Example #1
0
    header("Location:index.php?inc=manage_cases");
}
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
    $query = "insert into cases (c_name, c_desc, c_result, c_status, c_global) values ('" . escapeChars($c_name) . "','" . stripbr(escapeChars($ta)) . "','" . stripbr(escapeChars($ta2)) . "','" . escapeChars($c_status) . "','" . escapeChars($c_global) . "')";
    mysql_query($query) or die(mysql_error());
    $c_id = mysql_insert_id();
    //header("Location:index.php?inc=manage_cases");
}
if ($action == "update" && $c_id != "") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
    $query = "update cases set c_name='" . escapeChars($c_name) . "', c_desc='" . stripbr(escapeChars($ta)) . "', c_result='" . stripbr(escapeChars($ta2)) . "', c_status='" . escapeChars($c_status) . "', c_global='" . escapeChars($c_global) . "' where c_id=" . $c_id;
    mysql_query($query) or die(mysql_error());
    //header("Location:index.php?inc=manage_cases");
}
//  if ($what=="projects_list" && $c_id!="")
if ($action != "") {
    $query = "delete from project_cases where pc_c_id=" . $c_id;
    mysql_query($query) or die(mysql_error());
    $list = explode(",", substr($projects_list, 1));
    if ($projects_list != "") {
        while (list($key, $val) = each($list)) {
            $query = "insert into project_cases (pc_c_id, pc_p_id) values ('" . $c_id . "','" . $val . "')";
            mysql_query($query) or die(mysql_error());
        }
    }
    //header("Location:index.php?inc=manage_cases");
Example #2
0
    $query = "delete from reviews where r_id=" . $r_id;
    mysql_query($query) or die(mysql_error());
    header("Location:index.php?inc=manage_reviews");
}
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "insert into reviews (r_name, r_desc, r_date, r_status, r_p_id) values ('" . escapeChars($r_name) . "','" . stripbr(escapeChars($ta)) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . escapeChars($r_status) . "','" . escapeChars($r_p_id) . "')";
    mysql_query($query) or die(mysql_error());
    $r_id = mysql_insert_id();
    //header("Location:index.php?inc=manage_projects");
}
if ($action == "update" && $r_id != "") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "update reviews set r_name='" . escapeChars($r_name) . "', r_desc='" . stripbr(escapeChars($ta)) . "', r_status='" . escapeChars($r_status) . "', r_p_id='" . escapeChars($r_p_id) . "' where r_id=" . $r_id;
    mysql_query($query) or die(mysql_error());
    //header("Location:index.php?inc=manage_projects");
}
if ($action != "") {
    $query = "delete from review_users where ru_r_id=" . $r_id;
    mysql_query($query) or die(mysql_error());
    $list = explode(",", substr($users_list, 1));
    if ($users_list != "") {
        while (list($key, $val) = each($list)) {
            $query = "insert into review_users (ru_r_id, ru_u_id) values ('" . $r_id . "','" . $val . "')";
            mysql_query($query) or die(mysql_error());
        }
    }
    //header("Location:index.php?inc=manage_projects");
}
	<meta name="keywords" content="<?php 
echo $lng[1][3];
?>
"/>
	<title><?php 
echo $lng[1][1];
?>
</title>
	<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
	<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">

<?php 
if ($action == "add") {
    $query = "insert into glossary (g_name, g_term, g_abbreviation, g_desc, g_global) values ('" . escapeChars($g_name) . "','" . escapeChars($g_term) . "','" . escapeChars($g_abbreviation) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($g_global) . "')";
    mysql_query($query) or die(mysql_error());
    $g_id = mysql_insert_id();
    $query = "insert into project_glossary (pg_p_id, pg_g_id) values ('" . $p_id . "','" . $g_id . "')";
    mysql_query($query) or die(mysql_error());
    ?>
    <script>
      <?php 
    if ($where != "1") {
        ?>
      opener.change_select();
      opener.document.forms['edit'].r_glossary.value+=<?php 
        echo $g_id;
        ?>
+",";
      opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
?>
"/>
	<title><?php 
echo $lng[1][1];
?>
</title>
	<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
	<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">

<?php 
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "insert into subprojects (s_name, s_desc, s_p_id) values ('" . escapeChars($s_name) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($p_id) . "')";
    mysql_query($query) or die(mysql_error());
    $s_id = mysql_insert_id();
    ?>
    <script>
      <?php 
    if ($where != "1") {
        ?>
      opener.change_select();
      opener.document.forms['edit'].r_s_id_tmp.value='<?php 
        echo $s_id;
        ?>
';
      opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
      opener.document.forms['edit'].submit();
      self.close();
    $query = "delete from glossary where g_id=" . $g_id;
    mysql_query($query) or die(mysql_error());
    header("Location:index.php?inc=manage_glossary");
}
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "insert into glossary (g_name, g_term, g_abbreviation, g_desc,g_global) values ('" . escapeChars($g_name) . "','" . escapeChars($g_term) . "','" . escapeChars($g_abbreviation) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($g_global) . "')";
    mysql_query($query) or die(mysql_error());
    $g_id = mysql_insert_id();
    header("Location:index.php?inc=manage_glossary");
}
if ($action == "update" && $g_id != "") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "update glossary set g_name='" . escapeChars($g_name) . "', g_term='" . escapeChars($g_term) . "', g_abbreviation='" . escapeChars($g_abbreviation) . "', g_desc='" . stripbr(escapeChars($ta)) . "', g_global='" . escapeChars($g_global) . "' where g_id=" . $g_id;
    mysql_query($query) or die(mysql_error());
    header("Location:index.php?inc=manage_glossary");
}
if ($g_id != "") {
    $query = "select * from glossary where g_id=" . $g_id;
    $rs = mysql_query($query) or die(mysql_error());
    if ($row = mysql_fetch_array($rs)) {
        $g_name = htmlspecialchars($row['g_name']);
        $g_term = htmlspecialchars($row['g_term']);
        $g_abbreviation = htmlspecialchars($row['g_abbreviation']);
        $g_global = htmlspecialchars($row['g_global']);
        $ta = $row['g_desc'];
    }
}
?>
} else {
    if ($action == "update" && $r_id != "") {
        //history
        $query = "select * from requirements where r_id=" . $r_id;
        $rs = mysql_query($query) or die(mysql_error());
        if ($row = mysql_fetch_array($rs)) {
            $query = "insert into requirements_history (r_parent_id, r_p_id, r_release, r_c_id, r_s_id, r_stakeholder,r_glossary,r_keyword, r_u_id, r_assigned_u_id, r_name, r_desc, r_state, r_type_r, r_priority, r_valid, r_link, r_satisfaction, r_dissatisfaction, r_conflicts, r_depends, r_component, r_source, r_risk, r_complexity, r_weight, r_points, r_creation_date, r_change_date, r_accept_date, r_accept_user, r_version, r_save_date, r_save_user, r_parent_id2, r_pos, r_stub, r_keywords, r_userfield1, r_userfield2, r_userfield3, r_userfield4, r_userfield5, r_userfield6) values ('" . $r_id . "','" . escapeChars($row['r_p_id']) . "','" . escapeChars($row['r_release']) . "','" . escapeChars($row['r_c_id']) . "','" . escapeChars($row['r_s_id']) . "','" . escapeChars($row['r_stakeholder']) . "','" . escapeChars($row['r_glossary']) . "','" . escapeChars($row['r_keyword']) . "','" . escapeChars($row['r_u_id']) . "','" . $row['r_assigned_u_id'] . "','" . escapeChars($row['r_name']) . "','" . escapeChars($row['r_desc']) . "','" . escapeChars($row['r_state']) . "','" . escapeChars($row['r_type_r']) . "','" . escapeChars($row['r_priority']) . "','" . escapeChars($row['r_valid']) . "','" . escapeChars($row['r_link']) . "','" . escapeChars($row['r_satisfaction']) . "','" . escapeChars($row['r_dissatisfaction']) . "','" . escapeChars($row['r_conflicts']) . "','" . escapeChars($row['r_depends']) . "','" . escapeChars($row['r_component']) . "','" . escapeChars($row['r_source']) . "','" . escapeChars($row['r_risk']) . "','" . escapeChars($row['r_complexity']) . "','" . escapeChars($row['r_weight']) . "','" . escapeChars($row['r_points']) . "','" . escapeChars($row['r_creation_date']) . "','" . escapeChars($row['r_change_date']) . "','" . escapeChars($row['r_accept_date']) . "','" . escapeChars($row['r_accept_user']) . "','" . escapeChars($row['r_version']) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . $_SESSION['uid'] . "','" . escapeChars($row['r_parent_id']) . "','" . escapeChars($row['r_pos']) . "','" . escapeChars($row['r_stub']) . "','" . escapeChars($row['r_keywords']) . "','" . escapeChars($row['r_userfield1']) . "','" . escapeChars($row['r_userfield2']) . "','" . escapeChars($row['r_userfield3']) . "','" . escapeChars($row['r_userfield4']) . "','" . escapeChars($row['r_userfield5']) . "','" . escapeChars($row['r_userfield6']) . "')";
            mysql_query($query) or die(mysql_error());
        }
        //work up the text
        $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
        //if validated -adding accept date and user
        //$r_link=str_replace('\\','|',$r_link);
        //$r_link=str_replace('||','/',$r_link);
        //$query="update requirements set r_name='".escapeChars($r_name)."', r_desc='".stripbr(escapeChars($ta))."', r_p_id='".escapeChars($r_p_id)."', r_release='".escapeChars($r_release)."', r_c_id='".escapeChars($r_c_id)."', r_s_id='".escapeChars($r_s_id)."', r_stakeholder='".escapeChars($r_stakeholder)."', r_glossary='".escapeChars($r_glossary)."', r_keyword='".escapeChars($r_keyword)."', r_assigned_u_id='".escapeChars($r_assigned_u_id)."', r_state='".escapeChars($r_state)."', r_type_r='".escapeChars($r_type_r)."', r_priority='".escapeChars($r_priority)."', r_link='".addslashes($r_link)."', r_satisfaction='".escapeChars($r_satisfaction)."', r_dissatisfaction='".escapeChars($r_dissatisfaction)."', r_conflicts='".escapeChars($r_conflicts)."', r_depends='".escapeChars($r_depends)."', r_component='".escapeChars($r_component)."', r_source='".escapeChars($r_source)."', r_risk='".escapeChars($r_risk)."', r_complexity='".escapeChars($r_complexity)."', r_weight='".escapeChars($r_weight)."', r_points='".escapeChars($r_points)."', r_parent_id='".escapeChars($r_parent_id)."', r_change_date=DATE_ADD( NOW( ) , INTERVAL - ".TIME_DIFF_HOURS." HOUR), r_version=r_version+1, r_stub='".escapeChars($r_stub)."', r_keywords='".escapeChars($r_keywords)."', r_userfield1='".escapeChars($r_userfield1)."', r_userfield2='".escapeChars($r_userfield2)."', r_userfield3='".escapeChars($r_userfield3)."', r_userfield4='".escapeChars($r_userfield4)."', r_userfield5='".escapeChars($r_userfield5)."', r_userfield6='".escapeChars($r_userfield6)."'";
        $query = "update requirements set r_name='" . escapeChars($r_name) . "', r_desc='" . stripbr(escapeChars($ta)) . "', r_p_id='" . escapeChars($r_p_id) . "', r_release='" . escapeChars($r_release) . "', r_c_id='" . escapeChars($r_c_id) . "', r_s_id='" . escapeChars($r_s_id) . "', r_stakeholder='" . escapeChars($r_stakeholder) . "', r_glossary='" . escapeChars($r_glossary) . "', r_keyword='" . escapeChars($r_keyword) . "', r_assigned_u_id='" . escapeChars($r_assigned_u_id) . "', r_state='" . escapeChars($r_state) . "', r_type_r='" . escapeChars($r_type_r) . "', r_priority='" . escapeChars($r_priority) . "', r_link='" . addslashes($r_link) . "', r_satisfaction='" . escapeChars($r_satisfaction) . "', r_dissatisfaction='" . escapeChars($r_dissatisfaction) . "', r_conflicts='" . escapeChars($r_conflicts) . "', r_depends='" . escapeChars($r_depends) . "', r_component='" . escapeChars($r_component) . "', r_source='" . escapeChars($r_source) . "', r_risk='" . escapeChars($r_risk) . "', r_complexity='" . escapeChars($r_complexity) . "', r_weight='" . escapeChars($r_weight) . "', r_points='" . escapeChars($r_points) . "', r_parent_id='" . escapeChars($r_parent_id) . "', r_change_date=DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR), r_version=r_version+1, r_stub='" . escapeChars($r_stub) . "', r_keywords='" . escapeChars($r_keywords) . $kw_ids . "', r_userfield1='" . escapeChars($r_userfield1) . "', r_userfield2='" . escapeChars($r_userfield2) . "', r_userfield3='" . escapeChars($r_userfield3) . "', r_userfield4='" . escapeChars($r_userfield4) . "', r_userfield5='" . escapeChars($r_userfield5) . "', r_userfield6='" . escapeChars($r_userfield6) . "'";
        //adding nodes position
        if ($r_parent_id != $r_parent_id_tmp) {
            $query2 = "select count(*) from requirements where r_parent_id=" . $r_parent_id . " and r_p_id='" . $r_p_id . "'";
            $rs2 = mysql_query($query2) or die(mysql_error());
            if ($row2 = mysql_fetch_array($rs2)) {
                $pos_cnt = $row2[0] + 1;
            }
            //correcting positions of nodes of the old parent
            if ($r_parent_id_tmp != 0) {
                $query2 = "update requirements set r_pos=r_pos-1 where r_pos>" . $r_pos_tmp . " and r_parent_id=" . $r_parent_id_tmp . " and r_p_id='" . $r_p_id . "'";
                $rs2 = mysql_query($query2) or die(mysql_error());
            }
            //adding new pos to the query
            $query .= ", r_pos='" . $pos_cnt . "'";
        } elseif ($r_parent_id == $r_parent_id_tmp && $r_pos != $r_pos_tmp) {
Example #7
0
     }
     $p_load = "";
     $p_id = $p_id_new;
 }
 if ($action == "add") {
     //work up the text
     $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
     $query = "insert into projects (p_name, p_phase, p_status, p_leader, p_date, p_desc, p_template, p_req_del) values ('" . escapeChars($p_name) . "','" . escapeChars($p_phase) . "','" . escapeChars($p_status) . "','" . escapeChars($p_leader) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . stripbr(escapeChars($ta)) . "','" . escapeChars($p_name) . "','" . escapeChars($p_req_del) . "')";
     mysql_query($query) or die(mysql_error());
     $p_id = mysql_insert_id();
     //header("Location:index.php?inc=manage_projects");
 }
 if ($action == "update" && $p_id != "") {
     //work up the text
     $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
     $query = "update projects set p_name='" . escapeChars($p_name) . "', p_phase='" . escapeChars($p_phase) . "', p_status='" . escapeChars($p_status) . "', p_leader='" . escapeChars($p_leader) . "', p_desc='" . stripbr(escapeChars($ta)) . "', p_template='" . escapeChars($p_template) . "', p_req_del='" . escapeChars($p_req_del) . "' where p_id=" . $p_id;
     mysql_query($query) or die(mysql_error());
     //header("Location:index.php?inc=manage_projects");
 }
 //if ($what=="users_list" && $p_id!="")
 if ($action != "") {
     $query = "delete from project_users where pu_p_id=" . $p_id;
     mysql_query($query) or die(mysql_error());
     $list = explode(",", substr($users_list, 1));
     if ($users_list != "") {
         while (list($key, $val) = each($list)) {
             $query = "insert into project_users (pu_p_id, pu_u_id) values ('" . $p_id . "','" . $val . "')";
             mysql_query($query) or die(mysql_error());
         }
     }
     //header("Location:index.php?inc=manage_projects");
	<title><?php 
echo $lng[1][1];
?>
</title>
	<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
	<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">

<?php 
if ($action == "add") {
    //work up the text
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
    $query = "insert into cases (c_name, c_desc, c_result, c_status, c_global) values ('" . escapeChars($c_name) . "','" . stripbr(escapeChars($ta)) . "','" . stripbr(escapeChars($ta2)) . "','" . escapeChars($c_status) . "','" . escapeChars($c_global) . "')";
    mysql_query($query) or die(mysql_error());
    $c_id = mysql_insert_id();
    $query = "insert into project_cases (pc_c_id, pc_p_id) values ('" . $c_id . "','" . $p_id . "')";
    mysql_query($query) or die(mysql_error());
    ?>
    <script>
      <?php 
    if ($where != "1") {
        ?>
      opener.change_select();
      opener.document.forms['edit'].r_c_id.value+=<?php 
        echo $c_id;
        ?>
+",";
      opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
    $query = "delete from subprojects where s_id=" . $s_id;
    mysql_query($query) or die(mysql_error());
    header("Location:index.php?inc=manage_subprojects");
}
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "insert into subprojects (s_name, s_desc, s_p_id) values ('" . escapeChars($s_name) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($s_p_id) . "')";
    mysql_query($query) or die(mysql_error());
    $s_id = mysql_insert_id();
    header("Location:index.php?inc=manage_subprojects");
}
if ($action == "update" && $s_id != "") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    $query = "update subprojects set s_name='" . escapeChars($s_name) . "', s_desc='" . stripbr(escapeChars($ta)) . "', s_p_id='" . escapeChars($s_p_id) . "' where s_id=" . $s_id;
    mysql_query($query) or die(mysql_error());
    header("Location:index.php?inc=manage_subprojects");
}
if ($s_id != "") {
    $query = "select * from subprojects where s_id=" . $s_id;
    $rs = mysql_query($query) or die(mysql_error());
    if ($row = mysql_fetch_array($rs)) {
        $s_name = htmlspecialchars($row['s_name']);
        $s_desc = $row['s_desc'];
        $s_p_id = $row['s_p_id'];
    }
}
//projects
$query = "select * from projects where p_status<>2";
$rs = mysql_query($query) or die(mysql_error());
Example #10
0
if ($r_id != "") {
    //authorization check
    $query = "select r.* from requirements r, projects p where r.r_id=" . $r_id . " and ((r.r_p_id=p.p_id and p.p_id in (" . $project_list . ")) OR r.r_p_id=0)";
    $rs = mysql_query($query) or die(mysql_error());
    if ($row = mysql_fetch_array($rs)) {
    } else {
        header("Location:index.php");
    }
}
if ($action == "add") {
    //work up the text
    $ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
    if ($_SESSION['rights'] == "0") {
        $c_question = 1;
    }
    $query = "insert into comments (c_r_id, c_u_id, c_text, c_date, c_question) values ('" . escapeChars($r_id) . "','" . $_SESSION['uid'] . "','" . stripbr(escapeChars($ta)) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . escapeChars($c_question) . "')";
    if ($ta != "") {
        mysql_query($query) or die(mysql_error());
    }
    if ($what == "long") {
        header("Location:index.php?inc=view_requirement_long&r_id=" . $r_id);
    } else {
        header("Location:index.php?inc=view_requirement&r_id=" . $r_id);
    }
}
?>
<table border="0" width="100%">
  <tr valign="top">
    <td>
      <form method="post" name="edit" name="edit" action="" enctype='multipart/form-data'>
      <input type="hidden" name="r_id" value="<?php