public function getRequest($name, $default = null)
{
$return = $default;
if (isset($_POST[$name])) {
$return = safe_input($_POST[$name]);
} else {
if (isset($_GET[$name])) {
$return = safe_input($_GET[$name]);
}
}
return $return;
}
/**
* Assign a tag to a lead.
* This process will delete the lead tags and assign the new.
*
* @param mixed Id (int) or ids (array) of the lead.
* @param mixed Name (string) or names (array) of the tag.
* @param bool Wether html encode the names or not.
*
* @return mixed The number of assigned tags of false (bool) on error.
*/
function create_lead_tag_with_names($lead_id, $tag_name, $encode_names = false)
{
if (empty($lead_id)) {
throw new InvalidArgumentException(__('The lead id cannot be empty'));
}
if (empty($tag_name)) {
throw new InvalidArgumentException(__('The tag name cannot be empty'));
}
if (!is_array($lead_id)) {
$lead_id = array($lead_id);
}
if (!is_array($tag_name)) {
$tag_name = array($tag_name);
}
if ($encode_names) {
$tag_name = safe_input($tag_name);
}
$expected_assingments = count($lead_id) * count($tag_name);
$successfull_assingments = 0;
// Delete the old tags
$delete_res = process_sql_delete(LEADS_TABLE, array(LEADS_TABLE_LEAD_ID_COL => $lead_id));
if ($delete_res !== false) {
foreach ($lead_id as $l_id) {
if (is_numeric($l_id) && $l_id > 0) {
foreach ($tag_name as $t_name) {
if (!empty($t_name)) {
$tag_id = get_db_value(TAGS_TABLE_ID_COL, TAGS_TABLE, TAGS_TABLE_NAME_COL, $t_name);
if (is_numeric($tag_id) && $tag_id > 0) {
$values = array(LEADS_TABLE_LEAD_ID_COL => $l_id, LEADS_TABLE_TAG_ID_COL => $tag_id);
$result = process_sql_insert(LEADS_TABLE, $values);
if ($result !== false) {
$successfull_assingments++;
}
}
}
}
}
}
}
if ($delete_res === false || $expected_assingments > 0 && $successfull_assingments === 0) {
$successfull_assingments = false;
}
return $successfull_assingments;
}
/**
* This function creates an inventory object for each agent of pandora with name, address, description
* and extra fields if are defined as operating system and url address
*/
function synchronize_pandora_inventory()
{
global $config;
if (!isset($config["pandora_url"])) {
return;
}
if ($config["pandora_url"] == "") {
return;
}
$separator = ':;:';
$url = $config['pandora_url'] . '/include/api.php?op=get&apipass='******'pandora_api_password'] . '&op2=all_agents&return_type=csv&user='******'pandora_user'] . '&pass='******'pandora_pass'];
$return = call_api($url);
$agents_csv = explode("\n", $return);
foreach ($agents_csv as $agent_csv) {
// Avoiding empty csv lines like latest one
if ($agent_csv == '') {
continue;
}
$values = array();
$agent = explode(";", $agent_csv);
$agent_id = $agent[0];
$agent_name = $agent[1];
$agent_name_safe = safe_input($agent_name);
$address = $agent[2];
$description = $agent[3];
$os_name = $agent[4];
$url_address = $agent[5];
// Check if exist to avoid the creation
$inventory_id = get_db_value('id', 'tinventory', 'name', $agent_name_safe);
if ($inventory_id !== false) {
process_sql_delete('tinventory', array('id' => $inventory_id));
process_sql_delete('tobject_field_data', array('id_inventory' => $inventory_id));
}
$id_object_type = get_db_value('id', 'tobject_type', 'name', safe_input('Pandora agents'));
$values['name'] = $agent_name_safe;
$values['description'] = $description;
$values['id_object_type'] = $id_object_type;
$values['id_contract'] = $config['default_contract'];
$id_inventory = process_sql_insert('tinventory', $values);
if ($id_inventory) {
$id_type_field_os = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('OS')));
$id_type_field_ip = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('IP Address')));
if ($id_type_field_ip == false) {
$id_type_field_ip = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'IP Address'));
}
$id_type_field_url = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('URL Address')));
if ($id_type_field_url == false) {
$id_type_field_url = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'URL Address'));
}
$id_type_field_id = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => safe_input('ID Agent')));
if ($id_type_field_id == false) {
$id_type_field_id = get_db_value_filter('id', 'tobject_type_field', array('id_object_type' => $id_object_type, 'label' => 'ID Agent'));
}
$value_os = array();
$value_os['id_inventory'] = $id_inventory;
$value_os['id_object_type_field'] = $id_type_field_os;
$value_os['data'] = $os_name;
process_sql_insert('tobject_field_data', $value_os);
$value_ip = array();
$value_ip['id_inventory'] = $id_inventory;
$value_ip['id_object_type_field'] = $id_type_field_ip;
$value_ip['data'] = $address;
process_sql_insert('tobject_field_data', $value_ip);
$value_url = array();
$value_url['id_inventory'] = $id_inventory;
$value_url['id_object_type_field'] = $id_type_field_url;
$value_url['data'] = $url_address;
process_sql_insert('tobject_field_data', $value_url);
$value_id = array();
$value_id['id_inventory'] = $id_inventory;
$value_id['id_object_type_field'] = $id_type_field_id;
$value_id['data'] = $agent_id;
process_sql_insert('tobject_field_data', $value_id);
}
}
}
$temp = array();
// Check if already exists
/*
* CREATE TABLE `tcompany_contact` (
`id` mediumint(8) unsigned NOT NULL auto_increment,
`id_company` mediumint(8) unsigned NOT NULL,
`fullname` varchar(150) NOT NULL default '',
`email` varchar(100) NULL default NULL,
`phone` varchar(55) NULL default NULL,
`mobile` varchar(55) NULL default NULL,
`position` varchar(150) NULL default NULL,
`description` text NULL DEFAULT NULL,
`disabled` tinyint(1) NULL default 0,
PRIMARY KEY (`id`),
FOREIGN KEY (`id_company`) REFERENCES tcompany(`id`)
ON DELETE CASCADE
) ENGINE=InnoDB DEFAULT CHARSET=utf8;
* */
$id_contact = get_db_value('id', 'tcompany_contact', 'fullname', safe_input($values["fullname"]));
if ($id_contact == "" and $id_company != "") {
$temp["fullname"] = safe_input(trim($values['fullname']));
$temp["email"] = safe_input(trim($values["email_address"]));
$temp["phone"] = safe_input(trim($values["phone_home"]));
$temp["mobile"] = safe_input(trim($values["phone_mobile"]));
$temp["description"] = safe_input(trim($values["description"]));
$temp["position"] = safe_input(trim($values["title"]));
$temp["id_company"] = $id_company;
process_sql_insert('tcompany_contact', $temp);
}
}
fclose($file);
$base_dir = 'include/mailtemplates';
$files = list_files($base_dir, ".tpl", 1, 0);
$retval = array();
foreach ($files as $file) {
$retval[$file] = $file;
}
return $retval;
}
$update = get_parameter("upd_button", "none");
$refresh = get_parameter("edit_button", "none");
$template = get_parameter("template", "");
$data = "";
// Load template from disk to textarea
if ($refresh != "none") {
$full_filename = "include/mailtemplates/" . get_parameter("template");
$data = safe_input(file_get_contents($full_filename));
}
// Update configuration
if ($update != "none") {
$data = unsafe_string(str_replace("\r\n", "\n", $_POST["template_content"]));
$file = "include/mailtemplates/" . $template;
$fileh = fopen($file, "wb");
if (fwrite($fileh, $data)) {
echo "<h3 class='suc'>" . lang_string(__('File successfully updated')) . "</h3>";
} else {
echo "<h3 class='error'>" . lang_string(__('Problem updating file')) . " ({$file}) </h3>";
}
fclose($file);
}
$table->width = '99%';
$table->class = 'search-table-button';
}
if ($get_data_child) {
$id_field = get_parameter('id_field', 0);
if ($id_field) {
$label_field = get_db_value_sql("SELECT label FROM tincident_type_field WHERE id=" . $id_field);
} else {
$label_field = get_parameter('label_field');
}
$label_field_enco = get_parameter('label_field_enco', 0);
if ($label_field_enco) {
$label_field_enco = str_replace(""", "", $label_field_enco);
$label_field = base64_decode($label_field_enco);
}
$id_parent = get_parameter('id_parent');
$value_parent = get_parameter('value_parent');
$value_parent = safe_input(safe_output(base64_decode($value_parent)));
$sql = "SELECT linked_value FROM tincident_type_field WHERE parent=" . $id_parent . "\n\t\t\tAND label='" . $label_field . "'";
$field_data = get_db_value_sql($sql);
$result = false;
if ($field_data != "") {
$data = explode(',', $field_data);
foreach ($data as $item) {
if ($value_parent == 'any') {
$pos_pipe = strpos($item, '|') + 1;
$len_item = strlen($item);
$value_aux = substr($item, $pos_pipe, $len_item);
$result[$value_aux] = $value_aux;
} else {
$pattern = "/^" . $value_parent . "\\|/";
if (preg_match($pattern, $item)) {
$value_aux = preg_replace($pattern, "", $item);
$user_fields = array();
}
if (isset($_GET["borrar_grupo"])) {
$grupo = get_parameter('borrar_grupo');
enterprise_hook('delete_group');
}
$action = get_parameter("action", "edit");
$alta = get_parameter("alta");
///////////////////////////////
// LOAD USER VALUES
///////////////////////////////
if (($action == 'edit' || $action == 'update') && !$alta) {
$modo = "edicion";
$update_user = safe_output(get_parameter("update_user", ""));
// Read user data to include in form
$sql = "SELECT * FROM tusuario WHERE id_usuario = '" . safe_input($update_user) . "'";
$rowdup = get_db_row_sql($sql);
if ($rowdup === false) {
echo "<h3 class='error'>" . __('There was a problem loading user') . "</h3>";
echo "</table>";
include "general/footer.php";
exit;
} else {
$password = $rowdup["password"];
$comentarios = $rowdup["comentarios"];
$direccion = $rowdup["direccion"];
$telefono = $rowdup["telefono"];
$nivel = $rowdup["nivel"];
$nombre_real = $rowdup["nombre_real"];
$avatar = $rowdup["avatar"];
$lang = $rowdup["lang"];
include_once('include/functions_crm.php');
include_once('include/functions_incidents.php');
$id = (int) get_parameter ('id');
$contact = get_db_row ('tcompany_contact', 'id', $id);
$read = check_crm_acl ('other', 'cr', $config['id_user'], $contact['id_company']);
if (!$read) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to contact tickets without permission");
include ("general/noaccess.php");
exit;
}
$email = safe_output($contact["email"]);
$email = trim($email);
$email = safe_input($email);
$incidents = incidents_get_by_notified_email ($email);
if (!$incidents) {
echo ui_print_error_message (__("This contact doesn't have any ticket associated"), '', true, 'h3', true);
} else {
$table->class = "listing";
$table->width = "99%";
$table->head[0] = __("ID");
$table->head[1] = __("Ticket");
$table->head[2] = __("Status");
$table->head[3] = __("Priority");
$table->head[4] = __("Updated");
$table->data = array();
echo "<th>".__('Avg. Scoring');
$min = $offset;
$max = $offset+$config['block_size']-1;
$i = 0;
if (!empty($values)) {
foreach ($values as $key => $value){
if($i < $min || $i > $max) {
$i++;
continue;
}
$i++;
$row0 = get_db_row ("tusuario", "id_usuario", safe_input("$key"));
if ($row0){
$nombre = $row0["id_usuario"];
$avatar = $row0["avatar"];
// Get total hours for this month
$sql= "SELECT SUM(duration) FROM tworkunit WHERE timestamp > '$begin_month' AND timestamp < '$end_month' AND id_user = '******'";
if ($res = mysql_query($sql)) {
$row=mysql_fetch_array($res);
}
echo "<tr><td>";
echo "<a href='index.php?sec=users&sec2=operation/users/user_edit&id=$nombre' class='tip'> <span>";
$usuario = get_db_row ("tusuario", "id_usuario", $nombre);
echo "<b>".$usuario["nombre_real"] . "</b><br>";
/**
* Create a zip package with the /tmp files in the user folder on tattachment/file_sharing
* and delete the original files.
* Fill the files with FileSharingFile objects is required. This objects should have filled
* the params 'fullpath' and 'basename'.
*
* @return array The index 'status' shows the result of the operation, the index 'message'
* returns a message and the index 'bad_files' returns an array with the not created files.
*/
public function save()
{
global $config;
$result = array('status' => false, 'message' => '', 'badFiles' => array());
if (isset($this->files) && !empty($this->files) && is_array($this->files)) {
if (isset($this->id)) {
// Do nothing. At this moment the package edition is not supported
$result['message'] = __('At this moment the package edition is not supported');
} else {
// Package creation
if (class_exists("ZipArchive")) {
// The admin can manage the file uploads as any user
$user_is_admin = (bool) dame_admin($config['id_user']);
if ($user_is_admin) {
$id_user = get_parameter("id_user", $config['id_user']);
// If the user doesn't exist get the current user
$user_data = get_user($id_user);
if (empty($user_data)) {
$id_user = $config['id_user'];
}
$this->uploader = $id_user;
} else {
$this->uploader = $config['id_user'];
}
if (!isset($this->filename) || empty($this->filename)) {
$this->filename = 'IntegriaIMS-SharedFile';
}
if (!isset($this->description)) {
$this->description = '';
}
if (!isset($this->created)) {
$this->created = time();
}
$this->filename .= ".zip";
// Insert the package info into the tattachment table
$values = array();
$values['id_usuario'] = safe_input($this->uploader);
$values['filename'] = safe_input($this->filename);
$values['timestamp'] = date("Y-m-d", $this->created);
$values['public_key'] = hash("sha256", $id . $this->uploader . $this->filename . $this->created);
$values['file_sharing'] = 1;
$id = process_sql_insert(FileSharingFile::$dbTable, $values);
if (!empty($id)) {
$this->id = $id;
if (!file_exists(self::$fileSharingDir) && !is_dir(self::$fileSharingDir)) {
mkdir(self::$fileSharingDir);
}
$userDir = self::$fileSharingDir . "/" . $this->uploader;
if (!file_exists($userDir) && !is_dir($userDir)) {
mkdir($userDir);
}
$this->fullpath = $userDir . "/" . $this->id . "_" . $this->filename;
// Zip creation
$zip = new ZipArchive();
$res = $zip->open($this->fullpath, ZipArchive::CREATE);
if ($res === true) {
foreach ($this->files as $file) {
if (is_array($file)) {
$file = new FileSharingFile($file);
}
$fullpath = $file->getFullpath();
$basename = $file->getBasename();
if ($file->isReadable() && !empty($fullpath) && !empty($basename)) {
// Add the file to the package
if (!$zip->addFile($fullpath, $basename)) {
$result['badFiles'][] = $file;
}
} else {
$result['badFiles'][] = $file;
}
}
$zip->close();
$filesCount = count($this->files);
$badFilesCount = count($result['badFiles']);
if ($badFilesCount == 0) {
$result['status'] = true;
} else {
if ($badFilesCount < $filesCount) {
$result['status'] = true;
$result['message'] = __('Not all the files where added to the package');
} else {
$result['message'] = __('An error occurred while building the package');
}
}
// Remove the original files
foreach ($this->files as $file) {
if (is_array($file)) {
$file = new FileSharingFile($file);
}
$file->deleteFromDisk();
}
// Reload the data and recheck the package
if ($result['status']) {
$this->loadWithID($this->id);
if (!$this->exists || !$this->readable) {
$result['status'] = false;
$result['message'] = __('An error occurred while building the package');
$result['badFiles'] = array();
$this->delete();
} else {
// The file was created successsfully
$this->trackingCreation();
}
}
}
} else {
$result['message'] = __('An error occurred while creating the package');
foreach ($this->files as $file) {
if (is_array($file)) {
$file = new FileSharingFile($file);
}
$file->deleteFromDisk();
}
}
} else {
if (get_admin_user($config['id_user'])) {
$result['message'] = __("Impossible to handle the package. You have to install the PHP's Zip extension");
} else {
$result['message'] = __('An error occurred while building the package');
}
}
}
} else {
$result['message'] = __('This package has no files');
}
return $result;
}
$project_access = get_project_access ($config["id_user"], $id_project);
if (!$project_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation","Trying to create tasks in an unauthorized project");
no_permission ();
}
}
$data_array = preg_split ("/\n/", $tasklist);
foreach ($data_array as $data_item){
$data = trim($data_item);
if ($data != "") {
$sql = sprintf ('INSERT INTO ttask (id_project, name, id_parent_task, start, end)
VALUES (%d, "%s", %d, "%s", "%s")',
$id_project, safe_input ($data), $parent, $start, $end);
$id_task = process_sql ($sql, 'insert_id');
if ($id_task) {
$sql = sprintf("SELECT id_role FROM trole_people_project
WHERE id_project = %d AND id_user = '******'", $id_project, $owner);
$id_role = process_sql($sql);
$role = $id_role[0]['id_role'];
$sql = sprintf('INSERT INTO trole_people_task (id_user, id_role, id_task)
VALUES ("%s", %d, %d)', $owner, $role, $id_task);
$result2 = process_sql($sql);
if (! $result2) {
function save_message_workunit()
{
global $config;
global $dir;
global $id;
include "include/functions_workunits.php";
$return = array('correct' => false);
$file_global_counter_chat = $dir . '/incident.' . $id . '.global_counter.txt';
$log_chat_file = $dir . '/incident.' . $id . '.log.json.txt';
//First lock the file
$fp_global_counter = @fopen($file_global_counter_chat, "a+");
if ($fp_global_counter === false) {
echo json_encode($return);
return;
}
//Try to look MAX_TIMES times
$tries = 0;
while (!flock($fp_global_counter, LOCK_EX)) {
$tries++;
if ($tries > MAX_TIMES) {
echo json_encode($return);
return;
}
sleep(1);
}
$text_encode = @file_get_contents($log_chat_file);
$log = json_decode($text_encode, true);
//debugPrint($log);
$txtChat = __('---------- CHAT -------------');
$txtChat .= "\n";
foreach ($log as $message) {
if ($message['type'] == 'notification') {
//Disabled at the moment
continue;
//$txtChat .= __("<<SYSTEM>>");
} else {
$txtChat .= $message['user_name'];
}
$txtChat .= " :> ";
$txtChat .= $message['text'];
$txtChat .= "\n";
}
create_workunit($id, safe_input($txtChat), $config['id_user']);
fclose($fp_global_counter);
$return['correct'] = true;
echo json_encode($return);
return;
}
if (empty($values['name'])) {
continue;
}
// Check parent
if ($values["account_type"] == "") {
$values["account_type"] = "Other";
}
print $values["name"];
print " - ";
print $values["account_type"];
print "\n";
$id_company_role = get_db_value('id', 'tcompany_role', 'name', safe_input($values["account_type"]));
if ($id_company_role == "") {
$temp = array();
$temp["name"] = safe_input($values["account_type"]);
$id_company_role = process_sql_insert('tcompany_role', $temp);
// Created new company role
print "[*] Created new company role " . $temp["name"] . " with ID {$id_company_role} \n";
}
$temp = array();
// Check if already exists
$id_company = get_db_value('id', 'tcompany', 'name', safe_input($values["name"]));
if ($id_company == "") {
$temp["name"] = safe_input($values["name"]);
$temp["address"] = safe_input($values["billing_address_street"] . "\n" . $values["billing_address_city"] . "\n" . $values["billing_address_state"] . "\n" . $values["billing_address_postalcode"] . "\n" . $values["billing_address_country"]);
$temp["comments"] = safe_input($values["description"] . "\n" . $values["phone_office"] . "\n" . $values["phone_alternate"] . "\n" . $values["website"]);
$temp["id_company_role"] = $id_company_role;
process_sql_insert('tcompany', $temp);
}
}
fclose($file);
/**
* Get a parameter from post request array.
*
* @param name Name of the parameter
* @param default Value returned if there were no parameter.
*
* @return Parameter value.
*/
function get_parameter_post($name, $default = "")
{
if (isset($_POST[$name]) && $_POST[$name] != "") {
return safe_input($_POST[$name]);
}
return $default;
}
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
include_once("include/functions_crm.php");
// We need to strip HTML entities if we want to use in a sql search
$search_string = get_parameter ("search_string","");
// Delete spaces from start and end of the search string
$search_string = safe_input(trim(safe_output($search_string)));
if ($search_string == ""){
echo "<h2>";
echo __("Global Search");
echo "</h2>";
echo "<h4>";
echo __("Empty search string");
echo "</h4>";
return;
}
echo "<h2>";
echo __("Global Search");
echo "</h2>";
no_permission();
}
}
} else {
$project_access = get_project_access($config["id_user"], $id_project);
if (!$project_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create tasks in an unauthorized project");
no_permission();
}
}
$data_array = preg_split("/\n/", $tasklist);
foreach ($data_array as $data_item) {
$data = trim($data_item);
if ($data != "") {
$sql = sprintf('INSERT INTO ttask (id_project, name, id_parent_task, start, end)
VALUES (%d, "%s", %d, "%s", "%s")', $id_project, safe_input($data), $parent, $start, $end);
$id_task = process_sql($sql, 'insert_id');
if ($id_task) {
$sql = sprintf("SELECT id_role FROM trole_people_project\n\t\t\t\t\t\t\t\t\tWHERE id_project = %d AND id_user = '******'", $id_project, $owner);
$id_role = process_sql($sql);
$role = $id_role[0]['id_role'];
$sql = sprintf('INSERT INTO trole_people_task (id_user, id_role, id_task)
VALUES ("%s", %d, %d)', $owner, $role, $id_task);
$result2 = process_sql($sql);
if (!$result2) {
echo "<h3 class='error'>" . __('An error ocurred setting the permissions for the task ' . $data) . "</h3>";
}
} else {
echo "<h3 class='error'>" . __('The task ' . $data . ' could not be created') . "</h3>";
}
}
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Load globar vars
global $config;
check_login();
if (!give_acl($config["id_user"], 0, "UM")) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access User Management");
require "general/noaccess.php";
exit;
}
include_once 'include/functions_user.php';
if (isset($_GET["borrar_usuario"])) {
// if delete user
$nombre = safe_input($_GET["borrar_usuario"]);
user_delete_user($nombre);
}
$offset = get_parameter("offset", 0);
$search_text = get_parameter("search_text", "");
$disabled_user = get_parameter("disabled_user", -1);
$level = get_parameter("level", -10);
$group = get_parameter("group", 0);
echo '<h2>' . __('User management') . '</h2>';
echo '<h4>' . __('List users') . '</h4>';
echo "<div style='width:100%' class='divform'>";
if (!isset($filter_form)) {
$filter_form = '';
}
form_search_users(false, $filter_form);
echo "<form method=post action='index.php?sec=users&sec2=godmode/usuarios/configurar_usuarios&alta=1'>";
return;
}
}
// Does not exist
echo json_encode(true);
return;
} elseif ($search_existing_task) {
require_once 'include/functions_db.php';
$project_id = (int) get_parameter('project_id');
$operation_type = (string) get_parameter('type');
if ($operation_type == "create") {
$tasks_names = get_parameter('task_name');
$tasks_names = safe_output($tasks_names);
$tasks_names = preg_split("/\n/", $tasks_names);
foreach ($tasks_names as $task_name) {
$task_name = safe_input($task_name);
$query_result = get_db_value_filter("name", "ttask", array('name' => $task_name, 'id_project' => $project_id));
if ($query_result) {
// Exists. Validation error
echo json_encode(false);
return;
}
}
} elseif ($operation_type == "view") {
$task_name = get_parameter('task_name');
$old_task_id = get_parameter('task_id');
if (!$project_id) {
$project_id = get_db_value("id_project", "ttask", "id", $old_task_id);
}
// Name of the edited task
$old_task_name = get_db_value("name", "ttask", "id", $old_task_id);
function inventories_load_file($objects_file)
{
$file_handle = fopen($objects_file, "r");
global $config;
while (!feof($file_handle)) {
$create = true;
$line = fgets($file_handle);
if ($line == '' || !isset($line)) {
continue;
}
preg_match_all('/(.*),/', $line, $matches);
$values = explode(',', $line);
$id_object_type = $values[0];
$owner = $values[1];
$name = $values[2];
$public = $values[3];
$description = $values[4];
$id_contract = $values[5];
$id_manufacturer = $values[6];
$id_parent = $values[7];
$id_companies = $values[8];
$id_users = $values[9];
$status = $values[10];
if ($id_companies != '') {
$id_companies_arr = explode(';', $id_companies);
} else {
$id_companies_arr = array();
}
if ($id_users != '') {
$id_users_arr = explode(';', $id_users);
} else {
$id_users_arr = array();
}
$value = array('id_object_type' => $id_object_type, 'owner' => $owner, 'name' => safe_input($name), 'public' => $public, 'description' => safe_input($description), 'id_contract' => $id_contract, 'id_manufacturer' => $id_manufacturer, 'id_parent' => $id_parent, 'status' => $status, 'last_update' => date("Y/m/d", get_system_time()));
if ($name == '') {
echo "<h3 class='error'>" . __('Inventory name empty') . "</h3>";
$create = false;
} else {
$inventory_id = get_db_value('id', 'tinventory', 'name', $name);
if ($inventory_id != false) {
echo "<h3 class='error'>" . __('Inventory ') . $name . __(' already exists') . "</h3>";
$create = false;
}
}
if ($id_contract != 0 && $id_contract != '') {
$exists = get_db_value('id', 'tcontract', 'id', $id_contract);
if (!$exists) {
echo "<h3 class='error'>" . __('Contract ') . $id_contract . __(' doesn\'t exist') . "</h3>";
$create = false;
}
}
if ($id_manufacturer != 0 && $id_manufacturer != '') {
$exists = get_db_value('id', 'tmanufacturer', 'id', $id_manufacturer);
if (!$exists) {
echo "<h3 class='error'>" . __('Manufacturer ') . $id_manufacturer . __(' doesn\'t exist') . "</h3>";
$create = false;
}
}
if ($id_object_type != 0 && $id_object_type != '') {
$exists_object_type = get_db_value('id', 'tobject_type', 'id', $id_object_type);
if (!$exists_object_type) {
echo "<h3 class='error'>" . __('Object type ') . $id_object_type . __(' doesn\'t exist') . "</h3>";
$create = false;
} else {
//~ $all_fields = inventories_get_all_type_field ($id_object_type);
$sql = "SELECT * FROM tobject_type_field WHERE id_object_type=" . $id_object_type;
$all_fields = get_db_all_rows_sql($sql);
if ($all_fields == false) {
$all_fields = array();
}
$value_data = array();
$i = 11;
$j = 0;
foreach ($all_fields as $key => $field) {
$data = $values[$i];
switch ($field['type']) {
case 'combo':
$combo_val = explode(",", $field['combo_value']);
$k = array_search($data, $combo_val);
if ($k === false) {
echo "<h3 class='error'>" . __('Field ') . $field['label'] . __(' doesn\'t match. Valid values: ') . $field['combo_value'] . "</h3>";
$create = false;
}
break;
case 'numeric':
$res = is_numeric($data);
if (!$res) {
echo "<h3 class='error'>" . __('Field ') . $field['label'] . __(' must be numeric') . "</h3>";
$create = false;
}
break;
case 'external':
$table_ext = $field['external_table_name'];
$exists_table = get_db_sql("SHOW TABLES LIKE '{$table_ext}'");
if (!$exists_table) {
echo "<h3 class='error'>" . __('External table ') . $table_ext . __(' doesn\'t exist') . "</h3>";
$create = false;
}
$id = $field['external_reference_field'];
$exists_id = get_db_sql("SELECT {$id} FROM {$table_ext}");
if (!$exists_id) {
echo "<h3 class='error'>" . __('Id ') . $id . __(' doesn\'t exist') . "</h3>";
$create = false;
}
break;
}
if ($field['inherit']) {
$ok = inventories_check_unique_field($data, $field['type']);
if (!$ok) {
echo "<h3 class='error'>" . __('Field ') . $field['label'] . __(' must be unique') . "</h3>";
$create = false;
}
}
$value_data[$j]['id_object_type_field'] = $field['id'];
$value_data[$j]['data'] = safe_input($data);
$i++;
$j++;
}
}
}
if ($create) {
$result_id = process_sql_insert('tinventory', $value);
if ($result_id) {
foreach ($value_data as $k => $val_data) {
$val_data['id_inventory'] = $result_id;
process_sql_insert('tobject_field_data', $val_data);
}
if (!empty($id_companies_arr)) {
foreach ($id_companies_arr as $id_company) {
$values_company['id_inventory'] = $result_id;
$values_company['id_reference'] = $id_company;
$values_company['type'] = 'company';
process_sql_insert('tinventory_acl', $values_company);
}
}
if (!empty($id_users_arr)) {
foreach ($id_users_arr as $id_user) {
$values_user['id_inventory'] = $result_id;
$values_user['id_reference'] = $id_user;
$values_user['type'] = 'user';
process_sql_insert('tinventory_acl', $values_user);
}
}
}
}
}
//end while
fclose($file_handle);
echo "<h3 class='info'>" . __('File loaded') . "</h3>";
return;
}
function print_bubble_incidents_per_user_graph($incidents_by_user)
{
$max_radius = 0;
$min_visual_radius = 0.5;
$adjust_visual = false;
$data = array();
$id = 0;
//First we calculate max_radius to ensure a correct visualization
$incident_radius = array();
foreach ($incidents_by_user as $incident) {
$radius = $incident['workunits'] + $incident['hours'] + 0.1 * $incident['files'];
if ($radius > $max_radius) {
$max_radius = $radius;
}
$incident_radius[$id] = $radius;
$id++;
}
if ($max_radius < $min_visual_radius) {
$adjust_visual = true;
$max_radius = 3;
}
$id = 0;
foreach ($incidents_by_user as $incident) {
$content = '<b>' . __('Creator') . ':</b> ' . safe_input($incident['user_name']) . '<br>' . '<b>' . __('Ticket') . ':</b> ' . safe_input($incident['incident_name']) . '<br>' . '<b>' . __('Workunits') . ':</b> ' . safe_input($incident['workunits']) . '<br>' . '<b>' . __('Hours') . ':</b> ' . safe_input($incident['hours']) . '<br>' . '<b>' . __('Files') . ':</b> ' . safe_input($incident['files']);
if ($adjust_visual) {
$radius = 3;
} else {
$radius = $incident_radius[$id];
}
$row = array();
$row['radius'] = $radius;
$row['id_creator'] = $incident['id_creator'];
$row['content'] = $content;
$row['link'] = 'index.php?' . 'sec=incidents&' . 'sec2=operation/incidents/incident_dashboard_detail&' . 'id=' . $incident['id_incident'];
$row['id'] = $id;
$data[$id] = $row;
$id++;
}
?>
<script type="text/javascript">
var nodes = [
<?php
$first = true;
foreach ($data as $node) {
if (!$first) {
echo ",\n";
}
$first = false;
echo "{\n\t\t\t\t\t'radius': " . $node['radius'] . ",\n\t\t\t\t\t'id_creator': '" . $node['id_creator'] . "',\n\t\t\t\t\t'content': '" . $node['content'] . "',\n\t\t\t\t\t'link': '" . $node['link'] . "',\n\t\t\t\t\t'id': " . $node['id'] . ",\n\t\t\t\t\t}\n";
}
?>
];
</script>
<?php
?>
<div id="graph_container"></div>
<style type="text/css">
circle {
stroke: #fff;
}
circle.over {
stroke: #999;
}
circle.mouse_down {
stroke: #000;
}
</style>
<script type="text/javascript">
var margin = {top: 0, right: 0, bottom: 0, left: 0},
width = 960 - margin.left - margin.right,
height = 500 - margin.top - margin.bottom;
var padding = 6;
var radius = d3.scale.sqrt().range([0, <?php
echo $max_radius;
?>
]);
var color = d3.scale.category20();
var svg = d3.select("#graph_container").append("svg")
.attr("width", width + margin.left + margin.right)
.attr("height", height + margin.top + margin.bottom)
.append("g")
.attr("transform", "translate(" + margin.left + "," + margin.top + ")");
var force = d3.layout.force()
.nodes(nodes)
.size([width, height])
.gravity(.02)
.charge(0)
.on("tick", tick)
.start();
var circle = svg.selectAll("circle")
.data(nodes)
.enter().append("circle")
.attr("id", function(d) { return "node_" + d.id;})
.attr("r", function(d) { return radius(d.radius); })
.style("fill", function(d) { return color(d.id_creator); })
.on("mouseover", over)
.on("mouseout", out)
.on("mousemove", move_tooltip)
.on("mousedown", mouse_down)
.on("mouseup", mouse_up)
.call(force.drag);
function tick(e) {
circle
.each(cluster(10 * e.alpha * e.alpha))
.each(collide(0.5))
.attr("cx", function(d) { return d.x; })
.attr("cy", function(d) { return d.y; });
}
// Move d to be adjacent to the cluster node.
function cluster(alpha) {
var max = {};
// Find the largest node for each cluster.
nodes.forEach(function(d) {
if (!(color(d.color) in max)
|| (radius(d.radius) > radius(max[color(d.color)].radius))) {
max[color(d.color)] = d;
}
});
return function(d) {
var node = max[color(d.color)],
l,
r,
x,
y,
i = -1;
if (node == d) return;
x = d.x - node.x;
y = d.y - node.y;
l = Math.sqrt(x * x + y * y);
r = radius(d.radius) + radius(node.radius);
if (l != r) {
l = (l - r) / l * alpha;
d.x -= x *= l;
d.y -= y *= l;
node.x += x;
node.y += y;
}
};
}
// Resolves collisions between d and all other circles.
function collide(alpha) {
var quadtree = d3.geom.quadtree(nodes);
return function(d) {
var r = radius(d.radius) + radius.domain()[1] + padding,
nx1 = d.x - r,
nx2 = d.x + r,
ny1 = d.y - r,
ny2 = d.y + r;
quadtree.visit(function(quad, x1, y1, x2, y2) {
if (quad.point && (quad.point !== d)) {
var x = d.x - quad.point.x,
y = d.y - quad.point.y,
l = Math.sqrt(x * x + y * y),
r = radius(d.radius) + quad.point.radius
+ (color(d.color) !== quad.point.color) * padding;
if (l < r) {
l = (l - r) / l * alpha;
d.x -= x *= l;
d.y -= y *= l;
quad.point.x += x;
quad.point.y += y;
}
}
return x1 > nx2
|| x2 < nx1
|| y1 > ny2
|| y2 < ny1;
});
};
}
var mouse_click_x;
var mouse_click_y;
function mouse_up(d) {
x = d3.event.clientX;
y = d3.event.clientY;
if ((x == mouse_click_x) &&
(y == mouse_click_y)) {
window.location = d.link;
}
}
function mouse_down(d) {
svg.select("#node_" + d.id)
.attr("class", "mouse_down");
mouse_click_x = d3.event.clientX;
mouse_click_y = d3.event.clientY;
}
function over(d) {
svg.select("#node_" + d.id)
.attr("class", "over");
show_tooltip(d);
}
function out(d) {
svg.select("#node_" + d.id)
.attr("class", "");
hide_tooltip();
}
function move_tooltip(d) {
x = d3.event.clientX + 10;
y = d3.event.clientY + 10;
$("#tooltip").css('left', x + 'px');
$("#tooltip").css('top', y + 'px');
}
function create_tooltip(d, x, y) {
if ($("#tooltip").length == 0) {
$("body")
.append($("<div></div>")
.attr('id', 'tooltip')
.html(d.content));
}
else {
$("#tooltip").html(d.content);
}
$("#tooltip").attr('style', 'background: #fff;' +
'position: absolute;' +
'display: block;' +
'width: 200px;' +
'text-align: left;' +
'padding: 10px 10px 10px 10px;' +
'z-index: 2;' +
"-webkit-box-shadow: 7px 7px 5px rgba(50, 50, 50, 0.75);" +
"-moz-box-shadow: 7px 7px 5px rgba(50, 50, 50, 0.75);" +
"box-shadow: 7px 7px 5px rgba(50, 50, 50, 0.75);" +
'left: ' + x + 'px;' +
'top: ' + y + 'px;');
}
function show_tooltip(d) {
x = d3.event.clientX + 10;
y = d3.event.clientY + 10;
create_tooltip(d, x, y);
}
function hide_tooltip() {
$("#tooltip").hide();
}
</script>
<?php
}
if ($len < $nfields) {
$data = array_pad($data, $nfields, '');
} elseif ($len > $nfields) {
$data = array_slice($data, NULL, $nfields);
}
$values = array_combine($fields, $data);
if (empty($values['name'])) {
continue;
}
print $values["name"];
print " - ";
print $values["account"];
print " - ";
print $values["start_date"];
print " - ";
print $values["expiry_date"];
print "\n";
$id_account = get_db_value('id', 'tcompany', 'name', safe_input($values["account"]));
$temp = array();
// Check if already exists
$id_contract = get_db_value('id', 'tcontract', 'name', safe_input($values["name"]));
if ($id_contract == "" and $id_account != "") {
$temp["name"] = safe_input(trim($values["name"]));
$temp["description"] = safe_input(trim($values["description"]));
$temp["date_begin"] = safe_input(trim($values["start_date"]));
$temp["date_end"] = safe_input(trim($values["expiry_date"]));
$temp["id_company"] = $id_account;
process_sql_insert('tcontract', $temp);
}
}
fclose($file);
/**
* Prints an image HTML element.
*
* @param string $src Image source filename.
* @param bool $return Whether to return or print
* @param array $options Array with optional HTML options to set. At this moment, the
* following options are supported: alt, style, title, width, height, class, pos_tree.
* @param bool $return_src Whether to return src field of image ('images/*.*') or complete html img tag ('<img src="..." alt="...">').
*
* @return string HTML code if return parameter is true.
*/
function print_image($src, $return = false, $options = false, $return_src = false)
{
global $config;
// path to image
//~ $src = $config["base_url"] . '/' . $src;
$src = $config["base_url_images"] . '/' . $src;
// Only return src field of image
if ($return_src) {
if (!$return) {
echo safe_input($src);
return;
}
return safe_input($src);
}
$output = '<img src="' . safe_input($src) . '" ';
//safe input necessary to strip out html entities correctly
$style = '';
if (!empty($options)) {
//Deprecated or value-less attributes
if (isset($options["align"])) {
$style .= 'align:' . $options["align"] . ';';
//Align is deprecated, use styles.
}
if (isset($options["border"])) {
$style .= 'border:' . $options["border"] . 'px;';
//Border is deprecated, use styles
}
if (isset($options["hspace"])) {
$style .= 'margin-left:' . $options["hspace"] . 'px;';
//hspace is deprecated, use styles
$style .= 'margin-right:' . $options["hspace"] . 'px;';
}
if (isset($options["ismap"])) {
$output .= 'ismap="ismap" ';
//Defines the image as a server-side image map
}
if (isset($options["vspace"])) {
$style .= 'margin-top:' . $options["vspace"] . 'px;';
//hspace is deprecated, use styles
$style .= 'margin-bottom:' . $options["vspace"] . 'px;';
}
if (isset($options["style"])) {
$style .= $options["style"];
}
//Valid attributes (invalid attributes get skipped)
$attrs = array("height", "longdesc", "usemap", "width", "id", "class", "title", "lang", "xml:lang", "onclick", "ondblclick", "onmousedown", "onmouseup", "onmouseover", "onmousemove", "onmouseout", "onkeypress", "onkeydown", "onkeyup", "pos_tree");
foreach ($attrs as $attribute) {
if (isset($options[$attribute])) {
$output .= $attribute . '="' . safe_input($options[$attribute]) . '" ';
}
}
} else {
$options = array();
}
if (!isset($options["alt"]) && isset($options["title"])) {
$options["alt"] = safe_input($options["title"]);
//Set alt to title if it's not set
} elseif (!isset($options["alt"])) {
$options["alt"] = "";
}
if (!empty($style)) {
$output .= 'style="' . $style . '" ';
}
$output .= 'alt="' . safe_input($options['alt']) . '" />';
if (!$return) {
echo $output;
}
return $output;
}
protected function tracking($action)
{
global $config;
$result = false;
if (isset($this->id) && !empty($this->id)) {
$userID = isset($config['id_user']) && !empty($config['id_user']) ? $config['id_user'] : '';
$data = array('remote_addr' => $_SERVER['REMOTE_ADDR']);
// To json string
$data = json_encode($data);
$values = array('id_attachment' => $this->id, 'timestamp' => date('Y-m-d H:i:s'), 'id_user' => safe_input($userID), 'action' => $action, 'data' => safe_input($data));
$result = process_sql_insert(self::$dbTableTrack, $values);
}
return $result;
}