function get_download_type_icon($id_type)
{
$type = get_db_row("tdownload_type", "id", $id_type);
if ($type) {
$image = print_image("images/download_type/" . $type["icon"], true, array('title' => safe_output($type["name"]), 'alt' => ''));
} else {
$image = print_image("images/download_type/default.png", true, array('title' => __('Without type'), 'alt' => ''));
}
return $image;
}
function create($array)
{
switch ($array['type']) {
case 'file_not_found':
break;
case 'sql_type_unsupported':
break;
case 'sql_connect_error':
break;
case 'sql_prepare_error':
break;
case 'sql_execute_error':
break;
case 'security_error':
break;
}
echo '<p><strong>Support Ticket Error</strong><br />Type: ' . safe_output($array['type']) . '<br />Message: ' . safe_output($array['message']) . '</p>';
exit(1);
}
/**
* OLD VERSION.
* Prints an array of fields in a popup menu of a form.
*
* Based on choose_from_menu() from Moodle
*
* $fields Array with dropdown values. Example: $fields["value"] = "label"
* $name Select form name
* $selected Current selected value.
* $script Javascript onChange code.
* $nothing Label when nothing is selected.
* $nothing_value Value when nothing is selected
*/
function print_select($fields, $name, $selected = '', $script = '', $nothing = 'select', $nothing_value = '0', $return = false, $multiple = 0, $sort = true, $label = false, $disabled = false, $style = '')
{
$output = "\n";
if ($label) {
$output .= print_label($label, $name, 'select', true);
}
$attributes = $script ? 'onchange="' . $script . '"' : '';
if ($multiple) {
$attributes .= ' multiple="yes" size="' . $multiple . '" ';
}
if ($disabled) {
$disabledText = 'disabled';
} else {
$disabledText = '';
}
if ($style == "") {
$output .= '<select style="width: 170px" ' . $disabledText . ' id="' . $name . '" name="' . $name . '" ' . $attributes . ">\n";
} else {
$output .= '<select style="' . $style . '" ' . $disabledText . ' id="' . $name . '" name="' . $name . '" ' . $attributes . ">\n";
}
if ($nothing != '') {
$output .= ' <option value="' . $nothing_value . '"';
if ($nothing_value == $selected) {
$output .= " selected";
}
$output .= '>' . $nothing . "</option>\n";
}
if (!empty($fields)) {
if ($sort) {
asort($fields);
}
foreach ($fields as $value => $label) {
$optlabel = $label;
if (is_array($label)) {
if (!isset($lastopttype) || $label['optgroup'] != $lastopttype) {
if (isset($lastopttype) && $lastopttype != '') {
$output .= '</optgroup>';
}
$output .= '<optgroup label="' . $label['optgroup'] . '">';
$lastopttype = $label['optgroup'];
}
$optlabel = $label['name'];
}
$output .= ' <option value="' . $value . '"';
if (safe_output($value) == safe_output($selected)) {
$output .= ' selected';
}
if ($optlabel === '') {
$output .= '>' . $value . "</option>\n";
} else {
$output .= '>' . $optlabel . "</option>\n";
}
}
}
$output .= "</select>\n";
if ($return) {
return $output;
}
echo $output;
}
for ($i = 0; $i < sizeof($send); $i++) {
$ch = check_email($send[$i]);
if ($ch == "") {
$error[] = format_lang('error', 'incorrect_format_email') . " - " . $send[$i];
}
}
}
/**subject */
$_SESSION['share']['subject'] = $subject = safe_output($_POST['txt_subject']);
if ($subject == "") {
$subject = "Re: " . $job->job_title;
}
/** comments */
$_SESSION['share']['notes'] = $notes .= safe_output($_POST['txt_comments']);
/**from email address*/
$_SESSION['share']['from_send'] = $from_send = safe_output($_POST['txt_email1']);
if ($from_send == "") {
$error[] = format_lang("error", 'email');
}
if ($from_send != "") {
$from_send = check_email($from_send);
if ($from_send == "") {
$error[] = format_lang('errormsg', 39);
}
}
if (ENABLE_SPAM_SHARE && ENABLE_SPAM_SHARE == 'Y' && !$session->get_job_seeker()) {
if (strtolower($_POST['spam_code']) != strtolower($_SESSION['spam_code']) || (!isset($_SESSION['spam_code']) || $_SESSION['spam_code'] == NULL)) {
$error[] = format_lang('error', 'spam_wrong_word');
}
}
/**if no errors found then do this*/
header ('Content-Type: text/csv; charset=UTF-8');
header ('Content-Disposition: attachment; filename="'.$filename.'.csv"');
$os_csv = substr(PHP_OS, 0 , 1);
echo "\xEF\xBB\xBF";
$rows = get_db_all_rows_sql (clean_output ($report['sql']));
if ($rows === false)
return;
// Header
echo safe_output (implode (';', array_keys (str_replace($search, " ", $rows[0]))))."\n";
$standard_encoding = (bool) $config['csv_standard_encoding'];
// Item / data
foreach ($rows as $row) {
$line = safe_output(implode(';', $row));
if (!$standard_encoding){
if($os_csv != "W"){
echo mb_convert_encoding($line, 'UTF-16LE', 'UTF-8'). "\n";
} else {
echo $line . "\n";
}
}else{
echo $line . "\n";
}
}
exit;
}
function graph_workunit_project($width, $height, $id_project, $ttl = 1)
{
global $config;
$data = array();
$res = mysql_query("SELECT SUM(duration), ttask.name\n\t\tFROM tworkunit, tworkunit_task, ttask, tproject \n\t\tWHERE tproject.id = '{$id_project}' AND \n\t\t\ttworkunit.id = tworkunit_task.id_workunit AND \n\t\t\ttworkunit_task.id_task = ttask.id AND\n\t\t\ttproject.id = ttask.id_project \n\t\tGROUP BY ttask.name\n\t\tORDER BY SUM(duration) DESC\n\t\tLIMIT 7");
$data = NULL;
while ($row = mysql_fetch_array($res)) {
$row[1] = substr(safe_output($row[1]), 0, 22);
$data[$row[1]] = $row[0];
}
if ($data == NULL) {
return __("There is no data to show");
} else {
return pie3d_graph($config['flash_charts'], $data, $width, $height, __('others'), $config["base_url"], "", $config['font'], $config['fontsize'], $ttl);
}
}
if ($project_name != $old_project_name) {
// Exists. Validation error
echo json_encode(false);
return;
}
}
// Does not exist
echo json_encode(true);
return;
} elseif ($search_existing_task) {
require_once 'include/functions_db.php';
$project_id = (int) get_parameter('project_id');
$operation_type = (string) get_parameter('type');
if ($operation_type == "create") {
$tasks_names = get_parameter('task_name');
$tasks_names = safe_output($tasks_names);
$tasks_names = preg_split("/\n/", $tasks_names);
foreach ($tasks_names as $task_name) {
$task_name = safe_input($task_name);
$query_result = get_db_value_filter("name", "ttask", array('name' => $task_name, 'id_project' => $project_id));
if ($query_result) {
// Exists. Validation error
echo json_encode(false);
return;
}
}
} elseif ($operation_type == "view") {
$task_name = get_parameter('task_name');
$old_task_id = get_parameter('task_id');
if (!$project_id) {
$project_id = get_db_value("id_project", "ttask", "id", $old_task_id);
check_login ();
include_once('include/functions_crm.php');
include_once('include/functions_incidents.php');
$id = (int) get_parameter ('id');
$contact = get_db_row ('tcompany_contact', 'id', $id);
$read = check_crm_acl ('other', 'cr', $config['id_user'], $contact['id_company']);
if (!$read) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to contact tickets without permission");
include ("general/noaccess.php");
exit;
}
$email = safe_output($contact["email"]);
$email = trim($email);
$email = safe_input($email);
$incidents = incidents_get_by_notified_email ($email);
if (!$incidents) {
echo ui_print_error_message (__("This contact doesn't have any ticket associated"), '', true, 'h3', true);
} else {
$table->class = "listing";
$table->width = "99%";
$table->head[0] = __("ID");
$table->head[1] = __("Ticket");
$table->head[2] = __("Status");
$table->head[3] = __("Priority");
while ($row1 = mysql_fetch_array($result1)) {
echo dame_perfil($row1["id_perfil"]) . "/ ";
echo dame_grupo($row1["id_grupo"]) . "<br>";
}
} else {
echo __('This user doesn\'t have any assigned profile/group');
}
}
echo "</font></span></a>";
echo "</td>";
echo "<td>";
if (give_acl($config["id_user"], 0, "UM")) {
echo "<a href='index.php?sec=users&sec2=godmode/usuarios/configurar_usuarios&update_user={$nombre}'>";
}
if (strlen(safe_output($nombre)) > 21) {
echo "" . ucfirst(substr(safe_output($nombre), 0, 21)) . "..</b>";
} else {
echo ucfirst($nombre) . "</b>";
}
if (give_acl($config["id_user"], 0, "IM")) {
echo "</a>";
}
echo "<td style='font-size:9px'>" . $usuario["nombre_real"] . "</td>";
$company_name = (string) get_db_value('name', 'tcompany', 'id', $usuario['id_company']);
echo "<td style='font-size:9px'>" . $company_name . "</td>";
echo "<td>";
// Full report
echo "<a href='index.php?sec=users&sec2=operation/user_report/report_full&only_projects=1&wu_reporter={$nombre}'>";
echo "<img title='" . __("Full report") . "' src='images/page_white_stack.png'>";
echo "</a>";
// Workunit report (detailed)
exit;
}
$manager = give_acl($config["id_user"], 0, "CN");
$id = (int) get_parameter('id');
$create = (bool) get_parameter('create');
$disable = (bool) get_parameter('disable');
$delete = (bool) get_parameter('delete');
$multiple_delete = (bool) get_parameter('multiple_delete');
// CREATE
if ($create) {
$data = get_parameter("data");
$id_newsletter = get_parameter("id_newsletter");
$datetime = date("Y-m-d H:i:s");
$id_group = get_db_sql("SELECT id_group FROM tnewsletter WHERE id = {$id_newsletter}");
// Parse chunk data from the textarea
$data = safe_output($data);
$data_array = preg_split("/\n/", $data);
$total = 0;
$invalid = 0;
foreach ($data_array as $data_item) {
$data2 = preg_split("/,/", $data_item);
$data2[0] = trim($data2[0]);
// We have parsed data, ok, lets go
if (check_email_address($data2[0])) {
// It's duped ?
$duped = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = {$id_newsletter} AND email = '" . $data2[0] . "'");
// OK, good data !
if ($duped == 0) {
$total++;
$sql = sprintf('INSERT INTO tnewsletter_address (id_newsletter, email, status, name, datetime) VALUES (%d, "%s", "%s", "%s", "%s")', $id_newsletter, $data2[0], 0, $data2[1], $datetime);
$id = process_sql($sql, 'insert_id');
$email_info = get_db_row ("tusuario", "direccion", $email);
if ($email_info) {
$contact_info = array("id" => $email_info["id_usuario"],
"type" => "user",
"id_company" => $email_info["id_company"],
"company" => get_db_value("name", "tcompany", "id", $email_info["id_company"]),
"inventory" => __("N/A"),
"fullname" => $email_info["nombre_real"],
"email" => $email_info["direccion"],
"phone" => $email_info["telefono"],
"mobile" => __("N/A"),
"position" => __("N/A"));
} else {
//Search for contact
$email_aux = safe_output($email);
$email_aux = trim($email_aux);
$email_info = get_db_row("tcompany_contact", "email", $email_aux);
if ($email_info) {
$contact_info= $email_info;
$contact_info["type"] = "contact";
$contact_info["inventory"] = __("N/A");
$contact_info["company"] = get_db_value("name", "tcompany", "id", $contact_info["id_company"]);
} else {
//We only have email address
$contact_info = array("id" => $email,
"fullname" => $email,
"type" => "email",
"company" => __("N/A"),
if ($diff) {
foreach ($diff as $key => $values) {
$max_rows[$key] = " ";
}
}
}
$max_rows_prepare = $max_rows;
foreach ($rows as $row) {
//head
$csv_head = implode(';', array_keys($max_rows_prepare));
//inicialice $line
$line = array();
//loop that compares whether a field
foreach ($max_rows_prepare as $k => $v) {
if (array_key_exists($k, $row)) {
$cell = str_replace($search, " ", safe_output($row[$k]));
} else {
$cell = " ";
}
// Change ; !!
$cell = str_replace(";", ",", $cell);
$line[] = $cell;
}
$line = implode(';', $line);
$csv_lines[] = $line;
}
ob_end_clean();
// CSV Output
header('Content-Type: text/csv; charset=UTF-8');
header('Content-Disposition: attachment; filename="' . $filename . '.csv"');
// Header
// -----------
// Upload file
// -----------
if ($operation == "attachfile") {
// ACL
$task_access = get_project_access ($config["id_user"], $id_project, $id_task, false, true);
if (!$task_access["write"]) {
// Doesn't have access to this page
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to attach a file to a task without permission");
no_permission();
}
$filename = $_FILES['userfile'];
$filename_real = safe_output($filename['name']);
$filename_safe = str_replace (" ", "_", $filename_real);
if ($filename['error'] === 0){ //if file
if (isset($_POST["file_description"]))
$description = $_POST["file_description"];
else
$description = "No description available";
// Insert into database
$file_temp = $filename['tmp_name'];
$filesize = $filename['size'];
$sql = " INSERT INTO tattachment (id_task, id_usuario, filename, description, size ) VALUES (".$id_task.", '".$id_user." ','".$filename_safe."','".$description."',".$filesize.") ";
$id_attachment = process_sql ($sql, 'insert_id');
//project_tracking ( $id_inc, $id_usuario, 3);
function users_get_groups_for_select($id_user, $privilege = "IR", $returnAllGroup = true, $returnAllColumns = false, $id_groups = null, $keys_field = 'id_grupo')
{
if ($id_groups === false) {
$id_groups = null;
}
$user_groups = get_user_groups($id_user, $privilege, $returnAllGroup, $returnAllColumns);
/*
$user_groups_flag_si = get_user_groups ($id_user, "SI", $returnAllGroup, $returnAllColumns);
if (!empty($user_groups_flag_si)) {
foreach ($user_groups_flag_si as $group_flag) {
array_push ($user_groups, $group_flag);
}
}
*/
if ($id_groups !== null) {
$childrens = groups_get_childrens($id_groups);
foreach ($childrens as $child) {
unset($user_groups[$child['id_grupo']]);
}
unset($user_groups[$id_groups]);
}
if (empty($user_groups)) {
$user_groups_tree = array();
} else {
// First group it's needed to retrieve its parent group
$repair = array_slice($user_groups, 0, 1);
$first_group = reset($repair);
$parent_group = $first_group['parent'];
$user_groups_tree = groups_get_groups_tree_recursive($user_groups, $parent_group);
}
$fields = array();
foreach ($user_groups_tree as $group) {
//$groupName = ui_print_truncate_text($group['nombre'], GENERIC_SIZE_TEXT, false, true, false);
$groupName = safe_output($group['nombre']);
$fields[$group[$keys_field]] = str_repeat(" ", $group['deep']) . $groupName;
}
return $fields;
}
<?php
/** if user already logged in take them to index page */
if ($session->get_job_seeker()) {
redirect_to(BASE_URL . "account/");
die;
}
if (isset($_POST['bt_resend'])) {
$email = safe_output($_POST['txtresend']);
if (empty($email) || !check_email($email)) {
$message = "<div class='error'>" . format_lang("error", 'email') . "</div>";
} elseif (ENABLE_SPAM_RSC && ENABLE_SPAM_RSC == 'Y') {
if (strtolower($_POST['spam_code']) != strtolower($_SESSION['spam_code']) || (!isset($_SESSION['spam_code']) || $_SESSION['spam_code'] == NULL)) {
$message = "<div class='error'>" . format_lang('error', 'spam_wrong_word') . "</div>";
}
} else {
$employee = Employee::find_by_email($email);
//print_r( $employee );
//die;
if ($employee->is_active == "Y") {
$session->message("<div class='error'>" . format_lang('errormsg', 60) . "</div>");
redirect_to(BASE_URL . "login/");
exit;
} else {
// if found
//echo sizeof($employee);
//die;
if ($employee) {
$reg_email = $employee->email_address;
$reg_key = $employee->actkey;
$username = $employee->username;
function ui_print_truncate_text($text, $numChars = GENERIC_SIZE_TEXT, $showTextInAToopTip = true, $return = true, $showTextInTitle = true, $suffix = '…', $style = false)
{
global $config;
if (is_string($numChars)) {
switch ($numChars) {
case 'agent_small':
$numChars = $config['agent_size_text_small'];
break;
case 'agent_medium':
$numChars = $config['agent_size_text_medium'];
break;
case 'module_small':
$numChars = $config['module_size_text_small'];
break;
case 'module_medium':
$numChars = $config['module_size_text_medium'];
break;
case 'description':
$numChars = $config['description_size_text'];
break;
case 'item_title':
$numChars = $config['item_title_size_text'];
break;
default:
$numChars = (int) $numChars;
break;
}
}
if ($numChars == 0) {
if ($return == true) {
return $text;
} else {
echo $text;
}
}
$text = safe_output($text);
if (mb_strlen($text, "UTF-8") > $numChars) {
// '/2' because [...] is in the middle of the word.
$half_length = intval(($numChars - 3) / 2);
// Depending on the strange behavior of mb_strimwidth() itself,
// the 3rd parameter is not to be $numChars but the length of
// original text (just means 'large enough').
$truncateText2 = mb_strimwidth($text, mb_strlen($text, "UTF-8") - $half_length, mb_strlen($text, "UTF-8"), "", "UTF-8");
$truncateText = mb_strimwidth($text, 0, $numChars - $half_length, "", "UTF-8") . $suffix;
$truncateText = $truncateText . $truncateText2;
if ($showTextInTitle) {
if ($style === null) {
$truncateText = $truncateText;
} else {
if ($style !== false) {
$truncateText = '<span style="' . $style . '" title="' . $text . '">' . $truncateText . '</span>';
} else {
$truncateText = '<span title="' . $text . '">' . $truncateText . '</span>';
}
}
}
if ($showTextInAToopTip) {
$truncateText = $truncateText . print_help_tip($text, true);
} else {
if ($style !== false) {
$truncateText = '<span style="' . $style . '">' . $truncateText . '</span>';
}
}
} else {
if ($style !== false) {
$truncateText = '<span style="' . $style . '">' . $text . '</span>';
} else {
$truncateText = $text;
}
}
if ($return == true) {
return $truncateText;
} else {
echo $truncateText;
}
}
if ($result !== false && $result1 !== false && $result2 !== false) {
$succ++;
audit_db($config['id_user'], $config["REMOTE_ADDR"], "Task updated", "Task '{$name}' updated to project '{$id_project}'");
task_tracking($id, TASK_UPDATED);
} else {
echo "<h3 class='error'>" . __('Could not be updated') . "</h3>";
}
}
echo '<h3 class="suc">' . sprintf(__('%d tasks successfully updated'), $succ) . '</h3>';
}
//Create a new task
if ($create) {
$tasklist = get_parameter("tasklist");
// Massive creation of tasks
if ($tasklist != "") {
$tasklist = safe_output($tasklist);
$parent = (int) get_parameter('padre');
$start = get_parameter('start_date2', date("Y-m-d"));
$end = get_parameter('end_date2', date("Y-m-d"));
$owner = get_parameter('dueno');
if ($parent) {
$project_access = get_project_access($config["id_user"], $id_project);
if (!$project_access["manage"]) {
$task_access = get_project_access($config["id_user"], $id_project, $parent);
if (!$task_access["manage"]) {
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create tasks in an unauthorized project");
no_permission();
}
}
} else {
$project_access = get_project_access($config["id_user"], $id_project);
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
if (!give_acl($config["id_user"], 0, "IM")) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access Audit Log viewer");
require "general/noaccess.php";
exit;
}
$text = safe_output(get_parameter("text", ""));
$action = safe_output(get_parameter("action", ""));
$date_from = get_parameter("date_from", "");
$date_to = get_parameter("date_to", "");
$offset = (int) get_parameter("offset");
$color = 0;
$id_user = $config["id_user"];
echo "<h2>" . __('Audit log') . "</h2>";
echo "<h4>" . __('List Audit') . "</h4>";
$where = 'WHERE 1=1 ';
if ($text != "") {
$where .= sprintf('AND (ID_usuario LIKE "%%%s%%" OR accion LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR IP_origen LIKE "%%%s%%" OR extra_info LIKE "%%%s%%")', $text, $text, $text, $text, $text);
}
if ($action != "") {
$where .= sprintf(' AND accion ="%s"', $action);
}
if ($date_from != "") {
function delete($array = NULL)
{
global $db;
$tables =& singleton::get(__NAMESPACE__ . '\\tables');
$error =& singleton::get(__NAMESPACE__ . '\\error');
$log =& singleton::get(__NAMESPACE__ . '\\log');
$site_id = SITE_ID;
//delete user permissions
if (isset($array['id'])) {
$query = "DELETE FROM {$tables->users_to_departments} WHERE site_id = :site_id AND department_id = :department_id";
try {
$stmt = $db->prepare($query);
} catch (\PDOException $e) {
$error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage()));
}
$stmt->bindParam(':site_id', $site_id, database::PARAM_INT);
$stmt->bindParam(':department_id', $array['id'], database::PARAM_INT);
try {
$stmt->execute();
} catch (\PDOException $e) {
$error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage()));
}
}
//delete ticket departments
$query = "DELETE FROM {$tables->ticket_departments} WHERE site_id = :site_id";
if (isset($array['id'])) {
$query .= " AND id = :id";
}
if (isset($array['enabled'])) {
$query .= " AND enabled = :enabled";
}
try {
$stmt = $db->prepare($query);
} catch (\PDOException $e) {
$error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage()));
}
$stmt->bindParam(':site_id', $site_id, database::PARAM_INT);
if (isset($array['id'])) {
$stmt->bindParam(':id', $array['id'], database::PARAM_INT);
}
if (isset($array['enabled'])) {
$stmt->bindParam(':enabled', $array['enabled'], database::PARAM_INT);
}
try {
$stmt->execute();
} catch (\PDOException $e) {
$error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage()));
}
$log_array['event_severity'] = 'notice';
$log_array['event_number'] = E_USER_NOTICE;
$log_array['event_description'] = 'Ticket Department Deleted ID ' . safe_output($array['id']);
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'delete';
$log_array['event_source'] = 'ticket_departments';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
}
function integria_logwrite($string)
{
global $config;
$current_date = date("Y/m/d H:i:s");
$logfile = $config["homedir"] . "/integria.log";
file_put_contents($logfile, "{$current_date} " . safe_output($string) . "\n", FILE_APPEND);
}
$labels = get_db_all_rows_sql($sql_label);
if ($labels === false) {
$labels = array();
}
foreach ($labels as $label) {
$id_incident_field = get_db_value_filter('id', 'tincident_type_field', array('id_incident_type' => $id_incident_type, 'label' => $label['label']), 'AND');
$values_insert['id_incident'] = $id;
$values_insert['data'] = get_parameter(base64_encode($label['label']));
//~ $values_insert['data'] = str_replace('
', "",get_parameter (base64_encode($label['label'])));
$values_insert['id_incident_field'] = $id_incident_field;
$id_incident_field = get_db_value('id', 'tincident_type_field', 'id_incident_type', $id_incident_type);
process_sql_insert('tincident_field_data', $values_insert);
}
}
// ATTACH A FILE IF IS PROVIDED
$upfiles = json_decode(safe_output($upfiles), true);
if (!empty($upfiles)) {
include_once 'include/functions_workunits.php';
foreach ($upfiles as $file) {
if (is_array($file)) {
if ($file['description']) {
$file_description = $file['description'];
} else {
$file_description = __('No description available');
}
$file_result = attach_incident_file($id, $file["location"], $file_description, false, $file["name"]);
}
}
}
// If the ticket creation is successful, redirect the page to the ticket dashboard detail of the new ticket
echo "<script type=\"text/javascript\">";
$sql= "SELECT * FROM tworkunit WHERE tworkunit.id = $id_workunit";
} else {
if ($id_task == 0){
if ($timestamp_l != "" && $timestamp_h != "")
$sql= "SELECT * FROM tworkunit WHERE tworkunit.id_user = '******' AND timestamp >= '$timestamp_l' AND timestamp <= '$timestamp_h' ORDER BY timestamp DESC";
else
$sql= "SELECT * FROM tworkunit WHERE tworkunit.id_user = '******' ORDER BY timestamp DESC";
} else {
if ($timestamp_l != "" && $timestamp_h != "")
$sql= "SELECT * FROM tworkunit, tworkunit_task WHERE tworkunit.id_user = '******' AND timestamp >= '$timestamp_l' AND timestamp <= '$timestamp_h' AND tworkunit_task.id_task = $id_task AND tworkunit_task.id_workunit = tworkunit.id ORDER BY timestamp DESC";
else
$sql= "SELECT * FROM tworkunit, tworkunit_task WHERE tworkunit.id_user = '******' AND tworkunit_task.id_task = $id_task AND tworkunit_task.id_workunit = tworkunit.id ORDER BY timestamp DESC";
}
}
$sql = safe_output ($sql);
$alldata = get_db_all_rows_sql ($sql);
foreach ($alldata as $row){
if ($row["id"] != -1)
show_workunit_user ($row['id'], 1, true, true, $id_user, $timestamp_h, $timestamp_l);
else
show_workunit_user ($row['id'], 0, true, true, $id_user, $timestamp_h, $timestamp_l);
}
echo '<div id="show_multiple_edit">';
echo '<h2>'.__('Massive operations over selected items').'</h2>';
$table = new StdClass;
function calendar_get_users_holidays_date_range($start, $end, $id_user)
{
$mysql_start = date('Y-m-d', $start);
$mysql_end = date('Y-m-d', $end);
$user_clause = "";
if (is_array($id_user)) {
$aux_ids = array();
foreach ($id_user as $iu) {
array_push($aux_ids, "'" . $iu . "'");
}
$user_clause = "id_user IN (" . join(",", $aux_ids) . ")";
} else {
$user_clause = "id_user = '******'";
}
$sql = sprintf("SELECT tworkunit.timestamp AS date, tworkunit.id_user as user FROM tworkunit, tworkunit_task WHERE \n\t\t\t\t\t{$user_clause} AND tworkunit_task.id_workunit = tworkunit.id AND tworkunit_task.id_task =-1 AND \n\t\t\t\t\ttimestamp >= '{$mysql_start}' AND timestamp <= '{$mysql_end}' ORDER BY date ASC");
$res = process_sql($sql);
if (!$res) {
$res = array();
}
$holidays = array();
$holidays_counters = array();
$holidays_last_day = array();
foreach ($res as $r) {
if (!isset($holidays[$r["user"]])) {
$holidays[$r["user"]] = array();
$holidays_counters[$r["user"]] = -1;
$holidays_last_day[$r["user"]] = 0;
}
//Calculate start and end for the holiday value
if (isset($holidays_last_day[$r["user"]])) {
//Last day minus current day is 1 we increase dates for stored holidays
$last_time = strtotime($holidays_last_day[$r["user"]]);
$current_time = strtotime($r["date"]);
$day_in_seconds = 24 * 3600;
if ($current_time - $last_time <= $day_in_seconds) {
$pos = $holidays_counters[$r["user"]];
$holidays[$r["user"]][$pos]["end"] = strtotime($r["date"]);
$holidays_last_day[$r["user"]] = strtotime($r["date"]);
} else {
array_push($holidays[$r["user"]], array("start" => strtotime($r["date"]), "end" => strtotime($r["date"])));
$holidays_last_day[$r["user"]] = $r["date"];
$holidays_counters[$r["user"]]++;
}
}
//Update last day
$holidays_last_day[$r["user"]] = $r["date"];
}
$full_holidays = array();
$colors = array("#aa3333", "#33aa33", "#3a3a3a", "#3333aa", "#045FB4", "#DF7401", "#01DF3A", "#BE81F7", "#8181F7", "#81BEF7", "#F781F3", "#F7D358", "#F78181", "#FA8258", "#BCF5A9", "#A9A9F5", "#D0A9F5", "#E2A9F3", "#A9F5D0", "#A9F5E1", "#BDBDBD", "#E6E6E6", "#F6CECE", "#6AA4B2", "#6AB277", "#B28E6A", "#B26A97", "#776AB2", "#A58EB4", "#8EB490", "#8E96B4", "#B48E98");
$i = 0;
$colors_size = count($colors);
foreach ($holidays as $key => $values) {
$i = $i % $colors_size;
$name = get_db_value("nombre_real", "tusuario", "id_usuario", $key);
$url = "index.php?sec=users&sec2=operation/user_report/holidays_calendar&custom_dates=1&id_user="******"name" => safe_output($name), "dates" => $values, "bgColor" => $colors[$i], "link" => $url));
$i++;
}
return $full_holidays;
}
// Integria uses icons from famfamfam, licensed under CC Atr. 2.5
// Silk icon set 1.3 (cc) Mark James, http://www.famfamfam.com/lab/icons/silk/
// Integria uses Pear Image::Graph code
// Integria shares much of it's code with project Babel Enterprise and Pandora FMS,
// also a Free Software Project coded by some of the people who makes Integria.
// Set to 1 to do not check for installer or config file (for development!).
// Activate gives more error information, not useful for production sites
global $config;
$options = array();
$options['id_user'] = $config['id_user'];
$options['modal'] = true;
$news = get_news($options);
// Clean subject entities
foreach ($news as $k => $v) {
$news[$k]['content'] = safe_output($v['content']);
$news[$k]['title'] = safe_output($v['title']);
}
if (!empty($news)) {
$options = array();
$options['id'] = 'news_json';
$options['hidden'] = 1;
$options['content'] = base64_encode(json_encode($news));
print_div($options);
}
// Prints news dialog template
echo '<div id="news_dialog" title="" style="display: none;">';
echo '<div style="position:absolute; top:30px; left: 10px; text-align: left; right:0%; height:70px; min-width:560px; width: 95%; margin: 0 auto; border: 1px solid #FFF; line-height: 19px;">';
echo '<span style="display: block; height: 260px; overflow: auto; text-align: justify; padding: 5px 15px 4px 10px; background: #ECECEC; border-radius: 4px;" id="new_content"></span>';
echo '<span style="font-size: 12px; display: block; margin-top: 20px;" id="new_creator"></span>';
echo '<span style="font-size: 12px; display: block; font-style: italic;" id="new_date"></span>';
echo '</div>';
/**
* Login in the user and creates a session.
*
* Form the array like this:
* <code>
* $array = array(
* 'username' => 'admin', // the username (will be converted to lowercase).
* 'password' => '1234', // the plaintext password
* );
*
* </code>
*
* @param array $array The array explained above
* @return bool TRUE if successful or FALSE if not.
*/
public function login($array)
{
global $db;
$plugins =& singleton::get(__NAMESPACE__ . '\\plugins');
$plugins->run('auth_login_start', $array);
$config =& singleton::get(__NAMESPACE__ . '\\config');
$tables =& singleton::get(__NAMESPACE__ . '\\tables');
$error =& singleton::get(__NAMESPACE__ . '\\error');
$log =& singleton::get(__NAMESPACE__ . '\\log');
$site_id = SITE_ID;
$username = strtolower($array['username']);
$password = $array['password'];
if (empty($username)) {
return false;
}
if (empty($password)) {
return false;
}
//look for user in db
$query = "SELECT * FROM {$tables->users} WHERE `username` = :username AND `site_id` = :site_id LIMIT 1";
try {
$stmt = $db->prepare($query);
} catch (\Exception $e) {
$error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage()));
}
$stmt->bindParam(':username', $array['username'], database::PARAM_STR);
$stmt->bindParam(':site_id', $site_id, database::PARAM_INT);
try {
$stmt->execute();
} catch (\Exception $e) {
$error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage()));
}
$users = $stmt->fetchAll(database::FETCH_ASSOC);
//ad stuff
$options['domain_controllers'] = array($config->get('ad_server'));
$options['account_suffix'] = $config->get('ad_account_suffix');
$options['base_dn'] = $config->get('ad_base_dn');
//if found
if (count($users) == 1) {
$user = $users[0];
if ($user['allow_login'] == 1) {
//account lockout check.
if (isset($user['failed_logins']) && (int) $user['failed_logins'] > 4 && isset($user['fail_expires']) && $user['fail_expires'] > datetime()) {
if ($config->get('lockout_enabled')) {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>" - Account Temporarily Locked.';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'login_failed_account_lockout';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
return false;
}
}
//if AD account
if ($user['authentication_id'] == 2) {
if ($config->get('ad_enabled')) {
try {
$ad =& singleton::get('adLDAP', $options);
} catch (\adLDAPException $e) {
$log_array['event_severity'] = 'error';
$log_array['event_number'] = E_USER_ERROR;
$log_array['event_description'] = 'Active Directory could not start "' . $e->getMessage() . '"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'ad_login_failed';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = true;
$log->add($log_array);
return false;
}
//login via ad
if ($ad->user()->authenticate($user['username'], $password) == true) {
$this->login_session($user);
$log_array['event_severity'] = 'notice';
$log_array['event_number'] = E_USER_NOTICE;
$log_array['event_description'] = 'Active Directory Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'ad_login_successful';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
$this->clear_failed_login($user);
return true;
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Active Directory Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'ad_login_failed';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
$this->increment_failed_login($user);
return false;
}
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Active Directory Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>" - Auth Type Disabled';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'ad_login_failed';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
return false;
}
} else {
if ($user['password'] === $this->hash_password($password, $user['salt'])) {
$this->login_session($user);
$log_array['event_severity'] = 'notice';
$log_array['event_number'] = E_USER_NOTICE;
$log_array['event_description'] = 'Local Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'local_login_successful';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
$this->clear_failed_login($user);
return true;
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Local Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'local_login_failed';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
$this->increment_failed_login($user);
return false;
}
}
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Local Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'local_login_failed';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
return false;
}
} else {
//if (Allow any valid AD user to login)
if ($config->get('ad_enabled') && $config->get('ad_create_accounts')) {
try {
$ad =& singleton::get('adLDAP', $options);
} catch (\adLDAPException $e) {
return false;
}
if ($ad->user()->authenticate($username, $password) == true) {
$user =& singleton::get(__NAMESPACE__ . '\\users');
if (!$user->check_username_taken(array('username' => $username))) {
//create user
$user_info = $ad->user()->infoCollection($username, array('displayname', 'mail'));
$client_array['name'] = $user_info->displayName;
$client_array['username'] = $username;
$client_array['email'] = strtolower($user_info->mail);
$client_array['authentication_id'] = 2;
$client_array['allow_login'] = 1;
$client_array['user_level'] = 1;
$id = $user->add($client_array);
$client_array['id'] = $id;
$log =& singleton::get(__NAMESPACE__ . '\\log');
$log_array['event_severity'] = 'notice';
$log_array['event_number'] = E_USER_NOTICE;
$log_array['event_description'] = 'New Active Directory Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $id . '/">' . safe_output($client_array['name']) . '</a>"';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'local_login_successful';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
$this->login_session($client_array);
return true;
} else {
return false;
}
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'AD Login Failed "' . safe_output($username) . '" - Unknown Account';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'unknown_user';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
return false;
}
} else {
$log_array['event_severity'] = 'warning';
$log_array['event_number'] = E_USER_WARNING;
$log_array['event_description'] = 'Local Login Failed "' . safe_output($array['username']) . '" - Unknown Account';
$log_array['event_file'] = __FILE__;
$log_array['event_file_line'] = __LINE__;
$log_array['event_type'] = 'unknown_user';
$log_array['event_source'] = 'auth';
$log_array['event_version'] = '1';
$log_array['log_backtrace'] = false;
$log->add($log_array);
return false;
}
}
}
<tr>
<td style="padding-right:5px; text-align:left;">
<div>
<?php
echo '<div><p style="font-size:13px; color:black;">' . __('Customer address') . '</p><br></div>';
?>
<?php
echo '<div style="font-size:13px;">' . $company_to['name'] . '</div>';
?>
<?php
if ($company_to['fiscal_id']) {
echo '<div style="font-size:13px;">' . __("Fiscal ID: ") . $company_to['fiscal_id'] . '</div>';
}
?>
<?php
echo '<div style="font-size:13px;">' . safe_output($company_to['address']) . '</div>';
?>
<?php
echo '<div style="font-size:13 px;">' . $company_to['country'] . '</div>';
?>
</div>
</td>
<td style="padding-left:5px;">
<table>
<tr>
<td style="text-align:left; font-size:12px; color:black;">
<?php
echo __('Invoice ID') . ':</b> ';
?>
</td>
<td style="text-align:right; font-size:12px;">
//Clean name output
foreach ($events as $ev) {
$ev["name"] = safe_output($ev["name"]);
array_push($events_result, $ev);
}
echo json_encode($events_result);
return;
}
if ($get_holidays) {
$start_date = get_parameter("start_date");
$end_date = get_parameter("end_date");
$id_user = get_parameter("id_user", "");
if (!$id_user) {
$users = get_user_visible_users($config["id_user"]);
$users_ids = array_keys($users);
} else {
$users_ids = $id_user;
}
$holidays = calendar_get_users_holidays_date_range($start_date, $end_date, $users_ids);
echo json_encode($holidays);
return;
}
if ($get_non_working_days) {
$year = safe_output(get_parameter("year"));
$result = calendar_get_non_working_days($year);
echo json_encode($result);
return;
}
?>
public function send_email($array)
{
$config =& singleton::get(__NAMESPACE__ . '\\config');
$log =& singleton::get(__NAMESPACE__ . '\\log');
$pop_accounts =& singleton::get(__NAMESPACE__ . '\\pop_accounts');
$smtp_accounts =& singleton::get(__NAMESPACE__ . '\\smtp_accounts');
try {
//clear any current info
$this->phpmailer->ClearAllRecipients();
$this->phpmailer->ClearAttachments();
$this->phpmailer->From = 'do_not_reply@' . $config->get('domain');
$found_smtp_account = false;
if (isset($array['pop_account_id']) && !empty($array['pop_account_id'])) {
$pop_array = $pop_accounts->get(array('id' => $array['pop_account_id'], 'get_other_data' => true));
if (!empty($pop_array) && !empty($pop_array[0]['smtp_hostname']) && $pop_array[0]['smtp_enabled'] == 1) {
$smtp['hostname'] = $pop_array[0]['smtp_hostname'];
$smtp['port'] = $pop_array[0]['smtp_port'];
$smtp['tls'] = $pop_array[0]['smtp_tls'];
$smtp['username'] = $pop_array[0]['smtp_username'];
$smtp['password'] = decode($pop_array[0]['smtp_password']);
$smtp['authentication'] = $pop_array[0]['smtp_authentication'];
$smtp['email_address'] = $pop_array[0]['smtp_email_address'];
$found_smtp_account = true;
}
} else {
if (isset($array['smtp_account_id']) && !empty($array['smtp_account_id'])) {
$smtp_array = $smtp_accounts->get(array('id' => $array['smtp_account_id']));
if (!empty($smtp_array) && !empty($smtp_array[0]['hostname']) && $smtp_array[0]['enabled'] == 1) {
$smtp['hostname'] = $smtp_array[0]['hostname'];
$smtp['port'] = $smtp_array[0]['port'];
$smtp['tls'] = $smtp_array[0]['tls'];
$smtp['username'] = $smtp_array[0]['username'];
$smtp['password'] = decode($smtp_array[0]['password']);
$smtp['authentication'] = $smtp_array[0]['authentication'];
$smtp['email_address'] = $smtp_array[0]['email_address'];
$found_smtp_account = true;
}
}
}
if (!$found_smtp_account) {
$smtp_array = $smtp_accounts->get(array('id' => $config->get('default_smtp_account')));
if (!empty($smtp_array) && !empty($smtp_array[0]['hostname']) && $smtp_array[0]['enabled'] == 1) {
$smtp['hostname'] = $smtp_array[0]['hostname'];
$smtp['port'] = $smtp_array[0]['port'];
$smtp['tls'] = $smtp_array[0]['tls'];
$smtp['username'] = $smtp_array[0]['username'];
$smtp['password'] = decode($smtp_array[0]['password']);
$smtp['authentication'] = $smtp_array[0]['authentication'];
$smtp['email_address'] = $smtp_array[0]['email_address'];
$found_smtp_account = true;
}
}
if ($found_smtp_account) {
//what server to send the email to
$this->phpmailer->Host = $smtp['hostname'];
$this->phpmailer->Mailer = 'smtp';
//setup authentication if required
if ($smtp['authentication']) {
$this->phpmailer->SMTPAuth = true;
// turn on SMTP authentication
$this->phpmailer->Username = $smtp['username'];
$this->phpmailer->Password = $smtp['password'];
}
if ($smtp['tls']) {
$this->phpmailer->SMTPSecure = 'tls';
}
$this->phpmailer->Port = (int) $smtp['port'];
//setup the basic email stuff
if (isset($array['from'])) {
$this->phpmailer->From = $array['from'];
} else {
if (!empty($smtp['email_address'])) {
$this->phpmailer->From = $smtp['email_address'];
}
}
} else {
$this->phpmailer->Mailer = 'mail';
if (isset($array['from'])) {
$this->phpmailer->From = $array['from'];
}
}
//increase the default timeout to 15 seconds
$this->phpmailer->Timeout = 15;
$this->phpmailer->CharSet = 'utf-8';
if (isset($array['html']) && $array['html'] == true) {
$this->phpmailer->IsHTML(true);
}
if (isset($array['from_name'])) {
$this->phpmailer->FromName = $array['from_name'];
} else {
$this->phpmailer->FromName = $config->get('name');
}
$this->phpmailer->Subject = $array['subject'];
$this->phpmailer->Body = $array['body'];
if (isset($array['to']) && is_array($array['to'])) {
if (!empty($array['to']['to'])) {
$this->phpmailer->AddAddress($array['to']['to'], $array['to']['to_name']);
}
}
//add multiple files
if (isset($array['file']) && is_array($array['file'])) {
foreach ($array['file'] as $file) {
if (file_exists($file['file'])) {
$this->phpmailer->AddAttachment($file['file'], $file['file_name']);
}
}
}
//add multiple files via a string (I haven't really tested this yet)
if (isset($array['string_file']) && is_array($array['string_file'])) {
foreach ($array['string_file'] as $string) {
$this->phpmailer->AddStringAttachment($string['string'], $string['string_name']);
}
}
//let's try and send the email now
$this->phpmailer->Send();
$array['event_severity'] = 'notice';
$array['event_number'] = E_USER_NOTICE;
if (isset($array['to']) && is_array($array['to'])) {
$array['event_description'] = 'Email sent to "' . safe_output($array['to']['to']) . '" from "' . $this->phpmailer->From . '"';
} else {
$array['event_description'] = 'Email sent from "' . $this->phpmailer->From . '"';
}
$array['event_file'] = __FILE__;
$array['event_file_line'] = __LINE__;
$array['event_type'] = 'email_sent';
$array['event_source'] = 'mailer';
$array['event_version'] = '1';
$array['log_backtrace'] = false;
$log->add($array);
return true;
} catch (\phpmailerException $e) {
$array['event_severity'] = 'warning';
$array['event_number'] = E_USER_WARNING;
$array['event_description'] = $e->errorMessage();
$array['event_file'] = __FILE__;
$array['event_file_line'] = __LINE__;
$array['event_type'] = 'email_not_sent';
$array['event_source'] = 'mailer';
$array['event_version'] = '1';
$array['log_backtrace'] = true;
$log->add($array);
return false;
} catch (\Exception $e) {
$array['event_severity'] = 'warning';
$array['event_number'] = E_USER_WARNING;
$array['event_description'] = $e->getMessage();
$array['event_file'] = __FILE__;
$array['event_file_line'] = __LINE__;
$array['event_type'] = 'email_not_sent';
$array['event_source'] = 'mailer';
$array['event_version'] = '1';
$array['log_backtrace'] = true;
$log->add($array);
return false;
}
}
echo "<input type=hidden name='newsletter' value='{$id}'>";
echo "</table></form>";
return;
}
if ($operation == "subscribe_data") {
$validation1 = get_parameter("validation1");
$validation2 = get_parameter("validation2");
$newsletter = get_parameter("newsletter");
$name = get_parameter("name");
$email = get_parameter("email");
$now = date("Y-m-d H:i:s");
echo "<h3>" . __("Thanks for your subscription. You should receive an email to confirm you have been subscribed to this newsletter") . "</h3>";
if ($validation1 == md5($config["dbpass"] . $validation2)) {
// check if already subscribed
$count = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE email = '" . $email . "' AND id_newsletter = {$newsletter}");
if ($count == 0 && check_email_address(safe_output($email))) {
$sql = "INSERT INTO tnewsletter_address (id_newsletter, email, name, datetime, status) VALUES ({$newsletter}, '{$email}', '{$name}', '{$now}',0)";
$result = mysql_query($sql);
if ($result) {
$newsletter_name = get_db_sql("SELECT name FROM tnewsletter WHERE id = {$newsletter}");
$text .= __("Welcome to") . " " . $newsletter_name . " " . __("newsletter") . "\n\n";
$text .= __("Please use this URL to de-subscribe yourself from this newsletter:") . "\n\n";
$text .= $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id={$newsletter}";
$text .= "\n\n" . __("Thank you");
integria_sendmail($email, "Newsletter subscription - {$newsletter_name}", $text);
}
}
}
return;
}
if ($operation == "desubscribe") {
if($id_group_type != "" && $id_group_type != "0"){
if(give_acl ($config['id_user'], $id_grupo, "SI")){
$groups_all = safe_output(users_get_groups_for_select ($config['id_user'], "SI", false, true));
}
else{
$groups_all = safe_output(users_get_groups_for_select ($config['id_user'], "IW", false, true));
}
$id_group_type = str_replace(" ", " ", $id_group_type);
$groups_selected = explode(', ', $id_group_type);
$groups = array_intersect($groups_all, $groups_selected);
} else {
if(give_acl ($config['id_user'], $id_grupo, "SI")){
$groups = safe_output(users_get_groups_for_select ($config['id_user'], "SI", false, true));
}
else{
$groups = safe_output(users_get_groups_for_select ($config['id_user'], "IW", false, true));
}
$groups_selected = explode(', ', $id_group_type);
}
$table->data[0][2] = print_select ($groups, "grupo_form", $id_grupo_incident, '', '', 0, true, false, false, __('Group'), $blocked_incident) . "<div id='group_spinner'></div>";
$disabled = false;
if ($disabled) {
$table->data[1][0] = print_label (__('Priority'), '', '', true,
$priority);
} else {
$table->data[1][0] = print_select (get_priorities (),
'priority_form', $priority, '', '',
'', true, false, false, __('Priority'), $blocked_incident);
}
