function get_tasks_gantt(&$tasks, $project_id, $project_start, $project_end, $parent_id = 0, $depth = 0, $show_actual = 0)
{
global $config;
$id_user = $config["id_user"];
$result = mysql_query('SELECT * FROM ttask
WHERE id_parent_task = ' . $parent_id . ' AND id_project = ' . $project_id);
if ($result === false) {
return;
}
while ($row = mysql_fetch_array($result)) {
// ACL Check for this task
// This user can see this task?
$task_access = get_project_access($config["id_user"], $project_id, $row['id'], false, true);
if ($task_access["read"]) {
$task['id'] = $row['id'];
$task['name'] = $row['name'];
if ($show_actual) {
$task["name"] .= " (" . __("Planned") . ")";
}
$task['parent'] = $parent_id;
$task['link'] = 'index.php?sec=projects&sec2=operation/projects/task_detail&id_project=' . $project_id . '&id_task=' . $row['id'] . '&operation=view';
// start > end
$task['start'] = fix_date($row['start'], $project_start);
$task['end'] = fix_date($row['end'], $project_end);
if (date_to_epoch($task['start']) > date_to_epoch($task['end'])) {
$temp = $task['start'];
$task['start'] = $task['end'];
$task['end'] = $temp;
}
$task['real_start'] = fix_date(get_db_sql('SELECT MIN(timestamp) FROM tworkunit, tworkunit_task WHERE tworkunit_task.id_workunit = tworkunit.id AND timestamp <> \'0000-00-00 00:00:00\' AND id_task = ' . $row['id']), $task['start']);
$task['real_end'] = fix_date(get_db_sql('SELECT MAX(timestamp) FROM tworkunit, tworkunit_task WHERE tworkunit_task.id_workunit = tworkunit.id AND timestamp <> \'0000-00-00 00:00:00\' AND id_task = ' . $row['id']), $task['start']);
$task['completion'] = $row['completion'];
$task["actual_data"] = 0;
$task["worked_hours"] = get_task_workunit_hours($row["id"]);
$task["hours"] = $row["hours"];
array_push($tasks, $task);
//Add another task to represent real effort for the task
if ($show_actual) {
$task_aux = array();
$task_aux["id"] = $task["id"] . "act";
$task_aux["actual_data"] = 1;
$task_aux["parent"] = $task["parent"];
if ($task['real_start']) {
$task_aux["start"] = $task['real_start'];
} else {
$task_aux["start"] = $task['start'];
}
if ($task['real_end']) {
$task_aux["end"] = $task['real_end'];
} else {
$task_aux["end"] = $task['start'];
}
$task_aux["completion"] = 0;
$task_aux["name"] = $row["name"] . " (" . __("Actual") . ")";
array_push($tasks, $task_aux);
}
get_tasks_gantt(&$tasks, $project_id, $project_start, $project_end, $task['id'], $depth + 1, $show_actual);
}
}
}
function create_workunit($incident_id, $wu_text, $user, $timeused = 0, $have_cost = 0, $profile = "", $public = 1, $send_email = 1, $work_home = 0, $workflow = false)
{
global $config;
$fecha = print_mysql_timestamp();
$sql = sprintf('UPDATE tincidencia
SET affected_sla_id = 0, actualizacion = "%s"
WHERE id_incidencia = %d', $fecha, $incident_id);
process_sql($sql);
$task_id = get_db_value('id_task', 'tincidencia', 'id_incidencia', $incident_id);
if (!$workflow) {
incident_tracking($incident_id, INCIDENT_WORKUNIT_ADDED);
}
// Add work unit if enabled
$sql = sprintf('INSERT INTO tworkunit (timestamp, duration, id_user, description, public, work_home)
VALUES ("%s", %.2f, "%s", "%s", %d, %d)', $fecha, $timeused, $user, $wu_text, $public, $work_home);
$id_workunit = process_sql($sql, "insert_id");
$sql = sprintf('INSERT INTO tworkunit_incident (id_incident, id_workunit)
VALUES (%d, %d)', $incident_id, $id_workunit);
$res = process_sql($sql);
if ($task_id) {
$sql = sprintf('INSERT INTO tworkunit_task (id_task, id_workunit)
VALUES (%d, %d)', $task_id, $id_workunit);
$res = process_sql($sql);
}
if ($res !== false) {
$email_copy_sql = 'select email_copy from tincidencia where id_incidencia =' . $incident_id . ';';
$email_copy = get_db_sql($email_copy_sql);
if ($send_email == 1) {
if ($email_copy != "") {
mail_incident($incident_id, $user, $wu_text, $timeused, 10, 7);
}
if ($config["email_on_incident_update"] != 2 && $config["email_on_incident_update"] != 4) {
mail_incident($incident_id, $user, $wu_text, $timeused, 10);
}
}
} else {
//Delete workunit
$sql = sprintf('DELETE FROM tworkunit WHERE id = %d', $id_workunit);
return false;
}
return $id_workunit;
}
echo "<input type=hidden name='validation1' value='" . md5($config["dbpass"] . $bool) . "'>";
echo "<input type=hidden name='validation2' value='{$bool}'>";
echo "<input type=hidden name='operation' value='desubscribe_data'>";
echo "<input type=hidden name='newsletter' value='{$id}'>";
echo "</table></form>";
return;
}
if ($operation == "desubscribe_data") {
$validation1 = get_parameter("validation1");
$validation2 = get_parameter("validation2");
$newsletter = get_parameter("newsletter");
$email = get_parameter("email");
$now = date("Y-m-d H:i:s");
if ($validation1 == md5($config["dbpass"] . $validation2)) {
// check if already subscribed
$count = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE status = 0 AND email = '" . $email . "' AND id_newsletter = {$newsletter}");
if ($count > 0) {
$sql = "UPDATE tnewsletter_address SET status=1 WHERE id_newsletter = {$newsletter} AND email = '" . $email . "'";
$result = mysql_query($sql);
if ($result) {
sleep(5);
// Robot protection
echo "<h3>" . __("You has been desubscribed. Thanks!") . "</h3>";
}
} else {
sleep(5);
// Robot protection
echo "<h3>" . __("There is nobody registered with that address") . "</h3>";
}
}
return;
$sql_search .= " AND i.id IN (SELECT id_inventory FROM tinventory_acl WHERE `type`='user' AND id_reference='$associated_user')";
$sql_search_pagination .= " AND i.id IN (SELECT id_inventory FROM tinventory_acl WHERE `type`='user' AND id_reference='$associated_user')";
$sql_search_count .= " AND i.id IN (SELECT id_inventory FROM tinventory_acl WHERE `type`='user' AND id_reference='$associated_user')";
$params['associated_user'] = $associated_user;
}
//Parent name
if(isset($params_array['parent_name']) && $params_array['parent_name'] != ''){
$parent_name = $params_array['parent_name'];
} else {
$parent_name = get_parameter ('parent_name', 'None');
}
if ($parent_name != 'None') {
$sql_parent_name = "select id from tinventory where name ='". $parent_name."';";
$id_parent_name = get_db_sql($sql_parent_name);
$sql_search .= " AND i.id_parent =" . $id_parent_name;
$sql_search_pagination .= " AND i.id_parent =" . $id_parent_name;
$sql_search_count .= " AND i.id_parent =" . $id_parent_name;
$params['parent_name'] = $parent_name;
}
//sort table
if(isset($params_array['sort_mode']) && $params_array['sort_mode'] != ''){
$sort_mode = $params_array['sort_mode'];
} else {
$sort_mode = (string)get_parameter('sort_mode', 'asc');
}
$index = 0;
for ($ax = 1; $ax < 13; $ax++){
if (fmod($ax-1,4) == 0)
echo "<tr>";
echo "<td valign=top style='font-size: 10px; padding-right: 10px; padding-left: 10px; padding-bottom: 10px; text-align: center;'>";
$this_month = date('Y-m-d H:i:s',strtotime("$year-$ax-01"));
$this_month_limit = date('Y-m-d H:i:s',strtotime("$year-$ax-31"));
$work_hours = get_db_sql ("SELECT SUM(duration) FROM tworkunit WHERE id_user='******' AND locked = '' AND timestamp >= '$this_month' AND timestamp < '$this_month_limit'");
if ($work_hours == "")
$work_hours = 0;
$locked_hours = get_db_sql ("SELECT SUM(duration) FROM tworkunit WHERE id_user='******' AND locked != '' AND timestamp >= '$this_month' AND timestamp < '$this_month_limit'");
if ($locked_hours == "")
$locked_hours = 0;
echo __("Total") . " : " . $work_hours;
echo " - ";
echo __("Locked"). " : " . $locked_hours;
echo $calendars[$index];
$index++;
}
echo "</table>";
?>
$email_copy = "";
$editor = $config["id_user"];
$id_group_creator = 0;
$closed_by = "";
$blocked = 0;
}
// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
// Show the form
// ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
$default_responsable = "";
if (!$id) {
if ($config["enteprise"] == 1) {
// How many groups has this user ?
$number_group = get_db_sql("SELECT COUNT(id_grupo) FROM tusuario_perfil WHERE id_usuario = '{$usuario}'");
// Take first group defined for this user
$default_id_group = get_db_sql("SELECT id_grupo FROM tusuario_perfil WHERE id_usuario = '{$usuario}' LIMIT 1");
} else {
$default_id_group = 1;
$number_group = 1;
}
}
//The user with IW flag or the incident owner can modify all data from the incident.
$has_permission = give_acl($config['id_user'], $id_grupo, "IW") || $usuario == $config['id_user'];
$has_im = give_acl($config['id_user'], $id_grupo, "IM");
$has_iw = give_acl($config['id_user'], $id_grupo, "IW");
if ($id) {
echo "<h1>";
if ($affected_sla_id != 0) {
echo '<img src="images/exclamation.png" border=0 valign=top title="' . __('SLA Fired') . '"> ';
}
echo __('Ticket') . ' #' . $id . ' - ' . ui_print_truncate_text($incident['titulo'], 50) . " " . '<a href="index.php?sec=incidents&sec2=operation/incidents/incident_dashboard_detail&id=' . $id . '">' . print_image("images/world.png", true, array("title" => __("Link to ticket"))) . '</a>';
echo "<th>" . __('User') . "</th>";
echo "<th>" . __('Delete') . "</th>";
$kb = print_array_pagination($kb, "index.php?sec=kb&sec2=operation/kb/manage_data");
foreach ($kb as $row) {
echo "<tr>";
// Name
echo "<td valign='top'><b><a href='index.php?sec=kb&sec2=operation/kb/manage_data&update=" . $row["id"] . "'>" . $row["title"] . "</a></b></td>";
// Timestamp
echo "<td class='f9' valign='top'>";
echo $row["timestamp"];
// Category
echo "<td class='f9'>";
echo get_db_sql("SELECT name FROM tkb_category WHERE id = " . $row["id_category"]);
// Product
echo "<td class='f9'>";
echo get_db_sql("SELECT name FROM tkb_product WHERE id = " . $row["id_product"]);
// User
echo "<td class='f9' align='center'>";
echo $row["id_user"];
// Delete
echo "<td class='f9' align='center' >";
echo "<a href='index.php?sec=kb&\n\t\t\t\t\t\tsec2=operation/kb/manage_data&\n\t\t\t\t\t\tdelete_data=" . $row["id"] . "' \n\t\t\t\t\t\tonClick='if (!confirm(\\' " . __('Are you sure?') . "\\')) \n\t\t\t\t\t\treturn false;'>\n\t\t\t\t\t\t<img border='0' src='images/cross.png'></a>";
}
echo "</table>";
}
echo "</form>";
}
// end of list
?>
<script type="text/javascript" src="include/js/jquery.validate.js"></script>
$data[3] = "<a title='({$sum_contratos})' href='index.php?sec=customers&sec2=operation/companies/company_detail&op=contracts&id=" . $company['id'] . "'><img src='images/invoice.png'></a>";
} else {
$data[3] = "";
}
$sum_leads = get_db_sql("SELECT COUNT(id) FROM tlead WHERE progress < 100 AND id_company = " . $company["id"]);
if ($sum_leads > 0) {
$leads_data = " ({$sum_leads}) ";
$leads_data .= get_db_sql("SELECT SUM(estimated_sale) FROM tlead WHERE progress < 100 AND id_company = " . $company["id"]);
$data[4] = "<a title='{$leads_data}' href='index.php?sec=customers&sec2=operation/companies/company_detail&op=leads&id=" . $company["id"] . "'><img src='images/icon_lead.png'></a>";
} else {
$data[4] = "";
}
$data[5] = $company["manager"];
$data[6] = $company["country"];
// get last activity date for this company record
$last_activity = get_db_sql("SELECT MAX(date) FROM tcompany_activity WHERE id_company = " . $company["id"]);
$data[7] = human_time_comparation($last_activity);
if (!$company["billing"]) {
$company["billing"] = '0.00';
}
$data[8] = $company["billing"];
// . " " . $config["currency"];
$manage_permission = check_crm_acl('company', 'cm', $config['id_user'], $company['id']);
if ($manage_permission) {
$data[9] = "<a href='#' onClick='javascript: show_validation_delete(\"delete_company\"," . $company['id'] . ",0," . $offset . ",\"" . $search_params . "\");'><img src='images/cross.png'></a>";
} else {
$data[9] = '';
}
array_push($table->data, $data);
}
print_table($table);
$id = get_parameter("id", 1);
$email = get_db_sql("SELECT email FROM tnewsletter_address WHERE id = {$id}");
$sql = "DELETE FROM tnewsletter_address WHERE id = {$id}";
$result = mysql_query($sql);
if ($result === false) {
echo "<h3 class='error'>" . __('Could not be deleted') . "</h3>";
} else {
echo "<h3 class='suc'>" . __('Successfully deleted') . "</h3>";
audit_db($config["id_user"], $config["REMOTE_ADDR"], "NEWSLETTER ADDRESESS DELETED", "Deleted {$email}");
}
$id = 0;
}
if ($multiple_delete) {
$ids = (array) get_parameter('delete_multiple', array());
foreach ($ids as $id) {
$email = get_db_sql("SELECT email FROM tnewsletter_address WHERE id = {$id}");
$sql = "DELETE FROM tnewsletter_address WHERE id = {$id}";
$result = mysql_query($sql);
if ($result === false) {
break;
} else {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "NEWSLETTER ADDRESESS DELETED", "Deleted {$email}");
}
}
echo "<h3 class='suc'>" . __('Successfully multiple deleted') . "</h3>";
$id = 0;
}
// General issue listing
echo "<h2>" . __('Newsletter addresses management') . "</h2>";
echo "<br>";
$search_text = (string) get_parameter('search_text');
// -----------
if ($operation == "delete") {
// ACL
$task_access = get_project_access ($config["id_user"], $id_project, $id_task, false, true);
if (!$task_access["write"]) {
// Doesn't have access to this page
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to delete a file ofy a task without permission");
no_permission();
}
$file_id = get_parameter ("file", "");
$file_row = get_db_row ("tattachment", "id_attachment", $file_id);
$nombre_archivo = $config["homedir"]."/attachment/".$file_id."_".$file_row["filename"];
unlink ($nombre_archivo);
get_db_sql ("DELETE FROM tattachment WHERE id_attachment = $file_id");
$result_output = ui_print_success_message (__('File deleted'), '', true, 'h3', true);
}
// Specific task
if ($id_task != -1) {
$sql = "SELECT * FROM tattachment WHERE id_task = $id_task";
$section_title = __('Attached files');
$section_subtitle = __('Task')." - ".$task_name;
$t_menu = print_task_tabs();
print_title_with_menu ($section_title, $section_subtitle, "task_files", 'projects', $t_menu, 'files');
echo "<div class='divform'>";
echo "<form method='POST' action='index.php?sec=projects&sec2=operation/projects/task_files&id_task=$id_task&id_project=$id_project&operation=attachfile' enctype='multipart/form-data' >";
echo "<table cellpadding=4 cellspacing=4 border=0 width='20%' class='search-table'>";
echo "<tr>";
public function getCountWorkUnits()
{
$sql = $this->getWorkUnitsQuery("COUNT(id)", "", false);
$count = get_db_sql($sql);
return $count;
}
function users_get_allowed_users_query($id_user, $filter = false)
{
global $config;
if ($id_user === 0) {
$id_user = $config['id_user'];
}
if ($filter != 0) {
$offset = $filter['offset'];
$search_text = $filter['search_text'];
$disabled_user = $filter['disabled_user'];
$level = $filter['level'];
$group = $filter['group'];
}
$search = "";
if ($search_text != "") {
$search .= " AND (t1.id_usuario LIKE '%{$search_text}%' OR comentarios LIKE '%{$search_text}%' OR nombre_real LIKE '%{$search_text}%' OR direccion LIKE '%{$search_text}%')";
}
if ($disabled_user > -1) {
$search .= " AND disabled = {$disabled_user}";
}
if ($level > -10) {
$search .= " AND nivel = {$level}";
}
if ($group == -1) {
$search .= " AND t1.id_usuario NOT IN (select tusuario_perfil.id_usuario from tusuario_perfil)";
} else {
if ($group > 0) {
$search .= " AND t1.id_usuario = ANY (SELECT tusuario_perfil.id_usuario FROM tusuario_perfil WHERE id_grupo = {$group})";
}
}
$level = get_db_sql("SELECT nivel FROM tusuario WHERE id_usuario = '{$id_user}'");
if ($level == 1) {
//admin
$final_query = "SELECT * FROM tusuario t1";
//~ $query = "SELECT * FROM tusuario t1 WHERE 1=1 OR nivel = 1";
} else {
$query = "SELECT * FROM tusuario t1\n\t\t\t\t\tINNER JOIN tusuario_perfil t2 ON t1.id_usuario = t2.id_usuario \n\t\t\t\t\t\tAND t2.id_grupo IN (SELECT id_grupo FROM tusuario_perfil WHERE id_usuario = '" . $id_user . "')";
//~ WHERE id_usuario IN (SELECT id_usuario FROM tusuario_perfil WHERE id_grupo IN (SELECT id_grupo FROM tusuario_perfil WHERE id_usuario = '".$id_user."')) ";
//~ $query = "SELECT * FROM tusuario WHERE (id_usuario IN (SELECT id_usuario FROM tusuario_perfil WHERE (id_grupo IN (SELECT id_grupo FROM tusuario_perfil WHERE id_usuario = '".$id_user."'))) OR nivel = 1) ";
$groups = get_db_all_rows_sql("SELECT id_grupo FROM tusuario_perfil WHERE id_usuario = '" . $id_user . "'");
if ($groups === false) {
$groups = array();
}
foreach ($groups as $group) {
if ($group['id_grupo'] == 1) {
//all
$query = "SELECT * FROM tusuario t1 WHERE 1=1";
}
}
$final_query = $query . $search . " GROUP BY t1.id_usuario";
}
return $final_query;
}
$params['input_id'] = 'id';
$params['input_name'] = 'id';
$params['title'] = __('Company');
$params['return'] = true;
$params['input_value'] = get_parameter('company_id');
$table->data[0][0] = print_company_autocomplete_input($params);
}
$invoice_types = array('Submitted'=>'Submitted', 'Received'=>'Received');
$table->data[0][1] = print_select ($invoice_types, 'invoice_type', $invoice_type, '','', 0, true, false, false, __('Type'));
$table->data[1][0] = print_input_text ('reference', $reference, '', 25, 100, true, __('Reference'));
$table->data[1][1] = print_input_text ('bill_id', $bill_id, '', 25, 100, true, __('Bill ID'));
if ($bill_id == ""){ // let's show the latest Invoice ID generated in the system
$last_invoice_generated = get_db_sql ("SELECT bill_id FROM tinvoice ORDER by invoice_create_date DESC LIMIT 1");
$table->data[1][1] .= "<div id='last_id'><span style='font-size: 9px'> ". __("Last generated ID: "). $last_invoice_generated . "</span></div>";
}
$invoice_status_ar = array();
$invoice_status_ar['pending']= __("Pending");
$invoice_status_ar['paid']= __("Paid");
$invoice_status_ar['canceled']= __("Canceled");
$table->data[2][0] = print_select ($invoice_status_ar, 'invoice_status',
$invoice_status, '','', 0, true, false, false, __('Invoice status'));
$table->data[2][1] = print_input_text ('invoice_create_date', $invoice_create_date, '', 15, 50, true, __('Invoice creation date'));
$table->data[3][0] = print_input_text ('invoice_payment_date', $invoice_payment_date, '', 15, 50, true,__('Invoice effective payment date'));
if ($id_invoice != -1) {
$disabled = true;
$table->width = '100%';
$table->data = array ();
$table->head = array ();
$table->head[0] = __('Description');
$table->head[1] = __('Amount');
$table->head[2] = __('Filename');
$table->head[3] = __('Delete');
foreach ($costs as $cost) {
$data = array ();
$data[0] = $cost["description"];
$data[1] = get_invoice_amount($cost["id"]);// Check
$id_invoice = $cost["id"];
$filename = get_db_sql ("SELECT filename FROM tattachment WHERE id_attachment = ". $cost["id_attachment"]);
$data[2] = "<a href='".$config["base_url"]."/attachment/".$cost["id_attachment"]."_".$filename."'>$filename</a>";
if (($config["id_user"] = $cost["id_user"]) OR (project_manager_check ($id_project))){
$data[3] = "<a href='index.php?sec=projects&sec2=operation/projects/task_cost&id_task=$id_task&id_project=$id_project&operation=delete&id_invoice=$id_invoice '><img src='images/cross.png'></a>";
}
array_push ($table->data, $data);
}
print_table ($table);
} else {
echo ui_print_error_message(__('No data found'), '', true, 'h3', true);
}
echo "</div>";
echo "</div>";
function get_user_work_home($id_user, $year)
{
global $config;
$hours = get_db_sql("SELECT SUM(tworkunit.duration) FROM tworkunit, tworkunit_task WHERE tworkunit_task.id_workunit = tworkunit.id AND tworkunit_task.id_task > 0 AND id_user = '******' AND timestamp >= '{$year}-01-00 00:00:00' AND timestamp <= '{$year}-12-31 23:59:59' AND tworkunit.work_home=1");
return format_numeric($hours / $config["hours_perday"]);
}
$table->head[8] = __('Action');
}
foreach ($newsletters as $newsletter) {
$data = array();
$data[0] = $newsletter["id"];
$data[1] = "<a href='index.php?sec=customers&sec2=operation/newsletter/newsletter_creation&id=" . $newsletter["id"] . "'>" . $newsletter["name"] . "</a>";
$data[2] = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = " . $newsletter["id"]);
$data[3] = "<a href='" . $config["base_url"] . "/include/newsletter.php?operation=subscribe&id=" . $newsletter["id"] . "'>" . __("Full form") . "</a><br>";
$data[3] .= "<a href='" . $config["base_url"] . "/include/newsletter.php?operation=subscribe&id=" . $newsletter["id"] . "&clean=1'>" . __("Clean form") . "</a>";
$data[4] = "<a href='" . $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id=" . $newsletter["id"] . "'>" . __("Full form") . "</a><br>";
$data[4] .= "<a href='" . $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id=" . $newsletter["id"] . "&clean=1'>" . __("Clean form") . "</a>";
$validated_addr = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = " . $newsletter["id"] . " AND validated = 1 AND status = 0");
$data[5] = "<a href='index.php?sec=customers&sec2=operation/newsletter/address_definition&search_status=0&search_validate=0&search_newsletter=" . $newsletter["id"] . "'>" . $validated_addr . "</a>";
$invalid_addr = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = " . $newsletter["id"] . " AND validated = 1 AND status = 1");
$data[6] = "<a href='index.php?sec=customers&sec2=operation/newsletter/address_definition&search_status=1&search_validate=0&search_newsletter=" . $newsletter["id"] . "'>" . $invalid_addr . "</a>";
$pending_validation = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = " . $newsletter["id"] . " AND validated = 0");
$data[7] = "<a href='index.php?sec=customers&sec2=operation/newsletter/address_definition&search_validate=1&search_newsletter=" . $newsletter["id"] . "'>" . $pending_validation . "</a>";
$data[8] = '<a href="index.php?sec=customers&sec2=operation/newsletter/newsletter_definition&
validate_newsletter=1&id=' . $newsletter['id'] . '"
onClick="if (!confirm(\'' . __('Are you sure?') . '\'))
return false;">
<img src="images/accept.png" title="Forced email validation of pending addresses" ></a>';
if (give_acl($config["id_user"], $id_group, "CN")) {
$data[8] .= '<a href="index.php?sec=customers&sec2=operation/newsletter/newsletter_definition&
delete=1&id=' . $newsletter['id'] . '"
onClick="if (!confirm(\'' . __('Are you sure?') . '\'))
return false;">
<img src="images/cross.png"></a>';
}
array_push($table->data, $data);
}
$operation = (string) get_parameter ("operation");
$now = (string) get_parameter ("givendate", date ("Y-m-d H:i:s"));
$public = (bool) get_parameter ("public", 1);
$id_project = (int) get_parameter ("id_project");
$id_workunit = (int) get_parameter ('id_workunit');
$id_task = (int) get_parameter ("id_task",0);
$id_incident = (int) get_parameter ("id_incident", 0);
$work_home = get_parameter ("work_home", 0);
$back_to_wu = get_parameter("back_to_wu", 0);
$user = get_parameter ("user");
$timestamp_h = get_parameter ("timestamp_h");
$timestamp_l = get_parameter ("timestamp_l");
if ($id_task == 0){
// Try to get id_task from tworkunit_task
$id_task = get_db_sql ("SELECT id_task FROM tworkunit_task WHERE id_workunit = $id_workunit");
}
// If id_task is set, ignore id_project and get it from the task
if ($id_task) {
$id_project = get_db_value ('id_project', 'ttask', 'id', $id_task);
}
if ($id_incident == 0){
$id_incident = get_db_value ('id_incident', 'tworkunit_incident', 'id_workunit', $id_workunit);
}
if ($id_task >0){ // Skip vacations, holidays etc
if (! user_belong_task ($config["id_user"], $id_task) && !give_acl($config["id_user"], 0, "UM") ){
// Doesn't have access to this page
echo "<a href='index.php?sec=projects&sec2=operation/workorders/wo&owner={$nombre}'><img src='images/paste_plain.png' title='" . __("Workorders") . "' border=0></a></center></td>";
// Total hours this month
echo "<td >";
echo $row[0];
// Total charged hours this month
/*
echo "<td >";
$tempsum = get_db_sql ("SELECT SUM(duration) FROM tworkunit WHERE have_cost = 1 AND id_user = '******' AND timestamp > '$begin_month' AND timestamp <= '$end_month'");
if ($tempsum != "")
echo $tempsum. " hr";
else
echo "--";
*/
// Average incident scoring
echo "<td>";
$tempsum = get_db_sql("SELECT SUM(score) FROM tincidencia WHERE id_usuario = '{$nombre}' AND actualizacion > '{$begin_month}' AND actualizacion <= '{$end_month}' AND score > 0 ");
if ($tempsum != "") {
echo format_numeric($tempsum) . "/10";
} else {
echo "--";
}
}
}
echo "</table>";
?>
<script type="text/javascript" src="include/js/jquery.validation.functions.js"></script>
<script type="text/javascript">
trim_element_on_submit('#text-search');
</script>
if ($project["start"] == $project["end"]) {
$data[2] = __('Unlimited');
} else {
$completion = format_numeric (calculate_project_progress ($project['id']));
$data[2] = progress_bar($completion, 90, 20);
}
// Last update time
$sql = sprintf ('SELECT tworkunit.timestamp
FROM ttask, tworkunit_task, tworkunit
WHERE ttask.id_project = %d
AND ttask.id = tworkunit_task.id_task
AND tworkunit_task.id_workunit = tworkunit.id
ORDER BY tworkunit.timestamp DESC LIMIT 1',
$project['id']);
$timestamp = get_db_sql ($sql);
if ($timestamp != "")
$data[3] = "<span style='font-size: 10px'>".human_time_comparation ($timestamp)."</span>";
else
$data[3] = __('Never');
$offset = 0;
$data[4] = '';
// Disable or delete
if ($project['id'] != -1 && $project_permission['manage']) {
$table->head[4] = __('Delete/Unarchive');
$data[4] = "<a href='#' onClick='javascript: show_validation_delete_general(\"delete_project\",".$project['id'].",0,".$offset.",\"".$search_params."\");'><img src='images/icons/icono_papelera.png' title='".__('Delete')."'></a>";
$data[4] .= '<a href="index.php?sec=projects&sec2=operation/projects/project&view_disabled=1&activate_project=1&id='.$project['id'].'">
<img src="images/upload.png" /></a>';
}
$table_search->data[1][0] .= print_select($actions, 'action', $action, '', __('Any'), '', true, false, true, '', false, "width:218px;");
$table_search->data[2][0] = __('Date from');
$table_search->data[2][0] .= print_input_text('date_from', $date_from, '', 10, 20, true, '');
$table_search->data[3][0] = __('Date to');
$table_search->data[3][0] .= print_input_text('date_to', $date_to, '', 10, 20, true);
$table_search->data[4][0] = print_submit_button(__('Search'), 'search_btn', false, 'class="sub search"', true);
$where_clause = $where;
$where_clause = str_replace(array("\r", "\n"), '', $where_clause);
$table_search->data[5][0] = print_button(__('Export to CSV'), '', false, 'window.open(\'include/export_csv.php?export_csv_audit=1&where_clause=' . str_replace('"', "\\'", $where_clause) . '\')', 'class="sub"', true);
echo "<div class='divform'>";
echo "<form method=post action ='index.php?sec=godmode&sec2=godmode/setup/audit&text={$text}&action={$action}' >";
print_table($table_search);
echo "</form>";
echo "</div>";
// Pagination
$total_events = get_db_sql("SELECT COUNT(ID_sesion) FROM tsesion {$where}");
echo "<div class='divresult'>";
pagination($total_events, "index.php?sec=godmode&sec2=godmode/setup/audit&text={$text}&action={$action}", $offset);
$table = new StdClass();
$table->width = '100%';
$table->class = 'listing';
$table->head = array();
$table->head[0] = __('Accion');
$table->head[1] = __('User');
$table->head[2] = __('IP');
$table->head[3] = __('Description');
$table->head[4] = __('Extra info');
$table->head[5] = __('Timestamp');
$table->data = array();
$sql = sprintf('SELECT * FROM tsesion %s
ORDER by utimestamp DESC LIMIT %d OFFSET %d', $where, $config["block_size"], $offset);
function incident_users_list($id_incident, $return = false)
{
function render_sidebox_user_info($user, $label)
{
$output = "";
$output .= '<div style="text-align:center;"><b>' . __($label) . ' </b></div>';
$output .= '<div class="user_info_sidebox">';
$output .= print_user_avatar($user, true, true);
$output .= '<a href="index.php?sec=users&sec2=operation/users/user_edit&id=' . $user . '">';
$output .= ' <strong>' . $user . '</strong></a><br>';
$user_data = get_db_row("tusuario", "id_usuario", $user);
if ($user_data["nombre_real"] != "") {
$output .= $user_data["nombre_real"] . "<br>";
}
if ($user_data["telefono"] != "") {
$output .= $user_data["telefono"] . "<br>";
}
if ($user_data["direccion"] != "") {
$output .= $user_data["direccion"];
}
if ($user_data["id_company"] != 0) {
$company_name = (string) get_db_value('name', 'tcompany', 'id', $user_data['id_company']);
$output .= "<br>(<em>{$company_name}</em>)";
}
$output .= '</div>';
return $output;
}
$output = '';
$users = get_incident_users($id_incident);
$output .= '<ul id="incident-users-list" class="sidemenu">';
// OWNER
$output .= render_sidebox_user_info($users['owner']['id_usuario'], "Responsible");
// CREATOR
$output .= render_sidebox_user_info($users['creator']['id_usuario'], "Creator");
// EDITOR (if different from CREATOR)
$editor = get_db_sql("SELECT editor FROM tincidencia WHERE id_incidencia = {$id_incident}");
if ($editor != $users['creator']['id_usuario'] and $editor != "") {
$output .= render_sidebox_user_info($editor, "Editor");
}
//if ($users['affected'])
// PARTICIPANTS
if ($users['affected'] == false) {
$users['affected'] = array();
}
foreach ($users['affected'] as $user_item) {
$user = $user_item["id_usuario"];
if (!get_external_user($user)) {
$output .= render_sidebox_user_info($user, "Participant");
}
}
$output .= '</ul>';
if ($return) {
return $output;
}
echo $output;
}
// Copyright (c) 2008 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Load global vars
global $config;
check_login();
include_once 'include/functions_crm.php';
$operation = get_parameter("operation");
$id = (int) get_parameter("id");
$id_company = get_db_sql("SELECT id_company FROM tcrm_template WHERE id = {$id}");
$manage_permission = check_crm_acl('company', 'cm', false, $id_company);
if (!$manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to template manager");
include "general/noaccess.php";
exit;
}
// ---------------
// CREATE template
// ---------------
if ($operation == "insert" or $operation == "update") {
$name = (string) get_parameter("name");
$subject = (string) get_parameter("subject");
$description = (string) get_parameter("description");
$id_language = (string) get_parameter("id_language");
$id_company = (int) get_parameter("id_company");
/**
* This function gets the time from either system or sql based on preference and returns it
*
* @return int Unix timestamp
*/
function get_system_time()
{
global $config;
static $time = 0;
if ($time != 0) {
return $time;
}
$config["timesource"] = "system";
if ($config["timesource"] = "sql") {
$time = get_db_sql("SELECT UNIX_TIMESTAMP()");
if (empty($time)) {
return time();
}
return $time;
} else {
return time();
}
}
$timestamp_h == $ahora ;
echo "<h2>";
echo __('Workunit personal report for user');
echo " '". dame_nombre_real($id_user). "'.";
echo "</h2>";
echo "<h4>";
echo __("Between dates");
if ($timestamp_l != "" AND $timestamp_h != "")
echo " : ".$timestamp_l. " ".__("to")." ".$timestamp_h;
if ($id_task != 0)
echo __("Task"). " : ".get_db_sql("SELECT name FROM ttask WHERE id = $id_task");
$now_year = date("Y");
$now_month = date("m");
echo "<div id='button-bar-title'><ul>";
if (!$pure) {
echo "<li>";
echo " <a href='index.php?sec=users&sec2=operation/user_report/monthly&month=$now_month&year=$now_year&id=$id'>";
echo "<img src='images/calendar_orange.png' border=0 title='". __("Show calendar"). "'>";
echo "</a>";
echo "</li>";
echo "<li>";
echo " <a href='index.php?sec=users&sec2=operation/user_report/monthly_graph&month=$now_month&year=$now_year&id=$id'>";
echo "<img src='images/chart_bar.png' border=0 title='". __("Show graphs"). "'>";
echo "</a>";
$table->data[12][1] = print_input_text("news_smtp_port", $config["news_smtp_port"], '', 5, 10, true, __('SMTP Port'));
$table->data[13][0] = print_input_text("news_smtp_user", $config["news_smtp_user"], '', 25, 200, true, __('SMTP User'));
$table->data[13][1] = print_input_text("news_smtp_pass", $config["news_smtp_pass"], '', 25, 200, true, __('SMTP Password'));
$table->data[14][0] = print_input_text("news_batch_newsletter", $config["news_batch_newsletter"], '', 4, 255, true, __('Max. emails sent per execution'));
$table->data[14][0] .= print_help_tip(__("This means, in each execution of the batch external process (integria_cron). If you set your cron to execute each hour in each execution of that process will try to send this ammount of emails. If you set the cron to run each 5 min, will try this number of mails."), true);
$table->data[14][1] = print_input_text("batch_email_validation", $config["batch_email_validation"], '', 4, 255, true, __('Newsletter email validation batch'));
$table->data[14][1] .= print_help_tip(__("This means, in each execution of the batch external process (integria_cron) will try to validate this ammount of emails."), true);
$table->data[15][0] = print_checkbox("active_validate", 1, $config["active_validate"], true, __('Activate email validation'));
$table->data[16][1] = "<h4>" . __("Mail general texts") . "</h4>";
$table->colspan[17][0] = 3;
$table->colspan[18][0] = 3;
$table->colspan[19][0] = 3;
$table->data[17][0] = print_textarea("header_email", 5, 40, $config["HEADER_EMAIL"], '', true, __('Email header'));
$table->data[18][0] = print_textarea("footer_email", 5, 40, $config["FOOTER_EMAIL"], '', true, __('Email footer'));
$table->data[19][1] = "<h4>" . __("Mail queue control");
$total_pending = get_db_sql("SELECT COUNT(*) from tpending_mail");
$table->data[19][1] .= " : " . $total_pending . " " . __("mails in queue") . "</h4>";
if ($total_pending > 0) {
$table->colspan[20][0] = 3;
$mail_queue = "<div style='height: 250px; overflow-y: auto;'>";
$mail_queue .= "<table width=100% class=listing>";
$mail_queue .= "<tr><th>" . __("Date") . "<th>" . __("Recipient") . "<th>" . __("Subject") . "<th>" . __("Attempts") . "<th>" . __("Status") . "</tr>";
$mails = get_db_all_rows_sql("SELECT * FROM tpending_mail LIMIT 1000");
foreach ($mails as $mail) {
$mail_queue .= "<tr>";
$mail_queue .= "<td style='font-size: 9px;'>";
$mail_queue .= $mail["date"];
$mail_queue .= "<td>";
$mail_queue .= $mail["recipient"];
$mail_queue .= "<td style='font-size: 9px;'>";
$mail_queue .= $mail["subject"];
$values = array(
"id_incidencia" => $id,
"id_usuario" => $config['id_user'],
"filename" => $filename,
"description" => __('No description available'),
"size" => $filesize,
"timestamp" => date("Y-m-d")
);
$id_attachment = process_sql_insert("tattachment", $values);
if ($id_attachment) {
incident_tracking ($id, INCIDENT_FILE_ADDED);
// Email notify to all people involved in this incident
// Email in list email-copy
$email_copy_sql = 'select email_copy from tincidencia where id_incidencia ='.$id.';';
$email_copy = get_db_sql($email_copy_sql);
if ($email_copy != "") {
mail_incident ($id, $config['id_user'], 0, 0, 2, 7);
}
if (($config["email_on_incident_update"] != 2) && ($config["email_on_incident_update"] != 4)) {
mail_incident ($id, $config['id_user'], 0, 0, 2);
}
$location = $config["homedir"]."/attachment/".$id_attachment."_".$filename;
if (copy($file_tmp, $location)) {
// Delete temporal file
unlink ($file_tmp);
$result["status"] = true;
$result["id_attachment"] = $id_attachment;
enforce_soft_limit = %d, id_sla = %d, id_inventory_default = %d,
autocreate_user = %d, grant_access = %d, send_welcome = %d,
default_company = %d, welcome_email = "%s", email_queue = "%s",
default_profile = %d, nivel = %d, id_incident_type = %d, email_from = "%s", email_group = "%s"
WHERE id_grupo = %d', $parent, $name, $icon, $forced_email, $banner, $id_user_default, $soft_limit, $hard_limit, $enforce_soft_limit, $id_sla, $id_inventory, $autocreate_user, $grant_access, $send_welcome, $default_company, $welcome_email, $email_queue, $default_profile, $user_level, $incident_type, $email_from, $email_group, $id);
$result = process_sql($sql);
if ($result === false) {
echo '<h3 class="error">' . __('There was a problem modifying group') . '</h3>';
} else {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "Group management", "Modified group now called '{$name}'");
echo '<h3 class="suc">' . __('Successfully updated') . '</h3>';
}
}
// Delete group
if ($delete_group) {
$name = get_db_sql("SELECT nombre FROM tgrupo WHERE id_grupo = {$id}");
$sql = sprintf('DELETE FROM tgrupo WHERE id_grupo = %d', $id);
$result = process_sql($sql);
if ($result === false) {
echo '<h3 class="error">' . __('There was a problem deleting group') . '</h3>';
} else {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "Group management", "Deleted group '{$name}'");
echo '<h3 class="suc">' . __('Successfully deleted') . '</h3>';
}
}
$offset = get_parameter("offset", 0);
$search_text = get_parameter("search_text", "");
echo "<table class='search-table' style='width: 99%;'><form name='bskd' method=post action='index.php?sec=users&sec2=godmode/grupos/lista_grupos'>";
echo "<td>";
echo "<b>" . __('Search text') . "</b> ";
print_input_text("search_text", $search_text, '', 40, 0, false);
function api_validate_user($return_type, $user, $param)
{
$user_check = $param[0];
$pass_check = $param[1];
$validate = get_db_sql("select count(id_usuario) FROM tusuario WHERE disabled = 0 AND id_usuario = '{$user_check}' AND password = md5('{$pass_check}')");
switch ($return_type) {
case "xml":
return "<xml>" . $validate . "</xml>";
case "csv":
return $validate;
}
}
check_login();
if (!$id) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$write_permission = check_crm_acl('lead', 'cw', $config['id_user'], $id);
$manage_permission = check_crm_acl('lead', 'cm', $config['id_user'], $id);
if (!$write_permission && !$manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$lead = get_db_row('tlead', 'id', $id);
$user = get_db_row("tusuario", "id_usuario", $config["id_user"]);
$company_user = get_db_sql("select name FROM tcompany where id = " . $user["id_company"]);
$from = get_parameter("from", $user["direccion"]);
$to = get_parameter("to", "");
$subject = get_parameter("subject", "");
$mail = get_parameter("mail", "");
$send = (int) get_parameter("send", 0);
$cco = get_parameter("cco", "");
// Send mail
if ($send) {
if ($subject != "" and $from != "" and $to != "") {
echo "<h3 class='suc'>" . __('Mail queued') . "</h3>";
integria_sendmail($to, $subject, $mail, false, "", $from, true);
if ($cco != "") {
integria_sendmail($cco, $subject, $mail, false, "", $from, true);
}
$datetime = date("Y-m-d H:i:s");
$project_info .= "</td></tr>";
$project_info .= "</table>";
echo print_container('project_info_report', __('Project info'), $project_info, 'no', true, true, "container_simple_title", "container_simple_div");
if ($id_project) {
// Project activity graph
$project_activity = project_activity_graph($id_project, 650, 150, true, $graph_ttl, 50, true);
if ($project_activity) {
$project_activity = '<div class="graph_frame">' . $project_activity . '</div>';
echo print_container('project_activity_report', __('Project activity'), $project_activity, 'no', true, true, "container_simple_title", "container_simple_div");
}
// Calculation
$people_inv = get_db_sql("SELECT COUNT(DISTINCT id_user) FROM trole_people_task, ttask WHERE ttask.id_project={$id_project} AND ttask.id = trole_people_task.id_task;");
$total_hr = get_project_workunit_hours($id_project);
$total_planned = get_planned_project_workunit_hours($id_project);
$total_planned = get_planned_project_workunit_hours($id_project);
$expected_length = get_db_sql("SELECT SUM(hours) FROM ttask WHERE id_project = {$id_project}");
$pr_hour = get_project_workunit_hours($id_project, 1);
$deviation = format_numeric(($pr_hour - $expected_length) / $config["hours_perday"]);
$total = project_workunit_cost($id_project, 1);
$real = project_workunit_cost($id_project, 0);
$real = $real + get_incident_project_workunit_cost($id_project);
// Labour
$labour = "<table class='advanced_details_table alternate'>";
$labour .= "<tr>";
$labour .= '<td><b>' . __('Total people involved') . ' </b>';
$labour .= "</td><td>";
$labour .= $people_inv;
$labour .= "</td></tr>";
$labour .= "<tr>";
$labour .= '<td><b>' . __('Total workunit (hr)') . ' </b>';
$labour .= "</td><td>";