return;
}
$file = (string) clean_output(get_parameter("file"));
if ($file) {
$file_path = $config["homedir"] . "/" . "attachment/downloads/" . $file;
$result["status"] = unlink($file_path);
}
echo json_encode($result);
return;
}
}
$delete_btn = get_parameter("delete_btn", 0);
// File deletion
// ==================
if ($delete_btn) {
$location = clean_output(get_parameter("location", ""));
$file_path = $config["homedir"] . "/" . "attachment/downloads/" . $location;
unlink($file_path);
$_GET["create"] = 1;
}
// Database UPDATE
// ==================
if (isset($_GET["update2"])) {
// if modified any parameter
if (give_acl($config["id_user"], 0, "FRW") != 1) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to update a download without privileges");
require "general/noaccess.php";
exit;
}
$id = get_parameter("id", "");
if ($id != "" && !check_fr_item_accessibility($config["id_user"], $id)) {
/**
* Returns a single string with HTML characters decoded
*
* $input string Input string
*/
function ascii_output($string)
{
return clean_output($string);
}
$report = get_db_row ('tinventory_reports', 'id', $id);
if ($report === false)
return;
ini_set ("memory_limit", "3072M");
ini_set ("max_execution_time", 600);
echo "<h2>".__('Custom report')."</h2>";
echo "<h4>".$report['name'];
echo "<div id='button-bar-title'><ul>";
echo "<li><a href='index.php?sec=projects&sec2=operation/inventories/inventory_reports'>".print_image ("images/flecha_volver.png", true, array("title" => __("Back to Report")))."</a></li>";
echo "</ul></div>";
echo "</h4>";
$config['mysql_result_type'] = MYSQL_ASSOC;
$rows = get_db_all_rows_sql (clean_output ($report['sql']));
if ($rows === false)
return;
//count $row chunk
$row_chunk_cont = count(array_chunk($rows[0], 10));
//keys $row chunk
$row_chunk_keys = array_chunk(array_keys($rows[0]), 10);
$table = array();
for($i=0; $i < $row_chunk_cont; $i++){
$table[$i][] = $row_chunk_keys[$i];
foreach ($rows as $row) {
$row_chunk = array_chunk($row, 10);
$table[$i][] = $row_chunk[$i];
function printEdit()
{
$id_comment = $this->getDataInt('id_comment', 0);
echo '<input type="hidden" name="edit_comment" value="1" />' . "\n";
echo '<input type="hidden" name="id_expense" value="' . $this->getDataInt('id_expense') . '" />' . "\n";
if ($id_comment) {
echo "<!-- id_comment = {$id_comment} -->\n";
echo '<input type="hidden" name="id_comment" value="' . $id_comment . '" />' . "\n";
}
echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n";
echo '<tr>';
echo "<td>" . f_err_star('comment') . _Ti('expense_input_comment') . "</td>\n";
echo '<td><textarea name="comment" id="input_expense_comment" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('comment')) . "</textarea>\n" . "</td>\n";
echo "</tr>\n";
echo "</table>\n";
}
die("Error seeking position {$list_pos} in the result");
}
}
$headers = array();
$headers[0]['title'] = _Th('person_input_name');
$headers[0]['order'] = 'order_title';
$headers[0]['default'] = 'ASC';
show_list_start($headers);
// Process the output of the query
for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) {
// Show report title
echo "<tr><td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>";
if (true) {
echo '<a href="rep_det.php?rep=' . $row['id_report'] . '" class="content_link">';
}
echo highlight_matches(clean_output(remove_number_prefix($row['title'])), $find_rep_string);
if (true) {
echo '</a>';
}
echo "</td>\n";
echo "</tr>\n";
}
show_list_end($list_pos, $number_of_rows);
echo '<p><a href="edit_rep.php?rep=0" class="create_new_lnk">' . _T('rep_button_new') . "</a></p>\n";
//
// Custom reports (plugins)
//
$custom_reports = array();
$handle = opendir("inc/config/custom/reports");
while (($f = readdir($handle)) != '') {
if (is_file("inc/config/custom/reports/" . $f)) {
function printEdit()
{
global $prefs;
$admin = allowed($this->getDataInt('id_case'), 'a');
// FIXME
$edit = allowed($this->getDataInt('id_case'), 'e');
// FIXME
$write = allowed($this->getDataInt('id_case'), 'w');
// FIXME (put in constructor)
// FIXME: not sure whether this works as previously
$dis = isDisabled(!($admin || $edit));
echo '<table class="tbl_usr_dtl" width="99%">' . "\n";
echo '<tr><td>';
echo f_err_star('date_start') . _T('fu_input_date_start');
echo "</td>\n";
echo "<td>";
$name = $admin || $edit ? 'start' : '';
echo get_date_inputs($name, $this->data['date_start'], false);
echo ' ' . _T('time_input_time_at') . ' ';
echo get_time_inputs($name, $this->data['date_start']);
echo "</td>\n";
echo "</tr>\n";
echo "<tr><td>";
echo f_err_star('date_end') . ($prefs['time_intervals'] == 'absolute' ? _T('fu_input_date_end') : _T('fu_input_time_length'));
echo "</td>\n";
echo '<td>';
if ($prefs['time_intervals'] == 'absolute') {
// Buggy code, so isolated most important cases
if ($this->data['id_followup'] == 0) {
$name = 'end';
} elseif ($edit) {
$name = 'end';
} else {
// user can 'finish' entering data
$name = $admin || $edit && $this->data['date_end'] == '0000-00-00 00:00:00' ? 'end' : '';
}
echo get_date_inputs($name, $this->data['date_end']);
echo ' ';
echo _T('time_input_time_at') . ' ';
echo get_time_inputs($name, $this->data['date_end']);
} else {
$name = '';
// Buggy code, so isolated most important cases
if ($this->getDataInt('id_followup') == 0) {
$name = 'delta';
} elseif ($edit) {
$name = 'delta';
} else {
// user can 'finish' entering data
$name = $admin || $edit && $this->getDataString('date_end') == '0000-00-00 00:00:00' ? 'delta' : '';
}
if (empty($_SESSION['errors'])) {
$interval = $this->getDataString('date_end') != '0000-00-00 00:00:00' ? strtotime($this->getDataString('date_end')) - strtotime($this->getDataString('date_start')) : 0;
echo get_time_interval_inputs($name, $interval);
} else {
echo get_time_interval_inputs_from_array($name, $this->data);
}
}
echo "</td>\n";
echo "</tr>\n";
// Show 'conclusion' options
if ($this->show_conclusion) {
$kws_conclusion = get_keywords_in_group_name('conclusion');
$kws_result = get_keywords_in_group_name('_crimresults');
echo "<tr>\n";
echo "<td>" . _Ti('fu_input_conclusion') . "</td>\n";
echo '<td>';
// Result
if (read_meta('case_result') == 'yes') {
echo '<select ' . $dis . ' name="result" size="1" class="sel_frm">' . "\n";
$default = '';
if ($this->data['result']) {
$default = $this->data['result'];
}
foreach ($kws_result as $kw) {
$sel = isSelected($kw['name'] == $default);
echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
echo "</select><br/>\n";
}
// Conclusion
echo '<select ' . $dis . ' name="conclusion" size="1" class="sel_frm">' . "\n";
$default = '';
if ($this->data['conclusion']) {
$default = $this->data['conclusion'];
}
foreach ($kws_conclusion as $kw) {
$sel = isSelected($kw['name'] == $default);
echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
echo "</select>\n";
echo "</td>\n";
echo "</tr>\n";
// If guilty, what sentence?
$kws_sentence = get_keywords_in_group_name('sentence');
echo "<tr>\n";
echo "<td>" . _Ti('fu_input_sentence') . "</td>\n";
echo '<td>';
echo '<select ' . $dis . ' name="sentence" size="1" class="sel_frm">' . "\n";
$default = '';
if ($this->data['sentence']) {
$default = $this->data['sentence'];
}
echo "<!-- " . $default . " -->\n";
foreach ($kws_sentence as $kw) {
$sel = $kw['name'] == $default ? ' selected="selected"' : '';
echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title']), array('currency' => read_meta('currency'))) . "</option>\n";
}
echo "</select>\n";
// If sentence, for how much?
echo '<input type="text" name="sentence_val" size="10" value="' . $this->data['sentence_val'] . '" />';
echo "</td>\n";
echo "</tr>\n";
}
if (_request('submit') == 'set_status' || is_status_change($this->getDataString('type'))) {
// Change status
echo "<tr>\n";
echo "<td>" . _T('case_input_status') . "</td>\n";
echo "<td>";
echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n";
echo _T('kw_followups_' . $this->data['type'] . '_title');
echo "</td>\n";
echo "</tr>\n";
} elseif (_request('submit') == 'set_stage' || $this->getDataString('type') == 'stage_change') {
// Change stage
echo "<tr>\n";
echo "<td>" . _T('fu_input_next_stage') . "</td>\n";
echo "<td>";
echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n";
// This is to compensate an old bug, when 'case stage' was not stored in fu.description
// and therefore editing a follow-up would not give correct information.
// Bug was in CVS of 0.4.3 between 19-20 April 2005. Should not affect many people.
if ($s = $this->getDataString('new_stage')) {
echo '<input type="hidden" name="new_stage" value="' . $s . '" />' . "\n";
echo _Tkw('stage', $s);
} else {
echo "New stage information not available";
}
echo "</td>\n";
echo "</tr>\n";
if ($s = $this->getDataString('new_stage')) {
// Update stage keywords (if any)
$stage = get_kw_from_name('stage', $s);
$id_stage = $stage['id_keyword'];
show_edit_keywords_form('stage', $this->data['id_case'], $id_stage);
}
} elseif ($this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment') {
// Do not allow assignment/un-assignment follow-ups to be changed
echo "<tr>\n";
echo "<td>" . _T('fu_input_next_stage') . "</td>\n";
echo "<td>";
echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n";
echo _Tkw('followups', $this->getDataString('type'));
echo "</td>\n";
echo "</tr>\n";
} else {
// The usual follow-up
echo "<tr>\n";
echo "<td>" . _T('fu_input_type') . "</td>\n";
echo "<td>";
echo '<select ' . $dis . ' name="type" size="1" class="sel_frm">' . "\n";
$default_fu = get_suggest_in_group_name('followups');
$futype_kws = get_keywords_in_group_name('followups');
$kw_found = false;
foreach ($futype_kws as $kw) {
$sel = isSelected($kw['name'] == $default_fu);
if ($sel) {
$kw_found = true;
}
echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
// Exotic case where the FU keyword was hidden by the administrator,
// but an old follow-up using that keyword is being edited.
if (!$kw_found) {
echo '<option selected="selected" value="' . $default_fu . '">' . _Tkw('followups', $default_fu) . "</option>\n";
}
echo "</select>\n";
echo "</td>\n";
echo "</tr>\n";
}
// Keywords (if any)
show_edit_keywords_form('followup', $this->getDataInt('id_followup'));
// Description
echo "<tr>\n";
echo '<td valign="top">' . f_err_star('description') . _T('fu_input_description') . "</td>\n";
echo '<td>';
if ($this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment') {
// Do not allow edit of assignment
echo '<input type="hidden" name="description" value="' . $this->getDataString('description') . '" />' . "\n";
echo get_fu_description($this->data);
} else {
echo '<textarea ' . $dis . ' name="description" rows="15" cols="60" class="frm_tarea">';
echo clean_output($this->getDataString('description'));
echo "</textarea>";
}
echo "</td></tr>\n";
// Sum billed field
if ($this->show_sum_billed == "yes") {
echo '<tr>';
echo '<td>' . _T('fu_input_sum_billed') . "</td>\n";
echo '<td>';
echo '<input ' . $dis . ' name="sumbilled" ' . 'value="' . clean_output($this->getDataString('sumbilled')) . '" ' . 'class="search_form_txt" size="10" />';
// [ML] If we do this we may as well make a function
// out of it, but not sure where to place it :-)
// This code is also in config_site.php
$currency = read_meta('currency');
if (empty($currency)) {
$current_lang = $GLOBALS['lang'];
$GLOBALS['lang'] = read_meta('default_language');
$currency = _T('currency_default_format');
$GLOBALS['lang'] = $current_lang;
}
echo htmlspecialchars($currency);
echo "</td></tr>\n";
}
echo "</table>\n\n";
// XXX FIXME: Should probably be in some function "is_system_fu"
// or even "is_deletable"
if ($this->getDataInt('id_followup') && allowed($this->data['id_case'], 'a') && !(is_status_change($this->data['type']) || $this->data['type'] == 'assignment' || $this->data['type'] == 'unassignment')) {
$checked = $this->getDataString('hidden') == 'Y' ? ' checked="checked" ' : '';
echo '<p class="normal_text">';
echo '<input type="checkbox"' . $checked . ' name="delete" id="box_delete" />';
echo '<label for="box_delete">' . _T('fu_info_delete') . '</label>';
echo "</p>\n";
}
// Add followup appointment
if (!_request('followup')) {
echo "<!-- Add appointment? -->\n";
echo '<p class="normal_text">';
echo '<input type="checkbox" name="add_appointment" id="box_new_app" onclick="display_block(\'new_app\', \'flip\')" />';
echo '<label for="box_new_app">' . _T('fu_info_add_future_activity') . '</label>';
echo "</p>\n";
echo '<div id="new_app" style="display: none;">';
echo '<table class="tbl_usr_dtl" width="99%">' . "\n";
echo "<!-- Start time -->\n\t\t<tr><td>";
echo _T('time_input_date_start');
echo "</td><td>";
echo get_date_inputs('app_start', $this->data['app_start_time'], false);
echo ' ' . _T('time_input_time_at') . ' ';
echo get_time_inputs('app_start', $this->data['app_start_time']);
echo f_err_star('app_start_time');
echo "</td></tr>\n";
echo "<!-- End time -->\n\t\t<tr><td>";
echo $prefs['time_intervals'] == 'absolute' ? _T('time_input_date_end') : _T('app_input_time_length');
echo "</td><td>";
if ($prefs['time_intervals'] == 'absolute') {
echo get_date_inputs('app_end', $this->data['app_end_time']);
echo ' ' . _T('time_input_time_at') . ' ';
echo get_time_inputs('app_end', $this->data['app_end_time']);
echo f_err_star('app_end_time');
} else {
$interval = $this->data['app_end_time'] != '0000-00-00 00:00:00' ? strtotime($this->data['app_end_time']) - strtotime($this->data['app_start_time']) : 0;
// echo _T('calendar_info_time') . ' ';
echo get_time_interval_inputs('app_delta', $interval);
echo f_err_star('app_end_time');
}
echo "</td></tr>\n";
/* [ML] Removing, not useful for now
echo "<!-- Reminder -->\n\t\t<tr><td>";
echo (($prefs['time_intervals'] == 'absolute') ? _T('app_input_reminder_time') : _T('app_input_reminder_offset'));
echo "</td><td>";
if ($prefs['time_intervals'] == 'absolute') {
echo get_date_inputs('app_reminder', $this->data['app_reminder']);
echo ' ' . _T('time_input_time_at') . ' ';
echo get_time_inputs('app_reminder', $this->data['app_reminder']);
echo f_err_star('app_reminder');
} else {
$interval = ( ($this->data['app_end_time']!='0000-00-00 00:00:00') ?
strtotime($this->data['app_start_time']) - strtotime($this->data['app_reminder']) : 0);
// echo _T('calendar_info_time') . ' ';
echo get_time_interval_inputs('app_rem_offset', $interval);
echo " " . _T('time_info_before_start');
echo f_err_star('app_reminder');
}
echo "</td></tr>\n";
*/
// TODO: [ML] a bit of testing to see if this survives an error on new case
// I suspect it doesn't..
echo "<!-- Appointment title -->\n\t\t<tr><td>";
echo f_err_star('app_title') . _T('app_input_title');
echo "</td><td>";
echo '<input type="text" ' . $dis . ' name="app_title" size="50" value="';
echo clean_output($this->getDataString('app_title')) . '" class="search_form_txt" />';
echo "</td></tr>\n";
echo "<!-- Appointment type -->\n\t\t<tr><td>";
echo _T('app_input_type');
echo "</td><td>";
echo '<select ' . $dis . ' name="app_type" size="1" class="sel_frm">';
global $system_kwg;
if ($_SESSION['fu_app_data']['type']) {
$default_app = $_SESSION['fu_app_data']['type'];
} else {
$app_kwg = get_kwg_from_name('appointments');
$default_app = $app_kwg['suggest'];
}
$opts = array();
foreach ($system_kwg['appointments']['keywords'] as $kw) {
$opts[$kw['name']] = _T(remove_number_prefix($kw['title']));
}
asort($opts);
foreach ($opts as $k => $opt) {
$sel = isSelected($k == $default_app);
echo "<option value='{$k}'{$sel}>{$opt}</option>\n";
}
echo '</select>';
echo "</td></tr>\n";
echo "<!-- Appointment description -->\n";
echo "<tr><td valign=\"top\">";
echo _T('app_input_description');
echo "</td><td>";
echo '<textarea ' . $dis . ' name="app_description" rows="5" cols="60" class="frm_tarea">';
echo clean_output($this->getDataString('app_description'));
echo '</textarea>';
echo "</td></tr>\n";
echo "</table>\n";
echo "</div>\n";
}
}
ui_print_error_message(__('Ticket not found'));
exit;
}
// GET ACTION PARAMETERS
$upload_file = get_parameter('upload_file');
$add_workunit = get_parameter('add_workunit');
// ACTIONS
if($upload_file) {
$filename = get_parameter('upfile');
$file_description = get_parameter('description',__('No description available'));
$file_temp = sys_get_temp_dir()."/$filename";
$result = attach_incident_file ($incident_id, clean_output($file_temp), $file_description);
echo $result;
$active_tab = 'files';
}
if($add_workunit) {
$note = get_parameter('note');
$public = 1;
$timeused = "0.05";
$result = create_workunit ($incident_id, $note, $config["id_user"], $timeused, 0, "", $public, 0);
if($result) {
ui_print_success_message(__('Workunit added'));
}
// TRAD
echo ": " . $rep_specs->getDescription() . "</p>\n";
}
echo "<fieldset class=\"info_box\">\n";
echo "<form action='upd_rep.php' method='post'>\n";
if ($_SESSION['form_data']['filecustom']) {
echo '<input type="hidden" name="filecustom" value="' . $_SESSION['form_data']['filecustom'] . '" />' . "\n";
}
if ($_SESSION['form_data']['id_report']) {
echo "<strong>" . _Ti('rep_input_id') . "</strong> " . $_SESSION['form_data']['id_report'] . "\n\t\t<input type=\"hidden\" name=\"id_report\" value=\"" . $_SESSION['form_data']['id_report'] . "\">\n";
// [ML] echo " | \n";
}
// Title of report
echo "<p>" . f_err_star('title') . "<strong>" . _Ti('rep_input_title') . "</strong><br />";
echo '<input name="title" value="' . clean_output($_SESSION['form_data']['title']) . '" class="search_form_txt"></p>' . "\n";
// Description
echo '<p>' . "<strong>" . _Ti('rep_input_description') . "</strong><br />\n";
echo '<textarea name="description" rows="5" cols="40" class="frm_tarea">';
echo $_SESSION['form_data']['description'];
echo "</textarea></p>\n";
// Notes
echo '<p>' . "<strong>" . _Ti('rep_input_notes') . "</strong><br />\n";
echo '<textarea name="notes" rows="5" cols="40" class="frm_tarea">';
echo $_SESSION['form_data']['notes'];
echo "</textarea></p>\n";
// if ($admin || !read_meta('case_read_always') || !read_meta('case_write_always')) {
// echo "\t<tr><td>" . _T('public') . "</td>
// <td>
// <table>
// <tr>\n";
} else {
/* Print main link */
print "<a href='";
clean_output($bookmarkurl);
print "'>";
clean_output($title);
print "</a>\n";
print "<form method='post' action='#edit'>\n";
/* Print tag links */
$taglist = split(" ", $bookmarktags);
foreach ($taglist as $tag) {
if (strlen($tag) > 0) {
print " <a class='tag' href='" . $deliciousroot . "admin?tags=";
clean_output($tag);
print "'>";
clean_output($tag);
print "</a>\n";
}
}
/* Print edit link */
print " <input name='url' type='hidden' value='";
clean_output($bookmarkurl);
print "' />\n";
print " <input type='submit' value='edit' name='edit' />\n";
print "</form>\n";
}
}
}
fclose($datafilehandle);
footer($deliciousroot, $tags);
print "</body></html>";
function show_login($cible, $prive = 'prive', $message_login = '')
{
$error = '';
$login = _request('var_login');
$logout = _request('var_logout');
// If the cookie fails, inc_auth tried to redirect to lcm_cookie who
// then tried to put a cookie. If it is not there, it is "cookie failed"
// who is there, and it's probably a bookmark on privet=yes and not
// a cookie failure.
$cookie_failed = "";
if (_request('var_cookie_failed')) {
$cookie_failed = $_COOKIE['lcm_session'] != 'cookie_test_failed';
}
global $author_session;
global $lcm_session;
global $clean_link;
if (!$cible) {
// cible = destination
$cible = new Link(_request('var_url', 'index.php'));
}
$cible->delVar('var_erreur');
$cible->delVar('var_url');
$cible->delVar('var_cookie_failed');
$clean_link->delVar('var_erreur');
$clean_link->delVar('var_login');
$clean_link->delVar('var_cookie_failed');
$url = $cible->getUrl();
// This populates the $author_session variable
include_lcm('inc_session');
verifier_visiteur();
if ($author_session and !$logout and ($author_session['status'] == 'admin' or $author_session['status'] == 'normal')) {
if ($url != $GLOBALS['clean_link']->getUrl()) {
lcm_header("Location: " . $cible->getUrlForHeader());
}
// [ML] This is making problems for no reason, we use login only
// for one mecanism (entering the system).
// echo "<a href='$url'>"._T('login_this_way')."</a>\n";
echo "<a class='content_link' href='index.php'>" . _T('login_this_way') . "</a>\n";
return;
}
if (_request('var_erreur') == 'pass') {
$error = _T('login_password_incorrect');
}
// The login is memorized in the cookie for a possible future admin login
if (!$login && isset($_COOKIE['lcm_admin'])) {
if (preg_match("/^@(.*)\$/", $_COOKIE['lcm_admin'], $regs)) {
$login = $regs[1];
}
} else {
if ($login == '-1') {
$login = '';
}
}
// other sources for authentication
$flag_autres_sources = isset($GLOBALS['ldap_present']) ? $GLOBALS['ldap_present'] : '';
// What informations to pass?
if ($login) {
$status_login = 0;
// unknown status
$login = clean_input($login);
$query = "SELECT id_author, status, password, prefs, alea_actuel, alea_futur \n\t\t\t\t\tFROM lcm_author \n\t\t\t\t\tWHERE username='******'";
$result = lcm_query($query);
if ($row = lcm_fetch_array($result)) {
if ($row['status'] == 'trash' or $row['password'] == '') {
$status_login = -1;
// deny
} else {
$status_login = 1;
// known login
// Which infos to pass for the javascript ?
$id_author = $row['id_author'];
$alea_actuel = $row['alea_actuel'];
// for MD5
$alea_futur = $row['alea_futur'];
// Button for lenght of connection
if ($row['prefs']) {
$prefs = unserialize($row['prefs']);
$rester_checked = $prefs['cnx'] == 'perma' ? ' checked=\'checked\'' : '';
}
}
}
// Unknown login (except LDAP) or refused
if ($status_login == -1 or $status_login == 0 and !$flag_autres_sources) {
$error = _T('login_identifier_unknown', array('login' => htmlspecialchars(clean_output($login))));
$login = '';
// [ML] Not sure why this was here, but headers are already sent
// therefore it causes an error message (which is not shown, but
// might make a mess, knowing how PHP runs differently everywhere..)
// @lcm_setcookie('lcm_admin', '', time() - 3600);
}
}
// Javascript for the focus
if ($login) {
$js_focus = 'document.form_login.session_password.focus();';
} else {
$js_focus = 'document.form_login.var_login.focus();';
}
// [ML] we should probably add a help link here, since tech, but let's see
// how many users complain first, since this should affect only tech users
if ($cookie_failed == "yes") {
$error = _T('login_warning_cookie');
}
echo open_login();
// [ML] Looks like there is no reason why to use $clean_link (defined in inc_version.php)
// It would cause very strange bugs when the "feed_globals()" were removed from inc_version
// and in the end, well, it looks rather useless.
//
// Strange bugs were caused because $action would be "./" and therefore it
// would call index.php -> listcases.php -> includes inc_auth.php who then
// calls auth(), who redirects to the login page.
$action = $clean_link->getUrl();
// $action = "lcm_login.php";
if ($login) {
// Shows the login form, including the MD5 javascript
$flag_challenge_md5 = true;
if ($flag_challenge_md5) {
echo '<script type="text/javascript" src="inc/md5.js"></script>';
}
echo "\n";
echo '<form name="form_login" action="lcm_cookie.php" method="post"';
if ($flag_challenge_md5) {
echo " onsubmit='if (this.session_password.value) {\n\t\t\t\tthis.session_password_md5.value = calcMD5(\"{$alea_actuel}\" + this.session_password.value);\n\t\t\t\tthis.next_session_password_md5.value = calcMD5(\"{$alea_futur}\" + this.session_password.value);\n\t\t\t\tthis.session_password.value = \"\"; }'";
}
echo ">\n";
echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>\n";
if ($error) {
echo "<div style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></div><br />\n";
}
if ($flag_challenge_md5) {
// This is printed with javascript so that it is hidden from navigators not
// using JS, since they will see the username field anyway.
echo "<script type=\"text/javascript\"><!--\n" . "document.write('" . addslashes(_T('login_login')) . " <b>{$login}</b><br/>" . "<font size=\\'2\\'><a href=\\'lcm_cookie.php?cookie_admin=no&url=" . rawurlencode($action) . "\\' class=\\'link_btn\\'>" . _T('login_other_identifier') . "</a></font>');\n" . "//--></script>\n";
// If javascript is active, we pass the login in the hidden field
echo "<input type='hidden' name='session_login_hidden' value='{$login}' />";
// If javascript is not active, the login is still modifiable
// (since the challenge is not used)
echo "<noscript>";
}
echo "\t<label for='session_login'><b>" . _T('login_login') . "</b> (" . _T('login_info_login') . ")<br /></label>";
echo "\t<input type='text' name='session_login' id='session_login' class='forml' value=\"{$login}\" size='40' />\n";
if ($flag_challenge_md5) {
echo "</noscript>\n";
}
echo "\t<p />\n";
echo "\t<label for='session_password'><b>" . _T('login_password') . "</b><br /></label>";
echo "\t<input type='password' name='session_password' id='session_password' class='forml' value=\"\" size='40' />\n";
echo "\t<input type='hidden' name='essai_login' value='oui' />\n";
echo "\t<br /> <input type='checkbox' name='session_remember' value='yes' id='session_remember'{$rester_checked} /> ";
echo "\t<label for='session_remember'>" . _T('login_remain_logged_on') . "</label>";
echo "\t<input type='hidden' name='url' value='{$url}' />\n";
echo "\t<input type='hidden' name='session_password_md5' value='' />\n";
echo "\t<input type='hidden' name='next_session_password_md5' value='' />\n";
echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n";
echo "</div>";
echo "</form>";
} else {
// Ask only for the login/username
$action = quote_amp($action);
echo "<form name='form_login' action='{$action}' method='post'>\n";
echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>";
if ($error) {
echo "<span style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></span><p />";
}
echo "<label><b>" . _T('login_login') . '</b> (' . _T('login_info_login') . ')' . "<br /></label>";
echo "<input type='text' name='var_login' class='forml' value=\"\" size='40' />\n";
echo "<input type='hidden' name='var_url' value='{$url}' />\n";
echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n";
echo "</div>";
echo "</form>";
}
// Focus management
echo "<script type=\"text/javascript\"><!--\n" . $js_focus . "\n//--></script>\n";
// Start the login footer
echo "<div align='left' style='font-size: 12px;' >";
echo "<div class='lang_combo_box'>" . menu_languages() . "</div>\n";
// button for "forgotten password"
include_lcm('inc_mail');
if (server_can_send_email()) {
echo '<a href="lcm_pass.php?pass_forgotten=yes" target="lcm_pass" onclick="' . "javascript:window.open(this.href, 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=280'); return false;\" class=\"link_btn\">" . _T('login_password_forgotten') . '</a>';
}
$register_popup = 'href="lcm_pass.php?register=yes" target="lcm_pass" ' . ' onclick="' . "javascript:window.open('lcm_pass.php?register=yes', 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=500'); return false;\"";
$open_subscription = read_meta("site_open_subscription");
if ($open_subscription == 'yes' || $open_subscription == 'moderated') {
echo " <a {$register_popup} class=\"link_btn\">" . _T('login_register') . '</a>';
}
echo "</div>\n";
echo close_login();
}
if ($list_pos >= $number_of_rows) {
$list_pos = 0;
}
// Position to the page info start
if ($list_pos > 0) {
if (!lcm_data_seek($result, $list_pos)) {
lcm_panic("Error seeking position {$list_pos} in the result");
}
}
// Output table tags
show_listclient_start();
for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) {
echo "<tr>\n";
echo '<td class="tbl_cont_' . ($i % 2 ? "dark" : "light") . '">' . $row['id_client'] . "</td>\n";
echo '<td class="tbl_cont_' . ($i % 2 ? "dark" : "light") . '">';
echo '<a href="client_det.php?client=' . $row['id_client'] . '" class="content_link">';
$fullname = clean_output(get_person_name($row));
echo highlight_matches($fullname, $find_client_string);
echo "</a>\n";
echo "</td>\n";
echo "</tr>\n";
}
show_listclient_end($list_pos, $number_of_rows);
?>
<p><a href="edit_client.php" class="create_new_lnk"><?php
echo _T('client_button_new');
?>
</a></p>
<br /><br />
<?php
lcm_page_end();
function incidents_get_filter_tickets_tree($filters, $mode = false, $id_task = false)
{
global $config;
// TODO: Refactor to use the function 'filter_incidents'
/* Set default values if none is set */
$filters['inverse_filter'] = isset($filters['inverse_filter']) ? $filters['inverse_filter'] : false;
$filters['string'] = isset($filters['string']) ? $filters['string'] : '';
$filters['status'] = isset($filters['status']) ? $filters['status'] : 0;
$filters['priority'] = isset($filters['priority']) ? $filters['priority'] : -1;
$filters['id_group'] = isset($filters['id_group']) ? $filters['id_group'] : -1;
$filters['id_company'] = isset($filters['id_company']) ? $filters['id_company'] : 0;
$filters['id_inventory'] = isset($filters['id_inventory']) ? $filters['id_inventory'] : 0;
$filters['id_incident_type'] = isset($filters['id_incident_type']) ? $filters['id_incident_type'] : 0;
$filters['id_user'] = isset($filters['id_user']) ? $filters['id_user'] : '';
$filters['id_user_or_creator'] = isset($filters['id_user_or_creator']) ? $filters['id_user_or_creator'] : '';
$filters['from_date'] = isset($filters['from_date']) ? $filters['from_date'] : 0;
$filters['first_date'] = isset($filters['first_date']) ? $filters['first_date'] : '';
$filters['last_date'] = isset($filters['last_date']) ? $filters['last_date'] : '';
$filters['id_creator'] = isset($filters['id_creator']) ? $filters['id_creator'] : '';
$filters['editor'] = isset($filters['editor']) ? $filters['editor'] : '';
$filters['closed_by'] = isset($filters['closed_by']) ? $filters['closed_by'] : '';
$filters['resolution'] = isset($filters['resolution']) ? $filters['resolution'] : '';
$filters["offset"] = isset($filters['offset']) ? $filters['offset'] : 0;
$filters["group_by_project"] = isset($filters['group_by_project']) ? $filters['group_by_project'] : 0;
$filters["id_task"] = isset($filters['id_task']) ? $filters['id_task'] : -1;
$filters["sla_state"] = isset($filters['sla_state']) ? $filters['sla_state'] : 0;
$filters["left_sla"] = isset($filters['left_sla']) ? $filters['left_sla'] : 0;
$filters["right_sla"] = isset($filters['right_sla']) ? $filters['right_sla'] : 0;
$filters["show_hierarchy"] = isset($filters['show_hierarchy']) ? $filters['show_hierarchy'] : 0;
$filters["medals"] = isset($filters['medals']) ? $filters['medals'] : 0;
$filters["parent_name"] = isset($filters['parent_name']) ? $filters['parent_name'] : '';
///// IMPORTANT: Write an inverse filter for every new filter /////
$is_inverse = $filters['inverse_filter'];
$sql_clause = '';
// Status
if (!empty($filters['status'])) {
// Not closed
if ($filters['status'] == -10) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND estado <> %d', STATUS_CLOSED);
} else {
$sql_clause .= sprintf(' AND estado = %d', STATUS_CLOSED);
}
} else {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND estado = %d', $filters['status']);
} else {
$sql_clause .= sprintf(' AND estado <> %d', $filters['status']);
}
}
}
// Priority
if ($filters['priority'] != -1) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND prioridad = %d', $filters['priority']);
} else {
$sql_clause .= sprintf(' AND prioridad <> %d', $filters['priority']);
}
}
// Group
if ($filters['id_group'] != 1) {
if ($filters['show_hierarchy']) {
$children = groups_get_childrens($filters['id_group']);
$ids = $filters['id_group'];
foreach ($children as $child) {
$ids .= "," . $child['id_grupo'];
}
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_grupo IN (%s)', $ids);
} else {
$sql_clause .= sprintf(' AND id_grupo NOT IN (%s)', $ids);
}
} else {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_grupo = %d', $filters['id_group']);
} else {
$sql_clause .= sprintf(' AND id_grupo <> %d', $filters['id_group']);
}
}
}
// User
if (!empty($filters['id_user'])) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_usuario = "%s"', $filters['id_user']);
} else {
$sql_clause .= sprintf(' AND id_usuario <> "%s"', $filters['id_user']);
}
}
// User or creator
if (!empty($filters['id_user_or_creator'])) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND (id_usuario = "%s" OR id_creator = "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']);
} else {
$sql_clause .= sprintf(' AND (id_usuario <> "%s" AND id_creator <> "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']);
}
}
// Resolution
if (!empty($filters['resolution']) && $filters['resolution'] > -1) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND resolution = %d', $filters['resolution']);
} else {
$sql_clause .= sprintf(' AND resolution <> %d', $filters['resolution']);
}
}
// Task
if ($id_task !== false) {
// Don't apply the task inverse filter
$sql_clause .= sprintf(' AND id_task = %d', $id_task);
} else {
if ($filters['id_task'] > 0) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_task = %d', $filters['id_task']);
} else {
$sql_clause .= sprintf(' AND id_task <> %d', $filters['id_task']);
}
}
}
// Incidents
if (!empty($filters['id_incident_type']) && $filters['id_incident_type'] != -1) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_incident_type = %d', $filters['id_incident_type']);
} else {
$sql_clause .= sprintf(' AND id_incident_type <> %d', $filters['id_incident_type']);
}
// Incident fields
$incident_fields = array();
foreach ($filters as $key => $value) {
// If matchs an incident field, ad an element to the array with their real id and its data
if (preg_match('/^type_field_/', $key)) {
$incident_fields[preg_replace('/^type_field_/', '', $key)] = $value;
}
}
foreach ($incident_fields as $id => $data) {
if (!empty($data)) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_incidencia IN (SELECT id_incident
FROM tincident_field_data
WHERE id_incident_field = "%s"
AND data LIKE "%%%s%%")', $id, $data);
} else {
$sql_clause .= sprintf(' AND id_incidencia NOT IN (SELECT id_incident
FROM tincident_field_data
WHERE id_incident_field = "%s"
AND data LIKE "%%%s%%")', $id, $data);
}
}
}
}
// Date
if (!empty($filters['from_date']) && $filters['from_date'] > 0) {
$last_date_seconds = $filters['from_date'] * 24 * 60 * 60;
$filters['first_date'] = date('Y-m-d H:i:s', time() - $last_date_seconds);
if (!$is_inverse) {
$sql_clause .= sprintf(' AND inicio >= "%s"', $filters['first_date']);
} else {
$sql_clause .= sprintf(' AND inicio < "%s"', $filters['first_date']);
}
} else {
if (!empty($filters['first_date']) && !empty($filters['last_date'])) {
// 00:00:00 to set date at the beginig of the day
$start_time = strtotime($filters['first_date']);
$start_date = date('Y-m-d 00:00:00', $start_time);
// 23:59:59 to set date at the end of day
$end_time = strtotime($filters['last_date']);
$end_date = date('Y-m-d 23:59:59', $end_time);
if (!$is_inverse) {
$sql_clause .= sprintf(' AND inicio >= "%s"', $start_date);
$sql_clause .= sprintf(' AND inicio <= "%s"', $end_date);
} else {
$sql_clause .= sprintf(' AND (inicio < "%s" OR inicio > "%s")', $start_date, $end_date);
}
} else {
if (!empty($filters['first_date'])) {
// 00:00:00 to set date at the beginig of the day
$start_time = strtotime($filters['first_date']);
$start_date = date('Y-m-d 00:00:00', $start_time);
if (!$is_inverse) {
$sql_clause .= sprintf(' AND inicio >= "%s"', $start_date);
} else {
$sql_clause .= sprintf(' AND inicio < "%s"', $start_date);
}
} else {
if (!empty($filters['last_date'])) {
// 23:59:59 to set date at the end of day
$end_time = strtotime($filters['last_date']);
$end_date = date('Y-m-d 23:59:59', $end_time);
if (!$is_inverse) {
$sql_clause .= sprintf(' AND inicio <= "%s"', $end_date);
} else {
$sql_clause .= sprintf(' AND inicio > "%s"', $end_date);
}
}
}
}
}
// Creator
if (!empty($filters['id_creator'])) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_creator = "%s"', $filters['id_creator']);
} else {
$sql_clause .= sprintf(' AND id_creator <> "%s"', $filters['id_creator']);
}
}
// Editor
if (!empty($filters['editor'])) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND editor = "%s"', $filters['editor']);
} else {
$sql_clause .= sprintf(' AND editor <> "%s"', $filters['editor']);
}
}
// Closed by
if (!empty($filters['closed_by'])) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND closed_by = "%s"', $filters['closed_by']);
} else {
$sql_clause .= sprintf(' AND closed_by <> "%s"', $filters['closed_by']);
}
}
// SLA
$sla_filter = '';
if (!empty($filters['sla_state'])) {
$sla_fired_filter = 'AND (sla_disabled = 0 AND affected_sla_id <> 0)';
$sla_not_fired_filter = 'AND (sla_disabled = 0 AND affected_sla_id = 0)';
if ($filters['sla_state'] == 1) {
$sla_filter = !$is_inverse ? $sla_fired_filter : $sla_not_fired_filter;
} else {
if ($filters['sla_state'] == 2) {
$sla_filter = !$is_inverse ? $sla_not_fired_filter : $sla_fired_filter;
}
}
}
// Medals
$medals_filter = '';
if ($filters['medals']) {
if ($filters['medals'] == 1) {
if (!$is_inverse) {
$medals_filter = 'AND gold_medals <> 0';
} else {
$medals_filter = 'AND gold_medals = 0';
}
} else {
if ($filters['medals'] == 2) {
if (!$is_inverse) {
$medals_filter = 'AND black_medals <> 0';
} else {
$medals_filter = 'AND black_medals = 0';
}
}
}
}
if (!empty($filters['parent_name'])) {
$inventory_id = get_db_value('id', 'tinventory', 'name', $filters['parent_name']);
if ($inventory_id) {
if (!$is_inverse) {
$sql_clause .= sprintf(' AND id_incidencia IN (SELECT id_incident FROM tincident_inventory WHERE
id_inventory = %d)', $inventory_id);
} else {
$sql_clause .= sprintf(' AND id_incidencia NOT IN (SELECT id_incident FROM tincident_inventory WHERE
id_inventory = %d)', $inventory_id);
}
}
}
if ($no_parents) {
$sql_clause .= ' AND id_incidencia NOT IN (SELECT id_incidencia FROM tincidencia WHERE id_parent <> 0)';
}
// Order
if ($filters['order_by'] && !is_array($filters['order_by'])) {
$order_by_array = json_decode(clean_output($filters['order_by']), true);
} else {
$order_by_array = $filters['order_by'];
}
$order_by = '';
if ($order_by_array) {
foreach ($order_by_array as $key => $value) {
if ($value) {
$order_by .= " {$key} {$value}, ";
}
}
}
// Use config block size if no other was given
if ($limit && !isset($filters['limit'])) {
$filters['limit'] = $config['block_size'];
}
// Text filter
$text_filter = '';
if (!empty($filters['string'])) {
if (!$is_inverse) {
$text_filter = sprintf('AND (
titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia = %d
OR id_incidencia IN (
SELECT id_incident
FROM tincident_field_data
WHERE data LIKE "%%%s%%"))', $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string']);
} else {
$text_filter = sprintf('AND (
titulo NOT LIKE "%%%s%%" AND descripcion NOT LIKE "%%%s%%"
AND id_creator NOT LIKE "%%%s%%" AND id_usuario NOT LIKE "%%%s%%"
AND id_incidencia <> %d
AND id_incidencia NOT IN (
SELECT id_incident
FROM tincident_field_data
WHERE data LIKE "%%%s%%"))', $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string']);
}
}
switch ($mode) {
case 'count':
//Just count items
$sql = sprintf('SELECT COUNT(id_incidencia) FROM tincidencia FD WHERE 1=1 %s %s %s %s', $sql_clause, $text_filter, $sla_filter, $medals_filter);
return (int) get_db_value_sql($sql);
break;
case 'tasks':
$sql = sprintf('SELECT id_task FROM tincidencia FD WHERE 1=1 %s %s %s %s GROUP BY id_task', $sql_clause, $text_filter, $sla_filter, $medals_filter);
return get_db_all_rows_sql($sql);
break;
case 'tickets':
default:
//Select all items and return all information
$sql = sprintf('SELECT * FROM tincidencia FD WHERE 1=1 %s %s %s %s ORDER BY %s actualizacion DESC', $sql_clause, $text_filter, $sla_filter, $medals_filter, $order_by);
$incidents = get_db_all_rows_sql($sql);
if ($incidents === false) {
return false;
}
$result = array();
foreach ($incidents as $incident) {
//Check external users ACLs
$standalone_check = enterprise_hook('manage_standalone', array($incident, 'read'));
if ($standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check) {
continue;
} else {
// Normal ACL pass if IR for this group or if the user is the incident creator
// or if the user is the owner or if the user has workunits
$check_acl = enterprise_hook('incidents_check_incident_acl', array($incident));
if (!$check_acl) {
continue;
}
}
$inventories = get_inventories_in_incident($incident['id_incidencia'], false);
// Inventory
if ($filters['id_inventory']) {
$found = false;
foreach ($inventories as $inventory) {
if ($inventory['id'] == $filters['id_inventory']) {
$found = true;
break;
}
}
if (!$is_inverse && !$found) {
continue;
} else {
if ($is_inverse && $found) {
continue;
}
}
}
// Company
if ($filters['id_company']) {
$found = false;
$user_creator = $incident['id_creator'];
$user_company = get_db_value('id_company', 'tusuario', 'id_usuario', $user_creator);
// Don't match, dismiss incident
if (!$is_inverse && $filters['id_company'] != $user_company) {
continue;
}
// Match, dismiss incident
if ($is_inverse && $filters['id_company'] == $user_company) {
continue;
}
}
// SLA
if ($filters['left_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
// Don't match, dismiss incident
if (!$is_inverse && $filters['left_sla'] > $percent_sla_incident) {
continue;
}
// Match, dismiss incident
if ($is_inverse && $filters['left_sla'] <= $percent_sla_incident) {
continue;
}
}
if ($filters['right_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
// Don't match, dismiss incident
if (!$is_inverse && $filters['right_sla'] < $percent_sla_incident) {
continue;
}
// Match, dismiss incident
if ($is_inverse && $filters['right_sla'] >= $percent_sla_incident) {
continue;
}
}
array_push($result, $incident);
}
return $result;
break;
}
}
function printEdit()
{
echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n";
// Organisation ID
if ($this->getDataInt('id_org')) {
echo "<tr>\n";
echo "<td>" . _Ti('org_input_id') . "</td>\n";
echo "<td>" . $this->getDataInt('id_org') . '<input type="hidden" name="id_org" value="' . $this->getDataInt('id_org') . '" />' . "</td>\n";
echo "</tr>\n";
}
// Organisation name
echo "<tr>\n";
echo "<td>" . f_err_star('name') . _Ti('org_input_name') . "</td>\n";
echo '<td><input name="name" value="' . clean_output($this->getDataString('name')) . '" class="search_form_txt" />' . "</td>\n";
echo "</tr>\n";
// Court registration number
echo "<tr>\n";
echo "<td>" . f_err_star('court_reg') . _Ti('org_input_court_reg') . "</td>\n";
echo '<td><input name="court_reg" value="' . clean_output($this->getDataString('court_reg')) . '" class="search_form_txt" />' . "</td>\n";
echo "</tr>\n";
// Tax number
echo "<tr>\n";
echo "<td>" . f_err_star('tax_number') . _Ti('org_input_tax_number') . "</td>\n";
echo '<td><input name="tax_number" value="' . clean_output($this->getDataString('tax_number')) . '" class="search_form_txt" />' . "</td>\n";
echo "</tr>\n";
// Statistical number
echo "<tr>\n";
echo "<td>" . f_err_star('stat_number') . _Ti('org_input_stat_number') . "</td>\n";
echo '<td><input name="stat_number" value="' . clean_output($this->getDataString('stat_number')) . '" class="search_form_txt" />' . "</td>\n";
echo "</tr>\n";
// Creation date
if ($this->getDataInt('id_org')) {
echo "<tr>\n";
echo '<td>' . _Ti('time_input_date_creation') . '</td>';
echo '<td>' . format_date($this->getDataString('date_creation'), 'full') . '</td>';
echo "</tr>\n";
}
//
// Keywords, if any
//
show_edit_keywords_form('org', $this->getDataInt('id_org'));
// Notes
echo "<tr>\n";
echo "<td>" . f_err_star('notes') . _Ti('org_input_notes') . "</td>\n";
echo '<td><textarea name="notes" id="input_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n";
echo "</tr>\n";
//
// Contacts (e-mail, phones, etc.)
//
echo "<tr>\n";
echo '<td colspan="2" align="center" valign="middle">';
show_page_subtitle(_T('client_subtitle_contacts'));
echo '</td>';
echo "</tr>\n";
show_edit_contacts_form('org', $this->getDataInt('id_org'));
echo "</table>\n";
}
function printEdit()
{
// Read site configuration preferences
$case_assignment_date = read_meta('case_assignment_date');
$case_alledged_crime = read_meta('case_alledged_crime');
$case_legal_reason = read_meta('case_legal_reason');
$case_allow_modif = read_meta('case_allow_modif');
echo '<table class="tbl_usr_dtl">' . "\n";
// Case ID (if editing existing case)
if ($this->getDataInt('id_case')) {
echo "<tr>" . "<td>" . _T('case_input_id') . "</td>" . "<td>" . $this->getDataInt('id_case') . '<input type="hidden" name="id_case" value="' . $this->getDataInt('id_case') . '" />' . "</td></tr>\n";
}
echo '<tr><td><label for="input_case_title">' . f_err_star('title') . _T('case_input_title') . "</label></td>\n";
echo '<td><input size="35" name="title" id="input_case_title" value="' . clean_output($this->getDataString('title')) . '" class="search_form_txt" />';
echo "</td></tr>\n";
// Date of earlier assignment
if ($case_assignment_date == 'yes') {
echo "<tr>\n";
echo "<td>" . f_err_star('date_assignment') . _Ti('case_input_date_assigned') . "</td>\n";
echo "<td>" . get_date_inputs('assignment', $this->getDataString('date_assignment'), false) . "</td>\n";
echo "</tr>\n";
}
// Legal reason
if (substr($case_legal_reason, 0, 3) == 'yes') {
echo '<tr><td><label for="input_legal_reason">' . f_err_star('legal_reason') . _T('case_input_legal_reason') . "</label>" . ($case_legal_reason == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n";
echo '<td>';
echo '<textarea name="legal_reason" id="input_legal_reason" class="frm_tarea" rows="2" cols="60">';
echo clean_output($this->getDataString('legal_reason'));
echo "</textarea>";
echo "</td>\n";
echo "</tr>\n";
}
// Alledged crime
if (substr($case_alledged_crime, 0, 3) == 'yes') {
echo '<tr><td><label for="input_alledged_crime">' . f_err_star('alledged_crime') . _T('case_input_alledged_crime') . "</label>" . ($case_alledged_crime == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n";
echo '<td>';
echo '<textarea name="alledged_crime" id="input_alledged_crime" class="frm_tarea" rows="2" cols="60">';
echo clean_output($this->getDataString('alledged_crime'));
echo '</textarea>';
echo "</td>\n";
echo "</tr>\n";
}
// Keywords (if any)
show_edit_keywords_form('case', $this->getDataInt('id_case'));
$id_stage = 0;
// new case, stage not yet known
if ($this->getDataString('stage')) {
$stage = get_kw_from_name('stage', $this->getDataString('stage', '__ASSERT__'));
$id_stage = $stage['id_keyword'];
}
show_edit_keywords_form('stage', $this->getDataInt('id_case'), $id_stage);
// Notes
echo "<tr>\n";
echo "<td><label for='input_case_notes'>" . f_err_star('case_notes') . _Ti('case_input_notes') . "</label></td>\n";
echo '<td><textarea name="case_notes" id="input_case_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n";
echo "</tr>\n";
// Case status
echo '<tr><td><label for="input_status">' . f_err_star('status') . _Ti('case_input_status') . "</label></td>\n";
echo '<td>';
echo '<select name="status" id="input_status" class="sel_frm">' . "\n";
$statuses = $this->getDataInt('id_case') ? array('draft', 'open', 'suspended', 'closed', 'merged') : array('draft', 'open');
foreach ($statuses as $s) {
$sel = $s == $this->getDataString('status') ? ' selected="selected"' : '';
echo '<option value="' . $s . '"' . $sel . ">" . _T('case_status_option_' . $s) . "</option>\n";
}
echo "</select></td>\n";
echo "</tr>\n";
// Case stage
if (!$this->getDataString('stage')) {
$this->data['stage'] = get_suggest_in_group_name('stage');
}
$kws = get_keywords_in_group_name('stage');
echo '<tr><td><label for="input_stage">' . f_err_star('stage') . _T('case_input_stage') . "</label></td>\n";
echo '<td><select name="stage" id="input_stage" class="sel_frm">' . "\n";
foreach ($kws as $kw) {
$sel = $kw['name'] == $this->data['stage'] ? ' selected="selected"' : '';
echo "\t\t\t\t<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
echo "</select></td>\n";
echo "</tr>\n";
// Public access rights
// FIXME FIXME FIXME
if ($this->data['admin'] || read_meta('case_read_always') != 'yes' || read_meta('case_write_always') != 'yes') {
$dis = isDisabled(!allowed($this->getDataInt('id_case'), 'a'));
echo '<tr><td colspan="2">' . _T('case_input_collaboration') . ' <br /><ul>';
if (read_meta('case_read_always') != 'yes' || $GLOBALS['author_session']['status'] == 'admin') {
echo '<li style="list-style-type: none;">';
echo '<input type="checkbox" name="public" id="case_public_read" value="yes"';
if ($_SESSION['form_data']['public']) {
echo ' checked="checked"';
}
echo "{$dis} />";
echo '<label for="case_public_read">' . _T('case_input_collaboration_read') . "</label></li>\n";
}
if (read_meta('case_write_always') != 'yes' || _session('admin')) {
echo '<li style="list-style-type: none;">';
echo '<input type="checkbox" name="pub_write" id="case_public_write" value="yes"';
if (_session('pub_write')) {
echo ' checked="checked"';
}
echo "{$dis} />";
echo '<label for="case_public_write">' . _T('case_input_collaboration_write') . "</label></li>\n";
}
echo "</ul>\n";
echo "</td>\n";
echo "</tr>\n";
}
echo "</table>\n";
}
function printEdit()
{
// Get site preferences
$client_name_middle = read_meta('client_name_middle');
$client_citizen_number = read_meta('client_citizen_number');
$client_civil_status = read_meta('client_civil_status');
$client_income = read_meta('client_income');
$meta_date_birth = read_meta('client_date_birth');
echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n";
if ($this->getDataInt('id_client')) {
echo "<tr><td>" . _T('client_input_id') . "</td>\n";
echo "<td>" . $this->getDataInt('id_client') . '<input type="hidden" name="id_client" value="' . $this->getDataInt('id_client') . '" /></td></tr>' . "\n";
}
// Client name
echo '<tr><td>' . f_err_star('name_first') . _T('person_input_name_first') . '</td>' . "\n";
echo '<td><input name="name_first" value="' . clean_output($this->getDataString('name_first')) . '" class="search_form_txt" /></td></tr>' . "\n";
// [ML] always show middle name, if any, no matter the configuration
if ($this->getDataString('name_middle') || substr($client_name_middle, 0, 3) == 'yes') {
echo '<tr><td>' . f_err_star('name_middle') . _T('person_input_name_middle') . '</td>' . "\n";
echo '<td><input name="name_middle" value="' . clean_output($this->getDataString('name_middle')) . '" class="search_form_txt" /></td></tr>' . "\n";
}
echo '<tr><td>' . f_err_star('name_last') . _T('person_input_name_last') . '</td>' . "\n";
echo '<td><input name="name_last" value="' . clean_output($this->getDataString('name_last')) . '" class="search_form_txt" /></td></tr>' . "\n";
if (substr($meta_date_birth, 0, 3) == 'yes') {
echo "<tr>\n";
echo "<td>" . f_err_star('date_birth') . _Ti('person_input_date_birth') . "</td>\n";
echo "<td>" . get_date_inputs('date_birth', $this->getDataString('date_birth'), true) . "</td>\n";
echo "</tr>\n";
}
echo '<tr><td>' . f_err_star('gender') . _T('person_input_gender') . '</td>' . "\n";
echo '<td><select name="gender" class="sel_frm">' . "\n";
$opt_sel_male = $opt_sel_female = $opt_sel_unknown = '';
if ($this->getDataString('gender') == 'male') {
$opt_sel_male = 'selected="selected" ';
} else {
if ($this->getDataString('gender') == 'female') {
$opt_sel_female = 'selected="selected" ';
} else {
$opt_sel_unknown = 'selected="selected" ';
}
}
echo '<option ' . $opt_sel_unknown . 'value="unknown">' . _T('info_not_available') . "</option>\n";
echo '<option ' . $opt_sel_male . 'value="male">' . _T('person_input_gender_male') . "</option>\n";
echo '<option ' . $opt_sel_female . 'value="female">' . _T('person_input_gender_female') . "</option>\n";
echo "</select>\n";
echo "</td></tr>\n";
if ($this->getDataString('id_client')) {
echo "<tr>\n";
echo '<td>' . _Ti('time_input_date_creation') . '</td>';
echo '<td>' . format_date($this->getDataString('date_creation'), 'full') . '</td>';
echo "</tr>\n";
}
if (substr($client_citizen_number, 0, 3) == 'yes') {
echo "<tr>\n";
echo '<td>' . f_err_star('citizen_number') . _T('person_input_citizen_number') . '</td>';
echo '<td><input name="citizen_number" value="' . clean_output($this->getDataString('citizen_number')) . '" class="search_form_txt" /></td>';
echo "</tr>\n";
}
if (substr($client_civil_status, 0, 3) == 'yes') {
echo "<tr>\n";
echo '<td>' . f_err_star('civil_status') . _Ti('person_input_civil_status') . '</td>';
echo '<td>';
echo '<select name="civil_status">';
if (!$this->getDataInt('id_client')) {
echo '<option value=""></option>';
}
$kwg = get_kwg_from_name('civilstatus');
$all_kw = get_keywords_in_group_name('civilstatus');
// A bit overkill, but if the user made the error of not entering
// a valid civil_status, make sure that the field stays empty
if (!$this->getDataString('civil_status') || !count($_SESSION['errors'])) {
if ($this->getDataInt('id_client')) {
$this->data['civil_status'] = $all_kw['unknown']['name'];
} else {
$this->data['civil_status'] = $kwg['suggest'];
}
}
foreach ($all_kw as $kw) {
$sel = $this->getDataString('civil_status') == $kw['name'] ? ' selected="selected"' : '';
echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T($kw['title']) . '</option>';
}
echo '</select>';
echo '</td>';
echo "</tr>\n";
}
if (substr($client_income, 0, 3) == 'yes') {
echo "<tr>\n";
echo '<td>' . f_err_star('income') . _Ti('person_input_income') . '</td>';
echo '<td>';
echo '<select name="income">';
if (!$this->getDataInt('id_client')) {
echo '<option value=""></option>';
}
$kwg = get_kwg_from_name('income');
$all_kw = get_keywords_in_group_name('income');
if (!$this->getDataString('income') && !count($_SESSION['errors'])) {
if ($this->getDataInt('id_client')) {
$this->data['income'] = $all_kw['unknown']['name'];
} else {
$this->data['income'] = $kwg['suggest'];
}
}
foreach ($all_kw as $kw) {
$sel = $this->getDataString('income') == $kw['name'] ? ' selected="selected"' : '';
echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T($kw['title']) . '</option>';
}
echo '</select>';
echo '</td>';
echo "</tr>\n";
}
//
// Keywords, if any
//
show_edit_keywords_form('client', $this->getDataInt('id_client'));
// Notes
echo "<tr>\n";
echo "<td>" . f_err_star('client_notes') . _Ti('client_input_notes') . "</td>\n";
echo '<td><textarea name="client_notes" id="input_client_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n";
echo "</tr>\n";
//
// Contacts (e-mail, phones, etc.)
//
echo "<tr>\n";
echo '<td colspan="2" align="center" valign="middle">';
show_page_subtitle(_T('client_subtitle_contacts'));
echo '</td>';
echo "</tr>\n";
show_edit_contacts_form('client', $this->getDataInt('id_client'));
echo "</table>\n";
}
$replacement = "";
$package_aux = preg_replace($pattern, $replacement, $package);
// Remove extension .oum
//$pattern = "/^[\w*\/*]*package_/";
$pattern = "/^.*package_/";
$package_num = preg_replace($pattern, $replacement, $package_aux);
// Get the number of the package
if ($current_package >= $package_num) {
fclose($files_h);
$return["status"] = "error";
$return["message"] = __("Package ") . $package_num . __(" is already installed.");
echo json_encode($return);
return;
}
}
$package = clean_output($package);
// All files extracted
$files_total = $package . "/files.txt";
// Files copied
$files_copied = $package . "/files.copied.txt";
$return = array();
if (file_exists($files_copied)) {
unlink($files_copied);
}
if (file_exists($package)) {
if ($files_h = fopen($files_total, "r")) {
while ($line = stream_get_line($files_h, 65535, "\n")) {
$line = trim($line);
// Tries to move the old file to the directory backup inside the extracted package
if (file_exists($config["homedir"] . "/" . $line)) {
rename($config["homedir"] . "/" . $line, $package . "/backup/" . $line);
echo __('Yes');
} else {
echo __('No');
}
echo "<td>";
if ($todo["expire_timestamp"] == "0000-00-00 00:00:00") {
echo __('No expiration date');
} else {
echo $todo["expire_timestamp"];
}
echo '<td>';
echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=update&id=' . $todo["id"] . '"><img src="images/editor.png"></a>';
echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=delete&id=' . $todo["id"] . '" onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;">
<img border=0 src="images/cross.png"></a>';
echo "<tr><td colspan=4 style=''>";
echo print_container_div('news_' . $todo["id"], __("Content"), clean_output($todo["content"]), 'closed', true, false, '', '', 1, '', "margin:0px");
}
echo "</table>";
echo '<form method="post" action="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=create">';
echo '<div class="button-form">';
print_submit_button(__('Create'), 'crt', false, 'class="sub create');
echo '</div></form>';
}
// Fin bloque else
?>
<script type="text/javascript" src="include/js/jquery.ui.slider.js"></script>
<script type="text/javascript" src="include/js/jquery.ui.datepicker.js"></script>
<script type="text/javascript" src="include/languages/date_<?php
echo $config['language_code'];
?>
.js"></script>
// Show case organization(s)
//
$q = "SELECT o.id_org,name\n\t\t\t\t\tFROM lcm_case_client_org as cco, lcm_org as o\n\t\t\t\t\tWHERE id_case = {$case} AND cco.id_org = o.id_org";
$result = lcm_query($q);
if (lcm_num_rows($result)) {
if (!$header_shown) {
echo '<table border="0" width="99%" class="tbl_usr_dtl">' . "\n";
$header_shown = true;
}
while ($row = lcm_fetch_array($result)) {
echo "<tr>\n";
// icon
echo '<td width="25" align="center"><img src="images/jimmac/stock_people.png" alt="" height="16" width="16" /></td>' . "\n";
// name
echo '<td><a style="display: block;" href="org_det.php?org=' . $row['id_org'] . '" class="content_link">';
echo clean_output($row['name']);
echo "</a></td>\n";
// delete icon (if admin rights)
if ($admin) {
echo '<td width="1%" nowrap="nowrap">';
echo '<label for="id_del_org' . $row['id_org'] . '">';
echo '<img src="images/jimmac/stock_trash-16.png" width="16" height="16" ' . 'alt="' . _T('case_info_delete_org') . '" title="' . _T('case_info_delete_org') . '" />';
echo '</label> ';
echo '<input type="checkbox" onclick="lcm_show(\'btn_delete\')" ' . 'id="id_del_org' . $row['id_org'] . '" name="id_del_org[]" ' . 'value="' . $row['id_org'] . '" />';
echo "</td>\n";
}
echo "</tr>\n";
}
}
if ($header_shown) {
echo "</table>\n\n";
$datafilehandle = fopen($datafile, "w");
fwrite($datafilehandle, unescape_quotes($_POST['text']));
fclose($datafilehandle);
header('Location: ' . $deliciousroot . "admin");
}
}
print "<html><head>";
print "<title>Edit Bookmarks</title>";
print "<style>textarea { width:100%; height:75%; }</style>";
print "</head><body>";
print "<h1>Edit Bookmarks</h1>";
print "<form method='post'>";
print "<textarea name='text' cols='100' rows='40'>";
$datafilehandle = fopen($datafile, "r");
while (true) {
$line = fgets($datafilehandle);
if (strlen($line) == 0) {
break;
}
clean_output($line);
}
fclose($datafilehandle);
print "</textarea>";
print "<input type='submit' value='Save' />";
print "<input type='hidden' name='action' value='save'>";
print "Remember to leave a blank line at the end of the text.";
print "<input name='time' type='hidden' value='" . $time . "' />";
print "<input name='key' type='hidden' value='" . securitycode($time) . "' />";
print "</form>";
footer($deliciousroot, "");
print "</body></html>";
function show_existing_contact($c, $num)
{
// FIXME: This has a minor bug: if there was an error in (ex:) the title
// of the user/client/org, and the value of a contact was changed, then
// the modification will be lost, because we didn't use the $_SESSION value.
echo '<tr><td align="left" valign="top">' . f_err_star('upd_contact_' . $num) . f_err_star('contact_' . $c['name']) . _Ti($c['title']) . ($c['policy'] != 'optional' ? '<br/>(' . _T('keywords_input_policy_' . $c['policy']) . ')' : '') . "</td>\n";
echo '<td align="left" valign="top">';
echo '<input name="contact_id[]" id="contact_id_' . $num . '" ' . 'type="hidden" value="' . $c['id_contact'] . '" />' . "";
echo '<input name="contact_type[]" id="contact_type_' . $num . '" ' . 'type="hidden" value="' . $c['type_contact'] . '" />' . "";
// [ML] Removed spaces (nbsp) between elements, or it causes the layout
// to show on two lines when using a large font.
echo '<input name="contact_value[]" id="contact_value_' . $num . '" type="text" ' . 'class="search_form_txt" size="35" value="' . (isset($_SESSION['form_data']['contact_value'][$num]) ? $_SESSION['form_data']['contact_value'][$num] : clean_output($c['value'])) . '"/>';
echo f_err_star('email') . "";
if ($c['policy'] != 'mandatory') {
echo '<label for="id_del_contact' . $num . '">';
echo '<img src="images/jimmac/stock_trash-16.png" width="16" height="16" alt="' . _T('generic_info_delete_contact') . '" title="' . _T('generic_info_delete_contact') . '" />';
echo '</label>';
echo ' <input type="checkbox" id="id_del_contact' . $num . '" name="del_contact_' . $c['id_contact'] . '"/>';
}
echo "</td>\n</tr>\n\n";
}
$sel = $kw['name'] == $default_app ? ' selected="selected"' : '';
echo "<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n";
}
?>
</select></td></tr>
<!-- Appointment description -->
<tr><td valign="top"><?php
echo _T('app_input_description');
?>
</td>
<td><textarea <?php
echo $dis;
?>
name="description" rows="5" cols="40" class="frm_tarea"><?php
echo clean_output(_session('description')) . "</textarea></td></tr>\n";
// Appointment participants - authors
echo "\t\t<tr><td valign=\"top\">";
echo _T('app_input_authors');
echo "</td><td>";
if (count($_SESSION['authors']) > 0) {
$q = '';
$author_ids = array();
foreach ($_SESSION['authors'] as $author) {
// $q .= ($q ? ', ' : '');
$author_ids[] = $author['id_author'];
$q .= get_person_name($author);
if ($author['id_author'] != $author_session['id_author']) {
$q .= ' (<label for="id_rem_author' . $author['id_author'] . '"><img src="images/jimmac/stock_trash-16.png" width="16" height="16" alt="Remove?" title="Remove?" /></label> <input type="checkbox" id="id_rem_author' . $author['id_author'] . '" name="rem_author[]" value="' . $author['id_author'] . '" />)';
}
// TRAD
}
$where_clause = "WHERE tcompany_contact.id_company = tcompany.id {$where_group} " . "AND tcompany_contact.id_company " . get_filter_by_company_accessibility($config["id_user"]);
if ($search_text != "") {
$where_clause .= sprintf(' AND fullname LIKE "%%%s%%"', $search_text);
}
if ($id_company) {
$where_clause .= sprintf(' AND id_company = %d', $id_company);
}
$sql = "SELECT tcompany_contact.fullname, tcompany.name as company_name, \ntcompany_contact.email, tcompany_contact.phone, tcompany_contact.mobile, \ntcompany_contact.position, tcompany_contact.description FROM tcompany_contact, \ntcompany {$where_clause} ORDER BY id_company, fullname";
$filename = clean_output('contacts_export') . '-' . date("YmdHi");
ob_end_clean();
// CSV Output
header('Content-Disposition: attachment; filename="' . $filename . '.csv"');
header('Content-Type: text/css; charset=utf-8');
$config['mysql_result_type'] = MYSQL_ASSOC;
$rows = get_db_all_rows_sql(clean_output($sql));
if ($rows === false) {
return;
}
// Header
echo safe_output(implode(',', array_keys($rows[0]))) . "\n";
// Item / data
foreach ($rows as $row) {
// Delete \r !!!
$row = str_replace("
", " ", $row);
// Delete \n !!
$row = str_replace("
", " ", $row);
// Delete , !!
$row = str_replace(",", " ", $row);
$buffer = safe_output(implode(',', $row)) . "\n";
// Delete " !!!
function create_custom_search($name, $section, $search_values)
{
global $config;
// It is needed to remove the html entities before serialize the array because
// the different string lenght can cause an error when unserialize
foreach ($search_values as $key => $search_value) {
$search_value = clean_output($search_value);
}
$sql = sprintf('INSERT INTO tcustom_search (section, name, id_user,
form_values) VALUES ("%s", "%s", "%s", \'%s\')', $section, $name, $config['id_user'], serialize($search_values));
return process_sql($sql, 'insert-id');
}
function get_fu_description($item, $make_short = true)
{
if (!is_array($item)) {
lcm_debug("get_fu_description: parameter is not an array.");
return '';
}
global $prefs;
global $fu_desc_len;
// configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN;
$short_description = '';
// Set the length of short followup title (was: wide = 48, narrow = 115)
$title_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256;
if ($item['type'] == 'assignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_assigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'unassignment' && is_numeric($item['description'])) {
$res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']);
$author1 = lcm_fetch_array($res1);
$short_description = _T('case_info_author_unassigned', array('name' => get_person_name($author1)));
} elseif ($item['type'] == 'stage_change' || is_status_change($item['type'])) {
$tmp = lcm_unserialize($item['description']);
// for backward compatibility, make it optional
if ($item['case_stage']) {
$short_description = _Tkw('stage', $item['case_stage']);
}
if ($tmp['description']) {
$short_description .= " / " . $tmp['description'];
}
if ($tmp['result'] || $tmp['conclusion']) {
$short_description .= "\n" . _Ti('fu_input_conclusion');
}
if ($tmp['result']) {
$short_description .= _Tkw('_crimresults', $tmp['result']) . "/";
}
if ($tmp['conclusion']) {
$short_description .= _Tkw('conclusion', $tmp['conclusion']);
}
if ($tmp['sentence']) {
$short_description .= "\n" . _Ti('fu_input_sentence') . _Tkw('sentence', $tmp['sentence'], array('currency' => read_meta('currency')));
}
if ($tmp['sentence_val']) {
$short_description .= ": " . $tmp['sentence_val'];
}
} else {
if ($item['description']) {
if (!$make_short || strlen(lcm_utf8_decode($item['description'])) < $title_length) {
$short_description = $item['description'];
} else {
$short_description = substr($item['description'], 0, $title_length) . '...';
}
$short_description = clean_output($short_description);
} else {
$short_description = _T('fu_info_emptydesc');
}
}
$short_description = nl2br($short_description);
if (empty($short_description)) {
$short_description = _T('info_not_available');
}
return $short_description;
}
$where_clause = clean_output(get_parameter('where_clause'));
$date = get_parameter('date');
$filename = clean_output('audit_export') . '-' . date("YmdHi");
$sql = sprintf('SELECT * FROM tsesion %s ORDER by utimestamp DESC', $where_clause);
$rows = get_db_all_rows_sql($sql);
if ($rows === false) {
return;
}
}
if ($export_csv_tickets) {
$filter = unserialize_in_temp($config["id_user"]);
$rows = incidents_search_result($filter, false, true, false, false, true, false, true);
if ($rows === false) {
return;
}
$filename = clean_output('tickets_export') . '-' . date("YmdHi");
}
if (empty($rows)) {
die(__('Empty data'));
}
$csv_lines = array();
$search = array();
// Delete \r !!!
$search[] = "
";
$search[] = "\r";
// Delete \n !!!
$search[] = "
";
$search[] = "\n";
// Delete " !!!
$search[] = '"';
// Delete ' !!!
function incidents_get_filter_tickets_tree($filters, $mode = false, $limit = false)
{
global $config;
/* Set default values if none is set */
$filters['string'] = isset($filters['string']) ? $filters['string'] : '';
$filters['status'] = isset($filters['status']) ? $filters['status'] : -10;
$filters['priority'] = isset($filters['priority']) ? $filters['priority'] : -1;
$filters['id_group'] = isset($filters['id_group']) ? $filters['id_group'] : -1;
$filters['id_company'] = isset($filters['id_company']) ? $filters['id_company'] : 0;
$filters['id_inventory'] = isset($filters['id_inventory']) ? $filters['id_inventory'] : 0;
$filters['id_incident_type'] = isset($filters['id_incident_type']) ? $filters['id_incident_type'] : 0;
$filters['id_user'] = isset($filters['id_user']) ? $filters['id_user'] : '';
$filters['id_user_or_creator'] = isset($filters['id_user_or_creator']) ? $filters['id_user_or_creator'] : '';
$filters['from_date'] = isset($filters['from_date']) ? $filters['from_date'] : 0;
$filters['first_date'] = isset($filters['first_date']) ? $filters['first_date'] : '';
$filters['last_date'] = isset($filters['last_date']) ? $filters['last_date'] : '';
$filters['id_creator'] = isset($filters['id_creator']) ? $filters['id_creator'] : '';
$filters['editor'] = isset($filters['editor']) ? $filters['editor'] : '';
$filters['closed_by'] = isset($filters['closed_by']) ? $filters['closed_by'] : '';
$filters['resolution'] = isset($filters['resolution']) ? $filters['resolution'] : '';
$filters["offset"] = isset($filters['offset']) ? $filters['offset'] : 0;
$filters["group_by_project"] = isset($filters['group_by_project']) ? $filters['group_by_project'] : 0;
$filters["id_task"] = isset($filters['id_task']) ? $filters['id_task'] : -1;
$filters["sla_state"] = isset($filters['sla_state']) ? $filters['sla_state'] : 0;
$filters["left_sla"] = isset($filters['left_sla']) ? $filters['left_sla'] : 0;
$filters["right_sla"] = isset($filters['right_sla']) ? $filters['right_sla'] : 0;
$filters["show_hierarchy"] = isset($filters['show_hierarchy']) ? $filters['show_hierarchy'] : 0;
if (empty($filters['status'])) {
$filters['status'] = implode(',', array_keys(get_indicent_status()));
}
// Not closed
if ($filters["status"] == -10) {
$filters['status'] = "1,2,3,4,5,6";
}
$resolutions = get_incident_resolutions();
$sql_clause = '';
if ($filters['priority'] != -1) {
$sql_clause .= sprintf(' AND prioridad = %d', $filters['priority']);
}
if ($filters['id_group'] != 1) {
if ($filters["show_hierarchy"]) {
$children = groups_get_childrens($filters['id_group']);
$ids = $filters['id_group'];
foreach ($children as $child) {
$ids .= "," . $child['id_grupo'];
}
$sql_clause .= " AND id_grupo IN (" . $ids . ")";
} else {
$sql_clause .= sprintf(' AND id_grupo = %d', $filters['id_group']);
}
}
if (!empty($filters['id_user'])) {
$sql_clause .= sprintf(' AND id_usuario = "%s"', $filters['id_user']);
}
if (!empty($filters['id_user_or_creator'])) {
$sql_clause .= sprintf(' AND (id_usuario = "%s" OR id_creator = "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']);
}
if (!empty($filters['resolution']) && $filters['resolution'] > -1) {
$sql_clause .= sprintf(' AND resolution = %d', $filters['resolution']);
}
if ($filters['id_task'] == 0) {
$sql_clause .= sprintf(' AND id_task = 0');
} else {
if ($filters['id_task'] != -1) {
$sql_clause .= sprintf(' AND id_task = %d', $filters['id_task']);
}
}
//Incident type 0 means all and incident type -1 means without type
if ($filters["id_incident_type"] != -1) {
if ($filters["id_incident_type"]) {
$sql_clause .= sprintf(' AND id_incident_type = %d', $filters['id_incident_type']);
}
$incident_fields = array();
foreach ($filters as $key => $value) {
// If matchs an incident field, ad an element to the array with their real id and its data
if (preg_match("/^type_field_/", $key)) {
$incident_fields[preg_replace("/^type_field_/", "", $key)] = $value;
}
}
foreach ($incident_fields as $id => $data) {
if ($data !== "") {
$sql_clause .= sprintf(' AND id_incidencia = ANY (SELECT id_incident
FROM tincident_field_data
WHERE id_incident_field = "%s"
AND data LIKE "%%%s%%")', $id, $data);
}
}
}
if (!empty($filters['from_date']) && $filters['from_date'] > 0) {
$last_date_seconds = $filters['from_date'] * 24 * 60 * 60;
$filters['first_date'] = date('Y-m-d H:i:s', time() - $last_date_seconds);
$sql_clause .= sprintf(' AND inicio >= "%s"', $filters['first_date']);
$filters['last_date'] = "";
} else {
if (!empty($filters['first_date'])) {
$time = strtotime($filters['first_date']);
//00:00:00 to set date at the beginig of the day
$sql_clause .= sprintf(' AND inicio >= "%s"', date("Y-m-d 00:00:00", $time));
}
if (!empty($filters['last_date'])) {
$time = strtotime($filters['last_date']);
if (!empty($filters['first_date'])) {
//23:59:59 to set date at the end of day
$sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d 23:59:59", $time));
} else {
$time_from = strtotime($filters['first_date']);
if ($time_from < $time) {
$sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d", $time));
}
}
}
}
if (!empty($filters['id_creator'])) {
$sql_clause .= sprintf(' AND id_creator = "%s"', $filters['id_creator']);
}
if (!empty($filters['editor'])) {
$sql_clause .= sprintf(' AND editor = "%s"', $filters['editor']);
}
if (!empty($filters['closed_by'])) {
$sql_clause .= sprintf(' AND closed_by = "%s"', $filters['closed_by']);
}
if (!empty($filters['sla_state'])) {
switch ($filters['sla_state']) {
case 0:
$sla_filter = ' ';
break;
case 1:
$sla_filter = "AND (sla_disabled = 0 AND affected_sla_id <> 0)";
break;
case 2:
$sla_filter = "AND (sla_disabled = 0 AND affected_sla_id = 0)";
break;
}
}
if ($filters['order_by'] && !is_array($filters['order_by'])) {
$order_by_array = json_decode(clean_output($filters["order_by"]), true);
} else {
$order_by_array = $filters['order_by'];
}
//Use config block size if no other was given
if ($limit) {
if (!isset($filters["limit"])) {
$filters["limit"] = $config["block_size"];
}
}
$order_by = "";
if ($order_by_array) {
foreach ($order_by_array as $key => $value) {
if ($value) {
$order_by .= " {$key} {$value}, ";
}
}
}
switch ($mode) {
case 'count':
//Just count items
$sql = sprintf('SELECT COUNT(id_incidencia) FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter);
$count = get_db_value_sql($sql);
if ($count === false) {
return 0;
}
return $count;
break;
case 'tasks':
$sql = sprintf('SELECT id_task FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s
GROUP BY id_task', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter);
$tasks = get_db_all_rows_sql($sql);
if ($tasks === false) {
return false;
}
return $tasks;
break;
case 'tickets':
default:
//Select all items and return all information
$sql = sprintf('SELECT * FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s
ORDER BY %s actualizacion DESC', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter, $order_by);
$incidents = get_db_all_rows_sql($sql);
if ($incidents === false) {
return false;
}
$result = array();
foreach ($incidents as $incident) {
//Check external users ACLs
$external_check = enterprise_hook("manage_external", array($incident));
if ($external_check !== ENTERPRISE_NOT_HOOK && !$external_check) {
continue;
} else {
//Normal ACL pass if IR for this group or if the user is the incident creator
//or if the user is the owner or if the user has workunits
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
if (!$check_acl) {
continue;
}
}
$inventories = get_inventories_in_incident($incident['id_incidencia'], false);
if ($filters['id_inventory']) {
$found = false;
foreach ($inventories as $inventory) {
if ($inventory['id'] == $filters['id_inventory']) {
$found = true;
break;
}
}
if (!$found) {
continue;
}
}
if ($filters['id_company']) {
$found = false;
$user_creator = $incident['id_creator'];
$user_company = get_db_value('id_company', 'tusuario', 'id_usuario', $user_creator);
//If company do no match, dismiss incident
if ($filters['id_company'] != $user_company) {
continue;
}
}
if ($filters['left_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
//If sla do not match, dismiss incident
if ($filters['left_sla'] > $percent_sla_incident) {
continue;
}
}
if ($filters['right_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
//If sla do not match, dismiss incident
if ($filters['right_sla'] < $percent_sla_incident) {
continue;
}
}
array_push($result, $incident);
}
return $result;
break;
}
}
$headers[0]['order'] = 'no_order';
$headers[1]['title'] = _Th('person_input_name');
$headers[1]['order'] = 'order_name';
$headers[1]['default'] = 'ASC';
show_list_start($headers);
// Process the output of the query
for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) {
echo "<tr>";
// Show checkbox
echo "<td width='1%' class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>";
echo "<input type='checkbox' name='clients[]' value='" . $row['id_client'] . "'>";
echo "</td>\n";
// Show client name
echo "<td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>";
echo '<a href="client_det.php?client=' . $row['id_client'] . '" class="content_link">';
echo highlight_matches(clean_output($row['name_first'] . ' ' . $row['name_middle'] . ' ' . $row['name_last']), $find_client_string);
echo "</a>";
echo "</td>\n";
echo "</tr>\n";
}
echo "<tr>\n";
echo '<td colspan="2"><p><a href="edit_client.php?attach_case=' . $case . '" class="create_new_lnk">' . _T('client_button_new_for_case') . '</a></p></td>' . "\n";
echo "</tr>\n";
show_list_end($list_pos, $number_of_rows);
?>
<input type="hidden" name="case" value="<?php
echo $case;
?>
">
<input type="hidden" name="ref_sel_client" value="<?php
<?php
include '../include/header.php';
$title = clean_input($_REQUEST['title']);
$url = clean_input($_REQUEST['url']);
$url = str_replace("chrome://ietab/content/reloaded.html?url=", "", $url);
print "<html><head>";
print "<title>Add a bookmark</title>";
print "<style>.textinput {width: 100%;}</style>";
print "</head><body>";
print "<form action='add2.php' method='post' name='add'>";
print "<table>";
print "<tr><td>Title:</td>";
print "<td class='textinput'><input name='title' type='text' class='textinput' value='";
clean_output($title);
print "' /></td></tr>";
print "<tr><td>URL:</td><td><input name='url' type='text' class='textinput' value='";
clean_output($url);
print "' /></td></tr>";
print "<tr><td>Tags:</td><td><input name='tags' type='text' class='textinput' /></td></tr>";
print "<tr><td colspan='2'><input type='submit' value='OK' /></td></tr></table>";
print "<input name='time' type='hidden' value='" . $time . "' />";
print "<input name='key' type='hidden' value='" . securitycode($time) . "' />";
print "</form>";
print "<script type='text/javascript'>document.forms['add'].elements['tags'].focus();</script>";
footer($deliciousroot, "");
print "</body></html>";
$headers[0]['title'] = "";
$headers[0]['order'] = 'no_order';
$headers[1]['title'] = _Th('org_input_name');
$headers[1]['order'] = 'order_name';
$headers[1]['default'] = 'ASC';
show_list_start($headers);
for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) {
echo "<tr>\n";
// Show checkbox
echo "<td width='1%' class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>";
echo "<input type='checkbox' name='orgs[]' value='" . $row['id_org'] . "'>";
echo "</td>\n";
// Show org name
echo "<td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>";
echo '<a href="org_det.php?org=' . $row['id_org'] . '" class="content_link">';
echo highlight_matches(clean_output($row['name']), $find_org_string);
echo "</a>";
echo "</td>\n";
echo "</tr>\n";
}
echo "<tr>\n";
echo '<td colspan="2"><p><a href="edit_org.php?attach_case=' . $case . '" class="create_new_lnk">' . _T('org_button_new_for_case') . '</a></p></td>' . "\n";
echo "</tr>\n";
show_list_end($list_pos, $number_of_rows);
?>
<input type="hidden" name="case" value="<?php
echo $case;
?>
">
<input type="hidden" name="ref_sel_org" value="<?php
echo "<td valign=top>";
if ($todo['expire']) {
echo __('Yes');
} else {
echo __('No');
}
echo "<td valign=top>";
if ($todo["expire_timestamp"] == "0000-00-00 00:00:00") {
echo __('No expiration date');
} else {
echo $todo["expire_timestamp"];
}
echo '<td align="center" valign=top>';
echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=delete&id=' . $todo["id"] . '" onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;"><img border=0 src="images/cross.png"></a>';
echo "<tr><td colspan=3 style='border-bottom: 1px solid #acacac'>";
echo clean_output($todo["content"]);
}
echo "</table>";
echo '<form method="post" action="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=create">';
echo '<div style="width: 99%; text-align: right;">';
print_submit_button(__('Create'), 'crt', false, 'class="sub create');
echo '</form></div>';
}
// Fin bloque else
?>
<script type="text/javascript" src="include/js/jquery.ui.slider.js"></script>
<script type="text/javascript" src="include/js/jquery.ui.datepicker.js"></script>
<script type="text/javascript" src="include/languages/date_<?php
echo $config['language_code'];
?>
.js"></script>
