$data["AuthorID"] = $userid;
$data["DateNeedBy"] = $dtt;
$data["DateCreated"] = date('Y-m-d');
$data["Assigned"] = false;
$data["Approved"] = false;
$data["ApprovedByCap"] = false;
$data["Finished"] = false;
$data["Closed"] = false;
$data["Active"] = true;
$r = CreateNewWorkOrder($data);
if ($r[1] !== true) {
$error_msg = $r[1];
$doform = true;
goto GenerateHtml;
}
$wid = $r[0];
PopulateParamList($param_list, $data);
$success_msg = "New work order " . WIDStrHtml($wid, 0, false) . " created!";
$link_to_view = "wo_display.php?wid=" . $wid;
$doform = false;
}
GenerateHtml:
$picid = GetPicIDForUserID($userid);
if ($picid > 0) {
$picurl = PicUrl($picid, "thumb");
}
$stylesheet = array("../css/global.css", "../css/nav.css", "../css/wo_new.css");
include "forms/header.php";
include "forms/nav_form.php";
include "forms/wo_new_form.php";
include "forms/footer.php";
// Created: 12/30/14 DLB
// --------------------------------------------------------------------
require_once "libs/all.php";
session_start();
log_page();
CheckLogin();
CheckEditor();
$timer = new timer();
$loc = 'members_adduser.php';
$error_msg = "";
$success_msg = "";
$userid = 0;
$username = "";
$param_list = array(array("FieldName" => "UserName", "FieldType" => "Text"), array("FieldName" => "Password", "FieldType" => "Password"), array("FieldName" => "Password2", "FieldType" => "Password", "Caption" => "Password Again"), array("FieldName" => "LastName", "FieldType" => "Text", "Caption" => "Last Name"), array("FieldName" => "FirstName", "FieldType" => "Text", "Caption" => "First Name"), array("FieldName" => "NickName", "FieldType" => "Text", "Caption" => "Nick Name"), array("FieldName" => "Title", "FieldType" => "Text"), array("FieldName" => "BadgeID", "FieldType" => "Text", "Caption" => "Badge ID"), array("FieldName" => "Email", "FieldType" => "Text"));
if ($_SERVER["REQUEST_METHOD"] == "POST") {
PopulateParamList($param_list, $_POST);
// Check for illegal input...
if (!IsSqlTextOkay($_POST)) {
$error_msg = "Illegal characters in input... Do not use quotes and control chars.";
goto GenerateHtml;
}
// Check for required inputs:
$sEmpty = array();
if (empty($_POST["UserName"])) {
$sEmpty[] = "User Name";
}
if (empty($_POST["Password"])) {
$sEmpty[] = "Password";
}
if (empty($_POST["Password2"])) {
$sEmpty[] = "Password Again";
$wid = substr($wid, 1);
}
if (strlen($wid) <= 0) {
$error_msg = "Nothing Input. Try again.";
goto GenerateHtml;
}
if (!checkdigits($wid)) {
$error_msg = "The input seems to be in the wrong format. Use only numeric digits.";
$d["WID"] = $wid;
PopulateParamList($param_list, $d);
goto GenerateHtml;
}
if ($wid < 0 || $wid > 9999) {
$error_msg = "Input out of range. Allowable range is from 0 to 9999.";
$d["WID"] = $wid;
PopulateParamList($param_list, $d);
goto GenerateHtml;
}
$wo = GetWO(intval($wid), true);
if (!$wo) {
$widstr = sprintf("W%04d", intval($wid));
$error_msg = "Work Order " . $widstr . ' not found.';
goto GenerateHtml;
}
if ($wo["Active"] == 0) {
$widstr = sprintf("W%04d", intval($wid));
$error_msg = "Work Order " . $widstr . ' has been archived. It must be resurrected by a captain before it can be viewed.';
goto GenerateHtml;
}
$d = array();
$d["wid"] = intval($wid);
