function load($oid) { $q = new DBQuery(); $q->addQuery('*'); $q->addTable('risks'); $q->addWhere('risk_id = ' . $oid); return db_loadObject($q->prepare(), $this); }
function checkCompanyId($company_id) { $q = new DBQuery(); $q->addTable('companies'); $q->addQuery('count(*)'); $q->addWhere("company_id = '{$company_id}'"); return db_loadResult($q->prepare()); }
function load($oid) { $q = new DBQuery(); $q->addTable('departments', 'dep'); $q->addQuery('dep.*'); $q->addWhere('dep.dept_id = ' . $oid); $sql = $q->prepare(); $q->clear(); return db_loadObject($sql, $this); }
function _buildQuery() { $q = new DBQuery(); $q->addTable($this->table); $q->addQuery('*'); $sql = ''; foreach ($this->search_fields as $field) { $sql .= " {$field} LIKE '%{$this->keyword}%' or "; } $sql = substr($sql, 0, -4); $q->addWhere($sql); return $q->prepare(true); }
function getFolderSelectList() { global $AppUI; $folders = array(0 => ''); $q = new DBQuery(); $q->addTable('file_folders'); $q->addQuery('file_folder_id, file_folder_name, file_folder_parent'); $q->addOrder('file_folder_name'); $sql = $q->prepare(); // $sql = "SELECT file_folder_id, file_folder_name, file_folder_parent FROM file_folders"; $vfolders = arrayMerge(array('0' => array(0, $AppUI->_('Root'), -1)), db_loadHashList($sql, 'file_folder_id')); $folders = array_filter($vfolders, "check_perm"); return $folders; }
function _buildQuery() { $q = new DBQuery(); $q->addTable($this->table); $q->addTable('files'); $q->addQuery('*'); $q->addWhere("files.file_id = {$this->table}.file_id"); $sql = ''; foreach ($this->search_fields as $field) { $sql .= " {$field} LIKE '%{$this->keyword}%' or "; } $sql = substr($sql, 0, -4); $q->addWhere("({$sql})"); $q->addGroup('files.file_id'); return $q->prepare(true); }
function _buildQuery() { $q = new DBQuery(); $q->addTable($this->table); $q->addQuery('company_id'); $q->addQuery('company_name'); $sql = array(); foreach ($this->search_fields as $field) { $sql[] = "{$field} LIKE '%{$this->keyword}%'"; } if (count($sql)) { $q->addWhere(implode(' OR ', $sql)); } $result = $q->prepare(); $q->clear(); return $result; }
function getDepartmentArrayList($company_id, $checked_array = array(), $dept_parent = 0, $spaces = 0) { global $AppUI; $q = new DBQuery(); $deptsArray = array(); $coArray = array(); $distinctCompanyName = ""; $q->addTable('departments'); $q->addQuery('dept_id, dept_name, co.company_name'); $q->addJoin('companies', 'co', 'departments.dept_company = co.company_id'); $q->addWhere('dept_parent = ' . $dept_parent); $q->addOrder('co.company_name'); //$q->addWhere('dept_company = ' . $company_id); require_once $AppUI->getModuleClass('companies'); $obj = new CCompany(); $sql = $q->prepare(); $depts_list = db_loadHashList($sql, 'dept_id'); $q->clear(); foreach ($depts_list as $dept_id => $dept_info) { if (mb_strlen($dept_info['dept_name']) > 30) { $dept_info['dept_name'] = mb_substr($dept_info['dept_name'], 0, 28) . '...'; } $dept_name = str_repeat(' ', $spaces) . $dept_info['dept_name']; $deptsArray[$dept_id] = $dept_name; if ($distinctCompanyName != $dept_info['company_name']) { $coArray[$dept_id] = $dept_info['company_name']; $distinctCompanyName = $dept_info['company_name']; } $childDeptsNCo = getDepartmentArrayList($company_id, $checked_array, $dept_id, $spaces + 5); $childDepts = $childDeptsNCo[0]; if (!empty($childDepts)) { foreach ($childDepts as $childDeptId => $childDeptName) { $deptsArray[$childDeptId] = $childDeptName; } } } $deptsNCoArray = array(); array_push($deptsNCoArray, $deptsArray, $coArray); return $deptsNCoArray; }
/** * Overload of the dpObject::getDeniedRecords * to ensure that the projects owned by denied companies are denied. * * @author handco <*****@*****.**> * @see dpObject::getAllowedRecords */ function getDeniedRecords($uid) { $aBuf1 = parent::getDeniedRecords($uid); $oCpy = new CCompany(); // Retrieve which projects are allowed due to the company rules $aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name'); $q = new DBQuery(); $q->addTable('projects'); $q->addQuery('project_id'); if (count($aCpiesAllowed)) { $q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))'); } $sql = $q->prepare(); $q->clear(); $aBuf2 = db_loadColumn($sql); return array_merge($aBuf1, $aBuf2); }
} $q->clear(); // Tasks: $q->addUpdate('task_owner', $user_id); $q->addTable('tasks'); $q->addWhere('task_owner = ' . $from_user); $q->addWhere('task_project' . $project_where); if (!$q->exec()) { $AppUI->setMsg('failed to update task owner', UI_MSG_ERROR); return; } $q->clear(); $q->addQuery('task_id'); $q->addTable('tasks'); $q->addWhere('task_project' . $project_where); $task_sql = $q->prepare(); $q->clear(); $q->addUpdate('contact_id', $user_id); $q->addTable('task_contacts'); $q->addWhere('contact_id = ' . $from_user); $q->addWhere('task_id IN (' . $task_sql . ')'); if (!$q->exec()) { $AppUI->setMsg('failed to update task contacts', UI_MSG_ERROR); return; } $q->clear(); $q->addUpdate('user_id', $user_id); $q->addTable('user_tasks'); $q->addWhere('user_id = ' . $from_user); $q->addWhere('task_id IN (' . $task_sql . ')'); if (!$q->exec()) {
function getDepartmentDetails() { $result = array('dept_id' => 0, 'dept_name' => ''); if (!$this->contact_department) { return $result; } $sql = "select dept_id, dept_name from departments"; $q = new DBQuery(); $q->addTable('departments'); $q->addQuery('dept_id, dept_name'); if ($this->is_alpha($this->contact_department)) { $q->addWhere("dept_name = '" . $this->contact_department . "'"); } else { $q->addWhere("dept_id = '" . $this->contact_department . "'"); } $sql = $q->prepare(); $q->clear(); db_loadHash($sql, $result); return $result; }
$q->addQuery("COUNT(distinct tasks.task_id) AS total_tasks"); $q->addWhere('task_project = ' . $project_id); $hasTasks = $q->loadResult(); $q->clear(); // load the record data // GJB: Note that we have to special case duration type 24 and this refers to the hours in a day, NOT 24 hours if ($hasTasks) { $q->addTable('projects'); $q->addQuery("company_name, CONCAT_WS(', ',contact_last_name,contact_first_name) user_name, projects.*," . " SUM(t1.task_duration * t1.task_percent_complete" . " * IF(t1.task_duration_type = 24, {$working_hours}, t1.task_duration_type))" . " / SUM(t1.task_duration * IF(t1.task_duration_type = 24, {$working_hours}, t1.task_duration_type))" . " AS project_percent_complete"); $q->addJoin('companies', 'com', 'company_id = project_company'); $q->addJoin('users', 'u', 'user_id = project_owner'); $q->addJoin('contacts', 'con', 'contact_id = user_contact'); $q->addJoin('tasks', 't1', 'projects.project_id = t1.task_project'); $q->addWhere('project_id = ' . $project_id . ' AND t1.task_id = t1.task_parent'); $q->addGroup('project_id'); $sql = $q->prepare(); } else { $q->addTable('projects'); $q->addQuery("company_name, CONCAT_WS(' ',contact_first_name,contact_last_name) user_name, projects.*, " . "(0.0) AS project_percent_complete"); $q->addJoin('companies', 'com', 'company_id = project_company'); $q->addJoin('users', 'u', 'user_id = project_owner'); $q->addJoin('contacts', 'con', 'contact_id = user_contact'); $q->addWhere('project_id = ' . $project_id); $q->addGroup('project_id'); $sql = $q->prepare(); } $q->clear(); $obj = null; if (!db_loadObject($sql, $obj)) { $AppUI->setMsg('Project'); $AppUI->setMsg("invalidID", UI_MSG_ERROR, true);
$allowedProjects = $project->getAllowedSQL($AppUI->user_id); $working_hours = $dPconfig['daily_working_hours'] ? $dPconfig['daily_working_hours'] : 8; $q->addQuery('project_id, project_color_identifier, project_name'); $q->addQuery('SUM(task_duration * task_percent_complete * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) / SUM(task_duration * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) AS project_percent_complete'); $q->addQuery('company_name'); $q->addTable('projects', 'pr'); $q->leftJoin('tasks', 't1', 'pr.project_id = t1.task_project'); $q->leftJoin('companies', 'c', 'company_id = project_company'); $q->addWhere('t1.task_id = t1.task_parent'); $q->addWhere('project_id=' . $project_id); if (count($allowedProjects)) { $q->addWhere($allowedProjects); } $q->addGroup('project_id'); $q->addOrder('project_name'); $psql = $q->prepare(); $q->addQuery('project_id, COUNT(t1.task_id) as total_tasks'); $psql2 = $q->prepare(); $q->clear(); $perms =& $AppUI->acl(); $projects = array(); if ($canViewTasks) { $prc = db_exec($psql); echo db_error(); while ($row = db_fetch_assoc($prc)) { $projects[$row['project_id']] = $row; } $prc2 = db_exec($psql2); echo db_error(); while ($row2 = db_fetch_assoc($prc2)) { $projects[$row2["project_id"]] = !$projects[$row2["project_id"]] ? array() : $projects[$row2["project_id"]];
/** * Login function * * A number of things are done in this method to prevent illegal entry: * <ul> * <li>The username and password are trimmed and escaped to prevent malicious * SQL being executed * </ul> * The schema previously used the MySQL PASSWORD function for encryption. This * Method has been deprecated in favour of PHP's MD5() function for database independance. * The check_legacy_password option is no longer valid * * Upon a successful username and password match, several fields from the user * table are loaded in this object for convenient reference. The style, locales * and preferences are also loaded at this time. * * @param string The user login name * @param string The user password * @return boolean True if successful, false if not */ public function login($username, $password) { require_once W2P_BASE_DIR . '/classes/authenticator.class.php'; $auth_method = w2PgetConfig('auth_method', 'sql'); if ($_POST['login'] != 'login' && $_POST['login'] != $this->_('login', UI_OUTPUT_RAW) && $_REQUEST['login'] != $auth_method) { die('You have chosen to log in using an unsupported or disabled login method'); } $auth =& getauth($auth_method); $username = trim(db_escape($username)); $password = trim($password); if (!$auth->authenticate($username, $password)) { return false; } $user_id = $auth->userId($username); $username = $auth->username; // Some authentication schemes may collect username in various ways. // Now that the password has been checked, see if they are allowed to // access the system if (!isset($GLOBALS['acl'])) { $GLOBALS['acl'] = new w2Pacl(); } if (!$GLOBALS['acl']->checkLogin($user_id)) { dprint(__FILE__, __LINE__, 1, 'Permission check failed'); return false; } $q = new DBQuery(); $q->addTable('users'); $q->addQuery('user_id, contact_first_name as user_first_name, contact_last_name as user_last_name, contact_company as user_company, contact_department as user_department, contact_email as user_email, user_type'); $q->addJoin('contacts', 'con', 'contact_id = user_contact', 'inner'); $q->addWhere('user_id = ' . (int) $user_id . ' AND user_username = \'' . $username . '\''); $sql = $q->prepare(); $q->loadObject($this); $q->clear(); dprint(__FILE__, __LINE__, 7, 'Login SQL: ' . $sql); if (!$this) { dprint(__FILE__, __LINE__, 1, 'Failed to load user information'); return false; } // load the user preferences $this->loadPrefs($this->user_id); $this->setUserLocale(); $this->checkStyle(); // Let's see if this user has admin privileges if (!getDenyRead('admin')) { $this->user_is_admin = 1; } return true; }
public function notifyContacts($notifyContacts) { global $AppUI, $w2Pconfig, $locale_char_set; if ($notifyContacts == '1') { //if no project specified than we will not do anything if ($this->file_project != 0) { $this->_project = new CProject(); $this->_project->load($this->file_project); $mail = new Mail(); if ($this->file_task == 0) { //notify all developers $mail->Subject($AppUI->_('Project') . ': ' . $this->_project->project_name . '::' . $this->file_name, $locale_char_set); } else { //notify all assigned users $this->_task = new CTask(); $this->_task->load($this->file_task); $mail->Subject($AppUI->_('Project') . ': ' . $this->_project->project_name . '::' . $this->_task->task_name . '::' . $this->file_name, $locale_char_set); } $body = $AppUI->_('Project') . ': ' . $this->_project->project_name; $body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/index.php?m=projects&a=view&project_id=' . $this->_project->project_id; if (intval($this->_task->task_id) != 0) { $body .= "\n\n" . $AppUI->_('Task') . ': ' . $this->_task->task_name; $body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/index.php?m=tasks&a=view&task_id=' . $this->_task->task_id; $body .= "\n" . $AppUI->_('Description') . ":\n" . $this->_task->task_description; $q = new DBQuery(); $q->addTable('project_contacts', 'pc'); $q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name'); $q->addJoin('contacts', 'c', 'c.contact_id = pc.contact_id'); $q->addWhere('pc.project_id = ' . (int) $this->_project->project_id); $sql = '(' . $q->prepare() . ')'; $q->clear(); $sql .= ' UNION '; $q->addTable('task_contacts', 'tc'); $q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name'); $q->addJoin('contacts', 'c', 'c.contact_id = tc.contact_id'); $q->addWhere('tc.task_id = ' . (int) $this->_task->task_id); $sql .= '(' . $q->prepare() . ')'; $q->clear(); $this->_users = $q->loadList(); } else { $q = new DBQuery(); $q->addTable('project_contacts', 'pc'); $q->addQuery('pc.project_id, pc.contact_id'); $q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name'); $q->addJoin('contacts', 'c', 'c.contact_id = pc.contact_id'); $q->addWhere('pc.project_id = ' . (int) $this->file_project); $this->_users = $q->loadList(); $q->clear(); } $body .= "\n\nFile " . $this->file_name . ' was ' . $this->_message . ' by ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name; if ($this->_message != 'deleted') { $body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/fileviewer.php?file_id=' . $this->file_id; $body .= "\n" . $AppUI->_('Description') . ":\n" . $this->file_description; } //send mail $mail->Body($body, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : ''); foreach ($this->_users as $row) { if ($mail->ValidEmail($row['contact_email'])) { $mail->To($row['contact_email'], true); $mail->Send(); } } return ''; } } }
function _buildQuery() { $q = new DBQuery(); if ($this->table_alias) { $q->addTable($this->table, $this->table_alias); } else { $q->addTable($this->table); } $q->addQuery($this->table_key); if (isset($this->table_key2)) { $q->addQuery($this->table_key2); } //--MSy-- foreach ($this->table_joins as $join) { $q->addJoin($join['table'], $join['alias'], $join['join']); } foreach ($this->display_fields as $fld) { $q->addQuery($fld); } $q->addOrder($this->table_orderby); if ($this->table_extra) { $q->addWhere($this->table_extra); } $sql = ''; foreach (array_keys($this->keywords) as $keyword) { $sql .= '('; foreach ($this->search_fields as $field) { //OR treatment to each keyword // Search for semi-colons, commas or spaces and allow any to be separators $or_keywords = preg_split('/[\\s,;]+/', $keyword); foreach ($or_keywords as $or_keyword) { if ($this->search_options['ignore_specchar'] == "on") { $tmppattern = recode2regexp_utf8($or_keyword); if ($this->search_options['ignore_case'] == "on") { $sql .= " {$field} REGEXP '{$tmppattern}' or "; } else { $sql .= " {$field} REGEXP BINARY '{$tmppattern}' or "; } } else { if ($this->search_options['ignore_case'] == "on") { $sql .= " {$field} LIKE '%{$or_keyword}%' or "; } else { $sql .= " {$field} LIKE BINARY '%{$or_keyword}%' or "; } } } } // foreach $field $sql = substr($sql, 0, -4); if ($this->search_options['all_words'] == "on") { $sql .= ') and '; } else { $sql .= ') or '; } } // foreach $keyword //--MSy-- $sql = substr($sql, 0, -4); if ($sql) { $q->addWhere($sql); return $q->prepare(true); } else { return '/* */'; } }
$actions['m'] = $AppUI->_('Move', UI_OUTPUT_JS); $actions['d'] = $AppUI->_('Delete', UI_OUTPUT_JS); $actions['f'] = $AppUI->_('Mark as Finished', UI_OUTPUT_JS); foreach ($priorities as $k => $v) { $actions[$k] = $AppUI->_('set priority to ' . $v, UI_OUTPUT_JS); } } $deny = $proj->getDeniedRecords($AppUI->user_id); $q = new DBQuery(); $q->addTable('projects', 'p'); $q->addQuery('p.project_id, p.project_name'); if ($deny) { $q->addWhere('p.project_id NOT IN (' . implode(',', $deny) . ')'); } $q->addOrder('p.project_name'); $projects = db_loadHashList($q->prepare(true), 'project_id'); $p[0] = $AppUI->_('[none]'); foreach ($projects as $proj) { $p[$proj[0]] = $proj[1]; } if ($project_id) { $p[$project_id] = $AppUI->_('[same project]'); } natsort($p); $projects = $p; $ts[0] = $AppUI->_('[top task]'); foreach ($tasks as $t) { $ts[$t['task_id']] = $t['task_name']; } ?>
?> <form name="form_buttons" method="post" action="index.php?<?php echo "m={$m}&a={$a}&date={$date}"; ?> "> <input type="hidden" name="show_form" value="1" /> <table width="100%" border="0" cellpadding="1" cellspacing="0"> <tr> <td width="50%"> <?php if ($other_users) { $q->addTable('users', 'u'); $q->innerJoin('contacts', 'c', 'c.contact_id = u.user_contact'); $q->addQuery('u.user_id, u.user_username, c.contact_first_name, c.contact_last_name'); $q->addOrder('contact_last_name'); $usersql = $q->prepare(); $q->clear(); echo $AppUI->_('Show Todo for:'); ?> <select name="show_user_todo" onchange="javascript:document.form_buttons.submit();"> <?php if ($rows = db_loadList($usersql, NULL)) { foreach ($rows as $row) { $selected = $user_id == $row['user_id'] ? ' selected="selected"' : ''; echo '<option value="' . $row['user_id'] . '"' . $selected . '>' . $row['contact_last_name'] . ', ' . $row['contact_first_name'] . '</option>' . "\n"; } } } ?> </select> </td>
function format_field($value, $type, $ticket = NULL) { global $CONFIG; global $AppUI; global $canEdit; switch ($type) { case "user": if ($value) { $output = query2result("SELECT CONCAT_WS(' ',contact_first_name,contact_last_name) as name FROM users u LEFT JOIN contacts ON u.user_contact = contact_id WHERE user_id = '{$value}'"); } else { $output = "-"; } break; case "status": if ($canEdit) { $output = create_selectbox("type_toggle", array("Open" => $AppUI->_("Open"), "Processing" => $AppUI->_("Processing"), "Closed" => $AppUI->_("Closed"), "Deleted" => $AppUI->_("Deleted")), $value); } else { $output = chooseSelectedValue("type_toggle", array("Open" => $AppUI->_("Open"), "Processing" => $AppUI->_("Processing"), "Closed" => $AppUI->_("Closed"), "Deleted" => $AppUI->_("Deleted")), $value); } break; case "priority_view": $priority = $CONFIG["priority_names"][$value]; $color = $CONFIG["priority_colors"][$value]; if ($value == 3) { $priority = "<strong>{$priority}</strong>"; } if ($value == 4) { $priority = "<blink><strong>{$priority}</strong></blink>"; } $output = "<font color=\"{$color}\">{$priority}</font>"; break; case "priority_select": if ($canEdit) { $output = create_selectbox("priority_toggle", $CONFIG["priority_names"], $value); } else { $output = chooseSelectedValue("priority_toggle", $CONFIG["priority_names"], $value); } break; case "assignment": $options[0] = "-"; $query = "SELECT user_id as id, CONCAT_WS(' ',contact_first_name,contact_last_name) as name FROM users u LEFT JOIN contacts ON u.user_contact = contact_id ORDER BY name"; $result = do_query($query); while ($row = result2hash($result)) { $options[$row["id"]] = $row["name"]; } if ($canEdit) { $output = create_selectbox("assignment_toggle", $options, $value); } else { $output = chooseSelectedValue("assignment_toggle", $options, $value); } break; case "view": if ($CONFIG["index_link"] == "latest") { $latest_value = query2result("SELECT ticket FROM tickets WHERE parent = '{$value}' ORDER BY ticket DESC LIMIT 1"); if ($latest_value) { $value = $latest_value; } } $output = "<a href=index.php?m=ticketsmith&a=view&ticket={$value}>{$value} "; $output .= "<img src=images/icons/pencil.gif border=0></a>"; break; case "attach": $output = "<A href=index.php?m=ticketsmith&a=attach&ticket={$value}>"; $output .= "Link</a>"; break; case "doattach": $output = "<A href=index.php?m=ticketsmith&a=attach&newparent={$value}&dosql=reattachticket&ticket={$ticket}>"; $output .= "Link</a>"; break; case "open_date": $output = get_time_ago($value); if ($CONFIG["warning_active"]) { if (time() - $value > $CONFIG["warning_age"] * 3600) { $output = "<font color=\"" . $CONFIG["warning_color"] . "\"><xb>" . $output . "</strong></font>"; } } break; case "activity_date": if (!$value) { $output = "<em>" . $AppUI->_('none') . "</em>"; } else { $output = get_time_ago($value); } $latest_followup_type = query2result("SELECT type FROM tickets WHERE parent = '{$ticket}' ORDER BY timestamp DESC LIMIT 1"); if ($latest_followup_type) { $latest_followup_type = preg_replace("/(\\w+)\\s.*/", "\\1", $latest_followup_type); $output .= " [{$latest_followup_type}]"; } break; case "elapsed_date": $output = date($CONFIG["date_format"], $value); $time_ago = get_time_ago($value); $output .= " <em>({$time_ago})</em>"; break; case "body": if ($CONFIG["wordwrap"]) { $value = word_wrap($value, 78); } $value = htmlspecialchars($value); $output = "<table width=\"100%\" border=\"1\" cellspacing=\"0\" cellpadding=\"10\">\n"; $output .= "<tr><td bgcolor=\"" . $CONFIG["ticket_color"] . "\">\n<tt><pre>\n"; $url_find = "/(http|https|ftp|news|telnet|finger)(:\\/\\/[^ \">\\t\\r\\n]*)/"; $url_replace = "<a href=\"\\1\\2\" target=\"new\">"; $url_replace .= "<span style=\"font-size: 10pt;\">\\1\\2</span></a>"; $value = preg_replace($url_find, $url_replace, $value); $output .= stripslashes($value); $output .= "\n</pre></tt>\n</td></tr>\n</table>\n"; break; case "followup": $output = "\n<tt>\n"; $output .= "<textarea style='font-family: monospace;' name=\"followup\" wrap=\"hard\" cols=\"72\" rows=\"20\">\n"; $signature = query2result("SELECT user_signature FROM users WHERE user_id = '{$AppUI->user_id}'"); if ($signature) { $output .= "\n"; $output .= "-- \n"; $output .= $signature; } $output .= "\n\n"; $output .= "---- " . $AppUI->_('Original message') . " ----\n\n"; if ($CONFIG["wordwrap"]) { $value = word_wrap($value, 70, true); } $value = htmlspecialchars($value); $output .= $value; $output .= "\n</textarea>\n"; $output .= "</tt>\n"; break; case "subject": $value = preg_replace("/\\s*Re:\\s*/i", "", $value); $value = preg_replace("/(\\[\\#\\d+\\])(\\w+)/", "\\2", $value); $value = "Re: " . $value; $value = htmlspecialchars($value); @($output .= "<input type=\"text\" name=\"subject\" value=\"{$value}\" size=\"70\">\n"); break; case "cc": $value = htmlspecialchars($value); $output = "<input type=\"text\" name=\"cc\" value=\"{$value}\" size=\"70\">"; break; case "recipient": $value = htmlspecialchars($value); $output = "<input type=\"text\" name=\"recipient\" value=\"{$value}\" size=\"70\">"; break; case "original_author": if ($value) { $value = preg_replace('/\\"/', '', $value); $output = htmlspecialchars($value); } else { $output = "<em>(" . $AppUI->_('original ticket author') . ")</em>"; } break; case "email": if ($value) { $value = preg_replace('/\\"/', '', $value); $output = htmlspecialchars($value); } else { $output = "<em>" . $AppUI->_('none') . "</em>"; } break; case 'ticket_company': $q = new DBQuery(); $q->addTable('companies'); $q->addQuery('companies.*'); $q->addWhere('companies.company_id = ' . $value); $sql = $q->prepare(); if (!db_loadObject($sql, $obj)) { // it all dies! } $output = '<a href="index.php?m=companies&a=view&company_id=' . $value . '">' . $obj->company_name . '</a>'; break; case 'ticket_project': $q = new DBQuery(); $q->addTable('projects'); $q->addQuery('projects.*'); $q->addWhere('projects.project_id = ' . $value); $sql = $q->prepare(); if (!db_loadObject($sql, $obj)) { // it all dies! } $output = '<a href="index.php?m=projects&a=view&project_id=' . $value . '">' . $obj->project_name . '</a>'; break; default: $output = $value ? htmlspecialchars($value) : "<em>" . $AppUI->_('none') . "</em>"; } return $output; }
function displayFiles($folder_id) { global $AppUI, $m, $a, $tab, $page; global $current_uri; global $canAccess, $canRead, $canEdit, $canAuthor, $canDelete; global $canAccess_folders, $canRead_folders, $canEdit_folders; global $canAuthor_folders, $canDelete_folders; global $company_id, $project_id, $task_id; global $allowedCompanies, $allowedProjects, $allowedTasks, $allowedFolders; global $showProject, $cfObj, $dPconfig; $df = $AppUI->getPref('SHDATEFORMAT'); $tf = $AppUI->getPref('TIMEFORMAT'); $file_types = dPgetSysVal('FileType'); $xpg_pagesize = 30; //TODO?: Set by System Config Value ... $xpg_totalrecs = countFiles($folder_id); //get file count for folder $xpg_total_pages = $xpg_totalrecs > $xpg_pagesize ? ceil($xpg_totalrecs / $xpg_pagesize) : 1; $xpg_min = $xpg_pagesize * ($page - 1); // This is where we start our record set from $q = new DBQuery(); // most recent version info per file_project and file_version_id $q->createTemp('files_count_max' . $folder_id); $q->addTable('files', 'f'); $q->addQuery('DISTINCT count(f.file_id) as file_versions' . ', max(f.file_version) as file_lastversion' . ', file_version_id, f.file_project'); $q->addJoin('projects', 'p', 'p.project_id = f.file_project'); $q->addJoin('tasks', 't', 't.task_id = f.file_task'); $q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder'); $q->addWhere('f.file_folder = ' . $folder_id); if (count($allowedProjects)) { $q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)'); } if (count($allowedTasks)) { $q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)'); } if (count($allowedFolders)) { $q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)'); } if ($company_id) { $q->innerJoin('companies', 'co', 'co.company_id = p.project_company'); $q->addWhere('co.company_id = ' . $company_id); if (count($allowedCompanies)) { $q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')'); } } $q->addGroup('f.file_version_id'); $q->addGroup('f.file_project'); $file_version_max_counts = $q->exec(); $q->clear(); // most recent version $q->addTable('files', 'f'); $q->addQuery('f.*, fmc.file_versions, round(fmc.file_lastversion, 2) as file_lastversion' . ', u.user_username as file_owner, ff.file_folder_name' . ', ff.file_folder_id, ff.file_folder_name, p.project_name' . ', p.project_color_identifier, p.project_owner, c.contact_first_name' . ', c.contact_last_name, t.task_name, u.user_username as file_owner' . ', cc.contact_first_name as checkout_first_name' . ', cc.contact_last_name as checkout_last_name'); $q->addJoin('files_count_max' . $folder_id, 'fmc', '(fmc.file_lastversion=f.file_version AND fmc.file_version_id=f.file_version_id' . ' AND fmc.file_project=f.file_project)', 'inner'); $q->addJoin('projects', 'p', 'p.project_id = f.file_project'); $q->addJoin('users', 'u', 'u.user_id = f.file_owner'); $q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact'); $q->addJoin('tasks', 't', 't.task_id = f.file_task'); $q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder'); $q->leftJoin('users', 'cu', 'cu.user_id = f.file_checkout'); $q->leftJoin('contacts', 'cc', 'cc.contact_id = cu.user_contact'); $q->addWhere('f.file_folder = ' . $folder_id); if (count($allowedProjects)) { $q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)'); } if (count($allowedTasks)) { $q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)'); } if (count($allowedFolders)) { $q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)'); } if ($project_id) { $q->addWhere('f.file_project = ' . $project_id); } if ($task_id) { $q->addWhere('f.file_task = ' . $task_id); } if ($company_id) { $q->innerJoin('companies', 'co', 'co.company_id = p.project_company'); $q->addWhere('co.company_id = ' . $company_id); if (count($allowedCompanies)) { $q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')'); } } $q->addOrder('p.project_name'); $q->setLimit($xpg_pagesize, $xpg_min); $files_sql = $q->prepare(); $q->clear(); // all versions $q->addTable('files', 'f'); $q->addQuery('f.*, ff.file_folder_id, ff.file_folder_name, p.project_name' . ', p.project_color_identifier, p.project_owner, c.contact_first_name' . ', c.contact_last_name, t.task_name, u.user_username as file_owner'); $q->addJoin('projects', 'p', 'p.project_id = f.file_project'); $q->addJoin('users', 'u', 'u.user_id = f.file_owner'); $q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact'); $q->addJoin('tasks', 't', 't.task_id = f.file_task'); $q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder'); $q->addWhere('f.file_folder = ' . $folder_id); if (count($allowedProjects)) { $q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)'); } if (count($allowedTasks)) { $q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)'); } if (count($allowedFolders)) { $q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)'); } if ($project_id) { $q->addWhere('f.file_project = ' . $project_id); } if ($task_id) { $q->addWhere('f.file_task = ' . $task_id); } if ($company_id) { $q->innerJoin('companies', 'co', 'co.company_id = p.project_company'); $q->addWhere('co.company_id = ' . $company_id); if (count($allowedCompanies)) { $q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')'); } } $file_versions_sql = $q->prepare(); $q->clear(); //file arrays $files = array(); $file_versions = array(); if ($canRead) { $files = db_loadList($files_sql); $file_versions = db_loadHashList($file_versions_sql, 'file_id'); } $q->dropTemp('files_count_max' . $folder_id); $q->exec(); if ($files == array()) { return; } ?> <table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl"> <tr> <th nowrap="nowrap"><?php echo $AppUI->_('File Name'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Description'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Versions'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Category'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Task Name'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Owner'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Size'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Date'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('co Reason'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('co'); ?> </th> <th nowrap width="1"></th> <th nowrap width="1"></th> </tr> <?php $fp = -1; $file_date = new CDate(); $id = 0; foreach ($files as $row) { $file_date = new CDate($row['file_date']); $canEdit_file = getPermission('files', 'edit', $row['file_id']); //single file if ($fp != $row['file_project']) { if (!$row['file_project']) { $row['project_name'] = $AppUI->_('Not associated to projects'); $row['project_color_identifier'] = 'f4efe3'; } if ($showProject) { $style = 'background-color:#' . $row['project_color_identifier'] . ';color:' . bestColor($row['project_color_identifier']); ?> <tr> <td colspan="20" style="border: outset 2px #eeeeee;<?php echo $style; ?> "> <a href="?m=projects&a=view&project_id=<?php echo $row['file_project']; ?> "> <span style="<?php echo $style; ?> "><?php echo $row['project_name']; ?> </span></a> </td> </tr> <?php } } $fp = $row['file_project']; ?> <form name="frm_remove_file_<?php echo $row['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="del" value="1" /> <input type="hidden" name="file_id" value="<?php echo $row['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <form name="frm_duplicate_file_<?php echo $row['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="duplicate" value="1" /> <input type="hidden" name="file_id" value="<?php echo $row['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <tr> <td nowrap="8%"> <?php $file_icon = getIcon($row['file_type']); ?> <a href="./fileviewer.php?file_id=<?php echo $row['file_id']; ?> " title="<?php echo $row['file_description']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/' . $file_icon, '16', '16'); ?> <?php echo $row['file_name']; ?> </a> </td> <td width="20%"><?php echo $row['file_description']; ?> </td> <td width="5%" nowrap="nowrap" align="center"> <?php $hidden_table = ''; echo $row['file_lastversion']; if ($row['file_versions'] > 1) { ?> <a href="#" onClick="expand('versions_<?php echo $row['file_id']; ?> ');"> (<?php echo $row['file_versions']; ?> ) </a> <?php } ?> </td> <td width="10%" nowrap="nowrap" align="center"> <?php echo $file_types[$row['file_category']]; ?> </td> <td width="5%" align="center"> <a href="./index.php?m=tasks&a=view&task_id=<?php echo $row['file_task']; ?> "> <?php echo $row['task_name']; ?> </a> </td> <td width="15%" nowrap="nowrap"> <?php echo $row["contact_first_name"] . ' ' . $row["contact_last_name"]; ?> </td> <td width="5%" nowrap="nowrap" align="right"> <?php echo file_size(intval($row['file_size'])); ?> </td> <td width="15%" nowrap="nowrap" align="right"> <?php echo $file_date->format($df . ' ' . $tf); ?> </td> <td width="10%"><?php echo $row['file_co_reason']; ?> </td> <td nowrap="nowrap" align="center"> <?php if ($canEdit && empty($row['file_checkout'])) { ?> <a href="?m=files&a=co&file_id=<?php echo $row['file_id']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/up.png', '16', '16', 'checkout', 'checkout file'); ?> </a> <?php } else { if ($row['file_checkout'] == $AppUI->user_id) { ?> <a href="?m=files&a=addedit&ci=1&file_id=<?php echo $row['file_id']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/down.png', '16', '16', 'checkin', 'checkin file'); ?> </a> <?php } else { if ($file['file_checkout'] == 'final') { echo ' ' . $AppUI->_('final'); } else { echo ' ' . $row['checkout_first_name'] . ' ' . $row['checkout_last_name'] . '<br />(' . $row['co_user'] . ')'; } } } ?> </td> <td nowrap="nowrap" align="right" width="48"> <?php if (empty($row['file_checkout']) || $row['file_checkout'] == 'final') { // Edit File if ($canEdit || $row['project_owner'] == $AppUI->user_id) { ?> <a href="./index.php?m=files&a=addedit&file_id=<?php echo $row['file_id']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file'); ?> </a> <?php } // Duplicate File if ($canAuthor || $row['project_owner'] == $AppUI->user_id) { ?> <a href="#" onclick="document.frm_duplicate_file_<?php echo $row['file_id']; ?> .submit()"> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file'); ?> </a> <?php } // Delete File if ($canDelete || $row['project_owner'] == $AppUI->user_id) { ?> <a href="#" onclick="if (confirm('Are you sure you want to delete this file?')) {document.frm_remove_file_<?php echo $row['file_id']; ?> .submit()}"> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/remove.png', '16', '16', 'delete file', 'delete file'); ?> </a> <?php } } ?> </td> <td nowrap="nowrap" align="center" width="1"> <?php if ((empty($row['file_checkout']) || $row['file_checkout'] == 'final') && ($canEdit || $row['project_owner'] == $AppUI->user_id)) { $bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $row['file_id'] . ') : removeBulkComponent(' . $row['file_id'] . ')"'; ?> <input type="checkbox" <?php echo $bulk_op; ?> name="chk_sub_sel_file_<?php echo $file_row['file_id']; ?> " /> <?php } ?> </td> </tr> <?php if ($row['file_versions'] > 1) { ?> <tr><td colspan="20"> <table style="display: none" id="versions_<?php echo $row['file_id']; ?> " width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl"> <tr> <th nowrap="nowrap"><?php echo $AppUI->_('File Name'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Description'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Versions'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Category'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Task Name'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Owner'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Size'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Type'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Date'); ?> </th> <th nowrap="nowrap"width="1"> </th> <th nowrap="nowrap"width="1"> </th> </tr> <?php foreach ($file_versions as $file) { if ($file['file_version_id'] == $row['file_version_id']) { $file_icon = getIcon($file['file_type']); $file_version_date = new Date($file['file_date']); ?> <form name="frm_delete_sub_file_<?php echo $file['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="del" value="1" /> <input type="hidden" name="file_id" value="<?php echo $file['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <form name="frm_duplicate_sub_file_<?php echo $file['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="duplicate" value="1" /> <input type="hidden" name="file_id" value="<?php echo $file['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <tr> <td nowrap="8%"> <a href="./fileviewer.php?file_id=<?php echo $file['file_id']; ?> " title="<?php echo $file['file_description']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/' . $file_icon, '16', '16'); ?> <?php echo $file['file_name']; ?> </a> </td> <td width="20%"><?php echo $file['file_description']; ?> </td> <td width="5%" nowrap="nowrap" align="center"><?php echo $file['file_version']; ?> </td> <td width="10%" nowrap="nowrap" align="center"> <?php echo $file_types[$file['file_category']]; ?> </td> <td width="5%" align="center"> <a href="./index.php?m=tasks&a=view&task_id=<?php echo $file['file_task']; ?> "> <?php echo $file['task_name']; ?> </a> </td> <td width="15%" nowrap="nowrap"> <?php echo $file["contact_first_name"] . ' ' . $file["contact_last_name"]; ?> </td> <td width="5%" nowrap="nowrap" align="right"> <?php echo file_size(intval($file['file_size'])); ?> </td> <td nowrap="nowrap"> <?php echo $row['file_type']; ?> </td> <td width="15%" nowrap="nowrap" align="right"> <?php echo $file_version_date->format($df . ' ' . $tf); ?> </td> <td nowrap="nowrap" align="right" width="48"> <?php if (empty($file['file_checkout']) || $file['file_checkout'] == 'final') { // Edit File if ($canEdit || $row['project_owner'] == $AppUI->user_id) { ?> <a href="./index.php?m=files&a=addedit&file_id=<?php echo $row['file_id']; ?> "> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file'); ?> </a> <?php } // Duplicate File if ($canAuthor) { ?> <a href="#" onclick="document.frm_duplicate_file_<?php echo $row['file_id']; ?> .submit()"> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file'); ?> </a> <?php } // Delete File if ($canDelete) { ?> <a href="#" onclick="if (confirm('<?php echo $AppUI->_('Are you sure you want to delete this file?'); ?> ')) {document.frm_remove_file_<?php echo $row['file_id']; ?> .submit()}"> <?php echo dPshowImage(DP_BASE_URL . '/modules/files/images/remove.png', '16', '16', 'delete file', $AppUI->_('delete file')); ?> </a> <?php } } ?> </td> <td nowrap="nowrap" align="center" width="1"> <?php if ((empty($row['file_checkout']) || $row['file_checkout'] == 'final') && ($canEdit || $row['project_owner'] == $AppUI->user_id)) { $bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $row['file_id'] . ') : removeBulkComponent(' . $row['file_id'] . ')"'; ?> <input type="checkbox" <?php echo $bulk_op; ?> name="chk_sub_sel_file_<?php echo $file_row['file_id']; ?> " /> <?php } ?> </td> </tr> <?php } } ?> </table> </td></tr> <?php } } ?> </table> <?php shownavbar($xpg_totalrecs, $xpg_pagesize, $xpg_total_pages, $page, $folder_id); echo "<br />"; }
/** * This function recursively updates all tasks project * to the one passed as parameter */ function updateSubTasksProject($new_project, $task_id = null) { $q = new DBQuery(); if (is_null($task_id)) { $task_id = $this->task_id; } $q->addTable('tasks'); $q->addQuery('task_id'); $q->addWhere("task_parent = '" . $task_id . "'"); $sql = $q->prepare(); $q->clear(); $tasks_id = db_loadColumn($sql); if (count($tasks_id) == 0) { return true; } // update project of children $q->addTable('tasks'); $q->addUpdate('task_project', $new_project); $q->addWhere("task_parent = '" . $task_id . "'"); $q->exec(); $q->clear(); foreach ($tasks_id as $id) { if ($id != $task_id) { $this->updateSubTasksProject($new_project, $id); } } }
$q->addQuery('ROUND(SUM(task_duration),2)'); $q->addWhere('task_project = ' . (int) $project_id . ' AND task_duration_type = 24 AND task_dynamic <> 1'); $days = $q->loadResult(); $q->clear(); $q->addTable('tasks'); $q->addQuery('ROUND(SUM(task_duration),2)'); $q->addWhere('task_project = ' . (int) $project_id . ' AND task_duration_type = 1 AND task_dynamic <> 1'); $hours = $q->loadResult(); $q->clear(); $total_hours = $days * $w2Pconfig['daily_working_hours'] + $hours; $total_project_hours = 0; $q->addTable('tasks', 't'); $q->addQuery('ROUND(SUM(t.task_duration*u.perc_assignment/100),2)'); $q->addJoin('user_tasks', 'u', 't.task_id = u.task_id'); $q->addWhere('t.task_project = ' . (int) $project_id . ' AND t.task_duration_type = 24 AND t.task_dynamic <> 1'); $total_project_days_sql = $q->prepare(); $q2 = new DBQuery(); $q2->addTable('tasks', 't'); $q2->addQuery('ROUND(SUM(t.task_duration*u.perc_assignment/100),2)'); $q2->addJoin('user_tasks', 'u', 't.task_id = u.task_id'); $q2->addWhere('t.task_project = ' . (int) $project_id . ' AND t.task_duration_type = 1 AND t.task_dynamic <> 1'); $total_project_hours = $q->loadResult() * $w2Pconfig['daily_working_hours'] + $q2->loadResult(); $q->clear(); $q2->clear(); //due to the round above, we don't want to print decimals unless they really exist //$total_project_hours = rtrim($total_project_hours, "0"); } else { //no tasks in project so "fake" project data $worked_hours = $total_hours = $total_project_hours = 0.0; } ?>
} $AppUI->savePlace(); $canEdit = getPermission($m, 'edit'); $canRead = getPermission($m, 'view'); if (!$canRead) { $AppUI->redirect('m=public&a=access_denied'); } $hidden_modules = array('public', 'install'); $q = new DBQuery(); $q->addQuery('*'); $q->addTable('modules'); foreach ($hidden_modules as $no_show) { $q->addWhere('mod_directory != \'' . $no_show . '\''); } $q->addOrder('mod_ui_order'); $modules = db_loadList($q->prepare()); // get the modules actually installed on the file system $modFiles = $AppUI->readDirs('modules'); $titleBlock = new CTitleBlock('Modules', 'power-management.png', $m, $m . "." . $a); $titleBlock->addCrumb('?m=system', 'System Admin'); $titleBlock->show(); ?> <table border="0" cellpadding="2" cellspacing="1" width="98%" class="tbl"> <tr> <th colspan="2"><?php echo $AppUI->_('Module'); ?> </th> <th><?php echo $AppUI->_('Status');
function delete() { $q = new DBQuery(); $q->setDelete('forum_visits'); $q->addWhere('visit_message = ' . $this->message_id); $q->exec(); // No error if this fails, it is not important. $q->clear(); $q->addTable('forum_messages'); $q->addQuery('message_forum'); $q->addWhere('message_id = ' . $this->message_id); $forumId = db_loadResult($q->prepare()); $q->clear(); $q->setDelete('forum_messages'); $q->addWhere('message_id = ' . $this->message_id); if (!$q->exec()) { $result = db_error(); } else { $result = NULL; } $q->clear(); $q->addTable('forum_messages'); $q->addQuery('COUNT(*)'); $q->addWhere('message_forum = ' . $forumId); $messageCount = db_loadResult($q->prepare()); $q->clear(); $q->addTable('forums'); $q->addUpdate('forum_message_count', $messageCount); $q->addWhere('forum_id = ' . $forumId); $q->exec(); $q->clear(); return $result; }
function displayFiles($folder) { global $m, $a, $tab, $AppUI, $xpg_min, $xpg_pagesize; global $deny1, $deny2, $project_id, $task_id, $showProject, $file_types, $cfObj; global $xpg_totalrecs, $xpg_total_pages, $page; global $company_id, $allowed_companies, $current_uri, $dPconfig; $canEdit = !getDenyEdit($m, $folder); $canRead = !getDenyRead($m, $folder); $df = $AppUI->getPref('SHDATEFORMAT'); $tf = $AppUI->getPref('TIMEFORMAT'); // SETUP FOR FILE LIST $q = new DBQuery(); $q->addTable('files'); $q->addQuery('files.*,count(file_version) as file_versions,round(max(file_version), 2) as file_lastversion,file_folder_id, file_folder_name,project_name, project_color_identifier,contact_first_name, contact_last_name,task_name,task_id'); $q->addJoin('projects', 'p', 'p.project_id = file_project'); $q->addJoin('users', 'u', 'u.user_id = file_owner'); $q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact'); $q->addJoin('tasks', 't', 't.task_id = file_task'); $q->addJoin('file_folders', 'ff', 'ff.file_folder_id = file_folder'); $q->addWhere('file_folder = ' . $folder); if (count($deny1) > 0) { $q->addWhere('file_project NOT IN (' . implode(',', $deny1) . ')'); } if (count($deny2) > 0) { $q->addWhere('file_task NOT IN (' . implode(',', $deny2) . ')'); } if ($project_id) { $q->addWhere('file_project = ' . $project_id); } if ($task_id) { $q->addWhere('file_task = ' . $task_id); } if ($company_id) { $q->innerJoin('companies', 'co', 'co.company_id = p.project_company'); $q->addWhere('company_id = ' . $company_id); $q->addWhere('company_id IN (' . $allowed_companies . ')'); } $q->addGroup('file_folder'); $q->addGroup('project_name'); $q->addGroup('file_name'); $q->addOrder('file_folder'); $q->addOrder('project_name'); $q->addOrder('file_name'); $q->setLimit($xpg_pagesize, $xpg_min); $files_sql = $q->prepare(); $q->clear(); $q = new DBQuery(); $q->addTable('files'); $q->addQuery('files.file_id, file_version, file_project, file_name, file_task, file_description, user_username as file_owner, file_size, file_category, file_type, file_date, file_folder_name'); $q->addJoin('projects', 'p', 'p.project_id = file_project'); $q->addJoin('users', 'u', 'u.user_id = file_owner'); $q->addJoin('tasks', 't', 't.task_id = file_task'); $q->addJoin('file_folders', 'ff', 'ff.file_folder_id = file_folder'); $q->addWhere('file_folder = ' . $folder); if ($project_id) { $q->addWhere('file_project = ' . $project_id); } if ($task_id) { $q->addWhere('file_task = ' . $task_id); } if ($company_id) { $q->innerJoin('companies', 'co', 'co.company_id = p.project_company'); $q->addWhere('company_id = ' . $company_id); $q->addWhere('company_id IN (' . $allowed_companies . ')'); } $file_versions_sql = $q->prepare(); $q->clear(); $files = array(); $file_versions = array(); if ($canRead) { $files = db_loadList($files_sql); $file_versions = db_loadList($file_versions_sql); } if ($files === array()) { return 0; } ?> <table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl"> <tr> <th nowrap="nowrap"><?php echo $AppUI->_('File Name'); ?> </th> <th><?php echo $AppUI->_('Description'); ?> </th> <th><?php echo $AppUI->_('Versions'); ?> </th> <th><?php echo $AppUI->_('Category'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('Task Name'); ?> </th> <th><?php echo $AppUI->_('Owner'); ?> </th> <th><?php echo $AppUI->_('Size'); ?> </th> <th><?php echo $AppUI->_('Type'); ?> </a></th> <th><?php echo $AppUI->_('Date'); ?> </th> <th nowrap="nowrap"><?php echo $AppUI->_('co Reason'); ?> </th> <th><?php echo $AppUI->_('co'); ?> </th> <th nowrap width="1"></th> <th nowrap width="1"></th> </tr> <?php $fp = -1; $file_date = new CDate(); $id = 0; foreach ($files as $row) { $file_date = new CDate($row['file_date']); if ($fp != $row["file_project"]) { if (!$row["project_name"]) { $row["project_name"] = $AppUI->_('All Projects'); $row["project_color_identifier"] = 'f4efe3'; } if ($showProject) { $s = '<tr>'; $s .= '<td colspan="20" style="background-color:#' . $row["project_color_identifier"] . '">'; $s .= '<font color="' . bestColor($row["project_color_identifier"]) . '">'; if ($row['file_project'] > 0) { $href = './index.php?m=projects&a=view&project_id=' . $row['file_project']; } else { $href = './index.php?m=projects'; } $s .= '<a href="' . $href . '">' . $row["project_name"] . '</a>'; $s .= '</font></td></tr>'; echo $s; } } $fp = $row["file_project"]; if ($row['file_versions'] > 1) { $file = last_file($file_versions, $row['file_name'], $row['file_project']); } else { $file = $row; } ?> <form name="frm_remove_file_<?php echo $file['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="del" value="1" /> <input type="hidden" name="file_id" value="<?php echo $file['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <form name="frm_duplicate_file_<?php echo $file['file_id']; ?> " action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="duplicate" value="1" /> <input type="hidden" name="file_id" value="<?php echo $file['file_id']; ?> " /> <input type="hidden" name="redirect" value="<?php echo $current_uri; ?> " /> </form> <tr> <td nowrap="8%"> <?php $file_icon = getIcon($row['file_type']); echo "<a href=\"./fileviewer.php?file_id={$file['file_id']}\" title=\"{$file['file_description']}\"><img border=\"0\" width=\"16\" heigth=\"16\" src=\"" . DP_BASE_URL . "/modules/files/images/{$file_icon}\" /> {$row['file_name']}</a>"; ?> </td> <td width="20%"><?php echo $file['file_description']; ?> </td> <td width="5%" nowrap="nowrap" align="center"> <?php $hidden_table = ''; echo $row['file_lastversion']; if ($row['file_versions'] > 1) { echo ' <a href="#" onClick="expand(\'versions_' . $file['file_id'] . '\'); ">(' . $row['file_versions'] . ')</a>'; $hidden_table = '<tr><td colspan="20"> <table style="display: none" id="versions_' . $file['file_id'] . '" width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl"> <tr> <th nowrap="nowrap">' . $AppUI->_('File Name') . '</th> <th>' . $AppUI->_('Description') . '</th> <th>' . $AppUI->_('Versions') . '</th> <th>' . $AppUI->_('Category') . '</th> <th nowrap="nowrap">' . $AppUI->_('Task Name') . '</th> <th>' . $AppUI->_('Owner') . '</th> <th>' . $AppUI->_('Size') . '</th> <th>' . $AppUI->_('Type') . '</a></th> <th>' . $AppUI->_('Date') . '</th> <th nowrap="nowrap">' . $AppUI->_('co Reason') . '</th> <th>' . $AppUI->_('co') . '</th> <th nowrap width="1"></th> <th nowrap width="1"></th> </tr> '; foreach ($file_versions as $file_row) { if ($file_row['file_name'] == $row['file_name'] && $file_row['file_project'] == $row['file_project']) { $file_icon = getIcon($file_row['file_type']); $file_date = new CDate($file_row['file_date']); $hidden_table .= ' <form name="frm_delete_sub_file_' . $file_row['file_id'] . '" action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="del" value="1" /> <input type="hidden" name="file_id" value="' . $file_row['file_id'] . '" /> <input type="hidden" name="redirect" value="' . $current_uri . '" /> </form>'; $hidden_table .= ' <form name="frm_duplicate_sub_file_' . $file_row['file_id'] . '" action="?m=files" method="post"> <input type="hidden" name="dosql" value="do_file_aed" /> <input type="hidden" name="duplicate" value="1" /> <input type="hidden" name="file_id" value="' . $file_row['file_id'] . '" /> <input type="hidden" name="redirect" value="' . $current_uri . '" /> </form>'; $hidden_table .= ' <tr> <td nowrap="8%"><a href="./fileviewer.php?file_id=' . $file_row['file_id'] . '" title="' . $file_row['file_description'] . '">' . "<img border=\"0\" width=\"16\" heigth=\"16\" src=\"" . DP_BASE_URL . "/modules/files/images/{$file_icon}\" /> " . $file_row['file_name'] . ' </a></td> <td width="20%">' . $file_row['file_description'] . '</td> <td width="5%" nowrap="nowrap" align="center">' . $file_row['file_version'] . '</td> <td width="10%" nowrap="nowrap" align="center"><a href="./index.php?m=' . $m . '&a=' . $a . '&tab=' . ($file_row['file_category'] + 1) . '">' . $file_types[$file_row['file_category'] + 1] . '</a></td> <td width="5%" align="center"><a href="./index.php?m=tasks&a=view&task_id=' . $file_row["file_task"] . '">' . $row["task_name"] . '</a></td> <td width="15%" nowrap="nowrap">' . $row["contact_first_name"] . ' ' . $row["contact_last_name"] . '</td> <td width="5%" nowrap="nowrap" align="right">' . intval($file_row['file_size'] / 1024) . 'kb </td> <td width="15%" nowrap="nowrap">' . $file_row['file_type'] . '</td> <td width="15%" nowrap="nowrap" align="right">' . $file_date->format("{$df} {$tf}") . '</td> <td width="10%">' . $row['file_co_reason'] . '</td> <td nowrap="nowrap" align="center">'; if ($canEdit && empty($file_row['file_checkout'])) { $hidden_table .= '<a href="?m=files&a=co&file_id=' . $file_row['file_id'] . '">' . dPshowImage('./modules/files/images/up.png', '16', '16', 'checkout', 'checkout file') . '</a>'; } else { if ($row['file_checkout'] == $AppUI->user_id) { $hidden_table .= '<a href="?m=files&a=addedit&ci=1&file_id=' . $file_row['file_id'] . '">' . dPshowImage('./modules/files/images/down.png', '16', '16', 'checkin', 'checkin file') . '</a>'; } else { if ($file_row['file_checkout'] == 'final') { $hidden_table .= 'final'; } else { $q4 = new DBQuery(); $q4->addQuery("file_id, file_checkout, user_username as co_user, contact_first_name, contact_last_name"); $q4->addTable('files'); $q4->leftJoin('users', 'cu', 'cu.user_id = file_checkout'); $q4->leftJoin('contacts', 'co', 'co.contact_id = cu.user_contact'); $q4->addWhere('file_id = ' . $file_row['file_id']); $co_user = array(); $co_user = $q4->loadList(); $co_user = $co_user[0]; $q4->clear(); $hidden_table .= $co_user['contact_first_name'] . ' ' . $co_user['contact_last_name'] . '<br>(' . $co_user['co_user'] . ')'; } } } $hidden_table .= '</td>'; $hidden_table .= '<td nowrap="nowrap" align="right" width="48">'; if ($canEdit && (empty($file_row['file_checkout']) || $file_row['file_checkout'] == 'final' && ($canEdit || $row['project_owner'] == $AppUI->user_id))) { $hidden_table .= '<a href="./index.php?m=files&a=addedit&file_id=' . $file_row["file_id"] . '">' . dPshowImage('./modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file') . "</a>" . '<a href="#" onclick="document.frm_duplicate_sub_file_' . $file_row['file_id'] . '.submit()">' . dPshowImage('./modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file') . "</a>" . '<a href="#" onclick="if (confirm(\'Are you sure you want to delete this file?\')) {document.frm_delete_sub_file_' . $file_row['file_id'] . '.submit()}">' . dPshowImage('./modules/files/images/remove.png', '16', '16', 'delete file', 'delete file') . "</a>"; } $hidden_table .= '</td>'; $hidden_table .= '<td nowrap="nowrap" align="right" width="1">'; if ($canEdit && (empty($row['file_checkout']) || $row['file_checkout'] == 'final' && ($canEdit || $row['project_owner'] == $AppUI->user_id))) { $bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $file_row['file_id'] . ') : removeBulkComponent(' . $file_row['file_id'] . ')"'; $hidden_table .= '<input type="checkbox" ' . $bulk_op . ' name="chk_sub_sel_file_' . $file_row['file_id'] . '" />'; } $hidden_table .= '</td>'; $hidden_table .= '</tr>'; } } $hidden_table .= '</table>'; //$hidden_table .= '</span>'; } ?> </td> <td width="10%" nowrap="nowrap" align="center"><a href="./index.php?m=<?php echo $m; ?> &a=<?php echo $a; ?> &view=categories&tab=<?php echo $file['file_category']; ?> "><?php echo $file_types[$file["file_category"]]; ?> </a></td> <td width="5%" align="center"><a href="./index.php?m=tasks&a=view&task_id=<?php echo $file["task_id"]; ?> "><?php echo $file["task_name"]; ?> </a></td> <td width="15%" nowrap="nowrap"><?php echo $file["contact_first_name"] . ' ' . $file["contact_last_name"]; ?> </td> <td width="5%" nowrap="nowrap" align="right"><?php echo intval($file["file_size"] / 1024); ?> kb</td> <td width="15%" nowrap="nowrap"><?php echo $file["file_type"]; ?> </td> <td width="15%" nowrap="nowrap" align="right"><?php echo $file_date->format("{$df} {$tf}"); ?> </td> <td width="10%"><?php echo $file['file_co_reason']; ?> </td> <td nowrap="nowrap" align="center"> <?php if ($canEdit && empty($row['file_checkout'])) { ?> <a href="?m=files&a=co&file_id=<?php echo $file['file_id']; ?> "><?php echo dPshowImage('./modules/files/images/up.png', '16', '16', 'checkout', 'checkout file'); ?> </a> <?php } else { if ($row['file_checkout'] == $AppUI->user_id) { ?> <a href="?m=files&a=addedit&ci=1&file_id=<?php echo $file['file_id']; ?> "><?php echo dPshowImage('./modules/files/images/down.png', '16', '16', 'checkin', 'checkin file'); ?> </a> <?php } else { if ($file['file_checkout'] == 'final') { echo 'final'; } else { $q4 = new DBQuery(); $q4->addQuery("file_id, file_checkout, user_username as co_user, contact_first_name, contact_last_name"); $q4->addTable('files'); $q4->leftJoin('users', 'cu', 'cu.user_id = file_checkout'); $q4->leftJoin('contacts', 'co', 'co.contact_id = cu.user_contact'); $q4->addWhere('file_id = ' . $file['file_id']); $co_user = array(); $co_user = $q4->loadList(); $co_user = $co_user[0]; $q4->clear(); echo $co_user['contact_first_name'] . ' ' . $co_user['contact_last_name'] . '<br>(' . $co_user['co_user'] . ')'; } } } ?> </td> <td nowrap="nowrap" align="center" width="48"> <?php if ($canEdit && (empty($file['file_checkout']) || $file['file_checkout'] == 'final' && ($canEdit || $file['project_owner'] == $AppUI->user_id))) { echo '<a href="./index.php?m=files&a=addedit&file_id=' . $file["file_id"] . '">'; echo dPshowImage('./modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file'); echo "</a>"; echo '<a href="#" onclick="document.frm_duplicate_file_' . $file['file_id'] . '.submit()">' . dPshowImage('./modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file') . '</a>'; echo '<a href="#" onclick="if (confirm(\'Are you sure you want to delete this file?\')) {document.frm_remove_file_' . $file['file_id'] . '.submit()}">' . dPshowImage('./modules/files/images/remove.png', '16', '16', 'delete file', 'delete file') . '</a>'; } ?> <td nowrap="nowrap" align="center" width="1"> <?php if ($canEdit && (empty($file['file_checkout']) || $file['file_checkout'] == 'final' && ($canEdit || $file['project_owner'] == $AppUI->user_id))) { $bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $file['file_id'] . ') : removeBulkComponent(' . $file['file_id'] . ')"'; echo '<input type="checkbox" ' . $bulk_op . ' name="chk_sel_file_' . $file['file_id'] . '" />'; } ?> </td> </tr> <?php echo $hidden_table; ?> <?php $hidden_table = ''; } ?> </table> <?php if ($xpg_totalrecs > $xpg_pagesize) { showfnavbar($xpg_totalrecs, $xpg_pagesize, $xpg_total_pages, $page, $folder); } echo "<br />"; }
function isActiveModule($module) { $q = new DBQuery(); $q->addTable('modules'); $q->addQuery('mod_active'); $q->addWhere("mod_directory = '{$module}'"); $sql = $q->prepare(); $q->clear(); return db_loadResult($sql); }
function notify($assignees, $update = false, $clash = false) { global $AppUI, $locale_char_set, $dPconfig; $mail_owner = $AppUI->getPref('MAILALL'); $assignee_list = explode(",", $assignees); $owner_is_assigned = in_array($this->event_owner, $assignee_list); if ($mail_owner && !$owner_is_assigned && $this->event_owner) { array_push($assignee_list, $this->event_owner); } // Remove any empty elements otherwise implode has a problem foreach ($assignee_list as $key => $x) { if (!$x) { unset($assignee_list[$key]); } } if (!count($assignee_list)) { return; } $q = new DBQuery(); $q->addTable('users', 'u'); $q->addTable('contacts', 'con'); $q->addQuery('user_id, contact_first_name,contact_last_name, contact_email'); $q->addWhere('u.user_contact = con.contact_id'); $q->addWhere("user_id in (" . implode(',', $assignee_list) . ")"); $users = $q->loadHashList('user_id'); $date_format = $AppUI->getPref('SHDATEFORMAT'); $time_format = $AppUI->getPref('TIMEFORMAT'); $fmt = $date_format . ' ' . $time_format; $start_date =& new CDate($this->event_start_date); $end_date =& new CDate($this->event_end_date); $mail =& new Mail(); $type = $update ? $AppUI->_('Updated') : $AppUI->_('New'); $subject_title = $clash ? $AppUI->_('Requested Event') : $type . " " . $AppUI->_('Event'); $mail->Subject($subject_title . ": " . $this->event_title, $locale_char_set); $mail->From('"' . $AppUI->user_first_name . " " . $AppUI->user_last_name . '" <' . $AppUI->user_email . '>'); $body = ''; if ($clash) { $body .= 'You have been invited to an event by ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . "\n"; $body .= 'However, either you or another intended invitee has a competing event' . "\n"; $body .= $AppUI->user_first_name . ' ' . $AppUI->user_last_name . ' has requested that you reply to this message' . "\n"; $body .= 'and confirm if you can or can not make the requested time.' . "\n\n"; } $body .= $AppUI->_('Event') . ":\t" . $this->event_title . "\n"; if (!$clash) { $body .= $AppUI->_('URL') . ":\t" . $dPconfig['base_url'] . "/index.php?m=calendar&a=view&event_id=" . $this->event_id . "\n"; } $body .= $AppUI->_('Starts') . ":\t" . $start_date->format($fmt) . "\n"; $body .= $AppUI->_('Ends') . ":\t" . $end_date->format($fmt) . "\n"; // Find the project name. if ($this->event_project) { $prj = array(); $q = new DBQuery(); $q->addTable('projects', 'p'); $q->addQuery('project_name'); $q->addWhere('p.project_id =' . $this->event_project); $sql = $q->prepare(); $q->clear(); if (db_loadHash($sql, $prj)) { $body .= $AppUI->_('Project') . ":\t" . $prj['project_name'] . "\n"; } } $types = dPgetSysVal('EventType'); $body .= $AppUI->_('Type') . ":\t" . $AppUI->_($types[$this->event_type]) . "\n"; $body .= $AppUI->_('Attendees') . ":\t"; $body_attend = ''; foreach ($users as $user) { $body_attend .= ($body_attend ? ', ' : '') . $user['contact_first_name'] . ' ' . $user['contact_last_name']; } $body .= $body_attend . "\n\n" . $this->event_description . "\n"; $mail->Body($body, $locale_char_set); foreach ($users as $user) { if (!$mail_owner && $user['user_id'] == $this->event_owner) { continue; } $mail->To($user['contact_email'], true); $mail->Send(); } }
echo "m={$m}&a={$a}&date={$date}"; ?> "> <input type="hidden" name="show_form" value="1" /> <table width="100%" border="0" cellpadding="1" cellspacing="0"> <tr> <td width="50%"> <?php if ($other_users) { echo $AppUI->_("Show Todo for:") . '<select name="show_user_todo" onchange="document.form_buttons.submit()">'; $q->addTable('users', 'u'); $q->innerJoin('contacts', 'c', 'c.contact_id = u.user_contact'); $q->addQuery('u.user_id, u.user_username, c.contact_first_name, c.contact_last_name'); $q->addOrder('c.contact_last_name'); $usersql = $q->prepare(true); if ($rows = db_loadList($usersql)) { foreach ($rows as $row) { echo '<option value="' . $row['user_id'] . '"' . ($user_id == $row["user_id"] ? ' selected="selected"' : '') . '>' . $row['contact_last_name'] . ', ' . $row["contact_first_name"]; } } } ?> </select> </td> <td align="right" width="50%"><?php echo $AppUI->_('Show'); ?> :</td> <td> <input type="checkbox" name="show_pinned" id="show_pinned" onclick="document.form_buttons.submit()"<?php
} if (!$canEdit) { $AppUI->redirect("m=public&a=access_denied"); } // load the company types $types = dPgetSysVal('CompanyType'); // load the record data $q = new DBQuery(); $q->addTable('companies'); $q->addQuery('companies.*'); $q->addQuery('con.contact_first_name'); $q->addQuery('con.contact_last_name'); $q->addJoin('users', 'u', 'u.user_id = companies.company_owner'); $q->addJoin('contacts', 'con', 'u.user_contact = con.contact_id'); $q->addWhere('companies.company_id = ' . $company_id); $sql = $q->prepare(); $q->clear(); $obj = null; if (!db_loadObject($sql, $obj) && $company_id > 0) { // $AppUI->setMsg( ' $qid =& $q->exec(); Company' ); // What is this for? $AppUI->setMsg("invalidID", UI_MSG_ERROR, true); $AppUI->redirect(); } // collect all the users for the company owner list $q = new DBQuery(); $q->addTable('users', 'u'); $q->addTable('contacts', 'con'); $q->addQuery('user_id'); $q->addQuery('CONCAT_WS(", ",contact_last_name,contact_first_name)'); $q->addOrder('contact_last_name'); $q->addWhere('u.user_contact = con.contact_id');
function getDepartmentSelectionList($company_id, $checked_array = array(), $dept_parent = 0, $spaces = 0) { global $departments_count; $q = new DBQuery(); $parsed = ''; if ($departments_count < 10) { $departments_count++; } $q->addTable('departments'); $q->addQuery('dept_id, dept_name'); $q->addWhere('dept_parent = ' . $dept_parent); $q->addWhere('dept_company = ' . $company_id); $sql = $q->prepare(); $depts_list = db_loadHashList($sql, 'dept_id'); $q->clear(); foreach ($depts_list as $dept_id => $dept_info) { if (mb_strlen($dept_info['dept_name']) > 30) { $dept_info['dept_name'] = mb_substr($dept_info['dept_name'], 0, 28) . '...'; } $selected = in_array($dept_id, $checked_array) ? ' selected="selected"' : ''; $parsed .= '<option value="' . $dept_id . '"' . $selected . '>' . str_repeat(' ', $spaces) . $dept_info['dept_name'] . '</option>'; $parsed .= getDepartmentSelectionList($company_id, $checked_array, $dept_id, $spaces + 5); } return $parsed; }