function getAllowedCompanies()
{
global $AppUI;
require_once $AppUI->getModuleClass('companies');
$company = new CCompany();
$allowedCompanies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
//$allowedCompanies = arrayMerge( array( '0'=>'' ), $allowedCompanies );
return $allowedCompanies;
}
protected function _createCompanySelection($AppUI, $companyInput)
{
$company = new CCompany();
$companyMatches = $company->getCompanyList($AppUI, -1, $companyInput);
$company_id = count($companyMatches) == 1 ? $companyMatches[0]['company_id'] : $AppUI->user_company;
$companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => ''), $companies);
$output .= '<td>' . arraySelect($companies, 'company_id', ' onChange=this.form.new_company.value=\'\'', $company_id) . '<input type="text" name="new_company" value="' . ($company_id > 0 ? '' : $companyInput) . '" />';
if ($company_id == 0) {
$output .= '<br /><em>' . $AppUI->_('compinfo') . '</em>';
}
$output .= '</td></tr>';
return $output;
}
$AppUI->savePlace();
w2PsetMicroTime();
// retrieve any state parameters
if (isset($_REQUEST['company_id'])) {
$AppUI->setState('CalIdxCompany', intval(w2PgetParam($_REQUEST, 'company_id', 0)));
}
$company_id = $AppUI->getState('CalIdxCompany', 0);
// Using simplified set/get semantics. Doesn't need as much code in the module.
$event_filter = $AppUI->checkPrefState('CalIdxFilter', w2PgetParam($_REQUEST, 'event_filter', 'my'), 'EVENTFILTER', 'my');
// get the passed timestamp (today if none)
$ctoday = new w2p_Utilities_Date();
$today = $ctoday->format(FMT_TIMESTAMP_DATE);
$date = w2PgetParam($_GET, 'date', $today);
// get the list of visible companies
$company = new CCompany();
$companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => $AppUI->_('All')), $companies);
// setup the title block
$titleBlock = new CTitleBlock('Monthly Calendar', 'myevo-appointments.png', $m, $m . '.' . $a);
$titleBlock->addCrumb('?m=calendar&a=year_view&date=' . $date, 'year view');
$titleBlock->addCrumb('?m=calendar&date=' . $date, 'month view');
$titleBlock->addCrumb('?m=calendar&a=week_view&date=' . $date, 'week view');
$titleBlock->addCrumb('?m=calendar&a=day_view&date=' . $date, 'day view');
$titleBlock->addCell($AppUI->_('Company') . ':');
$titleBlock->addCell(arraySelect($companies, 'company_id', 'onChange="document.pickCompany.submit()" class="text"', $company_id), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickCompany" accept-charset="utf-8">', '</form>');
$titleBlock->addCell($AppUI->_('Event Filter') . ':');
$titleBlock->addCell(arraySelect($event_filter_list, 'event_filter', 'onChange="document.pickFilter.submit()" class="text"', $event_filter, true), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickFilter" accept-charset="utf-8">', '</form>');
$titleBlock->show();
?>
<script language="javascript" type="text/javascript">
/**
** Overload of the w2PObject::getAllowedRecords
** to ensure that the allowed projects are owned by allowed companies.
**
** @author handco <*****@*****.**>
** @see w2PObject::getAllowedRecords
**/
public function getAllowedRecords($uid, $fields = '*', $orderby = '', $index = null, $extra = null)
{
global $AppUI;
$oCpy = new CCompany();
$aCpies = $oCpy->getAllowedRecords($uid, 'company_id, company_name');
if (count($aCpies)) {
$buffer = '(contact_company IN (' . implode(',', array_keys($aCpies)) . ') OR contact_company IS NULL OR contact_company = \'\' OR contact_company = 0)';
//Department permissions
$oDpt = new CDepartment();
$aDpts = $oDpt->getAllowedRecords($uid, 'dept_id, dept_name');
if (count($aDpts)) {
$dpt_buffer = '(contact_department IN (' . implode(',', array_keys($aDpts)) . ') OR contact_department = 0)';
} else {
// There are no allowed departments, so allow projects with no department.
$dpt_buffer = '(contact_department = 0)';
}
if ($extra['where'] != '') {
$extra['where'] = $extra['where'] . ' AND ' . $buffer . ' AND ' . $dpt_buffer;
} else {
$extra['where'] = $buffer . ' AND ' . $dpt_buffer;
}
} else {
// There are no allowed companies, so don't allow projects.
if ($extra['where'] != '') {
$extra['where'] = $extra['where'] . ' AND (contact_company IS NULL OR contact_company = \'\' OR contact_company = 0) ';
} else {
$extra['where'] = 'contact_company IS NULL OR contact_company = \'\' OR contact_company = 0';
}
}
return parent::getAllowedRecords($uid, $fields, $orderby, $index, $extra);
}
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
global $search_string;
global $owner_filter_id;
global $currentTabId;
global $currentTabName;
global $tabbed;
global $type_filter;
global $orderby;
global $orderdir;
// load the company types
$types = dPgetSysVal('CompanyType');
// get any records denied from viewing
$obj = new CCompany();
$allowedCompanies = $obj->getAllowedRecords($AppUI->user_id, 'company_id, company_name');
$company_type_filter = $currentTabId;
//Not Defined
$companiesType = true;
if ($currentTabName == "All Companies") {
$companiesType = false;
}
if ($currentTabName == "Not Applicable") {
$company_type_filter = 0;
}
// retrieve list of records
$q = new DBQuery();
$q->addTable('companies', 'c');
$q->addQuery('c.company_id, c.company_name, c.company_type, c.company_description, count(distinct p.project_id) as countp, count(distinct p2.project_id) as inactive, con.contact_first_name, con.contact_last_name');
$q->addJoin('projects', 'p', 'c.company_id = p.project_company AND p.project_status <> 7');
$q->addJoin('users', 'u', 'c.company_owner = u.user_id');
if (!isset($project_id)) {
$project_id = dPgetParam($_REQUEST, 'project_id', 0);
}
if (!$project_id) {
$showProject = true;
}
// get company to filter files by
//if (isset( $_POST['company_id'] )) {
// $AppUI->setState( 'FileIdxCompany', intval( $_POST['company_id'] ) );
//}
//$company_id = $AppUI->getState( 'FileIdxCompany' ) !== NULL ? $AppUI->getState( 'FileIdxCompany' ) : $AppUI->user_company;
if (!isset($company_id)) {
$company_id = dPgetParam($_REQUEST, 'company_id', 0);
}
$obj = new CCompany();
$allowed_companies_ary = $obj->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$allowed_companies = implode(",", array_keys($allowed_companies_ary));
if (!isset($task_id)) {
$task_id = dPgetParam($_REQUEST, 'task_id', 0);
}
global $xpg_min, $xpg_pagesize;
$xpg_pagesize = 30;
$xpg_min = $xpg_pagesize * ($page - 1);
// This is where we start our record set from
// load the following classes to retrieved denied records
include_once $AppUI->getModuleClass('projects');
include_once $AppUI->getModuleClass('tasks');
$project = new CProject();
$deny1 = $project->getDeniedRecords($AppUI->user_id);
$task = new CTask();
$deny2 = $task->getDeniedRecords($AppUI->user_id);
/**
* Overload of the w2PObject::getDeniedRecords
* to ensure that the projects owned by denied companies are denied.
*
* @author handco <*****@*****.**>
* @see w2PObject::getAllowedRecords
*/
public function getDeniedRecords($uid)
{
$aBuf1 = parent::getDeniedRecords($uid);
$oCpy = new CCompany();
// Retrieve which projects are allowed due to the company rules
$aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name');
//Department permissions
$oDpt = new CDepartment();
$aDptsAllowed = $oDpt->getAllowedRecords($uid, 'dept_id,dept_name');
$q = $this->_query;
$q->addTable('projects');
$q->addQuery('projects.project_id');
$q->addJoin('project_departments', 'pd', 'pd.project_id = projects.project_id');
if (count($aCpiesAllowed)) {
if (array_search('0', $aCpiesAllowed) === false) {
//If 0 (All Items of a module) are not permited then just add the allowed items only
$q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))');
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
}
} else {
//if the user is not allowed any company then lets shut him off
$q->addWhere('0=1');
}
if (count($aDptsAllowed)) {
if (array_search('0', $aDptsAllowed) === false) {
//If 0 (All Items of a module) are not permited then just add the allowed items only
$q->addWhere('NOT (department_id IN (' . implode(',', array_keys($aDptsAllowed)) . '))');
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
$q->addWhere('NOT (department_id IS NULL)');
}
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
$q->addWhere('NOT (department_id IS NULL)');
}
$aBuf2 = $q->loadColumn();
$q->clear();
return array_merge($aBuf1, $aBuf2);
}
/**
* Overload of the dpObject::getDeniedRecords
* to ensure that the projects owned by denied companies are denied.
*
* @author handco <*****@*****.**>
* @see dpObject::getAllowedRecords
*/
function getDeniedRecords($uid)
{
$aBuf1 = parent::getDeniedRecords($uid);
$oCpy = new CCompany();
// Retrieve which projects are allowed due to the company rules
$aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name');
$q = new DBQuery();
$q->addTable('projects');
$q->addQuery('project_id');
if (count($aCpiesAllowed)) {
$q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))');
}
$sql = $q->prepare();
$q->clear();
$aBuf2 = db_loadColumn($sql);
return array_merge($aBuf1, $aBuf2);
}
function projects_list_data($user_id = false)
{
global $AppUI, $addPwOiD, $buffer, $company, $company_id, $company_prefix, $deny, $department, $dept_ids, $w2Pconfig, $orderby, $orderdir, $tasks_problems, $owner, $projectTypeId, $search_text, $project_type;
$addProjectsWithAssignedTasks = $AppUI->getState('addProjWithTasks') ? $AppUI->getState('addProjWithTasks') : 0;
// get any records denied from viewing
$obj = new CProject();
$deny = $obj->getDeniedRecords($AppUI->user_id);
// Let's delete temproary tables
$q = new w2p_Database_Query();
$q->setDelete('tasks_problems');
$q->exec();
$q->clear();
$q->setDelete('tasks_users');
$q->exec();
$q->clear();
// support task problem logs
$q->addInsertSelect('tasks_problems');
$q->addTable('tasks');
$q->addQuery('task_project, task_log_problem');
$q->addJoin('task_log', 'tl', 'tl.task_log_task = task_id', 'inner');
$q->addWhere('task_log_problem = 1');
$q->addGroup('task_project');
$tasks_problems = $q->exec();
$q->clear();
if ($addProjectsWithAssignedTasks) {
// support users tasks
$q->addInsertSelect('tasks_users');
$q->addTable('tasks');
$q->addQuery('task_project');
$q->addQuery('ut.user_id');
$q->addJoin('user_tasks', 'ut', 'ut.task_id = tasks.task_id');
if ($user_id) {
$q->addWhere('ut.user_id = ' . (int) $user_id);
}
$q->addOrder('task_end_date DESC');
$q->addGroup('task_project');
$tasks_users = $q->exec();
$q->clear();
}
// add Projects where the Project Owner is in the given department
if ($addPwOiD && isset($department)) {
$owner_ids = array();
$q->addTable('users');
$q->addQuery('user_id');
$q->addJoin('contacts', 'c', 'c.contact_id = user_contact', 'inner');
$q->addWhere('c.contact_department = ' . (int) $department);
$owner_ids = $q->loadColumn();
$q->clear();
}
if (isset($department)) {
//If a department is specified, we want to display projects from the department, and all departments under that, so we need to build that list of departments
$dept_ids = array();
$q->addTable('departments');
$q->addQuery('dept_id, dept_parent');
$q->addOrder('dept_parent,dept_name');
$rows = $q->loadList();
addDeptId($rows, $department);
$dept_ids[] = isset($department->dept_id) ? $department->dept_id : 0;
$dept_ids[] = $department > 0 ? $department : 0;
}
$q->clear();
// retrieve list of records
// modified for speed
// by Pablo Roca (pabloroca@mvps.org)
// 16 August 2003
// get the list of permitted companies
$obj = new CCompany();
$companies = $obj->getAllowedRecords($AppUI->user_id, 'companies.company_id,companies.company_name', 'companies.company_name');
if (count($companies) == 0) {
$companies = array();
}
$q->addTable('projects', 'pr');
$q->addQuery('pr.project_id, project_status, project_color_identifier,
project_type, project_name, project_description, project_scheduled_hours as project_duration,
project_parent, project_original_parent, project_percent_complete,
project_color_identifier, project_company,
company_name, project_status, project_last_task as critical_task,
tp.task_log_problem, user_username, project_active');
$fields = w2p_Core_Module::getSettings('projects', 'index_list');
unset($fields['department_list']);
// added as an alias below
foreach ($fields as $field => $text) {
$q->addQuery($field);
}
$q->addQuery('CONCAT(ct.contact_first_name, \' \', ct.contact_last_name) AS owner_name');
$q->addJoin('users', 'u', 'pr.project_owner = u.user_id');
$q->addJoin('contacts', 'ct', 'ct.contact_id = u.user_contact');
$q->addJoin('tasks_problems', 'tp', 'pr.project_id = tp.task_project');
if ($addProjectsWithAssignedTasks) {
$q->addJoin('tasks_users', 'tu', 'pr.project_id = tu.task_project');
}
if (!isset($department) && $company_id && !$addPwOiD) {
$q->addWhere('pr.project_company = ' . (int) $company_id);
}
if ($project_type > -1) {
$q->addWhere('pr.project_type = ' . (int) $project_type);
}
if (isset($department) && !$addPwOiD) {
$q->addWhere('project_departments.department_id in ( ' . implode(',', $dept_ids) . ' )');
}
if ($user_id && $addProjectsWithAssignedTasks) {
$q->addWhere('(tu.user_id = ' . (int) $user_id . ' OR pr.project_owner = ' . (int) $user_id . ' )');
} elseif ($user_id) {
$q->addWhere('pr.project_owner = ' . (int) $user_id);
}
if ($owner > 0) {
$q->addWhere('pr.project_owner = ' . (int) $owner);
}
if (mb_trim($search_text)) {
$q->addWhere('pr.project_name LIKE \'%' . $search_text . '%\' OR pr.project_description LIKE \'%' . $search_text . '%\'');
}
// Show Projects where the Project Owner is in the given department
if ($addPwOiD && !empty($owner_ids)) {
$q->addWhere('pr.project_owner IN (' . implode(',', $owner_ids) . ')');
}
$orderby = 'project_company' == $orderby ? 'company_name' : $orderby;
$q->addGroup('pr.project_id');
$q->addOrder($orderby . ' ' . $orderdir);
$prj = new CProject();
$prj->setAllowedSQL($AppUI->user_id, $q, null, 'pr');
$dpt = new CDepartment();
$projects = $q->loadList();
// get the list of permitted companies
$companies = arrayMerge(array('0' => $AppUI->_('All')), $companies);
$company_array = $companies;
//get list of all departments, filtered by the list of permitted companies.
$q->clear();
$q->addTable('companies');
$q->addQuery('company_id, company_name, dep.*');
$q->addJoin('departments', 'dep', 'companies.company_id = dep.dept_company');
$q->addOrder('company_name,dept_parent,dept_name');
$obj->setAllowedSQL($AppUI->user_id, $q);
$dpt->setAllowedSQL($AppUI->user_id, $q);
$rows = $q->loadList();
//display the select list
$buffer = '<select name="department" id="department" onChange="document.pickCompany.submit()" class="text" style="width: 200px;">';
$company = '';
foreach ($company_array as $key => $c_name) {
$buffer .= '<option value="' . $company_prefix . $key . '" style="font-weight:bold;"' . ($company_id == $key ? 'selected="selected"' : '') . '>' . $c_name . '</option>' . "\n";
foreach ($rows as $row) {
if ($row['dept_parent'] == 0) {
if ($key == $row['company_id']) {
if ($row['dept_parent'] != null) {
findchilddept($rows, $row['dept_id']);
}
}
}
}
}
$buffer .= '</select>';
return $projects;
}
$call_back_string = !is_null($call_back) ? "window.opener.{$call_back}('{$selected_contacts_id}');" : "";
?>
<script language="javascript">
<?php
echo $call_back_string;
?>
self.close();
</script>
<?php
}
// Remove any empty elements
$contacts_id = remove_invalid(explode(",", $selected_contacts_id));
$selected_contacts_id = implode(',', $contacts_id);
require_once $AppUI->getModuleClass('companies');
$oCpy = new CCompany();
$aCpies = $oCpy->getAllowedRecords($AppUI->user_id, "company_id, company_name", 'company_name');
$aCpies_esc = array();
foreach ($aCpies as $key => $company) {
$aCpies_esc[$key] = db_escape($company);
}
if ($selected_contacts_id && !$show_all && !$company_id) {
$q =& new DBQuery();
$q->addTable('contacts');
$q->addQuery('DISTINCT contact_company');
$q->addWhere('contact_id IN (' . $selected_contacts_id . ')');
$where = implode(',', $q->loadColumn());
$where = "contact_company IN({$where})";
} else {
if (!$company_id) {
// Contacts from all allowed companies
$where = "contact_company = '' OR (contact_company IN ('" . implode('\',\'', array_values($aCpies_esc)) . "')) OR ( contact_company IN ('" . implode('\',\'', array_keys($aCpies_esc)) . "'))";
$clientes = $row1->getAllowedRecords($AppUI->user_id, 'company_id, company_name, company_type', 'company_name', '', $extra);
$clientes = arrayMerge(array('0' => ''), $clientes);
echo arraySelect($clientes, 'project_client', 'class="text" size="1"', $row->project_client);
?>
</td>
</tr>
<tr>
<td align="right" nowrap="nowrap"><?php
echo $AppUI->_('etiq_Moldista');
?>
</td>
<td width="100%" colspan="2">
<?php
$row2 = new CCompany();
$extra['where'] = 'company_type=3';
$moldistas = $row2->getAllowedRecords($AppUI->user_id, 'company_id, company_name, company_type', 'company_name', '', $extra);
$moldistas = arrayMerge(array('0' => ''), $moldistas);
echo arraySelect($moldistas, 'project_mold', 'class="text" size="1"', $row->project_mold);
?>
</td>
</tr>
<tr>
<td align="right" nowrap="nowrap"><?php
echo $AppUI->_('Start Date');
?>
</td>
<td nowrap="nowrap"> <input type="hidden" name="project_start_date" value="<?php
echo $start_date->format(FMT_TIMESTAMP_DATE);
?>
" />
<input type="text" class="text" name="start_date" id="date1" value="<?php
