function get_download_type_icon($id_type) { $type = get_db_row("tdownload_type", "id", $id_type); if ($type) { $image = print_image("images/download_type/" . $type["icon"], true, array('title' => safe_output($type["name"]), 'alt' => '')); } else { $image = print_image("images/download_type/default.png", true, array('title' => __('Without type'), 'alt' => '')); } return $image; }
function create($array) { switch ($array['type']) { case 'file_not_found': break; case 'sql_type_unsupported': break; case 'sql_connect_error': break; case 'sql_prepare_error': break; case 'sql_execute_error': break; case 'security_error': break; } echo '<p><strong>Support Ticket Error</strong><br />Type: ' . safe_output($array['type']) . '<br />Message: ' . safe_output($array['message']) . '</p>'; exit(1); }
/** * OLD VERSION. * Prints an array of fields in a popup menu of a form. * * Based on choose_from_menu() from Moodle * * $fields Array with dropdown values. Example: $fields["value"] = "label" * $name Select form name * $selected Current selected value. * $script Javascript onChange code. * $nothing Label when nothing is selected. * $nothing_value Value when nothing is selected */ function print_select($fields, $name, $selected = '', $script = '', $nothing = 'select', $nothing_value = '0', $return = false, $multiple = 0, $sort = true, $label = false, $disabled = false, $style = '') { $output = "\n"; if ($label) { $output .= print_label($label, $name, 'select', true); } $attributes = $script ? 'onchange="' . $script . '"' : ''; if ($multiple) { $attributes .= ' multiple="yes" size="' . $multiple . '" '; } if ($disabled) { $disabledText = 'disabled'; } else { $disabledText = ''; } if ($style == "") { $output .= '<select style="width: 170px" ' . $disabledText . ' id="' . $name . '" name="' . $name . '" ' . $attributes . ">\n"; } else { $output .= '<select style="' . $style . '" ' . $disabledText . ' id="' . $name . '" name="' . $name . '" ' . $attributes . ">\n"; } if ($nothing != '') { $output .= ' <option value="' . $nothing_value . '"'; if ($nothing_value == $selected) { $output .= " selected"; } $output .= '>' . $nothing . "</option>\n"; } if (!empty($fields)) { if ($sort) { asort($fields); } foreach ($fields as $value => $label) { $optlabel = $label; if (is_array($label)) { if (!isset($lastopttype) || $label['optgroup'] != $lastopttype) { if (isset($lastopttype) && $lastopttype != '') { $output .= '</optgroup>'; } $output .= '<optgroup label="' . $label['optgroup'] . '">'; $lastopttype = $label['optgroup']; } $optlabel = $label['name']; } $output .= ' <option value="' . $value . '"'; if (safe_output($value) == safe_output($selected)) { $output .= ' selected'; } if ($optlabel === '') { $output .= '>' . $value . "</option>\n"; } else { $output .= '>' . $optlabel . "</option>\n"; } } } $output .= "</select>\n"; if ($return) { return $output; } echo $output; }
for ($i = 0; $i < sizeof($send); $i++) { $ch = check_email($send[$i]); if ($ch == "") { $error[] = format_lang('error', 'incorrect_format_email') . " - " . $send[$i]; } } } /**subject */ $_SESSION['share']['subject'] = $subject = safe_output($_POST['txt_subject']); if ($subject == "") { $subject = "Re: " . $job->job_title; } /** comments */ $_SESSION['share']['notes'] = $notes .= safe_output($_POST['txt_comments']); /**from email address*/ $_SESSION['share']['from_send'] = $from_send = safe_output($_POST['txt_email1']); if ($from_send == "") { $error[] = format_lang("error", 'email'); } if ($from_send != "") { $from_send = check_email($from_send); if ($from_send == "") { $error[] = format_lang('errormsg', 39); } } if (ENABLE_SPAM_SHARE && ENABLE_SPAM_SHARE == 'Y' && !$session->get_job_seeker()) { if (strtolower($_POST['spam_code']) != strtolower($_SESSION['spam_code']) || (!isset($_SESSION['spam_code']) || $_SESSION['spam_code'] == NULL)) { $error[] = format_lang('error', 'spam_wrong_word'); } } /**if no errors found then do this*/
header ('Content-Type: text/csv; charset=UTF-8'); header ('Content-Disposition: attachment; filename="'.$filename.'.csv"'); $os_csv = substr(PHP_OS, 0 , 1); echo "\xEF\xBB\xBF"; $rows = get_db_all_rows_sql (clean_output ($report['sql'])); if ($rows === false) return; // Header echo safe_output (implode (';', array_keys (str_replace($search, " ", $rows[0]))))."\n"; $standard_encoding = (bool) $config['csv_standard_encoding']; // Item / data foreach ($rows as $row) { $line = safe_output(implode(';', $row)); if (!$standard_encoding){ if($os_csv != "W"){ echo mb_convert_encoding($line, 'UTF-16LE', 'UTF-8'). "\n"; } else { echo $line . "\n"; } }else{ echo $line . "\n"; } } exit; }
function graph_workunit_project($width, $height, $id_project, $ttl = 1) { global $config; $data = array(); $res = mysql_query("SELECT SUM(duration), ttask.name\n\t\tFROM tworkunit, tworkunit_task, ttask, tproject \n\t\tWHERE tproject.id = '{$id_project}' AND \n\t\t\ttworkunit.id = tworkunit_task.id_workunit AND \n\t\t\ttworkunit_task.id_task = ttask.id AND\n\t\t\ttproject.id = ttask.id_project \n\t\tGROUP BY ttask.name\n\t\tORDER BY SUM(duration) DESC\n\t\tLIMIT 7"); $data = NULL; while ($row = mysql_fetch_array($res)) { $row[1] = substr(safe_output($row[1]), 0, 22); $data[$row[1]] = $row[0]; } if ($data == NULL) { return __("There is no data to show"); } else { return pie3d_graph($config['flash_charts'], $data, $width, $height, __('others'), $config["base_url"], "", $config['font'], $config['fontsize'], $ttl); } }
if ($project_name != $old_project_name) { // Exists. Validation error echo json_encode(false); return; } } // Does not exist echo json_encode(true); return; } elseif ($search_existing_task) { require_once 'include/functions_db.php'; $project_id = (int) get_parameter('project_id'); $operation_type = (string) get_parameter('type'); if ($operation_type == "create") { $tasks_names = get_parameter('task_name'); $tasks_names = safe_output($tasks_names); $tasks_names = preg_split("/\n/", $tasks_names); foreach ($tasks_names as $task_name) { $task_name = safe_input($task_name); $query_result = get_db_value_filter("name", "ttask", array('name' => $task_name, 'id_project' => $project_id)); if ($query_result) { // Exists. Validation error echo json_encode(false); return; } } } elseif ($operation_type == "view") { $task_name = get_parameter('task_name'); $old_task_id = get_parameter('task_id'); if (!$project_id) { $project_id = get_db_value("id_project", "ttask", "id", $old_task_id);
check_login (); include_once('include/functions_crm.php'); include_once('include/functions_incidents.php'); $id = (int) get_parameter ('id'); $contact = get_db_row ('tcompany_contact', 'id', $id); $read = check_crm_acl ('other', 'cr', $config['id_user'], $contact['id_company']); if (!$read) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to contact tickets without permission"); include ("general/noaccess.php"); exit; } $email = safe_output($contact["email"]); $email = trim($email); $email = safe_input($email); $incidents = incidents_get_by_notified_email ($email); if (!$incidents) { echo ui_print_error_message (__("This contact doesn't have any ticket associated"), '', true, 'h3', true); } else { $table->class = "listing"; $table->width = "99%"; $table->head[0] = __("ID"); $table->head[1] = __("Ticket"); $table->head[2] = __("Status"); $table->head[3] = __("Priority");
while ($row1 = mysql_fetch_array($result1)) { echo dame_perfil($row1["id_perfil"]) . "/ "; echo dame_grupo($row1["id_grupo"]) . "<br>"; } } else { echo __('This user doesn\'t have any assigned profile/group'); } } echo "</font></span></a>"; echo "</td>"; echo "<td>"; if (give_acl($config["id_user"], 0, "UM")) { echo "<a href='index.php?sec=users&sec2=godmode/usuarios/configurar_usuarios&update_user={$nombre}'>"; } if (strlen(safe_output($nombre)) > 21) { echo "" . ucfirst(substr(safe_output($nombre), 0, 21)) . "..</b>"; } else { echo ucfirst($nombre) . "</b>"; } if (give_acl($config["id_user"], 0, "IM")) { echo "</a>"; } echo "<td style='font-size:9px'>" . $usuario["nombre_real"] . "</td>"; $company_name = (string) get_db_value('name', 'tcompany', 'id', $usuario['id_company']); echo "<td style='font-size:9px'>" . $company_name . "</td>"; echo "<td>"; // Full report echo "<a href='index.php?sec=users&sec2=operation/user_report/report_full&only_projects=1&wu_reporter={$nombre}'>"; echo "<img title='" . __("Full report") . "' src='images/page_white_stack.png'>"; echo "</a>"; // Workunit report (detailed)
exit; } $manager = give_acl($config["id_user"], 0, "CN"); $id = (int) get_parameter('id'); $create = (bool) get_parameter('create'); $disable = (bool) get_parameter('disable'); $delete = (bool) get_parameter('delete'); $multiple_delete = (bool) get_parameter('multiple_delete'); // CREATE if ($create) { $data = get_parameter("data"); $id_newsletter = get_parameter("id_newsletter"); $datetime = date("Y-m-d H:i:s"); $id_group = get_db_sql("SELECT id_group FROM tnewsletter WHERE id = {$id_newsletter}"); // Parse chunk data from the textarea $data = safe_output($data); $data_array = preg_split("/\n/", $data); $total = 0; $invalid = 0; foreach ($data_array as $data_item) { $data2 = preg_split("/,/", $data_item); $data2[0] = trim($data2[0]); // We have parsed data, ok, lets go if (check_email_address($data2[0])) { // It's duped ? $duped = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE id_newsletter = {$id_newsletter} AND email = '" . $data2[0] . "'"); // OK, good data ! if ($duped == 0) { $total++; $sql = sprintf('INSERT INTO tnewsletter_address (id_newsletter, email, status, name, datetime) VALUES (%d, "%s", "%s", "%s", "%s")', $id_newsletter, $data2[0], 0, $data2[1], $datetime); $id = process_sql($sql, 'insert_id');
$email_info = get_db_row ("tusuario", "direccion", $email); if ($email_info) { $contact_info = array("id" => $email_info["id_usuario"], "type" => "user", "id_company" => $email_info["id_company"], "company" => get_db_value("name", "tcompany", "id", $email_info["id_company"]), "inventory" => __("N/A"), "fullname" => $email_info["nombre_real"], "email" => $email_info["direccion"], "phone" => $email_info["telefono"], "mobile" => __("N/A"), "position" => __("N/A")); } else { //Search for contact $email_aux = safe_output($email); $email_aux = trim($email_aux); $email_info = get_db_row("tcompany_contact", "email", $email_aux); if ($email_info) { $contact_info= $email_info; $contact_info["type"] = "contact"; $contact_info["inventory"] = __("N/A"); $contact_info["company"] = get_db_value("name", "tcompany", "id", $contact_info["id_company"]); } else { //We only have email address $contact_info = array("id" => $email, "fullname" => $email, "type" => "email", "company" => __("N/A"),
if ($diff) { foreach ($diff as $key => $values) { $max_rows[$key] = " "; } } } $max_rows_prepare = $max_rows; foreach ($rows as $row) { //head $csv_head = implode(';', array_keys($max_rows_prepare)); //inicialice $line $line = array(); //loop that compares whether a field foreach ($max_rows_prepare as $k => $v) { if (array_key_exists($k, $row)) { $cell = str_replace($search, " ", safe_output($row[$k])); } else { $cell = " "; } // Change ; !! $cell = str_replace(";", ",", $cell); $line[] = $cell; } $line = implode(';', $line); $csv_lines[] = $line; } ob_end_clean(); // CSV Output header('Content-Type: text/csv; charset=UTF-8'); header('Content-Disposition: attachment; filename="' . $filename . '.csv"'); // Header
// ----------- // Upload file // ----------- if ($operation == "attachfile") { // ACL $task_access = get_project_access ($config["id_user"], $id_project, $id_task, false, true); if (!$task_access["write"]) { // Doesn't have access to this page audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to attach a file to a task without permission"); no_permission(); } $filename = $_FILES['userfile']; $filename_real = safe_output($filename['name']); $filename_safe = str_replace (" ", "_", $filename_real); if ($filename['error'] === 0){ //if file if (isset($_POST["file_description"])) $description = $_POST["file_description"]; else $description = "No description available"; // Insert into database $file_temp = $filename['tmp_name']; $filesize = $filename['size']; $sql = " INSERT INTO tattachment (id_task, id_usuario, filename, description, size ) VALUES (".$id_task.", '".$id_user." ','".$filename_safe."','".$description."',".$filesize.") "; $id_attachment = process_sql ($sql, 'insert_id'); //project_tracking ( $id_inc, $id_usuario, 3);
function users_get_groups_for_select($id_user, $privilege = "IR", $returnAllGroup = true, $returnAllColumns = false, $id_groups = null, $keys_field = 'id_grupo') { if ($id_groups === false) { $id_groups = null; } $user_groups = get_user_groups($id_user, $privilege, $returnAllGroup, $returnAllColumns); /* $user_groups_flag_si = get_user_groups ($id_user, "SI", $returnAllGroup, $returnAllColumns); if (!empty($user_groups_flag_si)) { foreach ($user_groups_flag_si as $group_flag) { array_push ($user_groups, $group_flag); } } */ if ($id_groups !== null) { $childrens = groups_get_childrens($id_groups); foreach ($childrens as $child) { unset($user_groups[$child['id_grupo']]); } unset($user_groups[$id_groups]); } if (empty($user_groups)) { $user_groups_tree = array(); } else { // First group it's needed to retrieve its parent group $repair = array_slice($user_groups, 0, 1); $first_group = reset($repair); $parent_group = $first_group['parent']; $user_groups_tree = groups_get_groups_tree_recursive($user_groups, $parent_group); } $fields = array(); foreach ($user_groups_tree as $group) { //$groupName = ui_print_truncate_text($group['nombre'], GENERIC_SIZE_TEXT, false, true, false); $groupName = safe_output($group['nombre']); $fields[$group[$keys_field]] = str_repeat(" ", $group['deep']) . $groupName; } return $fields; }
<?php /** if user already logged in take them to index page */ if ($session->get_job_seeker()) { redirect_to(BASE_URL . "account/"); die; } if (isset($_POST['bt_resend'])) { $email = safe_output($_POST['txtresend']); if (empty($email) || !check_email($email)) { $message = "<div class='error'>" . format_lang("error", 'email') . "</div>"; } elseif (ENABLE_SPAM_RSC && ENABLE_SPAM_RSC == 'Y') { if (strtolower($_POST['spam_code']) != strtolower($_SESSION['spam_code']) || (!isset($_SESSION['spam_code']) || $_SESSION['spam_code'] == NULL)) { $message = "<div class='error'>" . format_lang('error', 'spam_wrong_word') . "</div>"; } } else { $employee = Employee::find_by_email($email); //print_r( $employee ); //die; if ($employee->is_active == "Y") { $session->message("<div class='error'>" . format_lang('errormsg', 60) . "</div>"); redirect_to(BASE_URL . "login/"); exit; } else { // if found //echo sizeof($employee); //die; if ($employee) { $reg_email = $employee->email_address; $reg_key = $employee->actkey; $username = $employee->username;
function ui_print_truncate_text($text, $numChars = GENERIC_SIZE_TEXT, $showTextInAToopTip = true, $return = true, $showTextInTitle = true, $suffix = '…', $style = false) { global $config; if (is_string($numChars)) { switch ($numChars) { case 'agent_small': $numChars = $config['agent_size_text_small']; break; case 'agent_medium': $numChars = $config['agent_size_text_medium']; break; case 'module_small': $numChars = $config['module_size_text_small']; break; case 'module_medium': $numChars = $config['module_size_text_medium']; break; case 'description': $numChars = $config['description_size_text']; break; case 'item_title': $numChars = $config['item_title_size_text']; break; default: $numChars = (int) $numChars; break; } } if ($numChars == 0) { if ($return == true) { return $text; } else { echo $text; } } $text = safe_output($text); if (mb_strlen($text, "UTF-8") > $numChars) { // '/2' because [...] is in the middle of the word. $half_length = intval(($numChars - 3) / 2); // Depending on the strange behavior of mb_strimwidth() itself, // the 3rd parameter is not to be $numChars but the length of // original text (just means 'large enough'). $truncateText2 = mb_strimwidth($text, mb_strlen($text, "UTF-8") - $half_length, mb_strlen($text, "UTF-8"), "", "UTF-8"); $truncateText = mb_strimwidth($text, 0, $numChars - $half_length, "", "UTF-8") . $suffix; $truncateText = $truncateText . $truncateText2; if ($showTextInTitle) { if ($style === null) { $truncateText = $truncateText; } else { if ($style !== false) { $truncateText = '<span style="' . $style . '" title="' . $text . '">' . $truncateText . '</span>'; } else { $truncateText = '<span title="' . $text . '">' . $truncateText . '</span>'; } } } if ($showTextInAToopTip) { $truncateText = $truncateText . print_help_tip($text, true); } else { if ($style !== false) { $truncateText = '<span style="' . $style . '">' . $truncateText . '</span>'; } } } else { if ($style !== false) { $truncateText = '<span style="' . $style . '">' . $text . '</span>'; } else { $truncateText = $text; } } if ($return == true) { return $truncateText; } else { echo $truncateText; } }
if ($result !== false && $result1 !== false && $result2 !== false) { $succ++; audit_db($config['id_user'], $config["REMOTE_ADDR"], "Task updated", "Task '{$name}' updated to project '{$id_project}'"); task_tracking($id, TASK_UPDATED); } else { echo "<h3 class='error'>" . __('Could not be updated') . "</h3>"; } } echo '<h3 class="suc">' . sprintf(__('%d tasks successfully updated'), $succ) . '</h3>'; } //Create a new task if ($create) { $tasklist = get_parameter("tasklist"); // Massive creation of tasks if ($tasklist != "") { $tasklist = safe_output($tasklist); $parent = (int) get_parameter('padre'); $start = get_parameter('start_date2', date("Y-m-d")); $end = get_parameter('end_date2', date("Y-m-d")); $owner = get_parameter('dueno'); if ($parent) { $project_access = get_project_access($config["id_user"], $id_project); if (!$project_access["manage"]) { $task_access = get_project_access($config["id_user"], $id_project, $parent); if (!$task_access["manage"]) { audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create tasks in an unauthorized project"); no_permission(); } } } else { $project_access = get_project_access($config["id_user"], $id_project);
// This program is free software; you can redistribute it and/or // modify it under the terms of the GNU General Public License // as published by the Free Software Foundation; version 2 // This program is distributed in the hope that it will be useful, // but WITHOUT ANY WARRANTY; without even the implied warranty of // MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the // GNU General Public License for more details. global $config; check_login(); if (!give_acl($config["id_user"], 0, "IM")) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access Audit Log viewer"); require "general/noaccess.php"; exit; } $text = safe_output(get_parameter("text", "")); $action = safe_output(get_parameter("action", "")); $date_from = get_parameter("date_from", ""); $date_to = get_parameter("date_to", ""); $offset = (int) get_parameter("offset"); $color = 0; $id_user = $config["id_user"]; echo "<h2>" . __('Audit log') . "</h2>"; echo "<h4>" . __('List Audit') . "</h4>"; $where = 'WHERE 1=1 '; if ($text != "") { $where .= sprintf('AND (ID_usuario LIKE "%%%s%%" OR accion LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR IP_origen LIKE "%%%s%%" OR extra_info LIKE "%%%s%%")', $text, $text, $text, $text, $text); } if ($action != "") { $where .= sprintf(' AND accion ="%s"', $action); } if ($date_from != "") {
function delete($array = NULL) { global $db; $tables =& singleton::get(__NAMESPACE__ . '\\tables'); $error =& singleton::get(__NAMESPACE__ . '\\error'); $log =& singleton::get(__NAMESPACE__ . '\\log'); $site_id = SITE_ID; //delete user permissions if (isset($array['id'])) { $query = "DELETE FROM {$tables->users_to_departments} WHERE site_id = :site_id AND department_id = :department_id"; try { $stmt = $db->prepare($query); } catch (\PDOException $e) { $error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage())); } $stmt->bindParam(':site_id', $site_id, database::PARAM_INT); $stmt->bindParam(':department_id', $array['id'], database::PARAM_INT); try { $stmt->execute(); } catch (\PDOException $e) { $error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage())); } } //delete ticket departments $query = "DELETE FROM {$tables->ticket_departments} WHERE site_id = :site_id"; if (isset($array['id'])) { $query .= " AND id = :id"; } if (isset($array['enabled'])) { $query .= " AND enabled = :enabled"; } try { $stmt = $db->prepare($query); } catch (\PDOException $e) { $error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage())); } $stmt->bindParam(':site_id', $site_id, database::PARAM_INT); if (isset($array['id'])) { $stmt->bindParam(':id', $array['id'], database::PARAM_INT); } if (isset($array['enabled'])) { $stmt->bindParam(':enabled', $array['enabled'], database::PARAM_INT); } try { $stmt->execute(); } catch (\PDOException $e) { $error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage())); } $log_array['event_severity'] = 'notice'; $log_array['event_number'] = E_USER_NOTICE; $log_array['event_description'] = 'Ticket Department Deleted ID ' . safe_output($array['id']); $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'delete'; $log_array['event_source'] = 'ticket_departments'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); }
function integria_logwrite($string) { global $config; $current_date = date("Y/m/d H:i:s"); $logfile = $config["homedir"] . "/integria.log"; file_put_contents($logfile, "{$current_date} " . safe_output($string) . "\n", FILE_APPEND); }
$labels = get_db_all_rows_sql($sql_label); if ($labels === false) { $labels = array(); } foreach ($labels as $label) { $id_incident_field = get_db_value_filter('id', 'tincident_type_field', array('id_incident_type' => $id_incident_type, 'label' => $label['label']), 'AND'); $values_insert['id_incident'] = $id; $values_insert['data'] = get_parameter(base64_encode($label['label'])); //~ $values_insert['data'] = str_replace('
', "",get_parameter (base64_encode($label['label']))); $values_insert['id_incident_field'] = $id_incident_field; $id_incident_field = get_db_value('id', 'tincident_type_field', 'id_incident_type', $id_incident_type); process_sql_insert('tincident_field_data', $values_insert); } } // ATTACH A FILE IF IS PROVIDED $upfiles = json_decode(safe_output($upfiles), true); if (!empty($upfiles)) { include_once 'include/functions_workunits.php'; foreach ($upfiles as $file) { if (is_array($file)) { if ($file['description']) { $file_description = $file['description']; } else { $file_description = __('No description available'); } $file_result = attach_incident_file($id, $file["location"], $file_description, false, $file["name"]); } } } // If the ticket creation is successful, redirect the page to the ticket dashboard detail of the new ticket echo "<script type=\"text/javascript\">";
$sql= "SELECT * FROM tworkunit WHERE tworkunit.id = $id_workunit"; } else { if ($id_task == 0){ if ($timestamp_l != "" && $timestamp_h != "") $sql= "SELECT * FROM tworkunit WHERE tworkunit.id_user = '******' AND timestamp >= '$timestamp_l' AND timestamp <= '$timestamp_h' ORDER BY timestamp DESC"; else $sql= "SELECT * FROM tworkunit WHERE tworkunit.id_user = '******' ORDER BY timestamp DESC"; } else { if ($timestamp_l != "" && $timestamp_h != "") $sql= "SELECT * FROM tworkunit, tworkunit_task WHERE tworkunit.id_user = '******' AND timestamp >= '$timestamp_l' AND timestamp <= '$timestamp_h' AND tworkunit_task.id_task = $id_task AND tworkunit_task.id_workunit = tworkunit.id ORDER BY timestamp DESC"; else $sql= "SELECT * FROM tworkunit, tworkunit_task WHERE tworkunit.id_user = '******' AND tworkunit_task.id_task = $id_task AND tworkunit_task.id_workunit = tworkunit.id ORDER BY timestamp DESC"; } } $sql = safe_output ($sql); $alldata = get_db_all_rows_sql ($sql); foreach ($alldata as $row){ if ($row["id"] != -1) show_workunit_user ($row['id'], 1, true, true, $id_user, $timestamp_h, $timestamp_l); else show_workunit_user ($row['id'], 0, true, true, $id_user, $timestamp_h, $timestamp_l); } echo '<div id="show_multiple_edit">'; echo '<h2>'.__('Massive operations over selected items').'</h2>'; $table = new StdClass;
function calendar_get_users_holidays_date_range($start, $end, $id_user) { $mysql_start = date('Y-m-d', $start); $mysql_end = date('Y-m-d', $end); $user_clause = ""; if (is_array($id_user)) { $aux_ids = array(); foreach ($id_user as $iu) { array_push($aux_ids, "'" . $iu . "'"); } $user_clause = "id_user IN (" . join(",", $aux_ids) . ")"; } else { $user_clause = "id_user = '******'"; } $sql = sprintf("SELECT tworkunit.timestamp AS date, tworkunit.id_user as user FROM tworkunit, tworkunit_task WHERE \n\t\t\t\t\t{$user_clause} AND tworkunit_task.id_workunit = tworkunit.id AND tworkunit_task.id_task =-1 AND \n\t\t\t\t\ttimestamp >= '{$mysql_start}' AND timestamp <= '{$mysql_end}' ORDER BY date ASC"); $res = process_sql($sql); if (!$res) { $res = array(); } $holidays = array(); $holidays_counters = array(); $holidays_last_day = array(); foreach ($res as $r) { if (!isset($holidays[$r["user"]])) { $holidays[$r["user"]] = array(); $holidays_counters[$r["user"]] = -1; $holidays_last_day[$r["user"]] = 0; } //Calculate start and end for the holiday value if (isset($holidays_last_day[$r["user"]])) { //Last day minus current day is 1 we increase dates for stored holidays $last_time = strtotime($holidays_last_day[$r["user"]]); $current_time = strtotime($r["date"]); $day_in_seconds = 24 * 3600; if ($current_time - $last_time <= $day_in_seconds) { $pos = $holidays_counters[$r["user"]]; $holidays[$r["user"]][$pos]["end"] = strtotime($r["date"]); $holidays_last_day[$r["user"]] = strtotime($r["date"]); } else { array_push($holidays[$r["user"]], array("start" => strtotime($r["date"]), "end" => strtotime($r["date"]))); $holidays_last_day[$r["user"]] = $r["date"]; $holidays_counters[$r["user"]]++; } } //Update last day $holidays_last_day[$r["user"]] = $r["date"]; } $full_holidays = array(); $colors = array("#aa3333", "#33aa33", "#3a3a3a", "#3333aa", "#045FB4", "#DF7401", "#01DF3A", "#BE81F7", "#8181F7", "#81BEF7", "#F781F3", "#F7D358", "#F78181", "#FA8258", "#BCF5A9", "#A9A9F5", "#D0A9F5", "#E2A9F3", "#A9F5D0", "#A9F5E1", "#BDBDBD", "#E6E6E6", "#F6CECE", "#6AA4B2", "#6AB277", "#B28E6A", "#B26A97", "#776AB2", "#A58EB4", "#8EB490", "#8E96B4", "#B48E98"); $i = 0; $colors_size = count($colors); foreach ($holidays as $key => $values) { $i = $i % $colors_size; $name = get_db_value("nombre_real", "tusuario", "id_usuario", $key); $url = "index.php?sec=users&sec2=operation/user_report/holidays_calendar&custom_dates=1&id_user="******"name" => safe_output($name), "dates" => $values, "bgColor" => $colors[$i], "link" => $url)); $i++; } return $full_holidays; }
// Integria uses icons from famfamfam, licensed under CC Atr. 2.5 // Silk icon set 1.3 (cc) Mark James, http://www.famfamfam.com/lab/icons/silk/ // Integria uses Pear Image::Graph code // Integria shares much of it's code with project Babel Enterprise and Pandora FMS, // also a Free Software Project coded by some of the people who makes Integria. // Set to 1 to do not check for installer or config file (for development!). // Activate gives more error information, not useful for production sites global $config; $options = array(); $options['id_user'] = $config['id_user']; $options['modal'] = true; $news = get_news($options); // Clean subject entities foreach ($news as $k => $v) { $news[$k]['content'] = safe_output($v['content']); $news[$k]['title'] = safe_output($v['title']); } if (!empty($news)) { $options = array(); $options['id'] = 'news_json'; $options['hidden'] = 1; $options['content'] = base64_encode(json_encode($news)); print_div($options); } // Prints news dialog template echo '<div id="news_dialog" title="" style="display: none;">'; echo '<div style="position:absolute; top:30px; left: 10px; text-align: left; right:0%; height:70px; min-width:560px; width: 95%; margin: 0 auto; border: 1px solid #FFF; line-height: 19px;">'; echo '<span style="display: block; height: 260px; overflow: auto; text-align: justify; padding: 5px 15px 4px 10px; background: #ECECEC; border-radius: 4px;" id="new_content"></span>'; echo '<span style="font-size: 12px; display: block; margin-top: 20px;" id="new_creator"></span>'; echo '<span style="font-size: 12px; display: block; font-style: italic;" id="new_date"></span>'; echo '</div>';
/** * Login in the user and creates a session. * * Form the array like this: * <code> * $array = array( * 'username' => 'admin', // the username (will be converted to lowercase). * 'password' => '1234', // the plaintext password * ); * * </code> * * @param array $array The array explained above * @return bool TRUE if successful or FALSE if not. */ public function login($array) { global $db; $plugins =& singleton::get(__NAMESPACE__ . '\\plugins'); $plugins->run('auth_login_start', $array); $config =& singleton::get(__NAMESPACE__ . '\\config'); $tables =& singleton::get(__NAMESPACE__ . '\\tables'); $error =& singleton::get(__NAMESPACE__ . '\\error'); $log =& singleton::get(__NAMESPACE__ . '\\log'); $site_id = SITE_ID; $username = strtolower($array['username']); $password = $array['password']; if (empty($username)) { return false; } if (empty($password)) { return false; } //look for user in db $query = "SELECT * FROM {$tables->users} WHERE `username` = :username AND `site_id` = :site_id LIMIT 1"; try { $stmt = $db->prepare($query); } catch (\Exception $e) { $error->create(array('type' => 'sql_prepare_error', 'message' => $e->getMessage())); } $stmt->bindParam(':username', $array['username'], database::PARAM_STR); $stmt->bindParam(':site_id', $site_id, database::PARAM_INT); try { $stmt->execute(); } catch (\Exception $e) { $error->create(array('type' => 'sql_execute_error', 'message' => $e->getMessage())); } $users = $stmt->fetchAll(database::FETCH_ASSOC); //ad stuff $options['domain_controllers'] = array($config->get('ad_server')); $options['account_suffix'] = $config->get('ad_account_suffix'); $options['base_dn'] = $config->get('ad_base_dn'); //if found if (count($users) == 1) { $user = $users[0]; if ($user['allow_login'] == 1) { //account lockout check. if (isset($user['failed_logins']) && (int) $user['failed_logins'] > 4 && isset($user['fail_expires']) && $user['fail_expires'] > datetime()) { if ($config->get('lockout_enabled')) { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>" - Account Temporarily Locked.'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'login_failed_account_lockout'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); return false; } } //if AD account if ($user['authentication_id'] == 2) { if ($config->get('ad_enabled')) { try { $ad =& singleton::get('adLDAP', $options); } catch (\adLDAPException $e) { $log_array['event_severity'] = 'error'; $log_array['event_number'] = E_USER_ERROR; $log_array['event_description'] = 'Active Directory could not start "' . $e->getMessage() . '"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'ad_login_failed'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = true; $log->add($log_array); return false; } //login via ad if ($ad->user()->authenticate($user['username'], $password) == true) { $this->login_session($user); $log_array['event_severity'] = 'notice'; $log_array['event_number'] = E_USER_NOTICE; $log_array['event_description'] = 'Active Directory Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'ad_login_successful'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); $this->clear_failed_login($user); return true; } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Active Directory Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'ad_login_failed'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); $this->increment_failed_login($user); return false; } } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Active Directory Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>" - Auth Type Disabled'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'ad_login_failed'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); return false; } } else { if ($user['password'] === $this->hash_password($password, $user['salt'])) { $this->login_session($user); $log_array['event_severity'] = 'notice'; $log_array['event_number'] = E_USER_NOTICE; $log_array['event_description'] = 'Local Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'local_login_successful'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); $this->clear_failed_login($user); return true; } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Local Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'local_login_failed'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); $this->increment_failed_login($user); return false; } } } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Local Login Failed "<a href="' . $config->get('address') . '/users/view/' . (int) $user['id'] . '/">' . safe_output($user['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'local_login_failed'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); return false; } } else { //if (Allow any valid AD user to login) if ($config->get('ad_enabled') && $config->get('ad_create_accounts')) { try { $ad =& singleton::get('adLDAP', $options); } catch (\adLDAPException $e) { return false; } if ($ad->user()->authenticate($username, $password) == true) { $user =& singleton::get(__NAMESPACE__ . '\\users'); if (!$user->check_username_taken(array('username' => $username))) { //create user $user_info = $ad->user()->infoCollection($username, array('displayname', 'mail')); $client_array['name'] = $user_info->displayName; $client_array['username'] = $username; $client_array['email'] = strtolower($user_info->mail); $client_array['authentication_id'] = 2; $client_array['allow_login'] = 1; $client_array['user_level'] = 1; $id = $user->add($client_array); $client_array['id'] = $id; $log =& singleton::get(__NAMESPACE__ . '\\log'); $log_array['event_severity'] = 'notice'; $log_array['event_number'] = E_USER_NOTICE; $log_array['event_description'] = 'New Active Directory Login Successful "<a href="' . $config->get('address') . '/users/view/' . (int) $id . '/">' . safe_output($client_array['name']) . '</a>"'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'local_login_successful'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); $this->login_session($client_array); return true; } else { return false; } } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'AD Login Failed "' . safe_output($username) . '" - Unknown Account'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'unknown_user'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); return false; } } else { $log_array['event_severity'] = 'warning'; $log_array['event_number'] = E_USER_WARNING; $log_array['event_description'] = 'Local Login Failed "' . safe_output($array['username']) . '" - Unknown Account'; $log_array['event_file'] = __FILE__; $log_array['event_file_line'] = __LINE__; $log_array['event_type'] = 'unknown_user'; $log_array['event_source'] = 'auth'; $log_array['event_version'] = '1'; $log_array['log_backtrace'] = false; $log->add($log_array); return false; } } }
<tr> <td style="padding-right:5px; text-align:left;"> <div> <?php echo '<div><p style="font-size:13px; color:black;">' . __('Customer address') . '</p><br></div>'; ?> <?php echo '<div style="font-size:13px;">' . $company_to['name'] . '</div>'; ?> <?php if ($company_to['fiscal_id']) { echo '<div style="font-size:13px;">' . __("Fiscal ID: ") . $company_to['fiscal_id'] . '</div>'; } ?> <?php echo '<div style="font-size:13px;">' . safe_output($company_to['address']) . '</div>'; ?> <?php echo '<div style="font-size:13 px;">' . $company_to['country'] . '</div>'; ?> </div> </td> <td style="padding-left:5px;"> <table> <tr> <td style="text-align:left; font-size:12px; color:black;"> <?php echo __('Invoice ID') . ':</b> '; ?> </td> <td style="text-align:right; font-size:12px;">
//Clean name output foreach ($events as $ev) { $ev["name"] = safe_output($ev["name"]); array_push($events_result, $ev); } echo json_encode($events_result); return; } if ($get_holidays) { $start_date = get_parameter("start_date"); $end_date = get_parameter("end_date"); $id_user = get_parameter("id_user", ""); if (!$id_user) { $users = get_user_visible_users($config["id_user"]); $users_ids = array_keys($users); } else { $users_ids = $id_user; } $holidays = calendar_get_users_holidays_date_range($start_date, $end_date, $users_ids); echo json_encode($holidays); return; } if ($get_non_working_days) { $year = safe_output(get_parameter("year")); $result = calendar_get_non_working_days($year); echo json_encode($result); return; } ?>
public function send_email($array) { $config =& singleton::get(__NAMESPACE__ . '\\config'); $log =& singleton::get(__NAMESPACE__ . '\\log'); $pop_accounts =& singleton::get(__NAMESPACE__ . '\\pop_accounts'); $smtp_accounts =& singleton::get(__NAMESPACE__ . '\\smtp_accounts'); try { //clear any current info $this->phpmailer->ClearAllRecipients(); $this->phpmailer->ClearAttachments(); $this->phpmailer->From = 'do_not_reply@' . $config->get('domain'); $found_smtp_account = false; if (isset($array['pop_account_id']) && !empty($array['pop_account_id'])) { $pop_array = $pop_accounts->get(array('id' => $array['pop_account_id'], 'get_other_data' => true)); if (!empty($pop_array) && !empty($pop_array[0]['smtp_hostname']) && $pop_array[0]['smtp_enabled'] == 1) { $smtp['hostname'] = $pop_array[0]['smtp_hostname']; $smtp['port'] = $pop_array[0]['smtp_port']; $smtp['tls'] = $pop_array[0]['smtp_tls']; $smtp['username'] = $pop_array[0]['smtp_username']; $smtp['password'] = decode($pop_array[0]['smtp_password']); $smtp['authentication'] = $pop_array[0]['smtp_authentication']; $smtp['email_address'] = $pop_array[0]['smtp_email_address']; $found_smtp_account = true; } } else { if (isset($array['smtp_account_id']) && !empty($array['smtp_account_id'])) { $smtp_array = $smtp_accounts->get(array('id' => $array['smtp_account_id'])); if (!empty($smtp_array) && !empty($smtp_array[0]['hostname']) && $smtp_array[0]['enabled'] == 1) { $smtp['hostname'] = $smtp_array[0]['hostname']; $smtp['port'] = $smtp_array[0]['port']; $smtp['tls'] = $smtp_array[0]['tls']; $smtp['username'] = $smtp_array[0]['username']; $smtp['password'] = decode($smtp_array[0]['password']); $smtp['authentication'] = $smtp_array[0]['authentication']; $smtp['email_address'] = $smtp_array[0]['email_address']; $found_smtp_account = true; } } } if (!$found_smtp_account) { $smtp_array = $smtp_accounts->get(array('id' => $config->get('default_smtp_account'))); if (!empty($smtp_array) && !empty($smtp_array[0]['hostname']) && $smtp_array[0]['enabled'] == 1) { $smtp['hostname'] = $smtp_array[0]['hostname']; $smtp['port'] = $smtp_array[0]['port']; $smtp['tls'] = $smtp_array[0]['tls']; $smtp['username'] = $smtp_array[0]['username']; $smtp['password'] = decode($smtp_array[0]['password']); $smtp['authentication'] = $smtp_array[0]['authentication']; $smtp['email_address'] = $smtp_array[0]['email_address']; $found_smtp_account = true; } } if ($found_smtp_account) { //what server to send the email to $this->phpmailer->Host = $smtp['hostname']; $this->phpmailer->Mailer = 'smtp'; //setup authentication if required if ($smtp['authentication']) { $this->phpmailer->SMTPAuth = true; // turn on SMTP authentication $this->phpmailer->Username = $smtp['username']; $this->phpmailer->Password = $smtp['password']; } if ($smtp['tls']) { $this->phpmailer->SMTPSecure = 'tls'; } $this->phpmailer->Port = (int) $smtp['port']; //setup the basic email stuff if (isset($array['from'])) { $this->phpmailer->From = $array['from']; } else { if (!empty($smtp['email_address'])) { $this->phpmailer->From = $smtp['email_address']; } } } else { $this->phpmailer->Mailer = 'mail'; if (isset($array['from'])) { $this->phpmailer->From = $array['from']; } } //increase the default timeout to 15 seconds $this->phpmailer->Timeout = 15; $this->phpmailer->CharSet = 'utf-8'; if (isset($array['html']) && $array['html'] == true) { $this->phpmailer->IsHTML(true); } if (isset($array['from_name'])) { $this->phpmailer->FromName = $array['from_name']; } else { $this->phpmailer->FromName = $config->get('name'); } $this->phpmailer->Subject = $array['subject']; $this->phpmailer->Body = $array['body']; if (isset($array['to']) && is_array($array['to'])) { if (!empty($array['to']['to'])) { $this->phpmailer->AddAddress($array['to']['to'], $array['to']['to_name']); } } //add multiple files if (isset($array['file']) && is_array($array['file'])) { foreach ($array['file'] as $file) { if (file_exists($file['file'])) { $this->phpmailer->AddAttachment($file['file'], $file['file_name']); } } } //add multiple files via a string (I haven't really tested this yet) if (isset($array['string_file']) && is_array($array['string_file'])) { foreach ($array['string_file'] as $string) { $this->phpmailer->AddStringAttachment($string['string'], $string['string_name']); } } //let's try and send the email now $this->phpmailer->Send(); $array['event_severity'] = 'notice'; $array['event_number'] = E_USER_NOTICE; if (isset($array['to']) && is_array($array['to'])) { $array['event_description'] = 'Email sent to "' . safe_output($array['to']['to']) . '" from "' . $this->phpmailer->From . '"'; } else { $array['event_description'] = 'Email sent from "' . $this->phpmailer->From . '"'; } $array['event_file'] = __FILE__; $array['event_file_line'] = __LINE__; $array['event_type'] = 'email_sent'; $array['event_source'] = 'mailer'; $array['event_version'] = '1'; $array['log_backtrace'] = false; $log->add($array); return true; } catch (\phpmailerException $e) { $array['event_severity'] = 'warning'; $array['event_number'] = E_USER_WARNING; $array['event_description'] = $e->errorMessage(); $array['event_file'] = __FILE__; $array['event_file_line'] = __LINE__; $array['event_type'] = 'email_not_sent'; $array['event_source'] = 'mailer'; $array['event_version'] = '1'; $array['log_backtrace'] = true; $log->add($array); return false; } catch (\Exception $e) { $array['event_severity'] = 'warning'; $array['event_number'] = E_USER_WARNING; $array['event_description'] = $e->getMessage(); $array['event_file'] = __FILE__; $array['event_file_line'] = __LINE__; $array['event_type'] = 'email_not_sent'; $array['event_source'] = 'mailer'; $array['event_version'] = '1'; $array['log_backtrace'] = true; $log->add($array); return false; } }
echo "<input type=hidden name='newsletter' value='{$id}'>"; echo "</table></form>"; return; } if ($operation == "subscribe_data") { $validation1 = get_parameter("validation1"); $validation2 = get_parameter("validation2"); $newsletter = get_parameter("newsletter"); $name = get_parameter("name"); $email = get_parameter("email"); $now = date("Y-m-d H:i:s"); echo "<h3>" . __("Thanks for your subscription. You should receive an email to confirm you have been subscribed to this newsletter") . "</h3>"; if ($validation1 == md5($config["dbpass"] . $validation2)) { // check if already subscribed $count = get_db_sql("SELECT COUNT(id) FROM tnewsletter_address WHERE email = '" . $email . "' AND id_newsletter = {$newsletter}"); if ($count == 0 && check_email_address(safe_output($email))) { $sql = "INSERT INTO tnewsletter_address (id_newsletter, email, name, datetime, status) VALUES ({$newsletter}, '{$email}', '{$name}', '{$now}',0)"; $result = mysql_query($sql); if ($result) { $newsletter_name = get_db_sql("SELECT name FROM tnewsletter WHERE id = {$newsletter}"); $text .= __("Welcome to") . " " . $newsletter_name . " " . __("newsletter") . "\n\n"; $text .= __("Please use this URL to de-subscribe yourself from this newsletter:") . "\n\n"; $text .= $config["base_url"] . "/include/newsletter.php?operation=desubscribe&id={$newsletter}"; $text .= "\n\n" . __("Thank you"); integria_sendmail($email, "Newsletter subscription - {$newsletter_name}", $text); } } } return; } if ($operation == "desubscribe") {
if($id_group_type != "" && $id_group_type != "0"){ if(give_acl ($config['id_user'], $id_grupo, "SI")){ $groups_all = safe_output(users_get_groups_for_select ($config['id_user'], "SI", false, true)); } else{ $groups_all = safe_output(users_get_groups_for_select ($config['id_user'], "IW", false, true)); } $id_group_type = str_replace(" ", " ", $id_group_type); $groups_selected = explode(', ', $id_group_type); $groups = array_intersect($groups_all, $groups_selected); } else { if(give_acl ($config['id_user'], $id_grupo, "SI")){ $groups = safe_output(users_get_groups_for_select ($config['id_user'], "SI", false, true)); } else{ $groups = safe_output(users_get_groups_for_select ($config['id_user'], "IW", false, true)); } $groups_selected = explode(', ', $id_group_type); } $table->data[0][2] = print_select ($groups, "grupo_form", $id_grupo_incident, '', '', 0, true, false, false, __('Group'), $blocked_incident) . "<div id='group_spinner'></div>"; $disabled = false; if ($disabled) { $table->data[1][0] = print_label (__('Priority'), '', '', true, $priority); } else { $table->data[1][0] = print_select (get_priorities (), 'priority_form', $priority, '', '', '', true, false, false, __('Priority'), $blocked_incident); }