public function process()
{
if ('save_extra_default' == $_REQUEST['_process']) {
if (!module_config::can_i('edit', 'Settings')) {
die('No perms to save extra field settings.');
}
if (isset($_REQUEST['butt_del'])) {
if (module_form::confirm_delete('extra_default_id', _l("Really delete this extra field and ALL extra data linked to this field?"), $_SERVER['REQUEST_URI'])) {
$extra_default = module_extra::get_extra_default($_REQUEST['extra_default_id']);
if ($extra_default && $extra_default['extra_default_id'] == $_REQUEST['extra_default_id'] && $extra_default['owner_table'] && $extra_default['extra_key']) {
$extra_values = get_multiple('extra', array('owner_table' => $extra_default['owner_table'], 'extra_key' => $extra_default['extra_key']), 'extra_id', 'exact', 'owner_id');
if ($extra_values) {
foreach ($extra_values as $extra_value) {
if ($extra_value['owner_table'] == $extra_default['owner_table'] && $extra_value['extra_key'] == $extra_default['extra_key']) {
delete_from_db('extra', 'extra_id', $extra_value['extra_id']);
}
}
}
}
delete_from_db('extra_default', 'extra_default_id', $_REQUEST['extra_default_id']);
set_message('Extra field deleted successfully.');
redirect_browser(str_replace('extra_default_id', 'extra_default_id_deleted', $_SERVER['REQUEST_URI']));
}
}
if ((int) $_REQUEST['extra_default_id'] > 0) {
$extra_default = module_extra::get_extra_default($_REQUEST['extra_default_id']);
if ($extra_default && $extra_default['extra_default_id'] == $_REQUEST['extra_default_id'] && $extra_default['owner_table'] && $extra_default['extra_key']) {
if (isset($_POST['extra_key']) && !empty($_POST['extra_key']) && $_POST['extra_key'] != $extra_default['extra_key']) {
// they have renamed the key, rename all the existing ones in the system.
$extra_values = get_multiple('extra', array('owner_table' => $extra_default['owner_table'], 'extra_key' => $extra_default['extra_key']), 'extra_id', 'exact', 'owner_id');
if ($extra_values) {
foreach ($extra_values as $extra_value) {
if ($extra_value['owner_table'] == $extra_default['owner_table'] && $extra_value['extra_key'] == $extra_default['extra_key']) {
update_insert('extra_id', $extra_value['extra_id'], 'extra', array('extra_key' => $_POST['extra_key']));
}
}
}
}
}
}
$data = $_POST;
if (isset($data['options']) && is_array($data['options'])) {
$data['options'] = json_encode($data['options']);
}
update_insert('extra_default_id', $_REQUEST['extra_default_id'], 'extra_default', $data);
set_message('Extra field saved successfully');
redirect_browser($_SERVER['REQUEST_URI']);
}
}
public function process()
{
/*if('save_data_access_popup' == $_REQUEST['_process']){
// saving data access for specieid user id.
// get user id from post.
// todo - make this secure, check current user has permissions to access security :)
// dodgy dave.
$user_id = (int)$_REQUEST['user_id'];
if($user_id && $_REQUEST['access_level']){
$sql = "UPDATE `"._DB_PREFIX."security_access` SET `access_level` = '".(int)$_REQUEST['access_level']."' WHERE user_id = '".$user_id."' LIMIT 1";
query($sql);
}
if($user_id && is_array($_REQUEST['data_access'])){
$sql = "UPDATE `"._DB_PREFIX."security_access` SET `data_access` = '".mysql_real_escape_string(serialize($_REQUEST['data_access']))."' WHERE user_id = '".$user_id."' LIMIT 1";
query($sql);
}
}else */
if ('save_security_role' == $_REQUEST['_process']) {
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
if (!module_security::can_i('edit', 'Security Roles', 'Security')) {
redirect_browser('/');
}
if (isset($_REQUEST['butt_del']) && module_security::can_i('delete', 'Security Roles', 'Security')) {
$security_role_id = (int) $_REQUEST['security_role_id'];
$role = self::get_security_role($security_role_id);
if ($role && $security_role_id == $role['security_role_id']) {
if (module_form::confirm_delete('security_role_id', "Really delete security role: " . $role['name'], self::link_open_role($security_role_id))) {
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
$sql = "DELETE FROM `" . _DB_PREFIX . "user_role` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
}
}
set_message('Role deleted successfully.');
redirect_browser($this->link_open_role(false));
}
$security_role_id = update_insert('security_role_id', $_REQUEST['security_role_id'], 'security_role', $_POST);
// todo - deleting.
if ($security_role_id) {
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "'";
query($sql);
if (isset($_REQUEST['load_defaults']) && strlen($_REQUEST['load_defaults']) > 0 && ($defaults = json_decode($_REQUEST['load_defaults'], true))) {
//$export_json[$available_permission['category'].'|'.$available_permission['module'].'|'.$available_permission['name'].'|'.$available_permission['description']][] = $permission;
foreach ($defaults as $key => $permissions) {
list($category, $module, $name, $description) = explode('|', $key);
$existing = get_single('security_permission', array('name', 'category', 'description', 'module'), array($name, $category, $description, $module));
$security_permission_id = false;
$available_perms = array();
if ($existing) {
$security_permission_id = $existing['security_permission_id'];
$available_perms = @unserialize($existing['available_perms']);
if (!is_array($available_perms)) {
$available_perms = array();
}
}
if (!$security_permission_id) {
$security_permission_id = update_insert('security_permission_id', 'new', 'security_permission', array('name' => $name, 'category' => $category, 'module' => $module, 'description' => $description));
}
$save_perms = false;
foreach (self::$available_permissions as $permission) {
if (in_array($permission, $permissions)) {
// the script is asking for this available permission.
// check if it exists in the db as an option
if (!isset($available_perms[$permission])) {
// time to add it to the db so we can configure this in the future.
$available_perms[$permission] = true;
$save_perms = true;
}
}
}
if ($save_perms && $security_permission_id) {
update_insert('security_permission_id', $security_permission_id, 'security_permission', array('available_perms' => serialize($available_perms)));
}
if ($security_permission_id) {
$actions = array();
foreach (self::$available_permissions as $permission) {
if (in_array($permission, $permissions)) {
$actions[$permission] = 1;
}
}
if (count($actions)) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
}
set_message('Defaults loaded successfully.');
} else {
if (isset($_REQUEST['permission']) && is_array($_REQUEST['permission'])) {
// update permissions for this role.
foreach ($_REQUEST['permission'] as $security_permission_id => $permissions) {
$actions = array();
foreach (self::$available_permissions as $permission) {
if (isset($permissions[$permission]) && $permissions[$permission]) {
$actions[$permission] = 1;
}
}
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $security_permission_id . "' ";
foreach ($actions as $permission => $tf) {
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
if (isset($_REQUEST['permission_drop_down']) && is_array($_REQUEST['permission_drop_down'])) {
// update permissions for this role.
$permission = 'view';
foreach ($_REQUEST['permission_drop_down'] as $security_permission_ids => $selected_security_permission_id) {
$ids_to_clear = explode('|', $security_permission_ids);
foreach ($ids_to_clear as $id_to_clear) {
$id_to_clear = (int) $id_to_clear;
if (!$id_to_clear) {
continue;
}
$sql = "DELETE FROM `" . _DB_PREFIX . "security_role_perm` WHERE security_role_id = '" . (int) $security_role_id . "' AND security_permission_id = '" . (int) $id_to_clear . "' ";
query($sql);
}
if ((int) $selected_security_permission_id > 0) {
$sql = "REPLACE INTO `" . _DB_PREFIX . "security_role_perm` SET security_role_id = '" . (int) $security_role_id . "', security_permission_id = '" . (int) $selected_security_permission_id . "' ";
$sql .= ", `" . mysql_real_escape_string($permission) . "` = 1";
}
query($sql);
}
}
set_message('Role saved successfully.');
}
redirect_browser($this->link_open_role($security_role_id));
}
}
}
public function process()
{
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['subscription_id']) {
$data = self::get_subscription($_REQUEST['subscription_id']);
if (module_form::confirm_delete('subscription_id', "Really delete subscription: " . $data['name'], self::link_open($_REQUEST['subscription_id']))) {
$this->delete_subscription($_REQUEST['subscription_id']);
set_message("Subscription deleted successfully");
redirect_browser(self::link_open(false));
}
} else {
if ("save_subscription" == $_REQUEST['_process']) {
$subscription_id = $this->save_subscription($_REQUEST['subscription_id'], $_POST);
set_message("Subscription saved successfully");
redirect_browser(self::link_open($subscription_id));
}
}
}
public function process()
{
if ('save_backup' == $_REQUEST['_process']) {
if (!module_backup::can_i('edit', 'Backups')) {
die('No perms to save backup.');
}
if (!module_form::check_secure_key()) {
die('Invalid auth');
}
if (_DEMO_MODE) {
die('Sorry, cannot make backups in demo mode.cd ');
}
$backup_id = update_insert('backup_id', $_REQUEST['backup_id'], 'backup', $_POST);
if (isset($_REQUEST['butt_del']) && self::can_i('delete', 'Backups')) {
// and the file.
$backup = $this->get_backup($backup_id);
if ($backup && $backup['backup_id'] == $backup_id && module_form::confirm_delete('backup_id', _l('Really delete this backup?'), self::link_open($backup_id))) {
if (isset($backup['backup_file']) && strlen($backup['backup_file'])) {
if (file_exists(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.sql')) {
@unlink(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.sql');
}
if (file_exists(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.sql.gz')) {
@unlink(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.sql.gz');
}
if (file_exists(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.zip')) {
@unlink(_BACKUP_BASE_DIR . basename($backup['backup_file']) . '.zip');
}
}
delete_from_db('backup', 'backup_id', $backup['backup_id']);
set_message('Backup deleted successfully.');
redirect_browser($this->link_open(false));
}
}
set_message('Backup saved successfully');
redirect_browser($this->link_open($backup_id));
}
}
public function process()
{
$errors = array();
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['report_id']) {
$data = self::get_report($_REQUEST['report_id']);
if (module_form::confirm_delete('report_id', "Really delete " . _l('Report') . ": " . $data['name'], self::link_open($_REQUEST['report_id']))) {
$this->delete_report($_REQUEST['report_id']);
set_message(_l('Report') . " deleted successfully");
redirect_browser(self::link_open(false));
}
} else {
if ("save_report" == $_REQUEST['_process']) {
$report_id = $this->save_report($_REQUEST['report_id'], $_POST);
$_REQUEST['_redirect'] = $this->link_open($report_id);
set_message(_l('Report') . " saved successfully");
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes' && module_form::check_secure_key() && module_invoice::can_i('delete', 'Invoices')) {
// confirm deletion of these tickets:
$invoice_ids = isset($_REQUEST['invoice_bulk_operation']) && is_array($_REQUEST['invoice_bulk_operation']) ? $_REQUEST['invoice_bulk_operation'] : array();
foreach ($invoice_ids as $invoice_id => $k) {
if ($k != 'yes') {
unset($invoice_ids[$invoice_id]);
} else {
$invoice_ids[$invoice_id] = module_invoice::link_open($invoice_id, true);
}
}
if (count($invoice_ids) > 0) {
if (module_form::confirm_delete('invoice_id', _l("Really delete invoices: %s", implode(', ', $invoice_ids)), self::link_open(false))) {
foreach ($invoice_ids as $invoice_id => $invoice_number) {
self::delete_invoice($invoice_id);
}
set_message(_l("%s invoices deleted successfully", count($invoice_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
function save_data_record()
{
$data = $_POST;
$data_record_id = isset($data['data_record_id']) ? $data['data_record_id'] : false;
$data_type_id = (int) $data['data_type_id'];
if (!$data_type_id) {
set_error(_l('Sorry no data type set'));
return false;
}
$data_type = $this->get_data_type($data_type_id);
if ((!$data_record_id || $data_record_id == 'new') && !$this->can_i('create', $data_type['data_type_name'])) {
set_error('No permissions to create data');
return false;
} else {
if ((int) $data_record_id > 0 && !$this->can_i('edit', $data_type['data_type_name'])) {
set_error('No permissions to edit data');
return false;
} else {
if ((int) $data_record_id > 0 && !$this->can_i('delete', $data_type['data_type_name']) && isset($_POST['butt_del'])) {
set_error('No permissions to delete data');
return false;
} else {
if ((int) $data_record_id > 0 && $this->can_i('delete', $data_type['data_type_name']) && isset($_POST['butt_del'])) {
if (module_form::confirm_delete('data_record_id', "Really delete this entire data record?", $this->link('', array("data_record_id" => $data_record_id)))) {
$this->delete_data_record($data_record_id);
set_error(_l("Data deleted successfully"));
redirect_browser($this->link());
}
}
}
}
}
if (!isset($data['save_data_group']) || !is_array($data['save_data_group'])) {
// no information to save?? error
set_error(_l('Sorry no group found to save'));
return false;
}
if ((!isset($data['data_field']) || !is_array($data['data_field']) || !count($data['data_field'])) && !isset($_FILES['data_field']['tmp_name'])) {
set_error(_l('Sorry, no data found to save'));
return false;
}
if (isset($_REQUEST['form_id']) && $_REQUEST['form_id']) {
$form_id = $_REQUEST['form_id'];
} else {
$form_id = 'default';
}
$_SESSION['_form_highlight'][$form_id] = array();
//unset($data['data_type_id']);
// first we check for required fields missing in the data field array.
// return false on error, and set the error fields in session so they can be highligted on re-render
$data_field_groups = $this->get_data_field_groups($data_type_id);
$allowed_to_save = array();
// an array of fields we are allowed to save in this save call.
$missing_required_fields = array();
$missing_required_fields_names = array();
$all_data_fields = array();
// for history cache.
foreach ($data_field_groups as $data_field_group) {
// check if the user is posting data for this field.
$data_field_group_id = $data_field_group['data_field_group_id'];
if (isset($data['save_data_group'][$data_field_group_id]) && $data['save_data_group'][$data_field_group_id]) {
$data_fields = $this->get_data_fields($data_field_group_id);
$all_data_fields[$data_field_group_id] = $data_fields;
// loop over all fields, and ensure the ones that are required are present.
foreach ($data_fields as $data_field) {
$data_field_id = $data_field['data_field_id'];
if ($data_field['required']) {
// depending on the type of field, there are different ways to
// check if the required field has been inserted.
switch ($data_field['field_type']) {
case 'radio':
case 'checkbox_list':
if (isset($data['data_field'][$data_field_id]) && strtolower($data['data_field'][$data_field_id]) == 'other' && (!isset($data['other_data_field'][$data_field_id]) || !$data['other_data_field'][$data_field_id])) {
$missing_required_fields[$data_field_id] = 'other';
$missing_required_fields_names[$data_field_id] = $data_field['title'];
} else {
if (!isset($data['data_field'][$data_field_id]) || !$data['data_field'][$data_field_id]) {
$missing_required_fields[$data_field_id] = true;
}
}
break;
case 'file':
if (!is_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id])) {
$missing_required_fields[$data_field_id] = true;
$missing_required_fields_names[$data_field_id] = $data_field['title'];
}
break;
case 'created_date_time':
case 'created_date':
case 'created_time':
case 'updated_date_time':
case 'updated_date':
case 'updated_time':
case 'created_by':
case 'updated_by':
break;
default:
// normal text field etc..
if (!isset($data['data_field'][$data_field_id]) || !$data['data_field'][$data_field_id]) {
$missing_required_fields[$data_field_id] = true;
$missing_required_fields_names[$data_field_id] = $data_field['title'];
}
break;
}
}
$allowed_to_save[$data_field_id] = true;
}
}
}
// we only want notes as required if the notes field is passed.
/*if(isset($data['notes']) && !trim($data['notes'])){
$missing_required_fields['notes']=true;
$missing_required_fields_names[$data_field_id] = $data_field['name'];
}*/
if ($missing_required_fields) {
set_error(_l('Required fields missing: %s', implode(', ', $missing_required_fields_names)));
$_SESSION['_form_highlight'][$form_id] = $missing_required_fields;
return false;
}
if (!count($allowed_to_save)) {
set_message(_l('Sorry, not fields found to save'));
return false;
}
// check for 'other' option on radio boxes.
// update the main data record to contain the latest information
if ($data_record_id && $data_record_id != 'new') {
// updating a previous one
$previous_data_record = $this->get_data_record($data_record_id);
$previous_data_items = $this->get_data_items($data_record_id);
if (!$previous_data_record['status'] && !$data['status']) {
$data['status'] = 'new';
}
} else {
if (!isset($data['status']) || !$data['status']) {
$data['status'] = 'new';
}
$previous_data_record = false;
}
$data_record_id = update_insert('data_record_id', $data_record_id, 'data_record', $data);
if (!$data_record_id) {
set_message(_l('Unable to save data record sorry'));
return false;
}
// create a new revision to store this latest information, and link all the data field information to.
$data['field_cache'] = serialize($all_data_fields);
$data['field_group_cache'] = serialize($data_field_groups);
$data['data_record_id'] = $data_record_id;
$data_record_revision_id = update_insert('data_record_revision_id', 'new', 'data_record_revision', $data);
if (!$data_record_revision_id) {
set_message(_l('Unable to save data record revision sorry'));
return false;
}
update_insert('data_record_id', $data_record_id, 'data_record', array('last_revision_id' => $data_record_revision_id));
// save all the fields against this revision
foreach ($allowed_to_save as $data_field_id => $tf) {
$data_field = $this->get_data_field($data_field_id);
// incase admin updates during a save? probably will never fire.
if ($data_field['data_field_id'] != $data_field_id) {
continue;
//skip to next field to save.
}
$data_field_data = false;
switch ($data_field['field_type']) {
case 'radio':
case 'checkbox_list':
$data_field_data = isset($data['data_field'][$data_field_id]) ? $data['data_field'][$data_field_id] : false;
if (isset($data['other_data_field'][$data_field_id]) && $data['other_data_field'][$data_field_id]) {
$data_field_data = $data['other_data_field'][$data_field_id];
}
break;
case 'file':
// check the file has been uploaded.
if (is_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id])) {
$user_file = preg_replace('/[^\\w\\.]+/', '', trim(basename($_FILES['data_field']['name'][$data_field_id])));
if (strlen($user_file)) {
// move it into the upload folder and set a field data below.
// not too worried about people uploading bad files here eg php scripts, cos it's all an internal project.
$file_name = "{$data_field_id}-{$data_record_id}-{$data_record_revision_id}-custom";
if (move_uploaded_file($_FILES['data_field']['tmp_name'][$data_field_id], 'includes/plugin_data/upload/' . $file_name)) {
// upload success.
$data_field_data = serialize(array('file' => $file_name, 'name' => $user_file));
}
}
}
break;
default:
$data_field_data = isset($data['data_field'][$data_field_id]) ? $data['data_field'][$data_field_id] : false;
}
// if the value has been posted, or we have a manual value set above (eg: a file)
if ($data_field_data !== false) {
if (is_array($data_field_data)) {
$data_field_data = serialize($data_field_data);
}
$store_data = array('data_field_id' => $data_field_id, 'data_record_id' => $data_record_id, 'data_record_revision_id' => $data_record_revision_id, 'data_text' => $data_field_data, 'data_number' => 0, 'data_varchar' => '', 'data_field_settings' => serialize($data_field));
// print_r($store_data);
// todo - check if there are any changes between this data VALUE and the previous revision value.
// if there are no differences, then we dont bother saving it.
$save_value = true;
if ($previous_data_record && isset($previous_data_items[$data_field_id])) {
// check if any field attributes have changed.
$save_value = false;
$previous_data_item = $previous_data_items[$data_field_id];
//print_r($previous_data_item);exit;
foreach (array('data_text', 'data_number', 'data_varchar', 'data_field_settings') as $check_changes) {
if (trim($store_data[$check_changes]) != trim($previous_data_item[$check_changes])) {
//echo $store_data[$check_changes] . '<br> doesnt match <br>' ."\n" . $previous_data_item[$check_changes] . '<br><hr>';
//exit;
$save_value = true;
break;
}
}
}
if ($save_value) {
$data_store_id = update_insert('data_store_id', 'new', 'data_store', $store_data);
}
}
}
return $data_record_id;
}
private function _handle_save_template()
{
// handle post back for save template template.
$template_id = (int) $_REQUEST['template_id'];
// delete.
if (isset($_REQUEST['butt_del']) && self::can_i('delete', 'Templates')) {
$template_data = self::get_template($template_id);
if (module_form::confirm_delete('template_id', _l("Really delete template: %s", $template_data['template_key']), self::link_open($template_id))) {
$this->delete($template_id);
// todo: delete company template as well if exists.
set_message("Template deleted successfully");
redirect_browser(self::link_open(false));
}
}
$data = $_POST;
$already_saved = false;
if ((int) $template_id > 0 && class_exists('module_company', false)) {
module_company::template_handle_save($template_id, $data);
// we have to redirect to a company specific version of this template
// each company template must have a matching parent template id/key. cannot change keys in company unique config.
}
// write header/footer html based on uploaded images.
// pass uploaded images to the file manager plugin.
$template_id = update_insert('template_id', $template_id, 'template', $data);
// redirect upon save.
set_message('Template saved successfully!');
if (isset($_REQUEST['return']) && $_REQUEST['return']) {
redirect_browser($_REQUEST['return']);
}
redirect_browser($this->link_open($template_id));
exit;
}
public static function handle_bulk_delete_double_optin($rows)
{
$delete = array();
foreach ($rows as $member_to_delete) {
$newsletter_member_id = module_newsletter::member_from_email($member_to_delete, false);
if ($newsletter_member_id) {
if ($res = module_newsletter::is_member_unsubscribed($newsletter_member_id, $member_to_delete)) {
if (class_exists('module_subscription', false)) {
// check this isn't a member from a subscription or something.
$sub = module_subscription::get_subscriptions_by('member', $member_to_delete['member_id']);
if (count($sub)) {
continue;
}
}
if (isset($res['reason']) && $res['reason'] == 'doubleoptin') {
//delete this onee!
$delete[] = array('member_id' => $member_to_delete['member_id']);
}
}
}
}
if (module_form::confirm_delete('bulk_optin_array', "Really delete all " . count($delete) . " failed double-opt-in members?", $_SERVER['REQUEST_URI'])) {
foreach ($delete as $member_to_delete) {
self::delete_member($member_to_delete['member_id']);
}
set_message("Selected members deleted successfully");
redirect_browser(self::link_open(false));
}
}
/** methods */
public function process()
{
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && !empty($_REQUEST['customer_id']) && module_customer::can_i('delete', 'Customers')) {
if (module_form::check_secure_key()) {
$data = self::get_customer($_REQUEST['customer_id']);
if ($data['customer_id'] && ($data['customer_id'] = $_REQUEST['customer_id'])) {
if (module_form::confirm_delete('customer_id', _l("Really delete customer: %s", $data['customer_name']), self::link_open($_REQUEST['customer_id']), array('options' => array(array('label' => _l('Also delete all Customer %s, Jobs, Invoices, Tickets and Files', module_config::c('project_name_plural')), 'name' => 'delete_others', 'type' => 'checkbox', 'value' => 1, 'checked' => true))))) {
$this->delete_customer($_REQUEST['customer_id'], isset($_REQUEST['delete_others']) && $_REQUEST['delete_others']);
set_message("Customer deleted successfully");
redirect_browser(self::link_open(false));
}
}
}
} else {
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && !empty($_REQUEST['customer_type_id'])) {
if (module_form::check_secure_key()) {
$data = self::get_customer_type($_REQUEST['customer_type_id']);
if ($data['customer_type_id'] && ($data['customer_type_id'] = $_REQUEST['customer_type_id'])) {
if (module_form::confirm_delete('customer_type_id', _l("Really delete customer type: %s", $data['type_name']), self::link_open_customer_type($_REQUEST['customer_type_id']))) {
delete_from_db('customer_type', 'customer_type_id', $data['customer_type_id']);
$sql = "UPDATE `" . _DB_PREFIX . "customer` SET `customer_type_id` = 0 WHERE `customer_type_id` = " . (int) $data['customer_type_id'];
query($sql);
set_message("Customer type deleted successfully");
redirect_browser(self::link_open_customer_type(false));
}
}
}
} else {
if ("ajax_contact_list" == $_REQUEST['_process']) {
$customer_id = isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : 0;
$res = module_user::get_contacts(array('customer_id' => $customer_id));
$options = array();
foreach ($res as $row) {
$options[$row['user_id']] = $row['name'] . ' ' . $row['last_name'];
}
echo json_encode($options);
exit;
} else {
if ("save_customer" == $_REQUEST['_process']) {
$customer_id = $this->save_customer($_REQUEST['customer_id'], $_POST);
hook_handle_callback('customer_save', $customer_id);
if (isset($_REQUEST['butt_send_email'])) {
redirect_browser(self::link_open($customer_id) . '&email=1');
} else {
set_message("Customer saved successfully");
redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : self::link_open($customer_id));
}
} else {
if ("save_customer_type" == $_REQUEST['_process']) {
$customer_type_id = $this->save_customer_type($_REQUEST['customer_type_id'], $_POST);
hook_handle_callback('customer_save_type', $customer_type_id);
set_message("Customer saved successfully");
redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : self::link_open_customer_type($customer_type_id));
}
}
}
}
}
}
public function process()
{
if (_DEMO_MODE && isset($_REQUEST['user_id']) && (int) $_REQUEST['user_id'] > 0 && (int) $_REQUEST['user_id'] <= 4) {
set_error('Sorry no changes to demo users. Please create a new user.');
redirect_browser($this->link_open($_REQUEST['user_id']));
}
$errors = array();
if (isset($_REQUEST['butt_del_contact']) && $_REQUEST['butt_del_contact'] && $_REQUEST['user_id'] && $_REQUEST['user_id'] != 1 && self::can_i('delete', 'Contacts', 'Customer')) {
$data = self::get_user($_REQUEST['user_id']);
if (module_form::confirm_delete('user_id', "Really delete contact: " . $data['name'], self::link_open_contact($_REQUEST['user_id']))) {
$this->delete_user($_REQUEST['user_id']);
set_message("Contact deleted successfully");
redirect_browser(module_customer::link_open($data['customer_id']));
}
} else {
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['user_id'] && self::can_i('delete', 'Users', 'Config')) {
$data = self::get_user($_REQUEST['user_id']);
if (module_form::confirm_delete('user_id', "Really delete user: "******"User deleted successfully");
redirect_browser(self::link_open(false));
}
} else {
if ("save_user" == $_REQUEST['_process']) {
$user_id = (int) $_REQUEST['user_id'];
if ($user_id == 1 && module_security::get_loggedin_id() != 1) {
set_error('Sorry, only the Administrator can access this page.');
redirect_browser(_UCM_HOST . _BASE_HREF);
}
// check create permissions.
$use_master_key = $this->get_contact_master_key();
// are we creating or editing a user?
if (!$user_id) {
$method = 'create';
} else {
$method = 'edit';
$existing_user = module_user::get_user($user_id, true, false);
if (!$existing_user || $existing_user['user_id'] != $user_id) {
$user_id = false;
$method = 'create';
}
}
if (isset($_POST[$use_master_key]) && $_POST[$use_master_key]) {
if (!module_user::can_i($method, 'Contacts', 'Customer')) {
set_error('No permissions to ' . $method . ' contacts');
redirect_browser(module_customer::link_open($_POST['customer_id']));
}
} else {
if (!module_user::can_i($method, 'Users', 'Config')) {
set_error('No permissions to ' . $method . ' users');
redirect_browser(module_user::link_open(false));
}
}
$user_id = $this->save_user($user_id, $_POST);
if ($use_master_key && isset($_REQUEST[$use_master_key]) && $_REQUEST[$use_master_key]) {
set_message("Customer contact saved successfully");
redirect_browser($this->link_open_contact($user_id));
} else {
set_message("User saved successfully");
redirect_browser($this->link_open($user_id));
}
}
}
}
/*else if("save_contact" == $_REQUEST['_process']){
$user_id = $this->save_contact($_POST['user_id'],$_POST);
$_REQUEST['_redirect'] = $this->link_open_contact(false);
if($user_id){
set_message("Contact saved successfully");
}else{
// todo error creating contact
}
}*/
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public function process()
{
if ("save_twitter" == $_REQUEST['_process']) {
$social_twitter_id = isset($_REQUEST['social_twitter_id']) ? (int) $_REQUEST['social_twitter_id'] : 0;
$twitter = new ucm_twitter_account($social_twitter_id);
if (isset($_POST['butt_del']) && module_social::can_i('delete', 'Twitter', 'Social', 'social')) {
if (module_form::confirm_delete('social_twitter_id', "Really delete this Twitter account from the system? All messages will be lost.", self::link_open($_REQUEST['social_twitter_id']))) {
$twitter->delete();
set_message("Twitter account deleted successfully");
redirect_browser(self::link_open(false));
}
}
$twitter->save_data($_POST);
$social_twitter_id = $twitter->get('social_twitter_id');
if (isset($_POST['butt_save_connect'])) {
$redirect = $this->link_open($social_twitter_id, false, false, 'twitter_account_connect');
} else {
set_message('Twitter account saved successfully');
$redirect = $this->link_open($social_twitter_id);
}
redirect_browser($redirect);
exit;
} else {
if ("send_twitter_message" == $_REQUEST['_process']) {
if (module_form::check_secure_key()) {
// queue the message into the twitter_message table
// if there's a scheduled date in the past we send it in the past, no date we send straight away, date in the future we leave it in the db table for the cron job to pick up.
//print_r($_POST);exit;
$send_time = false;
// default: now
if (isset($_POST['schedule_date']) && isset($_POST['schedule_time']) && !empty($_POST['schedule_date']) && !empty($_POST['schedule_time'])) {
$date = $_POST['schedule_date'];
$time_hack = $_POST['schedule_time'];
$time_hack = str_ireplace('am', '', $time_hack);
$time_hack = str_ireplace('pm', '', $time_hack);
$bits = explode(':', $time_hack);
if (strpos($_POST['schedule_time'], 'pm')) {
$bits[0] += 12;
}
// add the time if it exists
$date .= ' ' . implode(':', $bits) . ':00';
$send_time = strtotime(input_date($date, true));
} else {
if (isset($_POST['schedule_date']) && !empty($_POST['schedule_date'])) {
$send_time = strtotime(input_date($_POST['schedule_date'], true));
}
}
//echo print_date($send_time,true);
//echo '<br>';
//echo date('c',$send_time);
//exit;
$send_accounts = isset($_POST['compose_account_id']) && is_array($_POST['compose_account_id']) ? $_POST['compose_account_id'] : array();
$page_count = 0;
$last_twitter_account_id = false;
if ($send_accounts) {
foreach ($send_accounts as $twitter_account_id => $tf) {
if (!$tf) {
continue;
}
// see if this is an available account.
$twitter_account = new ucm_twitter_account($twitter_account_id);
//todo: check permissiont o access thi saccount
if ($twitter_account->get('social_twitter_id') == $twitter_account_id) {
// push to db! then send.
$last_twitter_account_id = $twitter_account_id;
$twitter_message = new ucm_twitter_message($twitter_account, false);
$twitter_message->create_new();
$twitter_message->update('social_twitter_id', $twitter_account->get('social_twitter_id'));
$twitter_message->update('summary', isset($_POST['message']) ? $_POST['message'] : '');
$twitter_message->update('type', 'pending');
$twitter_message->update('data', json_encode($_POST));
$twitter_message->update('user_id', module_security::get_loggedin_id());
// do we send this one now? or schedule it later.
$twitter_message->update('status', _SOCIAL_MESSAGE_STATUS_PENDINGSEND);
if ($send_time) {
// schedule for sending at a different time (now or in the past)
$twitter_message->update('message_time', $send_time);
} else {
// send it now.
$twitter_message->update('message_time', 0);
}
if (isset($_FILES['picture']['tmp_name']) && is_uploaded_file($_FILES['picture']['tmp_name'])) {
$twitter_message->add_attachment($_FILES['picture']['tmp_name']);
}
$twitter_message->send_queued(isset($_POST['debug']) && $_POST['debug']);
$page_count++;
} else {
// log error?
}
}
}
set_message(_l('Message delivered successfully to %s Twitter accounts', $page_count));
$redirect = $this->link_open_message_view($last_twitter_account_id);
redirect_browser($redirect);
}
exit;
} else {
if ("ajax_social_twitter" == $_REQUEST['_process']) {
// ajax functions from wdsocial. copied from the datafeed.php sample files.
header('Content-type: text/javascript');
if (module_form::check_secure_key()) {
$social_twitter_id = isset($_REQUEST['social_twitter_id']) ? (int) $_REQUEST['social_twitter_id'] : 0;
$twitter = new ucm_twitter_account($social_twitter_id);
if ($social_twitter_id && $twitter->get('social_twitter_id') == $social_twitter_id) {
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
$message_id = isset($_REQUEST['social_twitter_message_id']) ? (int) $_REQUEST['social_twitter_message_id'] : 0;
$twitter_message = new ucm_twitter_message();
$twitter_message->load($message_id);
if ($twitter_message->get('social_twitter_id') == $social_twitter_id && $twitter_message->get('social_twitter_message_id') == $message_id) {
switch ($action) {
case "send-message-reply":
if (module_social::can_i('create', 'Twitter Comments', 'Social', 'social')) {
$return = array();
$message = isset($_POST['message']) && $_POST['message'] ? $_POST['message'] : '';
$debug = isset($_POST['debug']) && $_POST['debug'] ? $_POST['debug'] : false;
if ($message) {
ob_start();
//$twitter_message->send_reply( $message, $debug );
$new_twitter_message = new ucm_twitter_message($twitter, false);
$new_twitter_message->create_new();
$new_twitter_message->update('reply_to_id', $twitter_message->get('social_twitter_message_id'));
$new_twitter_message->update('social_twitter_id', $twitter->get('social_twitter_id'));
$new_twitter_message->update('summary', $message);
//$new_twitter_message->update('type','pending');
$new_twitter_message->update('data', json_encode($_POST));
$new_twitter_message->update('user_id', module_security::get_loggedin_id());
// do we send this one now? or schedule it later.
$new_twitter_message->update('status', _SOCIAL_MESSAGE_STATUS_PENDINGSEND);
if (isset($_FILES['picture']['tmp_name']) && is_uploaded_file($_FILES['picture']['tmp_name'])) {
$new_twitter_message->add_attachment($_FILES['picture']['tmp_name']);
}
$worked = $new_twitter_message->send_queued(isset($_POST['debug']) && $_POST['debug']);
$return['message'] = ob_get_clean();
if ($debug) {
// just return message
} else {
if ($worked) {
// success, redicet!
set_message(_l('Message sent and conversation archived.'));
$return['redirect'] = module_social_twitter::link_open_message_view($social_twitter_id);
} else {
// failed, no debug, force debug and show error.
}
}
}
echo json_encode($return);
}
break;
case "set-answered":
if (module_social::can_i('edit', 'Twitter Comments', 'Social', 'social')) {
$twitter_message->update('status', _SOCIAL_MESSAGE_STATUS_ANSWERED);
?>
$('.twitter_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
// if this is a direct message, we also archive all other messages in it.
if ($twitter_message->get('type') == _TWITTER_MESSAGE_TYPE_DIRECT) {
$from = preg_replace('#[^0-9]#', '', $twitter_message->get('twitter_from_id'));
$to = preg_replace('#[^0-9]#', '', $twitter_message->get('twitter_to_id'));
if ($from && $to) {
$sql = "SELECT * FROM `" . _DB_PREFIX . "social_twitter_message` WHERE `type` = " . _TWITTER_MESSAGE_TYPE_DIRECT . " AND `status` = " . (int) _SOCIAL_MESSAGE_STATUS_UNANSWERED . " AND social_twitter_id = " . (int) $twitter_message->get('twitter_account')->get('social_twitter_id') . " AND ( (`twitter_from_id` = '{$from}' AND `twitter_to_id` = '{$to}') OR (`twitter_from_id` = '{$to}' AND `twitter_to_id` = '{$from}') ) ";
$others = qa($sql);
if (count($others)) {
foreach ($others as $other_message) {
$ucm_twitter_message = new ucm_twitter_message(false, $other_message['social_twitter_message_id']);
if ($ucm_twitter_message->get('social_twitter_message_id') == $other_message['social_twitter_message_id']) {
$ucm_twitter_message->update('status', _SOCIAL_MESSAGE_STATUS_ANSWERED);
?>
$('.twitter_message_row[data-id=<?php
echo $ucm_twitter_message->get('social_twitter_message_id');
?>
]').hide();
<?php
}
}
}
}
}
}
break;
case "set-unanswered":
if (module_social::can_i('edit', 'Twitter Comments', 'Social', 'social')) {
$twitter_message->update('status', _SOCIAL_MESSAGE_STATUS_UNANSWERED);
?>
$('.twitter_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
}
break;
}
//echo 'The status is '.$twitter_message->get('status');
}
}
}
exit;
}
}
}
}
/** methods */
public function process()
{
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['vendor_id'] && module_vendor::can_i('delete', 'Companies')) {
$data = self::get_vendor($_REQUEST['vendor_id']);
if ($data['vendor_id'] && ($data['vendor_id'] = $_REQUEST['vendor_id'])) {
if (module_form::confirm_delete('vendor_id', _l("Really delete vendor: %s", $data['vendor_name']), self::link_open($_REQUEST['vendor_id']), array('options' => array(array('label' => _l('Also delete all Vendor %s, Jobs, Invoices, Tickets and Files', module_config::c('project_name_plural')), 'name' => 'delete_others', 'type' => 'checkbox', 'value' => 1, 'checked' => true))))) {
$this->delete_vendor($_REQUEST['vendor_id'], isset($_REQUEST['delete_others']) && $_REQUEST['delete_others']);
set_message("Vendor deleted successfully");
redirect_browser(self::link_open(false));
}
}
} else {
if ("ajax_contact_list" == $_REQUEST['_process']) {
$vendor_id = isset($_REQUEST['vendor_id']) ? (int) $_REQUEST['vendor_id'] : 0;
$res = module_user::get_contacts(array('vendor_id' => $vendor_id));
$options = array();
foreach ($res as $row) {
$options[$row['user_id']] = $row['name'] . ' ' . $row['last_name'];
}
echo json_encode($options);
exit;
} else {
if ("save_vendor" == $_REQUEST['_process']) {
$vendor_id = $this->save_vendor($_REQUEST['vendor_id'], $_POST);
hook_handle_callback('vendor_save', $vendor_id);
set_message("Vendor saved successfully");
redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : self::link_open($vendor_id));
}
}
}
}
public function process()
{
$errors = array();
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['website_id']) {
$data = self::get_website($_REQUEST['website_id']);
if (module_form::confirm_delete('website_id', "Really delete " . module_config::c('project_name_single', 'Website') . ": " . $data['name'], self::link_open($_REQUEST['website_id']))) {
$this->delete_website($_REQUEST['website_id']);
set_message(module_config::c('project_name_single', 'Website') . " deleted successfully");
redirect_browser(self::link_open(false));
}
} else {
if ("save_website" == $_REQUEST['_process']) {
$website_id = $this->save_website($_REQUEST['website_id'], $_POST);
hook_handle_callback('website_save', $website_id);
$_REQUEST['_redirect'] = $this->link_open($website_id);
set_message(module_config::c('project_name_single', 'Website') . " saved successfully");
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public function process()
{
$errors = array();
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['newsletter_id']) {
$data = self::get_newsletter($_REQUEST['newsletter_id']);
if (module_form::confirm_delete('newsletter_id', "Really delete newsletter: " . $data['subject'], self::link_open($_REQUEST['newsletter_id']))) {
$this->delete_newsletter($_REQUEST['newsletter_id']);
set_message("Newsletter deleted successfully");
redirect_browser(self::link_list(false));
}
} else {
if ("save_newsletter" == $_REQUEST['_process']) {
$newsletter_id = isset($_REQUEST['newsletter_id']) ? (int) $_REQUEST['newsletter_id'] : false;
$newsletter_id = $this->save_newsletter($newsletter_id, $_POST);
if (isset($_REQUEST['butt_send'])) {
redirect_browser($this->link_send($newsletter_id));
}
if (isset($_REQUEST['butt_duplicate'])) {
$newsletter_id = $this->duplicate_newsetter($newsletter_id);
set_message('Newsletter duplicated successfully');
redirect_browser($this->link_open($newsletter_id));
}
if (isset($_REQUEST['butt_preview_email'])) {
if ($this->send_preview($newsletter_id, $_REQUEST['quick_email'])) {
//set_message("Newsletter preview sent successfully.");
redirect_browser($this->link_open($newsletter_id));
}
/*else{
echo "<br><br>Failed to send preview. <br><br>";
echo '<a href="'.$this->link_open($newsletter_id).'">try again</a> ';
exit;
}*/
}
if (isset($_REQUEST['butt_preview'])) {
redirect_browser($this->link_preview($newsletter_id));
}
set_message("Newsletter saved successfully");
redirect_browser($this->link_open($newsletter_id));
} else {
if ("send_send" == $_REQUEST['_process']) {
$newsletter_id = (int) $_REQUEST['newsletter_id'];
$send_id = (int) $_REQUEST['send_id'];
if ($newsletter_id && $send_id) {
$sql = "UPDATE `" . _DB_PREFIX . "newsletter_send` SET `status` = " . _NEWSLETTER_STATUS_PENDING . " WHERE send_id = {$send_id} AND newsletter_id = {$newsletter_id}";
query($sql);
self::update_member_data_for_send($send_id);
self::remove_unsubscribed_members_from_send($send_id);
//ready to send
redirect_browser($this->link_queue_watch($newsletter_id, $send_id));
}
} else {
if ("modify_send" == $_REQUEST['_process']) {
$send_id = (int) $_REQUEST['send_id'];
$newsletter_id = (int) $_REQUEST['newsletter_id'];
$send = get_single('newsletter_send', array('send_id', 'newsletter_id'), array($send_id, $newsletter_id));
if (isset($_POST['status']) && $_POST['status'] == 'delete') {
if (module_form::confirm_delete('newsletter_id', "Really delete this send?", self::link_queue_watch($newsletter_id, $send_id))) {
if ($send && $send['send_id'] == $send_id) {
set_message("Newsletter send deleted successfully");
update_insert('send_id', $send_id, 'newsletter_send', array('status' => _NEWSLETTER_STATUS_DELETED));
}
redirect_browser(self::link_list(false));
}
unset($_POST['status']);
}
if (!$send['start_time']) {
$_POST['start_time'] = time();
}
// hack cos sometimes it doesn't save start time? i think i fixed this bug though.
if ($send && $send['send_id'] == $send_id) {
update_insert('send_id', $send_id, 'newsletter_send', $_POST);
redirect_browser($this->link_queue_watch($newsletter_id, $send_id));
}
} else {
if ("enque_send" == $_REQUEST['_process']) {
$newsletter_id = (int) $_REQUEST['newsletter_id'];
$send_id = (int) $_REQUEST['send_id'];
$newsletter_data = self::get_newsletter($newsletter_id);
if ($newsletter_data['newsletter_id'] != $newsletter_id) {
die('failed to enqueue send');
}
// are we adding members to an existing send? or overwriting them to an existing draft / or creating a new blank send.
if ($send_id > 0) {
$adding_members = true;
} else {
$adding_members = false;
}
$members = array();
//todo: pass this off as a hook.
// so we could have another module (eg: module_drupal or module_wordpress) that
// checks which members were selected on the previous screen, and return a standard member array
if (class_exists('module_group', false)) {
// find the groups we are sending to.
$send_groups = array();
$groups = module_group::get_groups();
foreach ($groups as $group) {
if (isset($_REQUEST['group']) && isset($_REQUEST['group'][$group['group_id']]) && $_REQUEST['group'][$group['group_id']] == 'yes') {
// we are sending to this group
// get a list of members in this group and add them to a send table ready to go.
$send_groups[$group['group_id']] = true;
}
}
// find the members for these groups
$callback = 'module_group::newsletter_callback';
$error_count = 0;
foreach ($send_groups as $group_id => $tf) {
$group_members = module_group::get_members($group_id);
//echo '<pre>';print_r($group_members);exit;
// give all these members a callback so the newsletter system can get more data from them.
$group_members_with_data = array();
foreach ($group_members as $id => $group_member) {
$args = array('group_id' => $group_id, 'owner_id' => $group_member['owner_id'], 'owner_table' => $group_member['owner_table']);
// run this data callback to get the data from this group member.
$all_callback_data = self::member_data_callback($callback, $args, false);
// false, just want the email address for now.
if (!$all_callback_data) {
$error_count++;
}
if (is_array($all_callback_data)) {
// check if $callback_data is a multi-array - sometimes this will return more than 1 record (eg: customer = returns all contacts under that customer)
if (!isset($all_callback_data['_multi'])) {
// this is a single record. make it multi
$all_callback_data = array($all_callback_data);
} else {
unset($all_callback_data['_multi']);
}
foreach ($all_callback_data as $callback_data) {
if (!$callback_data) {
continue;
}
if (!isset($callback_data['data_callback']) || !$callback_data['data_callback']) {
$callback_data['data_callback'] = $callback;
}
if (!isset($callback_data['data_args']) || !$callback_data['data_args']) {
$callback_data['data_args'] = json_encode($args);
}
$group_members_with_data[] = $callback_data;
}
}
/*$group_members[$id] = self::member_data_callback($callback,$args);
if(!$group_members[$id]){
// todo: report this problematic group member, possibly remove group member from list.
$error_count++;
unset($group_members[$id]);
}else{
// a callback on customers will return all contacts for that customer (if advanced option is set)
if(!isset($group_members[$id]['data_callback']) || !$group_members[$id]['data_callback']){
$group_members[$id]['data_callback'] = $callback;
}
if(!isset($group_members[$id]['data_args']) || !$group_members[$id]['data_args']){
$group_members[$id]['data_args'] = json_encode($args);
}
}*/
}
unset($group_members);
//$members = array_merge($members,$group_members);
$members = array_merge($members, $group_members_with_data);
}
if ($error_count > 0) {
set_error('Failed to get the information on ' . $error_count . ' group members.');
}
}
/*if(class_exists('module_company',false) && module_company::can_i('view','Company') && module_company::is_enabled()){
// copy of the group logic above, but we're adding companies to the list.
// find the groups we are sending to.
$send_companys = array();
$companys = module_company::get_companys();
foreach($companys as $company){
if(isset($_REQUEST['company']) && isset($_REQUEST['company'][$company['company_id']]) && $_REQUEST['company'][$company['company_id']] == 'yes'){
// we are sending to this company
// get a list of members in this company and add them to a send table ready to go.
$send_companys[$company['company_id']] = true;
}
}
// find the members for these companys
$callback = 'module_company::newsletter_callback';
$error_count = 0;
foreach($send_companys as $company_id => $tf){
$company_members = module_company::get_members($company_id);
//echo '<pre>';print_r($company_members);exit;
// give all these members a callback so the newsletter system can get more data from them.
$company_members_with_data = array();
foreach($company_members as $id => $company_member){
$args = array(
'company_id'=>$company_id,
'owner_id'=>$company_member['owner_id'],
'owner_table'=>$company_member['owner_table'],
);
// run this data callback to get the data from this company member.
$all_callback_data = self::member_data_callback($callback,$args);
if(!$all_callback_data){
$error_count++;
}
if(is_array($all_callback_data)){
// check if $callback_data is a multi-array - sometimes this will return more than 1 record (eg: customer = returns all contacts under that customer)
if(!isset($all_callback_data['_multi'])){
// this is a single record. make it multi
$all_callback_data = array($all_callback_data);
}else{
unset($all_callback_data['_multi']);
}
foreach($all_callback_data as $callback_data){
if(!$callback_data)continue;
if(!isset($callback_data['data_callback']) || !$callback_data['data_callback']){
$callback_data['data_callback'] = $callback;
}
if(!isset($callback_data['data_args']) || !$callback_data['data_args']){
$callback_data['data_args'] = json_encode($args);
}
$company_members_with_data[] = $callback_data;
}
}
}
unset($company_members);
//$members = array_merge($members,$company_members);
$members = array_merge($members,$company_members_with_data);
}
if($error_count>0){
set_error('Failed to get the information on '.$error_count.' company members.');
}
}*/
//echo '<pre>';print_r($members);exit;
// todo - load CSV formats in too. IDEA! make a new CSV module, it will work in with GROUP hook above! YESS!
if (!$adding_members && !count($members)) {
set_error('Please select at least 1 person to send this newsletter to');
redirect_browser(self::link_send($newsletter_id));
}
if (!$adding_members && !$send_id) {
// see if we can re-use a previously unsent send (ie: draft send)
$drafts = get_multiple('newsletter_send', array('newsletter_id' => $newsletter_id, 'status' => _NEWSLETTER_STATUS_NEW));
if (count($drafts)) {
$draft = array_shift($drafts);
if ($draft['send_id']) {
$send_id = (int) $draft['send_id'];
$sql = "DELETE FROM `" . _DB_PREFIX . "newsletter_send_member` WHERE send_id = " . (int) $send_id;
query($sql);
}
}
}
if (isset($_REQUEST['start_time'])) {
$start_time = strtotime(input_date($_REQUEST['start_time'], true));
if (!$start_time) {
$start_time = time();
}
} else {
$start_time = time();
}
$allow_duplicates = isset($_REQUEST['allow_duplicates']) ? $_REQUEST['allow_duplicates'] : 0;
// remove cache from send newsletter data history
if (isset($newsletter_data['sends']) && is_array($newsletter_data['sends'])) {
foreach ($newsletter_data['sends'] as $previous_newsletter_data_send_id => $previous_newsletter_data_send) {
if (isset($previous_newsletter_data_send['cache'])) {
unset($newsletter_data['sends'][$previous_newsletter_data_send_id]['cache']);
}
}
}
$send_id = self::save_send($send_id, array('newsletter_id' => $newsletter_id, 'status' => _NEWSLETTER_STATUS_NEW, 'start_time' => $start_time, 'allow_duplicates' => $allow_duplicates, 'cache' => serialize($newsletter_data), 'subject' => $newsletter_data['subject']));
$done_member = false;
if ($send_id) {
// add the members from this send into the listing.
// this will be a snapshop of the members details at the time this send is created.
// todo: figure out if this will come back and bite me in the bum :)
$failed_due_to_unsubscribe = false;
$error_count = 0;
foreach ($members as $member) {
//print_r($member);
// check uniquness of this member's email in the send listing.
// find this member by email.
$newsletter_member_id = self::member_from_email($member);
if ($newsletter_member_id > 0) {
// found a member! add it to the send queue for this send.
if (!$allow_duplicates) {
// check if this member has received this email before.
$sql = "SELECT * FROM `" . _DB_PREFIX . "newsletter_send_member` sm";
$sql .= " LEFT JOIN `" . _DB_PREFIX . "newsletter_send` s USING (send_id) ";
$sql .= " WHERE sm.newsletter_member_id = " . (int) $newsletter_member_id;
$sql .= " AND sm.send_id IN (SELECT send_id FROM `" . _DB_PREFIX . "newsletter_send` WHERE newsletter_id = {$newsletter_id})";
$sql .= " AND sm.send_id != " . (int) $send_id;
$sql .= " AND s.status != 4 ";
// so we ignore deleted sends.
$check = query($sql);
if (mysql_num_rows($check)) {
// user has received this before.
//echo 'received before';
mysql_free_result($check);
continue;
}
mysql_free_result($check);
}
// check if this member is unsubscribed or marked as not receiving emails?
if (self::is_member_unsubscribed($newsletter_member_id, $member)) {
// unsubscribe checks blacklist so no need to inclde it here: || self::email_blacklisted($member['email'])
//echo 'unsubscribed';
$failed_due_to_unsubscribe = true;
continue;
}
$sql = "REPLACE INTO `" . _DB_PREFIX . "newsletter_send_member` SET ";
$sql .= " send_id = " . (int) $send_id . " ";
$sql .= ", newsletter_member_id = " . (int) $newsletter_member_id . " ";
$sql .= ", `sent_time` = 0";
$sql .= ", `status` = 0";
$sql .= ", `open_time` = 0";
$sql .= ", `bounce_time` = 0";
query($sql);
//echo 'done';
$done_member = true;
} else {
$error_count++;
if (_DEBUG_MODE) {
echo 'failed to create member from email';
print_r($member);
echo '<hr>';
}
}
}
if ($error_count) {
set_error('Failed to add ' . $error_count . ' members to the queue. Possibly because they have no valid email address.');
if (_DEBUG_MODE) {
//exit;
}
}
// exit;
if (!$done_member && !$adding_members) {
if ($failed_due_to_unsubscribe) {
set_error('All selected members have been unsubscribed or bounced, please select other members.');
// this member is added, redirect and show the errors ..
} else {
set_error('Please select at least 1 person to send this newsletter to.');
redirect_browser(self::link_send($newsletter_id));
}
}
redirect_browser($this->link_queue($newsletter_id, $send_id));
}
} else {
if ("save_newsletter_template" == $_REQUEST['_process']) {
if (isset($_REQUEST['butt_del'])) {
$data = self::get_newsletter_template($_REQUEST['newsletter_template_id']);
if (module_form::confirm_delete('newsletter_template_id', "Really delete newsletter template: " . $data['newsletter_template_name'], self::link_open_template($_REQUEST['newsletter_template_id']))) {
$this->delete_newsletter_template($_REQUEST['newsletter_template_id']);
set_message("Newsletter template deleted successfully");
redirect_browser(self::link_open_template(false));
}
}
$newsletter_template_id = $this->save_newsletter_template($_REQUEST['newsletter_template_id'], $_POST);
set_message("Newsletter template saved successfully");
redirect_browser($this->link_open_template($newsletter_template_id));
}
}
}
}
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public function process()
{
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['company_id'] && self::can_i('delete', 'Company')) {
$data = self::get_company($_REQUEST['company_id']);
if ($data && $data['company_id'] == $_REQUEST['company_id'] && module_form::confirm_delete('company_id', "Really delete company: " . $data['name'], self::link_open($_REQUEST['company_id']))) {
$this->delete_company($_REQUEST['company_id']);
set_message("company deleted successfully");
redirect_browser($this->link_open(false));
}
} else {
if ('save_company' == $_REQUEST['_process'] && self::can_i('edit', 'Company')) {
$company_id = update_insert('company_id', $_REQUEST['company_id'], 'company', $_POST);
set_message('Company saved successfully');
redirect_browser($this->link_open($company_id));
}
}
}
public function process()
{
if ("save_facebook" == $_REQUEST['_process']) {
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
$facebook = new ucm_facebook_account($social_facebook_id);
if (isset($_POST['butt_del']) && module_social::can_i('delete', 'Facebook', 'Social', 'social')) {
if (module_form::confirm_delete('social_facebook_id', "Really delete this Facebook account from the system? All messages will be lost.", self::link_open($_REQUEST['social_facebook_id']))) {
$facebook->delete();
set_message("Facebook account deleted successfully");
redirect_browser(self::link_open(false));
}
}
$facebook->save_data($_POST);
$social_facebook_id = $facebook->get('social_facebook_id');
if (isset($_POST['butt_save_connect'])) {
$redirect = $this->link_open($social_facebook_id, false, false, 'facebook_account_connect');
} else {
set_message('Facebook account saved successfully');
$redirect = $this->link_open($social_facebook_id);
}
redirect_browser($redirect);
exit;
} else {
if ("send_facebook_message" == $_REQUEST['_process']) {
if (module_form::check_secure_key()) {
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
$facebook = new ucm_facebook_account($social_facebook_id);
if ($social_facebook_id && $facebook->get('social_facebook_id') == $social_facebook_id) {
// queue the message into the facebook_message table
// if there's a scheduled date in the past we send it in the past, no date we send straight away, date in the future we leave it in the db table for the cron job to pick up.
//print_r($_POST);exit;
$send_time = false;
// default: now
if (isset($_POST['schedule_date']) && isset($_POST['schedule_time']) && !empty($_POST['schedule_date']) && !empty($_POST['schedule_time'])) {
$date = $_POST['schedule_date'];
$time_hack = $_POST['schedule_time'];
$time_hack = str_ireplace('am', '', $time_hack);
$time_hack = str_ireplace('pm', '', $time_hack);
$bits = explode(':', $time_hack);
if (strpos($_POST['schedule_time'], 'pm')) {
$bits[0] += 12;
}
// add the time if it exists
$date .= ' ' . implode(':', $bits) . ':00';
$send_time = strtotime(input_date($date, true));
} else {
if (isset($_POST['schedule_date']) && !empty($_POST['schedule_date'])) {
$send_time = strtotime(input_date($_POST['schedule_date'], true));
}
}
//echo print_date($send_time,true);
//echo '<br>';
//echo date('c',$send_time);
//exit;
/* @var $available_pages ucm_facebook_page[] */
$available_pages = $facebook->get('pages');
$send_pages = isset($_POST['compose_page_id']) && is_array($_POST['compose_page_id']) ? $_POST['compose_page_id'] : array();
$page_count = 0;
if ($send_pages) {
foreach ($send_pages as $facebook_page_id => $tf) {
if (!$tf) {
continue;
}
// see if this is an available page.
if (isset($available_pages[$facebook_page_id])) {
// push to db! then send.
$facebook_message = new ucm_facebook_message($facebook, $available_pages[$facebook_page_id], false);
$facebook_message->create_new();
$facebook_message->update('social_facebook_page_id', $available_pages[$facebook_page_id]->get('social_facebook_page_id'));
$facebook_message->update('social_facebook_id', $facebook->get('social_facebook_id'));
$facebook_message->update('summary', isset($_POST['message']) ? $_POST['message'] : '');
$facebook_message->update('type', 'pending');
$facebook_message->update('link', isset($_POST['link']) ? $_POST['link'] : '');
$facebook_message->update('data', json_encode($_POST));
$facebook_message->update('user_id', module_security::get_loggedin_id());
// do we send this one now? or schedule it later.
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_PENDINGSEND);
if ($send_time) {
// schedule for sending at a different time (now or in the past)
$facebook_message->update('last_active', $send_time);
} else {
// send it now.
$facebook_message->update('last_active', 0);
}
if (isset($_FILES['picture']['tmp_name']) && is_uploaded_file($_FILES['picture']['tmp_name'])) {
$facebook_message->add_attachment($_FILES['picture']['tmp_name']);
}
$facebook_message->send_queued(isset($_POST['debug']));
$page_count++;
} else {
// log error?
}
}
}
set_message(_l('Message delivered successfully to %s Facebook pages', $page_count));
$redirect = $this->link_open_message_view($social_facebook_id);
redirect_browser($redirect);
}
}
} else {
if ("ajax_facebook_url_info" == $_REQUEST['_process']) {
header('Content-type: text/javascript');
$url = isset($_REQUEST['url']) ? $_REQUEST['url'] : false;
if (strlen($url) > 4 && preg_match('#https?://#', $url)) {
// pass this into graph api debugger to get some information back about the URL
$facebook = new ucm_facebook();
$data = $facebook->get_url_info($url);
// return the data formatted in json ready to be added into the relevant input boxes.
$data['link_picture'] = isset($data['image'][0]['url']) ? $data['image'][0]['url'] : '';
$data['link_name'] = isset($data['title']) ? $data['title'] : '';
$data['link_caption'] = isset($data['caption']) ? $data['caption'] : '';
$data['link_description'] = isset($data['description']) ? $data['description'] : '';
echo json_encode($data);
}
exit;
} else {
if ("ajax_social_facebook" == $_REQUEST['_process']) {
// ajax functions from wdsocial. copied from the datafeed.php sample files.
header('Content-type: text/javascript');
if (module_form::check_secure_key()) {
// todo: check user has access to this message.
$social_facebook_id = isset($_REQUEST['social_facebook_id']) ? (int) $_REQUEST['social_facebook_id'] : 0;
//$facebook = new ucm_facebook_account($social_facebook_id);
//if($social_facebook_id && $facebook->get('social_facebook_id') == $social_facebook_id){
$action = isset($_REQUEST['action']) ? $_REQUEST['action'] : false;
$message_id = isset($_REQUEST['id']) ? (int) $_REQUEST['id'] : 0;
$facebook_message = new ucm_facebook_message();
$facebook_message->load($message_id);
//if($facebook_message->get('social_facebook_id') == $social_facebook_id){
switch ($action) {
case "send-message-reply":
if (module_social::can_i('create', 'Facebook Comments', 'Social', 'social')) {
$return = array();
$message = isset($_POST['message']) && $_POST['message'] ? $_POST['message'] : '';
$facebook_id = isset($_POST['facebook_id']) && $_POST['facebook_id'] ? $_POST['facebook_id'] : false;
$debug = isset($_POST['debug']) && $_POST['debug'] ? $_POST['debug'] : false;
if ($message) {
if ($debug) {
ob_start();
}
$facebook_message->send_reply($facebook_id, $message, $debug);
if ($debug) {
$return['message'] = ob_get_clean();
} else {
// todo - option to ask the user if they want to archive a message during the send.
set_message(_l('Message sent and conversation archived.'));
if ($social_facebook_id) {
$return['redirect'] = module_social_facebook::link_open_message_view($social_facebook_id);
} else {
// return to the 'combined' view:
}
}
}
echo json_encode($return);
}
break;
case "set-answered":
if (module_social::can_i('edit', 'Facebook Comments', 'Social', 'social')) {
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_ANSWERED);
?>
$('.facebook_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
}
break;
case "set-unanswered":
if (module_social::can_i('edit', 'Facebook Comments', 'Social', 'social')) {
$facebook_message->update('status', _SOCIAL_MESSAGE_STATUS_UNANSWERED);
?>
$('.facebook_message_row[data-id=<?php
echo $message_id;
?>
]').hide();
<?php
}
break;
}
//echo 'The status is '.$facebook_message->get('status');
//}
}
// }
exit;
}
}
}
}
}
public function process()
{
if ('save_faq_product' == $_REQUEST['_process']) {
if (!module_faq::can_i('edit', 'FAQ')) {
die('No perms to save faq.');
}
if (isset($_POST['envato_item_ids'])) {
$_POST['envato_item_ids'] = implode('|', $_POST['envato_item_ids']);
}
$faq_product_id = update_insert('faq_product_id', $_REQUEST['faq_product_id'], 'faq_product', $_POST);
if (isset($_REQUEST['butt_del'])) {
// deleting ticket type all together
if (module_form::confirm_delete('customer_id', _l("Really delete FAQ Product?"), self::link_open_faq_product($_REQUEST['faq_product_id']))) {
delete_from_db('faq_product', 'faq_product_id', $_REQUEST['faq_product_id']);
set_message('FAQ Product deleted successfully.');
redirect_browser($this->link_open_faq_product(false));
}
}
set_message('FAQ Product saved successfully');
redirect_browser($this->link_open_faq_product($faq_product_id));
} else {
if ('save_faq' == $_REQUEST['_process']) {
if (!module_faq::can_i('edit', 'FAQ')) {
die('No perms to save faq.');
}
if (isset($_REQUEST['new_product_name']) && strlen(trim($_REQUEST['new_product_name']))) {
$faq_product_id = update_insert('faq_product_id', false, 'faq_product', array('name' => trim($_REQUEST['new_product_name'])));
if (!isset($_REQUEST['faq_product_ids'])) {
$_REQUEST['faq_product_ids'] = array();
}
$_REQUEST['faq_product_ids'][] = $faq_product_id;
}
$faq_id = update_insert('faq_id', $_REQUEST['faq_id'], 'faq', $_POST);
delete_from_db('faq_product_rel', 'faq_id', $faq_id);
if (isset($_REQUEST['faq_product_ids']) && is_array($_REQUEST['faq_product_ids'])) {
foreach ($_REQUEST['faq_product_ids'] as $faq_product_id) {
if ((int) $faq_product_id > 0) {
$sql = "INSERT INTO `" . _DB_PREFIX . "faq_product_rel` SET faq_id = " . (int) $faq_id . ", faq_product_id = " . (int) $faq_product_id;
query($sql);
}
}
}
if (isset($_REQUEST['butt_del'])) {
// deleting ticket type all together
if (module_form::confirm_delete('customer_id', _l("Really delete FAQ item?"), self::link_open($_REQUEST['faq_id']))) {
delete_from_db('faq', 'faq_id', $_REQUEST['faq_id']);
delete_from_db('faq_product_rel', 'faq_id', $_REQUEST['faq_id']);
set_message('FAQ deleted successfully.');
redirect_browser($this->link_open(false));
}
}
set_message('FAQ saved successfully');
redirect_browser($this->link_open($faq_id));
}
}
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes') {
// confirm deletion of these tickets:
$product_ids = isset($_REQUEST['bulk_operation']) && is_array($_REQUEST['bulk_operation']) ? $_REQUEST['bulk_operation'] : array();
foreach ($product_ids as $product_id => $k) {
if ($k != 'yes') {
unset($product_ids[$product_id]);
} else {
$product_ids[$product_id] = self::link_open($product_id, true);
}
}
if (count($product_ids) > 0) {
if (module_form::confirm_delete('product_id', "Really delete products: " . implode(', ', $product_ids), self::link_open(false))) {
foreach ($product_ids as $product_id => $product_number) {
self::delete_product($product_id);
}
set_message(_l("%s products deleted successfully", count($product_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
public function process()
{
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['group_id']) {
$data = self::get_group($_REQUEST['group_id']);
if (module_form::confirm_delete('group_id', "Really delete group: " . $data['name'], self::link_open($_REQUEST['group_id']))) {
$this->delete_group($_REQUEST['group_id']);
set_message("group deleted successfully");
redirect_browser($this->link_open(false));
}
} else {
if ('save_group' == $_REQUEST['_process']) {
$group_id = update_insert('group_id', $_REQUEST['group_id'], 'group', $_POST);
set_message('Group saved successfully');
redirect_browser($this->link_open($group_id));
}
}
}
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_config::can_i('view', 'Settings')) {
redirect_browser(_BASE_HREF);
}
if (!module_config::can_i('edit', 'Settings')) {
redirect_browser(_BASE_HREF);
}
if (isset($_REQUEST['currency_id'])) {
$currency_id = (int) $_REQUEST['currency_id'];
$currency = get_single('currency', 'currency_id', $currency_id);
if (isset($_REQUEST['butdelete_currency'])) {
if (module_form::confirm_delete('currency_id', 'Really delete currency: ' . htmlspecialchars($currency['code']))) {
delete_from_db('currency', 'currency_id', $currency_id);
set_message(_l('Currency deleted successfully'));
redirect_browser($_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') === false ? '?' : '&') . 'deleted=true');
}
} else {
if (isset($_REQUEST['save'])) {
update_insert('currency_id', $currency_id, 'currency', $_POST);
set_message('Currency saved successfully');
//redirect_browser('?saved=true');
redirect_browser($_SERVER['REQUEST_URI'] . (strpos($_SERVER['REQUEST_URI'], '?') === false ? '?' : '&') . 'saved=true');
}
}
$currency = get_single('currency', 'currency_id', $currency_id);
print_heading(array('title' => 'Edit Currency', 'type' => 'h2', 'main' => true));
?>
public function process()
{
$errors = array();
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['quote_id']) {
$data = self::get_quote($_REQUEST['quote_id']);
if (module_form::confirm_delete('quote_id', "Really delete quote: " . $data['name'], self::link_open($_REQUEST['quote_id']))) {
$this->delete_quote($_REQUEST['quote_id']);
set_message("quote deleted successfully");
redirect_browser($this->link_open(false));
}
} else {
if ("ajax_quote_list" == $_REQUEST['_process']) {
$customer_id = isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : 0;
$res = module_quote::get_quotes(array('customer_id' => $customer_id));
$options = array();
foreach ($res as $row) {
$options[$row['quote_id']] = $row['name'];
}
echo json_encode($options);
exit;
} else {
if ("ajax_create_invoice" == $_REQUEST['_process']) {
$quote_id = (int) $_REQUEST['quote_id'];
$quote = self::get_quote($quote_id, true);
$quote_tasks = self::get_tasks($quote_id);
if (!$quote || $quote['quote_id'] != $quote_id) {
exit;
}
// no permissions.
if (!module_invoice::can_i('create', 'Invoices')) {
exit;
}
// no permissions
ob_start();
?>
<p><?php
_e('Please select which tasks to generate an invoice for:');
?>
</p>
<ul>
<?php
foreach ($quote['uninvoiced_quote_task_ids'] as $quote_task_id) {
if (isset($quote_tasks[$quote_task_id])) {
?>
<li>
<input type="checkbox" id="invoice_create_task_<?php
echo $quote_task_id;
?>
" data-taskid="<?php
echo $quote_task_id;
?>
" class="invoice_create_task" name="invoice_quote_task_id[<?php
echo $quote_task_id;
?>
]" value="1" <?php
echo $quote_tasks[$quote_task_id]['fully_completed'] ? 'checked' : '';
?>
>
<label for="invoice_create_task_<?php
echo $quote_task_id;
?>
">
(#<?php
echo $quote_tasks[$quote_task_id]['task_order'];
?>
)
<?php
echo htmlspecialchars($quote_tasks[$quote_task_id]['description']);
?>
</label>
</li>
<?php
}
}
?>
</ul>
<?php
$html = ob_get_clean();
echo $html;
exit;
} else {
if ("ajax_task" == $_REQUEST['_process']) {
// we are requesting editing a task.
$quote_id = (int) $_REQUEST['quote_id'];
$quote = self::get_quote($quote_id, true);
$quote_tasks = self::get_tasks($quote_id);
if (!$quote || $quote['quote_id'] != $quote_id) {
exit;
}
// no permissions.
if (!self::can_i('edit', 'Quote Tasks')) {
exit;
}
// no permissions
if (isset($_REQUEST['toggle_completed'])) {
$quote_task_id = (int) $_REQUEST['quote_task_id'];
$task_data = $quote_tasks[$quote_task_id];
$result = array();
if ($task_data && $task_data['quote_id'] == $quote_id) {
if ($task_data['invoiced'] && $task_data['fully_completed']) {
// dont allow to 'uncompleted' fully completed invoice tasks
} else {
// it is editable.
$task_data['fully_completed_t'] = 1;
$task_data['fully_completed'] = $task_data['fully_completed'] ? 0 : 1;
// save a single quote task
$this->save_quote_tasks($quote_id, array('quote_task' => array($quote_task_id => $task_data)));
$result['success'] = 1;
$result['quote_id'] = $quote_id;
$result['quote_task_id'] = $quote_task_id;
}
}
echo json_encode($result);
exit;
} else {
if (isset($_REQUEST['update_task_order'])) {
// updating the task orders for this task..
$task_order = (array) $_REQUEST['task_order'];
foreach ($task_order as $quote_task_id => $new_order) {
if ((int) $new_order > 0 && isset($quote_tasks[$quote_task_id])) {
update_insert('quote_task_id', $quote_task_id, 'quote_task', array('task_order' => (int) $new_order));
}
}
echo 'done';
} else {
$quote_task_id = (int) $_REQUEST['quote_task_id'];
$task_data = $quote_tasks[$quote_task_id];
$task_editable = true;
// todo - load this select box in via javascript from existing one on page.
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
// new different formats for quote data.
$task_data['manual_task_type_real'] = $task_data['manual_task_type'];
if ((!isset($task_data['manual_task_type']) || $task_data['manual_task_type'] < 0) && isset($quote['default_task_type'])) {
// use the quote task type
$task_data['manual_task_type'] = $quote['default_task_type'];
}
if (isset($_REQUEST['get_preview'])) {
$after_quote_task_id = $quote_task_id;
// this will put it right back where it started.
$previous_quote_task_id = 0;
$quote_tasks = self::get_tasks($quote_id);
foreach ($quote_tasks as $k => $v) {
// find out where this new task position is!
if ($k == $quote_task_id) {
$after_quote_task_id = $previous_quote_task_id;
break;
}
$previous_quote_task_id = $k;
}
$create_invoice_button = '';
//if($quote['total_amount_invoicable'] > 0 && module_invoice::can_i('create','Invoices')){
if (count($quote['uninvoiced_quote_task_ids']) && module_invoice::can_i('create', 'Invoices')) {
//href="'.module_invoice::link_generate('new',array('arguments'=>array( 'quote_id' => $quote_id, ))).'"
$create_invoice_button = '<a class="submit_button save_button uibutton quote_generate_invoice_button" onclick="return ucm.quote.generate_invoice();">' . _l('Create Invoice') . '</a>';
}
$result = array('quote_task_id' => $quote_task_id, 'after_quote_task_id' => $after_quote_task_id, 'html' => self::generate_task_preview($quote_id, $quote, $quote_task_id, $task_data), 'summary_html' => self::generate_quote_summary($quote_id, $quote), 'create_invoice_button' => $create_invoice_button);
echo json_encode($result);
} else {
$show_task_numbers = module_config::c('quote_show_task_numbers', 1) && $quote['auto_task_numbers'] != 2;
ob_start();
include 'pages/ajax_task_edit.php';
$result = array('quote_task_id' => $quote_task_id, 'hours' => isset($_REQUEST['hours']) ? (double) $_REQUEST['hours'] : 0, 'html' => ob_get_clean());
echo json_encode($result);
}
}
}
exit;
} else {
if ("save_quote" == $_REQUEST['_process']) {
$save_status = $this->save_quote($_REQUEST['quote_id'], $_POST);
$quote_id = isset($save_status['quote_id']) ? $save_status['quote_id'] : false;
if (!$quote_id) {
set_error('Failed to save quote');
redirect_browser(module_quote::link_open(false));
}
// look for the new tasks flag.
if (isset($_REQUEST['default_task_list_id']) && isset($_REQUEST['default_tasks_action'])) {
switch ($_REQUEST['default_tasks_action']) {
case 'insert_default':
if ((int) $_REQUEST['default_task_list_id'] > 0) {
$default = self::get_default_task($_REQUEST['default_task_list_id']);
$task_data = $default['task_data'];
$new_task_data = array('quote_task' => array());
foreach ($task_data as $task) {
$task['quote_id'] = $quote_id;
$new_task_data['quote_task'][] = $task;
}
$this->save_quote_tasks($quote_id, $new_task_data);
}
break;
case 'save_default':
$new_default_name = trim($_REQUEST['default_task_list_id']);
if ($new_default_name != '') {
// time to save it!
$task_data = self::get_tasks($quote_id);
$cached_task_data = array();
foreach ($task_data as $task) {
unset($task['quote_task_id']);
unset($task['date_done']);
unset($task['invoice_id']);
unset($task['task_order']);
unset($task['create_user_id']);
unset($task['update_user_id']);
unset($task['date_created']);
unset($task['date_updated']);
$task['saved_time'] = time();
$cached_task_data[] = $task;
/*$cached_task_data[] = array(
'hours' => $task['hours'],
'amount' => $task['amount'],
'billable' => $task['billable'],
'fully_completed' => $task['fully_completed'],
'description' => $task['description'],
'long_description' => $task['long_description'],
'date_due' => $task['date_due'],
'user_id' => $task['user_id'],
'approval_required' => $task['approval_required'],
'task_order' => $task['task_order'],
'saved_time' => time(),
);*/
}
self::save_default_tasks((int) $_REQUEST['default_task_list_id'], $new_default_name, $cached_task_data);
unset($task_data);
}
break;
}
}
if (isset($_REQUEST['save_ajax_task'])) {
// do everything via ajax. trickery!
if ($quote_id <= 0) {
die('Shouldnt happen');
}
//$result = $this->save_quote_tasks( $quote_id, $_POST );
$result = isset($save_status['task_result']) ? $save_status['task_result'] : false;
$quote_data = self::get_quote($quote_id, false);
$new_status = self::update_quote_completion_status($quote_id);
$new_status = addcslashes(htmlspecialchars($new_status), "'");
//module_cache::clear_cache();
$new_quote_data = self::get_quote($quote_id, false);
if ($quote_id != $_REQUEST['quote_id']) {
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($quote_id);
?>
&added=true';
</script>
<?php
exit;
}
// we now have to edit the parent DOM to reflect these changes.
// what were we doing? adding a new task? editing an existing task?
switch ($result['status']) {
case 'created':
// we added a new task.
// add a new task to the bottom (OR MID WAY!) through the task list.
if ((int) $result['quote_task_id'] > 0) {
?>
<script type="text/javascript">
parent.refresh_task_preview(<?php
echo (int) $result['quote_task_id'];
?>
);
parent.clear_create_form();
parent.ucm.add_message('<?php
_e('New task created successfully');
?>
');
parent.ucm.display_messages(true);
<?php
if ($quote_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();
<?php
}
?>
<?php
if ($new_quote_data['date_approved'] != $quote_data['date_approved']) {
?>
parent.jQuery('#date_approved').val('<?php
echo print_date($new_quote_data['date_approved']);
?>
').change();
<?php
}
?>
</script>
<?php
} else {
set_error('New task creation failed.');
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($quote_id);
?>
&added=true';
</script>
<?php
}
break;
case 'deleted':
// we deleted a task.
set_message('Task removed successfully');
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($quote_id);
?>
';
<?php
if ($quote_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();
<?php
}
?>
</script>
<?php
break;
case 'error':
set_error('Something happened while trying to save a task. Unknown error.');
// something happened, refresh the parent browser frame
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($quote_id);
?>
';
</script>
<?php
break;
case 'edited':
// we changed a task (ie: completed?);
// update this task above.
if ((int) $result['quote_task_id'] > 0) {
?>
<script type="text/javascript">
parent.canceledittask();
//parent.refresh_task_preview(<?php
echo (int) $result['quote_task_id'];
?>
);
parent.ucm.add_message('<?php
_e('Task saved successfully');
?>
');
parent.ucm.display_messages(true);
<?php
if ($quote_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();
<?php
}
?>
<?php
if ($new_quote_data['date_approved'] != $quote_data['date_approved']) {
?>
parent.jQuery('#date_approved').val('<?php
echo print_date($new_quote_data['date_approved']);
?>
').change();
<?php
}
?>
</script>
<?php
} else {
?>
<script type="text/javascript">
parent.canceledittask();
parent.ucm.add_error('<?php
_e('Unable to save task');
?>
');
parent.ucm.display_messages(true);
<?php
if ($quote_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();
<?php
}
?>
</script>
<?php
}
break;
default:
?>
<script type="text/javascript">
parent.ucm.add_error('<?php
_e('Unable to save task. Please check required fields.');
?>
');
parent.ucm.display_messages(true);
</script>
<?php
break;
}
exit;
}
if (isset($_REQUEST['butt_print']) && $_REQUEST['butt_print']) {
redirect_browser(module_quote::link_public_print($quote_id));
}
if (isset($_REQUEST['butt_email']) && $_REQUEST['butt_email']) {
redirect_browser(module_quote::link_generate($quote_id, array('arguments' => array('email' => 1))));
}
if (isset($_REQUEST['butt_duplicate']) && $_REQUEST['butt_duplicate'] && module_quote::can_i('create', 'Quotes')) {
$new_quote_id = module_quote::duplicate_quote($quote_id);
set_message('Quote duplicated successfully');
redirect_browser(module_quote::link_generate($new_quote_id));
}
set_message("Quote saved successfully");
//redirect_browser($this->link_open($quote_id));
redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : $this->link_open($quote_id));
}
}
}
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes' && self::can_i('delete', 'Files')) {
// confirm deletion of these files:
$file_ids = isset($_REQUEST['bulk_operation']) && is_array($_REQUEST['bulk_operation']) ? $_REQUEST['bulk_operation'] : array();
foreach ($file_ids as $file_id => $k) {
if ($k != 'yes') {
unset($file_ids[$file_id]);
} else {
$ucm_file = new ucm_file($file_id);
if (!$ucm_file->can_i_access()) {
unset($file_ids[$file_id]);
} else {
$file_data = $ucm_file->get_data();
$file_ids[$file_id] = $file_data['file_name'];
}
}
}
if (count($file_ids) > 0) {
if (module_form::confirm_delete('file_id', _l("Really delete files: %s", implode(', ', $file_ids)), self::link_open(false))) {
foreach ($file_ids as $file_id => $file_number) {
$ucm_file = new ucm_file($file_id);
$ucm_file->delete();
}
set_message(_l("%s files deleted successfully", count($file_ids)));
redirect_browser(self::link_open(false));
}
}
}
}
public function process()
{
$errors = array();
if (isset($_REQUEST['butt_del']) && $_REQUEST['butt_del'] && $_REQUEST['job_id']) {
$data = self::get_job($_REQUEST['job_id']);
if (module_form::confirm_delete('job_id', _l("Really delete job: %s", $data['name']), self::link_open($_REQUEST['job_id']))) {
$this->delete_job($_REQUEST['job_id']);
set_message("job deleted successfully");
redirect_browser($this->link_open(false));
}
} else {
if ("ajax_job_list" == $_REQUEST['_process']) {
$customer_id = isset($_REQUEST['customer_id']) ? (int) $_REQUEST['customer_id'] : 0;
$res = module_job::get_jobs(array('customer_id' => $customer_id));
$options = array();
foreach ($res as $row) {
$options[$row['job_id']] = $row['name'];
}
echo json_encode($options);
exit;
} else {
if ("ajax_create_invoice" == $_REQUEST['_process']) {
$job_id = (int) $_REQUEST['job_id'];
$job = self::get_job($job_id, true);
$job_tasks = self::get_tasks($job_id);
if (!$job || $job['job_id'] != $job_id) {
exit;
}
// no permissions.
if (!module_invoice::can_i('create', 'Invoices')) {
exit;
}
// no permissions
ob_start();
?>
<p><?php
_e('Please select which tasks to generate an invoice for:');
?>
</p>
<ul>
<?php
foreach ($job['uninvoiced_task_ids'] as $task_id) {
if (isset($job_tasks[$task_id])) {
?>
<li>
<input type="checkbox" id="invoice_create_task_<?php
echo $task_id;
?>
" data-taskid="<?php
echo $task_id;
?>
" class="invoice_create_task" name="invoice_task_id[<?php
echo $task_id;
?>
]" value="1" <?php
echo $job_tasks[$task_id]['fully_completed'] ? 'checked' : '';
?>
>
<label for="invoice_create_task_<?php
echo $task_id;
?>
">
(#<?php
echo $job_tasks[$task_id]['task_order'];
?>
)
<?php
echo htmlspecialchars($job_tasks[$task_id]['description']);
?>
</label>
</li>
<?php
}
}
?>
</ul>
<?php
$html = ob_get_clean();
echo $html;
exit;
} else {
if ("ajax_task" == $_REQUEST['_process']) {
// we are requesting editing a task.
$job_id = (int) $_REQUEST['job_id'];
$job = self::get_job($job_id, true);
$job_tasks = self::get_tasks($job_id);
if (!$job || $job['job_id'] != $job_id) {
exit;
}
// no permissions.
if (!self::can_i('edit', 'Job Tasks')) {
exit;
}
// no permissions
if (isset($_REQUEST['toggle_completed'])) {
$task_id = (int) $_REQUEST['task_id'];
$task_data = $job_tasks[$task_id];
$result = array();
if ($task_data && $task_data['job_id'] == $job_id) {
if ($task_data['invoiced'] && $task_data['fully_completed']) {
// dont allow to 'uncompleted' fully completed invoice tasks
} else {
// it is editable.
$task_data['fully_completed_t'] = 1;
$task_data['fully_completed'] = $task_data['fully_completed'] ? 0 : 1;
// save a single job task
$this->save_job_tasks($job_id, array('job_task' => array($task_id => $task_data)));
$result['success'] = 1;
$result['job_id'] = $job_id;
$result['task_id'] = $task_id;
$result['message'] = $task_data['fully_completed'] ? _l('Task marked as complete') : _l('Task marked as incomplete');
$email_status = self::send_job_task_email($job_id, $result['task_id'], 'toggle');
if ($email_status !== false) {
$result['message'] .= is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : _l(' and email sent to customer');
}
}
}
echo json_encode($result);
exit;
} else {
if (isset($_REQUEST['delete_task_log_id']) && (int) $_REQUEST['delete_task_log_id'] > 0) {
$task_id = (int) $_REQUEST['task_id'];
$task_log_id = (int) $_REQUEST['delete_task_log_id'];
$sql = "DELETE FROM `" . _DB_PREFIX . "task_log` WHERE task_id = '{$task_id}' AND task_log_id = '{$task_log_id}' LIMIT 1";
query($sql);
echo 'done';
} else {
if (isset($_REQUEST['update_task_order'])) {
// updating the task orders for this task..
$task_order = (array) $_REQUEST['task_order'];
foreach ($task_order as $task_id => $new_order) {
if ((int) $new_order > 0 && isset($job_tasks[$task_id])) {
update_insert('task_id', $task_id, 'task', array('task_order' => (int) $new_order));
}
}
echo 'done';
} else {
$task_id = (int) $_REQUEST['task_id'];
$task_data = $job_tasks[$task_id];
$task_editable = !$task_data['invoiced'];
$job_task_creation_permissions = module_job::get_job_task_creation_permissions();
// todo - load this select box in via javascript from existing one on page.
$staff_members = module_user::get_staff_members();
$staff_member_rel = array();
foreach ($staff_members as $staff_member) {
$staff_member_rel[$staff_member['user_id']] = $staff_member['name'];
}
// new different formats for job data.
$task_data['manual_task_type_real'] = $task_data['manual_task_type'];
if ((!isset($task_data['manual_task_type']) || $task_data['manual_task_type'] < 0) && isset($job['default_task_type'])) {
// use the job task type
$task_data['manual_task_type'] = $job['default_task_type'];
}
$percentage = self::get_percentage($task_data);
if (isset($_REQUEST['get_preview'])) {
$after_task_id = $task_id;
// this will put it right back where it started.
$previous_task_id = 0;
$job_tasks = self::get_tasks($job_id);
$show_hours_summary = false;
foreach ($job_tasks as $k => $v) {
if ($v['manual_task_type'] < 0) {
$job_tasks[$k]['manual_task_type'] = $job['default_task_type'];
}
if ($job_tasks[$k]['manual_task_type'] == _TASK_TYPE_HOURS_AMOUNT) {
$show_hours_summary = true;
}
}
foreach ($job_tasks as $k => $v) {
// find out where this new task position is!
if ($k == $task_id) {
$after_task_id = $previous_task_id;
break;
}
$previous_task_id = $k;
}
$create_invoice_button = '';
//if($job['total_amount_invoicable'] > 0 && module_invoice::can_i('create','Invoices')){
if (count($job['uninvoiced_task_ids']) && module_invoice::can_i('create', 'Invoices')) {
//href="'.module_invoice::link_generate('new',array('arguments'=>array( 'job_id' => $job_id, ))).'"
$create_invoice_button = '<a class="submit_button save_button uibutton job_generate_invoice_button" onclick="return ucm.job.generate_invoice();">' . _l('Create Invoice') . '</a>';
}
$result = array('task_id' => $task_id, 'after_task_id' => $after_task_id, 'html' => self::generate_task_preview($job_id, $job, $task_id, $task_data), 'summary_html' => self::generate_job_summary($job_id, $job, $show_hours_summary), 'create_invoice_button' => $create_invoice_button);
echo json_encode($result);
} else {
$show_task_numbers = module_config::c('job_show_task_numbers', 1) && $job['auto_task_numbers'] != 2;
ob_start();
include 'pages/ajax_task_edit.php';
$result = array('task_id' => $task_id, 'hours' => isset($_REQUEST['hours']) ? (double) $_REQUEST['hours'] : 0, 'html' => ob_get_clean());
echo json_encode($result);
}
}
}
}
exit;
} else {
if ("save_job_tasks_ajax" == $_REQUEST['_process']) {
// do everything via ajax. trickery!
// dont bother saving the job. it's already created.
$job_id = (int) $_REQUEST['job_id'];
$job_data = self::get_job($job_id);
if (!$job_id || !$job_data || $job_data['job_id'] != $job_id) {
set_error('Permission denied');
exit;
}
$result = $this->save_job_tasks($job_id, $_POST);
$job_data = self::get_job($job_id, false);
//if(!$job_data || $job_data['job_id'] != $job_id)
$new_status = self::update_job_completion_status($job_id);
$new_status = addcslashes(htmlspecialchars($new_status), "'");
//module_cache::clear_cache();
$new_job_data = self::get_job($job_id, false);
// we now have to edit the parent DOM to reflect these changes.
// what were we doing? adding a new task? editing an existing task?
switch ($result['status']) {
case 'created':
// we added a new task.
// add a new task to the bottom (OR MID WAY!) through the task list.
if ((int) $result['task_id'] > 0) {
// support for job task completion email.
$email_status = self::send_job_task_email($job_id, $result['task_id'], 'created');
?>
<script type="text/javascript">
parent.refresh_task_preview(<?php
echo (int) $result['task_id'];
?>
);
parent.clear_create_form();
parent.ucm.add_message('<?php
_e('New task created successfully');
echo is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : ($email_status ? _l(' and email sent to customer') : '');
?>
');
parent.ucm.display_messages(true);
<?php
if ($job_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();<?php
}
?>
<?php
if ($new_job_data['date_completed'] != $job_data['date_completed']) {
?>
parent.jQuery('#date_completed').val('<?php
echo print_date($new_job_data['date_completed']);
?>
').change();<?php
}
?>
</script>
<?php
} else {
set_error('New task creation failed.');
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($_REQUEST['job_id']);
?>
&added=true';
</script>
<?php
}
break;
case 'deleted':
// we deleted a task.
set_message('Task removed successfully');
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($_REQUEST['job_id']);
?>
';
<?php
if ($job_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();<?php
}
?>
</script>
<?php
break;
case 'error':
set_error('Something happened while trying to save a task. Unknown error.');
// something happened, refresh the parent browser frame
?>
<script type="text/javascript">
top.location.href = '<?php
echo $this->link_open($_REQUEST['job_id']);
?>
';
</script>
<?php
break;
case 'edited':
// we changed a task (ie: completed?);
// update this task above.
if ((int) $result['task_id'] > 0) {
$email_status = self::send_job_task_email($job_id, $result['task_id'], 'edited');
?>
<script type="text/javascript">
parent.canceledittask();
//parent.refresh_task_preview(<?php
echo (int) $result['task_id'];
?>
);
parent.ucm.add_message('<?php
_e('Task saved successfully');
echo is_array($email_status) && isset($email_status['message']) ? $email_status['message'] : ($email_status ? _l(' and email sent to customer') : '');
?>
');
parent.ucm.display_messages(true);
<?php
if ($job_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();<?php
}
?>
<?php
if ($new_job_data['date_completed'] != $job_data['date_completed']) {
?>
parent.jQuery('#date_completed').val('<?php
echo print_date($new_job_data['date_completed']);
?>
').change();<?php
}
?>
</script>
<?php
} else {
?>
<script type="text/javascript">
parent.canceledittask();
parent.ucm.add_error('<?php
_e('Unable to save task');
?>
');
parent.ucm.display_messages(true);
<?php
if ($job_data['status'] != $new_status) {
?>
parent.jQuery('#status').val('<?php
echo $new_status;
?>
').change();<?php
}
?>
</script>
<?php
}
break;
default:
?>
<script type="text/javascript">
parent.ucm.add_error('<?php
_e('Unable to save task. Please check required fields.');
?>
');
parent.ucm.display_messages(true);
</script>
<?php
break;
}
exit;
} else {
if ("save_job" == $_REQUEST['_process']) {
$job_id = (int) $_REQUEST['job_id'];
if ((int) $job_id > 0) {
$original_job_data = self::get_job($job_id, false);
if (!$original_job_data || $original_job_data['job_id'] != $job_id) {
$original_job_data = array();
$job_id = false;
}
} else {
$original_job_data = array();
$job_id = false;
}
// check create permissions.
if (!$job_id && !self::can_i('create', 'Jobs')) {
// user not allowed to create jobs.
set_error('Unable to create new Jobs');
redirect_browser(self::link_open(false));
} else {
if ($job_id && !self::can_i('edit', 'Jobs')) {
// user not allowed to create jobs.
set_error('Unable to edit Jobs');
redirect_browser(self::link_open(false));
}
}
$job_id = $this->save_job($job_id, $_POST);
// look for the new tasks flag.
if (isset($_REQUEST['default_task_list_id']) && isset($_REQUEST['default_tasks_action'])) {
switch ($_REQUEST['default_tasks_action']) {
case 'insert_default':
if ((int) $_REQUEST['default_task_list_id'] > 0) {
$default = self::get_default_task($_REQUEST['default_task_list_id']);
$task_data = $default['task_data'];
$new_task_data = array('job_task' => array());
foreach ($task_data as $task) {
$task['job_id'] = $job_id;
if ($task['date_due'] && $task['date_due'] != '0000-00-00') {
$diff_time = strtotime($task['date_due']) - $task['saved_time'];
$task['date_due'] = date('Y-m-d', time() + $diff_time);
}
$new_task_data['job_task'][] = $task;
}
$this->save_job_tasks($job_id, $new_task_data);
}
break;
case 'save_default':
$new_default_name = trim($_REQUEST['default_task_list_id']);
if ($new_default_name != '') {
// time to save it!
$task_data = self::get_tasks($job_id);
$cached_task_data = array();
foreach ($task_data as $task) {
unset($task['task_id']);
unset($task['date_done']);
unset($task['invoice_id']);
unset($task['task_order']);
unset($task['create_user_id']);
unset($task['update_user_id']);
unset($task['date_created']);
unset($task['date_updated']);
$task['saved_time'] = time();
$cached_task_data[] = $task;
/*$cached_task_data[] = array(
'hours' => $task['hours'],
'amount' => $task['amount'],
'billable' => $task['billable'],
'fully_completed' => $task['fully_completed'],
'description' => $task['description'],
'long_description' => $task['long_description'],
'date_due' => $task['date_due'],
'user_id' => $task['user_id'],
'approval_required' => $task['approval_required'],
'task_order' => $task['task_order'],
'saved_time' => time(),
);*/
}
self::save_default_tasks((int) $_REQUEST['default_task_list_id'], $new_default_name, $cached_task_data);
unset($task_data);
}
break;
}
}
// check if we are generating any renewals
if (isset($_REQUEST['generate_renewal']) && $_REQUEST['generate_renewal'] > 0) {
$new_job_id = $this->renew_job($job_id);
set_message("Job renewed successfully");
redirect_browser($this->link_open($new_job_id));
}
if (isset($_REQUEST['butt_create_deposit']) && isset($_REQUEST['job_deposit']) && $_REQUEST['job_deposit'] > 0) {
if (strpos($_REQUEST['job_deposit'], '%') !== false) {
$job_data = module_job::get_job($job_id);
$percent = (int) str_replace('%', '', $_REQUEST['job_deposit']);
$_REQUEST['job_deposit'] = number_out($job_data['total_amount'] * ($percent / 100));
}
// create an invoice for this job.
$url = module_invoice::link_generate('new', array('arguments' => array('job_id' => $job_id, 'as_deposit' => 1, 'amount_due' => number_in($_REQUEST['job_deposit']), 'description' => str_replace('{JOB_NAME}', $_POST['name'], module_config::c('job_deposit_text', 'Deposit for job: {JOB_NAME}')))));
redirect_browser($url);
}
set_message("Job saved successfully");
redirect_browser(isset($_REQUEST['_redirect']) && !empty($_REQUEST['_redirect']) ? $_REQUEST['_redirect'] : $this->link_open($job_id));
}
}
}
}
}
}
if (!count($errors)) {
redirect_browser($_REQUEST['_redirect']);
exit;
}
print_error($errors, true);
}
<?php
/**
* Copyright: dtbaker 2012
* Licence: Please check CodeCanyon.net for licence details.
* More licence clarification available here: http://codecanyon.net/wiki/support/legal-terms/licensing-terms/
* Deploy: 9809 f200f46c2a19bb98d112f2d32a8de0c4
* Envato: 4ffca17e-861e-4921-86c3-8931978c40ca
* Package Date: 2015-11-25 02:55:20
* IP Address: 67.79.165.254
*/
if (!module_change_request::can_i('delete', 'Change Requests')) {
die('no perms');
}
$change_request_id = (int) $_REQUEST['change_request_id'];
$change_request = module_change_request::get_change_request($change_request_id);
if (!$change_request['website_id']) {
die('no linked website');
}
$website_data = module_website::get_website($change_request['website_id']);
if (module_form::confirm_delete('change_request_id', "Really delete Change Request?", module_website::link_open($change_request['website_id']))) {
module_change_request::delete_change_request($_REQUEST['change_request_id']);
set_message("Change request deleted successfully");
redirect_browser(module_website::link_open($change_request['website_id']));
}
public static function bulk_handle_delete()
{
if (isset($_REQUEST['bulk_action']) && isset($_REQUEST['bulk_action']['delete']) && $_REQUEST['bulk_action']['delete'] == 'yes' && self::can_i('delete', 'Tickets')) {
// confirm deletion of these tickets:
$ticket_ids = isset($_REQUEST['bulk_operation']) && is_array($_REQUEST['bulk_operation']) ? $_REQUEST['bulk_operation'] : array();
foreach ($ticket_ids as $ticket_id => $k) {
if ($k != 'yes') {
unset($ticket_ids[$ticket_id]);
} else {
$ticket_ids[$ticket_id] = '#' . self::ticket_number($ticket_id);
}
}
if (count($ticket_ids) > 0) {
if (module_form::confirm_delete('ticket_id', "Really delete tickets: " . implode(', ', $ticket_ids), self::link_open(false))) {
foreach ($ticket_ids as $ticket_id => $ticket_number) {
self::delete_ticket($ticket_id);
}
module_cache::clear('ticket');
set_message(_l("%s tickets deleted successfully", count($ticket_ids)));
//redirect_browser(self::link_open(false));
}
}
}
}
