Ejemplo n.º 1
0
 echo "<s";
 echo "elect name=\"status\"><option>New<option>Pending<option>In Progress<option>Completed<option>Postponed</select></td></tr>\n</table>\n\n<img src=\"images/spacer.gif\" height=\"10\" width=\"1\"><br>\n<DIV ALIGN=\"center\"><input type=\"submit\" value=\"";
 echo $aInt->lang("todolist", "addtodoitem");
 echo "\" class=\"button\"></DIV>\n</form>\n\n  </div>\n</div>\n\n<br />\n\n";
 $aInt->sortableTableInit("duedate", "ASC");
 unset($where);
 if ($status == "Incomplete" || $status == "") {
     $where['status'] = array("sqltype" => "NEQ", "value" => "Completed");
 } else {
     $where['status'] = $status;
 }
 if ($date) {
     $where['date'] = toMySQLDate($date);
 }
 if ($duedate) {
     $where['duedate'] = toMySQLDate($duedate);
 }
 if ($title) {
     $where['title'] = array("sqltype" => "LIKE", "value" => $title);
 }
 if ($description) {
     $where['description'] = array("sqltype" => "LIKE", "value" => $description);
 }
 if ($admin) {
     $where['admin'] = $admin;
 }
 $table = "tbltodolist";
 $result = select_query($table, "COUNT(*)", $where, $orderby, $order);
 $data = mysql_fetch_array($result);
 $numrows = $data[0];
 $AdminsArray = array();
Ejemplo n.º 2
0
<?php

use WHMCS\Input\Sanitize;
if (!defined("WHMCS")) {
    die("This file cannot be accessed directly");
}
if (!function_exists('getRegistrarsDropdownMenu')) {
    require ROOTDIR . '/includes/registrarfunctions.php';
}
$whmcs = App::self();
$reportdata["title"] = $aInt->lang('reports', 'domainRenewalEmailsTitle');
$userID = $whmcs->get_req_var('client');
$domain = $whmcs->get_req_var('domain');
$dateFrom = $whmcs->get_req_var('dateFrom') ? toMySQLDate($whmcs->get_req_var('dateFrom')) : '';
$dateTo = $whmcs->get_req_var('dateTo') ? toMySQLDate($whmcs->get_req_var('dateTo')) : '';
$formDateFrom = $dateFrom ? fromMySQLDate($dateFrom) : '';
$formDateTo = $dateTo ? fromMySQLDate($dateTo) : '';
$registrar = $whmcs->get_req_var('registrar');
$print = $whmcs->get_req_var('print');
/**
 * Replace the "None" string with the "Any" string
 */
$registrarList = str_replace($aInt->lang('global', 'none'), $aInt->lang('global', 'any'), getRegistrarsDropdownMenu($registrar));
$reportdata["description"] = $aInt->lang('reports', 'domainRenewalEmailsDescription');
$reportHeader = '';
if (!$print) {
    $reportHeader = <<<REPORT_HEADER
<form method="post" action="reports.php?report=domain_renewal_emails">
{$aInt->lang('fields', 'clientid')}: {$aInt->clientsDropDown($userID, '', 'client', true)}
{$aInt->lang('fields', 'domain')}: <input type="text" name="domain" value="{$domain}" size="30" />
{$aInt->lang('fields', 'registrar')}: {$registrarList}
Ejemplo n.º 3
0
$result = select_query("tbladmins", "id,firstname,lastname", "", "firstname` ASC,`lastname", "ASC");
while ($data = mysql_fetch_array($result)) {
    $aid = $data['id'];
    $admindropdown .= "<option value=\"" . $aid . "\"";
    if ($aid == $adminid) {
        echo " selected";
    }
    $admindropdown .= ">" . $data['firstname'] . " " . $data['lastname'] . "</option>";
}
$admindropdown .= "</select>";
$reportdata['headertext'] = "<form method=\"post\" action=\"reports.php?report=" . $report . "\">\n<table align=\"center\">\n<tr><td>Due Date Range - From</td><td><input type=\"text\" name=\"datefrom\" value=\"" . $datefrom . "\" class=\"datepick\" /></td><td width=\"20\"></td><td>To</td><td><input type=\"text\" name=\"dateto\" value=\"" . $dateto . "\" class=\"datepick\" /></td><td width=\"20\"></td><td>Filter by Status</td><td>" . $statusdropdown . "</td><td width=\"20\"></td><td>Filter by Staff Member</td><td>" . $admindropdown . "</td><td width=\"20\"></td><td><input type=\"submit\" value=\"Submit\" /></tr>\n</table>\n</form>";
$reportdata['tableheadings'] = array("ID", "Created", "Project Title", "Assigned Staff", "Associated Client", "Due Date", "Total Invoiced", "Total Paid", "Total Time", "Status");
$totalprojectstime = $i = 0;
$adminquery = $adminid ? " AND adminid='" . (int) $adminid . "'" : "";
$statusquery = $status ? " AND status='" . db_escape_string($status) . "'" : "";
$result = select_query("mod_project", "", "duedate>='" . toMySQLDate($datefrom) . "' AND duedate<='" . toMySQLDate($dateto) . "'" . $adminquery . $statusquery);
while ($data = mysql_fetch_array($result)) {
    $totaltaskstime = 0;
    $projectid = $data['id'];
    $projectname = $data['title'];
    $adminid = $data['adminid'];
    $userid = $data['userid'];
    $created = $data['created'];
    $duedate = $data['duedate'];
    $ticketids = $data['ticketids'];
    $projectstatus = $data['status'];
    $created = fromMySQLDate($created);
    $duedate = fromMySQLDate($duedate);
    $admin = $adminid ? getAdminName($adminid) : "None";
    if ($userid) {
        $clientsdetails = getClientsDetails($userid);
Ejemplo n.º 4
0
 function Render()
 {
     // get post and get variables
     global $Translation;
     $adminConfig = config('adminConfig');
     $FiltersPerGroup = 4;
     $buttonWholeWidth = 136;
     $current_view = '';
     /* TV, DV, TVDV, TVP, DVP, Filters */
     $Embedded = intval($_REQUEST['Embedded']);
     if ($_SERVER['REQUEST_METHOD'] == 'GET') {
         $SortField = $_GET["SortField"];
         $SortDirection = $_GET["SortDirection"];
         $FirstRecord = $_GET["FirstRecord"];
         $ScrollUp_y = $_GET["ScrollUp_y"];
         $ScrollDn_y = $_GET["ScrollDn_y"];
         $Previous_x = $_GET["Previous_x"];
         $Next_x = $_GET["Next_x"];
         $Filter_x = $_GET["Filter_x"];
         $SaveFilter_x = $_GET["SaveFilter_x"];
         $NoFilter_x = $_GET["NoFilter_x"];
         $CancelFilter = $_GET["CancelFilter"];
         $ApplyFilter = $_GET["ApplyFilter"];
         $Search_x = $_GET["Search_x"];
         $SearchString = get_magic_quotes_gpc() ? stripslashes($_GET['SearchString']) : $_GET['SearchString'];
         $CSV_x = $_GET["CSV_x"];
         $FilterAnd = $_GET["FilterAnd"];
         $FilterField = $_GET["FilterField"];
         $FilterOperator = $_GET["FilterOperator"];
         if (is_array($_GET['FilterValue'])) {
             foreach ($_GET['FilterValue'] as $fvi => $fv) {
                 $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
             }
         }
         $Print_x = $_GET['Print_x'];
         $PrintTV = $_GET['PrintTV'];
         $PrintDV = $_GET['PrintDV'];
         $SelectedID = get_magic_quotes_gpc() ? stripslashes($_GET['SelectedID']) : $_GET['SelectedID'];
         $insert_x = $_GET['insert_x'];
         $update_x = $_GET['update_x'];
         $delete_x = $_GET['delete_x'];
         $SkipChecks = $_GET['confirmed'];
         $deselect_x = $_GET['deselect_x'];
         $addNew_x = $_GET['addNew_x'];
         $dvprint_x = $_GET['dvprint_x'];
         $DisplayRecords = in_array($_GET['DisplayRecords'], array('user', 'group')) ? $_GET['DisplayRecords'] : 'all';
     } else {
         $SortField = $_POST['SortField'];
         $SortDirection = $_POST['SortDirection'];
         $FirstRecord = $_POST['FirstRecord'];
         $ScrollUp_y = $_POST['ScrollUp_y'];
         $ScrollDn_y = $_POST['ScrollDn_y'];
         $Previous_x = $_POST['Previous_x'];
         $Next_x = $_POST['Next_x'];
         $Filter_x = $_POST['Filter_x'];
         $SaveFilter_x = $_POST['SaveFilter_x'];
         $NoFilter_x = $_POST['NoFilter_x'];
         $CancelFilter = $_POST['CancelFilter'];
         $ApplyFilter = $_POST['ApplyFilter'];
         $Search_x = $_POST['Search_x'];
         $SearchString = get_magic_quotes_gpc() ? stripslashes($_POST['SearchString']) : $_POST['SearchString'];
         $CSV_x = $_POST['CSV_x'];
         $FilterAnd = $_POST['FilterAnd'];
         $FilterField = $_POST['FilterField'];
         $FilterOperator = $_POST['FilterOperator'];
         if (is_array($_POST['FilterValue'])) {
             foreach ($_POST['FilterValue'] as $fvi => $fv) {
                 $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
             }
         }
         $Print_x = $_POST['Print_x'];
         $PrintTV = $_POST['PrintTV'];
         $PrintDV = $_POST['PrintDV'];
         $SelectedID = get_magic_quotes_gpc() ? stripslashes($_POST['SelectedID']) : $_POST['SelectedID'];
         $insert_x = $_POST['insert_x'];
         $update_x = $_POST['update_x'];
         $delete_x = $_POST['delete_x'];
         $SkipChecks = $_POST['confirmed'];
         $deselect_x = $_POST['deselect_x'];
         $addNew_x = $_POST['addNew_x'];
         $dvprint_x = $_POST['dvprint_x'];
         $DisplayRecords = in_array($_POST['DisplayRecords'], array('user', 'group')) ? $_POST['DisplayRecords'] : 'all';
     }
     $mi = getMemberInfo();
     // insure authenticity of user inputs:
     if (is_array($FilterAnd)) {
         foreach ($FilterAnd as $i => $f) {
             if ($f && !preg_match('/^(and|or)$/i', trim($f))) {
                 $FilterAnd[$i] = 'and';
             }
         }
     }
     if (is_array($FilterOperator)) {
         foreach ($FilterOperator as $i => $f) {
             if ($f && !in_array(trim($f), array_keys($GLOBALS['filter_operators']))) {
                 $FilterOperator[$i] = '';
             }
         }
     }
     if (!preg_match('/^\\s*[1-9][0-9]*\\s*(asc|desc)?(\\s*,\\s*[1-9][0-9]*\\s*(asc|desc)?)*$/i', $SortField)) {
         $SortField = '';
     }
     if (!preg_match('/^(asc|desc)$/i', $SortDirection)) {
         $SortDirection = '';
     }
     if (!$this->AllowDelete) {
         $delete_x = '';
     }
     if (!$this->AllowDeleteOfParents) {
         $SkipChecks = '';
     }
     if (!$this->AllowInsert) {
         $insert_x = '';
         $addNew_x = '';
     }
     if (!$this->AllowUpdate) {
         $update_x = '';
     }
     if (!$this->AllowFilters) {
         $Filter_x = '';
     }
     if (!$this->AllowPrinting) {
         $Print_x = '';
         $PrintTV = '';
     }
     if (!$this->QuickSearch) {
         $SearchString = '';
     }
     if (!$this->AllowCSV) {
         $CSV_x = '';
     }
     // enforce record selection if user has edit/delete permissions on the current table
     $AllowPrintDV = 1;
     $this->Permissions = getTablePermissions($this->TableName);
     if ($this->Permissions[3] || $this->Permissions[4]) {
         // current user can edit or delete?
         $this->AllowSelection = 1;
     } elseif (!$this->AllowSelection) {
         $SelectedID = '';
         $AllowPrintDV = 0;
         $PrintDV = '';
     }
     if (!$this->AllowSelection || !$SelectedID) {
         $dvprint_x = '';
     }
     $this->QueryFieldsIndexed = reIndex($this->QueryFieldsFilters);
     // determine type of current view: TV, DV, TVDV, TVP, DVP or Filters?
     if ($this->SeparateDV) {
         $current_view = 'TV';
         if ($Print_x != '' || $PrintTV != '') {
             $current_view = 'TVP';
         } elseif ($dvprint_x != '' || $PrintDV != '') {
             $current_view = 'DVP';
         } elseif ($Filter_x != '') {
             $current_view = 'Filters';
         } elseif ($SelectedID && !$deselect_x && !$delete_x || $addNew_x != '') {
             $current_view = 'DV';
         }
     } else {
         $current_view = 'TVDV';
         if ($Print_x != '' || $PrintTV != '') {
             $current_view = 'TVP';
         } elseif ($dvprint_x != '' || $PrintDV != '') {
             $current_view = 'DVP';
         } elseif ($Filter_x != '') {
             $current_view = 'Filters';
         }
     }
     $this->HTML .= '<div class="row"><div class="col-xs-11 col-md-12">';
     $this->HTML .= '<form ' . (datalist_image_uploads_exist ? 'enctype="multipart/form-data" ' : '') . 'method="post" name="myform" action="' . $this->ScriptFileName . '">';
     if ($Embedded) {
         $this->HTML .= '<input name="Embedded" value="1" type="hidden" />';
     }
     $this->HTML .= '<script>';
     $this->HTML .= 'function enterAction(){';
     $this->HTML .= '   if($$("input[name=SearchString]:focus")[0] != undefined){ $("Search").click(); }';
     $this->HTML .= '   return false;';
     $this->HTML .= '}';
     $this->HTML .= '</script>';
     $this->HTML .= '<input id="EnterAction" type="submit" style="position: absolute; left: 0px; top: -250px;" onclick="return enterAction();">';
     $this->ContentType = 'tableview';
     // default content type
     if ($PrintTV != '') {
         $Print_x = 1;
         $_POST['Print_x'] = 1;
     }
     // handle user commands ...
     if ($deselect_x != '') {
         $SelectedID = '';
         $this->showTV();
     } elseif ($insert_x != '') {
         $SelectedID = call_user_func($this->TableName . '_insert');
         // redirect to a safe url to avoid refreshing and thus
         // insertion of duplicate records.
         $url = $this->RedirectAfterInsert;
         $insert_status = 'record-added-ok=' . rand();
         if (!$SelectedID) {
             $insert_status = 'record-added-error=' . rand();
         }
         // compose filters and sorting
         foreach ($this->filterers as $filterer => $caption) {
             if ($_REQUEST['filterer_' . $filterer] != '') {
                 $filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]);
             }
         }
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
                 $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
             }
         }
         if ($Embedded) {
             $filtersGET .= '&Embedded=1&SelectedID=' . urlencode($SelectedID);
         }
         $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}";
         $filtersGET .= "&DisplayRecords={$DisplayRecords}";
         $filtersGET .= '&SearchString=' . urlencode($SearchString);
         $filtersGET = substr($filtersGET, 1);
         // remove initial &
         if ($url) {
             /* if designer specified a redirect-after-insert url */
             $url .= (strpos($url, '?') !== false ? '&' : '?') . $insert_status;
             $url .= strpos($url, $this->ScriptFileName) !== false ? "&{$filtersGET}" : '';
             $url = str_replace("#ID#", urlencode($SelectedID), $url);
         } else {
             /* if no redirect-after-insert url, use default */
             $url = "{$this->ScriptFileName}?{$insert_status}&{$filtersGET}";
             /* if DV and TV in same page, select new record */
             if (!$this->SeparateDV) {
                 $url .= '&SelectedID=' . urlencode($SelectedID);
             }
         }
         @header('Location: ' . $url);
         $this->HTML .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;url=" . $url . "\">";
         return;
     } elseif ($delete_x != '') {
         $d = call_user_func($this->TableName . '_delete', $SelectedID, $this->AllowDeleteOfParents, $SkipChecks);
         // handle ajax delete requests
         if (is_ajax()) {
             die($d ? $d : 'OK');
         }
         if ($d) {
             //$_REQUEST['record-deleted-error'] = 1;
             $this->HTML .= error_message($d);
         } else {
             $_REQUEST['record-deleted-ok'] = 1;
             $SelectedID = '';
             $this->showTV();
         }
     } elseif ($update_x != '') {
         $updated = call_user_func($this->TableName . '_update', $SelectedID);
         $update_status = 'record-updated-ok=' . rand();
         if ($updated === false) {
             $update_status = 'record-updated-error=' . rand();
         }
         // compose filters and sorting
         foreach ($this->filterers as $filterer => $caption) {
             if ($_REQUEST['filterer_' . $filterer] != '') {
                 $filtersGET .= '&filterer_' . $filterer . '=' . urlencode($_REQUEST['filterer_' . $filterer]);
             }
         }
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
                 $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
             }
         }
         $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}&Embedded={$Embedded}";
         $filtersGET .= "&DisplayRecords={$DisplayRecords}";
         $filtersGET .= '&SearchString=' . urlencode($SearchString);
         $filtersGET = substr($filtersGET, 1);
         // remove initial &
         $redirectUrl = $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '&' . $update_status;
         @header("Location: {$redirectUrl}");
         $this->HTML .= '<META HTTP-EQUIV="Refresh" CONTENT="0;url=' . $redirectUrl . '">';
         return;
     } elseif ($addNew_x != '') {
         $SelectedID = '';
         $this->hideTV();
     } elseif ($Print_x != '') {
         // print code here ....
         $this->AllowNavigation = 0;
         $this->AllowSelection = 0;
     } elseif ($SaveFilter_x != '' && $this->AllowSavingFilters) {
         $filter_link = $_SERVER['HTTP_REFERER'] . '?SortField=' . urlencode($SortField) . '&SortDirection=' . $SortDirection . '&';
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if (($FilterField[$i] != '' || $i == 1) && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
                 $filter_link .= urlencode("FilterAnd[{$i}]") . '=' . urlencode($FilterAnd[$i]) . '&';
                 $filter_link .= urlencode("FilterField[{$i}]") . '=' . urlencode($FilterField[$i]) . '&';
                 $filter_link .= urlencode("FilterOperator[{$i}]") . '=' . urlencode($FilterOperator[$i]) . '&';
                 $filter_link .= urlencode("FilterValue[{$i}]") . '=' . urlencode($FilterValue[$i]) . '&';
             }
         }
         $filter_link = substr($filter_link, 0, -1);
         /* trim last '&' */
         $this->HTML .= '<div id="saved_filter_source_code" class="row"><div class="col-md-6 col-md-offset-3">';
         $this->HTML .= '<div class="panel panel-info">';
         $this->HTML .= '<div class="panel-heading"><h3 class="panel-title">' . $Translation["saved filters title"] . "</h3></div>";
         $this->HTML .= '<div class="panel-body">';
         $this->HTML .= $Translation["saved filters instructions"];
         $this->HTML .= '<textarea rows="4" class="form-control vspacer-lg" style="width: 100%;" onfocus="$j(this).select();">' . "&lt;a href=\"{$filter_link}\"&gt;Saved filter link&lt;a&gt;" . '</textarea>';
         $this->HTML .= "<div><a href=\"{$filter_link}\" title=\"" . htmlspecialchars($filter_link) . "\">{$Translation['permalink']}</a></div>";
         $this->HTML .= '<button type="button" class="btn btn-default btn-block vspacer-lg" onclick="$j(\'#saved_filter_source_code\').remove();"><i class="glyphicon glyphicon-remove"></i> ' . $Translation['hide code'] . '</button>';
         $this->HTML .= '</div>';
         $this->HTML .= '</div>';
         $this->HTML .= '</div></div>';
     } elseif ($Filter_x != '') {
         $orderBy = array();
         if ($SortField) {
             $sortFields = explode(',', $SortField);
             $i = 0;
             foreach ($sortFields as $sf) {
                 $tob = preg_split('/\\s+/', $sf, 2);
                 $orderBy[] = array(trim($tob[0]) => strtolower(trim($tob[1])) == 'desc' ? 'desc' : 'asc');
                 $i++;
             }
             $orderBy[$i - 1][$tob[0]] = strtolower(trim($SortDirection)) == 'desc' ? 'desc' : 'asc';
         }
         $currDir = dirname(__FILE__) . '/hooks';
         // path to hooks folder
         $uff = "{$currDir}/{$this->TableName}.filters.{$mi['username']}.php";
         // user-specific filter file
         $gff = "{$currDir}/{$this->TableName}.filters.{$mi['group']}.php";
         // group-specific filter file
         $tff = "{$currDir}/{$this->TableName}.filters.php";
         // table-specific filter file
         /*
         	if no explicit filter file exists, look for filter files in the hooks folder in this order:
         		1. tablename.filters.username.php ($uff)
         		2. tablename.filters.groupname.php ($gff)
         		3. tablename.filters.php ($tff)
         */
         if (!is_file($this->FilterPage)) {
             $this->FilterPage = 'defaultFilters.php';
             if (is_file($uff)) {
                 $this->FilterPage = $uff;
             } elseif (is_file($gff)) {
                 $this->FilterPage = $gff;
             } elseif (is_file($tff)) {
                 $this->FilterPage = $tff;
             }
         }
         if ($this->FilterPage != '') {
             ob_start();
             @(include $this->FilterPage);
             $out = ob_get_contents();
             ob_end_clean();
             $this->HTML .= $out;
         }
         // hidden variables ....
         $this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden" />';
         $this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '" />';
         $this->HTML .= '<input name="FirstRecord" type="hidden" value="1" />';
         $this->ContentType = 'filters';
         return;
     } elseif ($NoFilter_x != '') {
         // clear all filters ...
         for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             $FilterField[$i] = '';
             $FilterOperator[$i] = '';
             $FilterValue[$i] = '';
         }
         $DisplayRecords = 'all';
         $SearchString = '';
         $FirstRecord = 1;
         // clear filterers
         foreach ($this->filterers as $filterer => $caption) {
             $_REQUEST['filterer_' . $filterer] = '';
         }
     } elseif ($SelectedID) {
         $this->hideTV();
     }
     // apply lookup filterers to the query
     foreach ($this->filterers as $filterer => $caption) {
         if ($_REQUEST['filterer_' . $filterer] != '') {
             if ($this->QueryWhere == '') {
                 $this->QueryWhere = "where ";
             } else {
                 $this->QueryWhere .= " and ";
             }
             $this->QueryWhere .= "`{$this->TableName}`.`{$filterer}`='" . makeSafe($_REQUEST['filterer_' . $filterer]) . "' ";
             break;
             // currently, only one filterer can be applied at a time
         }
     }
     // apply quick search to the query
     if ($SearchString != '') {
         if ($Search_x != '') {
             $FirstRecord = 1;
         }
         if ($this->QueryWhere == '') {
             $this->QueryWhere = "where ";
         } else {
             $this->QueryWhere .= " and ";
         }
         foreach ($this->QueryFieldsQS as $fName => $fCaption) {
             if (strpos($fName, '<img') === False) {
                 $this->QuerySearchableFields[$fName] = $fCaption;
             }
         }
         $this->QueryWhere .= '(' . implode(" LIKE '%" . makeSafe($SearchString) . "%' or ", array_keys($this->QuerySearchableFields)) . " LIKE '%" . makeSafe($SearchString) . "%')";
     }
     // set query filters
     $QueryHasWhere = 0;
     if (strpos($this->QueryWhere, 'where ') !== FALSE) {
         $QueryHasWhere = 1;
     }
     $WhereNeedsClosing = 0;
     for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i += $FiltersPerGroup) {
         // Number of filters allowed
         // test current filter group
         $GroupHasFilters = 0;
         for ($j = 0; $j < $FiltersPerGroup; $j++) {
             if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) {
                 $GroupHasFilters = 1;
                 break;
             }
         }
         if ($GroupHasFilters) {
             if (!stristr($this->QueryWhere, "where ")) {
                 $this->QueryWhere = "where (";
             } elseif ($QueryHasWhere) {
                 $this->QueryWhere .= " and (";
                 $QueryHasWhere = 0;
             }
             $this->QueryWhere .= " <FilterGroup> " . $FilterAnd[$i] . " (";
             for ($j = 0; $j < $FiltersPerGroup; $j++) {
                 if ($FilterField[$i + $j] != '' && $this->QueryFieldsIndexed[$FilterField[$i + $j]] != '' && $FilterOperator[$i + $j] != '' && ($FilterValue[$i + $j] != '' || strpos($FilterOperator[$i + $j], 'empty'))) {
                     if ($FilterAnd[$i + $j] == '') {
                         $FilterAnd[$i + $j] = 'and';
                     }
                     // test for date/time fields
                     $tries = 0;
                     $isDateTime = FALSE;
                     $isDate = FALSE;
                     $fieldName = str_replace('`', '', $this->QueryFieldsIndexed[$FilterField[$i + $j]]);
                     list($tn, $fn) = explode('.', $fieldName);
                     while (!($res = sql("show columns from `{$tn}` like '{$fn}'", $eo)) && $tries < 2) {
                         $tn = substr($tn, 0, -1);
                         $tries++;
                     }
                     if ($row = @db_fetch_array($res)) {
                         if ($row['Type'] == 'date' || $row['Type'] == 'time') {
                             $isDateTime = TRUE;
                             if ($row['Type'] == 'date') {
                                 $isDate = True;
                             }
                         }
                     }
                     // end of test
                     if ($FilterOperator[$i + $j] == 'is-empty' && !$isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "='' or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'is-not-empty' && !$isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!='' </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'is-empty' && $isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "=0 or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'is-not-empty' && $isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!=0 </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'not-like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " not like '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
                     } elseif ($isDate) {
                         $dateValue = toMySQLDate($FilterValue[$i + $j]);
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '{$dateValue}' </FilterItem>";
                     } else {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $GLOBALS['filter_operators'][$FilterOperator[$i + $j]] . " '" . makeSafe($FilterValue[$i + $j]) . "' </FilterItem>";
                     }
                 }
             }
             $this->QueryWhere .= ") </FilterGroup>";
             $WhereNeedsClosing = 1;
         }
     }
     if ($WhereNeedsClosing) {
         $this->QueryWhere .= ")";
     }
     // set query sort
     if (!stristr($this->QueryOrder, "order by ") && $SortField != '' && $this->AllowSorting) {
         $actualSortField = $SortField;
         foreach ($this->SortFields as $fieldNum => $fieldSort) {
             $actualSortField = str_replace(" {$fieldNum} ", " {$fieldSort} ", " {$actualSortField} ");
             $actualSortField = str_replace(",{$fieldNum} ", ",{$fieldSort} ", " {$actualSortField} ");
         }
         $this->QueryOrder = "order by {$actualSortField} {$SortDirection}";
     }
     // clean up query
     $this->QueryWhere = str_replace('( <FilterGroup> and ', '( ', $this->QueryWhere);
     $this->QueryWhere = str_replace('( <FilterGroup> or ', '( ', $this->QueryWhere);
     $this->QueryWhere = str_replace('( <FilterItem> and ', '( ', $this->QueryWhere);
     $this->QueryWhere = str_replace('( <FilterItem> or ', '( ', $this->QueryWhere);
     $this->QueryWhere = str_replace('<FilterGroup>', '', $this->QueryWhere);
     $this->QueryWhere = str_replace('</FilterGroup>', '', $this->QueryWhere);
     $this->QueryWhere = str_replace('<FilterItem>', '', $this->QueryWhere);
     $this->QueryWhere = str_replace('</FilterItem>', '', $this->QueryWhere);
     // if no 'order by' clause found, apply default sorting if specified
     if ($this->DefaultSortField != '' && $this->QueryOrder == '') {
         $this->QueryOrder = "order by " . $this->DefaultSortField . " " . $this->DefaultSortDirection;
     }
     // get count of matching records ...
     $TempQuery = 'SELECT count(1) from ' . $this->QueryFrom . ' ' . $this->QueryWhere;
     $RecordCount = sqlValue($TempQuery);
     $FieldCountTV = count($this->QueryFieldsTV);
     $FieldCountCSV = count($this->QueryFieldsCSV);
     $FieldCountFilters = count($this->QueryFieldsFilters);
     if (!$RecordCount) {
         $FirstRecord = 1;
     }
     // Output CSV on request
     if ($CSV_x != '') {
         $this->HTML = '';
         if (datalist_db_encoding == 'UTF-8') {
             $this->HTML = "";
         }
         // BOM characters for UTF-8 output
         // execute query for CSV output
         $fieldList = '';
         foreach ($this->QueryFieldsCSV as $fn => $fc) {
             $fieldList .= "{$fn} as `{$fc}`, ";
         }
         $fieldList = substr($fieldList, 0, -2);
         $csvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
         // hook: table_csv
         if (function_exists($this->TableName . '_csv')) {
             $args = array();
             $mq = call_user_func_array($this->TableName . '_csv', array($csvQuery, $mi, &$args));
             $csvQuery = $mq ? $mq : $csvQuery;
         }
         $result = sql($csvQuery, $eo);
         // output CSV field names
         for ($i = 0; $i < $FieldCountCSV; $i++) {
             $this->HTML .= "\"" . db_field_name($result, $i) . "\"" . $this->CSVSeparator;
         }
         $this->HTML .= "\n\n";
         // output CSV data
         while ($row = db_fetch_row($result)) {
             for ($i = 0; $i < $FieldCountCSV; $i++) {
                 $this->HTML .= "\"" . str_replace(array("\r\n", "\r", "\n", '"'), array(' ', ' ', ' ', '""'), strip_tags($row[$i])) . "\"" . $this->CSVSeparator;
             }
             $this->HTML .= "\n\n";
         }
         $this->HTML = str_replace($this->CSVSeparator . "\n\n", "\n", $this->HTML);
         $this->HTML = substr($this->HTML, 0, -1);
         // clean any output buffers
         while (@ob_end_clean()) {
         }
         // output CSV HTTP headers ...
         header('HTTP/1.1 200 OK');
         header('Date: ' . @date("D M j G:i:s T Y"));
         header('Last-Modified: ' . @date("D M j G:i:s T Y"));
         header("Content-Type: application/force-download");
         header("Content-Length: " . (string) strlen($this->HTML));
         header("Content-Transfer-Encoding: Binary");
         header("Content-Disposition: attachment; filename={$this->TableName}.csv");
         // send output and quit script
         echo $this->HTML;
         exit;
     }
     $t = time();
     // just a random number for any purpose ...
     // should SelectedID be reset on clicking TV buttons?
     $resetSelection = $this->SeparateDV ? "document.myform.SelectedID.value = '';" : "document.myform.writeAttribute('novalidate', 'novalidate');";
     if ($current_view == 'DV' && !$Embedded) {
         $this->HTML .= '<div class="page-header">';
         $this->HTML .= '<h1>';
         $this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>';
         $this->HTML .= '</h1>';
         $this->HTML .= '</div>';
     }
     // quick search and TV action buttons
     if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV) {
         $buttons_all = $quick_search_html = '';
         if ($Print_x == '') {
             // display 'Add New' icon
             if ($this->Permissions[1] && $this->SeparateDV) {
                 $buttons_all .= '<button type="submit" id="addNew" name="addNew_x" value="1" class="btn btn-success"><i class="glyphicon glyphicon-plus-sign"></i> ' . $Translation['Add New'] . '</button>';
                 $buttonsCount++;
             }
             // display Print icon
             if ($this->AllowPrinting) {
                 $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Print_x" id="Print" value="1" class="btn btn-default"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print Preview'] . '</button>';
                 $buttonsCount++;
             }
             // display CSV icon
             if ($this->AllowCSV) {
                 $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="CSV_x" id="CSV" value="1" class="btn btn-default"><i class="glyphicon glyphicon-download-alt"></i> ' . $Translation['CSV'] . '</button>';
                 $buttonsCount++;
             }
             // display Filter icon
             if ($this->AllowFilters) {
                 $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="Filter_x" id="Filter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-filter"></i> ' . $Translation['filter'] . '</button>';
                 $buttonsCount++;
             }
             // display Show All icon
             if ($this->AllowFilters) {
                 $buttons_all .= '<button onClick="document.myform.NoDV.value=1; ' . $resetSelection . ' return true;" type="submit" name="NoFilter_x" id="NoFilter" value="1" class="btn btn-default"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Reset Filters'] . '</button>';
                 $buttonsCount++;
             }
             $quick_search_html .= '<div class="input-group" id="quick-search">';
             $quick_search_html .= '<input type="text" name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" class="form-control" placeholder="' . htmlspecialchars($this->QuickSearchText) . '">';
             $quick_search_html .= '<span class="input-group-btn">';
             $quick_search_html .= '<button name="Search_x" value="1" id="Search" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;"  class="btn btn-default" title="' . htmlspecialchars($this->QuickSearchText) . '"><i class="glyphicon glyphicon-search"></i></button>';
             $quick_search_html .= '<button name="NoFilter_x" value="1" id="NoFilter_x" type="submit" onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;"  class="btn btn-default" title="' . htmlspecialchars($Translation['Reset Filters']) . '"><i class="glyphicon glyphicon-remove-circle"></i></button>';
             $quick_search_html .= '</span>';
             $quick_search_html .= '</div>';
         } else {
             $buttons_all .= '<button class="btn btn-primary" type="button" id="sendToPrinter" onClick="window.print();"><i class="glyphicon glyphicon-print"></i> ' . $Translation['Print'] . '</button>';
             $buttons_all .= '<button class="btn btn-default" type="submit"><i class="glyphicon glyphicon-remove-circle"></i> ' . $Translation['Cancel Printing'] . '</button>';
         }
         /* if user can print DV, add action to 'More' menu */
         $selected_records_more = array();
         if ($AllowPrintDV) {
             $selected_records_more[] = array('function' => $this->SeparateDV ? 'print_multiple_dv_sdv' : 'print_multiple_dv_tvdv', 'title' => $Translation['Print Preview Detail View'], 'icon' => 'print');
         }
         /* if user can mass-delete selected records, add action to 'More' menu */
         if ($this->AllowMassDelete && $this->AllowDelete) {
             $selected_records_more[] = array('function' => 'mass_delete', 'title' => $Translation['Delete'], 'icon' => 'trash', 'class' => 'text-danger');
         }
         /* if user is admin, add 'Change owner' action to 'More' menu */
         /* also, add help link for adding more actions */
         if ($mi['admin']) {
             $selected_records_more[] = array('function' => 'mass_change_owner', 'title' => $Translation['Change owner'], 'icon' => 'user');
             $selected_records_more[] = array('function' => 'add_more_actions_link', 'title' => $Translation['Add more actions'], 'icon' => 'question-sign', 'class' => 'text-info');
         }
         /* user-defined actions ... should be set in the {tablename}_batch_actions() function in hooks/{tablename}.php */
         $user_actions = array();
         if (function_exists($this->TableName . '_batch_actions')) {
             $args = array();
             $user_actions = call_user_func_array($this->TableName . '_batch_actions', array(&$args));
             if (is_array($user_actions) && count($user_actions)) {
                 $selected_records_more = array_merge($selected_records_more, $user_actions);
             }
         }
         $actual_more_count = 0;
         $more_menu = $more_menu_js = '';
         if (count($selected_records_more)) {
             $more_menu .= '<button type="button" class="btn btn-default dropdown-toggle" data-toggle="dropdown" id="selected_records_more"><i class="glyphicon glyphicon-check"></i> ' . $Translation['More'] . ' <span class="caret"></span></button>';
             $more_menu .= '<ul class="dropdown-menu" role="menu">';
             foreach ($selected_records_more as $action) {
                 if (!$action['function'] || !$action['title']) {
                     continue;
                 }
                 $action['class'] = !isset($action['class']) ? '' : $action['class'];
                 $action['icon'] = !isset($action['icon']) ? '' : $action['icon'];
                 $actual_more_count++;
                 $more_menu .= '<li>' . '<a href="#" id="selected_records_' . $action['function'] . '">' . '<span class="' . $action['class'] . '">' . ($action['icon'] ? '<i class="glyphicon glyphicon-' . $action['icon'] . '"></i> ' : '') . $action['title'] . '</span>' . '</a>' . '</li>';
                 // on clicking an action, call its js handler function, passing the current table name and an array of selected IDs to it
                 $more_menu_js .= "jQuery('[id=selected_records_{$action['function']}]').click(function(){ {$action['function']}('{$this->TableName}', get_selected_records_ids()); return false; });";
             }
             $more_menu .= '</ul>';
         }
         if ($Embedded) {
             $this->HTML .= '<script>$j(function(){ $j(\'[id^=notification-]\').parent().css({\'margin-top\': \'15px\', \'margin-bottom\': \'0\'}); })</script>';
         } else {
             $this->HTML .= '<div class="page-header">';
             $this->HTML .= '<h1>';
             $this->HTML .= '<div class="row">';
             $this->HTML .= '<div class="col-sm-8">';
             $this->HTML .= '<a style="text-decoration: none; color: inherit;" href="' . $this->TableName . '_view.php"><img src="' . $this->TableIcon . '"> ' . $this->TableTitle . '</a>';
             $this->HTML .= '</div>';
             if ($this->QuickSearch) {
                 $this->HTML .= '<div class="col-sm-4">';
                 $this->HTML .= $quick_search_html;
                 $this->HTML .= '</div>';
             }
             $this->HTML .= '</div>';
             $this->HTML .= '</h1>';
             $this->HTML .= '</div>';
             $this->HTML .= '<div id="top_buttons" class="hidden-print">';
             /* .all_records: container for buttons that don't need a selection */
             /* .selected_records: container for buttons that need a selection */
             $this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg all_records pull-left">' . $buttons_all . '</div>';
             $this->HTML .= '<div class="btn-group btn-group-lg visible-md visible-lg selected_records hidden pull-left hspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>';
             $this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm all_records">' . $buttons_all . '</div>';
             $this->HTML .= '<div class="btn-group-vertical btn-group-lg visible-xs visible-sm selected_records hidden vspacer-lg">' . $buttons_selected . ($actual_more_count ? $more_menu : '') . '</div>';
             $this->HTML .= '<div class="clearfix"></div><p></p>';
             $this->HTML .= '</div>';
         }
         if ($Print_x != '') {
             /* fix top margin for print-preview */
             $this->HTML .= '<style>body{ padding-top: 0 !important; }</style>';
             /* disable links inside table body to prevent printing their href */
             $this->HTML .= '<script>jQuery(function(){ jQuery("tbody a").removeAttr("href").removeAttr("rel"); });</script>';
         }
         // script for focusing into the search box on loading the page
         // and for declaring record action handlers
         $this->HTML .= '<script>jQuery(function(){ jQuery("input[name=SearchString]").focus();  ' . $more_menu_js . ' });</script>';
     }
     // begin table and display table title
     if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV && !$Embedded) {
         $this->HTML .= '<div class="table-responsive"><table class="table table-striped table-bordered table-hover">';
         $this->HTML .= '<thead><tr>';
         if (!$Print_x) {
             $this->HTML .= '<th style="width: 18px;" class="text-center"><input class="hidden-print" type="checkbox" title="' . htmlspecialchars($Translation['Select all records']) . '" id="select_all_records"></th>';
         }
         // Templates
         if ($this->Template != '') {
             $rowTemplate = @implode('', @file('./' . $this->Template));
             if (!$rowTemplate) {
                 $rowTemplate = '';
                 $selrowTemplate = '';
             } else {
                 if ($this->SelectedTemplate != '') {
                     $selrowTemplate = @implode('', @file('./' . $this->SelectedTemplate));
                     if (!$selrowTemplate) {
                         $selrowTemplate = '';
                     }
                 } else {
                     $selrowTemplate = '';
                 }
             }
         } else {
             $rowTemplate = '';
             $selrowTemplate = '';
         }
         // process translations
         if ($rowTemplate) {
             foreach ($Translation as $symbol => $trans) {
                 $rowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $rowTemplate);
             }
         }
         if ($selrowTemplate) {
             foreach ($Translation as $symbol => $trans) {
                 $selrowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $selrowTemplate);
             }
         }
         // End of templates
         // $this->ccffv: map $FilterField values to field captions as stored in ColCaption
         $this->ccffv = array();
         foreach ($this->ColCaption as $captionIndex => $caption) {
             $ffv = 1;
             foreach ($this->QueryFieldsFilters as $uselessKey => $filterCaption) {
                 if ($caption == $filterCaption) {
                     $this->ccffv[$captionIndex] = $ffv;
                 }
                 $ffv++;
             }
         }
         // display table headers
         $totalColWidth = array_sum($this->ColWidth);
         $forceHeaderWidth = false;
         if ($rowTemplate == '' || $this->ShowTableHeader) {
             for ($i = 0; $i < count($this->ColCaption); $i++) {
                 /* Sorting icon and link */
                 $sort1 = $sort2 = $filterHint = '';
                 if ($this->AllowSorting == 1) {
                     if ($current_view != 'TVP') {
                         $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection=asc&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='asc'; document.myform.SortField.value = '" . $this->ColNumber[$i] . "'; document.myform.submit(); return false;\" class=\"TableHeader\">";
                         $sort2 = "</a>";
                     }
                     if ($this->ColNumber[$i] == $SortField) {
                         $SortDirection = $SortDirection == "asc" ? "desc" : "asc";
                         if ($current_view != 'TVP') {
                             $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection={$SortDirection}&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value = " . $this->ColNumber[$i] . "; document.myform.submit(); return false;\" class=\"TableHeader\">";
                         }
                         $sort2 = " <i class=\"text-warning glyphicon glyphicon-sort-by-attributes" . ($SortDirection == 'desc' ? '' : '-alt') . "\"></i>{$sort2}";
                         $SortDirection = $SortDirection == "asc" ? "desc" : "asc";
                     }
                 } else {
                     $sort1 = '';
                     $sort2 = '';
                 }
                 /* Filtering icon and hint */
                 if ($this->AllowFilters && is_array($FilterField)) {
                     // check to see if there is any filter applied on the current field
                     if (isset($this->ccffv[$i]) && in_array($this->ccffv[$i], $FilterField)) {
                         // render filter icon
                         $filterHint = '&nbsp;<button type="submit" class="btn btn-default btn-xs' . ($current_view == 'TVP' ? ' disabled' : '') . '" name="Filter_x" value="1" title="' . htmlspecialchars($Translation['filtered field']) . '"><i class="glyphicon glyphicon-filter"></i></button>';
                     }
                 }
                 $this->HTML .= "\t<th class=\"{$this->TableName}-{$this->ColFieldName[$i]}\" " . ($forceHeaderWidth ? ' style="width: ' . ($this->ColWidth[$i] ? $this->ColWidth[$i] : 100) . 'px;"' : '') . ">{$sort1}{$this->ColCaption[$i]}{$sort2}{$filterHint}</th>\n";
             }
         } else {
             // Display a Sort by drop down
             $this->HTML .= "\t<th><td colspan=" . (count($this->ColCaption) + 1) . ">";
             if ($this->AllowSorting == 1) {
                 $sortCombo = new Combo();
                 for ($i = 0; $i < count($this->ColCaption); $i++) {
                     $sortCombo->ListItem[] = $this->ColCaption[$i];
                     $sortCombo->ListData[] = $this->ColNumber[$i];
                 }
                 $sortCombo->SelectName = "FieldsList";
                 $sortCombo->SelectedData = $SortField;
                 $sortCombo->Class = 'TableBody';
                 $sortCombo->SelectedClass = 'TableBodySelected';
                 $sortCombo->Render();
                 $d = $sortCombo->HTML;
                 $d = str_replace('<select ', "<select onChange=\"document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value=document.myform.FieldsList.value; document.myform.NoDV.value=1; document.myform.submit();\" ", $d);
                 if ($SortField) {
                     $SortDirection = $SortDirection == "desc" ? "asc" : "desc";
                     $sort = "<a href=\"javascript: document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value='{$SortField}'; document.myform.submit();\" class=TableHeader><img src={$SortDirection}.gif border=0 width=11 height=11 hspace=3></a>";
                     $SortDirection = $SortDirection == "desc" ? "asc" : "desc";
                 } else {
                     $sort = '';
                 }
                 $this->HTML .= $Translation['order by'] . " {$d} {$sort}";
             }
             $this->HTML .= "</td></th>\n";
         }
         // table view navigation code ...
         if ($RecordCount && $this->AllowNavigation && $RecordCount > $this->RecordsPerPage) {
             while ($FirstRecord > $RecordCount) {
                 $FirstRecord -= $this->RecordsPerPage;
             }
             if ($FirstRecord == '' || $FirstRecord < 1) {
                 $FirstRecord = 1;
             }
             if ($Previous_x != '') {
                 $FirstRecord -= $this->RecordsPerPage;
                 if ($FirstRecord <= 0) {
                     $FirstRecord = 1;
                 }
             } elseif ($Next_x != '') {
                 $FirstRecord += $this->RecordsPerPage;
                 if ($FirstRecord > $RecordCount) {
                     $FirstRecord = $RecordCount - $RecordCount % $this->RecordsPerPage + 1;
                 }
                 if ($FirstRecord > $RecordCount) {
                     $FirstRecord = $RecordCount - $this->RecordsPerPage + 1;
                 }
                 if ($FirstRecord <= 0) {
                     $FirstRecord = 1;
                 }
             }
         } elseif ($RecordCount) {
             $FirstRecord = 1;
             $this->RecordsPerPage = 2000;
             // a limit on max records in print preview to avoid performance drops
         }
         // end of table view navigation code
         $this->HTML .= "\n\t</tr>\n\n</thead>\n\n<tbody><!-- tv data below -->\n";
         $i = 0;
         $hc = new CI_Input();
         $hc->charset = datalist_db_encoding;
         if ($RecordCount) {
             $i = $FirstRecord;
             // execute query for table view
             $fieldList = '';
             foreach ($this->QueryFieldsTV as $fn => $fc) {
                 $fieldList .= "{$fn} as `{$fc}`, ";
             }
             $fieldList = substr($fieldList, 0, -2);
             if ($this->PrimaryKey) {
                 $fieldList .= ", {$this->PrimaryKey} as '" . str_replace('`', '', $this->PrimaryKey) . "'";
             }
             $tvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
             $result = sql($tvQuery . " limit " . ($i - 1) . ",{$this->RecordsPerPage}", $eo);
             while (($row = db_fetch_array($result)) && $i < $FirstRecord + $this->RecordsPerPage) {
                 $attr_id = htmlspecialchars($row[$FieldCountTV], ENT_QUOTES, 'iso-8859-1');
                 /* pk value suitable for inserting into html tag attributes */
                 $js_id = addslashes($row[$FieldCountTV]);
                 /* pk value suitable for inserting into js strings */
                 $alt = ($i - $FirstRecord) % 2;
                 if (($PrintTV || $Print_x) && count($_POST['record_selector']) && !in_array($row[$FieldCountTV], $_POST['record_selector'])) {
                     continue;
                 }
                 $class = "TableBody" . ($alt ? 'Selected' : '') . ($fNumeric ? 'Numeric' : '');
                 if ($Print_x != '') {
                     $this->HTML .= '<tr>';
                 }
                 if (!$Print_x) {
                     $this->HTML .= $SelectedID == $row[$FieldCountTV] ? '<tr class="active">' : '<tr>';
                     $checked = is_array($_POST['record_selector']) && in_array($row[$FieldCountTV], $_POST['record_selector']) ? ' checked' : '';
                     $this->HTML .= "<td class=\"text-center\"><input class=\"hidden-print record_selector\" type=\"checkbox\" id=\"record_selector_{$attr_id}\" name=\"record_selector[]\" value=\"{$attr_id}\"{$checked}></td>";
                 }
                 // templates
                 if ($rowTemplate != '') {
                     if ($this->AllowSelection == 1 && $SelectedID == $row[$FieldCountTV] && $selrowTemplate != '') {
                         $rowTemp = $selrowTemplate;
                     } else {
                         $rowTemp = $rowTemplate;
                     }
                     if ($this->AllowSelection == 1 && $SelectedID != $row[$FieldCountTV]) {
                         $rowTemp = str_replace('<%%SELECT%%>', "<a onclick=\"document.myform.SelectedField.value=this.parentNode.cellIndex; document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" class=\"{$class}\" style=\"display: block; padding:0px;\">", $rowTemp);
                         $rowTemp = str_replace('<%%ENDSELECT%%>', '</a>', $rowTemp);
                     } else {
                         $rowTemp = str_replace('<%%SELECT%%>', '', $rowTemp);
                         $rowTemp = str_replace('<%%ENDSELECT%%>', '', $rowTemp);
                     }
                     for ($j = 0; $j < $FieldCountTV; $j++) {
                         $fieldTVCaption = current(array_slice($this->QueryFieldsTV, $j, 1));
                         $fd = $hc->xss_clean(nl2br($row[$j]));
                         /* Sanitize output against XSS attacks */
                         /*
                         	the TV template could contain field placeholders in the format 
                         	<%%FIELD_n%%> or <%%VALUE(Field name)%%> 
                         */
                         $rowTemp = str_replace("<%%FIELD_{$j}%%>", thisOr($fd), $rowTemp);
                         $rowTemp = str_replace("<%%VALUE({$fieldTVCaption})%%>", thisOr($fd), $rowTemp);
                         if (strpos($rowTemp, "<%%YOUTUBETHUMB({$fieldTVCaption})%%>") !== false) {
                             $rowTemp = str_replace("<%%YOUTUBETHUMB({$fieldTVCaption})%%>", thisOr(get_embed('youtube', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp);
                         }
                         if (strpos($rowTemp, "<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>") !== false) {
                             $rowTemp = str_replace("<%%GOOGLEMAPTHUMB({$fieldTVCaption})%%>", thisOr(get_embed('googlemap', $fd, '', '', 'thumbnail_url'), 'blank.gif'), $rowTemp);
                         }
                         if (thisOr($fd) == '&nbsp;' && preg_match('/<a href=".*?&nbsp;.*?<\\/a>/i', $rowTemp, $m)) {
                             $rowTemp = str_replace($m[0], '', $rowTemp);
                         }
                     }
                     if ($alt && $SelectedID != $row[$FieldCountTV]) {
                         $rowTemp = str_replace("TableBody", "TableBodySelected", $rowTemp);
                         $rowTemp = str_replace("TableBodyNumeric", "TableBodySelectedNumeric", $rowTemp);
                         $rowTemp = str_replace("SelectedSelected", "Selected", $rowTemp);
                     }
                     if ($SearchString != '') {
                         $rowTemp = highlight($SearchString, $rowTemp);
                     }
                     $this->HTML .= $rowTemp;
                     $rowTemp = '';
                 } else {
                     // end of templates
                     for ($j = 0; $j < $FieldCountTV; $j++) {
                         $fType = db_field_type($result, $j);
                         $fNumeric = stristr($fType, 'int') || stristr($fType, 'float') || stristr($fType, 'decimal') || stristr($fType, 'numeric') || stristr($fType, 'real') || stristr($fType, 'double') ? true : false;
                         if ($this->AllowSelection == 1) {
                             $sel1 = "<a href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" onclick=\"document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" class=\"{$class}\" style=\"padding:0px;\">";
                             $sel2 = "</a>";
                         } else {
                             $sel1 = '';
                             $sel2 = '';
                         }
                         $this->HTML .= "<td valign=top class={$class}><div class={$class}>&nbsp;{$sel1}" . $row[$j] . "{$sel2}&nbsp;</div></td>";
                     }
                 }
                 $this->HTML .= "</tr>\n";
                 $i++;
             }
             $i--;
         }
         $this->HTML = preg_replace("/<a href=\"(mailto:)?&nbsp;[^\n]*title=\"&nbsp;\"><\\/a>/", '&nbsp;', $this->HTML);
         $this->HTML = preg_replace("/<a [^>]*>(&nbsp;)*<\\/a>/", '&nbsp;', $this->HTML);
         $this->HTML = preg_replace("/<%%.*%%>/U", '&nbsp;', $this->HTML);
         // end of data
         $this->HTML .= '<!-- tv data above -->';
         $this->HTML .= "\n</tbody>";
         if ($Print_x == '') {
             // TV
             $pagesMenu = '';
             if ($RecordCount > $this->RecordsPerPage) {
                 $pagesMenuId = "{$this->TableName}_pagesMenu";
                 $pagesMenu = $Translation['go to page'] . ' <select class="input-sm" id="' . $pagesMenuId . '" onChange="document.myform.writeAttribute(\'novalidate\', \'novalidate\'); document.myform.NoDV.value=1; document.myform.FirstRecord.value=(this.value * ' . $this->RecordsPerPage . '+1); document.myform.submit();">';
                 $pagesMenu .= '</select>';
                 $pagesMenu .= '<script>';
                 $pagesMenu .= 'var lastPage = ' . (ceil($RecordCount / $this->RecordsPerPage) - 1) . ';';
                 $pagesMenu .= 'var currentPage = ' . ($FirstRecord - 1) / $this->RecordsPerPage . ';';
                 $pagesMenu .= 'var pagesMenu = document.getElementById("' . $pagesMenuId . '");';
                 $pagesMenu .= 'var lump = ' . datalist_max_page_lump . ';';
                 $pagesMenu .= 'if(lastPage <= lump * 3){';
                 $pagesMenu .= '  addPageNumbers(0, lastPage);';
                 $pagesMenu .= '}else{';
                 $pagesMenu .= '  addPageNumbers(0, lump - 1);';
                 $pagesMenu .= '  if(currentPage < lump) addPageNumbers(lump, currentPage + lump / 2);';
                 $pagesMenu .= '  if(currentPage >= lump && currentPage < (lastPage - lump)){';
                 $pagesMenu .= '    addPageNumbers(';
                 $pagesMenu .= '      Math.max(currentPage - lump / 2, lump),';
                 $pagesMenu .= '      Math.min(currentPage + lump / 2, lastPage - lump - 1)';
                 $pagesMenu .= '    );';
                 $pagesMenu .= '  }';
                 $pagesMenu .= '  if(currentPage >= (lastPage - lump)) addPageNumbers(currentPage - lump / 2, lastPage - lump - 1);';
                 $pagesMenu .= '  addPageNumbers(lastPage - lump, lastPage);';
                 $pagesMenu .= '}';
                 $pagesMenu .= 'function addPageNumbers(fromPage, toPage){';
                 $pagesMenu .= '  var ellipsesIndex = 0;';
                 $pagesMenu .= '  if(fromPage > toPage) return;';
                 $pagesMenu .= '  if(fromPage > 0){';
                 $pagesMenu .= '    if(pagesMenu.options[pagesMenu.options.length - 1].text != fromPage){';
                 $pagesMenu .= '      ellipsesIndex = pagesMenu.options.length;';
                 $pagesMenu .= '      fromPage--;';
                 $pagesMenu .= '    }';
                 $pagesMenu .= '  }';
                 $pagesMenu .= '  for(i = fromPage; i <= toPage; i++){';
                 $pagesMenu .= '    var option = document.createElement("option");';
                 $pagesMenu .= '    option.text = (i + 1);';
                 $pagesMenu .= '    option.value = i;';
                 $pagesMenu .= '    if(i == currentPage){ option.selected = "selected"; }';
                 $pagesMenu .= '    try{';
                 $pagesMenu .= '      /* for IE earlier than version 8 */';
                 $pagesMenu .= '      pagesMenu.add(option, pagesMenu.options[null]);';
                 $pagesMenu .= '    }catch(e){';
                 $pagesMenu .= '      pagesMenu.add(option, null);';
                 $pagesMenu .= '    }';
                 $pagesMenu .= '  }';
                 $pagesMenu .= '  if(ellipsesIndex > 0){';
                 $pagesMenu .= '    pagesMenu.options[ellipsesIndex].text = " ... ";';
                 $pagesMenu .= '  }';
                 $pagesMenu .= '}';
                 $pagesMenu .= '</script>';
             }
             $this->HTML .= "\n\t";
             if ($i) {
                 // 1 or more records found
                 $this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>';
                 $this->HTML .= $Translation['records x to y of z'];
                 $this->HTML .= '</td></tr></tfoot>';
             }
             if (!$i) {
                 // no records found
                 $this->HTML .= "<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>';
                 $this->HTML .= '<div class="alert alert-warning">';
                 $this->HTML .= '<i class="glyphicon glyphicon-warning-sign"></i> ';
                 $this->HTML .= $Translation['No matches found!'];
                 $this->HTML .= '</div>';
                 $this->HTML .= '</td></tr></tfoot>';
             }
         } else {
             // TVP
             if ($i) {
                 $this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['records x to y of z'] . '</td></tr></tfoot>';
             }
             if (!$i) {
                 $this->HTML .= "\n\t<tfoot><tr><td colspan=" . (count($this->ColCaption) + 1) . '>' . $Translation['No matches found!'] . '</td></tr></tfoot>';
             }
         }
         $this->HTML = str_replace("<FirstRecord>", number_format($FirstRecord), $this->HTML);
         $this->HTML = str_replace("<LastRecord>", number_format($i), $this->HTML);
         $this->HTML = str_replace("<RecordCount>", number_format($RecordCount), $this->HTML);
         $tvShown = true;
         $this->HTML .= "</table></div>\n";
         if ($Print_x == '' && $i) {
             // TV
             $this->HTML .= '<div class="row">';
             $this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 vspacer-lg">';
             $this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value = 1; return true;" type="submit" name="Previous_x" id="Previous" value="1" class="btn btn-default btn-block"><i class="glyphicon glyphicon-chevron-left"></i> ' . $Translation['Previous'] . '</button>';
             $this->HTML .= '</div>';
             $this->HTML .= '<div class="col-sm-4 col-md-4 col-lg-2 col-md-offset-1 col-lg-offset-3 text-center vspacer-lg">';
             $this->HTML .= $pagesMenu;
             $this->HTML .= '</div>';
             $this->HTML .= '<div class="col-sm-4 col-md-3 col-lg-2 col-md-offset-1 col-lg-offset-3 text-right vspacer-lg">';
             $this->HTML .= '<button onClick="' . $resetSelection . ' document.myform.NoDV.value=1; return true;" type="submit" name="Next_x" id="Next" value="1" class="btn btn-default btn-block">' . $Translation['Next'] . ' <i class="glyphicon glyphicon-chevron-right"></i></button>';
             $this->HTML .= '</div>';
             $this->HTML .= '</div>';
         }
     }
     /* that marks the end of the TV table */
     // hidden variables ....
     foreach ($this->filterers as $filterer => $caption) {
         if ($_REQUEST['filterer_' . $filterer] != '') {
             $this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />";
             break;
             // currently, only one filterer can be applied at a time
         }
     }
     $this->HTML .= '<input name="SortField" value="' . $SortField . '" type="hidden">';
     $this->HTML .= '<input name="SelectedID" value="' . htmlspecialchars($SelectedID, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">';
     $this->HTML .= '<input name="SelectedField" value="" type="hidden">';
     $this->HTML .= '<input name="SortDirection" type="hidden" value="' . $SortDirection . '">';
     $this->HTML .= '<input name="FirstRecord" type="hidden" value="' . $FirstRecord . '">';
     $this->HTML .= '<input name="NoDV" type="hidden" value="">';
     $this->HTML .= '<input name="PrintDV" type="hidden" value="">';
     if ($this->QuickSearch && !strpos($this->HTML, 'SearchString')) {
         $this->HTML .= '<input name="SearchString" type="hidden" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '">';
     }
     // hidden variables: filters ...
     $FiltersCode = '';
     for ($i = 1; $i <= datalist_filters_count * $FiltersPerGroup; $i++) {
         // Number of filters allowed
         if ($i % $FiltersPerGroup == 1 && $i != 1 && $FilterAnd[$i] != '') {
             $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
         }
         if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strpos($FilterOperator[$i], 'empty'))) {
             if (!strstr($FiltersCode, "<input name=\"FilterAnd[{$i}]\" value=")) {
                 $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
             }
             $FiltersCode .= "<input name=\"FilterField[{$i}]\" value=\"{$FilterField[$i]}\" type=\"hidden\">\n";
             $FiltersCode .= "<input name=\"FilterOperator[{$i}]\" value=\"{$FilterOperator[$i]}\" type=\"hidden\">\n";
             $FiltersCode .= "<input name=\"FilterValue[{$i}]\" value=\"" . htmlspecialchars($FilterValue[$i], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\">\n";
         }
     }
     $FiltersCode .= "<input name=\"DisplayRecords\" value=\"{$DisplayRecords}\" type=\"hidden\" />";
     $this->HTML .= $FiltersCode;
     // display details form ...
     if (($this->AllowSelection || $this->AllowInsert || $this->AllowUpdate || $this->AllowDelete) && $Print_x == '' && !$PrintDV) {
         if ($this->SeparateDV && $this->HideTableView || !$this->SeparateDV) {
             $dvCode = call_user_func("{$this->TableName}_form", $SelectedID, $this->AllowUpdate, $this->HideTableView && $SelectedID ? 0 : $this->AllowInsert, $this->AllowDelete, $this->SeparateDV);
             $this->HTML .= "\n\t<div class=\"panel panel-default detail_view\">{$dvCode}</div>";
             $this->HTML .= $this->SeparateDV ? '<input name="SearchString" value="' . htmlspecialchars($SearchString, ENT_QUOTES, 'iso-8859-1') . '" type="hidden">' : '';
             if ($dvCode) {
                 $this->ContentType = 'detailview';
                 $dvShown = true;
             }
         }
     }
     // display multiple printable detail views
     if ($PrintDV) {
         $dvCode = '';
         $_POST['dvprint_x'] = $_GET['dvprint_x'] = $_REQUEST['dvprint_x'] = 1;
         // hidden vars
         foreach ($this->filterers as $filterer => $caption) {
             if ($_REQUEST['filterer_' . $filterer] != '') {
                 $this->HTML .= "<input name=\"filterer_{$filterer}\" value=\"" . htmlspecialchars($_REQUEST['filterer_' . $filterer], ENT_QUOTES, 'iso-8859-1') . "\" type=\"hidden\" />";
                 break;
                 // currently, only one filterer can be applied at a time
             }
         }
         // count selected records
         $selectedRecords = 0;
         if (is_array($_POST['record_selector'])) {
             foreach ($_POST['record_selector'] as $id) {
                 $selectedRecords++;
                 $this->HTML .= '<input type="hidden" name="record_selector[]" value="' . htmlspecialchars($id, ENT_QUOTES, 'iso-8859-1') . '">' . "\n";
             }
         }
         if ($selectedRecords && $selectedRecords <= datalist_max_records_dv_print) {
             // if records selected > {datalist_max_records_dv_print} don't show DV preview to avoid db performance issues.
             foreach ($_POST['record_selector'] as $id) {
                 $dvCode .= call_user_func($this->TableName . '_form', $id, 0, 0, 0, 1);
             }
             if ($dvCode != '') {
                 $dvCode = preg_replace('/<input .*?type="?image"?.*?>/', '', $dvCode);
                 $this->HTML .= $dvCode;
             }
         } else {
             $this->HTML .= error_message($Translation['Maximum records allowed to enable this feature is'] . ' ' . datalist_max_records_dv_print);
             $this->HTML .= '<input type="submit" class="print-button" value="' . $Translation['Print Preview Table View'] . '">';
         }
     }
     $this->HTML .= "</form>";
     $this->HTML .= '</div><div class="col-xs-1 md-hidden lg-hidden"></div></div>';
     // $this->HTML .= '<font face="garamond">'.htmlspecialchars($tvQuery).'</font>';  // uncomment this line for debugging the table view query
     if ($dvShown && $tvShown) {
         $this->ContentType = 'tableview+detailview';
     }
     if ($dvprint_x != '') {
         $this->ContentType = 'print-detailview';
     }
     if ($Print_x != '') {
         $this->ContentType = 'print-tableview';
     }
     if ($PrintDV != '') {
         $this->ContentType = 'print-detailview';
     }
     // call detail view javascript hook file if found
     $dvJSHooksFile = dirname(__FILE__) . '/hooks/' . $this->TableName . '-dv.js';
     if (is_file($dvJSHooksFile) && ($this->ContentType == 'detailview' || $this->ContentType == 'tableview+detailview')) {
         $this->HTML .= "\n<script src=\"hooks/{$this->TableName}-dv.js\"></script>\n";
     }
 }
Ejemplo n.º 5
0
 }
 if ($type != "Server") {
     $server = 0;
 }
 if (!$type) {
     $errormessage = "You must choose a type for the issue";
 }
 if (!$title) {
     $errormessage = "A title is required summarising the issue";
 }
 if ($errormessage) {
     $action = "manage";
 } else {
     $startdate = toMySQLDate($startdate);
     if ($enddate) {
         $enddate = toMySQLDate($enddate);
     } else {
         $enddate = "NULL";
     }
     $updatearray = array("startdate" => $startdate, "enddate" => $enddate, "title" => $title, "description" => html_entity_decode($description), "type" => $type, "server" => $server, "affecting" => $affecting, "priority" => $priority, "status" => $status, "lastupdate" => "now()");
     if ($id) {
         update_query("tblnetworkissues", $updatearray, array("id" => $id));
         run_hook("NetworkIssueEdit", array_merge(array("id" => $id), $updatearray));
         if ($status == "Resolved") {
             run_hook("NetworkIssueClose", array("id" => $id));
         }
     } else {
         $nwid = insert_query("tblnetworkissues", $updatearray);
         run_hook("NetworkIssueAdd", array_merge(array("id" => $nwid), $updatearray));
     }
     redir();
Ejemplo n.º 6
0
         $recurringamount += $domainemailforwardingprice;
     }
     if ($idprotection) {
         $recurringamount += $domainidprotectionprice;
     }
     if ($promoid) {
         $recurringamount -= recalcPromoAmount("D." . $domainparts[1], $userid, $id, $regperiod . "Years", $recurringamount, $promoid);
     }
 }
 if (!$olddonotrenew && $donotrenew) {
     disableAutoRenew($id);
 }
 $table = "tbldomains";
 $array = array("registrationdate" => toMySQLDate($regdate), "domain" => $domain, "firstpaymentamount" => $firstpaymentamount, "recurringamount" => $recurringamount, "paymentmethod" => $paymentmethod, "registrar" => $registrar, "registrationperiod" => $regperiod, "expirydate" => toMySQLDate($expirydate), "nextduedate" => toMySQLDate($nextduedate), "subscriptionid" => $subscriptionid, "promoid" => $promoid, "additionalnotes" => $additionalnotes, "status" => $status, "dnsmanagement" => $dnsmanagement, "emailforwarding" => $emailforwarding, "idprotection" => $idprotection, "donotrenew" => $donotrenew);
 if ($oldnextduedate != $nextduedate) {
     $array['nextinvoicedate'] = toMySQLDate($nextduedate);
 }
 $where = array("id" => $id);
 update_query($table, $array, $where);
 logActivity("Domain Modified - User ID: " . $userid . " - Domain ID: " . $id, $userid);
 if ($additionaldomainfield) {
     $domainparts = explode(".", $domain, 2);
     $tld = "." . $domainparts[1];
     $tempdomainfields = $additionaldomainfields[$tld];
     foreach ($tempdomainfields as $key => $value) {
         $key = $value['Name'];
         $value = $additionaldomainfield[$key];
         $table = "tbldomainsadditionalfields";
         $where = array("domainid" => $id, "name" => $key);
         $result = select_query($table, "COUNT(*)", $where);
         $data = mysql_fetch_array($result);
    $todate = getTodaysDate();
}
$reportdata["headertext"] = "<form method=\"post\" action=\"{$PHP_SELF}?" . (isset($_REQUEST['module']) ? 'module=' . $_REQUEST['module'] . '&' : '') . "report={$report}&currencyid={$currencyid}&calculate=true\"><center>Staff Name: <select name=\"staffid\"><option value=\"0\">- Any -</option>";
$result = select_query("tbladmins", "id,CONCAT(firstname,' ',lastname)", "", "firstname", "ASC");
while ($data = mysql_fetch_array($result)) {
    $reportdata["headertext"] .= "<option value=\"" . $data[0] . "\"" . ($data[0] == $staffid ? " selected" : "") . ">" . $data[1] . "</option>";
}
$reportdata["headertext"] .= "</select> &nbsp;&nbsp;&nbsp; Start Date: <input type=\"text\" name=\"fromdate\" value=\"{$fromdate}\" class=\"datepick\" /> &nbsp;&nbsp;&nbsp; End Date: <input type=\"text\" name=\"todate\" value=\"{$todate}\" class=\"datepick\" /> &nbsp;&nbsp;&nbsp; <input type=\"submit\" value=\"Generate Report\" /></form>";
$reportdata["tableheadings"][] = "Ticket ID";
$reportdata["tableheadings"][] = "Staff Name";
$reportdata["tableheadings"][] = "Subject";
$reportdata["tableheadings"][] = "Feedback Left";
$reportdata["tableheadings"][] = "Rating";
$reportdata["tableheadings"][] = "Comments";
$reportdata["tableheadings"][] = "IP Address";
$result = select_query("tblticketfeedback", "tblticketfeedback.*,(SELECT CONCAT(firstname,' ',lastname) FROM tbladmins WHERE tbladmins.id=tblticketfeedback.adminid) AS adminname,(SELECT CONCAT(tid,'|||',title) FROM tbltickets WHERE tbltickets.id=tblticketfeedback.ticketid) AS ticketinfo", "datetime>='" . toMySQLDate($fromdate) . "' AND datetime<='" . toMySQLDate($todate . ' 23:59:59') . "'" . ($staffid ? " AND adminid=" . (int) $staffid : ""), "datetime", "ASC");
while ($data = mysql_fetch_array($result)) {
    $id = $data['id'];
    $ticketid = $data['ticketid'];
    $ticketinfo = $data['ticketinfo'];
    $adminid = $data['adminid'];
    $adminname = $data['adminname'];
    $rating = $data['rating'];
    $comments = $data['comments'];
    $datetime = $data['datetime'];
    $ip = $data['ip'];
    if ($adminid == 0) {
        $adminname = 'Generic Feedback';
    } elseif (!trim($adminname)) {
        $adminname = 'Deleted Admin';
    }
Ejemplo n.º 8
0
<form method="post" action="reports.php?report={$report}">
<table align="center">
<tr><td>Date From:</td><td><input type="text" name="datefrom" value="{$datefrom}" class="datepick" /></td><td width="20"></td><td>Date To:</td><td><input type="text" name="dateto" value="{$dateto}" class="datepick" /></td><td width="20"></td><td><input type="submit" value="Submit" /></tr>
</table>
</form>
EOF;
$reportdata["tableheadings"] = array("Coupon Code", "Discount Type", "Value", "Recurring", "Notes", "Usage Count", "Total Revenue");
$i = 0;
$result = select_query("tblpromotions", "", "", "code", "ASC");
while ($data = mysql_fetch_array($result)) {
    $code = $data["code"];
    $type = $data["type"];
    $value = $data["value"];
    $recurring = $data["recurring"];
    $notes = $data["notes"];
    $rowcount = $rowtotal = 0;
    $reportdata["drilldown"][$i]["tableheadings"] = array("Order ID", "Order Date", "Order Number", "Order Total", "Order Status");
    $result2 = select_query("tblorders", "", "promocode='" . db_escape_string($code) . "' AND date>='" . toMySQLDate($datefrom) . "' AND date<='" . toMySQLDate($dateto) . "'", "id", "ASC");
    while ($data = mysql_fetch_array($result2)) {
        $orderid = $data['id'];
        $ordernum = $data['ordernum'];
        $orderdate = $data['date'];
        $ordertotal = $data['amount'];
        $orderstatus = $data['status'];
        $rowcount++;
        $rowtotal += $ordertotal;
        $reportdata["drilldown"][$i]["tablevalues"][] = array('<a href="orders.php?action=view&id=' . $orderid . '">' . $orderid . '</a>', fromMySQLDate($orderdate), $ordernum, $ordertotal, $orderstatus);
    }
    $reportdata["tablevalues"][$i] = array($code, $type, $value, $recurring, $notes, $rowcount, format_as_currency($rowtotal));
    $i++;
}
Ejemplo n.º 9
0
 $where = array();
 if ($show == "received") {
     $where[] = "tblaccounts.amountin>0";
 } else {
     if ($show == "sent") {
         $where[] = "tblaccounts.amountout>0";
     }
 }
 if ($amount) {
     $where[] = "(tblaccounts.amountin='" . db_escape_string($amount) . "' OR tblaccounts.amountout='" . db_escape_string($amount) . "')";
 }
 if ($startdate) {
     $where[] = "tblaccounts.date>='" . toMySQLDate($startdate) . " 00:00:00'";
 }
 if ($enddate) {
     $where[] = "tblaccounts.date<='" . toMySQLDate($enddate) . " 23:59:59'";
 }
 if (!$startdate && !$enddate) {
     if ($within == "week") {
         $lastweek = date("Ymd", mktime(0, 0, 0, date("m"), date("d") - 7, date("Y")));
         $where[] = "tblaccounts.date>=" . $lastweek;
     } else {
         if ($within == "month") {
             $lastmonth = date("Ymd", mktime(0, 0, 0, date("m") - 1, date("d"), date("Y")));
             $where[] = "tblaccounts.date>=" . $lastmonth;
         } else {
             if ($within == "year") {
                 $lastyear = date("Ymd", mktime(0, 0, 0, date("m"), date("d"), date("Y") - 1));
                 $where[] = "tblaccounts.date>=" . $lastyear;
             }
         }
 function Render()
 {
     // get post and get variables
     global $Translation;
     $FiltersPerGroup = 4;
     if ($_SERVER['REQUEST_METHOD'] == 'GET') {
         $SortField = $_GET["SortField"];
         $SortDirection = $_GET["SortDirection"];
         $FirstRecord = $_GET["FirstRecord"];
         $ScrollUp_y = $_GET["ScrollUp_y"];
         $ScrollDn_y = $_GET["ScrollDn_y"];
         $Previous_x = $_GET["Previous_x"];
         $Next_x = $_GET["Next_x"];
         $Filter_x = $_GET["Filter_x"];
         $SaveFilter_x = $_GET["SaveFilter_x"];
         $NoFilter_x = $_GET["NoFilter_x"];
         $CancelFilter = $_GET["CancelFilter"];
         $ApplyFilter = $_GET["ApplyFilter"];
         $Search_x = $_GET["Search_x"];
         $SearchString = get_magic_quotes_gpc() ? stripslashes($_GET['SearchString']) : $_GET['SearchString'];
         $CSV_x = $_GET["CSV_x"];
         $FilterAnd = $_GET["FilterAnd"];
         $FilterField = $_GET["FilterField"];
         $FilterOperator = $_GET["FilterOperator"];
         if (is_array($_GET['FilterValue'])) {
             foreach ($_GET['FilterValue'] as $fvi => $fv) {
                 $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
             }
         }
         $Print_x = $_GET["Print_x"];
         $SelectedID = get_magic_quotes_gpc() ? stripslashes($_GET['SelectedID']) : $_GET['SelectedID'];
         $insert_x = $_GET["insert_x"];
         $update_x = $_GET["update_x"];
         $delete_x = $_GET["delete_x"];
         $SkipChecks = $_GET['confirmed'];
         $deselect_x = $_GET["deselect_x"];
         $addNew_x = $_GET["addNew_x"];
         $dvprint_x = $_GET['dvprint_x'];
     } else {
         $SortField = $_POST["SortField"];
         $SortDirection = $_POST["SortDirection"];
         $FirstRecord = $_POST["FirstRecord"];
         $ScrollUp_y = $_POST["ScrollUp_y"];
         $ScrollDn_y = $_POST["ScrollDn_y"];
         $Previous_x = $_POST["Previous_x"];
         $Next_x = $_POST["Next_x"];
         $Filter_x = $_POST["Filter_x"];
         $SaveFilter_x = $_POST["SaveFilter_x"];
         $NoFilter_x = $_POST["NoFilter_x"];
         $CancelFilter = $_POST["CancelFilter"];
         $ApplyFilter = $_POST["ApplyFilter"];
         $Search_x = $_POST["Search_x"];
         $SearchString = get_magic_quotes_gpc() ? stripslashes($_POST['SearchString']) : $_POST['SearchString'];
         $CSV_x = $_POST["CSV_x"];
         $FilterAnd = $_POST['FilterAnd'];
         $FilterField = $_POST['FilterField'];
         $FilterOperator = $_POST['FilterOperator'];
         if (is_array($_POST['FilterValue'])) {
             foreach ($_POST['FilterValue'] as $fvi => $fv) {
                 $FilterValue[$fvi] = get_magic_quotes_gpc() ? stripslashes($fv) : $fv;
             }
         }
         $Print_x = $_POST['Print_x'];
         $PrintTV = $_POST['PrintTV'];
         $PrintDV = $_POST['PrintDV'];
         $SelectedID = get_magic_quotes_gpc() ? stripslashes($_POST['SelectedID']) : $_POST['SelectedID'];
         $insert_x = $_POST['insert_x'];
         $update_x = $_POST['update_x'];
         $delete_x = $_POST['delete_x'];
         $SkipChecks = $_POST['confirmed'];
         $deselect_x = $_POST['deselect_x'];
         $addNew_x = $_POST['addNew_x'];
         $dvprint_x = $_POST['dvprint_x'];
     }
     // insure authenticity of user inputs:
     if (!$this->AllowDelete) {
         $delete_x = "";
     }
     if (!$this->AllowDeleteOfParents) {
         $SkipChecks = "";
     }
     if (!$this->AllowInsert) {
         $insert_x = "";
         $addNew_x = "";
     }
     if (!$this->AllowUpdate) {
         $update_x = "";
     }
     if (!$this->AllowFilters) {
         $Filter_x = "";
     }
     if (!$this->AllowPrinting) {
         $Print_x = '';
         $PrintDV = '';
         $PrintTV = '';
     }
     if (!$this->AllowPrintingMultiSelection) {
         $PrintDV = '';
         $PrintTV = '';
     }
     if (!$this->QuickSearch) {
         $SearchString = "";
     }
     if (!$this->AllowCSV) {
         $CSV_x = "";
     }
     // enforce record selection if user has edit/delete permissions on the current table
     $AllowPrintDV = 1;
     $this->Permissions = getTablePermissions($this->TableName);
     if ($this->Permissions[3] || $this->Permissions[4]) {
         // current user can edit or delete?
         $this->AllowSelection = 1;
     } elseif (!$this->AllowSelection) {
         $SelectedID = '';
         $AllowPrintDV = 0;
         $PrintDV = '';
     }
     if (!$this->AllowSelection || !$SelectedID) {
         $dvprint_x = '';
     }
     $this->QueryFieldsIndexed = reIndex($this->QueryFieldsFilters);
     $this->HTML .= '<form method="post" name="myform" action="' . $this->ScriptFileName . '">';
     $this->HTML .= '<input type="submit" style="position: absolute; left: 0px; top: -100px;" onclick="return false;">';
     $this->ContentType = 'tableview';
     // default content type
     // handle user commands ...
     if ($PrintTV != '') {
         $Print_x = 1;
         $_POST['Print_x'] = 1;
     }
     if ($deselect_x != '') {
         $SelectedID = '';
         $this->showTV();
     } elseif ($insert_x != '') {
         $SelectedID = call_user_func($this->TableName . '_insert');
         // redirect to a safe url to avoid refreshing and thus
         // insertion of duplicate records.
         // compose filters and sorting
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if ($FilterField[$i] != "" && $FilterOperator[$i] != "" && ($FilterValue[$i] != "" || strstr($FilterOperator[$i], 'Empty'))) {
                 $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
             }
         }
         $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}";
         $filtersGET = substr($filtersGET, 1);
         // remove initial &
         if ($this->RedirectAfterInsert != "") {
             if (strpos($this->RedirectAfterInsert, '?')) {
                 $this->RedirectAfterInsert .= '&record-added-ok=' . rand();
             } else {
                 $this->RedirectAfterInsert .= '?record-added-ok=' . rand();
             }
             if (strpos($this->RedirectAfterInsert, $this->ScriptFileName) !== false) {
                 $this->RedirectAfterInsert .= '&' . $filtersGET;
             }
             $this->HTML .= "<META HTTP-EQUIV=\"Refresh\" CONTENT=\"0;url=" . str_replace("#ID#", urlencode($SelectedID), $this->RedirectAfterInsert) . "\">";
             return;
         } else {
             $this->HTML .= '<META HTTP-EQUIV="Refresh" CONTENT="0;url=' . $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '">';
             return;
         }
     } elseif ($delete_x != "") {
         $d = call_user_func($this->TableName . '_delete', $SelectedID, $this->AllowDeleteOfParents, $SkipChecks);
         if ($d) {
             $this->HTML .= "<div class=Error>" . $Translation['error:'] . " {$d}</div>";
         } else {
             $SelectedID = "";
             $this->showTV();
         }
     } elseif ($update_x != "") {
         call_user_func($this->TableName . '_update', $SelectedID);
         // compose filters and sorting
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if ($FilterField[$i] != "" && $FilterOperator[$i] != "" && ($FilterValue[$i] != "" || strstr($FilterOperator[$i], 'Empty'))) {
                 $filtersGET .= "&FilterAnd[{$i}]={$FilterAnd[$i]}&FilterField[{$i}]={$FilterField[$i]}&FilterOperator[{$i}]={$FilterOperator[$i]}&FilterValue[{$i}]=" . urlencode($FilterValue[$i]);
             }
         }
         $filtersGET .= "&SortField={$SortField}&SortDirection={$SortDirection}&FirstRecord={$FirstRecord}";
         $filtersGET = substr($filtersGET, 1);
         // remove initial &
         $this->HTML .= '<META HTTP-EQUIV="Refresh" CONTENT="0;url=' . $this->ScriptFileName . '?SelectedID=' . urlencode($SelectedID) . '&' . $filtersGET . '&record-updated-ok=' . rand() . '">';
         return;
     } elseif ($addNew_x != "") {
         $SelectedID = '';
         $this->hideTV();
     } elseif ($Print_x != "") {
         // print code here ....
         $this->AllowNavigation = 0;
         $this->AllowSelection = 0;
     } elseif ($SaveFilter_x != "" && $this->AllowSavingFilters) {
         $this->HTML .= "<table width=550 border=0 align=center><tr><td class=TableTitle>" . $Translation["saved filters title"] . "</td></tr>";
         $this->HTML .= "\n\t<tr><td class=TableHeader>" . $Translation["saved filters instructions"] . "</td></tr>";
         $this->HTML .= "\n\t<tr><td class=TableHeader><textarea cols=60 rows=12 wrap=off>";
         $SourceCode = "<html><body>\n";
         $SourceCode .= '<form method="post" action="' . $_SERVER['HTTP_REFERER'] . '">' . "\n";
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             if ($i % $FiltersPerGroup == 1 && $i != 1 && $FilterAnd[$i] != "") {
                 $SourceCode .= "\t<input name=FilterAnd[{$i}] value='{$FilterAnd[$i]}' type=hidden>\n";
             }
             if ($FilterField[$i] != "" && $FilterOperator[$i] != "" && ($FilterValue[$i] != "" || strstr($FilterOperator[$i], 'Empty'))) {
                 if (!strstr($SourceCode, "\t<input name=FilterAnd[{$i}] value=")) {
                     $SourceCode .= "\t<input name=FilterAnd[{$i}] value='{$FilterAnd[$i]}' type=hidden>\n";
                 }
                 $SourceCode .= "\t<input name=FilterField[{$i}] value='{$FilterField[$i]}' type=hidden>\n";
                 $SourceCode .= "\t<input name=FilterOperator[{$i}] value='{$FilterOperator[$i]}' type=hidden>\n";
                 $SourceCode .= "\t<input name=FilterValue[{$i}] value='" . htmlspecialchars($FilterValue[$i], ENT_QUOTES) . "' type=hidden>\n\n";
             }
         }
         $SourceCode .= "\n\t<input type=submit value=\"Show Filtered Data\">\n";
         $SourceCode .= "</form>\n</body></html>";
         $this->HTML .= $SourceCode;
         $this->HTML .= "</textarea>";
         $this->HTML .= "<br /><input type=submit value=\"" . $Translation["hide code"] . "\">";
         $this->HTML .= "\n\t</table>\n\n";
     } elseif ($Filter_x != "") {
         if ($this->FilterPage != "") {
             ob_start();
             @(include $this->FilterPage);
             $out = ob_get_contents();
             ob_end_clean();
             $this->HTML .= $out;
         } else {
             // filter page code here .....
             $this->HTML .= '<table border="0" align="center"><tr><td colspan="4" class="TableTitle">' . $this->TableTitle . " " . $Translation['filters'] . "</td></tr>";
             $this->HTML .= "\n\t<tr><td class=\"TableHeader\"></td><td class=\"TableHeader\">" . $Translation['filtered field'] . '</td><td class="TableHeader">' . $Translation['comparison operator'] . '</td><td class="TableHeader">' . $Translation['comparison value'] . '</td></tr>';
             $this->HTML .= "\n\t<tr><td colspan=\"4\" class=\"TableHeader\"></td></tr>";
             for ($i = 1; $i <= 3 * $FiltersPerGroup; $i++) {
                 // Number of filters allowed
                 $fields = "";
                 $operators = "";
                 if ($i % $FiltersPerGroup == 1 && $i != 1) {
                     $this->HTML .= "\n\t<tr><td colspan=4 class=TableHeader></td></tr>";
                     $this->HTML .= "\n\t<tr><td colspan=4 align=center>";
                     $seland = new Combo();
                     $seland->ListItem = array($Translation["or"], $Translation["and"]);
                     $seland->ListData = array("or", "and");
                     $seland->SelectName = "FilterAnd[{$i}]";
                     $seland->SelectedData = $FilterAnd[$i];
                     $seland->Render();
                     $this->HTML .= $seland->HTML . "</td></tr>";
                     $this->HTML .= "\n\t<tr><td colspan=4 class=TableHeader></td></tr>";
                 }
                 $this->HTML .= "\n\t<tr><td class=TableHeader style='text-align:left;'>&nbsp;" . $Translation["filter"] . sprintf("%02d", $i) . " ";
                 // And, Or select
                 if ($i % $FiltersPerGroup != 1) {
                     $seland = new Combo();
                     $seland->ListItem = array($Translation["and"], $Translation["or"]);
                     $seland->ListData = array("and", "or");
                     $seland->SelectName = "FilterAnd[{$i}]";
                     $seland->SelectedData = $FilterAnd[$i];
                     $seland->Render();
                     $this->HTML .= $seland->HTML . "</td>";
                 } else {
                     $this->HTML .= "</td>";
                 }
                 // Fields list
                 $selfields = new Combo();
                 $selfields->SelectName = "FilterField[{$i}]";
                 $selfields->SelectedData = $FilterField[$i];
                 $selfields->ListItem = array_values($this->QueryFieldsFilters);
                 $selfields->ListData = array_keys($this->QueryFieldsIndexed);
                 $selfields->Render();
                 $this->HTML .= "\n\t\t<td>{$selfields->HTML}</td>";
                 // Operators list
                 $selop = new Combo();
                 $selop->ListItem = array($Translation["equal to"], $Translation["not equal to"], $Translation["greater than"], $Translation["greater than or equal to"], $Translation["less than"], $Translation["less than or equal to"], $Translation["like"], $Translation["not like"], $Translation["is empty"], $Translation["is not empty"]);
                 $selop->ListData = array("<=>", "!=", ">", ">=", "<", "<=", "like", "not like", "isEmpty", "isNotEmpty");
                 $selop->SelectName = "FilterOperator[{$i}]";
                 $selop->SelectedData = $FilterOperator[$i];
                 $selop->Render();
                 $this->HTML .= "\n\t\t<td>{$selop->HTML}</td>";
                 // Comparison expression
                 $this->HTML .= "\n\t\t<td><input size=25 type=text name=FilterValue[{$i}] value=\"" . htmlspecialchars($FilterValue[$i], ENT_QUOTES) . "\" class=TextBox></td></tr>";
                 if (!$i % $FiltersPerGroup) {
                     $this->HTML .= "\n\t<tr><td colspan=4 class=TableHeader></td></tr>";
                 }
             }
             $this->HTML .= "\n\t<tr><td colspan=4 class=TableHeader></td></tr>";
             $this->HTML .= "\n\t<tr><td colspan=4 align=right><input type=image src=applyFilters.gif alt='" . $Translation["apply filters"] . "'>" . ($this->AllowSavingFilters ? " &nbsp; <input type=image src=save_search.gif alt='" . $Translation["save filters"] . "' name=SaveFilter>" : "") . "</td></tr>";
             $this->HTML .= "\n</table>";
         }
         // hidden variables ....
         $this->HTML .= "<input name=SortField value='" . (is_numeric($SortField) ? $SortField : $SortFieldNumeric) . "' type=hidden>";
         $this->HTML .= "<input name=SortDirection type=hidden value='{$SortDirection}'>";
         $this->HTML .= "<input name=FirstRecord type=hidden value='1'>";
         $this->ContentType = 'filters';
         return;
     } elseif ($NoFilter_x != "") {
         // clear all filters ...
         for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
             // Number of filters allowed
             $FilterField[$i] = "";
             $FilterOperator[$i] = "";
             $FilterValue[$i] = "";
         }
         $SearchString = "";
     } elseif ($SelectedID) {
         $this->hideTV();
     }
     if ($SearchString != '') {
         if ($Search_x != '') {
             $FirstRecord = 1;
         }
         if ($this->QueryWhere == '') {
             $this->QueryWhere = "where ";
         } else {
             $this->QueryWhere .= " and ";
         }
         foreach ($this->QueryFieldsQS as $fName => $fCaption) {
             if (strpos($fName, '<img') === False) {
                 $this->QuerySearchableFields[$fName] = $fCaption;
             }
         }
         $this->QueryWhere .= '(' . implode(" LIKE '%" . makeSafe($SearchString) . "%' or ", array_keys($this->QuerySearchableFields)) . " LIKE '%" . makeSafe($SearchString) . "%')";
     }
     // set query filters
     $QueryHasWhere = 0;
     if (strpos($this->QueryWhere, 'where ') !== FALSE) {
         $QueryHasWhere = 1;
     }
     $WhereNeedsClosing = 0;
     for ($i = 1; $i <= 20 * $FiltersPerGroup; $i += $FiltersPerGroup) {
         // Number of filters allowed
         // test current filter group
         $GroupHasFilters = 0;
         for ($j = 0; $j < $FiltersPerGroup; $j++) {
             if ($FilterField[$i + $j] != "" && $FilterOperator[$i + $j] != "" && ($FilterValue[$i + $j] != "" || strstr($FilterOperator[$i + $j], 'Empty'))) {
                 $GroupHasFilters = 1;
                 break;
             }
         }
         if ($GroupHasFilters) {
             if (!stristr($this->QueryWhere, "where ")) {
                 $this->QueryWhere = "where (";
             } elseif ($QueryHasWhere) {
                 $this->QueryWhere .= " and (";
                 $QueryHasWhere = 0;
             }
             $this->QueryWhere .= " <FilterGroup> " . $FilterAnd[$i] . " (";
             for ($j = 0; $j < $FiltersPerGroup; $j++) {
                 if ($FilterField[$i + $j] != "" && $FilterOperator[$i + $j] != "" && ($FilterValue[$i + $j] != "" || strstr($FilterOperator[$i + $j], 'Empty'))) {
                     if ($FilterAnd[$i + $j] == '') {
                         $FilterAnd[$i + $j] = 'and';
                     }
                     // test for date/time fields
                     $tries = 0;
                     $isDateTime = FALSE;
                     $isDate = FALSE;
                     $fieldName = str_replace('`', '', $this->QueryFieldsIndexed[$FilterField[$i + $j]]);
                     list($tn, $fn) = explode('.', $fieldName);
                     while (!($res = sql("show columns from `{$tn}` like '{$fn}'")) && $tries < 2) {
                         $tn = substr($tn, 0, -1);
                         $tries++;
                     }
                     if ($row = @mysql_fetch_array($res)) {
                         if ($row['Type'] == 'date' || $row['Type'] == 'time') {
                             $isDateTime = TRUE;
                             if ($row['Type'] == 'date') {
                                 $isDate = True;
                             }
                         }
                     }
                     // end of test
                     if ($FilterOperator[$i + $j] == 'isEmpty' && !$isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "='' or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'isNotEmpty' && !$isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!='' </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'isEmpty' && $isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " (" . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "=0 or " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " is NULL) </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'isNotEmpty' && $isDateTime) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . "!=0 </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $FilterOperator[$i + $j] . " '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
                     } elseif ($FilterOperator[$i + $j] == 'not like' && !strstr($FilterValue[$i + $j], "%") && !strstr($FilterValue[$i + $j], "_")) {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $FilterOperator[$i + $j] . " '%" . makeSafe($FilterValue[$i + $j]) . "%' </FilterItem>";
                     } elseif ($isDate) {
                         $dateValue = toMySQLDate($FilterValue[$i + $j]);
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $FilterOperator[$i + $j] . " '{$dateValue}' </FilterItem>";
                     } else {
                         $this->QueryWhere .= " <FilterItem> " . $FilterAnd[$i + $j] . " " . $this->QueryFieldsIndexed[$FilterField[$i + $j]] . " " . $FilterOperator[$i + $j] . " '" . makeSafe($FilterValue[$i + $j]) . "' </FilterItem>";
                     }
                 }
             }
             $this->QueryWhere .= ") </FilterGroup>";
             $WhereNeedsClosing = 1;
         }
     }
     if ($WhereNeedsClosing) {
         $this->QueryWhere .= ")";
     }
     // set query sort
     if (!stristr($this->QueryOrder, "order by ") && $SortField != "" && $this->AllowSorting) {
         $this->QueryOrder = "order by {$SortField} {$SortDirection}";
     }
     // clean up query
     $this->QueryWhere = str_replace("( <FilterGroup> and ", "( ", $this->QueryWhere);
     $this->QueryWhere = str_replace("( <FilterGroup> or ", "( ", $this->QueryWhere);
     $this->QueryWhere = str_replace("( <FilterItem> and ", "( ", $this->QueryWhere);
     $this->QueryWhere = str_replace("( <FilterItem> or ", "( ", $this->QueryWhere);
     $this->QueryWhere = str_replace("<FilterGroup>", "", $this->QueryWhere);
     $this->QueryWhere = str_replace("</FilterGroup>", "", $this->QueryWhere);
     $this->QueryWhere = str_replace("<FilterItem>", "", $this->QueryWhere);
     $this->QueryWhere = str_replace("</FilterItem>", "", $this->QueryWhere);
     // if no 'order by' clause found, apply default sorting if specified
     if ($this->DefaultSortField != "" && $this->QueryOrder == '') {
         $this->QueryOrder = "order by " . $this->DefaultSortField . " " . $this->DefaultSortDirection;
     }
     // get count of matching records ...
     $TempQuery = 'SELECT count(1) from ' . $this->QueryFrom . ' ' . $this->QueryWhere;
     $RecordCount = sqlValue($TempQuery);
     $FieldCountTV = count($this->QueryFieldsTV);
     $FieldCountCSV = count($this->QueryFieldsCSV);
     $FieldCountFilters = count($this->QueryFieldsFilters);
     if (!$RecordCount) {
         $FirstRecord = 1;
     }
     // disable multi-selection if too many records to avoid browser performance issues
     if ($RecordCount > 1000) {
         $this->AllowPrintingMultiSelection = 0;
     }
     // Output CSV on request
     if ($CSV_x != '') {
         $this->HTML = '';
         // execute query for CSV output
         $fieldList = '';
         foreach ($this->QueryFieldsCSV as $fn => $fc) {
             $fieldList .= "{$fn} as `{$fc}`, ";
         }
         $fieldList = substr($fieldList, 0, -2);
         $csvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
         // hook: table_csv
         if (function_exists($this->TableName . '_csv')) {
             $args = array();
             $mq = call_user_func($this->TableName . '_csv', $csvQuery, getMemberInfo(), $args);
             $csvQuery = $mq ? $mq : $csvQuery;
         }
         $result = sql($csvQuery);
         // output CSV field names
         for ($i = 0; $i < $FieldCountCSV; $i++) {
             $this->HTML .= "\"" . mysql_field_name($result, $i) . "\"" . $this->CSVSeparator;
         }
         $this->HTML .= "\n\n";
         // output CSV data
         while ($row = mysql_fetch_row($result)) {
             for ($i = 0; $i < $FieldCountCSV; $i++) {
                 $this->HTML .= "\"" . str_replace(array("\r\n", "\r", "\n", '"'), array(' ', ' ', ' ', '""'), $row[$i]) . "\"" . $this->CSVSeparator;
             }
             $this->HTML .= "\n\n";
         }
         $this->HTML = str_replace($this->CSVSeparator . "\n\n", "\n", $this->HTML);
         $this->HTML = substr($this->HTML, 0, strlen($this->HTML) - 1);
         // clean any output buffers
         while (@ob_end_clean()) {
         }
         // output CSV HTTP headers ...
         header('HTTP/1.1 200 OK');
         header('Date: ' . @date("D M j G:i:s T Y"));
         header('Last-Modified: ' . @date("D M j G:i:s T Y"));
         header("Content-Type: application/force-download");
         header("Content-Lenght: " . (string) strlen($this->HTML));
         header("Content-Transfer-Encoding: Binary");
         header("Content-Disposition: attachment; filename={$this->TableName}.csv");
         // send output and quit script
         echo $this->HTML;
         exit;
     }
     $t = time();
     // just a random number for any purpose ...
     //$this->HTML .= "<font face=garamond>".$this->Query."</font>";  // uncomment this line for debugging
     // should SelectedID be reset on clicking TV buttons?
     $resetSelection = $this->SeparateDV ? "document.myform.SelectedID.value=''; " : '';
     // begin table and display table title
     $this->HTML .= "<table align=center cellspacing=1 cellpadding=0 border=0><tr>\n";
     $this->HTML .= "<td colspan=" . ($FieldCountTV + 2) . ">";
     $sum_width = 0;
     for ($i = 0; $i < count($this->ColWidth); $i++) {
         $sum_width += $this->ColWidth[$i];
     }
     $this->HTML .= "<table" . ($this->HideTableView ? "" : " width=100%") . " cellspacing=0 cellpadding=0 border=0>" . ($dvprint_x && $this->AllowSelection && $SelectedID ? '' : "<tr><td align=left colspan=2><div class=TableTitle>{$this->TableTitle}</div><br /></td></tr>");
     if (!$this->HideTableView && !($dvprint_x && $this->AllowSelection && $SelectedID) && !$PrintDV) {
         $this->HTML .= "<tr>";
         // display tables navigator menu
         if ($Print_x == '') {
             $this->HTML .= "<td align=left>" . NavMenus() . "</td>";
         } else {
             $this->HTML .= "\n<style type=\"text/css\">@media print{.displayOnly {display: none;}}</style>\n";
             if ($this->AllowPrintingMultiSelection) {
                 $withSelected = '' . '<input class="print-button" type="button" id="selectAll" value="' . $Translation['Select all records'] . '" onClick="$(\'toggleAll\').checked=!$(\'toggleAll\').checked; toggleAllRecords();">' . '<span id="withSelected">' . '<input class="print-button" type="submit" name="PrintTV" value="' . $Translation['Print Preview Table View'] . '">' . ($AllowPrintDV ? '<input id="PrintDV" class="print-button" type="submit" name="PrintDV" value="' . $Translation['Print Preview Detail View'] . '">' : '') . '<input class="print-button" type="submit" name="Print_x" value="' . $Translation['Cancel Selection'] . '">' . ' &nbsp;</span>' . '<script>' . 'var countSelected=0; ' . 'document.observe(\'dom:loaded\', function(){ ' . 'setInterval("' . '$(\'withSelected\').style.display=(countSelected ? \'inline\' : \'none\');' . '", 500); ' . '});' . '</script>';
             }
             $this->HTML .= "\n" . '<td colspan="2" class="displayOnly" style="min-width: 65em;"><div>' . '<input class="print-button" type="submit" value="' . $Translation['Cancel Printing'] . '">' . '<input class="print-button" type="button" id="sendToPrinter" value="' . $Translation['Print'] . '" onClick="window.print();">' . $withSelected . '</div></td>' . "\n";
         }
         // display quick search box
         if ($this->QuickSearch > 0 && $this->QuickSearch < 4 && $Print_x == '') {
             if ($this->QuickSearch == 1 || $this->QuickSearch == 2) {
                 $this->HTML .= '</tr><tr>';
             }
             $this->HTML .= "<td><div class=TableBodySelected style='text-align:" . ($this->QuickSearch == 1 ? "left" : ($this->QuickSearch == 2 ? "center" : "right")) . ";'>";
             $this->HTML .= "<nobr><b>" . $this->QuickSearchText . "</b> <input type=text name=SearchString value='" . htmlspecialchars($SearchString, ENT_QUOTES) . "' size=15 class=TextBox>";
             $this->HTML .= "<input onClick=\"{$resetSelection} document.myform.NoDV.value=1;\" align=top border=0 name=Search type=image vspace=2 hspace=2 src=qsearch.gif alt='" . $this->QuickSearchText . "'>";
             $this->HTML .= "</nobr></div></td>";
         }
         $this->HTML .= "</tr>";
         $this->HTML .= "<tr><td colspan=2><div class=\"TableBody\" style=\"text-align:center;\"><nobr>";
         // display 'Add New' icon
         if ($this->Permissions[1] && $this->SeparateDV && $Print_x == '') {
             $this->HTML .= " <input type=image src=addNew.gif name=addNew alt='" . $Translation['add new record'] . "'>";
         }
         // display Print icon
         if ($this->AllowPrinting && $Print_x == '') {
             $this->HTML .= " <input onClick=\"document.myform.NoDV.value=1;\" type=image src=print.gif name=Print alt='" . $Translation["printer friendly view"] . "'>";
         }
         // display CSV icon
         if ($this->AllowCSV && $Print_x == '') {
             $this->HTML .= " <input onClick=\"document.myform.NoDV.value=1;\" type=image src=csv.gif name=CSV alt='" . $Translation["save as csv"] . "'>";
         }
         // display Filter icons
         if ($this->AllowFilters && $Print_x == '') {
             $this->HTML .= " <input onClick=\"document.myform.NoDV.value=1;\" type=image src=search.gif name=Filter alt='" . $Translation["edit filters"] . "'> <input onClick=\"{$resetSelection} document.myform.NoDV.value=1;\" type=image src=cancel_search.gif name=NoFilter alt='" . $Translation["clear filters"] . "'> ";
         }
         $this->HTML .= "</nobr></div></td></tr>";
         $this->HTML .= "<!--</td></tr>--></table></td></tr>";
         $this->HTML .= "<tr><td class=TableHeader>" . ($this->AllowSelection ? "&nbsp;&nbsp;" : "") . "</td>";
         if ($this->AllowPrintingMultiSelection && $Print_x != '') {
             $this->HTML .= '<td class="TableHeader displayOnly" align="left"><input type="checkbox" title="' . $Translation['Select all records'] . '" id="toggleAll" onclick="toggleAllRecords();"></td>';
         }
         // Templates
         if ($this->Template != '') {
             $rowTemplate = @implode('', @file('./' . $this->Template));
             if (!$rowTemplate) {
                 $rowTemplate = '';
                 $selrowTemplate = '';
             } else {
                 if ($this->SelectedTemplate != '') {
                     $selrowTemplate = @implode('', @file('./' . $this->SelectedTemplate));
                     if (!$selrowTemplate) {
                         $selrowTemplate = '';
                     }
                 } else {
                     $selrowTemplate = '';
                 }
             }
         } else {
             $rowTemplate = '';
             $selrowTemplate = '';
         }
         // process translations
         if ($rowTemplate) {
             foreach ($Translation as $symbol => $trans) {
                 $rowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $rowTemplate);
             }
         }
         if ($selrowTemplate) {
             foreach ($Translation as $symbol => $trans) {
                 $selrowTemplate = str_replace("<%%TRANSLATION({$symbol})%%>", $trans, $selrowTemplate);
             }
         }
         // End of templates
         // display table headers
         global $SortFieldNumeric;
         if ($rowTemplate == '' || $this->ShowTableHeader == 1) {
             for ($i = 0; $i < count($this->ColCaption); $i++) {
                 if ($this->AllowSorting == 1) {
                     $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection=asc&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='asc'; document.myform.SortField.value = '" . $this->ColNumber[$i] . "'; document.myform.submit(); return false;\" class=\"TableHeader\">";
                     $sort2 = "</a>";
                     if ($this->ColNumber[$i] == $SortField || $this->ColNumber[$i] == $SortFieldNumeric) {
                         $SortDirection = $SortDirection == "asc" ? "desc" : "asc";
                         $sort1 = "<a href=\"{$this->ScriptFileName}?SortDirection={$SortDirection}&SortField=" . $this->ColNumber[$i] . "\" onClick=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value = " . $this->ColNumber[$i] . "; document.myform.submit(); return false;\" class=\"TableHeader\"><img src=\"{$SortDirection}.gif\" border=\"0\" hspace=\"3\">";
                         $SortDirection = $SortDirection == "asc" ? "desc" : "asc";
                     }
                 } else {
                     $sort1 = '';
                     $sort2 = '';
                 }
                 $this->HTML .= "\t<td valign=top nowrap width='" . ($this->ColWidth[$i] ? $this->ColWidth[$i] : 100) . "' class=TableHeader><div class=TableHeader>{$sort1}" . $this->ColCaption[$i] . "{$sort2}</div></td>\n";
             }
         } else {
             // Display a Sort by drop down
             $this->HTML .= "\t<td valign=top class=TableHeader colspan=" . ($FieldCountTV + 1) . "><div class=TableHeader>";
             if ($this->AllowSorting == 1) {
                 $sortCombo = new Combo();
                 //$sortCombo->ListItem[] = "";
                 //$sortCombo->ListData[] = "";
                 for ($i = 0; $i < count($this->ColCaption); $i++) {
                     $sortCombo->ListItem[] = $this->ColCaption[$i];
                     $sortCombo->ListData[] = $this->ColNumber[$i];
                 }
                 $sortCombo->SelectName = "FieldsList";
                 $sortCombo->SelectedData = is_numeric($SortField) ? $SortField : $SortFieldNumeric;
                 $sortCombo->Class = 'TableBody';
                 $sortCombo->SelectedClass = 'TableBodySelected';
                 $sortCombo->Render();
                 $d = $sortCombo->HTML;
                 $d = str_replace('<select ', "<select onChange=\"document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value=document.myform.FieldsList.value; document.myform.NoDV.value=1; document.myform.submit();\" ", $d);
                 if ($SortField) {
                     $SortDirection = $SortDirection == "desc" ? "asc" : "desc";
                     $sort = "<a href=\"javascript: document.myform.NoDV.value=1; document.myform.SortDirection.value='{$SortDirection}'; document.myform.SortField.value='{$SortField}'; document.myform.submit();\" class=TableHeader><img src={$SortDirection}.gif border=0 width=11 height=11 hspace=3></a>";
                     $SortDirection = $SortDirection == "desc" ? "asc" : "desc";
                 } else {
                     $sort = '';
                 }
                 $this->HTML .= $Translation['order by'] . " {$d} {$sort}";
             }
             $this->HTML .= "</div></td>\n";
         }
         // table view navigation code ...
         if ($RecordCount && $this->AllowNavigation && $RecordCount > $this->RecordsPerPage) {
             while ($FirstRecord > $RecordCount) {
                 $FirstRecord -= $this->RecordsPerPage;
             }
             if ($FirstRecord == "" || $FirstRecord < 1) {
                 $FirstRecord = 1;
             }
             if ($Previous_x != "") {
                 $FirstRecord -= $this->RecordsPerPage;
                 if ($FirstRecord <= 0) {
                     $FirstRecord = 1;
                 }
             } elseif ($Next_x != "") {
                 $FirstRecord += $this->RecordsPerPage;
                 if ($FirstRecord > $RecordCount) {
                     $FirstRecord = $RecordCount - $RecordCount % $this->RecordsPerPage + 1;
                 }
                 if ($FirstRecord > $RecordCount) {
                     $FirstRecord = $RecordCount - $this->RecordsPerPage + 1;
                 }
                 if ($FirstRecord <= 0) {
                     $FirstRecord = 1;
                 }
             } else {
                 // no scrolling action took place :)
             }
         } elseif ($RecordCount) {
             $FirstRecord = 1;
             $this->RecordsPerPage = $RecordCount;
         }
         // end of table view navigation code
         $this->HTML .= "\n\t</tr>\n";
         $this->HTML = "<script>\n\t\t\t\t\tfunction colorize(item, color){\n\t\t\t\t\t\tvar n=item.childNodes.length;\n\t\t\t\t\t\tfor(var i=0; i<n; i++){\n\t\t\t\t\t\t\tif(item.childNodes[i].nodeName=='TD'){\n\t\t\t\t\t\t\t\titem.childNodes[i].style.backgroundColor=color;\n\t\t\t\t\t\t\t\tif(item.childNodes[i].childNodes.length>0){\n\t\t\t\t\t\t\t\t\tif(item.childNodes[i].childNodes[0].nodeName=='A'){\n\t\t\t\t\t\t\t\t\t\titem.childNodes[i].childNodes[0].style.backgroundColor=color;\n\t\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t\t}\n\t\t\t\t\t\t\t}\n\t\t\t\t\t\t}\n\t\t\t\t\t}\n\t\t\t\t</script>" . $this->HTML . '<!-- tv data below -->';
         $i = 0;
         $hc = new HtmlFilter();
         $hc->encoding = 'iso-8859-1';
         $hc->defaultProtocol = '';
         if ($RecordCount) {
             $i = $FirstRecord;
             // execute query for table view
             $fieldList = '';
             foreach ($this->QueryFieldsTV as $fn => $fc) {
                 $fieldList .= "{$fn} as `{$fc}`, ";
             }
             $fieldList = substr($fieldList, 0, -2);
             if ($this->PrimaryKey) {
                 $fieldList .= ", {$this->PrimaryKey} as '" . str_replace('`', '', $this->PrimaryKey) . "'";
             }
             $tvQuery = 'SELECT ' . $fieldList . ' from ' . $this->QueryFrom . ' ' . $this->QueryWhere . ' ' . $this->QueryOrder;
             $result = sql($tvQuery . " limit " . ($i - 1) . ",{$this->RecordsPerPage}");
             while (($row = mysql_fetch_array($result)) && $i < $FirstRecord + $this->RecordsPerPage) {
                 $alt = ($i - $FirstRecord) % 2;
                 if ($PrintTV && $_POST["select_{$row[$FieldCountTV]}"] != 1) {
                     continue;
                 }
                 $class = "TableBody" . ($alt ? "Selected" : "") . ($fNumeric ? "Numeric" : "");
                 $this->HTML .= "\t<tr onMouseOver=\"colorize(this, '" . $this->HighlightColor . "');\" onMouseOut=\"colorize(this, '');\">";
                 $this->HTML .= "<td class={$class} valign=top align=right width=12>" . ($SelectedID == $row[$FieldCountTV] ? "<font color=red>&rArr;</font>" : "&nbsp;") . "</td>";
                 if ($this->AllowPrintingMultiSelection && $Print_x != '') {
                     $this->HTML .= "<td class=\"{$class} displayOnly\" valign=\"top\" align=\"left\" width=\"12\"><input type=\"checkbox\" id=\"select_{$row[$FieldCountTV]}\" name=\"select_{$row[$FieldCountTV]}\" value=\"1\" onclick=\"if(\$('select_{$row[$FieldCountTV]}').checked) countSelected++; else countSelected--;\"></td>";
                     $toggleAllScript .= "\$('select_{$row[$FieldCountTV]}').checked=s;";
                 }
                 // templates
                 if ($rowTemplate != '') {
                     if ($this->AllowSelection == 1 && $SelectedID == $row[$FieldCountTV] && $selrowTemplate != "") {
                         $rowTemp = $selrowTemplate;
                     } else {
                         $rowTemp = $rowTemplate;
                     }
                     if ($this->AllowSelection == 1 && $SelectedID != $row[$FieldCountTV]) {
                         $rowTemp = str_replace('<%%SELECT%%>', "<a onclick=\"document.myform.SelectedField.value=this.parentNode.cellIndex; document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" class=\"{$class}\" style=\"display: block; padding:0px;\">", $rowTemp);
                         $rowTemp = str_replace('<%%ENDSELECT%%>', '</a>', $rowTemp);
                     } else {
                         $rowTemp = str_replace('<%%SELECT%%>', "", $rowTemp);
                         $rowTemp = str_replace('<%%ENDSELECT%%>', '', $rowTemp);
                     }
                     for ($j = 0; $j < $FieldCountTV; $j++) {
                         $fieldTVCaption = current(array_slice($this->QueryFieldsTV, $j, 1));
                         $fd = $hc->clean($row[$j]);
                         /*
                         	the TV template could contain field placeholders in the format 
                         	<%%FIELD_n%%> or <%%VALUE(Field Caption)%%> 
                         */
                         $rowTemp = str_replace("<%%FIELD_{$j}%%>", thisOr($fd), $rowTemp);
                         $rowTemp = str_replace("<%%VALUE({$fieldTVCaption})%%>", thisOr($fd), $rowTemp);
                         if (thisOr($fd) == '&nbsp;' && preg_match('/<a href=".*?&nbsp;.*?<\\/a>/i', $rowTemp, $m)) {
                             $rowTemp = str_replace($m[0], '', $rowTemp);
                         }
                     }
                     if ($alt && $SelectedID != $row[$FieldCountTV]) {
                         $rowTemp = str_replace("TableBody", "TableBodySelected", $rowTemp);
                         $rowTemp = str_replace("TableBodyNumeric", "TableBodySelectedNumeric", $rowTemp);
                         $rowTemp = str_replace("SelectedSelected", "Selected", $rowTemp);
                     }
                     if ($SearchString != '') {
                         $rowTemp = highlight($SearchString, $rowTemp);
                     }
                     $this->HTML .= $rowTemp;
                     $rowTemp = '';
                 } else {
                     // end of templates
                     for ($j = 0; $j < $FieldCountTV; $j++) {
                         $fType = mysql_field_type($result, $j);
                         $fNumeric = stristr($fType, 'int') || stristr($fType, 'float') || stristr($fType, 'decimal') || stristr($fType, 'numeric') || stristr($fType, 'real') || stristr($fType, 'double') ? true : false;
                         if ($this->AllowSelection == 1) {
                             $sel1 = "<a href=\"{$this->ScriptFileName}?SelectedID=" . htmlspecialchars($row[$FieldCountTV], ENT_QUOTES) . "\" onclick=\"document.myform.SelectedID.value='" . addslashes($row[$FieldCountTV]) . "'; document.myform.submit(); return false;\" class=\"{$class}\" style=\"padding:0px;\">";
                             $sel2 = "</a>";
                         } else {
                             $sel1 = "";
                             $sel2 = "";
                         }
                         $this->HTML .= "<td valign=top class={$class}><div class={$class}>&nbsp;{$sel1}" . $row[$j] . "{$sel2}&nbsp;</div></td>";
                     }
                 }
                 $this->HTML .= "</tr>\n";
                 $i++;
             }
             $i--;
         }
         $this->HTML = preg_replace("/<a href=\"(mailto:)?&nbsp;[^\n]*title=\"&nbsp;\"><\\/a>/", '&nbsp;', $this->HTML);
         $this->HTML = preg_replace("/<a [^>]*>(&nbsp;)*<\\/a>/", '&nbsp;', $this->HTML);
         $this->HTML = preg_replace("/<%%.*%%>/U", '&nbsp;', $this->HTML);
         if ($this->ShowRecordSlots) {
             for ($j = $i + 1; $j < $FirstRecord + $this->RecordsPerPage; $j++) {
                 $this->HTML .= "\n\t<tr><td colspan=" . ($FieldCountTV + 1) . "><div class=TableBody>&nbsp;</div></td></tr>";
             }
         }
         // end of data
         $this->HTML .= '<!-- tv data above -->';
         if ($Print_x == "") {
             $pagesMenu = '';
             if ($RecordCount > $this->RecordsPerPage) {
                 $pagesMenu = "<td align=center><div class=TableFooter>" . $Translation['go to page'] . " <select onChange=\"{$resetSelection} document.myform.NoDV.value=1; document.myform.FirstRecord.value=(this.value*" . $this->RecordsPerPage . "+1); document.myform.submit();\">";
                 for ($page = 0; $page < ceil($RecordCount / $this->RecordsPerPage); $page++) {
                     $pagesMenu .= "<option value=\"{$page}\" " . ($FirstRecord == $page * $this->RecordsPerPage + 1 ? 'selected' : '') . ">" . ($page + 1) . "</option>";
                 }
                 $pagesMenu .= '</select></div></td>';
             }
             $totalWidth = array_sum($this->ColWidth);
             $totalWidth = $totalWidth > 750 ? 750 : '100%';
             $this->HTML .= "\n\t<tr><td colspan=" . ($FieldCountTV + 1) . "><table width=100%><tr class=TableFooter><td align=left><input onClick=\"{$resetSelection} document.myform.NoDV.value=1;\" type=image name=Previous src=previousPage.gif></td><td align=center><div class=TableFooter>" . $Translation["records x to y of z"] . "</div></td>{$pagesMenu}<td align=right><input onClick=\"{$resetSelection} document.myform.NoDV.value=1;\" type=image name=Next src=nextPage.gif></td></tr></table></td></tr>";
         } else {
             $this->HTML .= "\n\t<tr><td colspan=" . ($FieldCountTV + 1) . "><nobr><div class=TableFooter>" . $Translation["records x to y of z"] . "</div></nobr></td></tr>";
         }
         $this->HTML = str_replace("<FirstRecord>", $FirstRecord, $this->HTML);
         $this->HTML = str_replace("<LastRecord>", $i, $this->HTML);
         $this->HTML = str_replace("<RecordCount>", $RecordCount, $this->HTML);
         $tvShown = true;
     }
     // hidden variables ....
     $this->HTML .= "<input name=SortField value='{$SortField}' type=hidden>";
     $this->HTML .= "<input name=SelectedID value=\"{$SelectedID}\" type=hidden>";
     $this->HTML .= "<input name=SelectedField value=\"\" type=hidden>";
     $this->HTML .= "<input name=SortDirection type=hidden value='{$SortDirection}'>";
     $this->HTML .= "<input name=FirstRecord type=hidden value='{$FirstRecord}'>";
     $this->HTML .= "<input name=NoDV type=hidden value=''>";
     if ($this->QuickSearch && !strpos($this->HTML, 'SearchString')) {
         $this->HTML .= '<input name="SearchString" type="hidden" value="' . htmlspecialchars($SearchString, ENT_QUOTES) . '">';
     }
     // hidden variables: filters ...
     $FiltersCode = '';
     for ($i = 1; $i <= 20 * $FiltersPerGroup; $i++) {
         // Number of filters allowed
         if ($i % $FiltersPerGroup == 1 && $i != 1 && $FilterAnd[$i] != "") {
             $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
         }
         if ($FilterField[$i] != '' && $FilterOperator[$i] != '' && ($FilterValue[$i] != '' || strstr($FilterOperator[$i], 'Empty'))) {
             if (!strstr($FiltersCode, "<input name=\"FilterAnd[{$i}]\" value=")) {
                 $FiltersCode .= "<input name=\"FilterAnd[{$i}]\" value=\"{$FilterAnd[$i]}\" type=\"hidden\">\n";
             }
             $FiltersCode .= "<input name=\"FilterField[{$i}]\" value=\"{$FilterField[$i]}\" type=\"hidden\">\n";
             $FiltersCode .= "<input name=\"FilterOperator[{$i}]\" value=\"{$FilterOperator[$i]}\" type=\"hidden\">\n";
             $FiltersCode .= "<input name=\"FilterValue[{$i}]\" value=\"" . htmlspecialchars($FilterValue[$i], ENT_QUOTES) . "\" type=\"hidden\">\n";
         }
     }
     $this->HTML .= $FiltersCode;
     // display details form ...
     if (($this->AllowSelection || $this->AllowInsert || $this->AllowUpdate || $this->AllowDelete) && $Print_x == '' && !$PrintDV) {
         if ($this->SeparateDV && $this->HideTableView || !$this->SeparateDV) {
             $dvCode = call_user_func($this->TableName . '_form', $SelectedID, $this->AllowUpdate, $this->HideTableView && $SelectedID ? 0 : $this->AllowInsert, $this->AllowDelete, $this->SeparateDV);
             $this->HTML .= "\n\t<tr><td colspan=" . ($FieldCountTV + 2) . ">{$dvCode}</td></tr>";
             $this->HTML .= $this->SeparateDV ? "<input name=SearchString value='" . htmlspecialchars($SearchString, ENT_QUOTES) . "' type=hidden>" : "";
             if ($dvCode) {
                 $this->ContentType = 'detailview';
                 $dvShown = true;
             }
         }
     }
     // display multiple printable detail views
     if ($PrintDV) {
         $dvCode = '';
         $_POST['dvprint_x'] = 1;
         // hidden vars
         $this->HTML .= '<input type="hidden" name="Print_x" value="1">' . "\n";
         $this->HTML .= '<input type="hidden" name="PrintTV" value="1">' . "\n";
         // count selected records
         $selectedRecords = 0;
         foreach ($_POST as $n => $v) {
             if (strpos($n, 'select_') === 0) {
                 $id = str_replace('select_', '', $n);
                 $selectedRecords++;
                 $this->HTML .= '<input type="hidden" name="select_' . $id . '" value="1">' . "\n";
             }
         }
         if ($selectedRecords <= 100) {
             // if records selected > 100 don't show DV preview to avoid db performance issues.
             foreach ($_POST as $n => $v) {
                 if (strpos($n, 'select_') === 0) {
                     $id = str_replace('select_', '', $n);
                     $dvCode .= call_user_func($this->TableName . '_form', $id, 0, 0, 0, 1);
                 }
             }
             if ($dvCode != '') {
                 $dvCode = preg_replace('/<input .*?type="?image"?.*?>/', '', $dvCode);
                 $this->HTML .= "\n" . '<div class="TableBodySelected displayOnly">' . '<input class="print-button" type="submit" value="' . $Translation['Cancel Printing'] . '">' . '<input class="print-button" type="button" id="sendToPrinter" value="' . $Translation['Print'] . '" onClick="window.print();">' . '</div>' . "\n";
                 $this->HTML .= $dvCode;
             }
         } else {
             $this->HTML .= '<div class="Error">' . $Translation['Maximum records allowed to enable this feature is'] . ' 100.</div>';
             $this->HTML .= '<input type="submit" class="print-button" value="' . $Translation['Print Preview Table View'] . '">';
         }
     }
     $this->HTML .= "</table>\n";
     if ($this->AllowPrintingMultiSelection && $Print_x != '') {
         $this->HTML .= "<script>function toggleAllRecords(){ var s=\$('toggleAll').checked; {$toggleAllScript} if(s) countSelected={$RecordCount}; else countSelected=0; }</script>\n";
     }
     $this->HTML .= "</form></center>";
     if ($dvShown && $tvShown) {
         $this->ContentType = 'tableview+detailview';
     }
     if ($dvprint_x != '') {
         $this->ContentType = 'print-detailview';
     }
     if ($Print_x != '') {
         $this->ContentType = 'print-tableview';
     }
     //mysql_close();
     // Das ist Alles!
 }
Ejemplo n.º 11
0
}
if ($userid) {
    $result = select_query("tblclients", "id", array("id" => $userid));
    $data = mysql_fetch_array($result);
    if (!$data['id']) {
        $apiresults = array("result" => "error", "message" => "Client ID Not Found");
        return null;
    }
}
if ($invoiceid = (int) $_POST['invoiceid']) {
    $query = "SELECT * FROM tblinvoices WHERE id='" . $invoiceid . "'";
    $result = full_query($query);
    $data = mysql_fetch_array($result);
    if (!$data['id']) {
        $apiresults = array("result" => "error", "message" => "Invoice ID Not Found");
        return null;
    }
}
if (!$paymentmethod) {
    $apiresults = array("result" => "error", "message" => "Payment Method is required");
    return null;
}
addTransaction($userid, $currencyid, $description, $amountin, $fees, $amountout, $paymentmethod, $transid, $invoiceid, $date, "", $rate);
if ($userid && $credit) {
    if ($transid) {
        $description .= " (Trans ID: " . $transid . ")";
    }
    insert_query("tblcredit", array("clientid" => $userid, "date" => toMySQLDate($date), "description" => $description, "amount" => $amountin));
    update_query("tblclients", array("credit" => "+=" . $amountin), array("id" => (int) $userid));
}
$apiresults = array("result" => "success");
Ejemplo n.º 12
0
 private function buildCriteria($criteria)
 {
     $filters = array();
     if ($criteria['clientid']) {
         $filters[] = "userid=" . (int) $criteria['clientid'];
     }
     if ($criteria['clientname']) {
         $filters[] = "concat(firstname,' ',lastname) LIKE '%" . db_escape_string($criteria['clientname']) . "%'";
     }
     if ($criteria['invoicenum']) {
         $filters[] = "(tblinvoices.id='" . db_escape_string($criteria['invoicenum']) . "' OR tblinvoices.invoicenum='" . db_escape_string($criteria['invoicenum']) . "')";
     }
     if ($criteria['lineitem']) {
         $filters[] = "tblinvoices.id IN (SELECT invoiceid FROM tblinvoiceitems WHERE description LIKE '%" . db_escape_string($criteria['lineitem']) . "%')";
     }
     if ($criteria['paymentmethod']) {
         $filters[] = "tblinvoices.paymentmethod='" . db_escape_string($criteria['paymentmethod']) . "'";
     }
     if ($criteria['invoicedate']) {
         $filters[] = "tblinvoices.date='" . toMySQLDate($criteria['invoicedate']) . "'";
     }
     if ($criteria['duedate']) {
         $filters[] = "tblinvoices.duedate='" . toMySQLDate($criteria['duedate']) . "'";
     }
     if ($criteria['datepaid']) {
         $filters[] = "tblinvoices.datepaid>='" . toMySQLDate($criteria['datepaid']) . "' AND tblinvoices.datepaid<='" . toMySQLDate($criteria['datepaid']) . "235959'";
     }
     if ($criteria['totalfrom']) {
         $filters[] = "tblinvoices.total>='" . db_escape_string($criteria['totalfrom']) . "'";
     }
     if ($criteria['totalto']) {
         $filters[] = "tblinvoices.total<='" . db_escape_string($criteria['totalto']) . "'";
     }
     if ($criteria['status']) {
         if ($criteria['status'] == "Overdue") {
             $filters[] = "tblinvoices.status='Unpaid' AND tblinvoices.duedate<'" . date("Ymd") . "'";
         } else {
             $filters[] = "tblinvoices.status='" . db_escape_string($criteria['status']) . "'";
         }
     }
     return $filters;
 }
Ejemplo n.º 13
0
function convertQuotetoInvoice($id, $invoicetype, $invoiceduedate, $depositpercent, $depositduedate, $finalduedate, $sendemail)
{
    global $CONFIG;
    global $_LANG;
    $result = select_query("tblquotes", "", array("id" => $id));
    $data = mysql_fetch_array($result);
    $userid = $data['userid'];
    $firstname = $data['firstname'];
    $lastname = $data['lastname'];
    $companyname = $data['companyname'];
    $email = $data['email'];
    $address1 = $data['address1'];
    $address2 = $data['address2'];
    $city = $data['city'];
    $state = $data['state'];
    $postcode = $data['postcode'];
    $country = $data['country'];
    $phonenumber = $data['phonenumber'];
    $currency = $data['currency'];
    if ($userid) {
        getUsersLang($userid);
        $clientsdetails = getClientsDetails($userid);
        $state = $clientsdetails['state'];
        $country = $clientsdetails['country'];
    } else {
        if (!function_exists("addClient")) {
            require ROOTDIR . "/clientfunctions.php";
        }
        $_SESSION['currency'] = $currency;
        $userid = addClient($firstname, $lastname, $companyname, $email, $address1, $address2, $city, $state, $postcode, $country, $phonenumber, substr(md5($id), 0, 10), 0, "", "on");
    }
    if ($CONFIG['TaxEnabled'] == "on") {
        $taxlevel1 = getTaxRate(1, $state, $country);
        $taxlevel2 = getTaxRate(2, $state, $country);
        $taxrate = $taxlevel1['rate'];
        $taxrate2 = $taxlevel2['rate'];
    }
    $subtotal = $data['subtotal'];
    $tax1 = $data['tax1'];
    $tax2 = $data['tax2'];
    $total = $data['total'];
    $result = select_query("tblpaymentgateways", "gateway", array("setting" => "name"), "order", "ASC");
    $data = mysql_fetch_array($result);
    $gateway = $data['gateway'];
    $duedate = $finaldate = "";
    if ($invoicetype == "deposit") {
        if ($depositduedate) {
            $duedate = toMySQLDate($depositduedate);
        }
        $finaldate = $finalduedate ? toMySQLDate($finalduedate) : date("Y-m-d");
    } else {
        if ($invoiceduedate) {
            $duedate = toMySQLDate($invoiceduedate);
        }
    }
    if (!$duedate) {
        $duedate = date("Y-m-d");
    }
    $invoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $duedate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id));
    if ($finaldate) {
        $finalinvoiceid = insert_query("tblinvoices", array("date" => "now()", "duedate" => $finaldate, "userid" => $userid, "status" => "Unpaid", "paymentmethod" => $gateway, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "subtotal" => $subtotal, "tax" => $tax1, "tax2" => $tax2, "total" => $total, "notes" => $_LANG['quoteref'] . $id));
    }
    $result = select_query("tblquoteitems", "", array("quoteid" => $id), "id", "ASC");
    while ($data = mysql_fetch_array($result)) {
        $line_id = $data['id'];
        $line_desc = $data['description'];
        $line_qty = $data['quantity'];
        $line_unitprice = $data['unitprice'];
        $line_discount = $data['discount'];
        $line_taxable = $data['taxable'];
        $line_total = format_as_currency($line_qty * $line_unitprice * (1 - $line_discount / 100));
        $lineitemdesc = "" . $line_qty . " x " . $line_desc . " @ " . $line_unitprice;
        if (0 < $line_discount) {
            $lineitemdesc .= " - " . $line_discount . "% " . $_LANG['orderdiscount'];
        }
        if ($finalinvoiceid) {
            $originalamount = $line_total;
            $line_total = $originalamount * ($depositpercent / 100);
            $final_amount = $originalamount - $line_total;
            insert_query("tblinvoiceitems", array("invoiceid" => $finalinvoiceid, "userid" => $userid, "description" => $lineitemdesc . " (" . (100 - $depositpercent) . "% " . $_LANG['quotefinalpayment'] . ")", "amount" => $final_amount, "taxed" => $line_taxable));
            $lineitemdesc .= " (" . $depositpercent . "% " . $_LANG['quotedeposit'] . ")";
        }
        insert_query("tblinvoiceitems", array("invoiceid" => $invoiceid, "userid" => $userid, "description" => $lineitemdesc, "amount" => $line_total, "taxed" => $line_taxable));
    }
    if (!function_exists("updateInvoiceTotal")) {
        require ROOTDIR . "/includes/invoicefunctions.php";
    }
    updateInvoiceTotal($invoiceid);
    if ($finalinvoiceid) {
        updateInvoiceTotal($finalinvoiceid);
    }
    run_hook("InvoiceCreationPreEmail", array("invoiceid" => $invoiceid));
    if ($finalinvoiceid) {
        run_hook("InvoiceCreationPreEmail", array("invoiceid" => $finalinvoiceid));
    }
    if ($sendemail) {
        sendMessage("Invoice Created", $invoiceid);
        if ($finalinvoiceid) {
            sendMessage("Invoice Created", $finalinvoiceid);
        }
    }
    run_hook("InvoiceCreated", array("invoiceid" => $invoiceid));
    if ($finalinvoiceid) {
        run_hook("InvoiceCreated", array("invoiceid" => $finalinvoiceid));
    }
    if (1 < $CONFIG['InvoiceIncrement']) {
        $invoiceincrement = $CONFIG['InvoiceIncrement'] - 1;
        $counter = 1;
        while ($counter <= $invoiceincrement) {
            $tempinvoiceid = insert_query("tblinvoices", array("date" => "now()"));
            delete_query("tblinvoices", array("id" => $tempinvoiceid));
            $counter += 1;
        }
    }
    update_query("tblquotes", array("userid" => $userid, "stage" => "Accepted"), array("id" => $id));
    return $invoiceid;
}
Ejemplo n.º 14
0
            $tbl->addRow(array("<input type=\"checkbox\" name=\"selectedinvoices[]\" value=\"" . $invoice['id'] . "\" class=\"checkall\">", $linkopen . $invoice['invoicenum'] . $linkclose, $invoice['clientname'], $invoice['date'], $invoice['duedate'], "<a href=\"invoices.php?action=invtooltip&id=" . $invoice['id'] . "&userid=" . $invoice['userid'] . generate_token("link") . "\" class=\"invtooltip\" lang=\"\">" . $invoice['totalformatted'] . "</a>", $invoice['paymentmethod'], $invoice['statusformatted'], $linkopen . "<img src=\"images/edit.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"Edit\">" . $linkclose, "<a href=\"#\" onClick=\"doDelete('" . $invoice['id'] . "');return false\"><img src=\"images/delete.gif\" width=\"16\" height=\"16\" border=\"0\" alt=\"Delete\"></a>"));
        }
        $tbl->setMassActionBtns("<input type=\"submit\" value=\"" . $aInt->lang("invoices", "markpaid") . "\" class=\"btn-success\" name=\"markpaid\" onclick=\"return confirm('" . $aInt->lang("invoices", "markpaidconfirm", "1") . "')\" /> <input type=\"submit\" value=\"" . $aInt->lang("invoices", "markunpaid") . "\" name=\"markunpaid\" onclick=\"return confirm('" . $aInt->lang("invoices", "markunpaidconfirm", "1") . "')\" /> <input type=\"submit\" value=\"" . $aInt->lang("invoices", "markcancelled") . "\" name=\"markcancelled\" onclick=\"return confirm('" . $aInt->lang("invoices", "markcancelledconfirm", "1") . "')\" /> <input type=\"submit\" value=\"" . $aInt->lang("invoices", "duplicateinvoice") . "\" name=\"duplicateinvoice\" onclick=\"return confirm('" . $aInt->lang("invoices", "duplicateinvoiceconfirm", "1") . "')\" /> <input type=\"submit\" value=\"" . $aInt->lang("invoices", "sendreminder") . "\" name=\"paymentreminder\" onclick=\"return confirm('" . $aInt->lang("invoices", "sendreminderconfirm", "1") . "')\" /> <input type=\"submit\" value=\"" . $aInt->lang("global", "delete") . "\" class=\"btn-danger\" name=\"massdelete\"  onclick=\"return confirm('" . $aInt->lang("invoices", "massdeleteconfirm", "1") . "')\" />");
        echo $tbl->output();
        unset($clientlist);
        unset($invoicesModel);
    }
} else {
    if ($action == "edit") {
        $result = select_query("tblinvoices", "userid,paymentmethod", array("id" => $id));
        $data = mysql_fetch_array($result);
        $userid = $data[0];
        $oldpaymentmethod = $data[1];
        if ($saveoptions) {
            check_token("WHMCS.admin.default");
            update_query("tblinvoices", array("date" => toMySQLDate($invoicedate), "duedate" => toMySQLDate($datedue), "paymentmethod" => $paymentmethod, "invoicenum" => $invoicenum, "taxrate" => $taxrate, "taxrate2" => $taxrate2, "status" => $status), array("id" => $id));
            updateInvoiceTotal($id);
            if ($oldpaymentmethod != $paymentmethod) {
                run_hook("InvoiceChangeGateway", array("invoiceid" => $id, "paymentmethod" => $paymentmethod));
            }
            logActivity("Modified Invoice Options - Invoice ID: " . $id, $userid);
            redir("action=edit&id=" . $id);
            exit;
        }
        if ($save == "notes") {
            check_token("WHMCS.admin.default");
            update_query("tblinvoices", array("notes" => $notes), array("id" => $id));
            logActivity("Modified Invoice Notes - Invoice ID: " . $id, $userid);
            redir("action=edit&id=" . $id);
            exit;
        }
Ejemplo n.º 15
0
function namecheap_ssl_output($vars)
{
    if (!empty($_REQUEST['action'])) {
        $action = $_REQUEST['action'];
    } else {
        $action = 'default';
    }
    global $_LANG;
    namecheapssl_initlang();
    $view = array('global' => array('mod_url' => '?module=namecheap_ssl', 'module' => 'namecheap_ssl'));
    if ('log' == $action) {
        // prepare data for actions filters
        // actions
        $view['filter_action_options'] = array();
        $sql = "SELECT DISTINCT action FROM mod_namecheapssl_log";
        $r = mysql_query($sql);
        if (mysql_numrows($r)) {
            while ($row = mysql_fetch_assoc($r)) {
                if (!empty($row['action'])) {
                    $view['filter_action_options'][] = $row['action'];
                }
            }
        }
        // detect selected action
        if (!empty($_REQUEST['filter_action']) && in_array($_REQUEST['filter_action'], $view['filter_action_options'])) {
            $view['filter_action_value'] = $_REQUEST['filter_action'];
        } else {
            $view['filter_action_value'] = '';
        }
        //
        $view['filter_date_from_value'] = empty($_REQUEST['filter_date_from']) ? '' : $_REQUEST['filter_date_from'];
        $view['filter_date_to_value'] = empty($_REQUEST['filter_date_to']) ? '' : $_REQUEST['filter_date_to'];
        $view['filter_user_value'] = empty($_REQUEST['filter_user']) ? '' : $_REQUEST['filter_user'];
        // prepare query for page items
        $iOffset = empty($vars['log_items_per_page']) ? 50 : (int) $vars['log_items_per_page'];
        $page = !empty($_REQUEST['page']) ? (int) $_REQUEST['page'] : 1;
        $iLimit = $page <= 1 ? 0 : ($page - 1) * $iOffset;
        // create WHERE for sql query
        $sqlWhereArray = array();
        // action value
        if (!empty($view['filter_action_value'])) {
            $sqlWhereArray[] = sprintf(" action='%s' ", mysql_real_escape_string($view['filter_action_value']));
        }
        // date from value
        if (!empty($view['filter_date_from_value'])) {
            $sqlWhereArray[] = sprintf("date>='%s'", toMySQLDate($view['filter_date_from_value']));
        }
        // date to value
        if (!empty($view['filter_date_to_value'])) {
            $sqlWhereArray[] = sprintf("date<='%s'", toMySQLDate($view['filter_date_to_value']) . ' 23:59:59');
        }
        // admin / client filter
        if (!empty($view['filter_user_value'])) {
            if (false !== strpos($view['filter_user_value'], '@')) {
                $sqlWhereArray[] = sprintf("c.email = '%s'", mysql_real_escape_string($view['filter_user_value']));
            } else {
                $sqlWhereArray[] = sprintf("log.user LIKE '%s%%'", mysql_real_escape_string($view['filter_user_value']));
            }
        }
        if (!empty($sqlWhereArray)) {
            $sqlWhere = ' WHERE ' . implode(' AND ', $sqlWhereArray);
        } else {
            $sqlWhere = '';
        }
        $sql = "SELECT log.*,c.email FROM mod_namecheapssl_log log LEFT JOIN tblclients AS c ON (log.userid=c.id AND user='******') {$sqlWhere} ORDER BY log.id DESC LIMIT {$iLimit},{$iOffset}";
        $view['log_items'] = array();
        $r = mysql_query($sql);
        if (mysql_numrows($r)) {
            while ($row = mysql_fetch_assoc($r)) {
                $view['log_items'][] = $row;
            }
        }
        // query for count
        $sql = "SELECT COUNT(log.id) FROM mod_namecheapssl_log log LEFT JOIN tblclients AS c ON (log.userid=c.id AND user='******') {$sqlWhere}";
        $r = mysql_query($sql);
        $row = mysql_fetch_array($r);
        $iCountOfLogItems = array_shift($row);
        $iCountOfPages = (int) ceil($iCountOfLogItems / $iOffset);
        $view['log_items_count'] = $iCountOfLogItems;
        $view['log_items_count_of_pages'] = $iCountOfPages;
        $view['log_items_current_page'] = $page <= 1 ? 1 : $page;
    } else {
        if ('sync' == $action) {
            if (!empty($_REQUEST['hostingid'])) {
                $view['hostingid'] = (int) $_REQUEST['hostingid'];
                // search product
                $r = mysql_query('SELECT orderid, tblhosting.domain, tblproducts.name AS productname FROM tblhosting JOIN tblproducts ON tblhosting.packageid=tblproducts.id WHERE tblhosting.id=' . (int) $_REQUEST['hostingid']);
                $row = mysql_fetch_assoc($r);
                // check san certificate
                // get config options
                $certHasSanOption = false;
                $r = mysql_query('SELECT tblproductconfigoptions.optionname FROM tblproductconfigoptions JOIN tblhostingconfigoptions ON (tblhostingconfigoptions.configid=tblproductconfigoptions.id) WHERE tblhostingconfigoptions.relid=' . (int) $_REQUEST['hostingid']);
                $optionNames = array();
                while (false !== ($optionsRow = mysql_fetch_assoc($r))) {
                    $optionNames[] = $optionsRow['optionname'];
                    if ('san' == substr($optionsRow['optionname'], 0, 3)) {
                        $certHasSanOption = true;
                    }
                }
                $view['cert_has_san_option'] = $certHasSanOption;
                if (false == $row || $certHasSanOption) {
                    $view['found'] = false;
                } else {
                    // select nc remote id
                    $r = mysql_query('SELECT * FROM tblsslorders WHERE serviceid=' . (int) $_REQUEST['hostingid']);
                    $ssl_order = mysql_fetch_array($r);
                    if (false == $ssl_order) {
                        $view['found'] = false;
                    } else {
                        $view['found'] = true;
                        $view['hosting'] = array('hostingid' => $_REQUEST['hostingid'], 'orderid' => $row['orderid'], 'domain' => $row['domain'], 'productname' => $row['productname'], 'ssl_order_remoteid' => $ssl_order['remoteid'], 'ssl_order_certtype' => $ssl_order['certtype'], 'ssl_order_id' => $ssl_order['id']);
                        if (isset($_REQUEST['message']) && 'updated' == $_REQUEST['message']) {
                            $view['updated'] = true;
                        } else {
                            $view['updated'] = false;
                        }
                        // final level verification
                        // assign remote id
                        if (!empty($_POST['remoteid']) && !empty($_POST['ssl_order_id'])) {
                            // two mysql queries
                            // update whmcs native table
                            mysql_query('UPDATE tblsslorders SET remoteid=' . (int) $_POST['remoteid'] . ' WHERE id=' . $_POST['ssl_order_id']);
                            // update custom module table
                            mysql_query('UPDATE mod_namecheapssl SET certificate_id=' . (int) $_POST['remoteid'] . ' WHERE id=' . $_POST['ssl_order_id']);
                            // redirect
                            $query_string = '?module=namecheap_ssl&action=sync&hostingid=' . $_REQUEST['hostingid'] . '&message=updated';
                            namecheapssl_log('addon.sync', 'addon_updated_remoteid', array($ssl_order['remoteid'], $_POST['remoteid']), $ssl_order['serviceid']);
                            header('Location: ' . $query_string);
                            exit;
                        }
                    }
                }
            } else {
                $view['hostingid'] = '';
            }
        } else {
            if ('list' == $action) {
                $users = array();
                // production certs
                $query = "SELECT DISTINCT configoption1 AS user, configoption2 AS password, 'production' AS acc FROM tblproducts WHERE configoption9='' AND configoption1!='' AND configoption2!='' AND servertype='namecheapssl'";
                $r = mysql_query($query);
                while (false !== ($row = mysql_fetch_assoc($r))) {
                    $view['userlist'][] = array('user' => $row['user'], 'acc' => 'production');
                    $users['production'][$row['user']] = $row;
                }
                // sandbox users
                $query = "SELECT DISTINCT configoption3 AS user, configoption4 AS password, 'sandbox' AS acc FROM tblproducts WHERE configoption9='on' AND configoption3!='' AND configoption4!='' AND servertype='namecheapssl'";
                $r = mysql_query($query);
                while (false !== ($row = mysql_fetch_assoc($r))) {
                    $view['userlist'][] = array('user' => $row['user'], 'acc' => 'sandbox');
                    $users['sandbox'][$row['user']] = $row;
                }
                if (!empty($_REQUEST['user']) && !empty($_REQUEST['acc'])) {
                    if ('sandbox' != $_REQUEST['acc'] && 'production' != $_REQUEST['acc']) {
                        echo 'unknown user';
                        exit;
                    }
                    if (!empty($users[$_REQUEST['acc']][$_REQUEST['user']])) {
                        $user = $users[$_REQUEST['acc']][$_REQUEST['user']]['user'];
                        $password = $users[$_REQUEST['acc']][$_REQUEST['user']]['password'];
                    } else {
                        echo 'unknown user';
                        exit;
                    }
                    $view['user'] = array('user' => $user, 'acc' => $_REQUEST['acc']);
                    $itemsOnPage = 20;
                    $page = empty($_REQUEST['page']) ? 1 : $_REQUEST['page'];
                    $view['current_page'] = $page;
                    $requestParams = array("Page" => $page, "PageSize" => $itemsOnPage);
                    $api = new NamecheapApi($user, $password, $_REQUEST['acc'] == 'sandbox');
                    try {
                        $response = $api->request("namecheap.ssl.getList", $requestParams);
                        $result = $api->parseResponse($response);
                        if (!empty($result['SSLListResult']['SSL'])) {
                            $items = array();
                            foreach ($result['SSLListResult']['SSL'] as $k => $item) {
                                // get whmcs product
                                $items[$k]['namecheap'] = $item['@attributes'];
                                $query = sprintf("SELECT serviceid,status FROM tblsslorders WHERE module='namecheapssl' AND remoteid='%s'", $item['@attributes']['CertificateID']);
                                $r = mysql_query($query);
                                if (mysql_num_rows($r)) {
                                    $items[$k]['whmcs'] = mysql_fetch_assoc($r);
                                }
                            }
                            $view['items'] = $items;
                        }
                        $view['pages'] = array();
                        for ($i = 1; $i <= ceil($result['Paging']['TotalItems'] / $itemsOnPage); ++$i) {
                            $view['pages'][] = $i;
                        }
                    } catch (Exception $e) {
                        var_dump($e->getMessage());
                        exit;
                        $view['globals']['error'] = $e->getMessage();
                    }
                }
            } else {
                if ('settings' == $action) {
                    // message
                    $view['message'] = '';
                    if (!empty($_REQUEST['message']) && 'updated' == $_REQUEST['message']) {
                        $view['message'] = $_LANG['ncssl_addon_changes_saved_success'];
                    }
                    // prepare information for view
                    $view['settings'] = NcSql::sql2set_keyval("SELECT name,value FROM mod_namecheapssl_settings");
                    $view['control_options'] = array('sync_date_offset' => array(0 => '0', 5 => '5', 15 => '15', 30 => '30'));
                    // process incoming data
                    if (isset($_REQUEST['settings'])) {
                        foreach ($_REQUEST['settings'] as $name => $value) {
                            NcSql::q(sprintf("DELETE FROM mod_namecheapssl_settings WHERE name='%s'", NcSql::e($name)));
                            NcSql::q(sprintf("INSERT INTO mod_namecheapssl_settings SET name='%s', value='%s'", NcSql::e($name), NcSql::e($value)));
                        }
                        // redirect
                        $query_string = '?module=namecheap_ssl&action=settings&message=updated';
                        namecheapssl_log('addon.settings', 'addon_updated_settings');
                        header('Location: ' . $query_string);
                        exit;
                    }
                } else {
                    $action = 'default';
                }
            }
        }
    }
    $view['global']['mod_action_url'] = $view['global']['mod_url'] . '&action=' . $action;
    $view['global']['action'] = $action;
    include dirname(__FILE__) . '/templates/' . $action . '.php';
}
Ejemplo n.º 16
0
     redir("userid=" . $userid);
     exit;
 }
 if ($sub == "remove") {
     checkPermission("Manage Credits");
     check_token("WHMCS.admin.default");
     insert_query("tblcredit", array("clientid" => $userid, "date" => toMySQLDate($date), "description" => $description, "amount" => 0 - $amount));
     update_query("tblclients", array("credit" => "-=" . $amount), array("id" => (int) $userid));
     logActivity("Removed Credit - User ID: " . $userid . " - Amount: " . formatCurrency($amount), $userid);
     redir("userid=" . $userid);
     exit;
 }
 if ($sub == "save") {
     checkPermission("Manage Credits");
     check_token("WHMCS.admin.default");
     update_query("tblcredit", array("date" => toMySQLDate($date), "description" => $description, "amount" => $amount), array("id" => $id));
     logActivity("Edited Credit - Credit ID: " . $id . " - User ID: " . $userid, $userid);
     redir("userid=" . $userid);
     exit;
 }
 if ($sub == "delete") {
     checkPermission("Manage Credits");
     check_token("WHMCS.admin.default");
     $result = select_query("tblcredit", "", array("id" => $ide));
     $data = mysql_fetch_array($result);
     $amount = $data['amount'];
     $creditbalance = $creditbalance - $amount;
     if ($creditbalance < 0) {
         $creditbalance = 0;
     }
     update_query("tblclients", array("credit" => $creditbalance), array("id" => (int) $userid));
Ejemplo n.º 17
0
    } else {
        addTransaction($userid, 0, $description, $amountin, $fees, $amountout, $paymentmethod, $transid, $invoiceid, $date);
    }
    if ($addcredit) {
        if ($transid) {
            $description .= " (Trans ID: " . $transid . ")";
        }
        insert_query("tblcredit", array("clientid" => $userid, "date" => toMySQLDate($date), "description" => $description, "amount" => $amountin));
        update_query("tblclients", array("credit" => "+=" . $amountin), array("id" => (int) $userid));
    }
    redir("userid=" . $userid);
    exit;
}
if ($sub == "save") {
    check_token("WHMCS.admin.default");
    update_query("tblaccounts", array("gateway" => $paymentmethod, "date" => toMySQLDate($date), "description" => $description, "amountin" => $amountin, "fees" => $fees, "amountout" => $amountout, "transid" => $transid, "invoiceid" => $invoiceid), array("id" => $id));
    logActivity("Modified Transaction (User ID: " . $userid . " - Transaction ID: " . $id . ")");
    redir("userid=" . $userid);
    exit;
}
if ($sub == "delete") {
    check_token("WHMCS.admin.default");
    checkPermission("Delete Transaction");
    delete_query("tblaccounts", array("id" => $ide));
    logActivity("Deleted Transaction (ID: " . $ide . " - User ID: " . $userid . ")");
    redir("userid=" . $userid);
    exit;
}
ob_start();
if ($action == "") {
    $aInt->deleteJSConfirm("doDelete", "transactions", "deletesure", "clientstransactions.php?userid=" . $userid . "&sub=delete&ide=");
Ejemplo n.º 18
0
<?php

if (!defined("WHMCS")) {
    die("This file cannot be accessed directly");
}
$reportdata["title"] = "Credits Reviewer";
$reportdata["description"] = "This report allows you to review all the credits issued to clients between 2 dates you specify";
$reportdata["headertext"] = '<form method="post" action="' . $PHP_SELF . '?report=' . $report . '">
<p align="center">Start Date: <input type="text" name="startdate" value="' . $startdate . '" class="datepick" /> End Date: <input type="text" name="enddate" value="' . $enddate . '" class="datepick" /> <input type="submit" value="Generate Report"></p>
</form>';
$reportdata["tableheadings"] = array("Credit ID", "Client Name", "Date", "Description", "Amount");
if ($startdate && $enddate) {
    $query = "SELECT tblcredit.*,tblclients.firstname,tblclients.lastname FROM tblcredit INNER JOIN tblclients ON tblclients.id=tblcredit.clientid WHERE tblcredit.date BETWEEN '" . toMySQLDate($startdate) . "' AND '" . toMySQLDate($enddate) . "'";
    $result = mysql_query($query);
    while ($data = mysql_fetch_array($result)) {
        $id = $data["id"];
        $userid = $data["clientid"];
        $clientname = $data["firstname"] . " " . $data["lastname"];
        $date = fromMySQLDate($data["date"]);
        $description = $data["description"];
        $amount = $data["amount"];
        $currency = getCurrency($userid);
        $amount = formatCurrency($amount);
        $reportdata["tablevalues"][] = array($id, '<a href="clientssummary.php?userid=' . $userid . '">' . $clientname . '</a>', $date, nl2br($description), $amount);
    }
}
$data["footertext"] = '';
Ejemplo n.º 19
0
<?php

if (!defined("WHMCS")) {
    die("This file cannot be accessed directly");
}
$reportdata["title"] = "Ticket Tags Overview";
$reportdata["description"] = "This report provides an overview of ticket tags assigned to tickets for a given date range";
if (!$fromdate) {
    $fromdate = fromMySQLDate(date("Y-m-d", mktime(0, 0, 0, date("m") - 1, date("d"), date("Y"))));
}
if (!$todate) {
    $todate = getTodaysDate();
}
$reportdata["headertext"] = "<form method=\"post\" action=\"" . $_SERVER['PHP_SELF'] . "?report={$report}\"><center>Start Date: <input type=\"text\" name=\"fromdate\" value=\"{$fromdate}\" class=\"datepick\" /> &nbsp;&nbsp;&nbsp; End Date: <input type=\"text\" name=\"todate\" value=\"{$todate}\" class=\"datepick\" /> &nbsp;&nbsp;&nbsp; <input type=\"submit\" value=\"Generate Report\" /></form>";
$reportdata["tableheadings"][] = "Tag";
$reportdata["tableheadings"][] = "Count";
$result = full_query("SELECT `tag`, COUNT(*) AS `count` FROM `tbltickettags` INNER JOIN tbltickets ON tbltickets.id=tbltickettags.ticketid WHERE tbltickets.date>='" . toMySQLDate($fromdate) . " 00:00:00' AND tbltickets.date<='" . toMySQLDate($todate) . " 23:59:59' GROUP BY tbltickettags.tag ORDER BY `count` DESC");
while ($data = mysql_fetch_array($result)) {
    $tag = $data[0];
    $count = $data[1];
    $reportdata["tablevalues"][] = array($tag, $count);
    $chartdata['rows'][] = array('c' => array(array('v' => $tag), array('v' => (int) $count, 'f' => $count)));
}
$chartdata['cols'][] = array('label' => 'Tag', 'type' => 'string');
$chartdata['cols'][] = array('label' => 'Count', 'type' => 'number');
$args = array();
$args['legendpos'] = 'right';
$reportdata["headertext"] .= $chart->drawChart('Pie', $chartdata, $args, '300px');
Ejemplo n.º 20
0
if ($action == "deletereferral") {
    check_token("WHMCS.admin.default");
    delete_query("tblaffiliatesaccounts", array("id" => $affaccid));
    redir("action=edit&id=" . $id);
    exit;
}
if ($action == "deletewithdrawal") {
    check_token("WHMCS.admin.default");
    delete_query("tblaffiliateswithdrawals", array("id" => $wid));
    redir("action=edit&id=" . $id);
    exit;
}
if ($action == "addcomm") {
    check_token("WHMCS.admin.default");
    $amount = format_as_currency($amount);
    insert_query("tblaffiliateshistory", array("affiliateid" => $id, "date" => toMySQLDate($date), "affaccid" => $refid, "description" => $description, "amount" => $amount));
    update_query("tblaffiliates", array("balance" => "+=" . $amount), array("id" => (int) $id));
    redir("action=edit&id=" . $id);
    exit;
}
if ($action == "withdraw") {
    check_token("WHMCS.admin.default");
    insert_query("tblaffiliateswithdrawals", array("affiliateid" => $id, "date" => "now()", "amount" => $amount));
    update_query("tblaffiliates", array("balance" => "-=" . $amount, "withdrawn" => "+=" . $amount), array("id" => (int) $id));
    if ($payouttype == "1") {
        $result = select_query("tblaffiliates", "", array("id" => (int) $id));
        $data = mysql_fetch_array($result);
        $id = (int) $data['id'];
        $clientid = (int) $data['clientid'];
        addTransaction($clientid, "", "Affiliate Commissions Withdrawal Payout", "0", "0", $amount, $paymentmethod, $transid);
    } else {
Ejemplo n.º 21
0
function update_entry($data, $can_edit = false, $needs_lock = true)
{
    global $mySQLi, $posts, $post_meta, $viewColumns, $appt_types;
    $out['success'] = false;
    $lock_check = NULL;
    if ($can_edit === false) {
        $can_edit = can_edit($data);
    }
    if ($can_edit === true && $needs_lock == true) {
        $lock_check = check_lock($data);
    }
    if ($can_edit === false) {
        $out['error'] = 'You have insufficient access to edit this record';
    } else {
        if ($needs_lock == true && $lock_check !== NULL && $lock_check['locked'] == false) {
            if (isset($lock_check['lock_error'])) {
                $out['error'] = 'A problem was encountered while checking your right to update this record:<br />';
                $out['lock_error'] = $lock_check['error'];
            } else {
                $out['error'] = $lock_check['locked_by'] . ' has this record locked since ' . $lock_check['locked_since'] . '.  Please make note of your desired changes and try again later.';
            }
        } else {
            $post_id = $data['id'];
            $user_id = $data['user_id'];
            unset($data['action']);
            unset($data['access_level']);
            unset($data['id']);
            unset($data['user_id']);
            $currSQL = "SELECT * FROM `{$posts}` WHERE `id`='{$post_id}'";
            $currRow = $mySQLi->get_results($currSQL);
            if ($currRow == false || $mySQLi->error != '') {
                $out['error'] == 'Error ' . $mySQLi->error_num . ': ' . $mySQLi->error;
                $out['currSQL'] = $currSQL;
            } else {
                $orig = $currRow[0];
                unset($orig['id']);
                unset($orig['updated']);
                $orig['parent'] = $post_id;
                $orig['type'] = 'revision';
                $flds = array_keys($orig);
                $buSQL = "INSERT INTO `{$posts}` (" . implode(',', $flds) . ") VALUES ('" . implode("','", $orig) . "');";
                $out['buSQL'] = $buSQL;
                $backup = $mySQLi->add_row($buSQL);
                if ($mySQLi->error == '') {
                    // be sure to set the parent, so it points to the original post
                    $backupID = $mySQLi->insert_id;
                    $out['backup_id'] = $backupID;
                    // if we're updating the status, we don't want to touch these fields
                    $fldUpdate = array_key_exists('status', $data) ? "status='" . $data['status'] . "'" : '';
                    if (array_key_exists('provider', $data)) {
                        $data['provider'] = get_user_name($data['provider']);
                        $data['appointment_type'] = $data['appt_type'];
                        $data['appointment_date'] = toMySQLDate($data['appt_date']);
                        foreach ($data as $key => $value) {
                            if (array_key_exists($key, $viewColumns)) {
                                $fldUpdate .= ($fldUpdate == '' ? '' : ',') . "{$key}='{$value}'";
                            }
                        }
                        // loop through all fields
                    }
                    // end if found provider field data
                    if ($fldUpdate != '') {
                        $fldUpdate .= ",updated=CURRENT_TIMESTAMP";
                        $updateSQL = "UPDATE `{$posts}` SET {$fldUpdate} WHERE `{$posts}`.`id`='{$post_id}';";
                        $out['updateSQL'] = $updateSQL;
                        $updateRow = $mySQLi->update_row($updateSQL);
                        if ($mySQLi->error != '') {
                            $out['error'] = 'Error ' . $mySQLi->error_num . ': ' . $mySQLi->error;
                        } else {
                            $out['success'] = true;
                            $meta_results = update_post_meta($user_id, $post_id, $backupID);
                            if (is_array($meta_results)) {
                                $out = array_merge($out, $meta_results);
                            }
                        }
                        // end if no error in query
                    } else {
                        $out['error'] = 'Could not update current record';
                        $out['data'] = $data;
                        $out['view_columns'] = $viewColumns;
                    }
                    // end if field updates have been initialized
                } else {
                    $out['sql'] = $buSQL;
                    $out['error'] = 'Error ' . $mySQLi->error_num . ': ' . $mySQLi->error;
                }
                // end if last SQL query had an error
            }
            // end if we found requested record to update
        }
    }
    // end if can_edit
    return $out;
}
Ejemplo n.º 22
0
            while ($data = mysql_fetch_array($result2)) {
                $invoiceid = $data[0];
                $description .= "<a href=\"invoices.php?action=edit&id={$invoiceid}\" target=\"_blank\">#{$invoiceid}</a>, ";
            }
            $description = substr($description, 0, -2);
        } else {
            $description = $description;
            if ($invoiceid) {
                $description .= " - <a href=\"invoices.php?action=edit&id={$invoiceid}\" target=\"_blank\">#{$invoiceid}</a>";
            }
        }
        $statement[str_replace('-', '', $date) . "_" . $count] = array("Transaction", $date, $description, $amountin, $amountout);
        $count++;
    }
}
$datefrom = $datefrom ? str_replace('-', '', toMySQLDate($datefrom)) : '';
$dateto = $dateto ? str_replace('-', '', toMySQLDate($dateto)) : '';
$reportdata["tableheadings"] = array("Type", "Date", "Description", "Credits", "Debits", "Balance");
ksort($statement);
foreach ($statement as $date => $entry) {
    $date = substr($date, 0, 8);
    if ($date <= $dateto or !$dateto) {
        $totalcredits += $entry[3];
        $totaldebits -= $entry[4];
        $balance += $entry[3] - $entry[4];
    }
    if ($date >= $datefrom and $date <= $dateto or !$dateto) {
        $reportdata["tablevalues"][] = array($entry[0], fromMySQLDate($entry[1]), $entry[2], formatCurrency($entry[3]), formatCurrency($entry[4]), formatCurrency($balance));
    }
}
$reportdata["tablevalues"][] = array('#efefef', '', '', '<b>Ending Balance</b>', '<b>' . formatCurrency($totalcredits) . '</b>', '<b>' . formatCurrency($totaldebits) . '</b>', '<b>' . formatCurrency($balance) . '</b>');
Ejemplo n.º 23
0
    if ($user == $username) {
        echo " selected";
    }
    echo ">" . $user . "</option>";
}
echo "</select></td><td>";
echo $aInt->lang("fields", "ipaddress");
echo ": <input type=\"text\" name=\"ipaddress\" value=\"";
echo $ipaddress;
echo "\" size=\"20\"></td><td><input type=\"submit\" value=\"";
echo $aInt->lang("system", "filterlog");
echo "\" /></td></tr></table></div>\n</form>\n\n<br />\n\n";
$aInt->sortableTableInit("date");
$where = "userid='" . (int) $userid . "' AND ";
if ($date) {
    $where .= "date>'" . toMySQLDate($date) . "' AND date<='" . toMySQLDate($date) . "235959' AND ";
}
if ($username) {
    $where .= "user='******' AND ";
}
if ($description) {
    $where .= "description LIKE '%" . db_escape_string($description) . "%' AND ";
}
if ($ipaddress) {
    $where .= " ipaddr='" . db_escape_string($ipaddress) . "' AND ";
}
if ($where) {
    $where = substr($where, 0, 0 - 5);
}
$result = select_query("tblactivitylog", "COUNT(*)", $where, "id", "DESC");
$data = mysql_fetch_array($result);
Ejemplo n.º 24
0
define("ADMINAREA", true);
require "../init.php";
$aInt = new WHMCS_Admin("Manage Announcements");
$aInt->title = $aInt->lang("support", "announcements");
$aInt->sidebar = "support";
$aInt->icon = "announcements";
if ($sub == "delete") {
    check_token("WHMCS.admin.default");
    delete_query("tblannouncements", array("id" => $id));
    delete_query("tblannouncements", array("parentid" => $id));
    logActivity("Deleted Announcement (ID: " . $id . ")");
    redir();
}
if ($sub == "save") {
    check_token("WHMCS.admin.default");
    $date = toMySQLDate($date);
    if ($id) {
        update_query("tblannouncements", array("date" => $date, "title" => html_entity_decode($title), "announcement" => html_entity_decode($announcement), "published" => $published), array("id" => $id));
        logActivity("Modified Announcement (ID: " . $id . ")");
        run_hook("AnnouncementEdit", array("announcementid" => $id, "date" => $date, "title" => $title, "announcement" => $announcement, "published" => $published));
    } else {
        $id = insert_query("tblannouncements", array("date" => $date, "title" => html_entity_decode($title), "announcement" => html_entity_decode($announcement), "published" => $published));
        logActivity("Added New Announcement (" . $title . ")");
        run_hook("AnnouncementAdd", array("announcementid" => $id, "date" => $date, "title" => $title, "announcement" => $announcement, "published" => $published));
    }
    foreach ($multilang_title as $language => $title) {
        delete_query("tblannouncements", array("parentid" => $id, "language" => $language));
        if ($title) {
            insert_query("tblannouncements", array("parentid" => $id, "title" => html_entity_decode($title), "announcement" => html_entity_decode($multilang_announcement[$language]), "language" => $language));
            continue;
        }
Ejemplo n.º 25
0
     } else {
         if ($fieldname == "regdate" || $fieldname == "nextduedate" || $fieldname == "overidesuspenduntil") {
             $newval = toMySQLDate($newval);
         } else {
             if ($fieldname == "password") {
                 $newval = encrypt($newval);
             } else {
                 if ($fieldname == "amount" && 0 <= $newamount) {
                     $newval = $newamount;
                 }
             }
         }
     }
     $updatearr[$fieldname] = $newval;
 }
 if (toMySQLDate($whmcs->get_req_var("oldnextduedate")) != $updatearr['nextduedate']) {
     $updatearr['nextinvoicedate'] = $updatearr['nextduedate'];
 }
 update_query("tblhosting", $updatearr, array("id" => $id));
 logActivity("Modified Product/Service - " . implode(", ", $changelog) . (" - User ID: " . $userid . " - Service ID: " . $id), $userid);
 $cancelid = get_query_val("tblcancelrequests", "id", array("relid" => $id, "type" => "End of Billing Period"), "id", "DESC");
 if ($autoterminateendcycle) {
     if ($cancelid) {
         update_query("tblcancelrequests", array("reason" => $autoterminatereason), array("id" => $cancelid));
     } else {
         createCancellationRequest($userid, $id, $autoterminatereason, "End of Billing Period");
     }
 } else {
     if ($cancelid) {
         delete_query("tblcancelrequests", array("id" => $cancelid));
         logActivity("Removed Automatic Cancellation for End of Current Cycle - Service ID: " . $id, $userid);
Ejemplo n.º 26
0
    $filters[] = "(tblinvoices.id='" . db_escape_string($invoicenumber) . "' OR tblinvoices.invoicenum='" . db_escape_string($invoicenumber) . "')";
}
if ($lineitem = $filt->get("lineitem")) {
    $filters[] = "tblinvoices.id IN (SELECT invoiceid FROM tblinvoiceitems WHERE userid=" . (int) $userid . " AND description LIKE '%" . db_escape_string($lineitem) . "%')";
}
if ($paymentmethod = $filt->get("paymentmethod")) {
    $filters[] = "tblinvoices.paymentmethod='" . db_escape_string($paymentmethod) . "'";
}
if ($invoicedate = $filt->get("invoicedate")) {
    $filters[] = "tblinvoices.date='" . toMySQLDate($invoicedate) . "'";
}
if ($duedate = $filt->get("duedate")) {
    $filters[] = "tblinvoices.duedate='" . toMySQLDate($duedate) . "'";
}
if ($datepaid = $filt->get("datepaid")) {
    $filters[] = "tblinvoices.datepaid>='" . toMySQLDate($datepaid) . "' AND tblinvoices.datepaid<='" . toMySQLDate($datepaid) . " 23:59:59'";
}
if ($totalfrom = $filt->get("totalfrom")) {
    $filters[] = "tblinvoices.total>='" . db_escape_string($totalfrom) . "'";
}
if ($totalto = $filt->get("totalto")) {
    $filters[] = "tblinvoices.total<='" . db_escape_string($totalto) . "'";
}
if ($status = $filt->get("status")) {
    if ($status == "Overdue") {
        $filters[] = "tblinvoices.status='Unpaid' AND tblinvoices.duedate<'" . date("Ymd") . "'";
    } else {
        $filters[] = "tblinvoices.status='" . db_escape_string($status) . "'";
    }
}
$filt->store();
Ejemplo n.º 27
0
if (!$action) {
    $reqperm = "View Billable Items";
} else {
    $reqperm = "Manage Billable Items";
}
$aInt = new WHMCS_Admin($reqperm);
$aInt->title = $aInt->lang("billableitems", "title");
$aInt->sidebar = "billing";
$aInt->icon = "billableitems";
$aInt->requiredFiles(array("invoicefunctions", "gatewayfunctions"));
if ($action == "save") {
    check_token("WHMCS.admin.default");
    if (!$userid) {
        $aInt->gracefulExit($aInt->lang("billableitems", "noclientsmsg"));
    }
    $duedate = toMySQLDate($duedate);
    getUsersLang($userid);
    if ($id) {
        if ($hours != 0) {
            if (strpos($description, " " . $_LANG['billableitemshours'] . " @ ")) {
                $description = substr($description, 0, strrpos($description, " - ")) . " - " . $hours . " " . $_LANG['billableitemshours'] . " @ " . $amount . "/" . $_LANG['billableitemshour'];
            }
            $amount = $amount * $hours;
        }
        update_query("tblbillableitems", array("userid" => $userid, "description" => $description, "hours" => $hours, "amount" => $amount, "recur" => $recur, "recurcycle" => $recurcycle, "recurfor" => $recurfor, "invoiceaction" => $invoiceaction, "duedate" => $duedate, "invoicecount" => $invoicecount), array("id" => $id));
    } else {
        if ($hours != 0) {
            $description .= " - " . $hours . " " . $_LANG['billableitemshours'] . " @ " . $amount . "/" . $_LANG['billableitemshour'];
            $amount = $amount * $hours;
        }
        $id = insert_query("tblbillableitems", array("userid" => $userid, "description" => $description, "hours" => $hours, "amount" => $amount, "recur" => $recur, "recurcycle" => $recurcycle, "recurfor" => $recurfor, "invoiceaction" => $invoiceaction, "duedate" => $duedate));
Ejemplo n.º 28
0
 }
 $fieldlist = array();
 foreach ($incfields as $fieldname) {
     if (array_key_exists($fieldname, $filterfields)) {
         $reportdata["tableheadings"][] = $filterfields[$fieldname];
         if ($fieldname == "clientname") {
             $fieldname = "(SELECT CONCAT(firstname,' ',lastname) FROM tblclients WHERE id=tblaccounts.userid)";
         }
         $fieldlist[] = $fieldname;
     }
 }
 if (in_array('currency', $incfields) && !in_array('userid', $incfields)) {
     $fieldlist[] = 'userid';
 }
 if ($whmcs->get_req_var('datefrom') && $whmcs->get_req_var('dateto')) {
     $filters[] = "date>='" . toMySQLDate($whmcs->get_req_var('datefrom')) . "' AND date<='" . toMySQLDate($whmcs->get_req_var('dateto')) . " 23:59:59'";
 }
 $result = select_query("tblaccounts", implode(',', $fieldlist), implode(' AND ', $filters), "date", "ASC");
 while ($data = mysql_fetch_assoc($result)) {
     if (isset($data['currency'])) {
         $currency = getCurrency($data['userid'], $data['currency']);
         $data['currency'] = $currency['code'];
         if (!in_array('userid', $incfields)) {
             unset($data['userid']);
         }
     }
     if (isset($data['gateway'])) {
         $data['gateway'] = $gateways->getDisplayName($data['gateway']);
     }
     $reportdata["tablevalues"][] = $data;
 }
Ejemplo n.º 29
0
$id = get_query_val("tbltodolist", "id", array("id" => $itemid));
if (!$itemid) {
    $apiresults = array("result" => "error", "message" => "TODO Item ID Not Found");
    return null;
}
$adminid = get_query_val("tbladmins", "id", array("id" => $adminid));
if (!$adminid) {
    $apiresults = array("result" => "error", "message" => "Admin ID Not Found");
    return null;
}
$todoarray = array();
if ($date) {
    $todoarray['date'] = toMySQLDate($date);
}
if ($title) {
    $todoarray['title'] = $title;
}
if ($description) {
    $todoarray['description'] = $description;
}
if ($adminid) {
    $todoarray['admin'] = $adminid;
}
if ($status) {
    $todoarray['status'] = $status;
}
if ($duedate) {
    $todoarray['duedate'] = toMySQLDate($duedate);
}
update_query("tbltodolist", $todoarray, array("id" => $itemid));
$apiresults = array("result" => "success", "itemid" => $itemid);
Ejemplo n.º 30
0
function paypal_addon_output($vars)
{
    global $aInt;
    $modulelink = $vars['modulelink'];
    $url = "https://api-3t.paypal.com/nvp";
    $startdate = trim($_REQUEST['startdate']);
    $enddate = trim($_REQUEST['enddate']);
    $transid = trim($_REQUEST['transid']);
    $email = trim($_REQUEST['email']);
    $receiptid = trim($_REQUEST['receiptid']);
    $search = trim($_REQUEST['search']);
    if (!$startdate) {
        $startdate = fromMySQLDate(date("Y-m-d", mktime(0, 0, 0, date("m") - 1, date("d") + 1, date("Y"))));
    }
    if (!$enddate) {
        $enddate = fromMySQLDate(date("Y-m-d", mktime(0, 0, 0, date("m"), date("d") + 1, date("Y"))));
    }
    echo "<form method=\"post\" action=\"" . $modulelink . "\">\n<input type=\"hidden\" name=\"search\" value=\"true\" />\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"20%\" class=\"fieldlabel\">Transaction ID</td><td class=\"fieldarea\"><input type=\"text\" name=\"transid\" size=\"30\" value=\"" . $transid . "\" /></td></tr>\n<tr><td width=\"20%\" class=\"fieldlabel\">Start Date</td><td class=\"fieldarea\"><input type=\"text\" name=\"startdate\" class=\"datepick\" size=\"30\" value=\"" . $startdate . "\" /></td></tr>\n<tr><td width=\"20%\" class=\"fieldlabel\">End Date</td><td class=\"fieldarea\"><input type=\"text\" name=\"enddate\" class=\"datepick\" size=\"30\" value=\"" . $enddate . "\" /></td></tr>\n<tr><td width=\"20%\" class=\"fieldlabel\">Email</td><td class=\"fieldarea\"><input type=\"text\" name=\"email\" size=\"30\" value=\"" . $email . "\" /></td></tr>\n<tr><td width=\"20%\" class=\"fieldlabel\">Receipt ID</td><td class=\"fieldarea\"><input type=\"text\" name=\"receiptid\" size=\"30\" value=\"" . $receiptid . "\" /></td></tr>\n</table>\n<p align=\"center\"><input type=\"submit\" value=\"Search\" /></p>\n</form>";
    if (!$search) {
        return false;
    }
    if ($transid) {
        $postfields = $resultsarray = array();
        $postfields['USER'] = $vars['username'];
        $postfields['PWD'] = $vars['password'];
        $postfields['SIGNATURE'] = $vars['signature'];
        $postfields['METHOD'] = "GetTransactionDetails";
        $postfields['TRANSACTIONID'] = $transid;
        $postfields['VERSION'] = "3.0";
        $result = curlCall($url, $postfields);
        $resultsarray2 = explode("&", $result);
        foreach ($resultsarray2 as $line) {
            $line = explode("=", $line);
            $resultsarray[$line[0]] = urldecode($line[1]);
        }
        $errormessage = $resultsarray['L_LONGMESSAGE0'];
        $payerstatus = $resultsarray['PAYERSTATUS'];
        $countrycode = $resultsarray['COUNTRYCODE'];
        $invoiceid = $resultsarray['INVNUM'];
        $timestamp = $resultsarray['TIMESTAMP'];
        $firstname = $resultsarray['FIRSTNAME'];
        $lastname = $resultsarray['LASTNAME'];
        $email = $resultsarray['EMAIL'];
        $transactionid = $resultsarray['TRANSACTIONID'];
        $transactiontype = $resultsarray['TRANSACTIONTYPE'];
        $paymenttype = $resultsarray['PAYMENTTYPE'];
        $ordertime = $resultsarray['ORDERTIME'];
        $amount = $resultsarray['AMT'];
        $fee = $resultsarray['FEEAMT'];
        $paymentstatus = $resultsarray['PAYMENTSTATUS'];
        $description = $resultsarray['L_NAME0'];
        $currencycode = $resultsarray['L_CURRENCYCODE0'];
        $exchrate = $resultsarray['EXCHANGERATE'];
        $settleamt = $resultsarray['SETTLEAMT'];
        if ($errormessage) {
            echo "<p><b>PayPal API Error Message</b></p><p>" . $errormessage . "</p>";
            return null;
        }
        echo "<p><b>PayPal Transaction Details</b></p>\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"20%\" class=\"fieldlabel\">Transaction ID</td><td class=\"fieldarea\">" . $transactionid . "</td></tr>\n<tr><td class=\"fieldlabel\">Date/Time</td><td class=\"fieldarea\">" . fromMySQLDate($ordertime, true) . "</td></tr>\n<tr><td class=\"fieldlabel\">Transaction Type</td><td class=\"fieldarea\">" . $transactiontype . "</td></tr>\n<tr><td class=\"fieldlabel\">Payment Type</td><td class=\"fieldarea\">" . $paymenttype . "</td></tr>\n<tr><td class=\"fieldlabel\">Name</td><td class=\"fieldarea\">" . $firstname . " " . $lastname . "</td></tr>\n<tr><td class=\"fieldlabel\">Email</td><td class=\"fieldarea\">" . $email . "</td></tr>\n<tr><td class=\"fieldlabel\">Description</td><td class=\"fieldarea\">" . $description . "</td></tr>\n<tr><td class=\"fieldlabel\">Amount</td><td class=\"fieldarea\">" . $amount . "</td></tr>\n<tr><td class=\"fieldlabel\">PayPal Fee</td><td class=\"fieldarea\">" . $fee . "</td></tr>\n<tr><td class=\"fieldlabel\">Currency</td><td class=\"fieldarea\">" . $currencycode . "</td></tr>";
        if ($exchrate) {
            echo "\n<tr><td class=\"fieldlabel\">Exchange Rate</td><td class=\"fieldarea\">" . $exchrate . " (" . $settleamt . ")</td></tr>";
        }
        echo "\n<tr><td class=\"fieldlabel\">Payer Status</td><td class=\"fieldarea\">" . ucfirst($payerstatus) . "</td></tr>\n<tr><td class=\"fieldlabel\">PayPal Status</td><td class=\"fieldarea\">" . $paymentstatus . "</td></tr>\n</table>";
        if (!$invoiceid) {
            $invoiceid = explode("#", $description);
            $invoiceid = (int) $invoiceid[1];
        }
        $result = select_query("tblinvoices", "tblinvoices.id,tblinvoices.status,tblinvoices.userid,tblclients.firstname,tblclients.lastname", array("tblinvoices.id" => $invoiceid), "", "", "", "tblclients ON tblclients.id=tblinvoices.userid");
        $data = mysql_fetch_array($result);
        $whmcs_invoiceid = $data['id'];
        $whmcs_status = $data['status'];
        $whmcs_userid = $data['userid'];
        $whmcs_firstname = $data['firstname'];
        $whmcs_lastname = $data['lastname'];
        if (!$whmcs_invoiceid) {
            $whmcs_status = "No Matching Invoice Found";
        }
        echo "<p><b>WHMCS Invoice Lookup</b></p>\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"20%\" class=\"fieldlabel\">Invoice ID</td><td class=\"fieldarea\"><a href=\"invoices.php?action=edit&id=" . $whmcs_invoiceid . "\">" . $whmcs_invoiceid . "</a></td></tr>\n<tr><td class=\"fieldlabel\">Invoice Status</td><td class=\"fieldarea\">" . $whmcs_status . "</td></tr>\n<tr><td class=\"fieldlabel\">Client Name</td><td class=\"fieldarea\"><a href=\"clientssummary.php?userid=" . $whmcs_userid . "\">" . $whmcs_firstname . " " . $whmcs_lastname . "</a></td></tr>\n</table>";
        $result = select_query("tblaccounts", "", array("transid" => $transactionid));
        $data = mysql_fetch_array($result);
        $whmcstransid = $data['id'];
        $date = $data['date'];
        $invoiceid = $data['invoiceid'];
        $amountin = $data['amountin'];
        $fees = $data['fees'];
        $result = select_query("tblinvoices", "", array("id" => $invoiceid));
        $data = mysql_fetch_array($result);
        $status = $data['status'];
        if ($invoiceid) {
            $date = fromMySQLDate($date);
            $invoiceid = "<a href=\"invoices.php?action=edit&id=" . $invoiceid . "\">" . $invoiceid . "</a>";
        } else {
            $invoiceid = "No Matching Transaction Found";
        }
        echo "<p><b>WHMCS Transaction Lookup</b></p>\n\n<table class=\"form\" width=\"100%\" border=\"0\" cellspacing=\"2\" cellpadding=\"3\">\n<tr><td width=\"20%\" class=\"fieldlabel\">Date</td><td class=\"fieldarea\">" . $date . "</td></tr>\n<tr><td class=\"fieldlabel\">Invoice ID</td><td class=\"fieldarea\">" . $invoiceid . "</td></tr>\n<tr><td class=\"fieldlabel\">Amount</td><td class=\"fieldarea\">" . $amountin . "</td></tr>\n<tr><td class=\"fieldlabel\">Invoice Status</td><td class=\"fieldarea\">" . $status . "</td></tr>\n</table>";
        return null;
    }
    if ($startdate) {
        $startdate = date("c", strtotime(toMySQLDate($startdate))) . "<br>";
        $enddate = date("c", strtotime(toMySQLDate($enddate))) . "<br>";
        $postfields = $resultsarray = array();
        $postfields['USER'] = $vars['username'];
        $postfields['PWD'] = $vars['password'];
        $postfields['SIGNATURE'] = $vars['signature'];
        $postfields['METHOD'] = "TransactionSearch";
        if ($startdate) {
            $postfields['STARTDATE'] = $startdate;
        }
        if ($enddate) {
            $postfields['ENDDATE'] = $enddate;
        }
        if ($email) {
            $postfields['EMAIL'] = $email;
        }
        if ($receiptid) {
            $postfields['RECEIPTID'] = $receiptid;
        }
        $postfields['VERSION'] = "51.0";
        $result = curlCall($url, $postfields);
        $resultsarray2 = explode("&", $result);
        foreach ($resultsarray2 as $line) {
            $line = explode("=", $line);
            $resultsarray[$line[0]] = urldecode($line[1]);
        }
        if (!empty($resultsarray['L_ERRORCODE0']) && $resultsarray['L_ERRORCODE0'] != "11002") {
            echo "<p><b>PayPal API Error Message</b></p><p>" . $resultsarray['L_SEVERITYCODE0'] . " Code: " . $resultsarray['L_ERRORCODE0'] . " - " . $resultsarray['L_SHORTMESSAGE0'] . " - " . $resultsarray['L_LONGMESSAGE0'] . "</p>";
            return null;
        }
        if ($resultsarray['L_ERRORCODE0'] == "11002") {
            global $infobox;
            infoBox("Search Results Truncated", "There were more than 100 matching transactions for the selected criteria. Please make your search parameters more specific to see all results");
            echo $infobox;
        }
        $aInt->sortableTableInit("nopagination");
        $i = 0;
        while ($i < 100) {
            if ($resultsarray["L_TYPE" . $i] == "Payment" && !empty($resultsarray["L_EMAIL" . $i])) {
                $data = get_query_vals("tblaccounts", "tblclients.id AS userid, tblclients.firstname,tblclients.lastname,tblclients.companyname,tblaccounts.invoiceid,tblinvoices.total,tblinvoices.status", array("transid" => $resultsarray["L_TRANSACTIONID" . $i]), "", "", "", " tblclients ON tblclients.id = tblaccounts.userid INNER JOIN tblinvoices ON tblinvoices.id = tblaccounts.invoiceid");
                $tabledata[] = $testarray = array("clientname" => $data['invoiceid'] ? $data['companyname'] ? "<a href=\"clientssummary.php?userid=" . $data['userid'] . "\">" . $data['firstname'] . " " . $data['lastname'] . " (" . $data['companyname'] . ")</a>" : "<a href=\"clientssummary.php?userid=" . $data['userid'] . "\">" . $data['firstname'] . " " . $data['lastname'] . "</a>" : "Trans ID Not Found in WHMCS", "transid" => "<a href=\"addonmodules.php?module=paypal_addon&search=1&transid=" . $resultsarray["L_TRANSACTIONID" . $i] . "\">" . $resultsarray["L_TRANSACTIONID" . $i] . "<a/>", "datetime" => fromMySQLDate($resultsarray["L_TIMESTAMP" . $i], true), "name" => $resultsarray["L_NAME" . $i], "email" => $resultsarray["L_EMAIL" . $i], "amt" => $resultsarray["L_NETAMT" . $i], "fee" => $resultsarray["L_FEEAMT" . $i], "curcode" => $resultsarray["L_CURRENCYCODE" . $i], "status" => $resultsarray["L_STATUS" . $i], "invoiceid" => $data['invoiceid'] ? "<a href=\"invoices.php?action=edit&id=" . $data['invoiceid'] . "\">" . $data['invoiceid'] . "</a>" : "-", "invoiceamt" => $data['invoiceid'] ? $data['total'] : "-", "invoicestatus" => $data['invoiceid'] ? $data['status'] : "-");
            }
            ++$i;
        }
        echo $aInt->sortableTable(array("Client Name", "Transaction ID", "Date/Time", " Payer Name", "Payer Email", "Amount", "Fee", "Currency Code", "Transaction Status", "Invoice ID", "Invoice Amount", "Invoice Status"), $tabledata);
        return null;
    }
    global $infobox;
    infoBox("Start Date Required", "You must enter a start and end date to search between");
    echo $infobox;
}