function check_alarm_calendar($count = true, $id = false) { global $config; $now = strtotime(date('Y-m-d H:i:s')); if ($count) { $sql = "SELECT count(`id`) as num_alarms FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})"; $alarms = get_db_value_sql($sql); } else { if (!$count && !$id) { $sql = "SELECT * FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})"; $alarms = get_db_all_rows_sql($sql); } else { $sql = "SELECT * FROM tagenda \n\t\t\tWHERE id_user='******'id_user'] . "'\n\t\t\tAND alarm <> 0\n\t\t\tAND id={$id}\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - {$now}) > 0)\n\t\t\tAND ((UNIX_TIMESTAMP(`timestamp`) - (`alarm` * 60)) <= {$now})"; $alarms = get_db_row_sql($sql); } } return $alarms; }
function users_get_users_owners_or_creators($id_user, $id_group = false) { global $config; $values = array(); if ($id_user === 0) { $id_user = $config['id_user']; } if ($id_group) { $query_users = "SELECT id_usuario FROM tusuario_perfil WHERE id_grupo = {$id_group} OR id_grupo = 0"; } else { $query_users = users_get_allowed_users_query($id_user, false); } $users = get_db_all_rows_sql($query_users); if ($users == false) { $users = array(); } foreach ($users as $user) { $values[$user['id_usuario']] = get_db_row_sql("SELECT id_usuario, nombre_real, num_employee FROM tusuario WHERE id_usuario = '" . $user['id_usuario'] . "'"); } return $values; }
} } // Lock/Unlock INVOICE // ---------------- if ($lock_invoice == 1 && $id_invoice) { $locked = crm_is_invoice_locked ($id_invoice); $res = crm_change_invoice_lock ($config["id_user"], $id_invoice); if ($res === -1) { // -1 equals to false permission to lock or unlock the invoice audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to lock/unlock an invoice"); include ("general/noaccess.php"); exit; } else { $invoice = get_db_row_sql ("SELECT * FROM tinvoice WHERE id = $id_invoice"); $company_name = get_db_value('name', 'tcompany', 'id', $invoice['id_company']); if ($locked && $res === 0) { // The invoice was locked and now is unlocked audit_db ($config["id_user"], $config["REMOTE_ADDR"], "Invoice unlocked", "Invoice Bill ID: ".$invoice['bill_id'].", Company: $company_name"); } elseif (!$locked && $res === 1) { // The invoice was unlocked and now is locked audit_db ($config["id_user"], $config["REMOTE_ADDR"], "Invoice locked", "Invoice Bill ID: ".$invoice['bill_id'].", Company: $company_name"); } clean_cache_db(); } } $where_clause = " 1 = 1 "; if ($search_text != "") { $where_clause .= sprintf ('AND (id_company IN (SELECT id FROM tcompany WHERE name LIKE "%%%s%%") OR
function graph_sla($incident) { $id_incident = $incident['id_incidencia']; $utimestamp = time(); //Get sla values for this incident $sla_affected = get_db_value("affected_sla_id", "tincidencia", "id_incidencia", $id_incident); $values['id_incident'] = $id_incident; $values['utimestamp'] = $utimestamp; //If incident is affected by SLA then the graph value is 0 if ($sla_affected) { $values['value'] = 0; } else { $values['value'] = 1; } $sql = sprintf("SELECT value\n\t\t\t\t\tFROM tincident_sla_graph_data\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\tORDER BY utimestamp DESC", $id_incident); $result = get_db_row_sql($sql); $last_value = !empty($result) ? $result['value'] : -1; if ($values['value'] != $last_value) { //Insert SLA value in table process_sql_insert('tincident_sla_graph_data', $values); } }
function get_custom_search($id_search, $section) { global $config; $sql = sprintf('SELECT * FROM tcustom_search WHERE id = %d AND id_user = "******" AND section = "%s"', $id_search, $config['id_user'], $section); return get_db_row_sql($sql); }
$result_output = ui_print_success_message (__('Locked successfully'), '', true, 'h3', true); audit_db ($config['id_user'], $config["REMOTE_ADDR"], "Work unit locked", "Workunit for ".$config['id_user']); if (defined ('AJAX')) { echo '<img src="images/rosette.png" title="'.__('Locked by').' '.$config['id_user'].'" />'; print_user_avatar ($config['id_user'], true); return; } } if ($id_workunit) { $sql = sprintf ('SELECT * FROM tworkunit WHERE tworkunit.id = %d', $id_workunit); $workunit = get_db_row_sql ($sql); $belong_to_ticket = get_db_value_sql("SELECT * FROM tworkunit_incident WHERE id_workunit = ".$id_workunit); if (($workunit === false) OR $belong_to_ticket) { require ("general/noaccess.php"); return; } // $id_task = $workunit['id_task']; // $id_project = get_db_value ('id_project', 'ttask', 'id', $id_task); $id_user = $workunit['id_user']; $wu_user = $id_user; $duration = $workunit['duration']; $description = $workunit['description'];
if ($update_task) { $id_task = get_parameter("id"); $start_date = get_parameter("start_date"); $end_date = get_parameter("end_date"); $progress = get_parameter("progress"); //Fix date $start_date = safe_output($start_date); $start_time = strtotime($start_date); $start_date = date("Y-m-d", $start_time); $end_date = safe_output($end_date); $end_time = strtotime($end_date); $end_date = date("Y-m-d", $end_time); //Fix progress $progress = $progress * 100; $progress = (int) $progress; $current_task = get_db_row_sql(sprintf("SELECT * FROM ttask WHERE id = %d", $id_task)); //If task is the same don't update it and return and OK message if ($start_date == $current_task["start"] && $end_date == $current_task["end"] && $progress == $current_task["completion"]) { $res = true; } else { //If something is different then update task $sql = sprintf('UPDATE ttask SET completion = %d, start = "%s", end = "%s" WHERE id = %d', $progress, $start_date, $end_date, $id_task); $res = process_sql($sql); } if ($res) { $msg = __("Task updated"); } else { $msg = __("Error updating task"); } $ret = array("res" => $res, "msg" => $msg);
function inventories_get_all_external_field($external_table_name, $external_reference_field, $data_id_external_table) { global $config; if (empty($external_table_name)) { return false; } $sql_check = "SHOW TABLES LIKE '{$external_table_name}'"; $exists = process_sql($sql_check); if (!$exists) { return false; } $sql_ext = "SHOW COLUMNS FROM " . $external_table_name; $external_data = get_db_all_rows_sql($sql_ext); $sql = "SELECT * FROM {$external_table_name} WHERE {$external_reference_field}={$data_id_external_table}"; $fields_ext = get_db_row_sql($sql); if ($fields_ext === false) { $fields_ext = array(); } $fields = array(); foreach ($external_data as $key => $ext) { $fields[$ext['Field']] = $ext['Field']; } $all_fields_ext = array(); $i = 0; foreach ($fields_ext as $key => $val) { if ($key != $external_reference_field && array_key_exists($key, $fields)) { $all_fields_ext[$i]['label_enco'] = base64_encode($key); $all_fields_ext[$i]['label'] = safe_output($key); $all_fields_ext[$i]['data'] = safe_output($val); $i++; } } return $all_fields_ext; }
function incidents_update_incident_stats_data($incident) { $start_time = strtotime($incident["inicio"]); // Check valid date if ($start_time < strtotime('1970-01-01 00:00:00')) { return; } $id_incident = $incident["id_incidencia"]; $last_incident_update = $incident["last_stat_check"]; $last_incident_update_time = strtotime($last_incident_update); $now = time(); $metrics = array(INCIDENT_METRIC_USER, INCIDENT_METRIC_STATUS, INCIDENT_METRIC_GROUP); foreach ($metrics as $metric) { $state = incidents_metric_to_state($metric); // Get the last updated item in the last incident update $sql = sprintf("SELECT timestamp, id_aditional\n\t\t\t\t\t\tFROM tincident_track\n\t\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\t\tAND state = %d\n\t\t\t\t\t\t\tAND timestamp < '%s'\n\t\t\t\t\t\tORDER BY timestamp DESC\n\t\t\t\t\t\tLIMIT 1", $id_incident, $state, $last_incident_update); $last_updated_value = process_sql($sql); if ($last_updated_value === false) { $last_updated_value = array(); } // Get the changes of the metric from the incident track table // Get only the changes produced before the last incident update // in ascending order $sql = sprintf("SELECT timestamp, id_aditional\n\t\t\t\t\t\tFROM tincident_track\n\t\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\t\tAND state = %d\n\t\t\t\t\t\t\tAND timestamp > '%s'\n\t\t\t\t\t\tORDER BY timestamp ASC", $id_incident, $state, $last_incident_update); $track_values = process_sql($sql); if ($track_values === false) { $track_values = array(); } // If there is no changes since the last incident update, // the actual value is updated if (count($track_values) < 1 && count($last_updated_value) > 0) { incidents_update_stats_item($id_incident, $last_updated_value[0]["id_aditional"], $metric, $last_incident_update_time, $now); } // Go over the changes to create the stat items and set the seconds // passed in every state for ($i = 0; $i < count($track_values); $i++) { $min_time = strtotime($track_values[$i]["timestamp"]); if ($track_values[$i + 1]) { // There was a change after this change $max_time = strtotime($track_values[$i + 1]["timestamp"]); } else { // The actual value $max_time = $now; } // Final update to the last metric item of the last incident update if (!$track_values[$i - 1] && count($last_updated_value) > 0) { incidents_update_stats_item($id_incident, $last_updated_value[0]["id_aditional"], $metric, $last_incident_update_time, $min_time); } incidents_update_stats_item($id_incident, $track_values[$i]["id_aditional"], $metric, $min_time, $max_time); } } // total_time $filter = array("metric" => INCIDENT_METRIC_STATUS, "status" => STATUS_CLOSED, "id_incident" => $id_incident); $closed_time = get_db_value_filter("seconds", "tincident_stats", $filter); if (!$closed_time) { $closed_time = 0; } $start_time = strtotime($incident["inicio"]); $holidays_seconds = incidents_get_holidays_seconds_by_timerange($start_time, $now); $total_time = $now - $start_time - $closed_time - $holidays_seconds; $sql = sprintf("SELECT id\n\t\t\t\t\tFROM tincident_stats\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\tAND metric = '%s'", $id_incident, INCIDENT_METRIC_TOTAL_TIME); $row = get_db_row_sql($sql); //Check if we have a previous stat metric to update or create it if ($row) { $val_upd = array("seconds" => $total_time); $val_where = array("id" => $row["id"]); process_sql_update("tincident_stats", $val_upd, $val_where); } else { $val_new = array("seconds" => $total_time, "metric" => INCIDENT_METRIC_TOTAL_TIME, "id_incident" => $id_incident); process_sql_insert("tincident_stats", $val_new); } // total_w_third $filter = array("metric" => INCIDENT_METRIC_STATUS, "status" => STATUS_PENDING_THIRD_PERSON, "id_incident" => $id_incident); $third_time = get_db_value_filter("seconds", "tincident_stats", $filter); if (!$third_time || $third_time < 0) { $third_time = 0; } $total_time -= $third_time; $sql = sprintf("SELECT id\n\t\t\t\t\tFROM tincident_stats\n\t\t\t\t\tWHERE id_incident = %d\n\t\t\t\t\t\tAND metric = '%s'", $id_incident, INCIDENT_METRIC_TOTAL_TIME_NO_THIRD); $row = get_db_row_sql($sql); //Check if we have a previous stat metric to update or create it if ($row) { $val_upd = array("seconds" => $total_time); $val_where = array("id" => $row["id"]); process_sql_update("tincident_stats", $val_upd, $val_where); } else { $val_new = array("seconds" => $total_time, "metric" => INCIDENT_METRIC_TOTAL_TIME_NO_THIRD, "id_incident" => $id_incident); process_sql_insert("tincident_stats", $val_new); } //Update last_incident_update field from tincidencia $update_values = array("last_stat_check" => date("Y-m-d H:i:s", $now)); process_sql_update("tincidencia", $update_values, array("id_incidencia" => $id_incident)); }
return; } } return; break; case 'delete_contract': $sql = sprintf('DELETE FROM tcontract WHERE id = %d', $id); process_sql($sql); audit_db($config['id_user'], $REMOTE_ADDR, "Contract deleted", "Contract named '{$name}' has been deleted"); $message = 'Successfully deleted'; echo 'Successfully deleted'; return; break; case 'delete_company_invoice': case 'delete_invoice': $invoice = get_db_row_sql("SELECT * FROM tinvoice WHERE id = {$id}"); if ($invoice["id"] && !crm_is_invoice_locked($invoice["id"])) { // Todo: Delete the invoice files from disk if ($invoice["id_attachment"] != "") { process_sql("DELETE FROM tattachment WHERE id_attachment = " . $invoice["id_attachment"]); } $res = process_sql("DELETE FROM tinvoice WHERE id = {$id}"); if ($res > 0) { echo 'Successfully deleted'; $company_name = get_db_value('name', 'tcompany', 'id', $invoice['id_company']); audit_db($config["id_user"], $config["REMOTE_ADDR"], "Invoice deleted", "Invoice Bill ID: " . $invoice['bill_id'] . ", Company: {$company_name}"); } } return; break; case 'delete_lead':
$assigned_role .= get_task_workunit_hours_user ($id_task, $row["id_user"]); $assigned_role .= "</a></b></td>"; if ($task_permission["manage"]) { $assigned_role .= "<td>"; $offset=0; $assigned_role .= "<a href='#' onClick='javascript: show_validation_delete_general(\"delete_people_task_human\",".$id_project.",".$id_task.",".$row['id'].",\"".$search_params."\");'><img src='images/cross.png' title='".__('Delete')."'></a>"; } } } $assigned_role .= "</table>"; } else { $sql = "SELECT COUNT(*) total FROM trole_people_project WHERE id_project = $id_project"; $result = get_db_row_sql($sql); $assigned_role = "<table class='listing'>"; if ($result["total"] > 0) { $sql = "SELECT * FROM trole_people_project WHERE id_project = $id_project"; $result = get_db_all_rows_sql($sql); $assigned_role .= "<th>".__('User'); $assigned_role .= "<th>".__('Role'); $assigned_role .= "<th>".__('Total work time (Hrs)'); $columns = 2; if ($project_permission["manage"]) { $assigned_role .= "<th>".__('Delete'); $columns = 3; }
/** * Get the row of a table in the database using a complex filter. * * @param string Table to retrieve the data (warning: not cleaned) * @param mixed Filters elements. It can be an indexed array * (keys would be the field name and value the expected value, and would be * joined with an AND operator) or a string, including any SQL clause (without * the WHERE keyword). Example: <code> Both are similars: get_db_row_filter ('table', array ('disabled', 0)); get_db_row_filter ('table', 'disabled = 0'); Both are similars: get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), 'name, description', 'OR'); get_db_row_filter ('table', 'disabled = 0 OR history_data = 0', 'name, description'); get_db_row_filter ('table', array ('disabled' => 0, 'history_data' => 0), array ('name', 'description'), 'OR'); </code> * @param mixed Fields of the table to retrieve. Can be an array or a coma * separated string. All fields are retrieved by default * @param string Condition to join the filters (AND, OR). * * @return mixed Array of the row or false in case of error. */ function get_db_row_filter($table, $filter, $fields = false, $where_join = 'AND') { if (empty($fields)) { $fields = '*'; } else { if (is_array($fields)) { $fields = implode(',', $fields); } else { if (!is_string($fields)) { return false; } } } if (is_array($filter)) { $filter = format_array_to_where_clause_sql($filter, $where_join, ' WHERE '); } else { if (is_string($filter)) { $filter = 'WHERE ' . $filter; } else { $filter = ''; } } $sql = sprintf('SELECT %s FROM %s %s', $fields, $table, $filter); return get_db_row_sql($sql); }
/** * process_user_login accepts $login and $pass and handles it according to current authentication scheme * * @param string $login * @param string $pass * * @return mixed False in case of error or invalid credentials, the username in case it's correct. */ function process_user_login($login, $pass) { global $config, $mysql_cache; include_once $config['homedir'] . "/include/functions_profile.php"; // Always authenticate admins against the local database if (strtolower($config["auth_methods"]) == 'mysql' || dame_admin($login)) { $sql = sprintf("SELECT `id_usuario`, `password` FROM `tusuario` WHERE `disabled` = 0 AND `id_usuario` = '%s' AND `enable_login` = 1", $login); $row = get_db_row_sql($sql); //Check that row exists, that password is not empty and that password is the same hash if ($row !== false && $row["password"] !== md5("") && $row["password"] == md5($pass)) { // Login OK // Nick could be uppercase or lowercase (select in MySQL // is not case sensitive) // We get DB nick to put in PHP Session variable, // to avoid problems with case-sensitive usernames. // Thanks to David Muñiz for Bug discovery :) return $row["id_usuario"]; } else { $mysql_cache["auth_error"] = "User not found in database or incorrect password"; } return false; // Remote authentication } else { switch ($config["auth_methods"]) { // LDAP case 'ldap': $sql = sprintf("SELECT `disabled` FROM `tusuario` WHERE `id_usuario` = '%s'", $login); $disabled = get_db_sql($sql); // Check if user is disabled if ($disabled == 1) { $config["auth_error"] = "User not found in database or incorrect password"; return false; } if (ldap_process_user_login($login, $pass) === false) { $config["auth_error"] = "User not found in database or incorrect password"; return false; } break; // Active Directory // Active Directory case 'ad': if (enterprise_hook('ad_process_user_login', array($login, $pass)) === false) { return false; } break; // Remote Pandora FMS /* case 'pandora': break; // Remote Babel Enterprise case 'babel': break; // Remote Integria case 'integria': break; */ // Unknown authentication method // Remote Pandora FMS /* case 'pandora': break; // Remote Babel Enterprise case 'babel': break; // Remote Integria case 'integria': break; */ // Unknown authentication method default: $config["auth_error"] = "User not found in database or incorrect password"; return false; } // Authentication ok, check if the user exists in the local database if (is_user($login)) { return $login; } // The user does not exist and can not be created if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted($login)) { $config["auth_error"] = "Ooops User not found in database or incorrect password"; return false; } // Create the user in the local database if (create_user($login, $pass, array('nombre_real' => $login, 'comentarios' => 'Imported from ' . $config['auth_methods'])) === false) { $config["auth_error"] = "User not found in database or incorrect password"; return false; } profile_create_user_profile($login, $config['default_remote_profile'], $config['default_remote_group']); return $login; } return false; }
} if (isset($_GET["borrar_grupo"])) { $grupo = get_parameter('borrar_grupo'); enterprise_hook('delete_group'); } $action = get_parameter("action", "edit"); $alta = get_parameter("alta"); /////////////////////////////// // LOAD USER VALUES /////////////////////////////// if (($action == 'edit' || $action == 'update') && !$alta) { $modo = "edicion"; $update_user = safe_output(get_parameter("update_user", "")); // Read user data to include in form $sql = "SELECT * FROM tusuario WHERE id_usuario = '" . safe_input($update_user) . "'"; $rowdup = get_db_row_sql($sql); if ($rowdup === false) { echo "<h3 class='error'>" . __('There was a problem loading user') . "</h3>"; echo "</table>"; include "general/footer.php"; exit; } else { $password = $rowdup["password"]; $comentarios = $rowdup["comentarios"]; $direccion = $rowdup["direccion"]; $telefono = $rowdup["telefono"]; $nivel = $rowdup["nivel"]; $nombre_real = $rowdup["nombre_real"]; $avatar = $rowdup["avatar"]; $lang = $rowdup["lang"]; $disabled = $rowdup["disabled"];
function api_get_invoice($return_type, $params) { global $config; $bill_id = trim($params); $sql = sprintf('SELECT * FROM tinvoice WHERE bill_id = "%s"', $bill_id); $res = get_db_row_sql($sql); $data = array(); if ($res) { //Create and CSV array $data = array("id" => $res["id"], "id_user" => $res["id_user"], "id_task" => $res["id_task"], "id_company" => $res["id_company"], "bill_id" => $res["bill_id"], "concept1" => $res["concept1"], "concept2" => $res["concept2"], "concept3" => $res["concept3"], "concept4" => $res["concept4"], "concept5" => $res["concept5"], "amount1" => $res["amount1"], "amount2" => $res["amount2"], "amount3" => $res["amount3"], "amount4" => $res["amount4"], "amount5" => $res["amount5"], "tax" => $res["tax"], "currency" => $res["currency"], "description" => $res["description"], "id_attachment" => $res["id_attachment"], "locked" => $res["locked"], "locked_id_user" => $res["locked_id_user"], "invoice_create_date" => $res["invoice_create_date"], "invoice_payment_date" => $res["invoice_payment_date"], "status" => $res["status"], "reference" => $res["reference"], "internal_note" => $res["internal_note"], "invoice_type" => $res["invoice_type"], "id_language" => $res["id_language"]); } if ($return_type == 'xml') { $return = "<xml>\n"; $return .= "<invoice>\n"; foreach ($data as $key => $value) { $return .= "<" . $key . ">"; $return .= "<![CDATA[" . $value . "]]>"; $return .= "</" . $key . ">\n"; } $return .= "</invoice>\n"; $return .= "</xml>\n"; } else { $return = array_to_csv($data); } return $return; }
echo '<h3 class="error">' . __('Could not be created') . '</h3>'; } else { $show_fields = true; echo '<h3 class="suc">' . __('Successfully created') . '</h3>'; audit_db($config["id_user"], $config["REMOTE_ADDR"], "Ticket Management", "Created ticket type {$id} - " . $values['name']); } } else { echo '<h3 class="error">' . __('Type name empty') . '</h3>'; } //$id = 0; $sql_global_ids = "SELECT DISTINCT (global_id)\n\t\t\t\tFROM tincident_type_field\n\t\t\t\tWHERE global_id != 0"; $global_ids = get_db_all_rows_sql($sql_global_ids); if ($global_ids) { foreach ($global_ids as $global_id) { $sql = "SELECT * FROM tincident_type_field WHERE id=" . $global_id['global_id']; $type_field = get_db_row_sql($sql); $value['id_incident_type'] = $id; $value['label'] = $type_field["label"]; $value['type'] = $type_field["type"]; $value['combo_value'] = $type_field["combo_value"]; $value['linked_value'] = $type_field["linked_value"]; $value['show_in_list'] = $type_field["show_in_list"]; $value['global_id'] = $type_field["global_id"]; $result = process_sql_insert('tincident_type_field', $value); if (!$result) { echo '<h3 class="error">' . __('There was a problem creating global field for type could not be created for type: ') . " " . $global_id["global_id"] . '</h3>'; } } } } // UPDATE
UNION SELECT MIN(tw2.timestamp) AS first_wu, MAX(tw2.timestamp) AS last_wu FROM tworkunit tw2 INNER JOIN ( SELECT twi.id_workunit FROM tworkunit_incident twi INNER JOIN tincidencia ti ON twi.id_incident = ti.id_incidencia AND ti.id_task = %d ) twin ON tw2.id = twin.id_workunit ) final', $task['id'], $task['id']); $dates_wu = get_db_row_sql($sql); $task['first_wu'] = __('N/A'); $task['last_wu'] = __('N/A'); if (!empty($dates_wu)) { if (!empty($dates_wu['first_wu'])) { $task['first_wu'] = $dates_wu['first_wu']; } if (!empty($dates_wu['last_wu'])) { $task['last_wu'] = $dates_wu['last_wu']; } } // Get the people involved in the task through wu $sql = sprintf('SELECT final.id_user AS id_user, SUM(final.duration) AS total_time FROM ( SELECT tw1.id_user, tw1.duration
if ($group['enforce_soft_limit'] == 0) { echo "//"; echo "enable_button"; } else { echo ".<br><br> ". __('You cannot create more tickets in this group until you close an active ticket.'); echo "//"; echo "disable_button"; } } else { echo "correct"; $inventoryObject = get_db_row_sql('SELECT * FROM tinventory WHERE id IN ( SELECT id_inventory_default FROM tgrupo WHERE id_grupo = ' . $id_group . ')'); if ($inventoryObject !== false) { echo "//"; echo $inventoryObject['id']; echo "//"; echo $inventoryObject['name']; } else { echo "//"; echo "null"; } } }
if (isset($_GET["update2"])) { $_GET["update"] = $id; } // CREATE form if (isset($_GET["create"]) or isset($_GET["update"])) { if (isset($_GET["create"])) { $data = ""; $title = ""; $id = -1; $id_product = 1; $id_category = 1; $id_language = ''; $id_incident = (int) get_parameter("id_incident", 0); if ($id_incident) { // Get incident data $incident = get_db_row_sql('SELECT titulo, descripcion, epilog FROM tincidencia WHERE id_incidencia = ' . $id_incident); if ($incident !== false) { $title = $incident['titulo']; $data = $incident['descripcion'] . "\n\n" . $incident['epilog']; } } } else { $id = get_parameter("update", -1); $row = get_db_row("tkb_data", "id", $id); $data = $row["data"]; $title = $row["title"]; $id_product = $row["id_product"]; $id_language = $row["id_language"]; $id_category = $row["id_category"]; if ($id != -1 && !check_kb_item_accessibility($id_user, $id)) { audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item");
function projects_get_cost_task_by_profile($id_task, $id_profile = false, $have_cost = false) { if ($id_profile) { if ($have_cost) { $sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND id_profile= {$id_profile}\n\t\t\t\t\tAND have_cost = 1\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile"; } else { $sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND id_profile= {$id_profile}\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile"; } } else { //all profiles if ($have_cost) { $sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND have_cost = 1\n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile"; } else { $sql = "SELECT id_profile, SUM(duration) as total_duration FROM tworkunit, tworkunit_task\n\t\t\t\t\tWHERE tworkunit_task.id_task = {$id_task} \n\t\t\t\t\tAND tworkunit_task.id_workunit = tworkunit.id \n\t\t\t\t\tGROUP BY id_profile"; } } $duration = get_db_row_sql($sql); $total = 0; if ($duration != false) { $role_info = get_db_row_sql("SELECT name, cost FROM trole WHERE id = " . $duration['id_profile']); if ($role_info != false) { $cost_per_hour = $role_info['cost']; $profile_name = $role_info['name']; $total = $cost_per_hour * $duration['total_duration']; } } return $total; }