function mod_globals($mod_varname = FALSE, $mod_definition = FALSE, $mod_action = "show_form") { global $prefix, $hlpdsk_prefix, $tts, $name, $cmdOk, $admin_tabtable; switch ($mod_action) { case "update": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "update {$prefix}{$hlpdsk_prefix}_config set definition='{$mod_definition}' where varname='{$mod_varname}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; case "insert": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "insert into {$prefix}{$hlpdsk_prefix}_config (varname,definition) values ('{$mod_varname}','{$mod_definition}')"; #echo "$query";exit(); if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; case "delete": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "delete from {$prefix}{$hlpdsk_prefix}_config where varname='{$mod_varname}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; } $response = "<form action=\"admin.php?admin_tabtable={$admin_tabtable}&func=mod_globals\" method=POST>"; $response .= "<table border=1><tr>"; $response .= "<td><font class=content>varname<input name=mod_varname type=text></td>"; $response .= "<td><font class=content>definition<textarea name=mod_definition style=\"HEIGHT: 145px; WIDTH: 500px\"></textarea></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>" . "<td><font class=content>modify<input name=mod_action type=radio value=\"update\" checked></td>"; $response .= "</tr></table>"; $button = new button(); $button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();"); $response .= $button_submit . "</form>"; return $response; }
case 'messages': echo '<br/>'; echo '<br/>'; echo '<table width="100%" cellpadding="0" cellspacing="0">'; echo '<tr><td class="TableHead2"><input name="dummy" value="dummy" onclick="javascript:invert_selection()" type="checkbox"></td><td class="TableHead2" width="30%">Sender</td><td class="TableHead2" width="100%">Message</td></tr>'; $db->query("SELECT * FROM messages_messages WHERE user_id='{$GO_SECURITY->user_id}'ORDER BY ctime DESC"); while ($db->next_record()) { $sender = show_profile($db->f('user_id'), '', 'normal', $link_back); $message = htmlspecialchars($db->f('text')); echo "<tr id=\"" . $db->f('id') . "\"><td><input id=\"C_" . $db->f('id') . "\" type=\"checkbox\" name=\"msgs[]\" value=\"" . $db->f('id') . "\" onclick=\"javascript:item_click(this)\" /></td><td>{$sender}</td><td>{$message}</td></tr>"; echo '<tr><td colspan="99" height="1"><img src="' . $GO_THEME->images['cccccc'] . '" border="0" height="1" width="100%" /></td></tr>'; } echo '</table>'; $button = new button(); echo '<br/>'; echo $button->get_button('Delete', "document.forms[0].task.value='delete';document.forms[0].submit();"); break; case 'properties': if (!$db->query("SELECT * from messages_users WHERE user_id={$GO_SECURITY->user_id}") || !$db->next_record()) { $acl_write = $GO_SECURITY->get_new_acl('message write: ' . $GO_SECURITY->user_id); if ($acl_write > 0) { $db->query("INSERT INTO messages_users (user_id,acl_write) VALUES ('{$GO_SECURITY->user_id}','{$acl_write}')"); } $db->query("SELECT * from messages_users WHERE user_id={$GO_SECURITY->user_id}"); $db->next_record(); } $tabtable = new tabtable('messages_tab', 'Messages', '100%', '400', '120', '', true); $tabtable->add_tab('properties', 'Properties'); $tabtable->add_tab('permissions', 'Permissions'); $tabtable->print_head(); switch ($tabtable->get_active_tab_id()) {
$GO_MODULES->authenticate('opentts'); //set the page title for the header file $page_title = "Opentts"; require $GO_THEME->theme_path . "header.inc"; $tts = new db(); require_once "classes.php"; require_once "menu.php"; $func = ''; if (isset($_POST['func'])) { $func = $_POST['func']; } if (isset($_GET['func'])) { $func = $_GET['func']; } $button = new button(); $button_left = $button->get_button($cmdAdd, 'addItems(this.form.AvailItems,this.form.AvailValue, this.form.SelItems);'); $button_right = $button->get_button($cmdDelete, 'addItemToTextBox(this.form.SelItems,this.form.AvailValue,this.form.AvailItems);removeItems(this.form.SelItems);'); $button_submit = $button->get_button($cmdOk, "javascript:this.form.Sel.value = makeStringFromSelect(this.form.SelItems); this.form.submit();"); $button_reset = $button->get_button($cmdReset, "javascript:this.form.reset();"); $tabtable = new tabtable('admin_tabtable', $helpdesk_title_admin, '100%', '400'); #$tabtable->add_tab('welcome', $helpdesk_menu_administration); $tabtable->add_tab('categories', $helpdesk_menu_categories); $tabtable->add_tab('agents', $helpdesk_menu_groups); $tabtable->add_tab('permissions', $helpdesk_menu_permissions); $tabtable->add_tab('priorities', $helpdesk_menu_priorities); $tabtable->add_tab('projects', $helpdesk_menu_projects); $tabtable->add_tab('status', $helpdesk_menu_status); #$tabtable->add_tab('edit_globals', $helpdesk_menu_globals); $tabtable->print_head(); $admin_tabtable = $tabtable->active_tab; if (Security::is_action_allowed("admin")) {
function show_search() { global $name, $hlpdsk_prefix, $tts, $prefix, $strtosearch, $limit, $limit_rows, $search_status, $submit, $GO_LANGUAGE; require $GO_LANGUAGE->get_language_file('opentts'); if ($submit == "prev" and $limit >= $limit_rows) { $limit -= $limit_rows; } if ($submit == "next") { $limit += $limit_rows; } if ($submit == "search") { $limit = 0; } if ($submit and $limit_rows == -1) { $limit_rows = 10; } if (!$limit) { $limit = 0; } if (!$limit_rows) { $limit_rows = -1; } $response = " <DIV align=center>" . "<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=1 class=boxcontent>" . "<TR><TD>" . "<FORM action=\"queries.php\" method=POST id=frmsearch name=frmsearch>" . "<STRONG><font class=content>{$tts_lang_search}</STRONG><BR>" . "<INPUT type=\"text\" name=strtosearch value=\"" . Security::htmlsecure($strtosearch) . "\" size=60 class=textbox><br>"; $response .= "</td></tr>"; $response .= "<tr><td>"; $query = "select status_id,status_name,show_by_default from {$prefix}{$hlpdsk_prefix}_status"; $tts->query($query); $colbreak = 0; $response .= "<table border=1 width=100%>"; while ($tts->next_record()) { $status_id = $tts->f('status_id'); $status_name = $tts->f('status_name'); $show_by_default = $tts->f('show_by_default'); if ($colbreak == 0) { $response .= "<tr>"; } if (!$search_status) { if ($show_by_default == 1) { $checked = "checked"; } else { $checked = ""; } } else { if ($search_status[$status_id] == "on") { $checked = "checked"; } else { $checked = ""; } } $response .= "<td><font class=content>{$status_name}:<input name=search_status[{$status_id}] type=checkbox {$checked}></td>"; $colbreak += 1; if (2 == $colbreak) { $response .= "</tr>"; $colbreak = 0; } } $response .= "</table>"; $response .= "</td></tr>"; $response .= "<tr><td>"; $response .= "<INPUT type=\"hidden\" value=\"search\" name=\"action\">"; $button = new button(); $response .= $button->get_button($cmdSearch, 'javascript:document.frmsearch.submit();'); if ($submit) { $response .= "<input type=\"submit\" value=\"prev\" name=submit><input type=\"submit\" value=\"next\" name=submit> "; } $response .= "</FORM></TD>"; $response .= " </TR></TABLE>"; return $response; }
function showrecords() { global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE; require $GO_LANGUAGE->get_language_file('opentts'); $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'"); $acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'"); if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) { $query_condition = " "; } else { $query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')"; } $querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} "; $tts->query($querytext); $recordcount = $tts->num_rows(); $row = 0; if ($recordcount = 0) { return 'missing'; } while ($tts->next_record()) { $post_date = $tts->f('post_date'); $due_date = $tts->f('due_date'); $end_date = $tts->f('end_date'); $complete = $tts->f('complete'); $t_from = $tts->f('t_from'); $t_stage = $tts->f('t_stage'); $t_category = $tts->f('t_category'); $t_priority = $tts->f('t_priority'); $t_subject = htmlspecialchars($tts->f('t_subject')); $t_description = htmlspecialchars($tts->f('t_description')); #$t_description=str_replace("\n"," <br> ",$t_description); $t_assigned = $tts->f('t_assigned'); $t_email = $tts->f('t_email'); $t_sms = $tts->f('t_sms'); $t_status = $tts->f('t_status'); $change_date = htmlspecialchars($tts->f('change_date')); $activity_id = $tts->f('activity_id'); $project_id = $tts->f('project_id'); $due_date = date("Y/m/d H:i", $due_date); $end_date = date("Y/m/d H:i", $end_date); $action_changes = $javascript; if ($t_sms == "on") { $t_sms = " CHECKED"; } if ($t_email == "on") { $t_email = " CHECKED"; } if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) { $button = new button(); $action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()"); $action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()"); } else { $action_changes .= ''; } $action_changes .= "</form></center>"; $tts_lang_ticket_number = "Ticket Number:"; $tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date); $fullname = opentts::get_fullname($t_from); if (Security::is_action_allowed("imperson", 0, $acl_write)) { $select = new select('user', 'change_status', 't_from', $t_from); $tts_lang_issuer = $select->get_link("{$tts_lang_issuer}"); $tts_lang_issuer_value = $select->get_field(); } else { $tts_lang_issuer_value = "{$fullname}"; } $stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'")); $category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'")); $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>"; $t_assigned_name = Security::whatsmyname($t_assigned); if (Security::is_action_allowed("change_subject", 0, $acl_write)) { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>"; } else { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>"; } $tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>"; $tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date); $tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>"; $post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">"; if (Security::is_action_allowed("change_project", 0, $acl_write)) { $project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id")); $tts_lang_project_value = "{$project_name}"; } else { $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $tts_lang_project_value = "{$project_name}"; } $fullname = opentts::get_fullname($t_assigned); if (Security::is_action_allowed("change_assigned", 0, $acl_write)) { $select = new select('user', 'change_status', 't_assigned', $t_assigned); $tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}"); $tts_lang_assign_to_value = $select->get_field(); } else { $tts_lang_assign_to_value = "{$fullname}"; } if (Security::is_action_allowed("change_end_date", 0, $acl_write)) { $time = strtotime($end_date); #$end_date_d_m_y=date("Y/m/d",$time); $end_date_h = date("H", $time); $end_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $end_date .= '<td>'; $end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i); if ($htmldirection == 'rtl') { $end_date .= "{$end_date_i_value}:{$end_date_h_value}"; } else { $end_date .= "{$end_date_h_value}:{$end_date_i_value}"; } $tts_lang_end_date_value = "{$end_date} "; } else { $tts_lang_end_date_value = "{$end_date}"; } if (Security::is_action_allowed("change_complete", 0, $acl_write)) { $_PERCENTAGE_COMPLETE_VALUE = select_option("{$complete}", "{$select_complete}"); } else { $_PERCENTAGE_COMPLETE_VALUE = "{$complete} %"; } if (Security::is_action_allowed("change_due_date", 0, $acl_write)) { $time = strtotime($due_date); $due_date_d_m_y = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date_h = date("H", $time); $due_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today, '', '', 'onchange="javascript:document.change_status.end_date_d_m_y.value=this.value;"'); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $due_date .= '<td>'; $due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"'); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"'); if ($htmldirection == 'rtl') { $due_date .= "{$due_date_i_value}:{$due_date_h_value}"; } else { $due_date .= "{$due_date_h_value}:{$due_date_i_value}"; } $tts_lang_due_date_value = "{$due_date} "; } else { $tts_lang_due_date_value = "{$tts_lang_due_date}{$due_date}"; } if (Security::is_action_allowed("change_activity", 0, $acl_write)) { $activity = select_option("{$activity_id}", fill_select("activity_id", "{$prefix}{$hlpdsk_prefix}_activities", "activity_id", "activity_name", " ")); $tts_lang_activity_value = "<br>{$activity} "; } else { $tts_lang_activity_value = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", "where activity_id='{$activity_id}'")); } if (Security::is_action_allowed("change_status", 0, $acl_write)) { $t_status_sel = select_option("{$t_status}", fill_select("t_status", "{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name", " ")); $tts_lang_status_value = "<br>{$t_status_sel}"; } else { $status_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_status", "status_name", " where status_id='{$t_status}'")); $tts_lang_status_value = "{$status_name}"; } if (Security::is_action_allowed("change_priority", 0, $acl_write)) { $t_priorities = select_option("{$t_priority}", fill_select("t_priority", "{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name", " ")); $tts_lang_priority_value = "{$t_priorities}<br>"; } else { $t_priority_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_priorities", "priority_name", " where priority_id={$t_priority}")); $tts_lang_priority_value = "{$t_priority_name}"; } if (Security::is_action_allowed("change_category", 0, $acl_write)) { $t_category = select_option("{$t_category}", fill_select("t_category", "{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name", " ")); $tts_lang_category_value = "{$t_category}<br>"; } else { $tts_lang_category_value = "{$category_name}"; } if (Security::is_action_allowed("change_stage", 0, $acl_write)) { $t_stage = select_option("{$t_stage}", fill_select("t_stage", "{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name", " ")); $tts_lang_stage_value = "<br>{$t_stage}<br>"; } else { $tts_lang_stage_value = Security::htmlsecure("{$stage_name}"); } $mailto_subject = "?subject=" . addslashes("Ticket Task {$Ticket_Number}: ") . addslashes($t_subject); $mailto_body = "&body=" . addslashes("Ticket/Task: {$Ticket_Number} / ") . addslashes($t_description); $mailto = $mailto_subject . $mailto_body; $tts_lang_mail_this = "<a href=\"mailto:{$mailto}\">Send email</a>"; $tts_lang_estimated_time = $_MONEY = ''; $tts_lang_mail_this = ""; $file = "themes/{$hlpdsk_theme}/showline_ticket.html"; $file = addslashes(implode("", file($file))); eval("\$content=stripslashes(\" {$file}\");"); echo $content; $row++; } }
if (Security::is_action_allowed("set_due_date")) { $time = date($_SESSION['GO_SESSION']['date_format'], time()); $tts_lang_due_date_value = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $time, '', '', 'onchange="javascript:document.new_ticket.end_date_d_m_y.value=this.value;"'); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $tts_lang_due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"'); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $tts_lang_due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"'); if ($htmldirection == 'rtl') { $tts_lang_due_date_value .= "{$tts_lang_due_date_i_value}:{$tts_lang_due_date_h_value}"; } else { $tts_lang_due_date_value .= "{$tts_lang_due_date_h_value}:{$tts_lang_due_date_i_value}"; } } else { $tts_lang_due_date_value = ""; } $tts_lang_notify_by .= " email <input type=checkbox name=t_email>"; $tts_lang_post_date_value = "{$post_date}"; $_POST = "<form name=\"new_ticket\" method=\"POST\" action=\"entry_proc.php\">"; $button = new button(); $action_changes = $button->get_button($cmdOk, "javascript:document.new_ticket.submit()"); $action_changes .= ' ' . $button->get_button($cmdReset, "javascript:document.new_ticket.reset()"); $_ACTION = $javascript . $action_changes . "</form>"; // $file = "themes/{$hlpdsk_theme}/entry_ticket.html"; $file = addslashes(implode("", file($file))); eval("\$content=stripslashes(\"{$file}\");"); echo "<center>{$content}</center>"; } $tabtable->print_foot();
function show_default_agent_table() { global $tts, $prefix, $hlpdsk_prefix, $name, $admin_tabtable, $cmdOk, $cmdReset; $query = "select * from {$prefix}{$hlpdsk_prefix}_groups_members where gid=2"; $content = "<br><h2>Change Default agent</h2><br>"; $content .= "<form method=POST action='admin.php?admin_tabtable={$admin_tabtable}&func=set_default_agent'>"; $content .= "<table border=1><tr><td>select</td><td>agent</td></tr>"; if ($tts->query($query, $tts)) { while ($tts->next_record()) { if ($tts->f('uid_default') == 1) { $choosen_one = "checked"; } else { $choosen_one = ""; } $content .= "<tr><td><input type=radio name=\"choosen_one\" value=\"" . $tts->f('uid') . "\" {$choosen_one} ></td><td>" . Security::whatsmyname($tts->f('uid')) . "</td></tr>"; } $content .= "</table>"; $button = new button(); $button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();"); $button_reset = $button->get_button($cmdReset, "javascript:this.for\nm.reset();"); $content .= "{$button_submit}.{$button_reset}</form>"; return $content; } return FALSE; }