// logout.php - Removes cookies
//
// SiT (Support Incident Tracker) - Support call tracking system
// Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
//
// This software may be used and distributed according to the terms
// of the GNU General Public License, incorporated herein by reference.
//
// Author: Ivan Lucas <ivanlucas[at]users.sourceforge.net>
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
session_name($CONFIG['session_name']);
session_start();
if ($_SESSION['portalauth']) {
journal(CFG_LOGGING_NORMAL, 'Logout', "Portal user " . contact_realname($_SESSION['contactid']) . " logged out", CFG_JOURNAL_LOGIN, $_SESSION['contactid']);
} else {
journal(CFG_LOGGING_NORMAL, 'Logout', "User {$_SESSION['userid']} logged out", CFG_JOURNAL_LOGIN, '');
}
// End the session, remove the cookie and destroy all data registered with the session
$_SESSION['auth'] = FALSE;
$_SESSION['portalauth'] = FALSE;
$_SESSION = array();
session_unset();
session_destroy();
if (isset($_COOKIE[session_name()])) {
setcookie(session_name(), '', time() - 42000, '/');
}
// redirect
if (!empty($CONFIG['logout_url'])) {
$url = $CONFIG['logout_url'];
echo "<table align='center' class='vertical'>";
if (empty($maintid)) {
echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th>";
echo "<td>";
maintenance_drop_down("maintid", 0);
echo "</td></tr>";
} else {
echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th>";
echo "<td>{$maintid} - " . contract_product($maintid) . " for " . contract_site($maintid);
echo "<input name=\"maintid\" type=\"hidden\" value=\"{$maintid}\" /></td></tr>";
}
if (empty($contactid)) {
echo "<tr><th>{$strSupport} {$strContact} " . icon('contact', 16) . "</th><td width='400'>";
echo contact_drop_down("contactid", 0) . "</td></tr>";
} else {
echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th><td>{$contactid} - " . contact_realname($contactid);
echo "<input name='contactid' type='hidden' value='{$contactid}' /></td></tr>";
}
echo "</table>";
echo "<p align='center'><input name='submit' type='submit' value='{$strContinue}' /></p>";
echo "</form>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
} elseif ($action == "delete") {
// Delete the chosen support contact
$errors = 0;
// check for blank contact
if ($contactid == 0) {
$errors = 1;
$errors_string .= user_alert("{$strYouMustSelectAsupportContact}", E_USER_ERROR);
}
// check for blank maintenance id
// This insert could possibly be merged with another of the 'updates' records, but for now we keep it seperate for clarity
$sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) ";
$sql .= "VALUES ('{$incidentid}', '0', 'reviewmet', '{$now}', '0', '1', 'hide', 'opened','')";
mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
trigger('TRIGGER_INCIDENT_CREATED', array('incidentid' => $incidentid, 'sendemail' => 1));
if ($CONFIG['auto_assign_incidents']) {
$suggest_user = suggest_reassign_userid($incidentid);
if ($suggest_user > 0) {
reassign_incident($incidentid, $suggest_user);
}
}
$_SESSION['formdata']['portaladdincident'] = NULL;
$_SESSION['formerrors']['portaladdincident'] = NULL;
html_redirect("index.php", TRUE, $strIncidentAdded);
} else {
$contact_id = intval($_SESSION['contactid']);
$contact_name = contact_realname($_SESSION['contactid']);
$contact_email = contact_email($_SESSION['contactid']);
create_temp_incoming($update_id, $contact_name, $incidenttitle, $contact_email, $_SESSION['contactid']);
$_SESSION['formdata']['portaladdincident'] = NULL;
$_SESSION['formerrors']['portaladdincident'] = NULL;
html_redirect("index.php", TRUE, $strRequestSent);
}
exit;
} else {
html_redirect("{$_SERVER['PHP_SELF']}?contractid={$contractid}", FALSE);
}
}
echo "</table>\n";
}
$sql = "SELECT * FROM `{$dbIncidents}` WHERE product={$product->id} ORDER BY id DESC";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) >= 1) {
echo "<h3>{$strRelatedIncidents}</h3>";
echo "<table align='center'>";
echo "<tr><th>{$strIncident}</th><th>{$strContact}</th><th>{$strSite}</th><th>{$strTitle}</th></tr>";
$shade = 'shade1';
while ($incident = mysql_fetch_object($result)) {
echo "<tr class='{$shade}'>";
echo "<td><a href=\"javascript:incident_details_window('{$incident->id}','incident{$incident->id}');\">" . sprintf($strIncidentNum, $incident->id) . "</a></td>";
echo "<td>" . contact_realname($incident->contact) . "</td><td>" . contact_site($incident->contact) . "</td>";
echo "<td>{$incident->title}</td>";
echo "</tr>\n";
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
echo "</table>\n";
}
}
} else {
echo "<p class='error'>{$strNoMatchingProduct}</p>";
}
echo "<p align='center'><a href='{$_SERVER['PHP_SELF']}#{$productid}'>{$strBackToList}</a></p>";
echo "<th>{$strOperation}</th>";
echo "</tr>\n";
$shade = 'shade1';
while ($resp = mysql_fetch_object($result)) {
$respondentarr = explode('-', $resp->respondent);
$responserefarr = explode('-', $resp->responseref);
$hashtext = urlencode($resp->formid) . "&&" . urlencode($resp->contactid) . "&&" . urlencode($resp->incidentid);
// $hashcode=urlencode(trim(base64_encode(gzcompress(str_rot13($hashtext)))));
$hashcode4 = str_rot13($hashtext);
$hashcode3 = gzcompress($hashcode4);
$hashcode2 = base64_encode($hashcode3);
$hashcode1 = trim($hashcode2);
$hashcode = urlencode($hashcode1);
echo "<tr class='{$shade}'>";
echo "<td>" . ldate($CONFIG['dateformat_datetime'], mysqlts2date($resp->created)) . "</td>";
echo "<td><a href='contact_details.php?id={$resp->contactid}' title='{$resp->email}'>" . contact_realname($resp->contactid) . "</a></td>";
echo "<td><a href=\"javascript:incident_details_window('{$resp->incidentid}','incident{$resp->incidentid}')\">";
echo "{$strIncident} [{$resp->incidentid}]</a> - ";
echo incident_title($resp->incidentid) . "</td>";
$url = "feedback.php?ax={$hashcode}";
if ($resp->multi == 'yes') {
$url .= "&rr=1";
}
echo "<td>";
if ($resp->completed == 'no') {
echo "<a href='{$url}' title='{$url}' target='_blank'>URL</a>";
}
$eurl = urlencode($url);
$eref = urlencode($resp->responseref);
if ($resp->completed == 'no') {
//if ($resp->remind<1) echo "<a href='formactions.php?action=remind&id={$resp->respid}&url={$eurl}&ref={$eref}' title='Send a reminder by email'>Remind</a>";
$shade = 'shade1';
}
echo "<tr class='{$shade}'>";
echo "<td>" . $row->incidentid . "</td>";
// title
echo "<td>";
echo "<a href=\"javascript:incident_details_window('" . $row->incidentid . "','incident" . $row->incidentid . "')\">";
if (trim($row->title) != '') {
echo $row->title;
} else {
echo $strUntitled;
}
echo "</a>";
echo "</td>";
if ($mode == 'site') {
$contactrealname = contact_realname($row->contact);
echo "<td>{$contactrealname}</td>";
if ($mode == 'site') {
if (!array_key_exists($contactrealname, $contactlist)) {
$contactlist[$contactrealname] = 1;
} else {
$contactlist[$contactrealname]++;
}
}
}
echo "<td>" . product_name($row->product) . "</td>";
if ($row->status == 2) {
echo "<td>Closed, " . closingstatus_name($row->closingstatus) . "</td>";
} else {
echo "<td>" . incidentstatus_name($row->status) . "</td>";
}
} else {
$sql = "SELECT s.name, p.name FROM `{$dbMaintenance}` m, `{$dbSites}` s, `{$dbProducts}` p WHERE m.site=s.id ";
$sql .= "AND m.product=p.id AND m.id='{$maintid}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
list($sitename, $product) = mysql_fetch_row($result);
echo "<tr><th>{$strContract} " . icon('contract', 16) . "</th><td>{$maintid} - {$sitename}, {$product}</td></tr>";
echo "<input name=\"maintid\" type=\"hidden\" value=\"{$maintid}\" />";
}
if (empty($contactid)) {
echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th>";
echo "<td>" . contact_drop_down("contactid", 0, TRUE) . "</td></tr>";
} else {
echo "<tr><th>{$strContact} " . icon('contact', 16) . "</th><td>{$contactid} - " . contact_realname($contactid) . ", " . site_name(contact_site($contactid));
echo "<input name=\"contactid\" type=\"hidden\" value=\"{$contactid}\" />";
echo "</td></tr>";
}
echo "</table>";
echo "<p align='center'><input name='submit' type='submit' value='{$strContinue}' /></p>";
echo "</form>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
} else {
if ($action == "add") {
// Add support contact
$errors = 0;
// check for blank contact
if ($contactid == 0) {
$errors = 1;
$errors_string .= user_alert("You must select a contact", E_USER_ERROR);
/**
* Return the html of contract detatils
* @author Kieran Hogg
* @param int $maintid - ID of the contract
* @param string $mode. 'internal' or 'external'
* @return array of supported contracts, NULL if none
* @todo FIXME not quite generic enough for a function ?
*/
function contract_details($id, $mode = 'internal')
{
global $CONFIG, $iconset, $dbMaintenance, $dbSites, $dbResellers, $dbLicenceTypes, $now;
$sql = "SELECT m.*, m.notes AS maintnotes, s.name AS sitename, ";
$sql .= "r.name AS resellername, lt.name AS licensetypename ";
$sql .= "FROM `{$dbMaintenance}` AS m, `{$dbSites}` AS s, ";
$sql .= "`{$dbResellers}` AS r, `{$dbLicenceTypes}` AS lt ";
$sql .= "WHERE s.id = m.site ";
$sql .= "AND m.id='{$id}' ";
$sql .= "AND m.reseller = r.id ";
$sql .= "AND (m.licence_type IS NULL OR m.licence_type = lt.id) ";
if ($mode == 'external') {
$sql .= "AND m.site = '{$_SESSION['siteid']}'";
}
$maintresult = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
$maint = mysql_fetch_object($maintresult);
$html = "<table align='center' class='vertical'>";
$html .= "<tr><th>{$GLOBALS['strContract']} {$GLOBALS['strID']}:</th>";
$html .= "<td><h3>" . icon('contract', 32) . " ";
$html .= "{$maint->id}</h3></td></tr>";
$html .= "<tr><th>{$GLOBALS['strStatus']}:</th><td>";
if ($maint->term == 'yes') {
$html .= "<strong>{$GLOBALS['strTerminated']}</strong>";
} else {
$html .= $GLOBALS['strActive'];
}
if ($maint->expirydate < $now and $maint->expirydate != '-1') {
$html .= "<span class='expired'>, {$GLOBALS['strExpired']}</span>";
}
$html .= "</td></tr>\n";
$html .= "<tr><th>{$GLOBALS['strSite']}:</th>";
if ($mode == 'internal') {
$html .= "<td><a href=\"site_details.php?id=" . $maint->site . "\">" . $maint->sitename . "</a></td></tr>";
} else {
$html .= "<td><a href=\"sitedetails.php\">" . $maint->sitename . "</a></td></tr>";
}
$html .= "<tr><th>{$GLOBALS['strAdminContact']}:</th>";
if ($mode == 'internal') {
$html .= "<td><a href=\"contact_details.php?id=";
$html .= "{$maint->admincontact}\">";
$html .= contact_realname($maint->admincontact) . "</a></td></tr>";
} else {
$html .= "<td><a href='contactdetails.php?id={$maint->admincontact}'>";
$html .= contact_realname($maint->admincontact) . "</a></td></tr>";
}
$html .= "<tr><th>{$GLOBALS['strReseller']}:</th><td>";
if (empty($maint->resellername)) {
$html .= $GLOBALS['strNoReseller'];
} else {
$html .= $maint->resellername;
}
$html .= "</td></tr>";
$html .= "<tr><th>{$GLOBALS['strProduct']}:</th><td>" . product_name($maint->product) . "</td></tr>";
$html .= "<tr><th>{$GLOBALS['strIncidents']}:</th>";
$html .= "<td>";
$incidents_remaining = $maint->incident_quantity - $maint->incidents_used;
if ($maint->incident_quantity == 0) {
$quantity = $GLOBALS['strUnlimited'];
} else {
$quantity = $maint->incident_quantity;
}
$html .= sprintf($GLOBALS['strUsedNofN'], $maint->incidents_used, $quantity);
if ($maint->incidents_used >= $maint->incident_quantity and $maint->incident_quantity != 0) {
$html .= " ({$GLOBALS['strZeroRemaining']})";
}
$html .= "</td></tr>";
if ($maint->licence_quantity != '0') {
$html .= "<tr><th>{$GLOBALS['strLicense']}:</th>";
$html .= "<td>{$maint->licence_quantity} {$maint->licensetypename}</td></tr>\n";
}
$html .= "<tr><th>{$GLOBALS['strServiceLevel']}:</th><td>" . servicelevel_name($maint->servicelevelid) . "</td></tr>";
$html .= "<tr><th>{$GLOBALS['strExpiryDate']}:</th><td>";
if ($maint->expirydate == '-1') {
$html .= "{$GLOBALS['strUnlimited']}";
} else {
$html .= ldate($CONFIG['dateformat_date'], $maint->expirydate);
}
$html .= "</td></tr>";
if ($mode == 'internal') {
$timed = db_read_column('timed', $GLOBALS['dbServiceLevels'], $maint->servicelevelid);
if ($timed == 'yes') {
$timed = TRUE;
} else {
$timed = FALSE;
}
$html .= "<tr><th>{$GLOBALS['strService']}</th><td>";
$html .= contract_service_table($id, $timed);
$html .= "</td></tr>\n";
if ($timed) {
$html .= "<tr><th>{$GLOBALS['strBalance']}</th><td>{$CONFIG['currency_symbol']}" . number_format(get_contract_balance($id, TRUE, TRUE), 2);
$multiplier = get_billable_multiplier(strtolower(date('D', $now)), date('G', $now));
$html .= " (≅" . contract_unit_balance($id, TRUE, TRUE) . " units)";
$html .= "</td></tr>";
}
}
if ($maint->maintnotes != '' and $mode == 'internal') {
$html .= "<tr><th>{$GLOBALS['strNotes']}:</th><td>{$maint->maintnotes}</td></tr>";
}
$html .= "</table>";
if ($mode == 'internal') {
$html .= "<p align='center'>";
$html .= "<a href=\"contract_edit.php?action=edit&maintid={$id}\">{$GLOBALS['strEditContract']}</a> | ";
$html .= "<a href='contract_add_service.php?contractid={$id}'>{$GLOBALS['strAddService']}</a></p>";
}
$html .= "<h3>{$GLOBALS['strContacts']}</h3>";
if (mysql_num_rows($maintresult) > 0) {
if ($maint->allcontactssupported == 'yes') {
$html .= "<p class='info'>{$GLOBALS['strAllSiteContactsSupported']}</p>";
} else {
$allowedcontacts = $maint->supportedcontacts;
$supportedcontacts = supported_contacts($id);
$numberofcontacts = 0;
$numberofcontacts = sizeof($supportedcontacts);
if ($allowedcontacts == 0) {
$allowedcontacts = $GLOBALS['strUnlimited'];
}
$html .= "<table align='center'>";
$supportcount = 1;
if ($numberofcontacts > 0) {
foreach ($supportedcontacts as $contact) {
$html .= "<tr><th>{$GLOBALS['strContact']} #{$supportcount}:</th>";
$html .= "<td>" . icon('contact', 16) . " ";
if ($mode == 'internal') {
$html .= "<a href=\"contact_details.php?";
} else {
$html .= "<a href=\"contactdetails.php?";
}
$html .= "id={$contact}\">" . contact_realname($contact) . "</a>, ";
$html .= contact_site($contact) . "</td>";
if ($mode == 'internal') {
$html .= "<td><a href=\"contract_delete_contact.php?contactid=" . $contact . "&maintid={$id}&context=maintenance\">{$GLOBALS['strRemove']}</a></td></tr>\n";
} else {
$html .= "<td><a href=\"{$_SERVER['PHP_SELF']}?id={$id}&contactid=" . $contact . "&action=remove\">{$GLOBALS['strRemove']}</a></td></tr>\n";
}
$supportcount++;
}
$html .= "</table>";
} else {
$html .= "<p class='info'>{$GLOBALS['strNoRecords']}<p>";
}
}
if ($maint->allcontactssupported != 'yes') {
$html .= "<p align='center'>";
$html .= sprintf($GLOBALS['strUsedNofN'], "<strong>" . $numberofcontacts . "</strong>", "<strong>" . $allowedcontacts . "</strong>");
$html .= "</p>";
if ($numberofcontacts < $allowedcontacts or $allowedcontacts == 0 and $mode == 'internal') {
$html .= "<p align='center'><a href='contract_add_contact.php?maintid={$id}&siteid={$maint->site}&context=maintenance'>";
$html .= "{$GLOBALS['strAddContact']}</a></p>";
} else {
$html .= "<h3>{$GLOBALS['strAddContact']}</h3>";
$html .= "<form action='{$_SERVER['PHP_SELF']}?id={$id}&action=";
$html .= "add' method='post' >";
$html .= "<p align='center'>{$GLOBLAS['strAddNewSupportedContact']} ";
$html .= contact_site_drop_down('contactid', 'contactid', maintenance_siteid($id), supported_contacts($id));
$html .= help_link('NewSupportedContact');
$html .= " <input type='submit' value='{$GLOBALS['strAdd']}' /></p></form>";
}
if ($mode == 'external') {
$html .= "<p align='center'><a href='addcontact.php'>";
$html .= "{$GLOBALS['strAddNewSiteContact']}</a></p>";
}
}
$html .= "<br />";
$html .= "<h3>{$GLOBALS['strSkillsSupportedUnderContract']}:</h3>";
// supported software
$sql = "SELECT * FROM `{$GLOBALS[dbSoftwareProducts]}` AS sp, `{$GLOBALS[dbSoftware]}` AS s ";
$sql .= "WHERE sp.softwareid = s.id AND productid='{$maint->product}' ";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) > 0) {
$html .= "<table align='center'>";
while ($software = mysql_fetch_object($result)) {
$software->lifetime_end = mysql2date($software->lifetime_end);
$html .= "<tr><td> " . icon('skill', 16) . " ";
if ($software->lifetime_end > 0 and $software->lifetime_end < $now) {
$html .= "<span class='deleted'>";
}
$html .= $software->name;
if ($software->lifetime_end > 0 and $software->lifetime_end < $now) {
$html .= "</span>";
}
$html .= "</td></tr>\n";
}
$html .= "</table>\n";
} else {
$html .= "<p align='center'>{$GLOBALS['strNone']} / {$GLOBALS['strUnknown']}<p>";
}
} else {
$html = "<p align='center'>{$GLOBALS['strNothingToDisplay']}</p>";
}
return $html;
}
if (mysql_error()) {
trigger_error("MySQL Query Error {$sql}" . mysql_error(), E_USER_WARNING);
}
$delim = $fsdelim;
while ($filerow = mysql_fetch_object($fileresult)) {
$fileid = intval($filerow->fileid);
$filename = cleanvar($filerow->filename);
if (strlen($filename) > 30) {
$filename = substr($filename, 0, 30) . "...";
}
$icon = getattachmenticon($filename);
echo "<div class='portalfileicon'><img src='{$icon}' /></div>";
echo "<a href='download.php?id={$fileid}'>{$filename}</a><br />";
if ($filerow->userid != 0) {
if ($filerow->usertype == 'contact') {
echo sprintf($strUploadedBy, contact_realname($filerow->userid)) . " ";
} else {
echo sprintf($strUploadedBy, user_realname($filerow->userid)) . " ";
}
}
echo "<br />" . ldate($CONFIG['dateformat_datetime'], mysql2date($filerow->filedate)) . "<br /><br />";
}
echo "</div>";
echo "<div id='portalright'>";
while ($update = mysql_fetch_object($result)) {
if (empty($firstid)) {
$firstid = $update->id;
}
$updateid = $update->id;
$updatebody = trim($update->bodytext);
$updatebody = preg_replace("/\\[\\[att=(.*?)\\]\\](.*?)\\[\\[\\/att\\]\\]/s", "<a href='download.php?id=\$1'>\$2</a>\n", $updatebody);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (!$result) {
$addition_errors = 1;
$addition_errors_string .= "<p class='error'>Update of incident failed</p>\n";
}
if ($addition_errors == 0) {
// dump details to incident update
if ($oldtitle != $title) {
$header .= "Title: {$oldtitle} -> <b>{$title}</b>\n";
}
if ($oldcontact != $contact) {
$contactname = contact_realname($contact);
$contactsite = contact_site($contact);
$header .= "Contact: " . contact_realname($oldcontact) . " -> <b>{$contactname}</b>\n";
$maintsiteid = maintenance_siteid(incident_maintid($id));
if ($maintsiteid > 0 and contact_siteid($contact) != $maintsiteid) {
$maintcontactsite = site_name($maintsiteid);
$header .= "Assigned to <b>{$contactname} of {$contactsite}</b> on behalf of {$maintcontactsite} (The contract holder)\n";
}
}
if ($oldexternalid != $externalid) {
$header .= "External ID: ";
if ($oldexternalid != '') {
$header .= $oldexternalid;
} else {
$header .= "None";
}
$header .= " -> <b>";
if ($externalid != '') {
/**
* @author Tom Gerrard
*/
function generate_row($update)
{
global $CONFIG, $sit;
if (empty($update['fromaddr']) and !empty($update['from'])) {
$update['fromaddr'] = $update['from'];
}
$update['fromaddr'] = strtolower($update['fromaddr']);
if (strlen($update['bodytext']) > 1003) {
$updatebodytext = substr($update['bodytext'], 0, 1000) . '…';
} else {
$updatebodytext = $update['bodytext'];
}
$search = array('<b>', '</b>', '<i>', '</i>', '<u>', '</u>', '<', '>');
$replace = '';
$updatebodytext = htmlspecialchars(str_replace($search, $replace, $updatebodytext));
if ($updatebodytext == '') {
$updatebodytext = ' ';
}
$shade = 'shade1';
if ($update['contactid'] != 0) {
$shade = 'idle';
} else {
if (!empty($update['fromaddr'])) {
// Have a look if we've got a user with this email address
$sql = "SELECT COUNT(id) FROM `{$GLOBALS['dbUsers']}` WHERE email LIKE '%{$update['fromaddr']}%'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
list($contactmatches) = mysql_fetch_row($result);
if ($contactmatches > 0) {
$shade = 'notice';
}
}
}
$pluginshade = plugin_do('holdingqueue_rowshade', $update);
$shade = $pluginshade ? $pluginshade : $shade;
$html_row = "<tr class='{$shade}'>";
$html_row .= "<td style='text-align: center'>";
if ($update['locked'] == $sit[2] or empty($update['locked'])) {
$html_row .= "<input type='checkbox' name='selected[]' value='" . $update['updateid'] . "' />";
}
$html_row .= "</td>";
$html_row .= "<td align='center' width='20%'>" . date($CONFIG['dateformat_datetime'], $update['timestamp']) . '</td>';
$html_row .= "<td width='20%'>";
if (!empty($update['contactid']) and $update['fromaddr'] == contact_email($update['contactid'])) {
$html_row .= gravatar($update['fromaddr'], 16) . ' ';
$contact_realname = contact_realname($update['contactid']);
$html_row .= "<a href='contact_details.php?id={$update['contactid']}' class='info'>";
$html_row .= "{$contact_realname}<span>" . htmlentities($update['fromaddr'], ENT_QUOTES, $GLOBALS['i18ncharset']) . "</span></a>";
$html_row .= " of " . contact_site($update['contactid']);
if ($update['emailfrom'] != $contact_realname) {
$html_row .= "<br />\n";
$html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']);
}
} else {
$html_row .= gravatar($update['fromaddr'], 16) . ' ';
$html_row .= "<a href=\"mailto:{$update['fromaddr']}\">{$update['fromaddr']}</a><br />\n";
$html_row .= htmlentities($update['emailfrom'], ENT_QUOTES, $GLOBALS['i18ncharset']);
}
$html_row .= "</td>";
$html_row .= "<td width='20%'><a href=\"javascript:incident_details_window('{$update['tempid']}','incomingview');\" id='update{$update['id']}' class='info'>";
// $html_row.="<td width='20%'><a href=\"javascript:void(0);\" id='update{$update['id']}' class='info' style='cursor:help;'>";
if (empty($update['subject'])) {
$update['subject'] = $GLOBALS['strUntitled'];
}
$html_row .= htmlentities($update['subject'], ENT_QUOTES, $GLOBALS['i18ncharset']);
$html_row .= '<span>' . parse_updatebody($updatebodytext) . '</span></a></td>';
$span = sprintf($GLOBALS['strByX'], user_realname($update['reason_user'])) . "<br />";
$span .= sprintf($GLOBALS['strOnxAtY'], ldate($CONFIG['dateformat_date'], mysql2date($update['reason_time'])), ldate($CONFIG['dateformat_time'], mysql2date($update['reason_time'])));
$html_row .= "<td align='center' width='20%'><a class='info'>{$update['reason']}<span>{$span}</span></a></td>";
$html_row .= "<td align='center' width='20%'>";
if ($update['locked'] != $sit[2] && $update['locked'] > 0) {
$html_row .= sprintf($strLockedByX, user_realname($update['locked'], TRUE));
} else {
if ($update['locked'] == $sit[2]) {
$html_row .= "<a href='{$_SERVER['PHP_SELF']}?unlock={$update['tempid']}'";
$html_row .= " title='{$strUnlockThisToBeModifiedByOther}'> {$GLOBALS['strUnlock']}</a> | ";
} else {
$html_row .= "<a href=\"javascript:incident_details_window('{$update['tempid']}'";
$html_row .= ",'incomingview');\" id='update{$update['id']}' class='info'";
$html_row .= " title='View and lock this held e-mail'>{$GLOBALS['strView']}</a> | ";
}
if ($update['reason_id'] == 2) {
$html_row .= "<a href='incident_reopen.php?id={$update['incident_id']}&updateid={$update['updateid']}'>{$GLOBALS['strReopen']}</a> | ";
}
$html_row .= "<a href='delete_update.php?updateid=" . $update['id'] . "&tempid=" . $update['tempid'] . "&timestamp=" . $update['timestamp'] . "' title='{$strRemoveThisPermanently}' onclick=\"return confirm_action('{$GLOBALS['strAreYouSureDelete']}');\"> {$GLOBALS['strDelete']}</a>";
}
$html_row .= "</td></tr>\n";
return $html_row;
}
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$i = 0;
while ($obj = mysql_fetch_object($result)) {
$name = $obj->externalengineer;
if (empty($name)) {
$name = $strNoNameAssociated;
}
$esc[$name]['name'] = $name;
$esc[$name]['count']++;
$esc[$name][$obj->priority]++;
$str = "<span><strong>" . $obj->forenames . " " . $obj->surname . "</strong><br />" . $obj->siteName . "</span>";
$esc[$name]['calls'][$i]['text'] = "<a href=\"javascript:incident_details_window_l('" . $obj->id . "', 'incident" . $obj->id . "')\" title=\"{$obj->title}\" class='info'>[" . $obj->id . "]{$str}</a> #" . $obj->externalid . " " . $obj->title;
$esc[$name]['calls'][$i]['text'] .= "<br />" . contact_realname($obj->contact) . ', ' . contact_site($obj->contact);
$esc[$name]['calls'][$i]['software'] = $obj->name;
$esc[$name]['calls'][$i]['status'] = $obj->status;
$esc[$name]['calls'][$i]['localowner'] = $obj->owner;
$esc[$name]['calls'][$i]['salfordtowner'] = $obj->towner;
$i++;
}
if (!empty($esc)) {
$html .= "<table align='center'>";
$html .= "<tr><th>{$strExternalEngineersName}</th><th>{$strNumOfCalls}</th>";
$html .= "<th align='center'>" . priority_icon(4) . "</th>";
$html .= "<th align='center'>" . priority_icon(3) . "</th>";
$html .= "<th align='center'>" . priority_icon(2) . "</th>";
$html .= "<th align='center'>" . priority_icon(1) . "</th>";
$html .= "<td>";
$html .= "<table width='100%'><tr><th width='50%'>{$strIncident}</th>";
unset($billtotalsincident);
if ($a[-1]['totalcustomerperiods'] > 0) {
$billableunitsincident = 0;
// $isapproved = is_billable_incident_approved($obj->id);
$isapproved = false;
$unitrate = get_unit_rate(incident_maintid($obj->id));
if ($unitrate == -1) {
$unapprovable = TRUE;
}
$line = "<tr class='{$shade}'><td style='text-align: center'>";
if (!$isapproved and !$unapprovable) {
$line .= "<input type='checkbox' name='selected[]' value='{$obj->transactionid}' />";
}
$line .= "</td>";
$line .= "<td><a href=\"javascript:incident_details_window('{$obj->id}','incident{$obj->id}')\" class='info'>";
$line .= "{$obj->id}</a></td><td>{$obj->title}</td><td>" . contact_realname($obj->contact) . "</td>";
$line .= "<td>" . user_realname($obj->owner) . "</td>";
$line .= "<td>" . ldate($CONFIG['dateformat_datetime'], $obj->opened) . "</td><td>" . ldate($CONFIG['dateformat_datetime'], $obj->closed) . "</td>";
$bills = get_incident_billable_breakdown_array($obj->id);
foreach ($bills as $bill) {
foreach ($multipliers as $m) {
if (!empty($bill[$m])) {
$billtotalssite[$m] += $bill[$m]['count'];
$billtotalsincident[$m] += $bill[$m]['count'];
if (!$isapproved) {
$billtotalssiteunapproved[$m] += $bill[$m]['count'];
}
}
}
}
foreach ($multipliers as $m) {
echo "<h3>{$row->name}";
if ($row->active != 1) {
echo " (inactive)";
}
echo " (<small><a href='inventory_edit.php?id={$id}'>";
echo "{$strEdit}</a></small>)</h3>";
echo "<p><strong>{$strType}:</strong> ";
echo "{$CONFIG['inventory_types'][$row->type]}</p>";
if (!empty($row->identifier)) {
echo "<p><strong>{$strID}:</strong> {$row->identifier}</p>";
}
echo "<p><strong>{$strAddress}:</strong> {$row->address}</p>";
if (!empty($row->contactid)) {
echo "<p><strong>{$strOwner}:</strong> ";
echo "<a href='contact_details.php?id={$row->contactid}'>";
echo contact_realname($row->contactid) . "</a></p>";
}
echo "<p><strong>{$strUsername}:</strong> ";
if ($row->privacy == 'adminonly' and !user_permission($sit[2], 22) or $row->privacy == 'private' and $row->createdby != $sit[2]) {
echo "<strong>{$strWithheld}</strong>";
} else {
echo $row->username;
}
echo "</p>";
echo "<p><strong>{$strPassword}:</strong> ";
if ($row->privacy == 'adminonly' and !user_permission($sit[2], 22) or $row->privacy == 'private' and $row->createdby != $sit[2]) {
echo "<strong>{$strWithheld}</strong>";
} else {
echo $row->password;
}
echo "</p>";
$sql = "SELECT * FROM `{$dbFeedbackForms}` WHERE id='{$formid}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) < 1) {
echo "<h2>{$strError}</h2>";
echo "<p>{$strNoFeedBackFormToCompleteHere}</p>";
echo "\n\n<!-- f: {$formid} r:{$respondent} rr:{$responseref} dh:{$decodehash} hc:{$hashcode} -->\n\n";
} else {
$reqd = 0;
while ($form = mysql_fetch_object($result)) {
echo "<form action='feedback.php' method='post'>\n";
echo "<h2>{$form->name}</h2>\n";
echo "<p>{$strRelatingToIncident} <strong>#{$incidentid}</strong> — <strong>" . incident_title($incidentid) . "</strong><br />";
echo sprintf($strOpenedbyXonY, contact_realname(incident_contact($incidentid)), ldate($CONFIG['dateformat_date'], db_read_column('opened', $dbIncidents, $incidentid)));
echo ' ';
echo sprintf($strClosedOnX, ldate($CONFIG['dateformat_date'], db_read_column('closed', $dbIncidents, $incidentid))) . ".</p>";
if (!empty($_REQUEST['error'])) {
echo "<p style='color: red'>{$strErrorRequiredQuestionsNotCompleted}</p>";
}
echo nl2br($form->introduction);
$qsql = "SELECT * FROM `{$dbFeedbackQuestions}` ";
$qsql .= "WHERE formid='{$form->id}' ";
$qsql .= "ORDER BY taborder ASC";
$qresult = mysql_query($qsql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
while ($question = mysql_fetch_object($qresult)) {
if (strlen(trim($question->sectiontext)) > 3) {
if ($CONFIG['portal_creates_incidents']) {
echo "?contractid={$contractid}";
}
echo "'>{$strAddIncident}</a></li>";
} else {
echo "<li><a href='entitlement.php'>{$strEntitlement}</a></li>";
}
$sql = "SELECT COUNT(docid) FROM `{$dbKBArticles}`";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
list($countkb) = mysql_fetch_row($result);
if ($CONFIG['kb_enabled'] != FALSE and $CONFIG['portal_kb_enabled'] !== 'Disabled' and $countkb > 0) {
echo "<li><a href='kb.php'>{$strKnowledgeBase}</a></li>";
}
if ($_SESSION['usertype'] == 'admin') {
echo "<li><a href='admin.php'>{$strAdmin}</a></li>";
}
echo "<li><a href='../logout.php'>{$strLogout}</a></li>";
echo "</ul>";
echo "<div id='portaluser'><a href='contactdetails.php'>";
echo contact_realname($_SESSION['contactid']);
echo ", " . contact_site($_SESSION['contactid']);
echo "</a>";
echo "</div>";
echo "</div>";
echo "<div id='mainframe'>";
}
$headerdisplayed = TRUE;
// Set a variable so we can check to see if the header was included
<?php
echo "<form action='{$_SERVER['PHP_SELF']}?action=assign'";
echo " method='post' name='supportdetails' onsubmit=\"return validateForm(this)\">";
echo "<input type='hidden' name='type' value=\"{$type}\" />";
echo "<input type='hidden' name='contactid' value=\"{$contactid}\" />";
echo "<input type='hidden' name='productid' value=\"{$productid}\" />";
echo "<input type='hidden' name='maintid' value=\"{$maintid}\" />";
echo "<input type='hidden' name='siteid' value=\"{$siteid}\" />";
if (!empty($updateid)) {
echo "<input type='hidden' name='updateid' value='{$updateid}' />";
}
echo "<table class='vertical' width='90%'>";
echo "<tr><td>";
$contactemail = contact_email($contactid);
echo "<a href=\"mailto:{$contactemail}\">" . icon('contact', 16, '', $contactemail) . "</a>";
echo " <strong>" . contact_realname($contactid) . "</strong> <span style='font-size:80%;'>(<a href='contact_edit.php?action=edit&";
echo "contact={$contactid}'>{$strEdit}</a>)</span>, ";
echo contact_site($contactid) . " ";
echo "{$strTel}: " . contact_phone($contactid);
echo "</td>";
echo "<td>";
echo icon('contract', 16) . " <strong>{$strContract} {$maintid}</strong>: ";
echo strip_tags($producttext);
echo "</td></tr>";
if (empty($updateid)) {
echo "<tr><td><label for='incidenttitle'>{$strIncidentTitle}</label><br />";
echo "<input class='required' maxlength='200' id='incidenttitle' ";
echo "name='incidenttitle' size='50' type='text' />";
echo " <span class='required'>{$strRequired}</span></td>\n";
echo "<td>";
if ($type == 'free') {
echo "<th style='text-align: left;'>{$strEngineer} 4</th></tr>\n";
while ($maint = mysql_fetch_object($mresult)) {
if ($maint->expirydate > $now and $maint->term != 'no') {
echo "<tr>";
echo "<td width='20%'>{$maint->product}</td>";
echo "<td>{$maint->licence_quantity} {$maint->licence_type}</td>";
echo "<td>" . ldate($CONFIG['dateformat_date'], $maint->expirydate) . "</td>";
$csql = "SELECT * FROM `{$dbSupportContacts}` ";
$csql .= "WHERE maintenanceid='{$maint->maintid}' ";
$csql .= "ORDER BY contactid LIMIT 4";
## echo "<!-- ($csql) -->";
$cresult = mysql_query($csql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
while ($contact = mysql_fetch_object($cresult)) {
echo "<td>" . contact_realname($contact->contactid) . "</td>";
}
echo "</tr>\n";
$a++;
}
}
echo "</table>";
echo "<hr />";
}
}
}
if ($_REQUEST['mode'] != 'csv') {
echo "<p align='center'><a href='{$_SERVER['PHP_SELF']}?siteid={$siteid}&mode=csv'>{$strSaveAsCSV}</a></p>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
}
