// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
if (!$id) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$write_permission = check_crm_acl('lead', 'cw', $config['id_user'], $id);
$manage_permission = check_crm_acl('lead', 'cm', $config['id_user'], $id);
if (!$write_permission && !$manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward");
include "general/noaccess.php";
exit;
}
$lead = get_db_row('tlead', 'id', $id);
$user = get_db_row("tusuario", "id_usuario", $config["id_user"]);
$company_user = get_db_sql("select name FROM tcompany where id = " . $user["id_company"]);
$from = get_parameter("from", $user["direccion"]);
$to = get_parameter("to", "");
$subject = get_parameter("subject", "");
$mail = get_parameter("mail", "");
$send = (int) get_parameter("send", 0);
$cco = get_parameter("cco", "");
// Send mail
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
if (!isset($read_permission)) {
$read_permission = check_crm_acl ('lead', 'cr', $config['id_user'], $id);
if (!$read_permission) {
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead");
include ("general/noaccess.php");
exit;
}
}
// Delete file
$deletef = get_parameter ("deletef", "");
if ($deletef != ""){
$file = get_db_row ("tattachment", "id_attachment", $deletef);
if ( (dame_admin($config["id_user"])) || ($file["id_usuario"] == $config["id_user"]) ){
$sql = "DELETE FROM tattachment WHERE id_attachment = $deletef";
process_sql ($sql);
$id_company = (int) get_parameter('id_company');
$section_read_permission = check_crm_acl('company', 'cr');
$section_write_permission = check_crm_acl('company', 'cw');
$section_manage_permission = check_crm_acl('company', 'cm');
if (!$section_read_permission && !$section_write_permission && !$section_manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to contacts without permission");
include "general/noaccess.php";
exit;
}
if ($id || $id_company) {
if ($id) {
$id_company = get_db_value('id_company', 'tcompany_contact', 'id', $id);
}
$read_permission = check_crm_acl('other', 'cr', $config['id_user'], $id_company);
$write_permission = check_crm_acl('other', 'cw', $config['id_user'], $id_company);
$manage_permission = check_crm_acl('other', 'cm', $config['id_user'], $id_company);
if (!$read_permission && !$write_permission && !$manage_permission || $id_company === false) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access a contact without permission");
include "general/noaccess.php";
exit;
}
}
$op = get_parameter("op", "details");
if ($id == 0) {
echo "<h1>" . __('Contact management') . "</h1>";
}
if ($id != 0) {
echo '<ul style="height: 30px;" class="ui-tabs-nav">';
if ($op == "files") {
echo '<li class="ui-tabs-selected">';
} else {
$leads_data .= get_db_sql("SELECT SUM(estimated_sale) FROM tlead WHERE progress < 100 AND id_company = " . $company["id"]);
$data[4] = "<a title='{$leads_data}' href='index.php?sec=customers&sec2=operation/companies/company_detail&op=leads&id=" . $company["id"] . "'><img src='images/icon_lead.png'></a>";
} else {
$data[4] = "";
}
$data[5] = $company["manager"];
$data[6] = $company["country"];
// get last activity date for this company record
$last_activity = get_db_sql("SELECT MAX(date) FROM tcompany_activity WHERE id_company = " . $company["id"]);
$data[7] = human_time_comparation($last_activity);
if (!$company["billing"]) {
$company["billing"] = '0.00';
}
$data[8] = $company["billing"];
// . " " . $config["currency"];
$manage_permission = check_crm_acl('company', 'cm', $config['id_user'], $company['id']);
if ($manage_permission) {
$data[9] = "<a href='#' onClick='javascript: show_validation_delete(\"delete_company\"," . $company['id'] . ",0," . $offset . ",\"" . $search_params . "\");'><img src='images/cross.png'></a>";
} else {
$data[9] = '';
}
array_push($table->data, $data);
}
print_table($table);
}
}
echo "<div class= 'dialog ui-dialog-content' id='company_search_window'></div>";
echo "<div class= 'dialog ui-dialog-content' title='" . __("Delete") . "' id='item_delete_window'></div>";
?>
<script type="text/javascript" src="include/js/jquery.ui.autocomplete.js"></script>
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
include_once('include/functions_crm.php');
include_once('include/functions_incidents.php');
$id = (int) get_parameter ('id');
$contact = get_db_row ('tcompany_contact', 'id', $id);
$read = check_crm_acl ('other', 'cr', $config['id_user'], $contact['id_company']);
if (!$read) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to contact tickets without permission");
include ("general/noaccess.php");
exit;
}
$email = safe_output($contact["email"]);
$email = trim($email);
$email = safe_input($email);
$incidents = incidents_get_by_notified_email ($email);
if (!$incidents) {
echo ui_print_error_message (__("This contact doesn't have any ticket associated"), '', true, 'h3', true);
} else {
}
if ($export_csv_companies) {
$read = check_crm_acl('company', 'cr');
if (!$read) {
exit;
}
$where_clause = get_parameter('where_clause');
$date = get_parameter('date');
$filename = clean_output('company_export') . '-' . date("YmdHi");
$rows = crm_get_companies_list(clean_output($where_clause), $date);
if ($rows === false) {
return;
}
}
if ($export_csv_leads) {
$read = check_crm_acl('company', 'cr');
if (!$read) {
exit;
}
$where_clause = get_parameter('where_clause');
$filename = clean_output('lead_export') . '-' . date("YmdHi");
$rows = crm_get_all_leads(clean_output($where_clause));
if ($rows === false) {
return;
}
}
if ($export_csv_inventory) {
$filter = unserialize_in_temp($config["id_user"]);
$where_clause = $filter["query"];
$rows = get_db_all_rows_sql(clean_output($where_clause));
if ($rows === false) {
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
// Load global vars
global $config;
check_login();
include_once 'include/functions_crm.php';
$operation = get_parameter("operation");
$id = (int) get_parameter("id");
$id_company = get_db_sql("SELECT id_company FROM tcrm_template WHERE id = {$id}");
$manage_permission = check_crm_acl('company', 'cm', false, $id_company);
if (!$manage_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to template manager");
include "general/noaccess.php";
exit;
}
// ---------------
// CREATE template
// ---------------
if ($operation == "insert" or $operation == "update") {
$name = (string) get_parameter("name");
$subject = (string) get_parameter("subject");
$description = (string) get_parameter("description");
$id_language = (string) get_parameter("id_language");
$id_company = (int) get_parameter("id_company");
// Get company of current user if none provided.
if ($filter) {
$filter = safe_output($filter);
}
$where_clause = sprintf(' AND (tcompany.id = %d
OR tcompany.name LIKE "%%%s%%"
OR tcompany.country LIKE "%%%s%%"
OR tcompany.manager LIKE "%%%s%%") AND tcompany.manager = "%s"', $string, $string, $string, $string, $id_user);
$companies = crm_get_companies_list($where_clause . $filter, false, "ORDER BY name", true);
if (!$companies) {
return;
}
$result = array();
foreach ($companies as $id => $name) {
switch ($type) {
case 'invoice':
if (check_crm_acl('invoice', '', $id_user, $id)) {
array_push($result, array("label" => safe_output($name), "value" => $id));
}
break;
default:
array_push($result, array("label" => safe_output($name), "value" => $id));
break;
}
}
echo json_encode($result);
return;
}
if ($get_company_id) {
require_once 'include/functions_db.php';
require_once 'include/functions_crm.php';
$id_user = (string) get_parameter('id_user', $config['id_user']);
}
$message = get_parameter('message', '');
if ($message != '') {
echo ui_print_success_message (__($message), '', true, 'h3', true);
}
if ($id_invoice || $id) {
if ($id_invoice) {
$id_company = get_db_value('id_company', 'tinvoice', 'id', $id_invoice);
} elseif ($id) {
$id_company = get_db_value('id_company', 'tinvoice', 'id_company', $id);
}
$permission = check_crm_acl ('invoice', '', $config['id_user'], $id_company);
if (!$permission) {
include ("general/noaccess.php");
exit;
}
}
$get_company_name = (bool) get_parameter ('get_company_name');
$new_contract = (bool) get_parameter ('new_contract');
$delete_contract = (bool) get_parameter ('delete_contract');
$delete_invoice = get_parameter ('delete_invoice', "");
$lock_invoice = get_parameter ('lock_invoice', "");
// Delete INVOICE
// ----------------
if ($delete_invoice == 1 && $id_invoice){
$tax_amount = get_invoice_amount ($invoice["id"]) * (1 + $tax/100);
if ($tax != 0 && $tax_amount > 0)
$data[2] .= print_help_tip (__("With taxes"). ": ".format_numeric($tax_amount)." ".strtoupper($invoice["currency"]), true);
$data[3] = __($invoice["status"]);
$data[5] = "<span style='font-size: 10px'>".$invoice["invoice_create_date"] . "</span>";
array_push ($table->data, $data);
}
print_table ($table);
}
}
// Leads
if ( check_crm_acl('lead', 'cr') && $show_customers != MENU_HIDDEN ){
$where_clause = " WHERE fullname LIKE '%".$search_string."%'
OR email LIKE '%".$search_string."%'
OR company LIKE '%".$search_string."%'";
$leads = crm_get_all_leads ($where_clause);
if ($leads) {
echo "<h3>";
echo __("Leads");
echo "</h3>";
$table = new StdClass();
$table->width = '100%';
$table->class = 'listing';
// INTEGRIA - the ITIL Management System
// http://integria.sourceforge.net
// ==================================================
// Copyright (c) 2013 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
$read = check_crm_acl('lead', 'cr', $config['id_user'], $id);
if (!$read) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead activity");
include "general/noaccess.php";
exit;
}
// Activities
$op2 = get_parameter("op2", "");
if ($op2 == "add") {
$datetime = date("Y-m-d H:i:s");
$comments = get_parameter("comments", "");
$sql = sprintf('INSERT INTO tlead_activity (id_lead, written_by, creation, description) VALUES (%d, "%s", "%s", "%s")', $id, $config["id_user"], $datetime, $comments);
process_sql($sql, 'insert_id');
$sql = sprintf('INSERT INTO tlead_history (id_lead, id_user, timestamp, description) VALUES (%d, "%s", "%s", "%s")', $id, $config["id_user"], $datetime, "Added comments");
process_sql($sql, 'insert_id');
$sql = "UPDATE tlead SET modification = '{$datetime}' WHERE id = {$id}";
// Integria IMS - http://integriaims.com
// ==================================================
// Copyright (c) 2008-2011 Artica Soluciones Tecnologicas
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
$id_company = (int) get_parameter('id_company');
if ($id_company) {
// Check if current user have access to this company.
$read_permission = check_crm_acl('other', 'cr', $config['id_user'], $id_company);
if (!$read_permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to lead export");
require "general/noaccess.php";
exit;
}
}
$search_text = (string) get_parameter('search_text');
$last_date = (int) get_parameter('last_date');
$start_date = (string) get_parameter('start_date');
$end_date = (string) get_parameter('end_date');
$country = (string) get_parameter('country');
$id_category = (int) get_parameter('product');
$progress_major_than = (int) get_parameter('progress_major_than');
$progress_minor_than = (int) get_parameter('progress_minor_than');
$owner = (string) get_parameter("owner");
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
require_once('include/functions_crm.php');
$section_manage_permission = check_crm_acl ('company', 'cm');
if (!$section_manage_permission) {
include ("general/noaccess.php");
exit;
}
$id = (int) get_parameter ('id');
$new_role = (bool) get_parameter ('new_role');
$create_role = (bool) get_parameter ('create_role');
$update_role = (bool) get_parameter ('update_role');
$delete_role = (bool) get_parameter ('delete_role');
echo "<h2>".__('Customers')."</h2>";
echo "<h4>".__('Company role management');
echo integria_help ("company_detail", true);
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
include_once('include/functions_crm.php');
$read = true;
$read = check_crm_acl ('lead', 'cr');
if (!$read) {
include ("general/noaccess.php");
exit;
}
$id = (int) get_parameter ('id');
$filter = (bool) get_parameter ('filter');
$order_item = (string) get_parameter ('order_item', 'estimated_sale');
$show_closed = (int) get_parameter ('show_closed');
$search_text = (string) get_parameter ('search_text');
$id_company = (int) get_parameter ('id_company_search');
$last_date = (int) get_parameter ('last_date_search');
$start_date = (string) get_parameter ('start_date_search');
case "project":
$data = get_db_row ("tattachment", "id_attachment", $id_attachment);
$id_task = $data["id_task"];
$task_access = get_project_access ($config["id_user"], 0, $id_task, false, true);
if (! $task_access["read"]) {
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation","Trying to access to download project files without permission");
require ($general_error);
exit;
}
break;
case "contract":
$read_permission = check_crm_acl ('contract', 'cr');
if (!$read_permission) {
audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser");
require ($general_error);
exit;
}
$data = get_db_row ("tattachment", "id_attachment", $id_attachment);
$data["filename"] = safe_output($data["filename"]);
$fileLocation = $config["homedir"]."/attachment/".$data["id_attachment"]."_".$data["filename"];
$last_name = $data["filename"];
break;
default:
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
include_once('include/functions_crm.php');
include_once('include/functions_tags.php');
$section_read_permission = check_crm_acl ('lead', 'cr');
if (!$section_read_permission) {
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to the lead section");
include ("general/noaccess.php");
exit;
}
$id = (int) get_parameter ('id');
$tab = (string) get_parameter("tab");
$message = get_parameter('message', '');
if ($message != '') {
echo ui_print_error_message (__($message), '', true, 'h3', true);
}
$title = "";