function get_download_type_icon($id_type) { $type = get_db_row("tdownload_type", "id", $id_type); if ($type) { $image = print_image("images/download_type/" . $type["icon"], true, array('title' => safe_output($type["name"]), 'alt' => '')); } else { $image = print_image("images/download_type/default.png", true, array('title' => __('Without type'), 'alt' => '')); } return $image; }
/** * Sends an email to a group. * * If the group doesn't have an email configured, the email is only sent * to the default user. * * @param int Group id. * @param string Email subject. * @param string Email body. */ function send_group_email($id_group, $subject, $body) { $group = get_db_row("tgrupo", "id_grupo", $id_group); $name = $group['nombre']; $email = $group['email']; /* If the group has no email, use the email of the risponsable */ if ($email == '') { $email = get_user_email($group['id_user_default']); } integria_sendmail($email, $subject, $body); }
function check_workunit_permission($id_workunit) { global $config; // Delete workunit with ACL / Project manager check $workunit = get_db_row('tworkunit', 'id', $id_workunit); if ($workunit === false) { return false; } $id_user = $workunit["id_user"]; $id_task = get_db_value("id_task", "tworkunit_task", "id_workunit", $workunit["id"]); $id_project = get_db_value("id_project", "ttask", "id", $id_task); if ($id_user != $config["id_user"] && !give_acl($config["id_user"], 0, "PM") && !project_manager_check($id_project)) { return false; } return true; }
/** * Sends an email to a group. * * If the group doesn't have an email configured, the email is only sent * to the default user. * * @param int Group id. * @param string Email subject. * @param string Email body. */ function send_group_email($id_group, $subject, $body) { $group = get_db_row("tgrupo", "id_grupo", $id_group); $name = $group['nombre']; $emails_group = $group['email_group']; $emails_forced_email = $group['forced_email']; /* If the group has no email, use the email of the risponsable */ $email = get_user_email($group['id_user_default']); integria_sendmail($email, $subject, $body, false, "", $group['email_from']); if ($emails_group == '') { $email_group = explode(',', $emails_group); foreach ($email_group as $k) { integria_sendmail($k, $subject, $body, false, "", $group['email_from']); } } }
public function loadWithID($id) { $result = false; if (!empty($id) && is_numeric($id)) { $fileRow = get_db_row(self::$dbTable, 'id_attachment', $id); if (!empty($fileRow)) { $this->id = $id; $this->description = (string) safe_output($fileRow['description']); $this->uploader = (string) safe_output($fileRow['id_usuario']); $this->created = !empty($fileRow['timestamp']) ? strtotime($fileRow['timestamp']) : false; $this->name = (string) safe_output($fileRow['filename']); $this->publicKey = (string) safe_output($fileRow['public_key']); // File info if (!empty($fileRow) && !empty($this->uploader)) { $filename = (string) safe_output($fileRow['filename']); if (!empty($filename)) { $this->loadFileInfo(self::$fileSharingDir . "/" . $this->uploader . "/" . $this->id . "_" . $filename); } $result = true; } } } return $result; }
break; case "details": echo strtoupper(__('Contact details')); break; case "incidents": echo strtoupper(__('Tickets')); break; case "inventory": echo strtoupper(__('Inventory')); break; default: echo strtoupper(__('Details')); } echo '</li>'; echo '</ul>'; $contact = get_db_row('tcompany_contact', 'id', $id); echo '<div class="under_tabs_info">' . sprintf(__('Contact: %s'), $contact['fullname']) . '</div>'; } switch ($op) { case "incidents": include "contact_incidents.php"; break; case "inventory": include "contact_inventory.php"; break; case "details": include "contact_manage.php"; break; case "files": include "contact_files.php"; break;
include_once ("include/functions_graph.php"); check_login (); $id_grupo = ""; $creacion_incidente = ""; $id = (int) get_parameter ('id'); $clean_output = get_parameter('clean_output'); if (! $id) { require ("general/noaccess.php"); exit; } $incident = get_db_row ('tincidencia', 'id_incidencia', $id); //user with IR and incident creator see the information $check_acl = enterprise_hook("incidents_check_incident_acl", array($incident)); $standalone_check = enterprise_hook("manage_standalone", array($incident)); if (($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl) || ($standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check)) { audit_db ($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to ticket #".$id); include ("general/noaccess.php"); exit; } //Clean output we need to print incident title header :) if ($clean_output) { echo '<h1 class="ticket_clean_report_title">'.__("Statistics")."</h1>"; }
if (!$standard_encoding){ if($os_csv != "W"){ echo mb_convert_encoding($line, 'UTF-16LE', 'UTF-8'). "\n"; } else { echo $line . "\n"; } }else{ echo $line . "\n"; } } exit; } if ($render_html == 1){ $report = get_db_row ('tinventory_reports', 'id', $id); if ($report === false) return; ini_set ("memory_limit", "3072M"); ini_set ("max_execution_time", 600); echo "<h2>".__('Custom report')."</h2>"; echo "<h4>".$report['name']; echo "<div id='button-bar-title'><ul>"; echo "<li><a href='index.php?sec=projects&sec2=operation/inventories/inventory_reports'>".print_image ("images/flecha_volver.png", true, array("title" => __("Back to Report")))."</a></li>"; echo "</ul></div>"; echo "</h4>"; $config['mysql_result_type'] = MYSQL_ASSOC; $rows = get_db_all_rows_sql (clean_output ($report['sql']));
function mail_workorder($id_wo, $mode, $id_note = false, $wo_info = false, $note_info = false) { global $config; $wo = $wo_info; if (!$wo_info) { $wo = get_db_row("ttodo", "id", $id_wo); } // Only send mails when creator is different than owner if ($wo['assigned_user'] == $wo['created_by_user']) { return; } $MACROS["_sitename_"] = $config['sitename']; $MACROS["_wo_id_"] = $wo['id']; $MACROS["_wo_name_"] = $wo['name']; $MACROS["_wo_last_update_"] = $wo['last_update']; $MACROS["_wo_created_by_user_"] = $wo['created_by_user']; $MACROS["_wo_assigned_user_"] = $wo['assigned_user']; $MACROS["_wo_progress_"] = translate_wo_status($wo['progress']); $MACROS["_wo_priority_"] = get_priority_name($wo['priority']); $MACROS["_wo_description_"] = wordwrap($wo["description"], 70, "\n"); $MACROS["_wo_url_"] = $config["base_url"] . "/index.php?sec=projects&sec2=operation/workorders/wo&operation=view&id={$id_wo}"; $MACROS["_wo_title_"] = $wo['name']; $MACROS["_wo_delete_user_"] = $config["id_user"]; //Replace note macros if needed if ($id_note) { if (!$note_info) { $note_info = get_db_row('ttodo_notes', 'id', $id_note); } $MACROS["_wo_note_created_by_user_"] = $note_info["written_by"]; $MACROS["_wo_notes_url_"] = $config["base_url"] . "/index.php?sec=projects&sec2=operation/workorders/wo&operation=view&tab=notes&id={$id_wo}"; $MACROS["_wo_note_info_"] = $note_info["description"]; $MACROS["_wo_note_delete_user_"] = $config["id_user"]; } // Send email for assigned and creator of this workorder $email_creator = get_user_email($wo['created_by_user']); $email_assigned = get_user_email($wo['assigned_user']); switch ($mode) { case 0: // WO update $text = template_process($config["homedir"] . "/include/mailtemplates/wo_update.tpl", $MACROS); $subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_update.tpl", $MACROS); break; case 1: // WO creation $text = template_process($config["homedir"] . "/include/mailtemplates/wo_create.tpl", $MACROS); $subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_create.tpl", $MACROS); break; case 3: // WO deleted $text = template_process($config["homedir"] . "/include/mailtemplates/wo_delete.tpl", $MACROS); $subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_delete.tpl", $MACROS); break; case 4: //New note $text = template_process($config["homedir"] . "/include/mailtemplates/wo_new_note.tpl", $MACROS); $subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_new_note.tpl", $MACROS); break; case 5: //Delete note $text = template_process($config["homedir"] . "/include/mailtemplates/wo_delete_note.tpl", $MACROS); $subject = template_process($config["homedir"] . "/include/mailtemplates/wo_subject_delete_note.tpl", $MACROS); break; } $msg_code = "WO#{$id_wo}"; $msg_code .= "/" . substr(md5($id_wo . $config["smtp_pass"] . $wo["assigned_user"]), 0, 5); $msg_code .= "/" . $wo["assigned_user"]; integria_sendmail($email_assigned, $subject, $text, false, $msg_code); $msg_code = "WO#{$id_wo}"; $msg_code .= "/" . substr(md5($id_wo . $config["smtp_pass"] . $wo["created_by_user"]), 0, 5); $msg_code .= "/" . $wo["created_by_user"]; integria_sendmail($email_creator, $subject, $text, false, $msg_code); }
function task_activity_graph($id_task, $width = 900, $height = 230, $area = false, $return = false) { global $config; $task = get_db_row("ttask", "id", $id_task); $output = ""; $start_unixdate = strtotime($task["start"]); $end_unixdate = strtotime("now"); $period = $end_unixdate - $start_unixdate; $resolution = 50; $interval = (int) ($period / $resolution); if (!$area) { $output .= __("Each bar is") . " " . human_time_description_raw($interval); $output .= "<br>"; } $data = get_db_all_rows_sql("SELECT tworkunit.duration as duration, \n tworkunit.timestamp as timestamp FROM tworkunit, tworkunit_task, ttask \n\t\t\tWHERE tworkunit_task.id_task = {$id_task}\n\t\t\tAND tworkunit_task.id_workunit = tworkunit.id GROUP BY tworkunit.id ORDER BY timestamp ASC"); if ($data === false) { $data = array(); } $min_necessary = 1; // Check available data if (count($data) < $min_necessary) { return; } // Set initial conditions $chart = array(); $names = array(); $chart2 = array(); // Calculate chart data for ($i = 0; $i < $resolution; $i++) { $timestamp = $start_unixdate + $interval * $i; $total = 0; $j = 0; while (isset($data[$j])) { $dftime = strtotime($data[$j]['timestamp']); if ($dftime >= $timestamp && $dftime < $timestamp + $interval) { $total += $data[$j]['duration']; } $j++; } $time_format = "M d"; $timestamp_human = clean_flash_string(date($time_format, $timestamp)); $chart2[$timestamp_human] = $total; } $colors['1day']['color'] = "#2179B1"; $colors['1day']['border'] = "#000"; $colors['1day']['alpha'] = 100; foreach ($chart2 as $key => $ch) { $chart3[$key]['1day'] = $ch; } $legend = array(); $xaxisname = __('Days'); $yaxisname = __('Hours'); if ($area) { $output .= area_graph($config['flash_charts'], $chart3, $width, $height, $colors, $legend, '', '', '', $yaxisname, '', '', $config['font'], $config['fontsize']); } else { $output .= vbar_graph($config['flash_charts'], $chart3, $width, $height, $colors, $legend, $xaxisname, $yaxisname, "", "", $config['font'], $config['fontsize']); } if ($return) { return $output; } else { echo $output; } }
check_login (); if (!isset($read_permission)) { $read_permission = check_crm_acl ('lead', 'cr', $config['id_user'], $id); if (!$read_permission) { audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead"); include ("general/noaccess.php"); exit; } } // Delete file $deletef = get_parameter ("deletef", ""); if ($deletef != ""){ $file = get_db_row ("tattachment", "id_attachment", $deletef); if ( (dame_admin($config["id_user"])) || ($file["id_usuario"] == $config["id_user"]) ){ $sql = "DELETE FROM tattachment WHERE id_attachment = $deletef"; process_sql ($sql); $filename = $config["homedir"]."/attachment/". $file["id_attachment"]. "_" . $file["filename"]; unlink ($filename); echo ui_print_success_message (__("Successfully deleted"), '', true, 'h3', true); } } // Upload file if (isset($_GET["upload"])) { if (isset($_POST['upfile']) && ( $_POST['upfile'] != "" )){ //if file $filename= $_POST['upfile'];
if (! $result) echo ui_print_error_message (__('Could not be deleted'), '', true, 'h3', true); else { echo ui_print_success_message (__('Successfully deleted'), '', true, 'h3', true); } } // CREATE form if ((isset($_GET["create"]) OR (isset($_GET["update"])))) { if (isset($_GET["create"])){ $id_group = 0; $name = ""; $id = -1; } else { $id = get_parameter ("update",-1); $row = get_db_row ("tdownload_category", "id", $id); $name = $row["name"]; $icon = $row["icon"]; $id_group = $row["id_group"]; } echo "<h2>".__('File release category access management')."</h2>"; echo "<h4>".__('Create a new category access')."</h4>"; echo "<form name=catman method='post' action='index.php?sec=download& sec2=operation/download/manage_perms&create2'>"; echo '<table width="100%" class="search-table-button">'; echo "<tr>"; echo "<td class=datos>";
$now = print_mysql_timestamp(); $res = workorders_insert_note ($id, $config["id_user"], $note, $now); if (! $res) echo '<h3 class="error">'.__('There was a problem creating the note').'</h3>'; else echo '<h3 class="suc">'.__('Note was added successfully').'</h3>'; } if ($delete) { $id_note = get_parameter("id_note"); $note = get_db_row ("ttodo_notes", "id", $id_note); $sql = sprintf("DELETE FROM ttodo_notes WHERE id = %d", $id_note); $res = process_sql($sql); if (! $res) echo '<h3 class="error">'.__('There was a problem deleting the note').'</h3>'; else echo '<h3 class="suc">'.__('Note was deleted successfully').'</h3>'; mail_workorder ($id, 5, $res, false, $note); } $table = new StdClass(); $table->width = '100%';
$i++; continue; } $i++; $row0 = get_db_row("tusuario", "id_usuario", $key); if ($row0) { $nombre = $row0["id_usuario"]; $avatar = $row0["avatar"]; // Get total hours for this month $sql = "SELECT SUM(duration) FROM tworkunit WHERE timestamp > '{$begin_month}' AND timestamp < '{$end_month}' AND id_user = '******'"; if ($res = mysql_query($sql)) { $row = mysql_fetch_array($res); } echo "<tr><td>"; echo "<a href='index.php?sec=users&sec2=operation/users/user_edit&id={$nombre}' class='tip'> <span>"; $usuario = get_db_row("tusuario", "id_usuario", $nombre); echo "<b>" . $usuario["nombre_real"] . "</b><br>"; echo "<i>" . $usuario["comentarios"] . "</i><br>"; // TODO - Move this to enterprise code. if ($config["enteprise"] == 1) { echo "<font size=1px>"; $sql1 = 'SELECT * FROM tusuario_perfil WHERE id_usuario = "' . $nombre . '"'; $result1 = mysql_query($sql1); if (mysql_num_rows($result1)) { while ($row1 = mysql_fetch_array($result1)) { echo dame_perfil($row1["id_perfil"]) . "/ "; echo dame_grupo($row1["id_grupo"]) . "<br>"; } } else { echo __('This user doesn\'t have any assigned profile/group'); }
$name = ""; $icon = ""; $id_user_default = ""; $id_user = ""; $banner = ""; $parent = ""; $forced_email = true; $soft_limit = 5; $hard_limit = 20; $enforce_soft_limit = 1; $id_sla = 0; $email_from = ''; $email_group = ''; $creacion_grupo = (bool) get_parameter('creacion_grupo'); if ($id) { $group = get_db_row('tgrupo', 'id_grupo', $id); if ($group) { $name = $group['nombre']; $icon = $group['icon']; $id_user_default = $group['id_user_default']; $banner = $group['banner']; $parent = $group['parent']; $soft_limit = $group["soft_limit"]; $hard_limit = $group["hard_limit"]; $enforce_soft_limit = (bool) $group["enforce_soft_limit"]; $forced_email = (bool) $group['forced_email']; $id_sla = $group["id_sla"]; $id_user = get_db_value('id_user_default', 'tgrupo', 'id_grupo', $id); $id_inventory = $group["id_inventory_default"]; $inventory_name = get_inventory_name($group["id_inventory_default"]); $autocreate_user = $group["autocreate_user"];
if ($new_sla) { $name = ""; $description = ""; $min_response = 48.0; $max_response = 480.0; $max_incidents = 10; $max_inactivity = 96.0; $id_sla_base = 0; $enforced = 1; $five_daysonly = 1; $time_from = 8; $time_to = 18; $no_holidays = 1; $id_sla_type = 0; } else { $sla = get_db_row ('tsla', 'id', $id); $name = $sla['name']; $description = $sla['description']; $min_response = $sla['min_response']; $max_response = $sla['max_response']; $max_incidents = $sla['max_incidents']; $max_inactivity = $sla['max_inactivity']; $id_sla_base = $sla['id_sla_base']; $enforced = $sla['enforced']; $five_daysonly = $sla["five_daysonly"]; $time_from = $sla["time_from"]; $time_to = $sla["time_to"]; $no_holidays = $sla["no_holidays"]; $id_sla_type = $sla["id_sla_type"]; }
$name = get_db_value('name', 'tbuilding', 'id', $id); $sql = sprintf('DELETE FROM tbuilding WHERE id = %d', $id); process_sql($sql); audit_db($config["id_user"], $config["REMOTE_ADDR"], "Building", "Deleted building {$id} - {$name}"); echo '<h3 class="suc">' . __('Successfully deleted') . '</h3>'; $id = 0; } echo '<h2>' . __('Building management') . '</h2>'; // FORM (Update / Create) if ($id || $new_building) { if ($new_building) { $id = 0; $name = ""; $description = ""; } else { $building = get_db_row('tbuilding', 'id', $id); $name = $building['name']; $description = $building['description']; } $table->width = "90%"; $table->class = "databox"; $table->data = array(); $table->colspan = array(); $table->colspan[1][0] = 2; $table->data[0][0] = print_input_text('name', $name, '', 60, 100, true, __('Building name')); $table->data[1][0] = print_textarea('description', 14, 1, $description, '', true, __('Description')); echo '<form method="post" action="index.php?sec=inventory&sec2=operation/buildings/building_detail">'; print_table($table); echo '<div class="button" style="width: ' . $table->width . '">'; if ($id) { print_submit_button(__('Update'), 'update_btn', false, 'class="sub upd"', false);
} $operation = ""; } // --------------- // CREATE (form) // --------------- if ($operation == "create" || $operation == "edit") { if ($operation == "create") { $name = ""; $description = ""; $id_language = ""; $id_company = 0; $subject = ""; } else { // TODO: Check ACL here. Dont allow to read Id not my company or child (or admin) $template = get_db_row("tcrm_template", "id", $id); $name = $template["name"]; $description = $template["description"]; $id_language = $template["id_language"]; $id_company = $template["id_company"]; $subject = $template["subject"]; } $table->width = '99%'; $table->class = 'search-table-button'; $table->colspan = array(); $table->colspan[3][0] = 2; $table->data = array(); $table->data[1][0] = print_input_text('name', $name, '', 50, 100, true, __('Name')); $table->data[1][1] = print_select_from_sql('SELECT id_language, name FROM tlanguage ORDER BY name', 'id_language', $id_language, '', '', '', true, false, false, __('Language')); $sql2 = "SELECT id, name FROM tcompany ORDER by name"; $table->data[2][0] = print_input_text('subject', $subject, '', 70, 200, true, __('Subject'));
public function show() { if ($this->permission) { $system = System::getInstance(); $message = ""; switch ($this->operation) { case 'insert': $result = $this->insertWorkOrder($system->getConfig('id_user'), $this->assigned_user, $this->title, $this->priority, $this->status, $this->category, $this->id_task, $this->description); if ($result) { $this->id_workorder = $result; $message = "<h2 class='suc'>" . __('Successfully created') . "</h2>"; } else { $message = "<h2 class='error'>" . __('An error ocurred while creating the workorder') . "</h2>"; } break; case 'update': $result = $this->updateWorkOrder($this->id_workorder, $this->assigned_user, $this->title, $this->priority, $this->status, $this->category, $this->id_task, $this->description); if ($result) { $message = "<h2 class='suc'>" . __('Successfully updated') . "</h2>"; } else { $message = "<h2 class='error'>" . __('An error ocurred while updating the workorder') . "</h2>"; } break; case 'delete': $result = $this->deleteWorkOrder($this->id_workorder); if ($result) { $this->id_workorder = -1; $message = "<h2 class='suc'>" . __('Successfully deleted') . "</h2>"; } else { $message = "<h2 class='error'>" . __('An error ocurred while deleting the workorder') . "</h2>"; } break; case 'view': $workorder = get_db_row("ttodo", "id", $this->id_workorder); $this->setValues($this->id_workorder, $workorder['name'], $workorder['assigned_user'], $workorder['priority'], $workorder['progress'], $workorder['id_wo_category'], $workorder['id_task'], $workorder['description'], 'view'); break; default: if ($this->id_workorder > 0) { $workorder = get_db_row("ttodo", "id", $this->id_workorder); $this->setValues($this->id_workorder, $workorder['name'], $workorder['assigned_user'], $workorder['priority'], $workorder['progress'], $workorder['id_wo_category'], $workorder['id_task'], $workorder['description'], 'view'); } } $this->showWorkOrder($message); } else { $this->showNoPermission(); } }
function api_download_file($return_type, $user, $id_file) { global $config; $data = get_db_row("tattachment", "id_attachment", $id_file); if (!check_user_incident($user, $data['id_incidencia'])) { return; } $fileLocation = $config["homedir"] . "/attachment/" . $data["id_attachment"] . "_" . $data["filename"]; switch ($return_type) { case "xml": echo xml_node(base64_encode(file_get_contents($fileLocation))); break; case "csv": echo base64_encode(file_get_contents($fileLocation)); break; } }
} $id = 0; } //********************************************************************** // Object edition form //********************************************************************** if ($create || $id) { if ($create) { $icon = ""; $description = ""; $name = ""; $id = -1; $min_stock = 0; $show_in_tree = 0; } else { $object = get_db_row("tobject_type", "id", $id); $description = $object["description"]; $name = $object["name"]; $icon = $object["icon"]; $min_stock = $object["min_stock"]; $show_in_list = $object["show_in_list"]; } /*if ($id == -1) { echo "<h3>".__('Create a new object')."</h3>"; } else { echo "<h3>".__('Update existing object')."</h3>"; }*/ $table->width = '99%'; $table->class = 'search-table-button'; $table->colspan = array(); $table->colspan[3][0] = 2;
$table->tablealign = "left"; $table->data = array(); $table->size = array(); $table->style = array(); $table->style[0] = 'font-weight: bold'; $table->colspan = array(); $table->head[0] = __('ID'); //$table->head[1] = __('Description'); $table->head[2] = __('Amount'); $table->head[3] = __('Type'); $table->head[4] = __('Status'); $table->head[5] = __('Creation'); $table->head[6] = __('Expiration'); $table->head[7] = __('Options'); $counter = 0; $company = get_db_row('tcompany', 'id', $id); foreach ($invoices as $invoice) { $lock_permission = crm_check_lock_permission($config["id_user"], $invoice["id"]); $is_locked = crm_is_invoice_locked($invoice["id"]); $locked_id_user = false; if ($is_locked) { $locked_id_user = crm_get_invoice_locked_id_user($invoice["id"]); } $data = array(); $url = "index.php?sec=customers&sec2=operation/companies/company_detail&view_invoice=1&id=" . $id . "&op=invoices&id_invoice=" . $invoice["id"]; $data[0] = "<a href='{$url}'>" . $invoice["bill_id"] . "</a>"; //$data[1] = "<a href='$url'>".$invoice["description"]."</a>"; $data[2] = format_numeric(get_invoice_amount($invoice["id"])) . " " . strtoupper($invoice["currency"]); $tax = get_invoice_tax($invoice["id"]); $tax_amount = get_invoice_amount($invoice["id"]) * (1 + $tax / 100); if ($tax != 0) {
if ($is_enterprise) { $read_permission = inventory_check_acl($config['id_user'], $id); $write_permission = inventory_check_acl($config['id_user'], $id, true); if (!$read_permission) { audit_db ($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to inventory ".$id); include ("general/noaccess.php"); exit; } } require_once ('include/functions_inventories.php'); $inventory = get_db_row ('tinventory', 'id', $id); //********************************************************************** // Tabs //********************************************************************** if(!isset($inventory_name)){ $inventory_name = ''; } print_inventory_tabs('contacts', $id, $inventory_name); $table = new stdClass; $table->width = '99%'; $table->class = 'listing'; $table->head = array (); $table->size = array ();
$email = (string) get_parameter ('email'); $position = (string) get_parameter ('position'); $id_company = (int) get_parameter ('id_company'); $disabled = (int) get_parameter ('disabled'); $description = (string) get_parameter ('description'); $id_contract = (int) get_parameter ('id_contract'); if ($id_contract) { $id_company = (int) get_db_value ('id_company', 'tcontract', 'id', $id_contract); } } else { if (!$read_permission) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access a contact in a group without access"); require ("general/noaccess.php"); exit; } $contact = get_db_row ("tcompany_contact", "id", $id); $fullname = $contact['fullname']; $phone = $contact['phone']; $mobile = $contact['mobile']; $email = $contact['email']; $position = $contact['position']; $id_company = $contact['id_company']; $disabled = $contact['disabled']; $description = $contact['description']; } $table = new stdClass(); $table->width = "100%"; $table->data = array (); $table->colspan = array (); $table->colspan[0][0] = 4;
$participant["direccion"]; $text = ascii_output ($description); $subject = ascii_output ($title); integria_sendmail ($participant["direccion"], $subject, $text); } echo ui_print_success_message (__("Operation successfully completed"), '', true, 'h3', true); } // Get names if ($id_project) $project_name = get_db_value ('name', 'tproject', 'id', $id_project); else $project_name = ''; if ($id_task) $task = get_db_row ('ttask', 'id', $id_task); $task_days = $task["hours"] / $config["hours_perday"]; $task_cost = $task['estimated_cost']. $config["currency"]; $prio_array = get_priorities(); $task_participants = get_db_all_rows_sql ("SELECT direccion, nombre_real FROM tusuario, trole_people_task WHERE tusuario.id_usuario = trole_people_task.id_user AND trole_people_task.id_task = $id_task"); $participants =""; foreach ($task_participants as $participant){ $participants .= $participant["nombre_real"]. ", "; } $title = "[".$config["sitename"]."] Task report - $project_name / ".$task["name"]; $description = sprintf ( "This is a resume of task %s. This report has been sent by Project manager [%s]
global $config; check_login(); include_once "include/functions_tasks.php"; include_once "include/functions_graph.php"; $id_project = (int) get_parameter('id_project'); if (!$id_project) { // Doesn't have access to this page audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager without project"); no_permission(); } $project_access = get_project_access($config["id_user"], $id_project); if (!$project_access["read"]) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project"); no_permission(); } $project = get_db_row('tproject', 'id', $id_project); $update = get_parameter("update"); $create = get_parameter("create"); $delete = get_parameter("delete"); if (!$update && !$create && !$delete) { if (!manage_any_task($config["id_user"], $id_project)) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to task manager of unauthorized project"); no_permission(); } } //Delete task if ($delete) { $task_access = get_project_access($config["id_user"], $id_project, $delete); //Check if admin or project manager before delete the task if (!$task_access["manage"]) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to delete a task without permission");
$sql = "INSERT INTO tnewsletter_address (id_newsletter, email, name, datetime, status) VALUES ({$newsletter}, '{$email}', '{$name}', '{$now}',0)"; $result = mysql_query($sql); if ($result) { $newsletter_name = get_db_sql("SELECT name FROM tnewsletter WHERE id = {$newsletter}"); $text .= __("Welcome to") . " " . $newsletter_name . " " . __("newsletter") . "\n\n"; $text .= __("Please use this URL to de-subscribe yourself from this newsletter:") . "\n\n"; $text .= $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id={$newsletter}"; $text .= "\n\n" . __("Thank you"); integria_sendmail($email, "Newsletter subscription - {$newsletter_name}", $text); } } } return; } if ($operation == "desubscribe") { $newsletter = get_db_row("tnewsletter", "id", $id); // safe exit if (!isset($newsletter["id"])) { return; } $now = date("Y-m-d H:i:s"); echo "<form method=post action='" . $config["base_url"] . "/include/newsletter.php'>"; if (!$clean) { echo "<h3>"; echo __("De-subscription form for ") . " " . $newsletter["name"]; echo "</h3>"; echo "<p style='width: 500px'><i>"; echo $newsletter["description"]; echo "</p></i>"; echo "<p style='width: 500px'>"; echo __("Please enter here the email address which you're registered on this newsletter");
$id = -1; $id_product = 1; $id_category = 1; $id_language = ''; $id_incident = (int) get_parameter("id_incident", 0); if ($id_incident) { // Get incident data $incident = get_db_row_sql('SELECT titulo, descripcion, epilog FROM tincidencia WHERE id_incidencia = ' . $id_incident); if ($incident !== false) { $title = $incident['titulo']; $data = $incident['descripcion'] . "\n\n" . $incident['epilog']; } } } else { $id = get_parameter("update", -1); $row = get_db_row("tkb_data", "id", $id); $data = $row["data"]; $title = $row["title"]; $id_product = $row["id_product"]; $id_language = $row["id_language"]; $id_category = $row["id_category"]; if ($id != -1 && !check_kb_item_accessibility($id_user, $id)) { audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item"); require "general/noaccess.php"; exit; } } echo "<h2>" . __('KB Data management') . "</h2>"; if ($id == -1) { echo "<h3>" . __('Create a new KB item') . "</a></h3>"; echo "<form id='form-kb_item' name=prodman method='post' action='index.php?sec=kb&sec2=operation/kb/manage_data&create2'>";
global $config; check_login(); if (!$id) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward"); include "general/noaccess.php"; exit; } $write_permission = check_crm_acl('lead', 'cw', $config['id_user'], $id); $manage_permission = check_crm_acl('lead', 'cm', $config['id_user'], $id); if (!$write_permission && !$manage_permission) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to a lead forward"); include "general/noaccess.php"; exit; } $lead = get_db_row('tlead', 'id', $id); $user = get_db_row("tusuario", "id_usuario", $config["id_user"]); $company_user = get_db_sql("select name FROM tcompany where id = " . $user["id_company"]); $from = get_parameter("from", $user["direccion"]); $to = get_parameter("to", ""); $subject = get_parameter("subject", ""); $mail = get_parameter("mail", ""); $send = (int) get_parameter("send", 0); $cco = get_parameter("cco", ""); // Send mail if ($send) { if ($subject != "" and $from != "" and $to != "") { echo "<h3 class='suc'>" . __('Mail queued') . "</h3>"; integria_sendmail($to, $subject, $mail, false, "", $from, true); if ($cco != "") { integria_sendmail($cco, $subject, $mail, false, "", $from, true); }
function render_sidebox_user_info($user, $label) { $output = ""; $output .= '<div style="text-align:center;"><b>' . __($label) . ' </b></div>'; $output .= '<div class="user_info_sidebox">'; $output .= print_user_avatar($user, true, true); $output .= '<a href="index.php?sec=users&sec2=operation/users/user_edit&id=' . $user . '">'; $output .= ' <strong>' . $user . '</strong></a><br>'; $user_data = get_db_row("tusuario", "id_usuario", $user); if ($user_data["nombre_real"] != "") { $output .= $user_data["nombre_real"] . "<br>"; } if ($user_data["telefono"] != "") { $output .= $user_data["telefono"] . "<br>"; } if ($user_data["direccion"] != "") { $output .= $user_data["direccion"]; } if ($user_data["id_company"] != 0) { $company_name = (string) get_db_value('name', 'tcompany', 'id', $user_data['id_company']); $output .= "<br>(<em>{$company_name}</em>)"; } $output .= '</div>'; return $output; }