function generatenexlistFieldHTML($did, $row)
{
global $_CONF, $_TABLES;
$p = new Template($_CONF['path_layout'] . 'nexlist');
$p->set_file(array('fields' => 'definition_fields.thtml', 'field_rec' => 'definition_field_record.thtml'));
$p->set_var('definition_id', $did);
$p->set_var('rowid', $row);
$sql = "SELECT * FROM {$_TABLES['nexlistfields']} WHERE lid='{$did}' ORDER BY id";
$FLD_query = DB_Query($sql);
$numfields = DB_numrows($FLD_query);
if ($numfields > 0) {
$j = 1;
$p->set_var('show_fields', '');
while ($FLD = DB_fetchArray($FLD_query, false)) {
$edit_link = " [<a href=\"#\" onClick='editListField({$row},{$j});'>Edit</a> ]";
$del_link = " [<a href=\"#\" onClick='ajaxUpdateDefinition(\"deleteField\",{$row},{$j});'\">Delete</a> ]";
$p->set_var('field_recid', $FLD['id']);
$p->set_var('field_name', $FLD['fieldname']);
$p->set_var('field_value', $FLD['value_by_function']);
$p->set_var('field_width', $FLD['width']);
$p->set_var('field_id', $j);
$p->set_var('edit_link', $edit_link);
$p->set_var('delete_link', $del_link);
if ($FLD['predefined_function'] == 1) {
$checked = 'CHECKED';
$display_ftext = 'none';
$display_fddown = '';
$p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions($FLD['value_by_function']));
} else {
$checked = '';
$display_ftext = '';
$display_fddown = 'none';
$p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions());
}
$p->set_var('checked', $checked);
$p->set_var('display_ftext', $display_ftext);
$p->set_var('display_fddown', $display_fddown);
if ($j == 1) {
$p->parse('definition_field_records', 'field_rec');
} else {
$p->parse('definition_field_records', 'field_rec', true);
}
$j++;
}
$p->parse('definition_fields', 'fields');
} else {
$p->set_var('show_fields', 'none');
$p->set_var('definition_field_records', '');
}
$p->parse('output', 'fields');
$html = $p->finish($p->get_var('output'));
$html = htmlentities($html);
return $html;
}
function forum_addForum($name, $category, $dscp = "", $order = "", $grp_id = 2, $is_readonly = 0, $is_hidden = 0, $no_newposts = 0)
{
global $_TABLES, $_USER;
DB_query("INSERT INTO {$_TABLES['forum_forums']} (forum_order,forum_name,forum_dscp,forum_cat,grp_id,is_readonly,is_hidden,no_newposts)\n VALUES ('{$order}','{$name}','{$dscp}','{$category}','{$grp_id}','{$is_readonly}','{$is_hidden}','{$no_newposts}')");
$query = DB_query("SELECT MAX(forum_id) FROM {$_TABLES['forum_forums']} ");
list($forumid) = DB_fetchArray($query);
$modquery = DB_query("SELECT * FROM {$_TABLES['forum_moderators']} WHERE mod_uid='{$_USER['uid']}' AND mod_forum='{$forumid}'");
if (DB_numrows($modquery) < 1) {
DB_query("INSERT INTO {$_TABLES['forum_moderators']} (mod_uid,mod_username,mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick) VALUES ('{$_USER['uid']}','{$_USER[username]}', '{$forumid}','1','1','1','1','1')");
}
return $forumid;
}
function phpblock_shoutblock()
{
global $_TABLES, $_USER, $HTTP_COOKIE_VARS, $HTTP_POST_VARS, $PHP_SELF, $REMOTE_ADDR, $LANG01, $_CONF;
$shout_out = "";
$wrap_width = 20;
$max_stories = 5;
$welcome = "Welcome to shoutbox.<p>";
$shout_out .= $welcome;
if ($HTTP_POST_VARS["shout_submit"]) {
$shout_name = addslashes(COM_checkWords(strip_tags($HTTP_POST_VARS["shout_name"])));
$shout_message = addslashes(COM_checkWords(strip_tags($HTTP_POST_VARS["shout_message"])));
$result = DB_query("INSERT INTO shoutbox (name,message,time)" . "VALUES (\"{$shout_name}\", \"{$shout_message}\",now() )");
}
$count = DB_query("select count(*) as count from shoutbox");
$A = DB_fetchArray($count);
$shout_out .= '<b>' . $A['count'] . '</b> shouts already<p>';
$result = DB_query("select * from shoutbox order by id desc limit {$max_stories}");
$nrows = DB_numrows($result);
for ($i = 1; $i <= $nrows; $i++) {
$A = DB_fetchArray($result);
$shout_out .= '<b>' . $A['name'] . '</b>';
$thetime = COM_getUserDateTimeFormat($A['time']);
$shout_time = $thetime[0];
$shout_out .= '<i> on ' . $shout_time . '</i><br>';
$shout_out .= wordwrap($A['message'], $wrap_width, "<br>", 1) . '<br><br>';
}
$shout_out .= "\n<form name='shoutform' action='{$PHP_SELF}' method='post'>";
if (!empty($_USER['uid'])) {
$shout_out .= '<b>Name: ' . $_USER['username'] . '</b><br>';
$shout_out .= '<input type="hidden" value="' . $_USER['username'] . '"';
} else {
$shout_out .= '<b>Name: Anonymous</b><br>';
$shout_out .= '<input type="hidden" value="Anonymous"';
}
$shout_out .= ' name="shout_name"><b>Message:</b>';
$shout_out .= "\n<input type='text' value='Your Message' name='shout_message' size=20 maxlength='100'><br>";
$shout_out .= "\n<input type='submit' name='shout_submit' value='Shout it!'>";
$shout_out .= "\n</form>";
return $shout_out;
}
function generateTemplateVariableHTML($rec, $cntr)
{
global $_TABLES, $_CONF;
$p = new Template($_CONF['path_layout'] . 'nexflow/admin');
$p->set_file('variables', 'template_variables.thtml');
$p->set_file('variable_rec', 'template_variable_record.thtml');
$p->set_var('template_id', $rec);
$p->set_var('cntr', $cntr);
$sql = "SELECT * FROM {$_TABLES['nf_templatevariables']} WHERE nf_templateID='{$rec}' ORDER BY id";
$query = DB_Query($sql);
$numrows = DB_numrows($query);
if ($numrows > 0) {
$j = 1;
$p->set_var('show_vars', '');
$p->set_var('vdivid', '');
while ($A = DB_fetchArray($query)) {
$edit_link = "[ <a href=\"#\" onClick='ajaxUpdateTemplateVar(\"edit\",{$rec},{$cntr},{$j});'\">Edit</a> ]";
$del_link = "[ <a href=\"#\" onClick='ajaxUpdateTemplateVar(\"delete\",{$rec},{$cntr},{$j});'\">Delete</a> ]";
$p->set_var('variable_name', $A['variableName']);
$p->set_var('variable_value', $A['variableValue']);
$p->set_var('var_id', $j);
$p->set_var('edit_link', $edit_link);
$p->set_var('delete_link', $del_link);
if ($j == 1) {
$p->parse('template_variable_records', 'variable_rec');
} else {
$p->parse('template_variable_records', 'variable_rec', true);
}
$j++;
}
} else {
$p->set_var('show_vars', 'none');
$p->set_var('vdivid', "vars{$cntr}");
$p->set_var('template_variable_records', '');
}
$p->parse('output', 'variables');
$html = $p->finish($p->get_var('output'));
$html = htmlentities($html);
return $html;
}
$sql .= "{$_TABLES['gf_topic']}.lastupdated,{$_TABLES['gf_topic']}.replies ";
$sql .= "FROM {$_TABLES['gf_topic']}, {$_TABLES['users']} ";
$sql .= "WHERE forum={$A['fid']} AND pid=0 ";
$sql .= "AND {$_TABLES['gf_topic']}.uid={$_TABLES['users']}.uid ";
$sql .= "ORDER BY {$block5->sortingValue}";
$result = DB_query($sql);
$block5->recordsTotal = DB_numrows($result);
$sql = "SELECT {$_TABLES['gf_topic']}.id,{$_TABLES['gf_topic']}.pid,";
$sql .= "{$_TABLES['gf_topic']}.subject,{$_TABLES['users']}.fullname,";
$sql .= "{$_TABLES['gf_topic']}.lastupdated,{$_TABLES['gf_topic']}.replies ";
$sql .= "FROM {$_TABLES['gf_topic']}, {$_TABLES['users']} ";
$sql .= "WHERE forum={$A['fid']} AND pid=0 ";
$sql .= "AND {$_TABLES['gf_topic']}.uid={$_TABLES['users']}.uid ";
$sql .= "ORDER BY {$block5->sortingValue} LIMIT {$block5->borne},{$block5->rowsLimit}";
$result = DB_query($sql);
$comptListTasks = DB_numrows($result);
if ($comptListTasks != "0") {
$block5->openResults();
$block5->labels($labels = array(0 => $strings["Subject"], 1 => $strings["Author"], 2 => $strings["lastUpdated"], 3 => $strings["Replies"]), "true");
for ($i = 0; $i < $comptListTasks; $i++) {
list($listForum->topic[$i], $parent, $listForum->subject[$i], $listForum->author[$i], $listForum->date[$i], $listForum->replies[$i]) = DB_fetchArray($result);
$block5->openRow();
$block5->checkboxRow($listForum->topic[$i]);
$block5->cellRow($blockPage->buildLink($_CONF['site_url'] . "/forum/viewtopic.php?forum=" . $A[fid] . "&showtopic=" . $listForum->topic[$i], $listForum->subject[$i], "in", 'Click to View Discussion'));
$block5->cellRow($listForum->author[$i]);
$block5->cellRow(strftime("%Y/%m/%d %H:%M", $listForum->date[$i]));
$block5->cellRow($listForum->replies[$i]);
$block5->closeRow();
}
$block5->closeResults();
$block5->bornesFooter("5", $blockPage->bornesNumber, "", "pid={$pid}");
/**
* Delete a single image from an ad
* @param boolean $admin True if this is an admin, false if not
* @param string $adTable Table ID, either production or submission
* @return string Error message, if any
*/
function imgDelete($admin = false, $adTable = 'ad_ads')
{
global $_TABLES, $_USER, $_CONF_ADVT;
$mid = isset($_REQUEST['mid']) ? intval($_REQUEST['mid']) : 0;
if (!$mid) {
return "No image selected";
}
if ($adTable != 'ad_ads' && $adTable != 'ad_submission') {
return "Invalid ad table specified";
}
// find the ad corresponding to this image. Don't trust the input.
$sql = "SELECT ad_id, filename\n FROM {$_TABLES['ad_photo']} \n WHERE photo_id={$mid}";
$result = DB_query($sql, 1);
if (!$result || DB_numrows($result) < 1) {
return '';
}
$row = DB_fetchArray($result, false);
// now get the ad id. We're really just checking that the current
// user is the ad's owner.
$sql = "\n SELECT \n ad_id \n FROM \n {$_TABLES[$adTable]} \n WHERE \n ad_id={$row['ad_id']}\n ";
// Set up base url for links here while we're checking admin status
if (!$admin) {
$base_url = $_CONF['site_url'] . '/' . $_CONF_ADVT['pi_name'] . '/index.php';
$sql .= "AND uid='{$_USER['uid']}'";
} else {
$base_url = $_CONF['site_admin_url'] . '/plugins';
}
$result = DB_query($sql, 1);
if (DB_numrows($result) < 1) {
return "Unauthorized Access";
}
// Otherwise, this is the right owner for this ad, so delete the image
// and thumbnail from the filesystem and database
if (file_exists(CLASSIFIEDS_IMGPATH . '/' . $row['filename'])) {
unlink(CLASSIFIEDS_IMGPATH . '/' . $row['filename']);
}
DB_delete($_TABLES['ad_photo'], 'photo_id', $mid);
// No text returned unless there was an error
return '';
}
function nexlistShowDefinitions($plugin = '', $category = '')
{
global $_USER, $_CONF, $_TABLES, $actionurl;
$p = new Template($_CONF['path_layout'] . 'nexlist');
$p->set_file(array('page' => 'viewdefinitions.thtml', 'javascript' => 'javascript/definitions.thtml', 'def_rec' => 'definition_record.thtml', 'fields' => 'definition_fields.thtml', 'field_rec' => 'definition_field_record.thtml'));
$p->set_var('actionurl', $actionurl);
$p->set_var('LANG_DELCONFIRM', 'Are you sure you want to delete this definition?');
if (!SEC_hasRights('nexlist.edit')) {
$p->set_var('hide_adddef', 'none');
}
if ($GLOBALS['errmsg'] != '') {
$p->set_var('error_msg', $GLOBALS['errmsg']);
} else {
$p->set_var('hide_errormsg', 'none');
}
$linkoptions = '';
$imgset = $_CONF['layout_url'] . '/nexlist/images/admin/';
$view_definition_icon = $imgset . 'view.gif';
$edit_definition_icon = $imgset . 'edit.gif';
$del_definition_icon = $imgset . 'delete.gif';
$copy_definition_icon = $imgset . 'copy.gif';
$editDefLink = '<a id="edefinition_%s" href="#" onClick="return false;"><img src="' . $imgset . 'edit.gif" border="0" TITLE="Edit Definition"></a>';
$copyDefLink = '<a href="' . $actionurl . '?op=copy_def&listid=%s"><img src="' . $copy_definition_icon . '" border="0" TITLE="Copy Definition"></a>';
$delDefLink = '<a href="' . $actionurl . '?op=delete_def&listid=%s"><img src="' . $del_definition_icon . '" border="0" TITLE="Delete Definition"></a>';
$sql = "SELECT * FROM {$_TABLES['nexlist']} ";
if ($plugin != '') {
$sql .= " WHERE plugin='{$plugin}' ";
$p->set_var('show_plugin', 'none');
$p->set_var('pluginmode', $plugin);
$linkoptions = "&pluginmode={$plugin}";
if ($category != '') {
$sql .= "AND category='{$category}'";
$p->set_var('show_category', 'none');
$p->set_var('new_category', $category);
$p->set_var('catmode', $category);
$linkoptions .= "&catmode={$category}";
}
} elseif ($category != '') {
$sql .= "WHERE category='{$category}'";
$p->set_var('show_category', 'none');
$p->set_var('new_category', $category);
$p->set_var('catmode', $category);
$linkoptions = "&catmode={$category}";
}
$chk_editperms = true;
if (!SEC_inGroup('Root', $uid)) {
$GROUPS = SEC_getUserGroups($_USER['uid']);
if ($plugin != '') {
$sql .= ' AND ';
} else {
$sql .= ' WHERE ';
}
$sql .= "view_perms IN (" . implode(',', $GROUPS) . ") ";
}
$sql .= " ORDER BY name";
$DEF_query = DB_query($sql);
$new_plugin_options = '<option value="all">All Plugins</option>';
$query = DB_query("SELECT pi_name FROM {$_TABLES['plugins']}");
while (list($pi_name) = DB_fetchArray($query)) {
$new_plugin_options .= '<option value="' . $pi_name . '">' . $pi_name . '</option>';
}
$p->set_var('new_editperms', COM_optionList($_TABLES['groups'], 'grp_id,grp_name'));
$p->set_var('new_plugin_options', $new_plugin_options);
$i = 1;
$max_numfields = 0;
$p->set_var('num_records', DB_numRows($DEF_query));
while ($DEF = DB_fetchArray($DEF_query)) {
$plugin_options = '<option value="all">All Plugins</option>';
$query = DB_query("SELECT pi_name FROM {$_TABLES['plugins']}");
while (list($pi_name) = DB_fetchArray($query)) {
if ($pi_name == $DEF['plugin']) {
$plugin_options .= '<option value="' . $pi_name . '" SELECTED=selected>' . $pi_name . '</option>';
} else {
$plugin_options .= '<option value="' . $pi_name . '">' . $pi_name . '</option>';
}
}
$p->set_var('rowid', $i);
$p->set_var('cssid', $i % 2 + 1);
$p->set_var('definition_id', $DEF['id']);
$p->set_var('definition_name', $DEF['name']);
$p->set_var('plugin', $DEF['plugin']);
$p->set_var('plugin_options', $plugin_options);
$p->set_var('category', $DEF['category']);
$p->set_var('description', nl2br($DEF['description']));
$view_definition_url = $actionurl . '?op=list_def&listid=' . $DEF['id'];
$p->set_var('view_definition_url', $view_definition_url . $linkoptions);
$p->set_var('view_definition_icon', $view_definition_icon);
if (SEC_inGroup($DEF['edit_perms'])) {
$p->set_var('editperms_link', sprintf($editDefLink, $i));
$p->set_var('copyperms_link', sprintf($copyDefLink, $DEF['id']));
$p->set_var('delperms_link', sprintf($delDefLink, $DEF['id']));
$p->set_var('edit_description', $DEF['description']);
$p->set_var('viewperms', COM_optionList($_TABLES['groups'], 'grp_id,grp_name', $DEF['view_perms']));
$p->set_var('editperms', COM_optionList($_TABLES['groups'], 'grp_id,grp_name', $DEF['edit_perms']));
$p->set_var('editdef_link', '<a href="#" onClick="editDefinition(' . $i . ');return false;">Edit Details</a>');
} else {
$p->set_var('editperms_link', '');
$p->set_var('copyperms_link', '');
$p->set_var('delperms_link', '');
$p->set_var('editdef_link', '');
}
$sql = "SELECT * FROM {$_TABLES['nexlistfields']} WHERE lid='{$DEF['id']}' ORDER BY id";
$FLD_query = DB_Query($sql);
$numfields = DB_numrows($FLD_query);
$max_numfields = $numfields > $max_numfields ? $numfields : $max_numfields;
if ($numfields > 0) {
$j = 1;
$p->set_var('show_fields', '');
$p->set_var('num_fields', $numfields);
while ($FLD = DB_fetchArray($FLD_query, false)) {
$edit_link = " [<a href=\"#\" onClick='editListField({$i},{$j});return false;'>Edit</a> ]";
$del_link = " [<a href=\"#\" onClick='ajaxUpdateDefinition(\"deleteField\",{$i},{$j});'\">Delete</a> ]";
$p->set_var('field_recid', $FLD['id']);
$p->set_var('field_name', $FLD['fieldname']);
$p->set_var('field_value', $FLD['value_by_function']);
$p->set_var('field_width', $FLD['width']);
$p->set_var('field_id', $j);
if ($FLD['predefined_function'] == 1) {
$checked = 'CHECKED';
$display_ftext = 'none';
$display_fddown = '';
$p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions($FLD['value_by_function']));
} else {
$checked = '';
$display_ftext = '';
$display_fddown = 'none';
$p->set_var('function_dropdown_options', nexlist_getCustomListFunctionOptions());
}
$p->set_var('checked', $checked);
$p->set_var('display_ftext', $display_ftext);
$p->set_var('display_fddown', $display_fddown);
$p->set_var('edit_link', $edit_link);
$p->set_var('delete_link', $del_link);
if ($j == 1) {
$p->parse('definition_field_records', 'field_rec');
} else {
$p->parse('definition_field_records', 'field_rec', true);
}
$j++;
}
$p->parse('definition_fields', 'fields');
} else {
$p->set_var('show_fields', 'none');
$p->set_var('definition_field_records', '');
$p->parse('definition_fields', 'fields');
}
$p->parse('definition_records', 'def_rec', true);
$i++;
}
$p->set_var('max_numfields', $max_numfields);
$p->parse('javascript_code', 'javascript');
$p->parse('output', 'page');
return $p->finish($p->get_var('output'));
}
function prj_drawProjectTasksGanttBar(&$graph, &$row, &$count, $pid = 0, $nameIndent = '', $tid = 0, $sampleCounting = 0, $sm, $stm)
{
global $_TABLES, $_CONF, $showMonitor, $showTeamMember, $userid, $_PRJCONF, $filterCSV;
$sql = 'SELECT tid,name,start_date, estimated_end_date,parent_task, progress, progress_id ';
$sql .= "FROM {$_TABLES['prj_tasks']} ";
if ($pid == 0) {
$sql .= 'WHERE pid=0 ';
} else {
$sql .= "WHERE pid='{$pid}' ";
}
$sql .= "and parent_task={$tid} ";
if ($filterCSV != '') {
$sql .= "AND {$_TABLES['prj_tasks']}.pid in ({$filterCSV}) ";
}
$sql .= ' ORDER BY lhs ASC';
$result = DB_query($sql, true);
$testnumrows = DB_numRows($result);
if ($testnumrows == 0) {
//this is to help overcome any COOKIE issues with the filtercsv
$sql = 'SELECT tid,name,start_date, estimated_end_date,parent_task, progress, progress_id ';
$sql .= "FROM {$_TABLES['prj_tasks']} ";
if ($pid == 0) {
$sql .= 'WHERE pid=0 ';
} else {
$sql .= "WHERE pid='{$pid}' ";
}
$sql .= "and parent_task={$tid} ";
$sql .= ' ORDER BY lhs ASC';
$result = DB_query($sql);
}
for ($j = 0; $j < DB_numrows($result); $j++) {
list($tid, $name, $startdate, $enddate, $parent_task, $progress, $status) = DB_fetchArray($result);
$permsArray = prj_getProjectPermissions($pid, $userid, $tid);
$ownertoken = getTaskToken($tid, $userid, "{$_TABLES['prj_task_users']}", "{$_TABLES['prj_tasks']}");
if ($sm == '1' && $stm == '1') {
// all projects
if ($permsArray['monitor'] == '1' || $permsArray['teammember'] == '1' || $ownertoken != 0) {
$name = html_entity_decode($name);
$strdate = strftime("%Y/%m/%d", $startdate);
$edate = strftime("%Y/%m/%d", $enddate);
$sql = "SELECT c.fullname ";
$sql .= "FROM {$_TABLES['prj_task_users']} a ";
$sql .= "INNER JOIN {$_TABLES['prj_tasks']} b on a.tid=b.tid ";
$sql .= "INNER JOIN {$_TABLES['users']} c on a.uid=c.uid ";
$sql .= "WHERE a.role='o' AND a.tid={$tid} ";
$result2 = DB_query($sql);
list($owner) = DB_fetchArray($result2);
$link = $_CONF['site_url'] . "/nexproject/viewproject.php?mode=view&id=" . $tid;
$count = $count + 1;
if (strlen($name) > $_PRJCONF['project_name_length']) {
$name = substr($name, 0, $_PRJCONF['project_name_length']);
$name .= "...";
}
$name = $nameIndent . $name;
if ($strdate == $edate) {
$milestone = new Milestone($row, $name, $strdate);
$milestone->mark->SetType(MARK_DIAMOND);
$graph->Add($milestone);
} else {
$taskActivity = new GanttBar($count, $name, "{$strdate}", "{$edate}", "");
if ($status == 0) {
// Yellow diagonal line pattern on a red background
$taskActivity->SetPattern(BAND_RDIAG, "green");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} elseif ($status == 1) {
$taskActivity->SetPattern(BAND_RDIAG, "yellow");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} else {
$taskActivity->SetPattern(BAND_RDIAG, "red");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
}
$taskActivity->caption->SetFont(FF_FONT1, FS_NORMAL, 10);
$taskActivity->caption->SetColor('black');
$taskActivity->caption->Set($name);
// Set absolute height
$taskActivity->SetHeight(10);
$taskActivity->progress->Set($progress / 100);
// Specify progress
$taskActivity->SetCSIMTarget("{$link}");
$taskActivity->SetCSIMAlt($progress . "% completed");
$tempval = $_GET['expanded'];
$tempval2 = $_SERVER['PHP_SELF'];
$taskActivity->title->SetCSIMTarget("");
$taskActivity->title->SetCSIMAlt($progress . "% completed");
$qconstraints = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE parent_task='{$tid}' ORDER BY lhs ASC");
$numconstraints = DB_numRows($qconstraints);
for ($c = 1; $c <= $numconstraints; $c++) {
//$taskActivity->SetConstrain($row+$c,CONSTRAIN_STARTSTART,"maroon4");
}
// Add line to Gantt Chart
if (!$sampleCounting) {
$graph->Add($taskActivity);
}
}
$row++;
}
} else {
// my projects
if ($ownertoken != 0) {
$name = html_entity_decode($name);
$strdate = strftime("%Y/%m/%d", $startdate);
$edate = strftime("%Y/%m/%d", $enddate);
$sql = "SELECT c.fullname ";
$sql .= "FROM {$_TABLES['prj_task_users']} a ";
$sql .= "INNER JOIN {$_TABLES['prj_tasks']} b on a.tid=b.tid ";
$sql .= "INNER JOIN {$_TABLES['users']} c on a.uid=c.uid ";
$sql .= "WHERE a.role='o' AND a.tid={$tid}";
$result2 = DB_query($sql);
list($owner) = DB_fetchArray($result2);
$link = $_CONF['site_url'] . "/nexproject/viewproject.php?mode=view&id=" . $tid;
$count = $count + 1;
if (strlen($name) > $_PRJCONF['project_name_length']) {
$name = substr($name, 0, $_PRJCONF['project_name_length']);
$name .= "...";
}
$name = $nameIndent . $name;
if ($strdate == $edate) {
$milestone = new Milestone($row, $name, $strdate);
$milestone->mark->SetType(MARK_DIAMOND);
$graph->Add($milestone);
} else {
$taskActivity = new GanttBar($count, $name, "{$strdate}", "{$edate}", "");
if ($status == 0) {
// Yellow diagonal line pattern on a red background
$taskActivity->SetPattern(BAND_RDIAG, "green");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} elseif ($status == 1) {
$taskActivity->SetPattern(BAND_RDIAG, "yellow");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
} else {
$taskActivity->SetPattern(BAND_RDIAG, "red");
$taskActivity->progress->SetPattern(GANTT_RDIAG, "black");
$taskActivity->progress->SetFillColor("white");
}
$taskActivity->caption->SetFont(FF_FONT1, FS_NORMAL, 10);
$taskActivity->caption->SetColor('black');
$taskActivity->caption->Set($name);
// Set absolute height
$taskActivity->SetHeight(10);
$taskActivity->progress->Set($progress / 100);
// Specify progress
$taskActivity->SetCSIMTarget("{$link}");
$taskActivity->SetCSIMAlt($progress . "% completed");
$tempval = $_GET['expanded'];
$tempval2 = $_SERVER['PHP_SELF'];
$taskActivity->title->SetCSIMTarget("");
$taskActivity->title->SetCSIMAlt($progress . "% completed");
$qconstraints = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE parent_task='{$tid}' ORDER BY lhs ASC");
$numconstraints = DB_numRows($qconstraints);
for ($c = 1; $c <= $numconstraints; $c++) {
//$taskActivity->SetConstrain($row+$c,CONSTRAIN_STARTSTART,"maroon4");
}
// Add line to Gantt Chart
if (!$sampleCounting) {
$graph->Add($taskActivity);
}
}
$row++;
}
}
if (DB_count($_TABLES['prj_tasks'], 'parent_task', $tid) > 0) {
prj_drawProjectTasksGanttBar($graph, $row, $count, $pid, $nameIndent . " ", $tid, $sampleCounting, $sm, $stm);
}
}
//end for
}
$selCategory = '';
foreach ($categories as $key => $value) {
$selected = in_array($key, $selectedCategories) === true ? ' selected' : '';
$selCategory .= "<option value=\"{$key}\"{$selected}>{$value}</option>";
}
$objectives = nexlistOptionList('alist', '', $_PRJCONF['nexlist_objective']);
$selectedObjectives = explode(",", $filter['objective']);
$selObjective = '';
foreach ($objectives as $key => $value) {
$selected = in_array($key, $selectedObjectives) === true ? ' selected' : '';
$selObjective .= "<option value=\"{$key}\"{$selected}>{$value}</option>";
}
// Display filter selection section
$sqlFilter = "SELECT flid, name FROM {$_TABLES['prj_filters']} WHERE uid = {$_USER['uid']}";
$result = DB_query($sqlFilter);
$numFilters = DB_numrows($result);
echo '<table width="100%" border="0" cellpadding="1" cellspacing="1"><tr><td class="heading2" colspan="2" align="left">Select by your Saved Filters</TD></tr><tr>';
if ($numFilters != "0") {
echo '<td><form action="' . $PHP_SELF . '" method="post"><select name="selFilter" Style="width:200px">';
while (list($flid, $fname) = DB_fetchARRAY($result)) {
echo '<option value="' . $flid . '"';
if ($flid == $selFilter) {
echo ' SELECTED';
}
echo '>' . $fname . '</option>';
}
echo '</select><input type="submit" name="submit" value="Edit"><input type="submit" name="submit" value="Delete"></form></td>';
}
echo '<td><form action="' . $PHP_SELF . '" method="post">New: <Input Type="text" Name="name"><input type="submit" name="submit" value="New"></form></td></tr></table>';
if (intval($selFilter) > 0) {
echo '<form action="' . $PHP_SELF . '" method="post">
$modForum = COM_applyFilter($modForum, true);
$modquery = DB_query("SELECT * FROM {$_TABLES['forum_moderators']} WHERE mod_uid='{$modMemberUID}' AND mod_forum='{$modForum}'");
if (DB_numrows($modquery) == 1) {
DB_query("DELETE FROM {$_TABLES['forum_moderators']} WHERE mod_uid='{$modMemberUID}' AND mod_forum='{$modForum}'");
}
$fields = 'mod_username,mod_uid,mod_groupid, mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick';
$values = "'{$modMemberName}','{$modMemberUID}','0', '{$modForum}','{$mod_delete}','{$mod_ban}','{$mod_edit}','{$mod_move}','{$mod_stick}'";
DB_query("INSERT INTO {$_TABLES['forum_moderators']} ({$fields}) VALUES ({$values})");
}
}
} elseif ($_POST['modtype'] == 'group' and $_POST['sel_group'] > 0) {
$modGroupid = COM_applyfilter($_POST['sel_group'], true);
foreach ($_POST['sel_forum'] as $modForum) {
$modForum = COM_applyFilter($modForum, true);
$modquery = DB_query("SELECT * FROM {$_TABLES['forum_moderators']} WHERE mod_groupid='{$modGroupid}' AND mod_forum='{$modForum}'");
if (DB_numrows($modquery) == 1) {
DB_query("DELETE FROM {$_TABLES['forum_moderators']} WHERE mod_groupid='{$modGroupid}' AND mod_forum='{$modForum}'");
}
$fields = 'mod_username,mod_uid,mod_groupid, mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick';
$values = "'','0','{$modGroupid}', '{$modForum}','{$mod_delete}','{$mod_ban}','{$mod_edit}','{$mod_move}','{$mod_stick}'";
DB_query("INSERT INTO {$_TABLES['forum_moderators']} ({$fields}) VALUES ({$values})");
}
}
}
}
header("Location: mods.php");
exit;
break;
}
// MAIN
$filtermode = isset($_POST['filtermode']) ? COM_applyFilter($_POST['filtermode']) : '';
function ff_addForum($name, $category, $dscp = "", $order = "", $grp_id = 2, $is_readonly = 0, $is_hidden = 0, $no_newposts = 0, $attachmentgroup = 1)
{
global $_TABLES, $_USER;
$fields = 'forum_order,forum_name,forum_dscp,forum_cat,grp_id,is_readonly,is_hidden,no_newposts,use_attachment_grpid,rating_view,rating_post';
if (empty($name) || $name == '') {
return false;
}
DB_query("INSERT INTO {$_TABLES['ff_forums']} ({$fields})\n VALUES ('{$order}','{$name}','{$dscp}','{$category}','{$grp_id}','{$is_readonly}','{$is_hidden}','{$no_newposts}',{$attachmentgroup},0,0)");
$query = DB_query("SELECT max(forum_id) FROM {$_TABLES['ff_forums']} ");
list($forumid) = DB_fetchArray($query);
$modquery = DB_query("SELECT * FROM {$_TABLES['ff_moderators']} WHERE mod_uid='{$_USER['uid']}' AND mod_forum='{$forumid}'");
if (DB_numrows($modquery) < 1) {
$fields = 'mod_uid,mod_username,mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick';
DB_query("INSERT INTO {$_TABLES['ff_moderators']} ({$fields}) VALUES ('{$_USER['uid']}','{$_USER['username']}', '{$forumid}','1','1','1','1','1')");
}
return $forumid;
}
function prj_drawGanttBar(&$graph, $pid, $tid = 0, &$row, &$count)
{
global $_TABLES, $_CONF, $_PRJCONF;
$sql = "SELECT tid,name,start_date, estimated_end_date,parent_task, progress, progress_id ";
$sql .= "FROM {$_TABLES['prj_tasks']} ";
if ($tid == 0) {
$sql .= "WHERE pid={$pid} AND parent_task=0 ORDER BY lhs ASC";
} else {
$sql .= "WHERE parent_task='{$tid}' ORDER BY lhs ASC";
}
$result = DB_query($sql);
for ($j = 0; $j < DB_numrows($result); $j++) {
list($tid, $name, $startdate, $enddate, $parent_task, $progress, $status) = DB_fetchArray($result);
$name = html_entity_decode($name);
$strdate = strftime("%Y/%m/%d", $startdate);
$edate = strftime("%Y/%m/%d", $enddate);
$sql = "SELECT fullname FROM {$_TABLES['users']}, {$_TABLES['prj_task_users']} ";
$sql .= "WHERE {$_TABLES['prj_task_users']}.tid={$tid} AND {$_TABLES['prj_task_users']}.uid={$_TABLES['users']}.uid";
$result2 = DB_query($sql);
list($owner) = DB_fetchArray($result2);
$link = $_CONF['site_url'] . "/nexproject/viewproject.php?mode=view&id=" . $tid;
$count = $count + 1;
//echo "<br>Count:$count, row:$row";
//$constrains[$j]=array($count, $parentcount, "CONSTRAIN_STARTEND");
if (strlen($name) > $_PRJCONF['project_name_length']) {
$name = substr($name, 0, $_PRJCONF['project_name_length']);
$name .= "...";
}
if ($strdate == $edate) {
$milestone = new Milestone($row, $name, $strdate);
$milestone->mark->SetType(MARK_DIAMOND);
$graph->Add($milestone);
} else {
$activity = new GanttBar($count, "{$name}", "{$strdate}", "{$edate}", "{$owner}");
if ($status == 0) {
// Yellow diagonal line pattern on a red background
$activity->SetPattern(GANTT_SOLID, "darkgreen");
$activity->progress->SetPattern(GANTT_RDIAG, "black");
$activity->progress->SetFillColor("white");
} elseif ($status == 1) {
$activity->SetPattern(GANTT_SOLID, "yellow");
$activity->progress->SetPattern(GANTT_RDIAG, "black");
$activity->progress->SetFillColor("white");
} else {
$activity->SetPattern(GANTT_SOLID, "red");
$activity->progress->SetPattern(GANTT_RDIAG, "black");
$activity->progress->SetFillColor("white");
}
// Set absolute height
$activity->SetHeight(10);
$activity->progress->Set($progress / 100);
// Specify progress
$activity->SetCSIMTarget("{$link}");
$activity->SetCSIMAlt($progress . "% completed");
$activity->title->SetCSIMTarget("{$link}");
$activity->title->SetCSIMAlt($progress . "% completed");
$qconstraints = DB_query("SELECT tid FROM {$_TABLES['prj_tasks']} WHERE parent_task='{$tid}' ORDER BY lhs ASC");
$numconstraints = DB_numRows($qconstraints);
for ($c = 1; $c <= $numconstraints; $c++) {
$activity->SetConstrain($row + $c, CONSTRAIN_STARTSTART, "maroon4");
}
// Add line to Gnatt Chart
$graph->Add($activity);
}
$row++;
if (DB_count($_TABLES['prj_tasks'], 'parent_task', $tid) > 0) {
prj_drawGanttBar($graph, $pid, $tid, $row, $count);
}
}
}
/**
* Send an email to all subscribers for the ad's category, or any
* parent category.
*
* Email is only sent if the ad is approved and a notification
* hasn't already been sent.
*
* @param int $ad_id ID number of ad
*/
function catNotify($ad_id = '')
{
global $_TABLES, $_CONF, $_CONF_ADVT;
// require a valid ad ID
$ad_id = COM_sanitizeID($ad_id);
if ($ad_id == '') {
return;
}
// retrieve the ad info.
$result = DB_query("SELECT \n * \n FROM \n {$_TABLES['ad_ads']} \n WHERE \n ad_id='{$ad_id}'");
if (!$result || DB_numrows($result) < 1) {
return;
}
$adinfo = DB_fetchArray($result);
// check approval status and whether a notification was already sent.
if ($adinfo['sentnotify'] == 1) {
return;
}
$cat = (int) $adinfo['cat_id'];
$subject = trim($adinfo['subject']);
$descript = trim($adinfo['descript']);
$price = trim($adinfo['price']);
// Collect all the parent categories into a comma-separated list, and
// find all the subscribers in any of the categories
$catlist = CLASSIFIEDS_ParentCatList($cat);
$sql = "SELECT \n uid \n FROM \n {$_TABLES['ad_notice']} \n WHERE cat_id IN ({$catlist})";
$notice = @DB_query($sql);
if (!$notice) {
return;
}
// send the notification to subscribers
while ($row = DB_fetchArray($notice)) {
$result = DB_query("\n SELECT \n username, email, language\n FROM \n {$_TABLES['users']} \n WHERE \n uid='{$row['uid']}'\n ");
if (!$result) {
continue;
}
$name = DB_fetchArray($result);
// Select the template for the message
$template_dir = CLASSIFIEDS_PI_PATH . '/templates/notify/' . $name['language'];
if (!file_exists($template_dir . '/subscriber.thtml')) {
$template_dir = CLASSIFIEDS_PI_PATH . '/templates/notify/english';
}
// Load the recipient's language. $LANG_ADVT is *not* global here
// to avoid overwriting the global language strings.
$LANG = plugin_loadlanguage_classifieds($name['language']);
$T = new Template($template_dir);
$T->set_file('message', 'subscriber.thtml');
//$ad_type = ($adinfo['forsale'] == 1) ?
// $LANG['forsale'] : $LANG['wanted'];
//$ad_type = CLASSIFIEDS_getAdTypeString($adinfo['ad_type']);
$ad_type = AdType::GetDescription($adinfo['ad_type']);
$T->set_var('site_url', $_CONF['site_url']);
$T->set_var('site_name', $_CONF['site_name']);
$T->set_var('cat', CLASSIFIEDS_BreadCrumbs($cat), false);
$T->set_var('subject', $subject);
$T->set_var('description', $descript);
$T->set_var('username', COM_getDisplayName($row['uid']));
$T->set_var('ad_url', "{$_CONF['site_url']}/{$_CONF_ADVT['pi_name']}/index.php?mode=detail&id={$ad_id}");
$T->set_var('price', $price);
$T->set_var('ad_type', $ad_type);
$T->parse('output', 'message');
$message = $T->finish($T->get_var('output'));
COM_mail($name['email'], "{$LANG['new_ad_listing']} {$_CONF['site_name']}", $message, "{$_CONF['site_name']} <{$_CONF['site_mail']}>", true);
}
// update the ad's flag to indicate that a notification has been sent
@DB_query("\n UPDATE\n {$_TABLES['ad_ads']} \n SET\n sentnotify=1\n WHERE\n ad_id='{$ad_id}'\n ");
}
DB_query("INSERT INTO {$_TABLES['nxfile_access']} (catid,uid,view, upload, upload_direct, upload_ver, approval, admin) VALUES ('{$newcid}','{$uid}','1','1','1','1','1','1')");
if ($is_private_project_flag == 'N') {
DB_query("INSERT INTO {$_TABLES['nxfile_access']} (catid,grp_id, view, upload, upload_direct, upload_ver, approval, admin) VALUES ('{$newcid}','2','1','0','0','0','0','0')");
}
} else {
$errmsg = $catresult['1'];
}
}
// Create Discussion Board
if ($is_using_forum_flag == 'Y') {
DB_query("INSERT INTO {$_TABLES['gf_forums']} (forum_order,forum_name,forum_dscp,forum_cat,grp_id) VALUES ('0','{$name}','{$description}','{$_PRJCONF['forum_parent']}','2')");
$newfid = DB_insertId();
$uid = $_USER['uid'];
DB_query("UPDATE {$_TABLES['prj_projects']} SET fid={$newfid} WHERE pid={$lastid}");
$modquery = DB_query("SELECT * FROM {$_TABLES['gf_moderators']} WHERE mod_username='******'username']}' AND mod_forum='{$forumid}'");
if (DB_numrows($modquery) < 1) {
DB_query("INSERT INTO {$_TABLES['gf_moderators']} (mod_username,mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick) VALUES ('{$_USER['username']}', '{$forumid}','1','1','1','1','1')");
}
}
// Copy the Project Resources
$results1 = DB_query("SELECT uid FROM {$_TABLES['prj_users']} WHERE pid={$id}");
$nrows = DB_numRows($results1);
if ($nrows != "0") {
for ($i = 0; $i < $nrows; $i++) {
list($adduid) = DB_fetchArray($results1);
$currentuid = $_USER['uid'];
if ($adduid != $currentuid) {
DB_query("INSERT INTO {$_TABLES['prj_users']} (pid, uid, role) VALUES ({$lastid}, {$adduid}, 'r')");
if ($is_using_docmgmt_flag == 'Y') {
DB_query("INSERT INTO {$_TABLES['nxfile_access']} (catid,uid,view, upload, upload_direct, upload_ver, approval, admin) VALUES ('{$newcid}','{$adduid}','1','1','0','0','0','0')");
}
function AT_loadTags()
{
global $_TABLES, $_AM_CONF;
$A = array();
$sql = "SELECT * FROM {$_TABLES['autotags']} WHERE is_enabled = 1";
$result = DB_query($sql, 1);
$rows = DB_numrows($result);
$allow_php = $_AM_CONF['allow_php'] == 1 ? true : false;
for ($i = 0; $i < $rows; ++$i) {
$R = DB_fetchArray($result);
$isfunction = $R['is_function'] == 1 ? true : false;
if (!$isfunction or $isfunction and $allow_php) {
$A[$R['tag']] = $R;
}
}
return $A;
}
function prj_displayMyProjectTasks(&$blockPage)
{
global $_TABLES, $_CONF, $_USER, $_COOKIE, $subTaskImg, $progress, $priority, $strings, $labels, $_PRJCONF;
$limitbase = $_COOKIE['alltasksmin'];
if ($limitbase == '') {
$limitbase = 0;
}
$useThisTIDforAjax = 0;
$filterCSV = COM_applyFilter($_COOKIE['filterTasks']);
if ($blockPage == NULL or $blockPage == '') {
$blockPage = new block();
}
$block2 = new block();
if ($msg != "") {
require_once "includes/messages.php";
$blockPage->messagebox($msgLabel);
}
if (!isset($_USER['uid']) or $_USER['uid'] == "") {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
//my tasks
$blockPage->bornesNumber = "2";
$block2 = new block();
$block2->form = "taP";
$block2->openForm($_CONF['site_url'] . "/nexproject/index.php?" . "#" . $block2->form . "Anchor");
$headingTitle = $strings['my_tasks'];
$headingStatusArea = '<span id="ajaxstatus_tasks" class="pluginInfo" style="display:none"> </span>';
$block2->headingToggle($headingTitle, $headingStatusArea);
$block2->borne = $blockPage->returnBorne("2");
$block2->rowsLimit = $_PRJCONF['task_block_rows'];
$lim = $limitbase * $block2->rowsLimit;
echo '<!--startMyTasks-->';
echo '<div id="divMyTasks">';
$sql = "SELECT {$_TABLES['prj_tasks']}.tid FROM {$_TABLES['prj_tasks']}, {$_TABLES['prj_task_users']}, {$_TABLES['users']} ";
$sql .= "WHERE {$_TABLES['prj_task_users']}.uid={$uid} AND {$_TABLES['prj_task_users']}.tid={$_TABLES['prj_tasks']}.tid ";
$sql .= "AND {$_TABLES['prj_task_users']}.uid={$_TABLES['users']}.uid AND {$_TABLES['prj_task_users']}.uid={$uid} ";
$sql .= "AND {$_TABLES['prj_task_users']}.role='o' AND {$_TABLES['prj_tasks']}.status_id in (0,3) ";
$result = DB_query($sql);
$block2->recordsTotal = DB_numrows($result);
$lim = $limitbase * $block2->rowsLimit;
$sql = "SELECT {$_TABLES['prj_tasks']}.tid,{$_TABLES['prj_tasks']}.progress_id, {$_TABLES['prj_projects']}.name, ";
$sql .= "{$_TABLES['prj_tasks']}.priority_id, {$_TABLES['prj_tasks']}.name, {$_TABLES['prj_tasks']}.estimated_end_date, ";
$sql .= "{$_TABLES['prj_tasks']}.start_date, {$_TABLES['prj_tasks']}.pid FROM {$_TABLES['prj_tasks']}, ";
$sql .= "{$_TABLES['prj_task_users']}, {$_TABLES['users']}, {$_TABLES['prj_projects']} ";
$sql .= "WHERE {$_TABLES['prj_task_users']}.uid={$uid} AND {$_TABLES['prj_task_users']}.tid={$_TABLES['prj_tasks']}.tid ";
$sql .= "AND {$_TABLES['prj_task_users']}.uid={$_TABLES['users']}.uid AND {$_TABLES['prj_task_users']}.role='o' ";
$sql .= "AND {$_TABLES['prj_task_users']}.uid={$uid} AND {$_TABLES['prj_tasks']}.pid={$_TABLES['prj_projects']}.pid ";
$sql .= "AND {$_TABLES['prj_tasks']}.status_id in (0,3) ";
if ($filterCSV != '') {
$sql .= "AND {$_TABLES['prj_tasks']}.pid in ({$filterCSV})";
}
$sql .= " ORDER BY {$_TABLES['prj_tasks']}.estimated_end_date ";
$sql .= " LIMIT {$lim}, {$block2->rowsLimit} ";
$result = DB_query($sql, true);
$comptListTasks = DB_numrows($result);
if ($result == FALSE) {
//remove the filterCSV as there might be a cookie issue with it...
$sql = "SELECT {$_TABLES['prj_tasks']}.tid,{$_TABLES['prj_tasks']}.progress_id, {$_TABLES['prj_projects']}.name, ";
$sql .= "{$_TABLES['prj_tasks']}.priority_id, {$_TABLES['prj_tasks']}.name, {$_TABLES['prj_tasks']}.estimated_end_date, ";
$sql .= "{$_TABLES['prj_tasks']}.start_date, {$_TABLES['prj_tasks']}.pid FROM {$_TABLES['prj_tasks']}, ";
$sql .= "{$_TABLES['prj_task_users']}, {$_TABLES['users']}, {$_TABLES['prj_projects']} ";
$sql .= "WHERE {$_TABLES['prj_task_users']}.uid={$uid} AND {$_TABLES['prj_task_users']}.tid={$_TABLES['prj_tasks']}.tid ";
$sql .= "AND {$_TABLES['prj_task_users']}.uid={$_TABLES['users']}.uid AND {$_TABLES['prj_task_users']}.role='o' ";
$sql .= "AND {$_TABLES['prj_task_users']}.uid={$uid} AND {$_TABLES['prj_tasks']}.pid={$_TABLES['prj_projects']}.pid ";
$sql .= "AND {$_TABLES['prj_tasks']}.status_id in (0,3) ";
$sql .= " ORDER BY {$_TABLES['prj_tasks']}.estimated_end_date ";
$sql .= " LIMIT {$lim}, {$block2->rowsLimit} ";
$result = DB_query($sql);
$comptListTasks = DB_numrows($result);
}
if ($comptListTasks != "0") {
$block2->openResults(false);
$block2->labels($labels = array(0 => $strings["task"], 1 => $strings["priority"], 2 => $strings["project"], 3 => $strings["start_date"], 4 => $strings["estimated_end_date"]), "true");
for ($i = 0; $i < DB_numrows($result); $i++) {
list($tid, $idProgress, $projectname, $idPriority, $taskname, $estenddate, $startdate, $pid) = DB_fetchArray($result);
$full_projectname = $projectname;
$full_taskname = $taskname;
if (strlen($taskname) > 25) {
$taskname = substr($taskname, 0, 25) . "....";
}
if (strlen($projectname) > 20) {
$projectname = substr($projectname, 0, 20) . "....";
}
$block2->openRow();
//$block2->checkboxRow($pid);
$block2->cellProgress($progress[$idProgress]);
$block2->cellRow($blockPage->buildLink("{$_CONF['site_url']}/nexproject/viewproject.php?mode=view&id={$tid}", $taskname, "mytaskcontext", $full_taskname, '', $tid));
$block2->cellRow($priority[$idPriority]);
$block2->cellRow($blockPage->buildLink("{$_CONF['site_url']}/nexproject/viewproject.php?pid={$pid}", $projectname, "context", $full_projectname, $pid));
$block2->cellRow(strftime("%Y/%m/%d", $startdate));
$block2->cellRow(strftime("%Y/%m/%d", $estenddate));
$block2->closeRow();
}
$block2->closeResults();
$pages = intval($block2->recordsTotal / $block2->rowsLimit);
if (fmod($block2->recordsTotal, $block2->rowsLimit) > 0) {
$pages += 1;
}
if ($pages > 1) {
for ($pagecntr = 0; $pagecntr < $pages; $pagecntr++) {
echo '<span style="text-decoration:underline;cursor: hand" onclick=\'setCookie("alltasksmin","';
echo $pagecntr;
echo '","","");prj_getMyTasks("myprj_refresh", "' . $useThisTIDforAjax . '" )\'>';
if ($limitbase == $pagecntr) {
echo '<span style="color:red">';
echo $pagecntr + 1;
echo '</span>';
} else {
echo $pagecntr + 1;
}
echo '</span> ';
}
echo ' <span style="text-decoration:underline;cursor: hand" TITLE="Return to page 1" onclick=\'setCookie("alltasksmin","","","");prj_getMyTasks("myprj_refresh", "' . $useThisTIDforAjax . '" )\'>';
echo '<<</span>';
}
} else {
$block2->noresults();
}
echo '</div>';
echo '<!--endMyTasks-->';
echo '<input type=hidden name=pid value=' . $pid . '>';
$block2->closeToggle();
$block2->closeFormResults();
}
function board_add_forum_save()
{
global $_CONF, $_TABLES, $_USER, $_FF_CONF, $LANG_GF93;
$retval = false;
$statusText = array();
$numErrors = 0;
$category = isset($_POST['category']) ? COM_applyFilter($_POST['category'], true) : 0;
$name = isset($_POST['name']) ? $_POST['name'] : '';
$dscp = isset($_POST['dscp']) ? $_POST['dscp'] : '';
$is_readonly = isset($_POST['is_readonly']) ? COM_applyFilter($_POST['is_readonly'], true) : 0;
$is_hidden = isset($_POST['is_hidden']) ? COM_applyFilter($_POST['is_hidden'], true) : 0;
$no_newposts = isset($_POST['no_newposts']) ? COM_applyFilter($_POST['no_newposts'], true) : 0;
$privgroup = isset($_POST['privgroup']) ? COM_applyFilter($_POST['privgroup'], true) : 0;
$forum_order_id = isset($_POST['order']) ? COM_applyFilter($_POST['order'], true) : 0;
if ($privgroup == 0) {
$privgroup = 2;
}
$attachmentgroup = COM_applyFilter($_POST['attachmentgroup'], true);
if ($attachmentgroup == 0) {
$privgroup = 1;
}
if ($forum_order_id == 0) {
$forum_order = 0;
} else {
$forum_order = DB_getItem($_TABLES['ff_forums'], 'forum_order', 'forum_id=' . (int) $forum_order_id);
}
$order = $forum_order++;
// data validation
if (empty($name)) {
$statusText[] = $LANG_GF93['name_blank'];
$numErrors++;
}
if (MBYTE_strlen($name) > 70) {
$name = MBYTE_substr($name, 0, 70);
}
if (empty($dscp)) {
$statusText[] = $LANG_GF93['desc_blank'];
$numErrors++;
}
if ($numErrors == 0) {
$name = _ff_preparefordb($name, 'text');
$dscp = _ff_preparefordb($dscp, 'text');
$fields = 'forum_order,forum_name,forum_dscp,forum_cat,grp_id,is_readonly,is_hidden,no_newposts,use_attachment_grpid,rating_view,rating_post';
DB_query("INSERT INTO {$_TABLES['ff_forums']} ({$fields})\n VALUES ('{$order}','{$name}','{$dscp}','{$category}','{$privgroup}','{$is_readonly}','{$is_hidden}','{$no_newposts}',{$attachmentgroup},0,0)");
$query = DB_query("SELECT max(forum_id) FROM {$_TABLES['ff_forums']} ");
list($forumid) = DB_fetchArray($query);
$modquery = DB_query("SELECT * FROM {$_TABLES['ff_moderators']} WHERE mod_uid='{$_USER['uid']}' AND mod_forum='{$forumid}'");
if (DB_numrows($modquery) < 1) {
$fields = 'mod_uid,mod_username,mod_forum,mod_delete,mod_ban,mod_edit,mod_move,mod_stick';
DB_query("INSERT INTO {$_TABLES['ff_moderators']} ({$fields}) VALUES ('{$_USER['uid']}','{$_USER['username']}', '{$forumid}','1','1','1','1','1')");
}
reorderForums($category);
$retval = true;
$statusText[] = $LANG_GF93['forumadded'];
}
return array($retval, $statusText);
}
/**
* Gets everything a user has permissions to within the system
* This is part of the Geeklog security implementation. This function
* will get all the permissions the current user has. Calls itself recursively.
*
* @param int $grp_id DO NOT USE (Used for recursion) Current group function is working on
* @param int $uid User to check, if empty current user.
* @return string returns comma delimited list of features the user has access to
*/
function SEC_getUserPermissions($grp_id = '', $uid = '')
{
global $_TABLES, $_USER, $_SEC_VERBOSE, $_GROUPS;
$retval = '';
if ($_SEC_VERBOSE) {
COM_errorLog("**********inside SEC_getUserPermissions(grp_id={$grp_id})**********", 1);
}
// Get user ID if we don't already have it
if (empty($uid)) {
if (empty($_USER['uid'])) {
$uid = 1;
} else {
$uid = $_USER['uid'];
}
}
if (empty($_USER['uid']) && $uid == 1 || !empty($_USER['uid']) && $uid == $_USER['uid']) {
if (empty($_GROUPS)) {
$_GROUPS = SEC_getUserGroups($uid);
}
$groups = $_GROUPS;
} else {
$groups = SEC_getUserGroups($uid);
}
if (empty($groups)) {
// this shouldn't happen - make a graceful exit to avoid an SQL error
return '';
}
$glist = implode(',', $groups);
$result = DB_query("SELECT DISTINCT ft_name FROM {$_TABLES["access"]},{$_TABLES["features"]} " . "WHERE ft_id = acc_ft_id AND acc_grp_id IN ({$glist})");
$nrows = DB_numrows($result);
for ($j = 1; $j <= $nrows; $j++) {
$A = DB_fetchArray($result);
if ($_SEC_VERBOSE) {
COM_errorLog('Adding right ' . $A['ft_name'] . ' in SEC_getUserPermissions', 1);
}
$retval .= $A['ft_name'];
if ($j < $nrows) {
$retval .= ',';
}
}
return $retval;
}
$p->set_var('copy_template_icon', $copy_template_icon);
$p->set_var('copy_template_url', $copy_template_url);
$p->set_var('editNeedPrj_check', $useProject_check);
$p->set_var('export_template_icon', $export_template_icon);
$thisAppGroupID = DB_getItem($_TABLES['nf_template'], 'AppGroup', "id='{$templateId}'");
$appGroupDDL = nf_makeDropDownWithSelected('id', 'AppGroup', $_TABLES['nf_appgroups'], $thisAppGroupID, '', 1);
$p->set_var('editUseApp', $appGroupDDL);
$appGroupDDL = nf_makeDropDownWithSelected('id', 'AppGroup', $_TABLES['nf_appgroups'], '', '', 1);
$p->set_var('deleteAppGroup', $appGroupDDL);
//$p->set_var('copy_template_url',$copy_template_url);
//$p->set_var('copy_template_icon',$copy_template_icon);
$p->set_var('editname_link', $editname_link);
$p->set_var('LANG_DELCONFIRM', 'Are you sure you want to delete this definition?');
$sql = "SELECT * FROM {$_TABLES['nf_templatevariables']} WHERE nf_templateID='{$templateId}' ORDER BY id";
$query = DB_Query($sql);
$numrows = DB_numrows($query);
if ($numrows > 0) {
$j = 1;
$p->set_var('show_vars', '');
$p->set_var('vdivid', '');
while ($A = DB_fetchArray($query)) {
$edit_link = " [<a href=\"#\" onClick='ajaxUpdateTemplateVar(\"edit\",{$templateId},{$cntr},{$j});'>Edit</a> ]";
$del_link = " [<a href=\"#\" onClick='ajaxUpdateTemplateVar(\"delete\",{$templateId},{$cntr},{$j});'\">Delete</a> ]";
$p->set_var('variable_id', "[{$A['id']}]");
$p->set_var('variable_name', $A['variableName']);
$p->set_var('variable_value', $A['variableValue']);
$p->set_var('var_id', $j);
$p->set_var('edit_link', $edit_link);
$p->set_var('delete_link', $del_link);
if ($j == 1) {
$p->parse('template_variable_records', 'variable_rec');
