] = $wo['created_by_user'];
$MACROS["_wo_assigned_user_"] = $wo['assigned_user'];
$MACROS["_wo_progress_"] = translate_wo_status($wo['progress']);
$MACROS["_wo_priority_"] = get_priority_name($wo['priority']);
$MACROS["_wo_description_"] = wordwrap($wo["description"], 70, "\n");
$MACROS["_wo_url_"] = $config["base_url"] . "/index.php?sec=projects&sec2=operation/workorders/wo&operation=view&id={$id_wo}";
$MACROS["_wo_title_"] = $wo['name'];
$MACROS["_wo_delete_user_"] = $config["id_user"];
//Replace note macros if needed
if ($id_note) {
if (!$note_info) {
$note_info = get_db_row('ttodo_notes', 'id', $id_note);
}
$MACROS["_wo_note_created_by_user_"] = $note_info["written_by"];
$MACROS["_wo_notes_url_"] = $config["base_url"] . "/index.php?sec=projects&sec2=operation/workorders/wo&operation=view&tab=notes&id={$id_wo}";
$MACROS["_wo_note_info_"] = $note_info["description"];
$MACROS["_wo_note_delete_user_"] = $config["id_user"];
}
// Send email for assigned and creator of this workorder
$email_creator = get_user_email($wo['created_by_user']);
$email_assigned = get_user_email($wo['assigned_user']);
switch ($mode) {
case 0:
// WO update
$text = template_process($config["homedir"] . "/include/mailtemplates/wo_update.tpl", $MACROS);
$subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_update.tpl", $MACROS);
break;
case 1:
// WO creation
$text = template_process($config["homedir"] . "/include/mailtemplates/wo_create.tpl", $MACROS);
$subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_create.tpl", $MACROS);
break;
case 3:
// WO deleted
$text = template_process($config["homedir"] . "/include/mailtemplates/wo_delete.tpl", $MACROS);
$subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_delete.tpl", $MACROS);
break;
case 4:
//New note
$text = template_process($config["homedir"] . "/include/mailtemplates/wo_new_note.tpl", $MACROS);
$subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_new_note.tpl", $MACROS);
break;
case 5:
//Delete note
$text = template_process($config["homedir"] . "/include/mailtemplates/wo_delete_note.tpl", $MACROS);
$subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_delete_note.tpl", $MACROS);
break;
}
$msg_code = "WO#{$id_wo}";
$msg_code .= "/" . substr(md5($id_wo . $config["smtp_pass"] . $wo["assigned_user"]), 0, 5);
$msg_code .= "/" . $wo["assigned_user"];
integria_sendmail($email_assigned, $subject, $text, false, $msg_code);
$msg_code = "WO#{$id_wo}";
$msg_code .= "/" . substr(md5($id_wo . $config["smtp_pass"] . $wo["created_by_user"]), 0, 5);
$msg_code .= "/" . $wo["created_by_user"];
integria_sendmail($email_creator, $subject, $text, false, $msg_code);
}
function task_activity_graph($id_task, $width = 900, $height = 230, $area = false, $return = false)
{
global $config;
$task = get_db_row("ttask", "id", $id_task);
$output = "";
$start_unixdate = strtotime($task["start"]);
$end_unixdate = strtotime("now");
$period = $end_unixdate - $start_unixdate;
$resolution = 50;
$interval = (int) ($period / $resolution);
if (!$area) {
$output .= __("Each bar is") . " " . human_time_description_raw($interval);
$output .= "<br>";
}
$data = get_db_all_rows_sql("SELECT tworkunit.duration as duration, \n tworkunit.timestamp as timestamp FROM tworkunit, tworkunit_task, ttask \n\t\t\tWHERE tworkunit_task.id_task = {$id_task}\n\t\t\tAND tworkunit_task.id_workunit = tworkunit.id GROUP BY tworkunit.id ORDER BY timestamp ASC");
if ($data === false) {
$data = array();
}
$min_necessary = 1;
// Check available data
if (count($data) < $min_necessary) {
return;
}
// Set initial conditions
$chart = array();
$names = array();
$chart2 = array();
// Calculate chart data
for ($i = 0; $i < $resolution; $i++) {
$timestamp = $start_unixdate + $interval * $i;
$total = 0;
$j = 0;
while (isset($data[$j])) {
$dftime = strtotime($data[$j]['timestamp']);
if ($dftime >= $timestamp && $dftime < $timestamp + $interval) {
$total += $data[$j]['duration'];
}
$j++;
}
$time_format = "M d";
$timestamp_human = clean_flash_string(date($time_format, $timestamp));
$chart2[$timestamp_human] = $total;
}
$colors['1day']['color'] = "#2179B1";
$colors['1day']['border'] = "#000";
$colors['1day']['alpha'] = 100;
foreach ($chart2 as $key => $ch) {
$chart3[$key]['1day'] = $ch;
}
$legend = array();
$xaxisname = __('Days');
$yaxisname = __('Hours');
if ($area) {
$output .= area_graph($config['flash_charts'], $chart3, $width, $height, $colors, $legend, '', '', '', $yaxisname, '', '', $config['font'], $config['fontsize']);
} else {
$output .= vbar_graph($config['flash_charts'], $chart3, $width, $height, $colors, $legend, $xaxisname, $yaxisname, "", "", $config['font'], $config['fontsize']);
}
if ($return) {
return $output;
} else {
echo $output;
}
}
check_login ();
if (!isset($read_permission)) {
$read_permission = check_crm_acl ('lead', 'cr', $config['id_user'], $id);
if (!$read_permission) {
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead");
include ("general/noaccess.php");
exit;
}
}
// Delete file
$deletef = get_parameter ("deletef", "");
if ($deletef != ""){
$file = get_db_row ("tattachment", "id_attachment", $deletef);
if ( (dame_admin($config["id_user"])) || ($file["id_usuario"] == $config["id_user"]) ){
$sql = "DELETE FROM tattachment WHERE id_attachment = $deletef";
process_sql ($sql);
$filename = $config["homedir"]."/attachment/". $file["id_attachment"]. "_" . $file["filename"];
unlink ($filename);
echo ui_print_success_message (__("Successfully deleted"), '', true, 'h3', true);
}
}
// Upload file
if (isset($_GET["upload"])) {
if (isset($_POST['upfile']) && ( $_POST['upfile'] != "" )){ //if file
$filename= $_POST['upfile'];
if (! $result)
echo ui_print_error_message (__('Could not be deleted'), '', true, 'h3', true);
else {
echo ui_print_success_message (__('Successfully deleted'), '', true, 'h3', true);
}
}
// CREATE form
if ((isset($_GET["create"]) OR (isset($_GET["update"])))) {
if (isset($_GET["create"])){
$id_group = 0;
$name = "";
$id = -1;
} else {
$id = get_parameter ("update",-1);
$row = get_db_row ("tdownload_category", "id", $id);
$name = $row["name"];
$icon = $row["icon"];
$id_group = $row["id_group"];
}
echo "<h2>".__('File release category access management')."</h2>";
echo "<h4>".__('Create a new category access')."</h4>";
echo "<form name=catman method='post' action='index.php?sec=download&
sec2=operation/download/manage_perms&create2'>";
echo '<table width="100%" class="search-table-button">';
echo "<tr>";
echo "<td class=datos>";
$now = print_mysql_timestamp();
$res = workorders_insert_note ($id, $config["id_user"], $note, $now);
if (! $res)
echo '<h3 class="error">'.__('There was a problem creating the note').'</h3>';
else
echo '<h3 class="suc">'.__('Note was added successfully').'</h3>';
}
if ($delete) {
$id_note = get_parameter("id_note");
$note = get_db_row ("ttodo_notes", "id", $id_note);
$sql = sprintf("DELETE FROM ttodo_notes WHERE id = %d", $id_note);
$res = process_sql($sql);
if (! $res)
echo '<h3 class="error">'.__('There was a problem deleting the note').'</h3>';
else
echo '<h3 class="suc">'.__('Note was deleted successfully').'</h3>';
mail_workorder ($id, 5, $res, false, $note);
}
$table = new StdClass();
$table->width = '100%';
$i++;
continue;
}
$i++;
$row0 = get_db_row("tusuario", "id_usuario", $key);
if ($row0) {
$nombre = $row0["id_usuario"];
$avatar = $row0["avatar"];
// Get total hours for this month
$sql = "SELECT SUM(duration) FROM tworkunit WHERE timestamp > '{$begin_month}' AND timestamp < '{$end_month}' AND id_user = '******'";
if ($res = mysql_query($sql)) {
$row = mysql_fetch_array($res);
}
echo "<tr><td>";
echo "<a href='index.php?sec=users&sec2=operation/users/user_edit&id={$nombre}' class='tip'> <span>";
$usuario = get_db_row("tusuario", "id_usuario", $nombre);
echo "<b>" . $usuario["nombre_real"] . "</b><br>";
echo "<i>" . $usuario["comentarios"] . "</i><br>";
// TODO - Move this to enterprise code.
if ($config["enteprise"] == 1) {
echo "<font size=1px>";
$sql1 = 'SELECT * FROM tusuario_perfil WHERE id_usuario = "' . $nombre . '"';
$result1 = mysql_query($sql1);
if (mysql_num_rows($result1)) {
while ($row1 = mysql_fetch_array($result1)) {
echo dame_perfil($row1["id_perfil"]) . "/ ";
echo dame_grupo($row1["id_grupo"]) . "<br>";
}
} else {
echo __('This user doesn\'t have any assigned profile/group');
}
$name = "";
$icon = "";
$id_user_default = "";
$id_user = "";
$banner = "";
$parent = "";
$forced_email = true;
$soft_limit = 5;
$hard_limit = 20;
$enforce_soft_limit = 1;
$id_sla = 0;
$email_from = '';
$email_group = '';
$creacion_grupo = (bool) get_parameter('creacion_grupo');
if ($id) {
$group = get_db_row('tgrupo', 'id_grupo', $id);
if ($group) {
$name = $group['nombre'];
$icon = $group['icon'];
$id_user_default = $group['id_user_default'];
$banner = $group['banner'];
$parent = $group['parent'];
$soft_limit = $group["soft_limit"];
$hard_limit = $group["hard_limit"];
$enforce_soft_limit = (bool) $group["enforce_soft_limit"];
$forced_email = (bool) $group['forced_email'];
$id_sla = $group["id_sla"];
$id_user = get_db_value('id_user_default', 'tgrupo', 'id_grupo', $id);
$id_inventory = $group["id_inventory_default"];
$inventory_name = get_inventory_name($group["id_inventory_default"]);
$autocreate_user = $group["autocreate_user"];
if ($new_sla) {
$name = "";
$description = "";
$min_response = 48.0;
$max_response = 480.0;
$max_incidents = 10;
$max_inactivity = 96.0;
$id_sla_base = 0;
$enforced = 1;
$five_daysonly = 1;
$time_from = 8;
$time_to = 18;
$no_holidays = 1;
$id_sla_type = 0;
} else {
$sla = get_db_row ('tsla', 'id', $id);
$name = $sla['name'];
$description = $sla['description'];
$min_response = $sla['min_response'];
$max_response = $sla['max_response'];
$max_incidents = $sla['max_incidents'];
$max_inactivity = $sla['max_inactivity'];
$id_sla_base = $sla['id_sla_base'];
$enforced = $sla['enforced'];
$five_daysonly = $sla["five_daysonly"];
$time_from = $sla["time_from"];
$time_to = $sla["time_to"];
$no_holidays = $sla["no_holidays"];
$id_sla_type = $sla["id_sla_type"];
}
$name = get_db_value('name', 'tbuilding', 'id', $id);
$sql = sprintf('DELETE FROM tbuilding WHERE id = %d', $id);
process_sql($sql);
audit_db($config["id_user"], $config["REMOTE_ADDR"], "Building", "Deleted building {$id} - {$name}");
echo '<h3 class="suc">' . __('Successfully deleted') . '</h3>';
$id = 0;
}
echo '<h2>' . __('Building management') . '</h2>';
// FORM (Update / Create)
if ($id || $new_building) {
if ($new_building) {
$id = 0;
$name = "";
$description = "";
} else {
$building = get_db_row('tbuilding', 'id', $id);
$name = $building['name'];
$description = $building['description'];
}
$table->width = "90%";
$table->class = "databox";
$table->data = array();
$table->colspan = array();
$table->colspan[1][0] = 2;
$table->data[0][0] = print_input_text('name', $name, '', 60, 100, true, __('Building name'));
$table->data[1][0] = print_textarea('description', 14, 1, $description, '', true, __('Description'));
echo '<form method="post" action="index.php?sec=inventory&sec2=operation/buildings/building_detail">';
print_table($table);
echo '<div class="button" style="width: ' . $table->width . '">';
if ($id) {
print_submit_button(__('Update'), 'update_btn', false, 'class="sub upd"', false);
}
$operation = "";
}
// ---------------
// CREATE (form)
// ---------------
if ($operation == "create" || $operation == "edit") {
if ($operation == "create") {
$name = "";
$description = "";
$id_language = "";
$id_company = 0;
$subject = "";
} else {
// TODO: Check ACL here. Dont allow to read Id not my company or child (or admin)
$template = get_db_row("tcrm_template", "id", $id);
$name = $template["name"];
$description = $template["description"];
$id_language = $template["id_language"];
$id_company = $template["id_company"];
$subject = $template["subject"];
}
$table->width = '99%';
$table->class = 'search-table-button';
$table->colspan = array();
$table->colspan[3][0] = 2;
$table->data = array();
$table->data[1][0] = print_input_text('name', $name, '', 50, 100, true, __('Name'));
$table->data[1][1] = print_select_from_sql('SELECT id_language, name FROM tlanguage ORDER BY name', 'id_language', $id_language, '', '', '', true, false, false, __('Language'));
$sql2 = "SELECT id, name FROM tcompany ORDER by name";
$table->data[2][0] = print_input_text('subject', $subject, '', 70, 200, true, __('Subject'));
public function show()
{
if ($this->permission) {
$system = System::getInstance();
$message = "";
switch ($this->operation) {
case 'insert':
$result = $this->insertWorkOrder($system->getConfig('id_user'), $this->assigned_user, $this->title, $this->priority, $this->status, $this->category, $this->id_task, $this->description);
if ($result) {
$this->id_workorder = $result;
$message = "<h2 class='suc'>" . __('Successfully created') . "</h2>";
} else {
$message = "<h2 class='error'>" . __('An error ocurred while creating the workorder') . "</h2>";
}
break;
case 'update':
$result = $this->updateWorkOrder($this->id_workorder, $this->assigned_user, $this->title, $this->priority, $this->status, $this->category, $this->id_task, $this->description);
if ($result) {
$message = "<h2 class='suc'>" . __('Successfully updated') . "</h2>";
} else {
$message = "<h2 class='error'>" . __('An error ocurred while updating the workorder') . "</h2>";
}
break;
case 'delete':
$result = $this->deleteWorkOrder($this->id_workorder);
if ($result) {
$this->id_workorder = -1;
$message = "<h2 class='suc'>" . __('Successfully deleted') . "</h2>";
} else {
$message = "<h2 class='error'>" . __('An error ocurred while deleting the workorder') . "</h2>";
}
break;
case 'view':
$workorder = get_db_row("ttodo", "id", $this->id_workorder);
$this->setValues($this->id_workorder, $workorder['name'], $workorder['assigned_user'], $workorder['priority'], $workorder['progress'], $workorder['id_wo_category'], $workorder['id_task'], $workorder['description'], 'view');
break;
default:
if ($this->id_workorder > 0) {
$workorder = get_db_row("ttodo", "id", $this->id_workorder);
$this->setValues($this->id_workorder, $workorder['name'], $workorder['assigned_user'], $workorder['priority'], $workorder['progress'], $workorder['id_wo_category'], $workorder['id_task'], $workorder['description'], 'view');
}
}
$this->showWorkOrder($message);
} else {
$this->showNoPermission();
}
}
function api_download_file($return_type, $user, $id_file)
{
global $config;
$data = get_db_row("tattachment", "id_attachment", $id_file);
if (!check_user_incident($user, $data['id_incidencia'])) {
return;
}
$fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"];
switch ($return_type) {
case "xml":
echo xml_node(base64_encode(file_get_contents($fileLocation)));
break;
case "csv":
echo base64_encode(file_get_contents($fileLocation));
break;
}
}
}
$id = 0;
}
//**********************************************************************
// Object edition form
//**********************************************************************
if ($create || $id) {
if ($create) {
$icon = "";
$description = "";
$name = "";
$id = -1;
$min_stock = 0;
$show_in_tree = 0;
} else {
$object = get_db_row("tobject_type", "id", $id);
$description = $object["description"];
$name = $object["name"];
$icon = $object["icon"];
$min_stock = $object["min_stock"];
$show_in_list = $object["show_in_list"];
}
/*if ($id == -1) {
echo "<h3>".__('Create a new object')."</h3>";
} else {
echo "<h3>".__('Update existing object')."</h3>";
}*/
$table->width = '99%';
$table->class = 'search-table-button';
$table->colspan = array();
$table->colspan[3][0] = 2;
$table->tablealign = "left";
$table->data = array();
$table->size = array();
$table->style = array();
$table->style[0] = 'font-weight: bold';
$table->colspan = array();
$table->head[0] = __('ID');
//$table->head[1] = __('Description');
$table->head[2] = __('Amount');
$table->head[3] = __('Type');
$table->head[4] = __('Status');
$table->head[5] = __('Creation');
$table->head[6] = __('Expiration');
$table->head[7] = __('Options');
$counter = 0;
$company = get_db_row('tcompany', 'id', $id);
foreach ($invoices as $invoice) {
$lock_permission = crm_check_lock_permission($config["id_user"], $invoice["id"]);
$is_locked = crm_is_invoice_locked($invoice["id"]);
$locked_id_user = false;
if ($is_locked) {
$locked_id_user = crm_get_invoice_locked_id_user($invoice["id"]);
}
$data = array();
$url = "index.php?sec=customers&sec2=operation/companies/company_detail&view_invoice=1&id=" . $id . "&op=invoices&id_invoice=" . $invoice["id"];
$data[0] = "<a href='{$url}'>" . $invoice["bill_id"] . "</a>";
//$data[1] = "<a href='$url'>".$invoice["description"]."</a>";
$data[2] = format_numeric(get_invoice_amount($invoice["id"])) . " " . strtoupper($invoice["currency"]);
$tax = get_invoice_tax($invoice["id"]);
$tax_amount = get_invoice_amount($invoice["id"]) * (1 + $tax / 100);
if ($tax != 0) {
if ($is_enterprise) {
$read_permission = inventory_check_acl($config['id_user'], $id);
$write_permission = inventory_check_acl($config['id_user'], $id, true);
if (!$read_permission) {
audit_db ($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to inventory ".$id);
include ("general/noaccess.php");
exit;
}
}
require_once ('include/functions_inventories.php');
$inventory = get_db_row ('tinventory', 'id', $id);
//**********************************************************************
// Tabs
//**********************************************************************
if(!isset($inventory_name)){
$inventory_name = '';
}
print_inventory_tabs('contacts', $id, $inventory_name);
$table = new stdClass;
$table->width = '99%';
$table->class = 'listing';
$table->head = array ();
$table->size = array ();
$email = (string) get_parameter ('email');
$position = (string) get_parameter ('position');
$id_company = (int) get_parameter ('id_company');
$disabled = (int) get_parameter ('disabled');
$description = (string) get_parameter ('description');
$id_contract = (int) get_parameter ('id_contract');
if ($id_contract) {
$id_company = (int) get_db_value ('id_company', 'tcontract', 'id', $id_contract);
}
} else {
if (!$read_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access a contact in a group without access");
require ("general/noaccess.php");
exit;
}
$contact = get_db_row ("tcompany_contact", "id", $id);
$fullname = $contact['fullname'];
$phone = $contact['phone'];
$mobile = $contact['mobile'];
$email = $contact['email'];
$position = $contact['position'];
$id_company = $contact['id_company'];
$disabled = $contact['disabled'];
$description = $contact['description'];
}
$table = new stdClass();
$table->width = "100%";
$table->data = array ();
$table->colspan = array ();
$table->colspan[0][0] = 4;
$participant["direccion"];
$text = ascii_output ($description);
$subject = ascii_output ($title);
integria_sendmail ($participant["direccion"], $subject, $text);
}
echo ui_print_success_message (__("Operation successfully completed"), '', true, 'h3', true);
}
// Get names
if ($id_project)
$project_name = get_db_value ('name', 'tproject', 'id', $id_project);
else
$project_name = '';
if ($id_task)
$task = get_db_row ('ttask', 'id', $id_task);
$task_days = $task["hours"] / $config["hours_perday"];
$task_cost = $task['estimated_cost']. $config["currency"];
$prio_array = get_priorities();
$task_participants = get_db_all_rows_sql ("SELECT direccion, nombre_real FROM tusuario, trole_people_task WHERE tusuario.id_usuario = trole_people_task.id_user AND trole_people_task.id_task = $id_task");
$participants ="";
foreach ($task_participants as $participant){
$participants .= $participant["nombre_real"]. ", ";
}
$title = "[".$config["sitename"]."] Task report - $project_name / ".$task["name"];
$description = sprintf ( "This is a resume of task %s. This report has been sent by Project manager [%s]
global $config;
check_login();
include_once "include/functions_tasks.php";
include_once "include/functions_graph.php";
$id_project = (int) get_parameter('id_project');
if (!$id_project) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager without project");
no_permission();
}
$project_access = get_project_access($config["id_user"], $id_project);
if (!$project_access["read"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project");
no_permission();
}
$project = get_db_row('tproject', 'id', $id_project);
$update = get_parameter("update");
$create = get_parameter("create");
$delete = get_parameter("delete");
if (!$update && !$create && !$delete) {
if (!manage_any_task($config["id_user"], $id_project)) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project");
no_permission();
}
}
//Delete task
if ($delete) {
$task_access = get_project_access($config["id_user"], $id_project, $delete);
//Check if admin or project manager before delete the task
if (!$task_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to delete a task without permission");
$sql = "INSERT INTO tnewsletter_address (id_newsletter, email, name, datetime, status) VALUES ({$newsletter}, '{$email}', '{$name}', '{$now}',0)";
$result = mysql_query($sql);
if ($result) {
$newsletter_name = get_db_sql("SELECT name FROM tnewsletter WHERE id = {$newsletter}");
$text .= __("Welcome to") . " " . $newsletter_name . " " . __("newsletter") . "\n\n";
$text .= __("Please use this URL to de-subscribe yourself from this newsletter:") . "\n\n";
$text .= $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id={$newsletter}";
$text .= "\n\n" . __("Thank you");
integria_sendmail($email, "Newsletter subscription - {$newsletter_name}", $text);
}
}
}
return;
}
if ($operation == "desubscribe") {
$newsletter = get_db_row("tnewsletter", "id", $id);
// safe exit
if (!isset($newsletter["id"])) {
return;
}
$now = date("Y-m-d H:i:s");
echo "<form method=post action='" . $config["base_url"] . "/include/newsletter.php'>";
if (!$clean) {
echo "<h3>";
echo __("De-subscription form for ") . " " . $newsletter["name"];
echo "</h3>";
echo "<p style='width: 500px'><i>";
echo $newsletter["description"];
echo "</p></i>";
echo "<p style='width: 500px'>";
echo __("Please enter here the email address which you're registered on this newsletter");
$id = -1;
$id_product = 1;
$id_category = 1;
$id_language = '';
$id_incident = (int) get_parameter("id_incident", 0);
if ($id_incident) {
// Get incident data
$incident = get_db_row_sql('SELECT titulo, descripcion, epilog FROM tincidencia WHERE id_incidencia = ' . $id_incident);
if ($incident !== false) {
$title = $incident['titulo'];
$data = $incident['descripcion'] . "\n\n" . $incident['epilog'];
}
}
} else {
$id = get_parameter("update", -1);
$row = get_db_row("tkb_data", "id", $id);
$data = $row["data"];
$title = $row["title"];
$id_product = $row["id_product"];
$id_language = $row["id_language"];
$id_category = $row["id_category"];
if ($id != -1 && !check_kb_item_accessibility($id_user, $id)) {
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item");
require "general/noaccess.php";
exit;
}
}
echo "<h2>" . __('KB Data management') . "</h2>";
if ($id == -1) {
echo "<h3>" . __('Create a new KB item') . "</a></h3>";
echo "<form id='form-kb_item' name=prodman method='post' action='index.php?sec=kb&sec2=operation/kb/manage_data&create2'>";
global $config;
check_login();
if (!$id) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$write_permission = check_crm_acl('lead', 'cw', $config['id_user'], $id);
$manage_permission = check_crm_acl('lead', 'cm', $config['id_user'], $id);
if (!$write_permission && !$manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$lead = get_db_row('tlead', 'id', $id);
$user = get_db_row("tusuario", "id_usuario", $config["id_user"]);
$company_user = get_db_sql("select name FROM tcompany where id = " . $user["id_company"]);
$from = get_parameter("from", $user["direccion"]);
$to = get_parameter("to", "");
$subject = get_parameter("subject", "");
$mail = get_parameter("mail", "");
$send = (int) get_parameter("send", 0);
$cco = get_parameter("cco", "");
// Send mail
if ($send) {
if ($subject != "" and $from != "" and $to != "") {
echo "<h3 class='suc'>" . __('Mail queued') . "</h3>";
integria_sendmail($to, $subject, $mail, false, "", $from, true);
if ($cco != "") {
integria_sendmail($cco, $subject, $mail, false, "", $from, true);
}
function render_sidebox_user_info($user, $label)
{
$output = "";
$output .= '<div style="text-align:center;"><b>' . __($label) . ' </b></div>';
$output .= '<div class="user_info_sidebox">';
$output .= print_user_avatar($user, true, true);
$output .= '<a href="index.php?sec=users&sec2=operation/users/user_edit&id=' . $user . '">';
$output .= ' <strong>' . $user . '</strong></a><br>';
$user_data = get_db_row("tusuario", "id_usuario", $user);
if ($user_data["nombre_real"] != "") {
$output .= $user_data["nombre_real"] . "<br>";
}
if ($user_data["telefono"] != "") {
$output .= $user_data["telefono"] . "<br>";
}
if ($user_data["direccion"] != "") {
$output .= $user_data["direccion"];
}
if ($user_data["id_company"] != 0) {
$company_name = (string) get_db_value('name', 'tcompany', 'id', $user_data['id_company']);
$output .= "<br>(<em>{$company_name}</em>)";
}
$output .= '</div>';
return $output;
}
