function change_issuer($Ticket_Number, $issuer) { global $GO_SECURITY, $hlpdsk_prefix, $prefix; $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'"); if (!$GO_SECURITY->user_in_acl($issuer, $acl_read)) { $GO_SECURITY->add_user_to_acl($issuer, $acl_read); } $last_issuer_uid = Ticket::get_ticket_issuer_uid($Ticket_Number); $new_issuer_uid = Security::sqlsecure($issuer); if ($last_issuer_uid != $new_issuer_uid) { $last_issuer = Security::get_uname($last_issuer_uid); $result = Ticket::change_issuer($Ticket_Number, $new_issuer_uid); $new_issuer = Security::get_uname($new_issuer_uid); $comment = "Ticket re-issued from \\'{$last_issuer}\\' to: \\'{$new_issuer}\\' "; add_task($Ticket_Number, $comment); notify_change($Ticket_Number, $comment); } }
function mod_globals($mod_varname = FALSE, $mod_definition = FALSE, $mod_action = "show_form") { global $prefix, $hlpdsk_prefix, $tts, $name, $cmdOk, $admin_tabtable; switch ($mod_action) { case "update": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "update {$prefix}{$hlpdsk_prefix}_config set definition='{$mod_definition}' where varname='{$mod_varname}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; case "insert": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "insert into {$prefix}{$hlpdsk_prefix}_config (varname,definition) values ('{$mod_varname}','{$mod_definition}')"; #echo "$query";exit(); if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; case "delete": if ($mod_varname) { $mod_varname = Security::sqlsecure($mod_varname); $mod_definition = Security::sqlsecure($mod_definition); $query = "delete from {$prefix}{$hlpdsk_prefix}_config where varname='{$mod_varname}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; } $response = "<form action=\"admin.php?admin_tabtable={$admin_tabtable}&func=mod_globals\" method=POST>"; $response .= "<table border=1><tr>"; $response .= "<td><font class=content>varname<input name=mod_varname type=text></td>"; $response .= "<td><font class=content>definition<textarea name=mod_definition style=\"HEIGHT: 145px; WIDTH: 500px\"></textarea></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>" . "<td><font class=content>modify<input name=mod_action type=radio value=\"update\" checked></td>"; $response .= "</tr></table>"; $button = new button(); $button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();"); $response .= $button_submit . "</form>"; return $response; }
} $my_ticket->due_date = $due_date; $my_ticket->end_date = $end_date; $my_ticket->post_date = $post_date; $my_ticket->change_date = $change_date; if (isset($_POST['complete'])) { $my_ticket->complete = Security::sqlsecure($_POST['complete']); } if (isset($_POST['t_priv_msg'])) { $my_ticket->notify_priv_msg = Security::sqlsecure($_POST['t_priv_msg']); } if (isset($_POST['t_email'])) { $my_ticket->notify_email = Security::sqlsecure($_POST['t_email']); } if (isset($_POST['project_id'])) { $my_ticket->project_id = Security::sqlsecure($_POST['project_id']); } $acl_read = $GO_SECURITY->get_new_acl('ticket read'); $acl_write = $GO_SECURITY->get_new_acl('ticket write'); $my_ticket->acl_read = $acl_read; $my_ticket->acl_write = $acl_write; $GO_SECURITY->add_user_to_acl($GO_SECURITY->user_id, $acl_read); $GO_SECURITY->add_user_to_acl($my_ticket->assigned_id, $acl_write); $my_ticket->sql_insert(); $Ticket_Number = $my_ticket->ticket_nr; $textmenu = menu("Show_Tickets", ''); eval($textmenu); $tabtable = new tabtable('newticket_tabtable', 'Adding new ticket ...', '100%', '400'); $tabtable->print_head(); $statusbar = new statusbar(); $statusbar->info_text = "Adding new ticket";
function querydb($extra_condition = "") { global $agent, $t_showall, $search, $strtosearch, $orderby, $name, $tts, $prefix, $hlpdsk_prefix, $limit, $limit_rows, $search_status, $submit, $temptime, $hlpdsk_theme, $field, $filter_field, $filter_value, $show_hidden, $hidden_check, $GO_SECURITY; $querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets "; if ($limit == "") { $limit = 0; } if ($limit_rows == "") { $limit_rows = -1; } $query_limit = " limit {$limit},{$limit_rows} "; $query_condition = "where 1 {$extra_condition}"; $strtosearch = Security::sqlsecure($strtosearch); if (isset($submit)) { $search = 1; if ($field) { $field = Security::sqlsecure($field); $query_condition .= " and ( {$field}='{$strtosearch}')"; } else { $array_to_search = split(" ", $strtosearch); $query_condition .= " and ( "; foreach ($array_to_search as $to_search) { $query_condition .= " (t_subject like '%{$to_search}%' or t_description like '%{$to_search}%') and"; } $query_condition = substr($query_condition, 0, -3); $query_condition .= " ) "; } } if (is_array($search_status)) { $search_condition = ''; foreach (array_keys($search_status) as $check_key) { $search_condition .= "t_status={$check_key} "; } # show only open tickets if (trim($search_condition) != "") { $query_condition .= " and (" . str_replace(" ", " or ", trim($search_condition)) . ")"; } } if ($show_hidden == 'on') { } else { $query_condition .= " and t_stage=1 "; } if ($strtosearch) { $search_uid = Security::get_uid("{$strtosearch}"); } else { $search_uid = ""; } if ($search_uid != "") { $query_condition = "where 1 and (t_assigned='{$search_uid}' or t_from='{$search_uid}') "; } # FILTERS if (isset($filter_field)) { foreach ($filter_field as $key => $value) { $query_condition .= " and ( {$value}='{$filter_value[$key]}') "; } } # END OF SEARCH CONDITIONS if (strcmp($orderby, "")) { $query_order_by = " {$orderby} DESC"; } else { $query_order_by = " order by Ticket_Number DESC"; } # $response_raw[0]['querytext'] = $querytext . $query_condition . $query_order_by . $query_limit; $tts->query($response_raw[0]['querytext']); $response_raw[0]['recordcount'] = $tts->num_rows(); $response_raw[0]['querytotal'] = $response_raw[0]['recordcount']; if ($response_raw[0]['recordcount'] == 0) { return serialize($response_raw); } $row = 1; if (Security::is_action_allowed("view_all_tickets")) { $tts->query($response_raw[0]['querytext']); while ($tts->next_record()) { $response_raw[$row]['ticket_number'] = $tts->f('ticket_number'); $response_raw[$row]['t_status'] = $tts->f('t_status'); $response_raw[$row]['t_priority'] = $tts->f('t_priority'); $response_raw[$row]['t_from'] = $tts->f('t_from'); $response_raw[$row]['t_subject'] = $tts->f('t_subject'); $response_raw[$row]['t_assigned'] = $tts->f('t_assigned'); $response_raw[$row]['t_stage'] = $tts->f('t_stage'); $response_raw[$row]['t_category'] = $tts->f('t_category'); $response_raw[$row]['post_date'] = $tts->f('post_date'); $response_raw[$row]['due_date'] = $tts->f('due_date'); $response_raw[$row]['end_date'] = $tts->f('end_date'); $response_raw[$row]['complete'] = $tts->f('complete'); $response_raw[$row]['change_date'] = $tts->f('change_date'); $response_raw[$row]['activity_id'] = $tts->f('activity_id'); $response_raw[$row]['project_id'] = $tts->f('project_id'); $row++; } } else { $tts->query($response_raw[0]['querytext']); while ($tts->next_record()) { if ($GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_read')) or $GO_SECURITY->user_in_acl(whoami(), $tts->f('acl_write'))) { $response_raw[$row]['ticket_number'] = $tts->f('ticket_number'); $response_raw[$row]['t_status'] = $tts->f('t_status'); $response_raw[$row]['t_priority'] = $tts->f('t_priority'); $response_raw[$row]['t_from'] = $tts->f('t_from'); $response_raw[$row]['t_subject'] = $tts->f('t_subject'); $response_raw[$row]['t_assigned'] = $tts->f('t_assigned'); $response_raw[$row]['t_stage'] = $tts->f('t_stage'); $response_raw[$row]['t_category'] = $tts->f('t_category'); $response_raw[$row]['post_date'] = $tts->f('post_date'); $response_raw[$row]['due_date'] = $tts->f('due_date'); $response_raw[$row]['end_date'] = $tts->f('end_date'); $response_raw[$row]['complete'] = $tts->f('complete'); $response_raw[$row]['change_date'] = $tts->f('change_date'); $response_raw[$row]['activity_id'] = $tts->f('activity_id'); $response_raw[$row]['project_id'] = $tts->f('project_id'); $row++; } else { continue; } } } $response_raw[0]['recordcount'] = --$row; $response_raw[0]['querytotal'] = $response_raw[0]['recordcount']; return serialize($response_raw); }
function change_activity_id($Ticket_Number, $activity_id) { global $tts, $user, $name, $prefix, $hlpdsk_prefix; $activity_id = Security::sqlsecure($activity_id); $Ticket_Number = Security::sqlsecure($Ticket_Number); $query = "update {$prefix}{$hlpdsk_prefix}_tickets set activity_id='{$activity_id}' where ticket_number='{$Ticket_Number}'"; if ($tts->query($query)) { return TRUE; } else { return FALSE; } }
function showrecords() { global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE; require $GO_LANGUAGE->get_language_file('opentts'); $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'"); $acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'"); if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) { $query_condition = " "; } else { $query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')"; } $querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} "; $tts->query($querytext); $recordcount = $tts->num_rows(); $row = 0; if ($recordcount = 0) { return 'missing'; } while ($tts->next_record()) { $post_date = $tts->f('post_date'); $due_date = $tts->f('due_date'); $end_date = $tts->f('end_date'); $complete = $tts->f('complete'); $t_from = $tts->f('t_from'); $t_stage = $tts->f('t_stage'); $t_category = $tts->f('t_category'); $t_priority = $tts->f('t_priority'); $t_subject = htmlspecialchars($tts->f('t_subject')); $t_description = htmlspecialchars($tts->f('t_description')); #$t_description=str_replace("\n"," <br> ",$t_description); $t_assigned = $tts->f('t_assigned'); $t_email = $tts->f('t_email'); $t_sms = $tts->f('t_sms'); $t_status = $tts->f('t_status'); $change_date = htmlspecialchars($tts->f('change_date')); $activity_id = $tts->f('activity_id'); $project_id = $tts->f('project_id'); $due_date = date("Y/m/d H:i", $due_date); $end_date = date("Y/m/d H:i", $end_date); $action_changes = $javascript; if ($t_sms == "on") { $t_sms = " CHECKED"; } if ($t_email == "on") { $t_email = " CHECKED"; } if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) { $button = new button(); $action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()"); $action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()"); } else { $action_changes .= ''; } $action_changes .= "</form></center>"; $tts_lang_ticket_number = "Ticket Number:"; $tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date); $fullname = opentts::get_fullname($t_from); if (Security::is_action_allowed("imperson", 0, $acl_write)) { $select = new select('user', 'change_status', 't_from', $t_from); $tts_lang_issuer = $select->get_link("{$tts_lang_issuer}"); $tts_lang_issuer_value = $select->get_field(); } else { $tts_lang_issuer_value = "{$fullname}"; } $stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'")); $category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'")); $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>"; $t_assigned_name = Security::whatsmyname($t_assigned); if (Security::is_action_allowed("change_subject", 0, $acl_write)) { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>"; } else { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>"; } $tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>"; $tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date); $tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>"; $post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">"; if (Security::is_action_allowed("change_project", 0, $acl_write)) { $project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id")); $tts_lang_project_value = "{$project_name}"; } else { $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $tts_lang_project_value = "{$project_name}"; } $fullname = opentts::get_fullname($t_assigned); if (Security::is_action_allowed("change_assigned", 0, $acl_write)) { $select = new select('user', 'change_status', 't_assigned', $t_assigned); $tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}"); $tts_lang_assign_to_value = $select->get_field(); } else { $tts_lang_assign_to_value = "{$fullname}"; } if (Security::is_action_allowed("change_end_date", 0, $acl_write)) { $time = strtotime($end_date); #$end_date_d_m_y=date("Y/m/d",$time); $end_date_h = date("H", $time); $end_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $end_date .= '<td>'; $end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i); if ($htmldirection == 'rtl') { $end_date .= "{$end_date_i_value}:{$end_date_h_value}"; } else { $end_date .= "{$end_date_h_value}:{$end_date_i_value}"; } $tts_lang_end_date_value = "{$end_date} "; } else { $tts_lang_end_date_value = "{$end_date}"; } if (Security::is_action_allowed("change_complete", 0, $acl_write)) { $_PERCENTAGE_COMPLETE_VALUE = select_option("{$complete}", "{$select_complete}"); } else { $_PERCENTAGE_COMPLETE_VALUE = "{$complete} %"; } if (Security::is_action_allowed("change_due_date", 0, $acl_write)) { $time = strtotime($due_date); $due_date_d_m_y = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date_h = date("H", $time); $due_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today, '', '', 'onchange="javascript:document.change_status.end_date_d_m_y.value=this.value;"'); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $due_date .= '<td>'; $due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"'); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"'); if ($htmldirection == 'rtl') { $due_date .= "{$due_date_i_value}:{$due_date_h_value}"; } else { $due_date .= "{$due_date_h_value}:{$due_date_i_value}"; } $tts_lang_due_date_value = "{$due_date} "; } else { $tts_lang_due_date_value = "{$tts_lang_due_date}{$due_date}"; } if (Security::is_action_allowed("change_activity", 0, $acl_write)) { $activity = select_option("{$activity_id}", fill_select("activity_id", "{$prefix}{$hlpdsk_prefix}_activities", "activity_id", "activity_name", " ")); $tts_lang_activity_value = "<br>{$activity} "; } else { $tts_lang_activity_value = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", "where activity_id='{$activity_id}'")); } if (Security::is_action_allowed("change_status", 0, $acl_write)) { $t_status_sel = select_option("{$t_status}", fill_select("t_status", "{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name", " ")); $tts_lang_status_value = "<br>{$t_status_sel}"; } else { $status_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_status", "status_name", " where status_id='{$t_status}'")); $tts_lang_status_value = "{$status_name}"; } if (Security::is_action_allowed("change_priority", 0, $acl_write)) { $t_priorities = select_option("{$t_priority}", fill_select("t_priority", "{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name", " ")); $tts_lang_priority_value = "{$t_priorities}<br>"; } else { $t_priority_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_priorities", "priority_name", " where priority_id={$t_priority}")); $tts_lang_priority_value = "{$t_priority_name}"; } if (Security::is_action_allowed("change_category", 0, $acl_write)) { $t_category = select_option("{$t_category}", fill_select("t_category", "{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name", " ")); $tts_lang_category_value = "{$t_category}<br>"; } else { $tts_lang_category_value = "{$category_name}"; } if (Security::is_action_allowed("change_stage", 0, $acl_write)) { $t_stage = select_option("{$t_stage}", fill_select("t_stage", "{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name", " ")); $tts_lang_stage_value = "<br>{$t_stage}<br>"; } else { $tts_lang_stage_value = Security::htmlsecure("{$stage_name}"); } $mailto_subject = "?subject=" . addslashes("Ticket Task {$Ticket_Number}: ") . addslashes($t_subject); $mailto_body = "&body=" . addslashes("Ticket/Task: {$Ticket_Number} / ") . addslashes($t_description); $mailto = $mailto_subject . $mailto_body; $tts_lang_mail_this = "<a href=\"mailto:{$mailto}\">Send email</a>"; $tts_lang_estimated_time = $_MONEY = ''; $tts_lang_mail_this = ""; $file = "themes/{$hlpdsk_theme}/showline_ticket.html"; $file = addslashes(implode("", file($file))); eval("\$content=stripslashes(\" {$file}\");"); echo $content; $row++; } }
function set_default_agent($uid) { global $tts, $prefix, $hlpdsk_prefix, $name; $uid = Security::sqlsecure($uid); $query = "update {$prefix}{$hlpdsk_prefix}_groups_members set uid_default=0 where gid=2"; if ($tts->query($query, $tts)) { $query = "update {$prefix}{$hlpdsk_prefix}_groups_members set uid_default=1 where gid=2 and uid='{$uid}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; }
function get_task_assigned($ticket_number) { global $prefix, $hlpdsk_prefix; $ticket_number = Security::sqlsecure($ticket_number); return get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", "t_assigned", " where ticket_number='{$ticket_number}'"); }