if (isset($_SESSION['user']) && $_SESSION['user'] != '') { // User is logged in, check if they can edit the property if ($_SESSION['type'] == 3) { // User had admin privileges $canDelete = true; } else { if ($_SESSION['type'] == 1) { // User is an owner, check if they own the property $canDelete = isOwner($photo['property'], $_SESSION['user']); } } } if ($canDelete) { echo "<a href='photo/delete.php?id={$_GET['id']}'>Delete photo</a><br>"; } echo '<label>' . readable_date($photo['date']) . '</label>'; echo "<p>{$photo['description']}</p>"; } else { // Photo not found echo '<label>Photo not found</label>'; } } else { echo '<label>Invalid Photo ID</label>'; } ?> </div> <!-- MAIN CONTENT ENDS --> <?php require $relative . 'data/php/site/footer.inc'; ?>
//$quotereplace[3]="<span class='sig'>\\1</span>"; $quotereplace[4] = "<span class='quoteirrel'>\\1</span>"; $quotereplace[5] = "<span class='quoteirrel'>\\1</span>"; $quotereplace[6] = "<span class='quoteirrel'>\\1</span>"; $quotereplace[7] = "<span class='quote1'>\\1</span>"; $quotereplace[8] = "<span class='quote2'>\\1</span>"; $quotereplace[9] = "<span class='quote3'>\\1</span>"; $updatebody = preg_replace($quote, $quotereplace, $updatebody); $updatebody = bbcode($updatebody); //$updatebody = emotion($updatebody); //"!(http:/{2}[\w\.]{2,}[/\w\-\.\?\&\=\#]*)!e" // [\n\t ]+ $updatebody = preg_replace("!([\n\t ]+)(http[s]?:/{2}[\\w\\.]{2,}[/\\w\\-\\.\\?\\&\\=\\#\$\\%|;|\\[|\\]~:]*)!e", "'\\1<a href=\"\\2\" title=\"\\2\">'.(strlen('\\2')>=70 ? substr('\\2',0,70).'...':'\\2').'</a>'", $updatebody); // Lookup some extra data $updateuser = user_realname($update->userid, TRUE); $updatetime = readable_date($update->timestamp); $currentowner = user_realname($update->currentowner, TRUE); $currentstatus = incident_status($update->currentstatus); echo "<div class='detailhead' align='center'>"; //show update type icon if (array_key_exists($update->type, $updatetypes)) { if (!empty($update->sla) and $update->type == 'slamet') { echo icon($slatypes[$update->sla]['icon'], 16, $update->type); } echo icon($updatetypes[$update->type]['icon'], 16, $update->type); } else { echo icon($updatetypes['research']['icon'], 16, $strResearch); if ($update->sla != '') { echo icon($slatypes[$update->sla]['icon'], 16, $update->type); } }
/** * Produces HTML of all notes assigned to an item * @param $linkid int The link type * @param $refid int The ID of the item the notes are linked to * @param $delete bool Whether its possible to delet notes (default TRUE) * @return string HTML of the notes */ function show_notes($linkid, $refid, $delete = TRUE) { global $sit, $iconset, $dbNotes; $sql = "SELECT * FROM `{$dbNotes}` WHERE link='{$linkid}' AND refid='{$refid}' ORDER BY timestamp DESC, id DESC"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } $countnotes = mysql_num_rows($result); if ($countnotes >= 1) { while ($note = mysql_fetch_object($result)) { $html .= "<div class='detailhead note'> <div class='detaildate'>" . readable_date(mysqlts2date($note->timestamp)); if ($delete) { $html .= "<a href='note_delete.php?id={$note->id}&rpath="; $html .= "{$_SERVER['PHP_SELF']}?{$_SERVER['QUERY_STRING']}' "; $html .= "onclick=\"return confirm_action('{$strAreYouSureDelete}');\">"; $html .= icon('delete', 16) . "</a>"; } $html .= "</div>\n"; // /detaildate $html .= icon('note', 16) . " "; $html .= sprintf($GLOBALS['strNoteAddedBy'], user_realname($note->userid, TRUE)); $html .= "</div>\n"; // detailhead $html .= "<div class='detailentry note'>"; $html .= nl2br(bbcode($note->bodytext)); $html .= "</div>\n"; } } return $html; }
exit; } //delete all the notes $sql = "DELETE FROM `{$dbNotes}` WHERE refid='{$id}'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_ERROR); } $enddate = $now; $duration = round(($enddate - $startdate) / 60); $startdate = readable_date($startdate, 'system'); $enddate = readable_date($enddate, 'system'); $updatehtml = sprintf($SYSLANG['strActivityStarted'], $startdate) . "\n\n"; for ($i = $numnotes - 1; $i >= 0; $i--) { $updatehtml .= "[b]"; $updatehtml .= readable_date(mysql2date($notesarray[$i]->timestamp), 'system'); $updatehtml .= "[/b]\n" . mysql_escape_string($notesarray[$i]->bodytext) . "\n\n"; } $updatehtml .= sprintf($SYSLANG['strActivityCompleted'], $enddate, $duration); $owner = incident_owner($incident); //create update $sql = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, "; $sql .= "currentowner, currentstatus, bodytext, timestamp, duration) "; $sql .= "VALUES('{$incident}', '{$sit[2]}', 'fromtask', "; $sql .= "'{$owner}', '{$status}', '{$updatehtml}', '{$now}', '{$duration}')"; mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_ERROR); echo "<p class='error'>"; echo "Couldn't add update, update will need to be done manually: {$sql}'</p>"; die;
function view() { $application_id = $this->request->route('id'); $data['application_details'] = $application_details = $this->application->getApplicationViewDetails($application_id); $data['attachment'] = Attachment::where('lead_id', $data['application_details']->lead->id)->first(); $data['statuses'] = Status::lists('name', 'id'); $completed = array(); foreach ($application_details->statuses as $key => $completed_stat) { $completed[$completed_stat->status_id]['id'] = $completed_stat->status_id; $completed[$completed_stat->status_id]['date_created'] = readable_date($completed_stat->date_created); $completed[$completed_stat->status_id]['updated_by'] = get_user_name($completed_stat->updated_by); } $data['completed'] = $completed; return view('system.application.overview.show', $data); }