function check_alarm_calendar($count = true, $id = false)
{
global $config;
$now = strtotime(date('Y-m-d H:i:s'));
if ($count) {
$sql = "SELECT count(`id`) as num_alarms FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})";
$alarms = get_db_value_sql($sql);
} else {
if (!$count && !$id) {
$sql = "SELECT * FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})";
$alarms = get_db_all_rows_sql($sql);
} else {
$sql = "SELECT * FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND id={$id}\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})";
$alarms = get_db_row_sql($sql);
}
}
return $alarms;
}
function users_get_users_owners_or_creators($id_user, $id_group = false)
{
global $config;
$values = array();
if ($id_user === 0) {
$id_user = $config['id_user'];
}
if ($id_group) {
$query_users = "SELECT id_usuario FROM tusuario_perfil WHERE id_grupo = {$id_group} OR id_grupo = 0";
} else {
$query_users = users_get_allowed_users_query($id_user, false);
}
$users = get_db_all_rows_sql($query_users);
if ($users == false) {
$users = array();
}
foreach ($users as $user) {
$values[$user['id_usuario']] = get_db_row_sql("SELECT id_usuario, nombre_real, num_employee FROM tusuario WHERE id_usuario = '" . $user['id_usuario'] . "'");
}
return $values;
}
}
}
// Lock/Unlock INVOICE
// ----------------
if ($lock_invoice == 1 && $id_invoice) {
$locked = crm_is_invoice_locked ($id_invoice);
$res = crm_change_invoice_lock ($config["id_user"], $id_invoice);
if ($res === -1) { // -1 equals to false permission to lock or unlock the invoice
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to lock/unlock an invoice");
include ("general/noaccess.php");
exit;
} else {
$invoice = get_db_row_sql ("SELECT * FROM tinvoice WHERE id = $id_invoice");
$company_name = get_db_value('name', 'tcompany', 'id', $invoice['id_company']);
if ($locked && $res === 0) { // The invoice was locked and now is unlocked
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "Invoice unlocked", "Invoice Bill ID: ".$invoice['bill_id'].", Company: $company_name");
} elseif (!$locked && $res === 1) { // The invoice was unlocked and now is locked
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "Invoice locked", "Invoice Bill ID: ".$invoice['bill_id'].", Company: $company_name");
}
clean_cache_db();
}
}
$where_clause = " 1 = 1 ";
if ($search_text != "") {
$where_clause .= sprintf ('AND (id_company IN (SELECT id FROM tcompany WHERE name LIKE "%%%s%%") OR
function graph_sla($incident)
{
$id_incident = $incident['id_incidencia'];
$utimestamp = time();
//Get sla values for this incident
$sla_affected = get_db_value("affected_sla_id", "tincidencia", "id_incidencia", $id_incident);
$values['id_incident'] = $id_incident;
$values['utimestamp'] = $utimestamp;
//If incident is affected by SLA then the graph value is 0
if ($sla_affected) {
$values['value'] = 0;
} else {
$values['value'] = 1;
}
$sql = sprintf("SELECT value\n\t\t\t\t\tFROM tincident_sla_graph_data\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\tORDER BY utimestamp DESC", $id_incident);
$result = get_db_row_sql($sql);
$last_value = !empty($result) ? $result['value'] : -1;
if ($values['value'] != $last_value) {
//Insert SLA value in table
process_sql_insert('tincident_sla_graph_data', $values);
}
}
function get_custom_search($id_search, $section)
{
global $config;
$sql = sprintf('SELECT * FROM tcustom_search
WHERE id = %d
AND id_user = "******"
AND section = "%s"', $id_search, $config['id_user'], $section);
return get_db_row_sql($sql);
}
$result_output = ui_print_success_message (__('Locked successfully'), '', true, 'h3', true);
audit_db ($config['id_user'], $config["REMOTE_ADDR"], "Work unit locked",
"Workunit for ".$config['id_user']);
if (defined ('AJAX')) {
echo '<img src="images/rosette.png" title="'.__('Locked by').' '.$config['id_user'].'" />';
print_user_avatar ($config['id_user'], true);
return;
}
}
if ($id_workunit) {
$sql = sprintf ('SELECT *
FROM tworkunit
WHERE tworkunit.id = %d', $id_workunit);
$workunit = get_db_row_sql ($sql);
$belong_to_ticket = get_db_value_sql("SELECT * FROM tworkunit_incident WHERE id_workunit = ".$id_workunit);
if (($workunit === false) OR $belong_to_ticket) {
require ("general/noaccess.php");
return;
}
// $id_task = $workunit['id_task'];
// $id_project = get_db_value ('id_project', 'ttask', 'id', $id_task);
$id_user = $workunit['id_user'];
$wu_user = $id_user;
$duration = $workunit['duration'];
$description = $workunit['description'];
if ($update_task) {
$id_task = get_parameter("id");
$start_date = get_parameter("start_date");
$end_date = get_parameter("end_date");
$progress = get_parameter("progress");
//Fix date
$start_date = safe_output($start_date);
$start_time = strtotime($start_date);
$start_date = date("Y-m-d", $start_time);
$end_date = safe_output($end_date);
$end_time = strtotime($end_date);
$end_date = date("Y-m-d", $end_time);
//Fix progress
$progress = $progress * 100;
$progress = (int) $progress;
$current_task = get_db_row_sql(sprintf("SELECT * FROM ttask WHERE id = %d", $id_task));
//If task is the same don't update it and return and OK message
if ($start_date == $current_task["start"] && $end_date == $current_task["end"] && $progress == $current_task["completion"]) {
$res = true;
} else {
//If something is different then update task
$sql = sprintf('UPDATE ttask SET completion = %d,
start = "%s", end = "%s" WHERE id = %d', $progress, $start_date, $end_date, $id_task);
$res = process_sql($sql);
}
if ($res) {
$msg = __("Task updated");
} else {
$msg = __("Error updating task");
}
$ret = array("res" => $res, "msg" => $msg);
function inventories_get_all_external_field($external_table_name, $external_reference_field, $data_id_external_table)
{
global $config;
if (empty($external_table_name)) {
return false;
}
$sql_check = "SHOW TABLES LIKE '{$external_table_name}'";
$exists = process_sql($sql_check);
if (!$exists) {
return false;
}
$sql_ext = "SHOW COLUMNS FROM " . $external_table_name;
$external_data = get_db_all_rows_sql($sql_ext);
$sql = "SELECT * FROM {$external_table_name} WHERE {$external_reference_field}={$data_id_external_table}";
$fields_ext = get_db_row_sql($sql);
if ($fields_ext === false) {
$fields_ext = array();
}
$fields = array();
foreach ($external_data as $key => $ext) {
$fields[$ext['Field']] = $ext['Field'];
}
$all_fields_ext = array();
$i = 0;
foreach ($fields_ext as $key => $val) {
if ($key != $external_reference_field && array_key_exists($key, $fields)) {
$all_fields_ext[$i]['label_enco'] = base64_encode($key);
$all_fields_ext[$i]['label'] = safe_output($key);
$all_fields_ext[$i]['data'] = safe_output($val);
$i++;
}
}
return $all_fields_ext;
}
function incidents_update_incident_stats_data($incident)
{
$start_time = strtotime($incident["inicio"]);
// Check valid date
if ($start_time < strtotime('1970-01-01 00:00:00')) {
return;
}
$id_incident = $incident["id_incidencia"];
$last_incident_update = $incident["last_stat_check"];
$last_incident_update_time = strtotime($last_incident_update);
$now = time();
$metrics = array(INCIDENT_METRIC_USER, INCIDENT_METRIC_STATUS, INCIDENT_METRIC_GROUP);
foreach ($metrics as $metric) {
$state = incidents_metric_to_state($metric);
// Get the last updated item in the last incident update
$sql = sprintf("SELECT timestamp, id_aditional\n\t\t\t\t\t\tFROM tincident_track\n\t\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\t\tAND state = %d\n\t\t\t\t\t\t\tAND timestamp < '%s'\n\t\t\t\t\t\tORDER BY timestamp DESC\n\t\t\t\t\t\tLIMIT 1", $id_incident, $state, $last_incident_update);
$last_updated_value = process_sql($sql);
if ($last_updated_value === false) {
$last_updated_value = array();
}
// Get the changes of the metric from the incident track table
// Get only the changes produced before the last incident update
// in ascending order
$sql = sprintf("SELECT timestamp, id_aditional\n\t\t\t\t\t\tFROM tincident_track\n\t\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\t\tAND state = %d\n\t\t\t\t\t\t\tAND timestamp > '%s'\n\t\t\t\t\t\tORDER BY timestamp ASC", $id_incident, $state, $last_incident_update);
$track_values = process_sql($sql);
if ($track_values === false) {
$track_values = array();
}
// If there is no changes since the last incident update,
// the actual value is updated
if (count($track_values) < 1 && count($last_updated_value) > 0) {
incidents_update_stats_item($id_incident, $last_updated_value[0]["id_aditional"], $metric, $last_incident_update_time, $now);
}
// Go over the changes to create the stat items and set the seconds
// passed in every state
for ($i = 0; $i < count($track_values); $i++) {
$min_time = strtotime($track_values[$i]["timestamp"]);
if ($track_values[$i + 1]) {
// There was a change after this change
$max_time = strtotime($track_values[$i + 1]["timestamp"]);
} else {
// The actual value
$max_time = $now;
}
// Final update to the last metric item of the last incident update
if (!$track_values[$i - 1] && count($last_updated_value) > 0) {
incidents_update_stats_item($id_incident, $last_updated_value[0]["id_aditional"], $metric, $last_incident_update_time, $min_time);
}
incidents_update_stats_item($id_incident, $track_values[$i]["id_aditional"], $metric, $min_time, $max_time);
}
}
// total_time
$filter = array("metric" => INCIDENT_METRIC_STATUS, "status" => STATUS_CLOSED, "id_incident" => $id_incident);
$closed_time = get_db_value_filter("seconds", "tincident_stats", $filter);
if (!$closed_time) {
$closed_time = 0;
}
$start_time = strtotime($incident["inicio"]);
$holidays_seconds = incidents_get_holidays_seconds_by_timerange($start_time, $now);
$total_time = $now - $start_time - $closed_time - $holidays_seconds;
$sql = sprintf("SELECT id\n\t\t\t\t\tFROM tincident_stats\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\tAND metric = '%s'", $id_incident, INCIDENT_METRIC_TOTAL_TIME);
$row = get_db_row_sql($sql);
//Check if we have a previous stat metric to update or create it
if ($row) {
$val_upd = array("seconds" => $total_time);
$val_where = array("id" => $row["id"]);
process_sql_update("tincident_stats", $val_upd, $val_where);
} else {
$val_new = array("seconds" => $total_time, "metric" => INCIDENT_METRIC_TOTAL_TIME, "id_incident" => $id_incident);
process_sql_insert("tincident_stats", $val_new);
}
// total_w_third
$filter = array("metric" => INCIDENT_METRIC_STATUS, "status" => STATUS_PENDING_THIRD_PERSON, "id_incident" => $id_incident);
$third_time = get_db_value_filter("seconds", "tincident_stats", $filter);
if (!$third_time || $third_time < 0) {
$third_time = 0;
}
$total_time -= $third_time;
$sql = sprintf("SELECT id\n\t\t\t\t\tFROM tincident_stats\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\tAND metric = '%s'", $id_incident, INCIDENT_METRIC_TOTAL_TIME_NO_THIRD);
$row = get_db_row_sql($sql);
//Check if we have a previous stat metric to update or create it
if ($row) {
$val_upd = array("seconds" => $total_time);
$val_where = array("id" => $row["id"]);
process_sql_update("tincident_stats", $val_upd, $val_where);
} else {
$val_new = array("seconds" => $total_time, "metric" => INCIDENT_METRIC_TOTAL_TIME_NO_THIRD, "id_incident" => $id_incident);
process_sql_insert("tincident_stats", $val_new);
}
//Update last_incident_update field from tincidencia
$update_values = array("last_stat_check" => date("Y-m-d H:i:s", $now));
process_sql_update("tincidencia", $update_values, array("id_incidencia" => $id_incident));
}
return;
}
}
return;
break;
case 'delete_contract':
$sql = sprintf('DELETE FROM tcontract WHERE id = %d', $id);
process_sql($sql);
audit_db($config['id_user'], $REMOTE_ADDR, "Contract deleted", "Contract named '{$name}' has been deleted");
$message = 'Successfully deleted';
echo 'Successfully deleted';
return;
break;
case 'delete_company_invoice':
case 'delete_invoice':
$invoice = get_db_row_sql("SELECT * FROM tinvoice WHERE id = {$id}");
if ($invoice["id"] && !crm_is_invoice_locked($invoice["id"])) {
// Todo: Delete the invoice files from disk
if ($invoice["id_attachment"] != "") {
process_sql("DELETE FROM tattachment WHERE id_attachment = " . $invoice["id_attachment"]);
}
$res = process_sql("DELETE FROM tinvoice WHERE id = {$id}");
if ($res > 0) {
echo 'Successfully deleted';
$company_name = get_db_value('name', 'tcompany', 'id', $invoice['id_company']);
audit_db($config["id_user"], $config["REMOTE_ADDR"], "Invoice deleted", "Invoice Bill ID: " . $invoice['bill_id'] . ", Company: {$company_name}");
}
}
return;
break;
case 'delete_lead':
$assigned_role .= get_task_workunit_hours_user ($id_task, $row["id_user"]);
$assigned_role .= "</a></b></td>";
if ($task_permission["manage"]) {
$assigned_role .= "<td>";
$offset=0;
$assigned_role .= "<a href='#' onClick='javascript: show_validation_delete_general(\"delete_people_task_human\",".$id_project.",".$id_task.",".$row['id'].",\"".$search_params."\");'><img src='images/cross.png' title='".__('Delete')."'></a>";
}
}
}
$assigned_role .= "</table>";
}
else {
$sql = "SELECT COUNT(*) total FROM trole_people_project WHERE id_project = $id_project";
$result = get_db_row_sql($sql);
$assigned_role = "<table class='listing'>";
if ($result["total"] > 0) {
$sql = "SELECT * FROM trole_people_project WHERE id_project = $id_project";
$result = get_db_all_rows_sql($sql);
$assigned_role .= "<th>".__('User');
$assigned_role .= "<th>".__('Role');
$assigned_role .= "<th>".__('Total work time (Hrs)');
$columns = 2;
if ($project_permission["manage"]) {
$assigned_role .= "<th>".__('Delete');
$columns = 3;
}
/**
* Get the row of a table in the database using a complex filter.
*
* @param string Table to retrieve the data (warning: not cleaned)
* @param mixed Filters elements. It can be an indexed array
* (keys would be the field name and value the expected value, and would be
* joined with an AND operator) or a string, including any SQL clause (without
* the WHERE keyword). Example:
<code>
Both are similars:
get_db_row_filter ('table', array ('disabled', 0));
get_db_row_filter ('table', 'disabled = 0');
Both are similars:
get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name, description', 'OR');
get_db_row_filter ('table', 'disabled = 0 OR history_data = 0', 'name, description');
get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), array ('name', 'description'), 'OR');
</code>
* @param mixed Fields of the table to retrieve. Can be an array or a coma
* separated string. All fields are retrieved by default
* @param string Condition to join the filters (AND, OR).
*
* @return mixed Array of the row or false in case of error.
*/
function get_db_row_filter($table, $filter, $fields = false, $where_join = 'AND')
{
if (empty($fields)) {
$fields = '*';
} else {
if (is_array($fields)) {
$fields = implode(',', $fields);
} else {
if (!is_string($fields)) {
return false;
}
}
}
if (is_array($filter)) {
$filter = format_array_to_where_clause_sql($filter, $where_join, ' WHERE ');
} else {
if (is_string($filter)) {
$filter = 'WHERE ' . $filter;
} else {
$filter = '';
}
}
$sql = sprintf('SELECT %s FROM %s %s', $fields, $table, $filter);
return get_db_row_sql($sql);
}
/**
* process_user_login accepts $login and $pass and handles it according to current authentication scheme
*
* @param string $login
* @param string $pass
*
* @return mixed False in case of error or invalid credentials, the username in case it's correct.
*/
function process_user_login($login, $pass)
{
global $config, $mysql_cache;
include_once $config['homedir'] . "/include/functions_profile.php";
// Always authenticate admins against the local database
if (strtolower($config["auth_methods"]) == 'mysql' || dame_admin($login)) {
$sql = sprintf("SELECT `id_usuario`, `password` FROM `tusuario` WHERE `disabled` = 0 AND `id_usuario` = '%s' AND `enable_login` = 1", $login);
$row = get_db_row_sql($sql);
//Check that row exists, that password is not empty and that password is the same hash
if ($row !== false && $row["password"] !== md5("") && $row["password"] == md5($pass)) {
// Login OK
// Nick could be uppercase or lowercase (select in MySQL
// is not case sensitive)
// We get DB nick to put in PHP Session variable,
// to avoid problems with case-sensitive usernames.
// Thanks to David Muñiz for Bug discovery :)
return $row["id_usuario"];
} else {
$mysql_cache["auth_error"] = "User not found in database or incorrect password";
}
return false;
// Remote authentication
} else {
switch ($config["auth_methods"]) {
// LDAP
case 'ldap':
$sql = sprintf("SELECT `disabled` FROM `tusuario` WHERE `id_usuario` = '%s'", $login);
$disabled = get_db_sql($sql);
// Check if user is disabled
if ($disabled == 1) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
if (ldap_process_user_login($login, $pass) === false) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
break;
// Active Directory
// Active Directory
case 'ad':
if (enterprise_hook('ad_process_user_login', array($login, $pass)) === false) {
return false;
}
break;
// Remote Pandora FMS
/* case 'pandora':
break;
// Remote Babel Enterprise
case 'babel':
break;
// Remote Integria
case 'integria':
break; */
// Unknown authentication method
// Remote Pandora FMS
/* case 'pandora':
break;
// Remote Babel Enterprise
case 'babel':
break;
// Remote Integria
case 'integria':
break; */
// Unknown authentication method
default:
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
// Authentication ok, check if the user exists in the local database
if (is_user($login)) {
return $login;
}
// The user does not exist and can not be created
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted($login)) {
$config["auth_error"] = "Ooops User not found in database or incorrect password";
return false;
}
// Create the user in the local database
if (create_user($login, $pass, array('nombre_real' => $login, 'comentarios' => 'Imported from ' . $config['auth_methods'])) === false) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
profile_create_user_profile($login, $config['default_remote_profile'], $config['default_remote_group']);
return $login;
}
return false;
}
}
if (isset($_GET["borrar_grupo"])) {
$grupo = get_parameter('borrar_grupo');
enterprise_hook('delete_group');
}
$action = get_parameter("action", "edit");
$alta = get_parameter("alta");
///////////////////////////////
// LOAD USER VALUES
///////////////////////////////
if (($action == 'edit' || $action == 'update') && !$alta) {
$modo = "edicion";
$update_user = safe_output(get_parameter("update_user", ""));
// Read user data to include in form
$sql = "SELECT * FROM tusuario WHERE id_usuario = '" . safe_input($update_user) . "'";
$rowdup = get_db_row_sql($sql);
if ($rowdup === false) {
echo "<h3 class='error'>" . __('There was a problem loading user') . "</h3>";
echo "</table>";
include "general/footer.php";
exit;
} else {
$password = $rowdup["password"];
$comentarios = $rowdup["comentarios"];
$direccion = $rowdup["direccion"];
$telefono = $rowdup["telefono"];
$nivel = $rowdup["nivel"];
$nombre_real = $rowdup["nombre_real"];
$avatar = $rowdup["avatar"];
$lang = $rowdup["lang"];
$disabled = $rowdup["disabled"];
function api_get_invoice($return_type, $params)
{
global $config;
$bill_id = trim($params);
$sql = sprintf('SELECT * FROM tinvoice WHERE bill_id = "%s"', $bill_id);
$res = get_db_row_sql($sql);
$data = array();
if ($res) {
//Create and CSV array
$data = array("id" => $res["id"], "id_user" => $res["id_user"], "id_task" => $res["id_task"], "id_company" => $res["id_company"], "bill_id" => $res["bill_id"], "concept1" => $res["concept1"], "concept2" => $res["concept2"], "concept3" => $res["concept3"], "concept4" => $res["concept4"], "concept5" => $res["concept5"], "amount1" => $res["amount1"], "amount2" => $res["amount2"], "amount3" => $res["amount3"], "amount4" => $res["amount4"], "amount5" => $res["amount5"], "tax" => $res["tax"], "currency" => $res["currency"], "description" => $res["description"], "id_attachment" => $res["id_attachment"], "locked" => $res["locked"], "locked_id_user" => $res["locked_id_user"], "invoice_create_date" => $res["invoice_create_date"], "invoice_payment_date" => $res["invoice_payment_date"], "status" => $res["status"], "reference" => $res["reference"], "internal_note" => $res["internal_note"], "invoice_type" => $res["invoice_type"], "id_language" => $res["id_language"]);
}
if ($return_type == 'xml') {
$return = "<xml>\n";
$return .= "<invoice>\n";
foreach ($data as $key => $value) {
$return .= "<" . $key . ">";
$return .= "<![CDATA[" . $value . "]]>";
$return .= "</" . $key . ">\n";
}
$return .= "</invoice>\n";
$return .= "</xml>\n";
} else {
$return = array_to_csv($data);
}
return $return;
}
echo '<h3 class="error">' . __('Could not be created') . '</h3>';
} else {
$show_fields = true;
echo '<h3 class="suc">' . __('Successfully created') . '</h3>';
audit_db($config["id_user"], $config["REMOTE_ADDR"], "Ticket Management", "Created ticket type {$id} - " . $values['name']);
}
} else {
echo '<h3 class="error">' . __('Type name empty') . '</h3>';
}
//$id = 0;
$sql_global_ids = "SELECT DISTINCT (global_id)\n\t\t\t\tFROM tincident_type_field\n\t\t\t\tWHERE global_id != 0";
$global_ids = get_db_all_rows_sql($sql_global_ids);
if ($global_ids) {
foreach ($global_ids as $global_id) {
$sql = "SELECT * FROM tincident_type_field WHERE id=" . $global_id['global_id'];
$type_field = get_db_row_sql($sql);
$value['id_incident_type'] = $id;
$value['label'] = $type_field["label"];
$value['type'] = $type_field["type"];
$value['combo_value'] = $type_field["combo_value"];
$value['linked_value'] = $type_field["linked_value"];
$value['show_in_list'] = $type_field["show_in_list"];
$value['global_id'] = $type_field["global_id"];
$result = process_sql_insert('tincident_type_field', $value);
if (!$result) {
echo '<h3 class="error">' . __('There was a problem creating global field for type could not be created for type: ') . " " . $global_id["global_id"] . '</h3>';
}
}
}
}
// UPDATE
UNION
SELECT MIN(tw2.timestamp) AS first_wu,
MAX(tw2.timestamp) AS last_wu
FROM tworkunit tw2
INNER JOIN (
SELECT twi.id_workunit
FROM tworkunit_incident twi
INNER JOIN tincidencia ti
ON twi.id_incident = ti.id_incidencia
AND ti.id_task = %d
) twin
ON tw2.id = twin.id_workunit
) final', $task['id'], $task['id']);
$dates_wu = get_db_row_sql($sql);
$task['first_wu'] = __('N/A');
$task['last_wu'] = __('N/A');
if (!empty($dates_wu)) {
if (!empty($dates_wu['first_wu'])) {
$task['first_wu'] = $dates_wu['first_wu'];
}
if (!empty($dates_wu['last_wu'])) {
$task['last_wu'] = $dates_wu['last_wu'];
}
}
// Get the people involved in the task through wu
$sql = sprintf('SELECT final.id_user AS id_user,
SUM(final.duration) AS total_time
FROM (
SELECT tw1.id_user, tw1.duration
if ($group['enforce_soft_limit'] == 0) {
echo "//";
echo "enable_button";
}
else {
echo ".<br><br> ". __('You cannot create more tickets in this group until you close an active ticket.');
echo "//";
echo "disable_button";
}
}
else {
echo "correct";
$inventoryObject = get_db_row_sql('SELECT * FROM tinventory
WHERE id IN (
SELECT id_inventory_default
FROM tgrupo
WHERE id_grupo = ' . $id_group . ')');
if ($inventoryObject !== false) {
echo "//";
echo $inventoryObject['id'];
echo "//";
echo $inventoryObject['name'];
}
else {
echo "//";
echo "null";
}
}
}
if (isset($_GET["update2"])) {
$_GET["update"] = $id;
}
// CREATE form
if (isset($_GET["create"]) or isset($_GET["update"])) {
if (isset($_GET["create"])) {
$data = "";
$title = "";
$id = -1;
$id_product = 1;
$id_category = 1;
$id_language = '';
$id_incident = (int) get_parameter("id_incident", 0);
if ($id_incident) {
// Get incident data
$incident = get_db_row_sql('SELECT titulo, descripcion, epilog FROM tincidencia WHERE id_incidencia = ' . $id_incident);
if ($incident !== false) {
$title = $incident['titulo'];
$data = $incident['descripcion'] . "\n\n" . $incident['epilog'];
}
}
} else {
$id = get_parameter("update", -1);
$row = get_db_row("tkb_data", "id", $id);
$data = $row["data"];
$title = $row["title"];
$id_product = $row["id_product"];
$id_language = $row["id_language"];
$id_category = $row["id_category"];
if ($id != -1 && !check_kb_item_accessibility($id_user, $id)) {
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item");
function projects_get_cost_task_by_profile($id_task, $id_profile = false, $have_cost = false)
{
if ($id_profile) {
if ($have_cost) {
$sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND id_profile= {$id_profile}\n\t\t\t\t\tAND have_cost = 1\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile";
} else {
$sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND id_profile= {$id_profile}\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile";
}
} else {
//all profiles
if ($have_cost) {
$sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND have_cost = 1\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile";
} else {
$sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile";
}
}
$duration = get_db_row_sql($sql);
$total = 0;
if ($duration != false) {
$role_info = get_db_row_sql("SELECT name, cost FROM trole WHERE id = " . $duration['id_profile']);
if ($role_info != false) {
$cost_per_hour = $role_info['cost'];
$profile_name = $role_info['name'];
$total = $cost_per_hour * $duration['total_duration'];
}
}
return $total;
}
