function prj_displayAllProjects(&$blockPage)
{
global $_TABLES, $_CONF, $_USER, $subTaskImg, $progress, $priority, $strings, $labels, $_PRJCONF, $_COOKIE;
$limitbase = $_COOKIE['allprjmin'];
if ($limitbase == '') {
$limitbase = 0;
}
if (isset($_USER['uid'])) {
$userid = $_USER['uid'];
} else {
$userid = 1;
}
if ($blockPage == NULL or $blockPage == '') {
$blockPage = new block();
}
$filter = COM_applyFilter($_COOKIE['filter']);
$category_string = substr("{$filter}", 0, 3);
// Get a list of groups user is a member of and setup to be used in SQL to test user can view project
$groups = SEC_getUserGroups($uid);
foreach ($groups as $id) {
$aGroups[] = $id;
}
$prjPermGroups = implode(',', $aGroups);
if (SEC_inGroup('Root')) {
$querycolumns = "SELECT DISTINCT a.pid, a.progress_id, a.status_id, a.priority_id, a.name, ";
$querycolumns .= "a.last_updated_date, a.lhs, a.rhs, a.parent_id ";
$queryfrom = "FROM {$_TABLES['prj_projects']} a";
$querywhere = " WHERE 1=1 ";
} else {
$querycolumns = "SELECT DISTINCT a.pid, a.progress_id, a.status_id, a.priority_id, a.name, ";
$querycolumns .= "a.last_updated_date, a.lhs, a.rhs, a.parent_id ";
$queryfrom = "FROM {$_TABLES['prj_projects']} a, {$_TABLES['prj_projPerms']} b ";
$querywhere .= "WHERE b.pid =a.pid";
$querywhere .= " AND b.taskID=0 AND (b.uid={$userid} OR b.gid in ({$prjPermGroups})) ";
}
switch ($category_string) {
case 'cat':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_category']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.category_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_category'], 0, $needle);
break;
case 'loc':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_location']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.location_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_locations'], 0, $needle);
break;
case 'dep':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_department']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.department_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_departments'], 0, $needle);
break;
case 'pri':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.priority_id={$needle} ";
$header = $strings["filter_priority"] . $priority[$needle];
break;
case 'pro':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.progress_id={$needle} ";
$header = $strings["filter_progress"] . $progress[$needle];
break;
case 'sta':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.status_id={$needle} ";
$header = $strings["filter_status"] . $status[$needle];
break;
case 'ctm':
if (SEC_inGroup('Root')) {
$querycolumns = "SELECT DISTINCT {$_TABLES['prj_projects']}.pid, {$_TABLES['prj_projects']}.progress_id, {$_TABLES['prj_projects']}.status_id, {$_TABLES['prj_projects']}.priority_id, {$_TABLES['prj_projects']}.name, ";
$querycolumns .= "{$_TABLES['prj_projects']}.last_updated_date, {$_TABLES['prj_projects']}.lhs, {$_TABLES['prj_projects']}.rhs, {$_TABLES['prj_projects']}.parent_id ";
$querywhere = "";
} else {
$querycolumns = "SELECT DISTINCT {$_TABLES['prj_projects']}.pid, {$_TABLES['prj_projects']}.progress_id, {$_TABLES['prj_projects']}.status_id, {$_TABLES['prj_projects']}.priority_id, {$_TABLES['prj_projects']}.name, ";
$querycolumns .= "{$_TABLES['prj_projects']}.last_updated_date, {$_TABLES['prj_projects']}.lhs, {$_TABLES['prj_projects']}.rhs, {$_TABLES['prj_projects']}.parent_id, {$_TABLES['prj_projPerms']}.viewRead ";
$querywhere = "WHERE b.pid =a.pid";
$querywhere .= " AND b.taskID=0 AND (b.uid={$userid} OR b.gid in ({$prjPermGroups})) ";
}
$needle = substr("{$filter}", 3, 3);
$customFilter = prj_constructFilter($needle);
$queryfrom = $customFilter['clause'];
$header = $strings["filter_custom"] . $customFilter['name'];
break;
default:
$needle = '';
$customFilter = '';
$header = '';
}
$block1 = new block();
$block1->form = "allP";
$block1->openForm($_CONF['site_url'] . "/nexproject/projects.php?" . "#" . $block1->form . "Anchor");
if ($header != '') {
$headingTitle = $strings["projects"] . " - {$header}";
} else {
$headingTitle = "{$strings['projects']} - {$strings['allprojects']} ";
$headingTitle .= "(<a href=\"{$_CONF['site_url']}/nexproject/index.php?mode=add\">{$strings['add']}</a>)";
}
$headingStatusArea = '<span id="ajaxstatus_myprojects" class="pluginInfo" style="display:none"> </span>';
$block1->heading($headingTitle, $headingStatusArea);
$block1->borne = $blockPage->returnBorne("1");
$block1->rowsLimit = $_PRJCONF['project_block_rows'];
if ($category_string == 'ctm') {
$queryend = " ORDER BY {$_TABLES['prj_projects']}.lhs";
} else {
$queryend = " ORDER BY a.lhs";
}
$lim = $limitbase * $block1->rowsLimit;
$query = $querycolumns . $queryfrom . $querywhere . $queryend;
$countRes = DB_query($query);
$block1->recordsTotal = DB_numrows($countRes);
$query .= " LIMIT {$lim}, {$block1->rowsLimit} ";
$result = DB_query($query);
echo '<!--startMyProjects-->';
echo '<div id="divMyProjects" style="padding-bottom:0px;">';
$comptListProjects = DB_numrows($result);
if ($comptListProjects != "0") {
$block1->openResults('false');
$block1->labels($labels = array(0 => $strings["project"], 1 => $strings["priority"], 2 => $strings["lastupdated"], 3 => $strings["owner"]), false, "false");
for ($i = 0; $i < DB_numrows($result); $i++) {
list($id, $idProgress, $idStatus, $idPriority, $projectName, $lastupdated, $lhs, $rhs, $parent_id) = DB_fetchArray($result);
$pArray = prj_getProjectPermissions($id, $userid);
//based on the projectID, fetch the permissions for this user...
if ($pArray['monitor'] == '1' || $pArray['teammember'] == '1' || $pArray['full'] == '1') {
$fullname = $projectName;
$owner_uid = DB_getItem($_TABLES['prj_users'], 'uid', "pid={$id} AND role='o'");
if ($owner_uid >= 2) {
$projectOwner = DB_getItem($_TABLES['users'], 'fullname', "uid={$owner_uid}");
if (strlen($projectOwner) > 15) {
$projectOwner = substr($projectOwner, 0, 12) . "..";
}
}
$block1->openRow();
// $block1->checkboxRow($id);
$block1->cellProgress($progress[$idProgress]);
$indent = '';
//we need to determine if the user has access to the parent that this item is related to.
//we do this by determining which project is on its left hand side.
$testparent = DB_getItem($_TABLES['prj_projects'], "parent_id", "pid={$id}");
$aGroups = array();
$groups = SEC_getUserGroups($uid);
foreach ($groups as $gid) {
$aGroups[] = $gid;
}
$prjPermGroups = implode(',', $aGroups);
$testsql = "SELECT a.* ";
$testsql .= "FROM {$_TABLES['prj_projPerms']} a ";
$testsql .= "WHERE a.pid={$testparent} ";
$testsql .= " AND a.taskID=0 AND (a.uid={$_USER['uid']} OR a.gid in ({$prjPermGroups})) ";
$testres = DB_query($testsql);
$testrows = DB_numRows($testres);
if ($testrows > 0 && $testparent > 0) {
if ($parent_id != 0) {
$level = prj_getProjectLevel($id);
for ($z = 1; $z < $level; $z++) {
$indent .= ' ';
}
$indent .= $subTaskImg;
}
}
if (strlen($projectName) > $_PRJCONF['project_name_length']) {
$span = "<span title=\"{$projectName}\">";
$projectName = substr($projectName, 0, $_PRJCONF['project_name_length']) . "....";
$projectName = $span . $projectName . "</span>";
}
$block1->cellRow($indent . $blockPage->buildLink("{$_CONF['site_url']}/nexproject/viewproject.php?pid={$id}", $projectName, "context", $fullname, $id));
$block1->cellRow($priority[$idPriority]);
//$block1->cellProgress($status[$idStatus]);
$block1->cellRow(strftime("%Y/%m/%d %H:%M", $lastupdated));
$block1->cellRow($projectOwner);
$block1->closeRow();
}
}
//end for
$block1->closeResults();
//$block1->bornesFooter("1", $blockPage->bornesNumber, "", "typeProjects=$typeProjects");
$pages = intval($block1->recordsTotal / $block1->rowsLimit);
if (fmod($block1->recordsTotal, $block1->rowsLimit) > 0) {
$pages += 1;
}
if ($pages > 1) {
for ($pagecntr = 0; $pagecntr < $pages; $pagecntr++) {
echo '<span style="text-decoration:underline;cursor: hand" onclick=\'setCookie("allprjmin","';
echo $pagecntr;
echo '","","");prj_getMyProjects("", "", "allprojects")\'>';
if ($limitbase == $pagecntr) {
echo '<span style="color:red">';
echo $pagecntr + 1;
echo '</span>';
} else {
echo $pagecntr + 1;
}
echo '</span> ';
}
}
} else {
$block1->noresults();
}
echo '</div>';
echo '<!--endMyProjects-->';
//$block1->closeToggle();
$block1->closeFormResults();
}
if ($temptoken['teammember'] == '1' || $temptoken['monitor'] == '1' || SEC_inGroup('Root') || $ownertoken != 0) {
echo prj_breadcrumbs(0, $pid, $strings["view_project"], $strings["view_project"]);
$blockPage = new block();
if ($msg != '') {
include 'includes/messages.php';
$blockPage->messagebox($msgLabel);
}
$idStatus = $A[status_id];
$idPriority = $A[priority_id];
$idProgress = $A[progress_id];
$idObjective = $A[objective_id];
$block1 = new block();
$block1->form = "pdD";
$block1->openForm($_CONF['site_url'] . "/nexproject/viewprojects.php?" . "#" . $block1->form . "Anchor");
$block1->headingToggle($strings["project"] . " : " . $A[name]);
$temptoken = prj_getProjectPermissions($pid, $uid);
if ($temptoken['full'] != 0) {
$block1->openPaletteIcon();
$block1->paletteIcon(0, "add", $strings["add"]);
$block1->paletteIcon(1, "remove", $strings["delete"]);
$block1->paletteIcon(2, "edit", $strings["edit"]);
$block1->paletteIcon(3, "copy", $strings["copy"]);
$block1->closePaletteIcon();
$block1->openPaletteScript();
$block1->paletteScript(0, "add", $_CONF['site_url'] . "/nexproject/index.php?mode=add", "true,false,false", $strings["add"]);
$block1->paletteScript(1, "remove", $_CONF['site_url'] . "/nexproject/index.php?mode=delete&id=" . $pid, "true,true,false", $strings["delete"]);
$block1->paletteScript(2, "edit", $_CONF['site_url'] . "/nexproject/index.php?mode=edit&id=" . $pid, "true,true,false", $strings["edit"]);
$block1->paletteScript(3, "copy", $_CONF['site_url'] . "/nexproject/index.php?mode=copy&id=" . $pid, "true,true,false", $strings["copy"]);
$block1->closePaletteScript(0, 0);
}
/* Display Project Details */
function prj_drawProjectTasksGanttBar(&$graph, &$row, &$count, $pid = 0, $nameIndent = '', $tid = 0, $sampleCounting = 0, $sm, $stm)
{
global $_TABLES, $_CONF, $showMonitor, $showTeamMember, $userid, $_PRJCONF, $filterCSV;
$sql = 'SELECT tid,name,start_date, estimated_end_date,parent_task, progress, progress_id ';
$sql .= "FROM {$_TABLES['prj_tasks']} ";
if ($pid == 0) {
$sql .= 'WHERE pid=0 ';
} else {
$sql .= "WHERE pid='{$pid}' ";
}
$sql .= "and parent_task={$tid} ";
if ($filterCSV != '') {
$sql .= "AND {$_TABLES['prj_tasks']}.pid in ({$filterCSV}) ";
}
$sql .= ' ORDER BY lhs ASC';
$result = DB_query($sql, true);
$testnumrows = DB_numRows($result);
if ($testnumrows == 0) {
//this is to help overcome any COOKIE issues with the filtercsv
$sql = 'SELECT tid,name,start_date, estimated_end_date,parent_task, progress, progress_id ';
$sql .= "FROM {$_TABLES['prj_tasks']} ";
if ($pid == 0) {
$sql .= 'WHERE pid=0 ';
} else {
$sql .= "WHERE pid='{$pid}' ";
}
$sql .= "and parent_task={$tid} ";
$sql .= ' ORDER BY lhs ASC';
$result = DB_query($sql);
}
for ($j = 0; $j < DB_numrows($result); $j++) {
list($tid, $name, $startdate, $enddate, $parent_task, $progress, $status) = DB_fetchArray($result);
$permsArray = prj_getProjectPermissions($pid, $userid, $tid);
$ownertoken = getTaskToken($tid, $userid, "{$_TABLES['prj_task_users']}", "{$_TABLES['prj_tasks']}");
if ($sm == '1' && $stm == '1') {
// all projects
if ($permsArray['monitor'] == '1' || $permsArray['teammember'] == '1' || $ownertoken != 0) {
$name = html_entity_decode($name);
$strdate = strftime("%Y/%m/%d", $startdate);
$edate = strftime("%Y/%m/%d", $enddate);
$sql = "SELECT c.fullname ";
$sql .= "FROM {$_TABLES['prj_task_users']} a ";
$sql .= "INNER JOIN {$_TABLES['prj_tasks']} b on a.tid=b.tid ";
$sql .= "INNER JOIN {$_TABLES['users']} c on a.uid=c.uid ";
$sql .= "WHERE a.role='o' AND a.tid={$tid} ";
$result2 = DB_query($sql);
list($owner) = DB_fetchArray($result2);
$link = $_CONF['site_url'] . "/nexproject/viewproject.php?mode=view&id=" . $tid;
$count = $count + 1;
if (strlen($name) > $_PRJCONF['project_name_length']) {
$name = substr($name, 0, $_PRJCONF['project_name_length']);
$name .= "...";
}
$name = $nameIndent . $name;
if ($strdate == $edate) {
$milestone = new Milestone($row, $name, $strdate);
$milestone->mark->SetType(MARK_DIAMOND);
$graph->Add($milestone);
} else {
$taskActivity = new GanttBar($count, $name, "{$strdate}", "{$edate}", "");
if ($status == 0) {
// Yellow diagonal line pattern on a red background
$taskActivity->SetPattern(BAND_RDIAG, "green");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} elseif ($status == 1) {
$taskActivity->SetPattern(BAND_RDIAG, "yellow");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} else {
$taskActivity->SetPattern(BAND_RDIAG, "red");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
}
$taskActivity->caption->SetFont(FF_FONT1, FS_NORMAL, 10);
$taskActivity->caption->SetColor('black');
$taskActivity->caption->Set($name);
// Set absolute height
$taskActivity->SetHeight(10);
$taskActivity->progress->Set($progress / 100);
// Specify progress
$taskActivity->SetCSIMTarget("{$link}");
$taskActivity->SetCSIMAlt($progress . "% completed");
$tempval = $_GET['expanded'];
$tempval2 = $_SERVER['PHP_SELF'];
$taskActivity->title->SetCSIMTarget("");
$taskActivity->title->SetCSIMAlt($progress . "% completed");
$qconstraints = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE parent_task='{$tid}' ORDER BY lhs ASC");
$numconstraints = DB_numRows($qconstraints);
for ($c = 1; $c <= $numconstraints; $c++) {
//$taskActivity->SetConstrain($row+$c,CONSTRAIN_STARTSTART,"maroon4");
}
// Add line to Gantt Chart
if (!$sampleCounting) {
$graph->Add($taskActivity);
}
}
$row++;
}
} else {
// my projects
if ($ownertoken != 0) {
$name = html_entity_decode($name);
$strdate = strftime("%Y/%m/%d", $startdate);
$edate = strftime("%Y/%m/%d", $enddate);
$sql = "SELECT c.fullname ";
$sql .= "FROM {$_TABLES['prj_task_users']} a ";
$sql .= "INNER JOIN {$_TABLES['prj_tasks']} b on a.tid=b.tid ";
$sql .= "INNER JOIN {$_TABLES['users']} c on a.uid=c.uid ";
$sql .= "WHERE a.role='o' AND a.tid={$tid}";
$result2 = DB_query($sql);
list($owner) = DB_fetchArray($result2);
$link = $_CONF['site_url'] . "/nexproject/viewproject.php?mode=view&id=" . $tid;
$count = $count + 1;
if (strlen($name) > $_PRJCONF['project_name_length']) {
$name = substr($name, 0, $_PRJCONF['project_name_length']);
$name .= "...";
}
$name = $nameIndent . $name;
if ($strdate == $edate) {
$milestone = new Milestone($row, $name, $strdate);
$milestone->mark->SetType(MARK_DIAMOND);
$graph->Add($milestone);
} else {
$taskActivity = new GanttBar($count, $name, "{$strdate}", "{$edate}", "");
if ($status == 0) {
// Yellow diagonal line pattern on a red background
$taskActivity->SetPattern(BAND_RDIAG, "green");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} elseif ($status == 1) {
$taskActivity->SetPattern(BAND_RDIAG, "yellow");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} else {
$taskActivity->SetPattern(BAND_RDIAG, "red");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
}
$taskActivity->caption->SetFont(FF_FONT1, FS_NORMAL, 10);
$taskActivity->caption->SetColor('black');
$taskActivity->caption->Set($name);
// Set absolute height
$taskActivity->SetHeight(10);
$taskActivity->progress->Set($progress / 100);
// Specify progress
$taskActivity->SetCSIMTarget("{$link}");
$taskActivity->SetCSIMAlt($progress . "% completed");
$tempval = $_GET['expanded'];
$tempval2 = $_SERVER['PHP_SELF'];
$taskActivity->title->SetCSIMTarget("");
$taskActivity->title->SetCSIMAlt($progress . "% completed");
$qconstraints = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE parent_task='{$tid}' ORDER BY lhs ASC");
$numconstraints = DB_numRows($qconstraints);
for ($c = 1; $c <= $numconstraints; $c++) {
//$taskActivity->SetConstrain($row+$c,CONSTRAIN_STARTSTART,"maroon4");
}
// Add line to Gantt Chart
if (!$sampleCounting) {
$graph->Add($taskActivity);
}
}
$row++;
}
}
if (DB_count($_TABLES['prj_tasks'], 'parent_task', $tid) > 0) {
prj_drawProjectTasksGanttBar($graph, $row, $count, $pid, $nameIndent . " ", $tid, $sampleCounting, $sm, $stm);
}
}
//end for
}
$_CLEAN = array_merge($_CLEAN, ppGetData($mytextvars, false, 'POST', 'text'));
// Integer only Variables
if ($_POST['pid'] == '') {
$myintvars = array('pid', 'edit', 'del', 'checkView', 'checkWrite', 'checkFull', 'rid');
$_CLEAN = array_merge($_CLEAN, ppGetData($myintvars, false, 'GET', 'int'));
} else {
$myintvars = array('pid', 'edit', 'del', 'checkView', 'checkWrite', 'checkFull', 'rid');
$_CLEAN = array_merge($_CLEAN, ppGetData($myintvars, false, 'POST', 'int'));
}
$pid = $_CLEAN['pid'];
if ($_USER['uid'] == '') {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
$ret = prj_getProjectPermissions($pid, $uid);
if ($ret['full'] == TRUE) {
//who cares about anything else, if you're not allowed to do anything, why bother showing it at all....
//this is the main routine for those who should be here..
$op = $_CLEAN['op'];
switch ($op) {
case 'add':
//add a permission
if ($_CLEAN['checkView'] == 1 or $_CLEAN['checkWrite'] == 1 or $_CLEAN['checkFull'] == 1) {
prj_addProjectPermission($_POST['usersandgroups'], $pid, $_CLEAN['checkView'], $_CLEAN['checkWrite'], $_CLEAN['checkFull']);
prj_pushDownNewPermissions($pid);
prj_sendNotification($pid, '', 1);
}
break;
case 'edit':
prj_editProjectPermission($_CLEAN['checkView'], $_CLEAN['checkWrite'], $_CLEAN['checkFull'], $_CLEAN['rid']);
if ($is_using_docmgmt_flag == 'Y') {
DB_query("INSERT INTO {$_TABLES['nxfile_access']} (catid,uid,view, upload, upload_direct, upload_ver, approval, admin) VALUES ('{$newcid}','{$adduid}','1','1','0','0','0','0')");
}
}
}
}
// Copy the Tasks
prj_copyProjectTasks($id, $lastid, 0);
}
//end overall if
$msg = 'copyProject';
break;
case 'erase':
$token = '';
$uid = $_USER['uid'];
$protoken = prj_getProjectPermissions($id, $uid);
$ownertoken = getTaskToken($id, $uid, "{$_TABLES['prj_task_users']}", "{$_TABLES['prj_tasks']}");
if ($protoken['full'] != 0) {
$result = DB_query("SELECT cid, is_using_docmgmt_flag, is_using_forum_flag, fid FROM {$_TABLES['prj_projects']} WHERE pid='{$id}'");
list($cid, $document, $discussion, $fid) = DB_fetchArray($result);
DB_query("DELETE FROM {$_TABLES['prj_projects']} WHERE pid='{$id}'");
$result1 = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE {$_TABLES['prj_tasks']}.pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_users']} WHERE pid={$id} and uid='{$uid}'");
DB_query("DELETE FROM {$_TABLES['prj_department']} WHERE pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_category']} WHERE pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_location']} WHERE pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_users']} WHERE pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_tasks']} WHERE pid='{$id}'");
DB_query("DELETE FROM {$_TABLES['prj_projPerms']} WHERE pid='{$id}'");
$nrows = DB_numRows($result1);
if ($nrows != "0") {
