function portal_incident_table($sql)
{
global $CONFIG, $showclosed;
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$numincidents = mysql_num_rows($result);
if ($numincidents >= 1) {
$shade = 'shade1';
$html .= "<table align='center' width='70%'>";
$html .= "<tr>";
$html .= colheader('id', $GLOBALS['strID']);
$html .= colheader('title', $GLOBALS['strTitle']);
$html .= colheader('owner', $GLOBALS['strOwner']);
$html .= colheader('lastupdated', $GLOBALS['strLastUpdated']);
$html .= colheader('contact', $GLOBALS['strContact']);
$html .= colheader('status', $GLOBALS['strStatus']);
if ($showclosed != "true") {
$html .= colheader('actions', $GLOBALS['strOperation']);
}
$html .= "</tr>\n";
while ($incident = mysql_fetch_object($result)) {
$html .= "<tr class='{$shade}'><td align='center'>";
$html .= "<a href='incident.php?id={$incident->id}'>{$incident->id}</a></td>";
$html .= "<td>";
if (!empty($incident->softwareid)) {
$html .= software_name($incident->softwareid) . "<br />";
}
$html .= "<strong><a href='incident.php?id={$incident->id}'>{$incident->title}</a></strong></td>";
$html .= "<td align='center'>" . user_realname($incident->owner) . "</td>";
$html .= "<td align='center'>" . ldate($CONFIG['dateformat_datetime'], $incident->lastupdated) . "</td>";
$html .= "<td align='center'><a href='contactdetails.php?id={$incident->contactid}'>";
$html .= "{$incident->forenames} {$incident->surname}</a></td>";
$html .= "<td align='center'>" . incidentstatus_name($incident->status, external) . "</td>";
if ($showclosed != "true") {
$html .= "<td align='center'><a href='update.php?id={$incident->id}'>{$GLOBALS['strUpdate']}</a> | ";
//check if the customer has requested a closure
$lastupdate = list($update_userid, $update_type, $update_currentowner, $update_currentstatus, $update_body, $update_timestamp, $update_nextaction, $update_id) = incident_lastupdate($incident->id);
if ($lastupdate[1] == "customerclosurerequest") {
$html .= "{$GLOBALS['strClosureRequested']}</td>";
} else {
$html .= "<a href='close.php?id={$incident->id}'>{$GLOBALS['strRequestClosure']}</a></td>";
}
}
$html .= "</tr>";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
$html .= "</table>";
} else {
$html .= "<p class='info'>{$GLOBALS['strNoIncidents']}</p>";
}
return $html;
}
$quotereplace[4] = "<span class='quoteirrel'>\\1</span>";
$quotereplace[5] = "<span class='quoteirrel'>\\1</span>";
$quotereplace[6] = "<span class='quoteirrel'>\\1</span>";
$quotereplace[7] = "<span class='quote1'>\\1</span>";
$quotereplace[8] = "<span class='quote2'>\\1</span>";
$quotereplace[9] = "<span class='quote3'>\\1</span>";
$updatebody = preg_replace($quote, $quotereplace, $updatebody);
$updatebody = bbcode($updatebody);
//$updatebody = emotion($updatebody);
//"!(http:/{2}[\w\.]{2,}[/\w\-\.\?\&\=\#]*)!e"
// [\n\t ]+
$updatebody = preg_replace("!([\n\t ]+)(http[s]?:/{2}[\\w\\.]{2,}[/\\w\\-\\.\\?\\&\\=\\#\$\\%|;|\\[|\\]~:]*)!e", "'\\1<a href=\"\\2\" title=\"\\2\">'.(strlen('\\2')>=70 ? substr('\\2',0,70).'...':'\\2').'</a>'", $updatebody);
// Lookup some extra data
$updateuser = user_realname($update->userid, TRUE);
$updatetime = readable_date($update->timestamp);
$currentowner = user_realname($update->currentowner, TRUE);
$currentstatus = incident_status($update->currentstatus);
echo "<div class='detailhead' align='center'>";
//show update type icon
if (array_key_exists($update->type, $updatetypes)) {
if (!empty($update->sla) and $update->type == 'slamet') {
echo icon($slatypes[$update->sla]['icon'], 16, $update->type);
}
echo icon($updatetypes[$update->type]['icon'], 16, $update->type);
} else {
echo icon($updatetypes['research']['icon'], 16, $strResearch);
if ($update->sla != '') {
echo icon($slatypes[$update->sla]['icon'], 16, $update->type);
}
}
echo " {$updatetime}</div>";
} else {
trigger_error('User input error: ' . $error_string, E_USER_ERROR);
}
}
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
} elseif ($action == 'reassign') {
// External variables
$incidentid = cleanvar($_REQUEST['incidentid']);
$uid = cleanvar($_REQUEST['userid']);
$nextaction = cleanvar($_REQUST['nextaction']);
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo "<h2>{$strIncidentAdded} - {$strSummary}</h2>";
echo "<p align='center'>";
$incidentnum = "<a href=\"javascript:incident_details_window('{$incidentid}','incident{$incidentid}');\">{$strIncident} {$incidentid}</a>";
$queuename = "<strong style='color: red'>{$strActionNeeded}</strong>";
$name = user_realname($uid);
printf($strHasBeenAutoMovedToX, $incidentnum, $name, $queuename);
echo help_link('AutoAssignIncidents') . "</p><br /><br />";
$userphone = user_phone($userid);
if ($userphone != '') {
echo "<p align='center'>{$strTelephone}: {$userphone}</p>";
}
$sql = "UPDATE `{$dbIncidents}` SET owner='{$uid}', lastupdated='{$now}' WHERE id='{$incidentid}'";
mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
trigger('TRIGGER_INCIDENT_ASSIGNED', array('userid' => $uid, 'incidentid' => $incidentid));
// add update
$sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, nextaction) ";
$sql .= "VALUES ('{$incidentid}', '{$sit[2]}', 'reassigning', '{$now}', '{$uid}', '1', '{$nextaction}')";
switch ($mode) {
case 'edit':
$sql = "SELECT bodytext, duration FROM `{$dbUpdates}` WHERE id = {$updateid} AND duration IS NOT NULL AND duration != 0";
$oldduration = cleanvar($_REQUEST['oldduration']);
$reason = cleanvar($_REQUEST['reason']);
$newduration = cleanvar($_REQUEST['newduration']);
// In minutes
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) == 1) {
$obj = mysql_fetch_object($result);
if ($obj->duration == $oldduration) {
// Double check the oldduration thats been passed is whats in the DB
$text = "{$obj->bodytext}\n\n[b]Duration adjusted[/b] by " . user_realname($sit[2]) . " on " . ldate($CONFIG['dateformat_datetime'], $now) . " from " . ceil($obj->duration) . "minutes to {$newduration}minutes, reason given:\n---\n{$reason}\n---";
// FIXME should this be i18n? If so which language
// $newduration *= 60;
$usql = "UPDATE `{$dbUpdates}` SET bodytext = '" . mysql_real_escape_string($text) . "', duration = '{$newduration}' WHERE id = '{$updateid}'";
mysql_query($usql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
// Some error checking
if (mysql_affected_rows() < 1) {
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", FALSE, $strFailed);
} else {
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", TRUE, $strDurationUpdated);
}
} else {
// The value we've been passed isn't whats in the DB
}
}
if ($moved_attachments) {
// retrieve the update body so that we can insert time headers
$sql = "SELECT incidentid, bodytext, timestamp FROM `{$dbUpdates}` WHERE id='{$updateid}'";
$uresult = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
list($oldincidentid, $bodytext, $timestamp) = mysql_fetch_row($uresult);
if ($oldincidentid == 0) {
$oldincidentid = 'Inbox';
}
$prettydate = ldate('r', $timestamp);
// prepend 'moved' header to bodytext
$body = sprintf($SYSLANG['strMovedFromXtoXbyX'], "<b>{$oldincidentid}</b>", "<b>{$incidentid}</b>", "<b>" . user_realname($sit[2]) . "</b>") . "\n";
$body .= sprintf($SYSLANG['strOriginalMessageReceivedAt'], "<b>{$prettydate}</b>") . "\n";
$body .= $SYSLANG['strStatus'] . " -> <b>{$SYSLANG['strActive']}</b>\n";
$bodytext = $body . $bodytext;
$bodytext = mysql_real_escape_string($bodytext);
// move the update.
$sql = "UPDATE `{$dbUpdates}` SET incidentid='{$incidentid}', userid='{$sit[2]}', bodytext='{$bodytext}', timestamp='{$now}' WHERE id='{$updateid}'";
mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
//remove from tempincoming to prevent build up
$sql = "DELETE FROM `{$dbTempIncoming}` WHERE updateid='{$updateid}'";
mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
echo "<h2>" . sprintf($strIncidentsVerbBetweenDates, $type, $start_str, $end_str) . "</h2>";
}
echo "<table align='center'>";
if (mysql_num_rows($result) > 0) {
echo "<tr><th>{$strID}</th><th>{$strTitle}</th><th>{$strOpened}</th><th>{$strClosed}</th><th>{$strOwner}</th><th>{$strCustomer}</th><th>{$strSite}</th></tr>";
while ($row = mysql_fetch_array($result)) {
echo "<tr>";
echo "<td><a href=\"javascript:incident_details_window('{$row['id']}','incident{$row['id']}')\" class='info'>{$row['id']}</a></td>";
echo "<td><a href=\"javascript:incident_details_window('{$row['id']}','incident{$row['id']}')\" class='info'>{$row['title']}</a></td>";
echo "<td>" . date($CONFIG['dateformat_datetime'], $row['opened']) . "</td>";
if ($row['status'] != 2) {
echo "<td>{$strCurrentlyOpen}</td>";
} else {
echo "<td>" . date($CONFIG['dateformat_datetime'], $row['closed']) . "</td>";
}
echo "<td>" . user_realname($row['owner']) . "</td>";
$sql = "SELECT c.forenames, c.surname, s.name ";
$sql .= "FROM `{$dbContacts}` AS c, `{$dbSites}` AS s ";
$sql .= "WHERE s.id = c.siteid AND c.id = {$row['contact']}";
$contactResult = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
$contact = mysql_fetch_array($contactResult);
echo "<td>{$contact['forenames']} {$contact['surname']}</td>";
echo "<td>{$contact['name']}</td>";
echo "</tr>\n";
}
echo "</table>\n";
} else {
echo user_alert($strNoRecords, E_USER_WARNING);
echo " {$strMorning}";
}
if ($dates['length'] == 'pm') {
echo " {$strAfternoon}";
}
echo "</td>";
echo "<td>";
if (empty($dates['approvedby'])) {
echo " <em>{$strNotRequested}</em>";
} else {
echo "<strong>" . holiday_approval_status($dates['approved']) . "</strong>";
}
if ($dates['approvedby'] > 0 and $dates['approved'] >= 1) {
echo " by " . user_realname($dates['approvedby']);
} elseif ($dates['approvedby'] > 0 and empty($dates['approved'])) {
echo " of " . user_realname($dates['approvedby']);
}
echo "</td>";
echo "<td>";
if ($approver == TRUE) {
echo "<a href='holiday_add.php?hid={$dates['holidayid']}&year=";
echo substr($dates['date'], 0, 4) . "&month=" . substr($dates['date'], 5, 2);
echo "&day=" . substr($dates['date'], 8, 2) . "&user={$dates['userid']}";
echo "&type={$dates['type']}&length=0&return=list' ";
echo "onclick=\"return window.confirm('{$dates['realname']}: " . ldate('l jS F Y', mysql2date($dates['date']));
echo ": {$strAreYouSureDelete}');\">{$strDelete}</a>";
}
echo "</td></tr>\n";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$temparray['starttime'] = $startdate;
$temparray['duration'] = $duration;
$billing[$task->owner][] = $temparray;
}
$totalduration += $duration;
echo "<td>" . format_date_friendly($lastupdated) . "</td>";
}
if ($show == 'completed') {
echo "<td>";
if ($enddate > 0) {
echo ldate($CONFIG['dateformat_date'], $enddate);
}
echo "</td>";
}
if ($mode == 'incident' or $show == 'incidents') {
echo "<td>" . user_realname($task->owner) . "</td>";
if ($task->owner == $sit[2] and $enddate == '0') {
$engineerhasrunnintask = TRUE;
}
}
if ($mode == 'incident' and $enddate == '0') {
echo "<td><a href='view_task.php?id={$task->id}&mode=incident&incident={$id}' class='info'>";
echo "{$strViewActivity}</a></td>";
} elseif ($mode == 'incident') {
echo "<td></td>";
}
echo "</tr>\n";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
function dashboard_tasks($dashletid)
{
global $sit, $CONFIG, $iconset, $dbTasks;
$user = $sit[2];
if ($CONFIG['tasks_enabled'] == TRUE) {
$sql = "SELECT * FROM `{$dbTasks}` WHERE owner='{$user}' AND (completion < 100 OR completion='' OR completion IS NULL) AND ";
$sql .= "(distribution = 'public' OR distribution = 'private') ";
if (!empty($sort)) {
if ($sort == 'id') {
$sql .= "ORDER BY id ";
} elseif ($sort == 'name') {
$sql .= "ORDER BY name ";
} elseif ($sort == 'priority') {
$sql .= "ORDER BY priority ";
} elseif ($sort == 'completion') {
$sql .= "ORDER BY completion ";
} elseif ($sort == 'startdate') {
$sql .= "ORDER BY startdate ";
} elseif ($sort == 'duedate') {
$sql .= "ORDER BY duedate ";
} elseif ($sort == 'distribution') {
$sql .= "ORDER BY distribution ";
} else {
$sql = "ORDER BY id ";
}
if ($order == 'a' or $order == 'ASC' or $order = '') {
$sql .= "ASC";
} else {
$sql .= "DESC";
}
} else {
$sql .= "ORDER BY IF(duedate,duedate,99999999) ASC, duedate ASC, startdate DESC, priority DESC, completion ASC";
}
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) >= 1) {
$content .= "<table align='center' width='100%'>";
$content .= "<tr>";
$content .= colheader('id', $GLOBALS['strID']);
$content .= colheader('name', $GLOBALS['strTask']);
$content .= colheader('priority', $GLOBALS['strPriority']);
$content .= colheader('completion', $GLOBALS['strCompletion']);
$content .= "</tr>\n";
$shade = 'shade1';
while ($task = mysql_fetch_object($result)) {
$duedate = mysql2date($task->duedate);
$startdate = mysql2date($task->startdate);
if (empty($task->name)) {
$task->name = $GLOBALS['strUntitled'];
}
$content .= "<tr class='{$shade}'>";
$content .= "<td>{$task->id}</td>";
$content .= "<td><a href='view_task.php?id={$task->id}' class='info'>" . truncate_string($task->name, 23);
if (!empty($task->description)) {
$content .= "<span>" . nl2br($task->description) . "</span>";
}
$content .= "</a></td>";
$content .= "<td>" . priority_icon($task->priority) . priority_name($task->priority) . "</td>";
$content .= "<td>" . percent_bar($task->completion) . "</td>";
$content .= "</tr>\n";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
$content .= "</table>\n";
} else {
$content .= "<p align='center'>{$GLOBALS['strNoRecords']}</p>";
}
} else {
$content .= "<p class='warning'>{$GLOBALS['strDisabled']}</p>";
}
echo dashlet('tasks', $dashletid, icon('task', 16), sprintf($GLOBALS['strXsTasks'], user_realname($user, TRUE)), 'tasks.php', $content);
}
} elseif ($rowcount >= 4) {
echo "Various";
}
echo "<br /><a href='kb_view_article.php?id={$kbarticle->docid}' class='info'>{$kbarticle->title}";
$asql = "SELECT LEFT(content,400) FROM `{$dbKBContent}` WHERE docid='{$kbarticle->docid}' ORDER BY id ASC LIMIT 1";
$aresult = mysql_query($asql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
list($content) = mysql_fetch_row($aresult);
$content = strip_tags(remove_slashes($content));
echo "<span>{$content}</span>";
echo "</a>";
echo "</td>";
echo "<td>" . ldate($CONFIG['dateformat_date'], mysql2date($kbarticle->published)) . "</td>";
echo "<td>" . user_realname($kbarticle->author) . "</td>";
echo "<td>{$kbarticle->keywords}</td>";
echo "</tr>\n";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "</table>\n";
} else {
echo "<p align='center'>{$strNoResults}</p>";
}
// echo "<!---SQL === $sql --->";
echo "<p align='center'><a href='kb_article.php'>{$strAddNew}</a></p>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
}
echo "<tr><th>{$strLocation}:</th><td><a href=\"ftp://{$CONFIG['ftp_hostname']}{$ftp_path}{$obj->filename}\"><code>";
echo "ftp://{$CONFIG['ftp_hostname']}{$ftp_path}{$obj->filename}</code></a></td></tr>\n";
echo "<tr><th>{$strTitle}:</th><td>";
echo "<input type='text' size='40' name='shortdescription' value='{$obj->shortdescription}' />";
echo "</td></tr>\n";
echo "<tr><th>{$strCategory}:</th><td>";
echo "<input type='text' size='40' name='webcategory' value='{$obj->webcategory}' />";
echo "</td></tr>\n";
echo "<tr><th>{$strDescription}:</th><td>";
echo "<textarea rows='6' cols='40' name='longdescription'>{$obj->longdescription}</textarea>";
echo "</td></tr>\n";
echo "<tr><th>{$strFileVersion}:</th><td>";
echo "<input type='text' size='40' name='fileversion' value='{$obj->fileversion}' />";
echo "</td></tr>\n";
echo "<tr><th>{$strFileDate}:</th><td>" . ldate('D jS M Y @ g:i A', $obj->filedate) . " {$strby} " . user_realname($obj->userid, TRUE) . "</td></tr>\n";
if ($obj->expiry > 0) {
echo "<tr><th>{$strExpiryDate}</th><td>" . ldate('D jS M Y @ g:i A', $obj->expiry) . " </td></tr>\n";
}
echo "</table>\n\n";
echo "<input type='hidden' name='id' value='{$id}' />";
echo "<input type='hidden' name='mode' value='save' />";
echo "<p align='center'><input type='submit' value='{$strSavePublish}' /></p>";
echo "</form>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
break;
case 'save':
$shortdescription = mysql_real_escape_string($_REQUEST['shortdescription']);
$longdescription = mysql_real_escape_string($_REQUEST['longdescription']);
$fileversion = mysql_real_escape_string($_REQUEST['fileversion']);
$webcategory = mysql_real_escape_string($_REQUEST['webcategory']);
$startdate = mysql2date($task->startdate);
$duedate = mysql2date($task->duedate);
$enddate = mysql2date($task->enddate);
echo "<table class='vertical' width='100%'>";
echo "<tr><th>{$strTitle}</th>";
echo "<td>{$task->name}</td></tr>";
echo "<tr><th>{$strDescription}</th>";
echo "<td>" . nl2br($task->description) . "</td></tr>";
if ($task->distribution == 'public') {
echo "<tr><th>{$strTags}:</th><td>";
echo list_tags($taskid, 4);
echo "</td></tr>";
}
if ($task->owner != $sit[2]) {
echo "<tr><th>{$strOwner}</th>";
echo "<td>" . user_realname($task->owner, TRUE) . "</td></tr>";
}
echo "<tr><th>{$strPriority}</th>";
echo "<td>" . priority_icon($task->priority) . ' ' . priority_name($task->priority) . "</td></tr>";
echo "<tr><th>{$strStartDate}</th>";
echo "<td>";
if ($startdate > 0) {
echo ldate($CONFIG['dateformat_datetime'], $startdate);
}
echo "</td></tr>";
echo "<tr><th>{$strDueDate}</th>";
echo "<td>";
if ($duedate > 0) {
echo ldate($CONFIG['dateformat_datetime'], $duedate);
}
echo "</td></tr>";
function dashboard_user_incidents($dashletid)
{
$title = sprintf($GLOBALS['strUserIncidents'], user_realname($_SESSION['userid'], TRUE));
//"({$GLOBALS['strActionNeeded']})";
echo dashlet('user_incidents', $dashletid, icon('support', 16), $title, 'incidents.php?user=current&queue=1&type=support', $content);
}
$user = $sit[2];
} else {
$user = cleanvar($_REQUEST['user']);
}
$title = $strEditUserSkills;
if (empty($submit)) {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
$sql = "SELECT * FROM `{$dbUserSoftware}` AS us, `{$dbSoftware}` AS s WHERE us.softwareid = s.id AND userid = '{$user}' ORDER BY name";
$result = mysql_query($sql);
if (mysql_num_rows($result) >= 1) {
while ($software = mysql_fetch_object($result)) {
$expertise[] = $software->id;
}
}
echo "<h2>" . icon('skill', 32) . " ";
echo sprintf($strSkillsFor, user_realname($user, TRUE)) . "</h2>";
echo "<p align='center'>{$strSelectYourSkills}</p>";
echo "<form name='softwareform' action='{$_SERVER['PHP_SELF']}' method='post' onsubmit=\"populateHidden(document.softwareform.elements['expertise[]'],document.softwareform.choices)\">";
echo "<table align='center'>";
echo "<tr><th>{$strNOSkills}</th><th> </th><th>{$strHAVESkills}</th></tr>";
echo "<tr><td align='center' width='300' class='shade1'>";
$sql = "SELECT * FROM `{$dbSoftware}` ORDER BY name";
$result = mysql_query($sql);
if (mysql_num_rows($result) >= 1) {
echo "\n<select name='noskills[]' multiple='multiple' size='20' style='width: 100%; min-width: 200px;'>";
while ($software = mysql_fetch_object($result)) {
if (is_array($expertise)) {
if (!in_array($software->id, $expertise)) {
echo "<option value='{$software->id}'>{$software->name}</option>\n";
}
} else {
$dashboardstr = $obj->dashboard;
$dashboardcomponents = explode(",", $obj->dashboard);
}
if (empty($dashboardid)) {
foreach ($dashboardcomponents as $db) {
$c = explode("-", $db);
$ondashboard[$c[1]] = $c[1];
}
include APPLICATION_INCPATH . 'htmlheader.inc.php';
$sql = "SELECT * FROM `{$dbDashboard}` WHERE enabled = 'true'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
echo "<h2>" . icon('dashboard', 32) . " {$strDashboard}: ";
echo user_realname($sit[2]) . "</h2>\n";
if (mysql_num_rows($result) > 0) {
echo "<table align='center'>\n";
while ($obj = mysql_fetch_object($result)) {
if (empty($ondashboard[$obj->id])) {
//not already on dashbaord
echo "<tr><th>{$strName}:</th><td>{$obj->name}</td><td><a href='{$_SERVER['PHP_SELF']}?action=add&id={$obj->id}'>{$strAdd}</a></td></tr>\n";
} else {
echo "<tr><th>{$strName}:</th><td>{$obj->name}</td><td><a href='{$_SERVER['PHP_SELF']}?action=remove&id={$obj->id}'>{$strRemove}</a></td></tr>\n";
}
}
echo "</table>\n";
} else {
echo "<p class='info'>{$strNoDashletsInstalled}</p>";
}
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
echo "<tr><th>{$strInventoryItems}</th><th>{$strPrivacy}</th>";
echo "<th>{$strOwner}</th><th>{$strActions}</th></tr>";
$shade = 'shade1';
while ($row = mysql_fetch_object($result)) {
echo "<tr class='{$shade}'><td>" . icon('inventory', 16);
echo " {$row->name}, {$CONFIG['inventory_types'][$row->type]}";
if ($row->active != 1) {
echo " (inactive)";
}
echo "</td><td align='center'>";
if ($row->privacy == 'private') {
echo icon('private', 16);
} elseif ($row->privacy == 'adminonly') {
echo icon('review', 16, $strAdmin);
}
echo "</td><td>" . user_realname($row->createdby) . "</td><td>";
if ($row->privacy == 'private' and $sit[2] != $row->createdby or $row->privacy == 'adminonly' and !user_permission($sit[2], 22)) {
echo "{$strView}</a> ";
echo "{$strEdit}</td></tr>";
} else {
echo "<a href='inventory_view.php?id={$row->id}'>{$strView}</a> ";
echo "<a href='inventory_edit.php?id={$row->id}'>{$strEdit}</td></tr>";
}
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "</table>";
echo "<p align='center'>" . icon('add', 16);
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
$countusers = mysql_num_rows($result);
echo "<p style='font-size: 18px'>{$strOwner}: <strong>";
if ($sit[2] == $incident->owner) {
echo "{$strYou} (" . user_realname($incident->owner, TRUE) . ")";
} else {
echo user_realname($incident->owner, TRUE);
}
echo "</strong>";
if ($incident->towner > 0) {
echo " ({$strTemp}: ";
if ($sit[2] == $incident->towner) {
echo "{$strYou} (" . user_realname($incident->towner, TRUE) . ")";
} else {
echo user_realname($incident->towner, TRUE);
}
echo ")";
}
echo "</p>";
if ($countusers > 0 or $countusers == 0 and $suggested > 0) {
echo "<div id='reassignlist'>";
echo "<table align='center'>";
if ($countusers >= 1 and $suggested > 0) {
echo "<thead>\n";
}
echo "<tr>\n <th colspan='2'>{$strReassignTo}:</th>\n <th colspan='5'>{$strIncidentsinQueue}</th>\n <th>{$strAccepting}</th>\n </tr>";
echo "<tr>\n <th>{$strName}</th>\n <th>{$strStatus}</th>\n <th align='center'>{$strActionNeeded} / {$strOther}</th>";
echo "<th align='center'>" . priority_icon(4) . "</th>";
echo "<th align='center'>" . priority_icon(3) . "</th>";
echo "<th align='center'>" . priority_icon(2) . "</th>";
echo $begin + $resultsperpage . "&sort={$sort}&order={$order}&view={$view}'>{$strNext} ";
echo icon('rightarrow', 16, $strNext) . "</a> ";
} else {
echo "{$strNext}";
}
echo "</p>";
echo "<table align='center' width='80%'>";
$filter['domain'] = 'kb';
echo "<tr>" . colheader(id, $strID, $sort, $order, $filter);
echo colheader(title, $strTitle, $sort, $order, $filter);
echo colheader(date, $strDate, $sort, $order, $filter);
echo colheader(author, $strAuthor, $sort, $order, $filter);
echo colheader(keywords, $strKeywords, $sort, $order, $filter);
$shade = 'shade1';
while ($row = mysql_fetch_object($kbresult)) {
echo "<tr class='{$shade}'>\n <td><a href='kb_view_article.php?id={$row->docid}'>\n {$CONFIG['kb_id_prefix']}{$row->docid}</a></td>\n <td>{$row->title}</td>\n <td>{$row->published}</td>\n <td>" . user_realname($row->author) . "</td>\n <td>{$row->keywords}</td>\n </tr>";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "</table>";
}
$sql = "SELECT * FROM `{$dbTags}` WHERE name LIKE '%{$q}%'";
$result = mysql_query($sql);
if (mysql_num_rows($result) > 0) {
echo "<h3>{$strTags}</h3>";
echo "<p align='center'>";
while ($row = mysql_fetch_object($result)) {
$countsql = "SELECT COUNT(id) AS counted FROM `{$dbSetTags}` ";
/**
* @author Paul Heaney
* @note based on periods
*/
function make_incident_billing_array($incidentid, $totals = TRUE)
{
$billing = get_incident_billing_details($incidentid);
// echo "<pre>";
// print_r($billing);
// echo "</pre><hr />";
$sql = "SELECT servicelevel, priority FROM `{$GLOBALS['dbIncidents']}` WHERE id = {$incidentid}";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
return FALSE;
}
$incident = mysql_fetch_object($result);
$servicelevel_tag = $incident->servicelevel;
$priority = $incident->priority;
if (!empty($billing)) {
$billingSQL = "SELECT * FROM `{$GLOBALS['dbBillingPeriods']}` WHERE tag='{$servicelevel_tag}' AND priority='{$priority}'";
/*
echo "<pre>";
print_r($billing);
echo "</pre>";
echo "<pre>";
print_r(make_billing_array($incidentid));
echo "</pre>";
*/
//echo $billingSQL;
$billingresult = mysql_query($billingSQL);
// echo $billingSQL;
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
$billingObj = mysql_fetch_object($billingresult);
unset($billingresult);
$engineerPeriod = $billingObj->engineerperiod * 60;
//to seconds
$customerPeriod = $billingObj->customerperiod * 60;
if (empty($engineerPeriod) or $engineerPeriod == 0) {
$engineerPeriod = 3600;
}
if (empty($customerPeriod) or $customerPeriod == 0) {
$customerPeriod = 3600;
}
/*
echo "<pre>";
print_r($billing);
echo "</pre>";
*/
$count = array();
// Loop over each activity that happened during the duration of the incident
// Grouped by Engineer - and then calculate totals
foreach ($billing as $engineer) {
/*
[eng][starttime]
*/
if (is_array($engineer)) {
$owner = "";
$duration = 0;
unset($count);
$count = array();
$count['engineer'];
$count['customer'];
foreach ($engineer as $activity) {
$owner = user_realname($activity['owner']);
$duration += $activity['duration'];
/*
echo "<pre>";
print_r($count);
echo "</pre>";
*/
group_billing_periods($count, 'engineer', $activity, $engineerPeriod);
// Optimisation no need to compute again if we already have the details
if ($engineerPeriod != $customerPeriod) {
group_billing_periods($count, 'customer', $activity, $customerPeriod);
} else {
$count['customer'] = $count['engineer'];
}
}
$tduration += $duration;
$totalengineerperiods += sizeof($count['engineer']);
$totalcustomerperiods += sizeof($count['customer']);
/*
echo "<pre>";
print_r($count);
echo "</pre>";
*/
$billing_a[$activity['owner']]['owner'] = $owner;
$billing_a[$activity['owner']]['duration'] = $duration;
$billing_a[$activity['owner']]['engineerperiods'] = $count['engineer'];
$billing_a[$activity['owner']]['customerperiods'] = $count['customer'];
}
if ($totals == TRUE) {
if (empty($totalengineerperiods)) {
$totalengineerperiods = 0;
}
if (empty($totalcustomerperiods)) {
$totalcustomerperiods = 0;
}
if (empty($tduration)) {
$tduration = 0;
}
$billing_a[-1]['totalduration'] = $tduration;
$billing_a[-1]['totalengineerperiods'] = $totalengineerperiods;
$billing_a[-1]['totalcustomerperiods'] = $totalcustomerperiods;
$billing_a[-1]['customerperiod'] = $customerPeriod;
$billing_a[-1]['engineerperiod'] = $engineerPeriod;
}
if (!empty($billing['refunds'])) {
$billing_a[-1]['refunds'] = $billing['refunds'] / $customerPeriod;
}
// return refunds as a number of units
}
}
//echo "<pre>";
//print_r($billing_a);
//echo "</pre>";
return $billing_a;
}
function display_holiday_table($result)
{
global $CONFIG, $user, $approver, $mode, $sit;
echo "<table align='center'>";
echo "<tr>";
if ($user == 'all' && $approver == TRUE) {
echo "<th>{$GLOBALS['strName']}</th>";
}
echo "<th>{$GLOBALS['strDate']}</th><th>{$GLOBALS['strLength']}</th><th>{$GLOBALS['strType']}</th>";
if ($approver and $mode == 'approval') {
echo "<th>{$GLOBALS['strOperation']}</th><th>{$GLOBALS['strGroupMembersAway']}</th>";
}
// else
// {
// echo "<th>{$GLOBALS['strStatus']}</th>";
// }
echo "</tr>";
while ($holiday = mysql_fetch_object($result)) {
echo "<tr class='shade2'>";
if ($user == 'all' && $approver == TRUE) {
echo "<td><a href='{$_SERVER['PHP_SELF']}?user={$holiday->userid}&mode=approval'>";
echo user_realname($holiday->userid, TRUE);
echo "</a></td>";
}
echo "<td>" . ldate($CONFIG['dateformat_longdate'], mysql2date($holiday->date, TRUE)) . "</td>";
echo "<td>";
if ($holiday->length == 'am') {
echo $GLOBALS['strMorning'];
}
if ($holiday->length == 'pm') {
echo $GLOBALS['strAfternoon'];
}
if ($holiday->length == 'day') {
echo $GLOBALS['strFullDay'];
}
echo "</td>";
echo "<td>" . holiday_type($holiday->type) . "</td>";
if ($approver == TRUE) {
if ($sit[2] != $holiday->userid and $mode == 'approval') {
echo "<td>";
$approvetext = $GLOBALS['strApprove'];
if ($holiday->type == HOL_SICKNESS) {
$approvetext = $GLOBALS['strAcknowledge'];
}
echo "<a href=\"holiday_approve.php?approve=TRUE&user={$holiday->userid}&view={$user}&startdate={$holiday->date}&type={$holiday->type}&length={$holiday->length}\">{$approvetext}</a> | ";
echo "<a href=\"holiday_approve.php?approve=FALSE&user={$holiday->userid}&view={$user}&startdate={$holiday->date}&type={$holiday->type}&length={$holiday->length}\">{$GLOBALS['strDecline']}</a>";
if ($holiday->type == HOL_HOLIDAY) {
echo " | <a href=\"holiday_approve.php?approve=FREE&user={$holiday->userid}&view={$user}&startdate={$holiday->date}&type={$holiday->type}&length={$holiday->length}\">{$GLOBALS['strApproveFree']}</a>";
}
echo "</td>";
} else {
echo "<td>";
if ($holiday->approvedby > 0) {
echo sprintf($GLOBALS['strRequestSentToX'], user_realname($holiday->approvedby, TRUE));
} else {
echo $GLOBALS['strRequestNotSent'];
$waiting = TRUE;
}
echo "</td>";
}
if ($approver == TRUE and $mode == 'approval') {
echo "<td>";
echo check_group_holiday($holiday->userid, $holiday->date, $holiday->length);
echo "</td>";
}
}
echo "</tr>\n";
}
echo "</table>\n";
}
}
// force to current user if username not found
}
$sql = $selectsql . "WHERE contact = c.id AND i.priority = pr.id ";
if ($user != 'all') {
$sql .= "AND (owner='{$user}' OR towner='{$user}') ";
}
if (!empty($softwareid)) {
$sql .= "AND softwareid='{$softwareid}' ";
}
if (!empty($maintexclude)) {
$sql .= "AND i.maintenanceid != '{$maintexclude}' ";
}
echo "<h2>" . icon('support', 32, $strSupport) . " ";
if ($user != 'all') {
echo sprintf($strUserIncidents, user_realname($user, TRUE)) . ": ";
} else {
echo "{$strViewingAllIncidents} ";
}
switch ($queue) {
case 1:
// Action Needed
echo "<span class='actionqueue'>{$strActionNeeded}</span>";
$sql .= "AND (status!='2') ";
// not closed
// the "1=2" obviously false else expression is to prevent records from showing unless the IF condition is true
$sql .= "AND ((timeofnextaction > 0 AND timeofnextaction < {$now}) OR ";
if ($user != 'all') {
$sql .= "(status='5' AND towner={$user}) OR ";
}
$sql .= "(IF ((status >= 5 AND status <=8), ({$now} - lastupdated) > ({$CONFIG['regular_contact_days']} * 86400), 1=2 ) ";
$ssql = "SELECT * FROM `{$dbUserSoftware}` AS us, `{$dbSoftware}` AS s WHERE us.softwareid = s.id AND us.userid='{$users['id']}' ORDER BY s.name ";
$sresult = mysql_query($ssql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$countskills = mysql_num_rows($sresult);
$nobackup = 0;
if ($countskills >= 1) {
$c = 1;
while ($software = mysql_fetch_object($sresult)) {
// echo "<pre>".print_r($software,true)."</pre>";
//echo "<em>{$software->name}</em>";
//echo "<span class='info' title='{$strSubstitute}: ".user_realname($software->backupid,TRUE)."'>{$software->name}</span>";
echo "{$software->name}";
if ($software->backupid > 0) {
echo " <em style='color: #555;'>(" . user_realname($software->backupid, TRUE) . ")</em>";
}
if ($software->backupid == 0) {
$nobackup++;
}
if ($c < $countskills) {
echo ", ";
} else {
echo "<br /><br />• {$countskills} " . $strSkills;
if ($nobackup + 1 >= $countskills) {
echo ", <strong>{$strNoSubstitutes}</strong>.";
} elseif ($nobackup > 0) {
echo ", <strong>" . sprintf($strNeedsSubstitueEngineers, $nobackup) . "</strong>.";
}
}
$c++;
// Edit your profile
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
// This page requires authentication
require APPLICATION_LIBPATH . 'auth.inc.php';
$approver = user_permission($sit[2], 50);
// Approve holidays
if (!empty($_REQUEST['user'])) {
$user = cleanvar($_REQUEST['user']);
} else {
$user = $sit[2];
}
if ($user == $sit[2]) {
$title = sprintf($strUsersHolidays, $_SESSION['realname']);
} else {
$title = sprintf($strUsersHolidays, user_realname($user));
}
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo "<h2>" . icon('holiday', 32) . " ";
echo "{$title}</h2>";
echo "<p align='center'>";
echo "<a href='book_holidays.php?user={$user}'>{$strBookHoliday}</a>";
echo " | <a href='calendar.php'>{$strHolidayPlanner}</a>";
if ($approver) {
echo " | <a href='holiday_request.php?user="******"all";
} else {
echo $user;
}
echo "&mode=approval'>{$strApproveHolidays}</a>";
$totalneg += $minsneg;
}
echo "<tr class='{$shade}'><td>" . user_realname($user['userid']) . "</td><td>" . sprintf($strXMinutes, $minspos) . "</td><td>" . sprintf($strXMinutes, $minsneg) . "</td></tr>";
$grandtotals[$user['userid']]['userid'] = $user['userid'];
$grandtotals[$user['userid']]['totalpos'] += $minspos;
$grandtotals[$user['userid']]['totalneg'] += $minsneg;
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "<tr><td>{$strTotal}</td><td>" . sprintf($strXMinutes, $totalpos) . "</td><td>" . sprintf($strXMinutes, $totalneg) . "</td></tr>";
echo "</table></p>";
}
}
echo "<p align='center'><h3>{$strGrandTotal}</h3></p>";
echo "<table class='vertical' align='center'>";
echo "<tr><th>{$strEngineer}</th><th>{$strPositive}</th><th>{$strNegative}</th></tr>";
$shade = 'shade1';
foreach ($grandtotals as $gt) {
echo "<tr class='{$shade}'><td>" . user_realname($gt['userid']) . "</td><td>" . sprintf($strXMinutes, $gt['totalpos']) . "</td><td>" . sprintf($strXMinutes, $gt['totalneg']) . "</td></tr>";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "</table>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
}
?>
</td></tr>
<tr><th>Web Category:</th><td><?php
echo $frow['webcategory'];
?>
</td></tr>
<tr><th>Description:</th><td><?php
echo $frow['longdescription'];
?>
</td></tr>
<tr><th>File Version:</th><td><?php
echo $frow['fileversion'];
?>
</td></tr>
<tr><th>File Date:</th><td><?php
echo ldate($CONFIG['dateformat_filedatetime'], $frow['filedate']) . ' <strong>by</strong> ' . user_realname($frow['userid'], TRUE);
?>
</td></tr>
<?php
if ($frow['expiry'] > 0) {
?>
<tr><th>Expiry:</th><td><?php
echo ldate($CONFIG['dateformat_filedatetime'], $frow['expiry']);
?>
</td></tr><?php
}
echo "</table>\n";
echo "<p align='center'>";
echo "<a href='ftp_delete.php?id={$id}'>Delete this file</a> | ";
echo "<a href='ftp_edit_file.php?id={$id}'>Describe and Publish this file</a></p>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
}
if (mysql_num_rows($result) == 0) {
echo "<p align='center'>{$strSorryNoResult} ";
} else {
$countsites = mysql_num_rows($result);
echo "<p align='center'>{$strDisplaying} {$countsites} ";
if ($countsites == 1) {
echo "{$strSite}";
} else {
echo "{$strSites}";
}
if ($owner > 0) {
echo " {$strOwnedBy} <strong>" . user_realname($owner) . "</strong>";
}
echo "</p>";
echo "<table align='center'>";
echo "<tr>";
echo "<th>{$strID}</th>";
echo "<th>{$strSiteName}</th>";
echo "<th>{$strDepartment}</th>";
echo "<th>{$strActions}</th>";
echo "</tr>";
$shade = 'shade1';
while ($results = mysql_fetch_object($result)) {
// define class for table row shading
if ($results->active == 'false') {
$shade = 'expired';
}
?>
</a></td>
<td align='center' width='100'><?php
echo $results['forenames'] . ' ' . $results['surname'];
?>
</td>
<td align='center' width='100'><?php
echo site_name($results['siteid']);
?>
</td>
<td align='center' width='50'><?php
echo $results['servicelevel'] . "<br />" . priority_name($results["priority"]);
?>
</td>
<td align='center' width='100'><?php
echo user_realname($results['owner'], TRUE);
?>
</td>
<td align='center' width='150'><?php
echo ldate($CONFIG['dateformat_datetime'], $results["opened"]);
?>
</td>
<td align='center' width='150'><?php
echo ldate($CONFIG['dateformat_datetime'], $results["lastupdated"]);
?>
</td>
<td align='center' width='50'><?php
echo $results["type"];
?>
</td>
<td align='center' width='50'><?php
echo "<tr>";
echo colheader('id', $strID, FALSE);
echo colheader('title', $strTitle, FALSE);
echo colheader('date', $strDate, FALSE);
echo colheader('author', $strAuthor, FALSE);
echo colheader('keywords', $strKeywords, FALSE);
echo "</tr>\n";
$shade = 'shade1';
while ($kbarticle = mysql_fetch_object($result)) {
if (empty($kbarticle->title)) {
$kbarticle->title = $strUntitled;
} else {
$kbarticle->title = $kbarticle->title;
}
if (is_number($kbarticle->author)) {
$kbarticle->author = user_realname($kbarticle->author);
} else {
$kbarticle->author = $kbarticle->author;
}
echo "<tr class='{$shade}'>";
echo "<td>" . icon('kb', 16) . " {$CONFIG['kb_id_prefix']}" . leading_zero(4, $kbarticle->docid) . "</td>";
echo "<td>";
// Lookup what software this applies to
$ssql = "SELECT * FROM `{$dbKBSoftware}` AS kbs, `{$dbSoftware}` AS s WHERE kbs.softwareid = s.id ";
$ssql .= "AND kbs.docid = '{$kbarticle->docid}' ORDER BY s.name";
$sresult = mysql_query($ssql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
$rowcount = mysql_num_rows($sresult);
if ($rowcount >= 1 and $rowcount < 3) {
echo colheader('userid', $strUser, $sort, $order, $filter);
echo colheader('timestamp', "{$strTime}/{$strDate}", $sort, $order, $filter);
echo colheader('event', $strEvent);
echo colheader('action', $strOperation);
echo colheader('type', $strType);
echo "</tr>\n";
$shade = 0;
while ($journal = mysql_fetch_object($result)) {
// define class for table row shading
if ($shade) {
$class = "shade1";
} else {
$class = "shade2";
}
echo "<tr class='{$class}'>";
echo "<td>" . user_realname($journal->userid, TRUE) . "</td>";
echo "<td>" . ldate($CONFIG['dateformat_datetime'], mysqlts2date($journal->timestamp)) . "</td>";
echo "<td>{$journal->event}</td>";
echo "<td>";
switch ($journal->journaltype) {
case 2:
echo "<a href='incident_details.php?id={$journal->refid}' target='_blank'>{$journal->bodytext}</a>";
break;
case 5:
echo "<a href='contact_details.php?id={$journal->refid}' target='_blank'>{$journal->bodytext}</a>";
break;
default:
echo "{$journal->bodytext}";
if (!empty($journal->refid)) {
echo "(Ref: {$journal->refid})";
}
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) >= 1) {
while ($trigaction = mysql_fetch_object($result)) {
echo triggeraction_description($trigaction, TRUE);
echo " <a href='{$_SERVER['PHP_SELF']}?mode=delete&";
echo "id={$trigaction->id}' title=\"{$strDelete}\">";
echo icon('delete', 12) . "</a>";
if ($selecteduser == -1) {
if ($trigaction->userid == 0) {
echo " (<img src='{$CONFIG['application_webpath']}";
echo "images/sit_favicon.png' />)";
} else {
echo " (" . icon('user', 16) . " ";
echo user_realname($trigaction->userid) . ')';
}
}
echo "<br />\n";
}
} else {
echo "{$strNone}";
}
echo "</td>";
echo "<td>";
if ($selecteduser != -1) {
echo "<a href='{$_SERVER['PHP_SELF']}?mode=add&id={$trigger}&user={$selecteduser}'>{$strAddAction}</a>";
}
echo "</td>";
echo "</tr>\n";
if ($shade == 'shade1') {
