function prj_addTeamMemberTaskPerms($pid, $taskID)
{
global $_TABLES;
$sql = "select id, uid, gid, viewread, writechange, fullaccess, seedetails from {$_TABLES['prj_projPerms']} ";
$sql .= "where pid='{$pid}' and taskID='0' and writechange='1'";
$cursorRes = DB_query($sql);
$nCursorRows = DB_numRows($cursorRes);
//use cursorRes as an in-code cursor to run thru to insert or update permissions
//need to revoke anyone's who has monitor only rights to this task. delete the row
$sql = "delete from {$_TABLES['prj_projPerms']} ";
$sql .= "where pid='{$pid}' and taskID='{$taskID}' and ((viewread='1' and writechange='0' and fullaccess='0') ";
$sql .= "or (viewread='0' and writechange='0' and fullaccess='0')) ";
DB_query($sql);
for ($cntr = 0; $cntr < $nCursorRows; $cntr++) {
list($rid, $uid, $gid, $pvr, $pwc, $pfa, $psd) = DB_fetchArray($cursorRes);
//now we hold the project perms..we have to do the same check to see if a user/group already has perms to add them properly here
$sql = "select id from {$_TABLES['prj_projPerms']} ";
if ($uid == '0') {
$sql .= "where gid='{$gid}'";
} else {
$sql .= "where uid='{$uid}'";
}
$sql .= " and pid='{$pid}' and taskID='{$taskID}'";
$countRes = DB_query($sql);
list($rid) = DB_fetchArray($countRes);
$cnt = DB_numRows($countRes);
if ($cnt > 0) {
//already have a row.. update
$sql = "select viewRead,writeChange,fullAccess from {$_TABLES['prj_projPerms']} where id='{$rid}'";
$res = DB_query($sql);
list($vr, $wc, $fa) = DB_fetchArray($res);
$vr = (bool) ($vr + $pvr);
$vr = ppApplyFilter($vr, true, true);
$wc = (bool) ($wc + $pwc);
$wc = ppApplyFilter($wc, true, true);
$fa = (bool) ($fa + $pfa);
$fa = ppApplyFilter($fa, true, true);
//we're now holding the new booleans for the database
$sql = "update {$_TABLES['prj_projPerms']} set viewRead='{$vr}', writeChange='{$wc}', fullAccess='{$fa}' where id='{$rid}'";
DB_query($sql);
} else {
//no row, insert
$vr = (bool) $pvr;
$vr = ppApplyFilter($vr, true, true);
$wc = (bool) $pwc;
$wc = ppApplyFilter($wc, true, true);
$fa = (bool) $pfa;
$fa = ppApplyFilter($fa, true, true);
$sql = "insert into {$_TABLES['prj_projPerms']} (pid,taskID, uid, gid, viewRead, writeChange, fullAccess) values(";
$sql .= "'{$pid}',";
$sql .= "'{$taskID}',";
if ($uid != '0') {
$sql .= "'{$uid}',";
} else {
$sql .= "'0',";
}
if ($gid != '0') {
$sql .= "'{$gid}',";
} else {
$sql .= "'0',";
}
$sql .= "'{$vr}',";
$sql .= "'{$wc}',";
$sql .= "'{$fa}'";
$sql .= ")";
DB_query($sql);
}
}
}
function prj_drawProjectGanttBar(&$graph, &$row, &$count, $pid = 0, $nameIndent = '', $sm, $stm)
{
global $_TABLES, $_CONF, $showTasksForExpandedProjects, $expandedCookie, $userid, $_PRJCONF, $filterCSV, $proj_query_from, $proj_query_where;
// Determine the expanded projects
$expanded = split(',', $expandedCookie);
$sm = ppApplyFilter($sm, true, true);
$stm = ppApplyFilter($stm, true, true);
$filter = COM_applyFilter($_COOKIE['filter']);
$category_string = substr("{$filter}", 0, 3);
// Get a list of groups user is a member of and setup to be used in SQL to test user can view project
$groups = SEC_getUserGroups($uid);
foreach ($groups as $id) {
$aGroups[] = $id;
}
$prjPermGroups = implode(',', $aGroups);
if (SEC_inGroup('Root')) {
$queryfrom = "FROM {$_TABLES['prj_projects']} a";
$querywhere = " WHERE 1=1 ";
} else {
$queryfrom = "FROM {$_TABLES['prj_projects']} a, {$_TABLES['prj_projPerms']} b ";
$querywhere .= "WHERE b.pid =a.pid";
$querywhere .= " AND b.taskID=0 AND (b.uid={$userid} OR b.gid in ({$prjPermGroups})) ";
}
switch ($category_string) {
case 'cat':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_category']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.category_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_category'], 0, $needle);
break;
case 'loc':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_location']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.location_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_locations'], 0, $needle);
break;
case 'dep':
$needle = substr("{$filter}", 3, 3);
$queryfrom = $queryfrom . ", {$_TABLES['prj_department']} c ";
$querywhere = $querywhere . "AND c.pid=a.pid AND c.department_id={$needle} ";
$header = nexlistOptionList('view', '', $_PRJCONF['nexlist_departments'], 0, $needle);
break;
case 'pri':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.priority_id={$needle} ";
$header = $strings["filter_priority"] . $priority[$needle];
break;
case 'pro':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.progress_id={$needle} ";
$header = $strings["filter_progress"] . $progress[$needle];
break;
case 'sta':
$needle = substr("{$filter}", 3, 3);
$querywhere = $querywhere . " AND a.status_id={$needle} ";
$header = $strings["filter_status"] . $status[$needle];
break;
default:
$needle = '';
$customFilter = '';
$header = '';
}
$sql = "SELECT a.pid, a.name, a.start_date, a.estimated_end_date, a.parent_id, a.percent_completion as progress, progress_id ";
$sql .= $queryfrom;
$sql .= $querywhere;
if ($pid == 0) {
$sql .= "AND parent_id=0 AND a.pid=c.pid ";
} else {
$sql .= "AND parent_id='{$pid}' ";
}
if ($filterCSV != '') {
$sql .= "AND pid in ({$filterCSV}) ";
}
$sql .= " ORDER BY lhs ASC";
$result = DB_query($sql, true);
$testrows = DB_numRows($result);
if ($testrows == 0) {
$sql = "SELECT a.pid, a.name, a.start_date, a.estimated_end_date, a.parent_id, a.percent_completion as progress, progress_id ";
$sql .= $queryfrom;
$sql .= $querywhere;
if ($pid == 0) {
$sql .= "AND parent_id=0 ";
} else {
$sql .= "AND parent_id='{$pid}' ";
}
$sql .= " ORDER BY lhs ASC";
$result = DB_query($sql);
}
for ($j = 0; $j < DB_numrows($result); $j++) {
list($pid, $name, $startdate, $enddate, $parent_task, $progress, $status) = DB_fetchArray($result);
$permsArray = prj_getProjectPermissions($pid, $userid);
$ownertoken = getProjectToken($pid, $userid, "{$_TABLES['prj_users']}");
if ($sm == '0' && $stm == '1') {
//only show team members (my projects)
if ($permsArray['teammember'] == '1' || $permsArray['full'] == '1' || $ownertoken == '1') {
prj_paintProjectBar(false, $pid, $name, $startdate, $enddate, $parent_task, $progress, $status, $expanded, $userid, $nameIndent, $graph, $count, $row, $sm, $stm);
}
//end if for perms checking
} elseif ($sm == '1' && $stm == '1') {
//show everything you have monitor and upwards access to (all projects)
if ($permsArray['monitor'] == '1' || $permsArray['teammember'] == '1' || $permsArray['full'] == '1' || $ownertoken == '1') {
prj_paintProjectBar(true, $pid, $name, $startdate, $enddate, $parent_task, $progress, $status, $expanded, $userid, $nameIndent, $graph, $count, $row, $sm, $stm);
}
}
//if this project has no child projects AND it has tasks AND the expansion sign is empty
if (DB_count($_TABLES['prj_projects'], 'parent_id', $pid) == 0 && DB_count($_TABLES['prj_tasks'], 'pid', $pid) > 0 && $sign == '') {
if ($showTasksForExpandedProjects == 'true') {
prj_drawProjectTasksGanttBar($graph, $row, $count, $pid, $nameIndent . ' ', 0, 0, $sm, $stm);
}
}
$tempPerms = prj_getProjectPermissions($pid, $userid);
if (array_keys($expanded, $pid) != array() && DB_count($_TABLES['prj_projects'], 'parent_id', $pid) > 0 || $tempPerms['monitor'] == '0' && $tempPerms['teammember'] == '0') {
if ($showTasksForExpandedProjects == 'true') {
prj_drawProjectTasksGanttBar($graph, $row, $count, $pid, $nameIndent . ' ', 0, 0, $sm, $stm);
}
prj_drawProjectGanttBar($graph, $row, $count, $pid, $nameIndent . ' ', $sm, $stm);
$activity = NULL;
}
}
//end for
}
function ppGetData($vars, $setglobal = false, $type = '', $option = '')
{
$return_data = array();
if (!is_array($vars)) {
$vars = array($vars);
}
#setup common reference to SuperGlobals depending which array is needed
if ($type == 'GET' or $type == 'POST') {
if ($type == 'GET') {
$SG_Array =& $_GET;
}
if ($type == 'POST') {
$SG_Array =& $_POST;
}
# loop through SuperGlobal data array and grab out data for allowed fields if found
foreach ($vars as $key) {
if (array_key_exists($key, $SG_Array)) {
$return_data[$key] = $SG_Array[$key];
}
}
} else {
foreach ($vars as $key) {
if (array_key_exists($key, $_POST)) {
$return_data[$key] = $_POST[$key];
} elseif (array_key_exists($key, $_GET)) {
$return_data[$key] = $_GET[$key];
}
}
}
# loop through $vars array and apply the filter
foreach ($vars as $value) {
if ($option == 'text') {
// Check if this variable is an array - maybe a checkbox or multiple select
if (is_array($return_data[$value])) {
$subvalues_array = array();
foreach ($return_data[$value] as $subvalue) {
$subvalues_array[] = ppFilterText($subvalue);
}
$return_data[$value] = $subvalues_array;
} else {
$return_data[$value] = ppFilterText($return_data[$value]);
}
} else {
// Check if this variable is an array - maybe a checkbox or multiple select
if (is_array($return_data[$value])) {
$subvalues_array = array();
foreach ($return_data[$value] as $subvalue) {
if ($option == 'int') {
$subvalues_array[] = ppApplyFilter($subvalue, true, true);
} else {
$subvalues_array[] = ppApplyFilter($subvalue);
}
}
$return_data[$value] = $subvalues_array;
} else {
if ($option == 'int') {
$return_data[$value] = ppApplyFilter($return_data[$value], true);
} else {
$return_data[$value] = ppApplyFilter($return_data[$value]);
}
}
}
}
// Optionally set $GLOBALS or return the array
if ($setglobal) {
# loop through final data and define all the variables using the $GLOBALS array
foreach ($return_data as $key => $value) {
$GLOBALS[$key] = $value;
}
} else {
return $return_data;
}
}
function ppGetData($vars, $setglobal = false, $type = '')
{
$return_data = array();
#setup common reference to SuperGlobals depending which array is needed
if ($type == "GET" or $type == "POST") {
if ($type == "GET") {
$SG_Array =& $_GET;
}
if ($type == "POST") {
$SG_Array =& $_POST;
}
# loop through SuperGlobal data array and grab out data for allowed fields if found
foreach ($vars as $key) {
if (array_key_exists($key, $SG_Array)) {
$return_data[$key] = $SG_Array[$key];
}
}
} else {
foreach ($vars as $key) {
if (array_key_exists($key, $_POST)) {
$return_data[$key] = $_POST[$key];
} elseif (array_key_exists($key, $_GET)) {
$return_data[$key] = $_GET[$key];
}
}
}
# loop through $vars array and apply the filter
foreach ($vars as $value) {
$return_data[$value] = ppApplyFilter($return_data[$value]);
}
// Optionally set $GLOBALS or return the array
if ($setglobal) {
# loop through final data and define all the variables using the $GLOBALS array
foreach ($return_data as $key => $value) {
$GLOBALS[$key] = $value;
}
} else {
return $return_data;
}
}
