$guest_account = true; include './include/auth.php'; include $config['library_path'] . '/reports.php'; include $config['library_path'] . '/html_reports.php'; define('MAX_DISPLAY_PAGES', 21); input_validate_input_number(get_request_var_request('id')); /* set default action */ if (!isset($_REQUEST['action'])) { $_REQUEST['action'] = ''; } switch ($_REQUEST['action']) { case 'save': reports_form_save(); break; case 'send': reports_send($_REQUEST['id']); header('Location: reports_user.php?action=edit&tab=' . $_REQUEST['tab'] . '&id=' . $_REQUEST['id']); break; case 'actions': reports_form_actions(); break; case 'item_movedown': reports_item_movedown(); header('Location: reports_user.php?action=edit&tab=items&id=' . $_REQUEST['id']); break; case 'item_moveup': reports_item_moveup(); header('Location: reports_user.php?action=edit&tab=items&id=' . $_REQUEST['id']); break; case 'item_remove': reports_item_remove();
function reports_form_actions() { global $config, $reports_actions; include_once $config['base_path'] . '/lib/reports.php'; /* ================= input validation ================= */ input_validate_input_number(get_request_var_post('drp_action')); /* ==================================================== */ /* if we are to save this form, instead of display it */ if (isset($_POST['selected_items'])) { $selected_items = unserialize(stripslashes($_POST['selected_items'])); if ($_POST['drp_action'] == REPORTS_DELETE) { /* delete */ db_execute('DELETE FROM reports WHERE ' . array_to_sql_or($selected_items, 'id')); db_execute('DELETE FROM reports_items WHERE ' . str_replace('id', 'report_id', array_to_sql_or($selected_items, 'id'))); } elseif ($_POST['drp_action'] == REPORTS_OWN) { /* take ownership */ for ($i = 0; $i < count($selected_items); $i++) { /* ================= input validation ================= */ input_validate_input_number($selected_items[$i]); /* ==================================================== */ reports_log(__FUNCTION__ . ', takeown: ' . $selected_items[$i] . ' user: '******'sess_user_id'], false, 'REPORTS TRACE', POLLER_VERBOSITY_MEDIUM); db_execute('UPDATE reports SET user_id=' . $_SESSION['sess_user_id'] . ' WHERE id=' . $selected_items[$i]); } } elseif ($_POST['drp_action'] == REPORTS_DUPLICATE) { /* duplicate */ for ($i = 0; $i < count($selected_items); $i++) { /* ================= input validation ================= */ input_validate_input_number($selected_items[$i]); /* ==================================================== */ reports_log(__FUNCTION__ . ', duplicate: ' . $selected_items[$i] . ' name: ' . $_POST['name_format'], false, 'REPORTS TRACE', POLLER_VERBOSITY_MEDIUM); duplicate_report($selected_items[$i], $_POST['name_format']); } } elseif ($_POST['drp_action'] == REPORTS_ENABLE) { /* enable */ for ($i = 0; $i < count($selected_items); $i++) { /* ================= input validation ================= */ input_validate_input_number($selected_items[$i]); /* ==================================================== */ reports_log(__FUNCTION__ . ', enable: ' . $selected_items[$i], false, 'REPORTS TRACE', POLLER_VERBOSITY_MEDIUM); db_execute("UPDATE reports SET enabled='on' WHERE id=" . $selected_items[$i]); } } elseif ($_POST['drp_action'] == REPORTS_DISABLE) { /* disable */ for ($i = 0; $i < count($selected_items); $i++) { /* ================= input validation ================= */ input_validate_input_number($selected_items[$i]); /* ==================================================== */ reports_log(__FUNCTION__ . ', disable: ' . $selected_items[$i], false, 'REPORTS TRACE', POLLER_VERBOSITY_MEDIUM); db_execute("UPDATE reports SET enabled='' WHERE id=" . $selected_items[$i]); } } elseif ($_POST['drp_action'] == REPORTS_SEND_NOW) { /* send now */ include_once $config['base_path'] . '/lib/reports.php'; $message = ''; for ($i = 0; $i < count($selected_items); $i++) { /* ================= input validation ================= */ input_validate_input_number($selected_items[$i]); /* ==================================================== */ $_SESSION['reports_message'] = ''; $_SESSION['reports_error'] = ''; reports_send($selected_items[$i]); if (isset($_SESSION['reports_message']) && strlen($_SESSION['reports_message'])) { $message .= (strlen($message) ? '<br>' : '') . $_SESSION['reports_message']; } if (isset($_SESSION['reports_error']) && strlen($_SESSION['reports_error'])) { $message .= (strlen($message) ? '<br>' : '') . "<span style='color:red;'>" . $_SESSION['reports_error'] . '</span>'; } } if (strlen($message)) { $_SESSION['reports_message'] = $message; raise_message('reports_message'); } } header('Location: ' . get_reports_page()); exit; } /* setup some variables */ $reports_list = ''; $i = 0; /* loop through each of the graphs selected on the previous page and get more info about them */ while (list($var, $val) = each($_POST)) { if (preg_match('/^chk_([0-9]+)$/', $var, $matches)) { /* ================= input validation ================= */ input_validate_input_number($matches[1]); /* ==================================================== */ $reports_list .= '<li>' . db_fetch_cell('SELECT name FROM reports WHERE id=' . $matches[1]) . '</li>'; $reports_array[$i] = $matches[1]; $i++; } } general_header(); ?> <script type='text/javascript'> <!-- function goTo(location) { document.location = location; } --> </script><?php print "<form name='report' action='" . get_reports_page() . "' method='post'>"; html_start_box('<strong>' . $reports_actions[$_POST['drp_action']] . '</strong>', '60%', '', '3', 'center', ''); if (!isset($reports_array)) { print "<tr><td class='even'><span class='textError'>You must select at least one Report.</span></td></tr>\n"; $save_html = ''; } else { $save_html = "<input type='submit' value='Yes' name='save'>"; if ($_POST['drp_action'] == REPORTS_DELETE) { /* delete */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>Are you sure you want to delete the following Reports?</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } elseif (is_reports_admin() && $_POST['drp_action'] == REPORTS_OWN) { /* take ownership */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>Are you sure you wish to take ownership of the following reports?</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } elseif ($_POST['drp_action'] == REPORTS_DUPLICATE) { /* duplicate */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>When you click save, the following Reports will be duplicated. You can\n\t\t\t\t\toptionally change the title format for the new Reports.</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t\t<p><strong>Name Format:</strong><br>"; form_text_box('name_format', '<name> (1)', '', '255', '30', 'text'); print "</p>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } elseif ($_POST['drp_action'] == REPORTS_ENABLE) { /* enable */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>Are you sure you wish to enable the following reports?</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t\t<p><strong>Make sure, that those Reports have successfully been tested!</strong></p>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } elseif ($_POST['drp_action'] == REPORTS_DISABLE) { /* disable */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>Are you sure you wish to disable the following reports?</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } elseif ($_POST['drp_action'] == REPORTS_SEND_NOW) { /* send now */ print "\t<tr>\n\t\t\t\t<td class='textArea'>\n\t\t\t\t\t<p>Are you sure you want to send the following reports now?</p>\n\t\t\t\t\t<ul>{$reports_list}</ul>\n\t\t\t\t</td>\n\t\t\t</tr>\n\n\t\t\t"; } } print "\t<tr>\n\t\t<td align='right' class='saveRow'>\n\t\t\t<input type='hidden' name='action' value='actions'>\n\t\t\t<input type='hidden' name='selected_items' value='" . (isset($reports_array) ? serialize($reports_array) : '') . "'>\n\t\t\t<input type='hidden' name='drp_action' value='" . $_POST['drp_action'] . "'>\n\t\t\t<input type='button' onClick='goTo(\"" . get_reports_page() . "\")' value='" . ($save_html == '' ? 'Return' : 'No') . "' name='cancel'>\n\t\t\t{$save_html}\n\t\t</td>\n\t</tr>"; html_end_box(); bottom_footer(); }