Esempio n. 1
0
<?php

$included = isset($_josh);
if (!$included) {
    include '../include.php';
}
$r = false;
if ($posting) {
    langTranslatePost('title,description,publication');
    $id = db_save("press_clips");
    if (getOption('channels')) {
        db_checkboxes('channels', 'press_clips_to_channels', 'clip_id', 'channel_id', $id);
    }
    url_change_post("/press-clips/clip.php?id=" . $id);
} elseif ($included) {
    $action = getString('add_new');
    $_josh["request"]["path_query"] = "edit.php";
    //shoddy way of setting the form target
    $r["url"] = "http://";
} elseif (url_id()) {
    $action = getString('edit');
    echo drawTop();
    $r = db_grab("SELECT id, title, url, publication, pub_date, description, type_id from press_clips WHERE id = " . $_GET["id"]);
    $r["title"] = format_title($r["title"], "US");
} else {
    $action = getString('add_new');
    echo drawTop();
    if (isset($_GET["title"])) {
        $r["title"] = format_title($_GET["title"], "US");
    }
    if (isset($_GET["url"])) {
Esempio n. 2
0
<?php

include "../../include.php";
url_query_require();
if ($posting) {
    $id = db_save("wiki_topics");
    db_checkboxes("tags", "wiki_topics_to_tags", "topicID", "tagID", $id);
    url_change("topic.php?id=" . $id);
}
echo drawTop();
$r = db_grab("SELECT id, title, description, type_id FROM wiki_topics WHERE id = " . $_GET["id"]);
$form = new intranet_form();
if ($page['is_admin']) {
    $form->addUser("created_user", "Posted By", $_SESSION["user_id"], false, true);
}
$form->addRow("itext", "Title", "title", $r["title"], "", true, 255);
$form->addRow("select", "Type", "type_id", "SELECT id, description FROM wiki_topics_types", $r["type_id"], true);
$form->addCheckboxes("tags", "Tags", "wiki_tags", "wiki_topics_to_tags", "topicID", "tagID", $_GET["id"]);
$form->addRow("textarea", "Description", "description", $r["description"], "", true);
$form->addRow("submit", "post wiki topic");
$form->draw("Add a Wiki Topic");
echo drawBottom();
Esempio n. 3
0
<?php

include "include.php";
if ($posting) {
    langTranslatePost('title,description');
    $id = db_save('cal_events');
    if (getOption('channels')) {
        db_checkboxes('channels', 'cal_events_to_channels', 'event_id', 'channel_id', $id);
    }
    url_query_add(array("month" => $_POST['start_dateMonth'], "year" => $_POST['start_dateYear']));
}
if (!isset($_GET['month']) || !isset($_GET['year'])) {
    url_query_add(array("month" => $_josh['month'], "year" => $_josh['year']));
}
echo drawTop();
echo drawNavigationCal($_GET['month'], $_GET['year']);
//get events
$result = db_query('SELECT 
			e.id,
			DAY(e.start_date) startDay,
			e.title' . langExt() . ' title,
			t.color
		FROM cal_events e
		JOIN cal_events_types t ON e.type_id = t.id
	' . getChannelsWhere('cal_events', 'e', 'event_id') . '
			AND 
			MONTH(e.start_date) = ' . $_GET['month'] . ' AND
			YEAR(e.start_date) = ' . $_GET['year']);
while ($r = db_fetch($result)) {
    $events[$r['startDay']][$r['id']]['title'] = $r['title'];
    $events[$r['startDay']][$r['id']]['color'] = $r['color'];
Esempio n. 4
0
<?php

include '../include.php';
if ($posting) {
    error_debug('user is posting', __FILE__, __LINE__);
    if ($uploading) {
        list($_POST['content'], $_POST['type_id']) = file_get_uploaded('content', 'docs_types');
    }
    langTranslatePost('title,description');
    $id = db_save('docs');
    //debug();
    db_checkboxes('categories', 'docs_to_categories', 'documentID', 'categoryID', $id);
    if (getOption('channels')) {
        db_checkboxes('channels', 'docs_to_channels', 'doc_id', 'channel_id', $id);
    }
    url_change('info.php?id=' . $id);
}
if (url_id()) {
    $d = db_grab('SELECT title, description FROM docs WHERE id = ' . $_GET['id']);
    $pageAction = getString('edit');
} else {
    $pageAction = getString('add_new');
}
echo drawTop();
//load code for JS
$extensions = array();
$doctypes = array();
$types = db_query('SELECT description, extension FROM docs_types ORDER BY description');
while ($t = db_fetch($types)) {
    $extensions[] = '(extension != "' . $t['extension'] . '")';
    $doctypes[] = ' - ' . $t['description'] . ' (.' . $t['extension'] . ')';
Esempio n. 5
0
<?php

include '../../include.php';
if ($posting) {
    if ($_GET['doc_id'] == 'new') {
        $_GET['doc_id'] = false;
    }
    if ($uploading) {
        $_POST['extension'] = file_type($_FILES['content']['name']);
        $_POST['content'] = file_get_uploaded('content');
    }
    $id = db_save('dl_docs', @$_GET['doc_id']);
    db_checkboxes('categories', 'dl_docs_to_categories', 'doc_id', 'category_id', $id);
    url_drop('id');
} elseif (url_action('delete')) {
    db_delete('dl_docs');
    url_drop('id,action');
}
echo drawTop();
if (!empty($_GET['doc_id'])) {
    if ($_GET['doc_id'] == 'new') {
        $_GET['doc_id'] = false;
    }
    $f = new form('dl_docs', @$_GET['doc_id'], ($_GET['doc_id'] ? 'Edit' : 'Add') . ' Document');
    $f->set_title_prefix($page['breadcrumbs']);
    $f->set_field(array('name' => 'title', 'label' => getString('title'), 'type' => 'text'));
    $f->unset_fields('extension');
    $f->set_field(array('name' => 'content', 'label' => getString('file'), 'type' => 'file', 'additional' => getString('upload_max') . file_get_max()));
    $f->set_field(array('name' => 'categories', 'label' => getString('categories'), 'type' => 'checkboxes', 'options_table' => 'dl_categories', 'option_title' => 'title', 'linking_table' => 'dl_docs_to_categories', 'object_id' => 'doc_id', 'option_id' => 'category_id'));
    echo $f->draw();
} else {
Esempio n. 6
0
if (isset($_josh)) {
    //included
    $_josh["request"]["path_query"] = "/news/edit.php";
} else {
    //page loaded on its own
    include "../../include.php";
    if ($posting) {
        if (isset($_FILES["content"]["name"]) && !empty($_FILES["content"]["name"])) {
            list($_POST["content"], $_POST["fileTypeID"]) = file_get_uploaded("content", "docs_types");
        }
        if (isset($_FILES["image"]["name"]) && !empty($_FILES["image"]["name"])) {
            list($_POST["image"], $_POST["imageTypeID"]) = file_get_uploaded("image", "docs_types");
            //die($_POST["image"]);
        }
        $id = db_save("news_stories");
        db_checkboxes("corporationID", "news_stories_to_organizations", "newsID", "organizationID", $id);
        url_change("./?id=" . $id);
    }
    echo drawTop();
    $r = db_grab("SELECT \n\t\tn.headline,\n\t\tn.outlet,\n\t\tn.pubdate,\n\t\tn.url,\n\t\tn.description\n\t\tFROM news_stories n\n\t\tWHERE id = " . $_GET["id"]);
}
$form = new intranet_form();
$form->addCheckboxes("corporationID", "Organization", "organizations", "news_stories_to_organizations", "newsID", "organizationID", @$_GET["id"]);
$form->addRow("itext", "Headline", "headline", @$r["headline"], "", true, 255);
$form->addRow("itext", "News Outlet", "outlet", @$r["outlet"], "", true, 255);
$form->addRow("date", "Date", "pubdate", @$r["pubdate"], "", true);
$form->addRow("file", "Image<br>(optional)", "image", "", "", false);
$form->addRow("file", "File<br>(optional)", "content", "", "", true);
$form->addRow("itext", "URL<br>(optional)", "url", @$r["url"], "", false, 255);
$form->addRow("textarea-plain", "Description<br>(optional)", "description", @$r["description"]);
$form->addRow("submit", "Save Changes");
Esempio n. 7
0
<?php

include 'include.php';
if ($posting) {
    error_debug('handling bb post', __FILE__, __LINE__);
    format_post_bits('is_admin');
    langTranslatePost('title,description');
    $id = db_save('bb_topics');
    db_query('UPDATE bb_topics SET thread_date = GETDATE(), replies = (SELECT COUNT(*) FROM bb_followups WHERE topic_id = ' . $id . ') WHERE id = ' . $id);
    if (getOption('channels')) {
        db_checkboxes('channels', 'bb_topics_to_channels', 'topic_id', 'channel_id', $id);
    }
    //notification
    if ($_POST['is_admin'] == '1') {
        //get addresses of everyone & send with message
        emailUser(db_array('SELECT email FROM users WHERE is_active = 1'), $_POST['title'], drawEmail(bbDrawTopic($id, true)));
    } elseif (getOption('bb_notifypost') && getOption('channels') && getOption('languages')) {
        //get addresses of everyone with indicated interests and send
        $channels = array_post_checkboxes('channels');
        $languages = db_table('SELECT id, code FROM languages');
        foreach ($languages as $l) {
            $addresses = db_array('SELECT DISTINCT u.email FROM users u JOIN users_to_channels_prefs u2cp ON u.id = u2cp.user_id WHERE u.is_active = 1 AND u.language_id = ' . $l['id'] . ' AND u2cp.channel_id IN (' . implode(',', $channels) . ')');
            $topic = db_grab('SELECT 
						ISNULL(u.nickname, u.firstname) firstname, 
						u.lastname, 
						t.title' . langExt($l['code']) . ' title, 
						t.description' . langExt($l['code']) . ' description, 
						y.title' . langExt($l['code']) . ' type,
						t.created_date
					FROM bb_topics t
					LEFT JOIN bb_topics_types y ON t.type_id = y.id
Esempio n. 8
0
<?php

$included = isset($_josh);
if (!$included) {
    include '../include.php';
}
$r = array();
if ($posting) {
    langTranslatePost('title,description');
    $id = db_save('external_orgs');
    db_checkboxes('types', 'external_orgs_to_types', 'org_id', 'type_id', $id);
    if (getOption('channels')) {
        db_checkboxes('channels', 'external_orgs_to_channels', 'org_id', 'channel_id', $id);
    }
    url_change_post('./type.php?id=' . db_grab('SELECT type_id FROM external_orgs_to_types WHERE org_id = ' . $id));
    //pure hackery
} elseif ($included) {
    $title = getString('add_new');
    $_josh['referrer'] = false;
    $_josh['request']['path_query'] = 'edit.php';
    //shoddy way of setting the form target
    $r['url'] = 'http://';
} else {
    url_query_require();
    echo drawTop();
    $title = $page['title'];
    $r = db_grab('SELECT id, title, url, description from external_orgs WHERE id = ' . $_GET['id']);
}
if ($included) {
    $_GET['id'] = false;
}
Esempio n. 9
0
     $email_address = $_POST["email"];
     //db_enter is going to mess it up; i should fix that!
     $id = db_enter("intranet_users", "firstname nickname lastname title email rankID *startDate *endDate #corporationID #departmentID #officeID phone bio homeAddress1 homeAddress2 homeCity homeStateID homeZIP homePhone homeCell homeEmail emerCont1Name emerCont1Relationship emerCont1Phone emerCont1Cell emerCont1Email emerCont2Name emerCont2Relationship emerCont2Phone emerCont2Cell emerCont2Email", "userID");
     //if new user, reset password, delete request, and send invite
     if (!isset($_GET["id"])) {
         db_query("UPDATE intranet_users SET password = PWDENCRYPT('') WHERE userID = " . $id);
         if (isset($_GET["requestID"])) {
             db_query("DELETE FROM users_requests WHERE id = " . $_GET["requestID"]);
         }
         //send invitation
         $name = str_replace("'", "", $_POST["nickname"] == "NULL" ? $_POST["firstname"] : $_POST["nickname"]);
         email_invite($id, $email_address, $name);
     }
     //update permissions
     db_checkboxes("permissions", "administrators", "userID", "moduleID", $id);
     db_checkboxes("skills", "users_to_skills", "user_id", "skill_id", $id);
     //check long distance code
     if ($locale == "/_seedco/" && $_POST["officeID"] == "1") {
         if (!db_grab("SELECT longdistancecode FROM intranet_users WHERE userID = " . $id)) {
             $code = db_grab("SELECT code FROM ldcodes WHERE code NOT IN ( SELECT longdistancecode FROM intranet_users WHERE isActive = 1 AND longdistancecode IS NOT NULL)");
             db_query("UPDATE intranet_users SET longDistanceCode = {$code} WHERE userID = " . $id);
         }
     }
 } else {
     $id = db_enter("intranet_users", "firstname nickname lastname email title #corporationID departmentID officeID phone bio homeAddress1 homeAddress2 homeCity homeStateID homeZIP homePhone homeCell homeEmail emerCont1Name emerCont1Relationship emerCont1Phone emerCont1Cell emerCont1Email emerCont2Name emerCont2Relationship emerCont2Phone emerCont2Cell emerCont2Email", "userID");
 }
 //upload new staff image
 if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') {
     define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']);
     define('DIRECTORY_WRITE', '/uploads');
     $image = format_image($_FILES["userfile"]["tmp_name"], 'jpg');
Esempio n. 10
0
     if ($_POST['officeID'] == 1) {
         if (!url_id() || !db_grab('SELECT longDistanceCode FROM users WHERE id = ' . url_id())) {
             //user doesn't have a long distance code but needs one
             if (!($code = db_grab('SELECT l.code FROM ldcodes l WHERE (SELECT COUNT(*) FROM users u WHERE u.longDistanceCode = l.code AND u.is_active = 1) = 0'))) {
                 error_hande('out of codes', 'the intranet is out of long distance codes to assign to new users, such as for ' . $_POST['firstname'] . ' ' . $_POST['lastname']);
             } else {
                 $_POST['longDistanceCode'] = $code;
             }
         }
     }
 }
 $id = db_save('users');
 if (getOption('channels')) {
     db_checkboxes('channels', 'users_to_channels', 'user_id', 'channel_id', $id);
     if (admin() || url_id() == user()) {
         db_checkboxes('email_prefs', 'users_to_channels_prefs', 'user_id', 'channel_id', $id);
     }
 }
 if ($_SESSION['is_admin']) {
     if (!empty($_POST['is_admin'])) {
         //is admin, so delete permissions
         db_query('DELETE FROM users_to_modules WHERE user_id = ' . $id);
         db_query('DELETE FROM users_to_modulettes WHERE user_id = ' . $id);
     } else {
         //handle permissions updates
         db_query('UPDATE users_to_modules SET is_admin = 0 WHERE user_id = ' . $id);
         $modules = array_checkboxes('modules');
         foreach ($modules as $m) {
             if (db_grab('SELECT COUNT(*) FROM users_to_modules WHERE user_id = ' . $id . ' AND module_id = ' . $m)) {
                 db_query('UPDATE users_to_modules SET is_admin = 1 WHERE user_id = ' . $id . ' AND module_id = ' . $m);
             } else {