// logout.php - Removes cookies // // SiT (Support Incident Tracker) - Support call tracking system // Copyright (C) 2000-2009 Salford Software Ltd. and Contributors // // This software may be used and distributed according to the terms // of the GNU General Public License, incorporated herein by reference. // // Author: Ivan Lucas <ivanlucas[at]users.sourceforge.net> require 'core.php'; require APPLICATION_LIBPATH . 'functions.inc.php'; session_name($CONFIG['session_name']); session_start(); if ($_SESSION['portalauth']) { journal(CFG_LOGGING_NORMAL, 'Logout', "Portal user " . contact_realname($_SESSION['contactid']) . " logged out", CFG_JOURNAL_LOGIN, $_SESSION['contactid']); } else { journal(CFG_LOGGING_NORMAL, 'Logout', "User {$_SESSION['userid']} logged out", CFG_JOURNAL_LOGIN, ''); } // End the session, remove the cookie and destroy all data registered with the session $_SESSION['auth'] = FALSE; $_SESSION['portalauth'] = FALSE; $_SESSION = array(); session_unset(); session_destroy(); if (isset($_COOKIE[session_name()])) { setcookie(session_name(), '', time() - 42000, '/'); } // redirect if (!empty($CONFIG['logout_url'])) { $url = $CONFIG['logout_url'];
echo "<table align='center' class='vertical'>"; if (empty($maintid)) { echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th>"; echo "<td>"; maintenance_drop_down("maintid", 0); echo "</td></tr>"; } else { echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th>"; echo "<td>{$maintid} - " . contract_product($maintid) . " for " . contract_site($maintid); echo "<input name=\"maintid\" type=\"hidden\" value=\"{$maintid}\" /></td></tr>"; } if (empty($contactid)) { echo "<tr><th>{$strSupport} {$strContact} " . icon('contact', 16) . "</th><td width='400'>"; echo contact_drop_down("contactid", 0) . "</td></tr>"; } else { echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th><td>{$contactid} - " . contact_realname($contactid); echo "<input name='contactid' type='hidden' value='{$contactid}' /></td></tr>"; } echo "</table>"; echo "<p align='center'><input name='submit' type='submit' value='{$strContinue}' /></p>"; echo "</form>"; include APPLICATION_INCPATH . 'htmlfooter.inc.php'; } elseif ($action == "delete") { // Delete the chosen support contact $errors = 0; // check for blank contact if ($contactid == 0) { $errors = 1; $errors_string .= user_alert("{$strYouMustSelectAsupportContact}", E_USER_ERROR); } // check for blank maintenance id
// This insert could possibly be merged with another of the 'updates' records, but for now we keep it seperate for clarity $sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) "; $sql .= "VALUES ('{$incidentid}', '0', 'reviewmet', '{$now}', '0', '1', 'hide', 'opened','')"; mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } trigger('TRIGGER_INCIDENT_CREATED', array('incidentid' => $incidentid, 'sendemail' => 1)); if ($CONFIG['auto_assign_incidents']) { $suggest_user = suggest_reassign_userid($incidentid); if ($suggest_user > 0) { reassign_incident($incidentid, $suggest_user); } } $_SESSION['formdata']['portaladdincident'] = NULL; $_SESSION['formerrors']['portaladdincident'] = NULL; html_redirect("index.php", TRUE, $strIncidentAdded); } else { $contact_id = intval($_SESSION['contactid']); $contact_name = contact_realname($_SESSION['contactid']); $contact_email = contact_email($_SESSION['contactid']); create_temp_incoming($update_id, $contact_name, $incidenttitle, $contact_email, $_SESSION['contactid']); $_SESSION['formdata']['portaladdincident'] = NULL; $_SESSION['formerrors']['portaladdincident'] = NULL; html_redirect("index.php", TRUE, $strRequestSent); } exit; } else { html_redirect("{$_SERVER['PHP_SELF']}?contractid={$contractid}", FALSE); } }
echo "</table>\n"; } $sql = "SELECT * FROM `{$dbIncidents}` WHERE product={$product->id} ORDER BY id DESC"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } if (mysql_num_rows($result) >= 1) { echo "<h3>{$strRelatedIncidents}</h3>"; echo "<table align='center'>"; echo "<tr><th>{$strIncident}</th><th>{$strContact}</th><th>{$strSite}</th><th>{$strTitle}</th></tr>"; $shade = 'shade1'; while ($incident = mysql_fetch_object($result)) { echo "<tr class='{$shade}'>"; echo "<td><a href=\"javascript:incident_details_window('{$incident->id}','incident{$incident->id}');\">" . sprintf($strIncidentNum, $incident->id) . "</a></td>"; echo "<td>" . contact_realname($incident->contact) . "</td><td>" . contact_site($incident->contact) . "</td>"; echo "<td>{$incident->title}</td>"; echo "</tr>\n"; if ($shade == 'shade1') { $shade = 'shade2'; } else { $shade = 'shade1'; } } echo "</table>\n"; } } } else { echo "<p class='error'>{$strNoMatchingProduct}</p>"; } echo "<p align='center'><a href='{$_SERVER['PHP_SELF']}#{$productid}'>{$strBackToList}</a></p>";
echo "<th>{$strOperation}</th>"; echo "</tr>\n"; $shade = 'shade1'; while ($resp = mysql_fetch_object($result)) { $respondentarr = explode('-', $resp->respondent); $responserefarr = explode('-', $resp->responseref); $hashtext = urlencode($resp->formid) . "&&" . urlencode($resp->contactid) . "&&" . urlencode($resp->incidentid); // $hashcode=urlencode(trim(base64_encode(gzcompress(str_rot13($hashtext))))); $hashcode4 = str_rot13($hashtext); $hashcode3 = gzcompress($hashcode4); $hashcode2 = base64_encode($hashcode3); $hashcode1 = trim($hashcode2); $hashcode = urlencode($hashcode1); echo "<tr class='{$shade}'>"; echo "<td>" . ldate($CONFIG['dateformat_datetime'], mysqlts2date($resp->created)) . "</td>"; echo "<td><a href='contact_details.php?id={$resp->contactid}' title='{$resp->email}'>" . contact_realname($resp->contactid) . "</a></td>"; echo "<td><a href=\"javascript:incident_details_window('{$resp->incidentid}','incident{$resp->incidentid}')\">"; echo "{$strIncident} [{$resp->incidentid}]</a> - "; echo incident_title($resp->incidentid) . "</td>"; $url = "feedback.php?ax={$hashcode}"; if ($resp->multi == 'yes') { $url .= "&rr=1"; } echo "<td>"; if ($resp->completed == 'no') { echo "<a href='{$url}' title='{$url}' target='_blank'>URL</a>"; } $eurl = urlencode($url); $eref = urlencode($resp->responseref); if ($resp->completed == 'no') { //if ($resp->remind<1) echo "<a href='formactions.php?action=remind&id={$resp->respid}&url={$eurl}&ref={$eref}' title='Send a reminder by email'>Remind</a>";
$shade = 'shade1'; } echo "<tr class='{$shade}'>"; echo "<td>" . $row->incidentid . "</td>"; // title echo "<td>"; echo "<a href=\"javascript:incident_details_window('" . $row->incidentid . "','incident" . $row->incidentid . "')\">"; if (trim($row->title) != '') { echo $row->title; } else { echo $strUntitled; } echo "</a>"; echo "</td>"; if ($mode == 'site') { $contactrealname = contact_realname($row->contact); echo "<td>{$contactrealname}</td>"; if ($mode == 'site') { if (!array_key_exists($contactrealname, $contactlist)) { $contactlist[$contactrealname] = 1; } else { $contactlist[$contactrealname]++; } } } echo "<td>" . product_name($row->product) . "</td>"; if ($row->status == 2) { echo "<td>Closed, " . closingstatus_name($row->closingstatus) . "</td>"; } else { echo "<td>" . incidentstatus_name($row->status) . "</td>"; }
} else { $sql = "SELECT s.name, p.name FROM `{$dbMaintenance}` m, `{$dbSites}` s, `{$dbProducts}` p WHERE m.site=s.id "; $sql .= "AND m.product=p.id AND m.id='{$maintid}'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } list($sitename, $product) = mysql_fetch_row($result); echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th><td>{$maintid} - {$sitename}, {$product}</td></tr>"; echo "<input name=\"maintid\" type=\"hidden\" value=\"{$maintid}\" />"; } if (empty($contactid)) { echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th>"; echo "<td>" . contact_drop_down("contactid", 0, TRUE) . "</td></tr>"; } else { echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th><td>{$contactid} - " . contact_realname($contactid) . ", " . site_name(contact_site($contactid)); echo "<input name=\"contactid\" type=\"hidden\" value=\"{$contactid}\" />"; echo "</td></tr>"; } echo "</table>"; echo "<p align='center'><input name='submit' type='submit' value='{$strContinue}' /></p>"; echo "</form>"; include APPLICATION_INCPATH . 'htmlfooter.inc.php'; } else { if ($action == "add") { // Add support contact $errors = 0; // check for blank contact if ($contactid == 0) { $errors = 1; $errors_string .= user_alert("You must select a contact", E_USER_ERROR);
/** * Return the html of contract detatils * @author Kieran Hogg * @param int $maintid - ID of the contract * @param string $mode. 'internal' or 'external' * @return array of supported contracts, NULL if none * @todo FIXME not quite generic enough for a function ? */ function contract_details($id, $mode = 'internal') { global $CONFIG, $iconset, $dbMaintenance, $dbSites, $dbResellers, $dbLicenceTypes, $now; $sql = "SELECT m.*, m.notes AS maintnotes, s.name AS sitename, "; $sql .= "r.name AS resellername, lt.name AS licensetypename "; $sql .= "FROM `{$dbMaintenance}` AS m, `{$dbSites}` AS s, "; $sql .= "`{$dbResellers}` AS r, `{$dbLicenceTypes}` AS lt "; $sql .= "WHERE s.id = m.site "; $sql .= "AND m.id='{$id}' "; $sql .= "AND m.reseller = r.id "; $sql .= "AND (m.licence_type IS NULL OR m.licence_type = lt.id) "; if ($mode == 'external') { $sql .= "AND m.site = '{$_SESSION['siteid']}'"; } $maintresult = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } $maint = mysql_fetch_object($maintresult); $html = "<table align='center' class='vertical'>"; $html .= "<tr><th>{$GLOBALS['strContract']} {$GLOBALS['strID']}:</th>"; $html .= "<td><h3>" . icon('contract', 32) . " "; $html .= "{$maint->id}</h3></td></tr>"; $html .= "<tr><th>{$GLOBALS['strStatus']}:</th><td>"; if ($maint->term == 'yes') { $html .= "<strong>{$GLOBALS['strTerminated']}</strong>"; } else { $html .= $GLOBALS['strActive']; } if ($maint->expirydate < $now and $maint->expirydate != '-1') { $html .= "<span class='expired'>, {$GLOBALS['strExpired']}</span>"; } $html .= "</td></tr>\n"; $html .= "<tr><th>{$GLOBALS['strSite']}:</th>"; if ($mode == 'internal') { $html .= "<td><a href=\"site_details.php?id=" . $maint->site . "\">" . $maint->sitename . "</a></td></tr>"; } else { $html .= "<td><a href=\"sitedetails.php\">" . $maint->sitename . "</a></td></tr>"; } $html .= "<tr><th>{$GLOBALS['strAdminContact']}:</th>"; if ($mode == 'internal') { $html .= "<td><a href=\"contact_details.php?id="; $html .= "{$maint->admincontact}\">"; $html .= contact_realname($maint->admincontact) . "</a></td></tr>"; } else { $html .= "<td><a href='contactdetails.php?id={$maint->admincontact}'>"; $html .= contact_realname($maint->admincontact) . "</a></td></tr>"; } $html .= "<tr><th>{$GLOBALS['strReseller']}:</th><td>"; if (empty($maint->resellername)) { $html .= $GLOBALS['strNoReseller']; } else { $html .= $maint->resellername; } $html .= "</td></tr>"; $html .= "<tr><th>{$GLOBALS['strProduct']}:</th><td>" . product_name($maint->product) . "</td></tr>"; $html .= "<tr><th>{$GLOBALS['strIncidents']}:</th>"; $html .= "<td>"; $incidents_remaining = $maint->incident_quantity - $maint->incidents_used; if ($maint->incident_quantity == 0) { $quantity = $GLOBALS['strUnlimited']; } else { $quantity = $maint->incident_quantity; } $html .= sprintf($GLOBALS['strUsedNofN'], $maint->incidents_used, $quantity); if ($maint->incidents_used >= $maint->incident_quantity and $maint->incident_quantity != 0) { $html .= " ({$GLOBALS['strZeroRemaining']})"; } $html .= "</td></tr>"; if ($maint->licence_quantity != '0') { $html .= "<tr><th>{$GLOBALS['strLicense']}:</th>"; $html .= "<td>{$maint->licence_quantity} {$maint->licensetypename}</td></tr>\n"; } $html .= "<tr><th>{$GLOBALS['strServiceLevel']}:</th><td>" . servicelevel_name($maint->servicelevelid) . "</td></tr>"; $html .= "<tr><th>{$GLOBALS['strExpiryDate']}:</th><td>"; if ($maint->expirydate == '-1') { $html .= "{$GLOBALS['strUnlimited']}"; } else { $html .= ldate($CONFIG['dateformat_date'], $maint->expirydate); } $html .= "</td></tr>"; if ($mode == 'internal') { $timed = db_read_column('timed', $GLOBALS['dbServiceLevels'], $maint->servicelevelid); if ($timed == 'yes') { $timed = TRUE; } else { $timed = FALSE; } $html .= "<tr><th>{$GLOBALS['strService']}</th><td>"; $html .= contract_service_table($id, $timed); $html .= "</td></tr>\n"; if ($timed) { $html .= "<tr><th>{$GLOBALS['strBalance']}</th><td>{$CONFIG['currency_symbol']}" . number_format(get_contract_balance($id, TRUE, TRUE), 2); $multiplier = get_billable_multiplier(strtolower(date('D', $now)), date('G', $now)); $html .= " (≅" . contract_unit_balance($id, TRUE, TRUE) . " units)"; $html .= "</td></tr>"; } } if ($maint->maintnotes != '' and $mode == 'internal') { $html .= "<tr><th>{$GLOBALS['strNotes']}:</th><td>{$maint->maintnotes}</td></tr>"; } $html .= "</table>"; if ($mode == 'internal') { $html .= "<p align='center'>"; $html .= "<a href=\"contract_edit.php?action=edit&maintid={$id}\">{$GLOBALS['strEditContract']}</a> | "; $html .= "<a href='contract_add_service.php?contractid={$id}'>{$GLOBALS['strAddService']}</a></p>"; } $html .= "<h3>{$GLOBALS['strContacts']}</h3>"; if (mysql_num_rows($maintresult) > 0) { if ($maint->allcontactssupported == 'yes') { $html .= "<p class='info'>{$GLOBALS['strAllSiteContactsSupported']}</p>"; } else { $allowedcontacts = $maint->supportedcontacts; $supportedcontacts = supported_contacts($id); $numberofcontacts = 0; $numberofcontacts = sizeof($supportedcontacts); if ($allowedcontacts == 0) { $allowedcontacts = $GLOBALS['strUnlimited']; } $html .= "<table align='center'>"; $supportcount = 1; if ($numberofcontacts > 0) { foreach ($supportedcontacts as $contact) { $html .= "<tr><th>{$GLOBALS['strContact']} #{$supportcount}:</th>"; $html .= "<td>" . icon('contact', 16) . " "; if ($mode == 'internal') { $html .= "<a href=\"contact_details.php?"; } else { $html .= "<a href=\"contactdetails.php?"; } $html .= "id={$contact}\">" . contact_realname($contact) . "</a>, "; $html .= contact_site($contact) . "</td>"; if ($mode == 'internal') { $html .= "<td><a href=\"contract_delete_contact.php?contactid=" . $contact . "&maintid={$id}&context=maintenance\">{$GLOBALS['strRemove']}</a></td></tr>\n"; } else { $html .= "<td><a href=\"{$_SERVER['PHP_SELF']}?id={$id}&contactid=" . $contact . "&action=remove\">{$GLOBALS['strRemove']}</a></td></tr>\n"; } $supportcount++; } $html .= "</table>"; } else { $html .= "<p class='info'>{$GLOBALS['strNoRecords']}<p>"; } } if ($maint->allcontactssupported != 'yes') { $html .= "<p align='center'>"; $html .= sprintf($GLOBALS['strUsedNofN'], "<strong>" . $numberofcontacts . "</strong>", "<strong>" . $allowedcontacts . "</strong>"); $html .= "</p>"; if ($numberofcontacts < $allowedcontacts or $allowedcontacts == 0 and $mode == 'internal') { $html .= "<p align='center'><a href='contract_add_contact.php?maintid={$id}&siteid={$maint->site}&context=maintenance'>"; $html .= "{$GLOBALS['strAddContact']}</a></p>"; } else { $html .= "<h3>{$GLOBALS['strAddContact']}</h3>"; $html .= "<form action='{$_SERVER['PHP_SELF']}?id={$id}&action="; $html .= "add' method='post' >"; $html .= "<p align='center'>{$GLOBLAS['strAddNewSupportedContact']} "; $html .= contact_site_drop_down('contactid', 'contactid', maintenance_siteid($id), supported_contacts($id)); $html .= help_link('NewSupportedContact'); $html .= " <input type='submit' value='{$GLOBALS['strAdd']}' /></p></form>"; } if ($mode == 'external') { $html .= "<p align='center'><a href='addcontact.php'>"; $html .= "{$GLOBALS['strAddNewSiteContact']}</a></p>"; } } $html .= "<br />"; $html .= "<h3>{$GLOBALS['strSkillsSupportedUnderContract']}:</h3>"; // supported software $sql = "SELECT * FROM `{$GLOBALS[dbSoftwareProducts]}` AS sp, `{$GLOBALS[dbSoftware]}` AS s "; $sql .= "WHERE sp.softwareid = s.id AND productid='{$maint->product}' "; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } if (mysql_num_rows($result) > 0) { $html .= "<table align='center'>"; while ($software = mysql_fetch_object($result)) { $software->lifetime_end = mysql2date($software->lifetime_end); $html .= "<tr><td> " . icon('skill', 16) . " "; if ($software->lifetime_end > 0 and $software->lifetime_end < $now) { $html .= "<span class='deleted'>"; } $html .= $software->name; if ($software->lifetime_end > 0 and $software->lifetime_end < $now) { $html .= "</span>"; } $html .= "</td></tr>\n"; } $html .= "</table>\n"; } else { $html .= "<p align='center'>{$GLOBALS['strNone']} / {$GLOBALS['strUnknown']}<p>"; } } else { $html = "<p align='center'>{$GLOBALS['strNothingToDisplay']}</p>"; } return $html; }
if (mysql_error()) { trigger_error("MySQL Query Error {$sql}" . mysql_error(), E_USER_WARNING); } $delim = $fsdelim; while ($filerow = mysql_fetch_object($fileresult)) { $fileid = intval($filerow->fileid); $filename = cleanvar($filerow->filename); if (strlen($filename) > 30) { $filename = substr($filename, 0, 30) . "..."; } $icon = getattachmenticon($filename); echo "<div class='portalfileicon'><img src='{$icon}' /></div>"; echo "<a href='download.php?id={$fileid}'>{$filename}</a><br />"; if ($filerow->userid != 0) { if ($filerow->usertype == 'contact') { echo sprintf($strUploadedBy, contact_realname($filerow->userid)) . " "; } else { echo sprintf($strUploadedBy, user_realname($filerow->userid)) . " "; } } echo "<br />" . ldate($CONFIG['dateformat_datetime'], mysql2date($filerow->filedate)) . "<br /><br />"; } echo "</div>"; echo "<div id='portalright'>"; while ($update = mysql_fetch_object($result)) { if (empty($firstid)) { $firstid = $update->id; } $updateid = $update->id; $updatebody = trim($update->bodytext); $updatebody = preg_replace("/\\[\\[att=(.*?)\\]\\](.*?)\\[\\[\\/att\\]\\]/s", "<a href='download.php?id=\$1'>\$2</a>\n", $updatebody);
if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (!$result) { $addition_errors = 1; $addition_errors_string .= "<p class='error'>Update of incident failed</p>\n"; } if ($addition_errors == 0) { // dump details to incident update if ($oldtitle != $title) { $header .= "Title: {$oldtitle} -> <b>{$title}</b>\n"; } if ($oldcontact != $contact) { $contactname = contact_realname($contact); $contactsite = contact_site($contact); $header .= "Contact: " . contact_realname($oldcontact) . " -> <b>{$contactname}</b>\n"; $maintsiteid = maintenance_siteid(incident_maintid($id)); if ($maintsiteid > 0 and contact_siteid($contact) != $maintsiteid) { $maintcontactsite = site_name($maintsiteid); $header .= "Assigned to <b>{$contactname} of {$contactsite}</b> on behalf of {$maintcontactsite} (The contract holder)\n"; } } if ($oldexternalid != $externalid) { $header .= "External ID: "; if ($oldexternalid != '') { $header .= $oldexternalid; } else { $header .= "None"; } $header .= " -> <b>"; if ($externalid != '') {
/** * @author Tom Gerrard */ function generate_row($update) { global $CONFIG, $sit; if (empty($update['fromaddr']) and !empty($update['from'])) { $update['fromaddr'] = $update['from']; } $update['fromaddr'] = strtolower($update['fromaddr']); if (strlen($update['bodytext']) > 1003) { $updatebodytext = substr($update['bodytext'], 0, 1000) . '…'; } else { $updatebodytext = $update['bodytext']; } $search = array('<b>', '</b>', '<i>', '</i>', '<u>', '</u>', '<', '>'); $replace = ''; $updatebodytext = htmlspecialchars(str_replace($search, $replace, $updatebodytext)); if ($updatebodytext == '') { $updatebodytext = ' '; } $shade = 'shade1'; if ($update['contactid'] != 0) { $shade = 'idle'; } else { if (!empty($update['fromaddr'])) { // Have a look if we've got a user with this email address $sql = "SELECT COUNT(id) FROM `{$GLOBALS['dbUsers']}` WHERE email LIKE '%{$update['fromaddr']}%'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } list($contactmatches) = mysql_fetch_row($result); if ($contactmatches > 0) { $shade = 'notice'; } } } $pluginshade = plugin_do('holdingqueue_rowshade', $update); $shade = $pluginshade ? $pluginshade : $shade; $html_row = "<tr class='{$shade}'>"; $html_row .= "<td style='text-align: center'>"; if ($update['locked'] == $sit[2] or empty($update['locked'])) { $html_row .= "<input type='checkbox' name='selected[]' value='" . $update['updateid'] . "' />"; } $html_row .= "</td>"; $html_row .= "<td align='center' width='20%'>" . date($CONFIG['dateformat_datetime'], $update['timestamp']) . '</td>'; $html_row .= "<td width='20%'>"; if (!empty($update['contactid']) and $update['fromaddr'] == contact_email($update['contactid'])) { $html_row .= gravatar($update['fromaddr'], 16) . ' '; $contact_realname = contact_realname($update['contactid']); $html_row .= "<a href='contact_details.php?id={$update['contactid']}' class='info'>"; $html_row .= "{$contact_realname}<span>" . htmlentities($update['fromaddr'], ENT_QUOTES, $GLOBALS['i18ncharset']) . "</span></a>"; $html_row .= " of " . contact_site($update['contactid']); if ($update['emailfrom'] != $contact_realname) { $html_row .= "<br />\n"; $html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']); } } else { $html_row .= gravatar($update['fromaddr'], 16) . ' '; $html_row .= "<a href=\"mailto:{$update['fromaddr']}\">{$update['fromaddr']}</a><br />\n"; $html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']); } $html_row .= "</td>"; $html_row .= "<td width='20%'><a href=\"javascript:incident_details_window('{$update['tempid']}','incomingview');\" id='update{$update['id']}' class='info'>"; // $html_row.="<td width='20%'><a href=\"javascript:void(0);\" id='update{$update['id']}' class='info' style='cursor:help;'>"; if (empty($update['subject'])) { $update['subject'] = $GLOBALS['strUntitled']; } $html_row .= htmlentities($update['subject'], ENT_QUOTES, $GLOBALS['i18ncharset']); $html_row .= '<span>' . parse_updatebody($updatebodytext) . '</span></a></td>'; $span = sprintf($GLOBALS['strByX'], user_realname($update['reason_user'])) . "<br />"; $span .= sprintf($GLOBALS['strOnxAtY'], ldate($CONFIG['dateformat_date'], mysql2date($update['reason_time'])), ldate($CONFIG['dateformat_time'], mysql2date($update['reason_time']))); $html_row .= "<td align='center' width='20%'><a class='info'>{$update['reason']}<span>{$span}</span></a></td>"; $html_row .= "<td align='center' width='20%'>"; if ($update['locked'] != $sit[2] && $update['locked'] > 0) { $html_row .= sprintf($strLockedByX, user_realname($update['locked'], TRUE)); } else { if ($update['locked'] == $sit[2]) { $html_row .= "<a href='{$_SERVER['PHP_SELF']}?unlock={$update['tempid']}'"; $html_row .= " title='{$strUnlockThisToBeModifiedByOther}'> {$GLOBALS['strUnlock']}</a> | "; } else { $html_row .= "<a href=\"javascript:incident_details_window('{$update['tempid']}'"; $html_row .= ",'incomingview');\" id='update{$update['id']}' class='info'"; $html_row .= " title='View and lock this held e-mail'>{$GLOBALS['strView']}</a> | "; } if ($update['reason_id'] == 2) { $html_row .= "<a href='incident_reopen.php?id={$update['incident_id']}&updateid={$update['updateid']}'>{$GLOBALS['strReopen']}</a> | "; } $html_row .= "<a href='delete_update.php?updateid=" . $update['id'] . "&tempid=" . $update['tempid'] . "&timestamp=" . $update['timestamp'] . "' title='{$strRemoveThisPermanently}' onclick=\"return confirm_action('{$GLOBALS['strAreYouSureDelete']}');\"> {$GLOBALS['strDelete']}</a>"; } $html_row .= "</td></tr>\n"; return $html_row; }
$result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } $i = 0; while ($obj = mysql_fetch_object($result)) { $name = $obj->externalengineer; if (empty($name)) { $name = $strNoNameAssociated; } $esc[$name]['name'] = $name; $esc[$name]['count']++; $esc[$name][$obj->priority]++; $str = "<span><strong>" . $obj->forenames . " " . $obj->surname . "</strong><br />" . $obj->siteName . "</span>"; $esc[$name]['calls'][$i]['text'] = "<a href=\"javascript:incident_details_window_l('" . $obj->id . "', 'incident" . $obj->id . "')\" title=\"{$obj->title}\" class='info'>[" . $obj->id . "]{$str}</a> #" . $obj->externalid . " " . $obj->title; $esc[$name]['calls'][$i]['text'] .= "<br />" . contact_realname($obj->contact) . ', ' . contact_site($obj->contact); $esc[$name]['calls'][$i]['software'] = $obj->name; $esc[$name]['calls'][$i]['status'] = $obj->status; $esc[$name]['calls'][$i]['localowner'] = $obj->owner; $esc[$name]['calls'][$i]['salfordtowner'] = $obj->towner; $i++; } if (!empty($esc)) { $html .= "<table align='center'>"; $html .= "<tr><th>{$strExternalEngineersName}</th><th>{$strNumOfCalls}</th>"; $html .= "<th align='center'>" . priority_icon(4) . "</th>"; $html .= "<th align='center'>" . priority_icon(3) . "</th>"; $html .= "<th align='center'>" . priority_icon(2) . "</th>"; $html .= "<th align='center'>" . priority_icon(1) . "</th>"; $html .= "<td>"; $html .= "<table width='100%'><tr><th width='50%'>{$strIncident}</th>";
unset($billtotalsincident); if ($a[-1]['totalcustomerperiods'] > 0) { $billableunitsincident = 0; // $isapproved = is_billable_incident_approved($obj->id); $isapproved = false; $unitrate = get_unit_rate(incident_maintid($obj->id)); if ($unitrate == -1) { $unapprovable = TRUE; } $line = "<tr class='{$shade}'><td style='text-align: center'>"; if (!$isapproved and !$unapprovable) { $line .= "<input type='checkbox' name='selected[]' value='{$obj->transactionid}' />"; } $line .= "</td>"; $line .= "<td><a href=\"javascript:incident_details_window('{$obj->id}','incident{$obj->id}')\" class='info'>"; $line .= "{$obj->id}</a></td><td>{$obj->title}</td><td>" . contact_realname($obj->contact) . "</td>"; $line .= "<td>" . user_realname($obj->owner) . "</td>"; $line .= "<td>" . ldate($CONFIG['dateformat_datetime'], $obj->opened) . "</td><td>" . ldate($CONFIG['dateformat_datetime'], $obj->closed) . "</td>"; $bills = get_incident_billable_breakdown_array($obj->id); foreach ($bills as $bill) { foreach ($multipliers as $m) { if (!empty($bill[$m])) { $billtotalssite[$m] += $bill[$m]['count']; $billtotalsincident[$m] += $bill[$m]['count']; if (!$isapproved) { $billtotalssiteunapproved[$m] += $bill[$m]['count']; } } } } foreach ($multipliers as $m) {
echo "<h3>{$row->name}"; if ($row->active != 1) { echo " (inactive)"; } echo " (<small><a href='inventory_edit.php?id={$id}'>"; echo "{$strEdit}</a></small>)</h3>"; echo "<p><strong>{$strType}:</strong> "; echo "{$CONFIG['inventory_types'][$row->type]}</p>"; if (!empty($row->identifier)) { echo "<p><strong>{$strID}:</strong> {$row->identifier}</p>"; } echo "<p><strong>{$strAddress}:</strong> {$row->address}</p>"; if (!empty($row->contactid)) { echo "<p><strong>{$strOwner}:</strong> "; echo "<a href='contact_details.php?id={$row->contactid}'>"; echo contact_realname($row->contactid) . "</a></p>"; } echo "<p><strong>{$strUsername}:</strong> "; if ($row->privacy == 'adminonly' and !user_permission($sit[2], 22) or $row->privacy == 'private' and $row->createdby != $sit[2]) { echo "<strong>{$strWithheld}</strong>"; } else { echo $row->username; } echo "</p>"; echo "<p><strong>{$strPassword}:</strong> "; if ($row->privacy == 'adminonly' and !user_permission($sit[2], 22) or $row->privacy == 'private' and $row->createdby != $sit[2]) { echo "<strong>{$strWithheld}</strong>"; } else { echo $row->password; } echo "</p>";
$sql = "SELECT * FROM `{$dbFeedbackForms}` WHERE id='{$formid}'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } if (mysql_num_rows($result) < 1) { echo "<h2>{$strError}</h2>"; echo "<p>{$strNoFeedBackFormToCompleteHere}</p>"; echo "\n\n<!-- f: {$formid} r:{$respondent} rr:{$responseref} dh:{$decodehash} hc:{$hashcode} -->\n\n"; } else { $reqd = 0; while ($form = mysql_fetch_object($result)) { echo "<form action='feedback.php' method='post'>\n"; echo "<h2>{$form->name}</h2>\n"; echo "<p>{$strRelatingToIncident} <strong>#{$incidentid}</strong> — <strong>" . incident_title($incidentid) . "</strong><br />"; echo sprintf($strOpenedbyXonY, contact_realname(incident_contact($incidentid)), ldate($CONFIG['dateformat_date'], db_read_column('opened', $dbIncidents, $incidentid))); echo ' '; echo sprintf($strClosedOnX, ldate($CONFIG['dateformat_date'], db_read_column('closed', $dbIncidents, $incidentid))) . ".</p>"; if (!empty($_REQUEST['error'])) { echo "<p style='color: red'>{$strErrorRequiredQuestionsNotCompleted}</p>"; } echo nl2br($form->introduction); $qsql = "SELECT * FROM `{$dbFeedbackQuestions}` "; $qsql .= "WHERE formid='{$form->id}' "; $qsql .= "ORDER BY taborder ASC"; $qresult = mysql_query($qsql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } while ($question = mysql_fetch_object($qresult)) { if (strlen(trim($question->sectiontext)) > 3) {
if ($CONFIG['portal_creates_incidents']) { echo "?contractid={$contractid}"; } echo "'>{$strAddIncident}</a></li>"; } else { echo "<li><a href='entitlement.php'>{$strEntitlement}</a></li>"; } $sql = "SELECT COUNT(docid) FROM `{$dbKBArticles}`"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } list($countkb) = mysql_fetch_row($result); if ($CONFIG['kb_enabled'] != FALSE and $CONFIG['portal_kb_enabled'] !== 'Disabled' and $countkb > 0) { echo "<li><a href='kb.php'>{$strKnowledgeBase}</a></li>"; } if ($_SESSION['usertype'] == 'admin') { echo "<li><a href='admin.php'>{$strAdmin}</a></li>"; } echo "<li><a href='../logout.php'>{$strLogout}</a></li>"; echo "</ul>"; echo "<div id='portaluser'><a href='contactdetails.php'>"; echo contact_realname($_SESSION['contactid']); echo ", " . contact_site($_SESSION['contactid']); echo "</a>"; echo "</div>"; echo "</div>"; echo "<div id='mainframe'>"; } $headerdisplayed = TRUE; // Set a variable so we can check to see if the header was included
<?php echo "<form action='{$_SERVER['PHP_SELF']}?action=assign'"; echo " method='post' name='supportdetails' onsubmit=\"return validateForm(this)\">"; echo "<input type='hidden' name='type' value=\"{$type}\" />"; echo "<input type='hidden' name='contactid' value=\"{$contactid}\" />"; echo "<input type='hidden' name='productid' value=\"{$productid}\" />"; echo "<input type='hidden' name='maintid' value=\"{$maintid}\" />"; echo "<input type='hidden' name='siteid' value=\"{$siteid}\" />"; if (!empty($updateid)) { echo "<input type='hidden' name='updateid' value='{$updateid}' />"; } echo "<table class='vertical' width='90%'>"; echo "<tr><td>"; $contactemail = contact_email($contactid); echo "<a href=\"mailto:{$contactemail}\">" . icon('contact', 16, '', $contactemail) . "</a>"; echo " <strong>" . contact_realname($contactid) . "</strong> <span style='font-size:80%;'>(<a href='contact_edit.php?action=edit&"; echo "contact={$contactid}'>{$strEdit}</a>)</span>, "; echo contact_site($contactid) . " "; echo "{$strTel}: " . contact_phone($contactid); echo "</td>"; echo "<td>"; echo icon('contract', 16) . " <strong>{$strContract} {$maintid}</strong>: "; echo strip_tags($producttext); echo "</td></tr>"; if (empty($updateid)) { echo "<tr><td><label for='incidenttitle'>{$strIncidentTitle}</label><br />"; echo "<input class='required' maxlength='200' id='incidenttitle' "; echo "name='incidenttitle' size='50' type='text' />"; echo " <span class='required'>{$strRequired}</span></td>\n"; echo "<td>"; if ($type == 'free') {
echo "<th style='text-align: left;'>{$strEngineer} 4</th></tr>\n"; while ($maint = mysql_fetch_object($mresult)) { if ($maint->expirydate > $now and $maint->term != 'no') { echo "<tr>"; echo "<td width='20%'>{$maint->product}</td>"; echo "<td>{$maint->licence_quantity} {$maint->licence_type}</td>"; echo "<td>" . ldate($CONFIG['dateformat_date'], $maint->expirydate) . "</td>"; $csql = "SELECT * FROM `{$dbSupportContacts}` "; $csql .= "WHERE maintenanceid='{$maint->maintid}' "; $csql .= "ORDER BY contactid LIMIT 4"; ## echo "<!-- ($csql) -->"; $cresult = mysql_query($csql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } while ($contact = mysql_fetch_object($cresult)) { echo "<td>" . contact_realname($contact->contactid) . "</td>"; } echo "</tr>\n"; $a++; } } echo "</table>"; echo "<hr />"; } } } if ($_REQUEST['mode'] != 'csv') { echo "<p align='center'><a href='{$_SERVER['PHP_SELF']}?siteid={$siteid}&mode=csv'>{$strSaveAsCSV}</a></p>"; include APPLICATION_INCPATH . 'htmlfooter.inc.php'; }