$siteid = cleanvar($_REQUEST['siteid']);
// Show add maintenance form
if ($action == "showform" or $action == '') {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo show_form_errors('add_contract');
clear_form_errors('add_contract');
echo "<h2>" . icon('contract', 32) . " ";
echo "{$strAddContract}</h2>";
echo "<form id='add_contract' name='add_contract' action='{$_SERVER['PHP_SELF']}?action=add' method='post' onsubmit='return confirm_action(\"{$strAreYouSureAdd}\");'>";
echo "<table align='center' class='vertical'>";
echo "<thead>";
echo "<tr><th>{$strSite}</th><td>";
if ($_SESSION['formdata']['add_contract']['site'] != '') {
echo site_drop_down("site", $_SESSION['formdata']['add_contract']['site'], TRUE);
} else {
echo site_drop_down("site", $siteid, TRUE);
}
echo " <span class='required'>{$strRequired}</span></td></tr>\n";
echo "<tr><th>{$strContacts}</th><td>";
echo "<input value='amount' type='radio' name='contacts' checked='checked' />";
echo "{$strLimitTo} <input size='2' name='numcontacts' ";
if ($_SESSION['formdata']['add_contract']['numcontacts'] != '') {
echo "value='{$_SESSION['formdata']['add_contract']['numcontacts']}'";
} else {
echo "value='0'";
}
echo " /> {$strSupportedContacts} ({$str0MeansUnlimited})<br />";
echo "<input type='radio' value='all' name='contacts' />";
echo "{$strAllSiteContactsSupported}";
echo "</td></tr>\n";
echo "<tr><th>{$strProduct} <sup class='red'>*</sup></th><td>";
echo "<h2>" . icon('add', 32) . " {$strAdd}</h2>";
$url = "{$_SERVER['PHP_SELF']}?action=new";
if (!empty($_GET['site'])) {
$siteid = intval($_GET['site']);
$url = $url . "&site={$siteid}";
}
echo "<form action='{$url}' method='post'>";
echo "<table class='vertical' align='center'>";
echo "<tr><th>{$strName}</th>";
echo "<td><input class='required' name='name' value='{$row->name}' />";
echo "<span class='required'>{$strRequired}</span></td></tr>";
echo "<tr><th>{$strType}</th>";
echo "<td>" . array_drop_down($CONFIG['inventory_types'], 'type', $row->type, '', TRUE) . "</td></tr>";
if (!intval($siteid)) {
echo "<tr><th>{$strSite}</th><td>";
echo site_drop_down('site', 0, TRUE);
echo " <span class='required'>{$strRequired}</td>";
echo "<tr><th>{$strOwner}</th><td>";
echo contact_site_drop_down('owner', '');
echo "</td></tr>";
} else {
echo "<input type='hidden' id='site' name='site' value='{$siteid}' />";
echo "<tr><th>{$strOwner}</th><td>";
echo contact_site_drop_down('owner', $row->contactid, $siteid, NULL, FALSE);
echo "</td></tr>";
}
echo "<tr><th>{$strID} " . help_link('InventoryID') . "</th>";
echo "<td><input name='identifier' value='{$row->identifier}' /></td></tr>";
echo "<tr><th>{$strAddress}</th>";
echo "<td><input name='address' value='{$row->address}' /></td></tr>";
echo "<tr><th>{$strUsername}</th>";
}
$row = mysql_fetch_object($result);
if ($row->privacy == 'private' and $sit[2] != $row->createdby or $row->privacy == 'adminonly' and !user_permission($sit[2], 22)) {
html_redirect('inventory.php', FALSE);
exit;
}
echo "<h2>" . icon('edit', 32) . " {$strEdit}</h2>";
echo "<form action='{$_SERVER['PHP_SELF']}?id={$id}' method='post'>";
echo "<table class='vertical' align='center'>";
echo "<tr><th>{$strName}</th>";
echo "<td><input class='required' name='name' value='{$row->name}' />";
echo "<span class='required'>{$strRequired}</span></td></tr>";
echo "<tr><th>{$strType}</th>";
echo "<td>" . array_drop_down($CONFIG['inventory_types'], 'type', $row->type, '', TRUE) . "</td></tr>";
echo "<tr><th>{$strSite}</th><td>";
echo site_drop_down('site', $row->siteid, TRUE);
echo " <span class='required'>{$strRequired}</td>";
echo "<tr><th>{$strOwner}</th><td>";
echo contact_site_drop_down('owner', '');
echo "</td></tr>";
echo "<tr><th>{$strID} " . help_link('InventoryID') . "</th>";
echo "<td><input name='identifier' value='{$row->identifier}' /></td></tr>";
echo "<tr><th>{$strAddress}</th>";
echo "<td><input name='address' value='{$row->address}' /></td></tr>";
if (!is_numeric($id) or ($row->privacy == 'adminonly' and user_permission($sit[2], 22) or $row->privacy == 'private' and $row->createdby == $sit[2] or $row->privacy == 'none')) {
echo "<tr><th>{$strUsername}</th>";
echo "<td><input name='username' value='{$row->username}' /></td></tr>";
echo "<tr><th>{$strPassword}</th>";
echo "<td><input name='password' value='{$row->password}' /></td></tr>";
}
echo "<tr><th>{$strNotes}</th>";
}
// Look for associated maintenance contracts
$sql = "SELECT COUNT(id) FROM `{$dbMaintenance}` WHERE site='{$id}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
list($numcontracts) = mysql_fetch_row($result);
if ($numcontracts > 0) {
echo "<p align='center' class='warning'>" . sprintf($strNumContractsAssignedToSite, $numcontracts) . "</p>";
}
if ($numcontacts > 0 or $numcontracts > 0) {
echo "<p align='center'>{$strInOrderToDelete}</p>";
echo "<form action='{$_SERVER['PHP_SELF']}?action=delete' method='post'>";
echo "<table align='center'>";
echo "<tr><th>{$strSite}:</th><td>" . site_drop_down('destinationid', 0) . "</td></tr>";
echo "</table>";
echo "<input type='hidden' name='id' value='{$id}' />";
echo "<p><input name='submit' type='submit' value='{$strDelete}' /></p>";
echo "</form>";
} else {
$sql = "DELETE FROM `{$dbSites}` WHERE id='{$id}' LIMIT 1";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_ERROR);
} else {
// FIXME html headers need sorting here, we don't want the header before we do this
html_redirect("sites.php?search_string=A");
}
}
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
function dashboard_watch_incidents_edit($dashletid)
{
global $CONFIG, $sit;
$editaction = $_REQUEST['editaction'];
switch ($editaction) {
case 'add':
$type = $_REQUEST['type'];
echo "<h2>{$GLOBALS['strWatchAddSet']}</h2>";
echo "<form id='dwiaddform' action='{$_SERVER['PHP_SELF']}?action=do_add&type={$type}' method='post' onsubmit='return false'>";
echo "<table class='vertical'>";
echo "<tr><td>";
switch ($type) {
case '0':
//site
echo "{$GLOBALS['strSite']}: ";
echo site_drop_down('id', '');
break;
case '1':
//contact
echo "{$GLOBALS['strContact']}: ";
echo contact_drop_down('id', '');
break;
case '2':
//engineer
echo "{$GLOBALS['strEngineer']}: ";
echo user_drop_down('id', '', FALSE);
break;
case '3':
//Incident
echo "{$GLOBALS['strIncident']}:";
echo "<input class='textbox' name='id' size='30' />";
break;
}
echo "</td><tr>";
echo "</table>";
echo "<p align='center'>";
echo dashlet_link('watch_incidents', $dashletid, $GLOBALS['strAdd'], 'save', array('editaction' => 'do_add', 'type' => $type), false, 'dwiaddform');
echo "</p>";
break;
case 'do_add':
$id = $_REQUEST['id'];
$type = $_REQUEST['type'];
$sql = "INSERT INTO `{$CONFIG['db_tableprefix']}dashboard_watch_incidents` VALUES ({$sit[2]},'{$type}','{$id}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!$result) {
echo "<p class='error'>{$GLOBALS['strWatchAddFailed']}</p>";
} else {
echo "<p>{$GLOBALS['strAddedSuccessfully']}</p>";
echo dashlet_link('watch_incidents', $dashletid, $GLOBALS['strBackToList'], '', '', TRUE);
}
break;
case 'delete':
$id = $_REQUEST['id'];
$type = $_REQUEST['type'];
$sql = "DELETE FROM `{$CONFIG['db_tableprefix']}dashboard_watch_incidents` WHERE id = '{$id}' AND userid = {$sit[2]} AND type = '{$type}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!$result) {
echo "<p class='error'>{$GLOBALS['strWatchDeleteFailed']}</p>";
} else {
echo "<p>{$GLOBALS['strSuccess']}</p>";
echo dashlet_link('watch_incidents', $dashletid, $GLOBALS['strBackToList'], '', '', TRUE);
}
break;
default:
echo "<h3>{$GLOBALS['strEditWatchedIncidents']}</h3>";
echo "<table align='center'>";
for ($i = 0; $i < 4; $i++) {
$sql = "SELECT * FROM `{$CONFIG['db_tableprefix']}dashboard_watch_incidents` WHERE userid = {$sit[2]} AND type = {$i}";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
echo "<tr><td align='left'><strong>";
switch ($i) {
case 0:
echo $GLOBALS['strSites'];
break;
case 1:
echo $GLOBALS['strContacts'];
break;
case 2:
echo $GLOBALS['strEngineers'];
break;
case 3:
echo $GLOBALS['strIncidents'];
break;
}
echo "</strong></td><td align='right'>";
switch ($i) {
case 0:
$linktext = $GLOBALS['strAddSite'];
break;
case 1:
$linktext = $GLOBALS['strAddContact'];
break;
case 2:
$linktext = $GLOBALS['strAddUser'];
break;
case 3:
$linktext = $GLOBALS['strAddIncident'];
break;
}
echo dashlet_link('watch_incidents', $dashletid, $linktext, 'edit', array('editaction' => 'add', 'type' => $i));
echo "</td></tr>";
if (mysql_num_rows($result) > 0) {
$shade = 'shade1';
while ($obj = mysql_fetch_object($result)) {
$name = '';
switch ($obj->type) {
case 0:
//site
$sql = "SELECT name FROM `{$GLOBALS['dbSites']}` WHERE id = {$obj->id}";
$iresult = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$iobj = mysql_fetch_object($iresult);
$name = $iobj->name;
break;
case 1:
//contact
$sql = "SELECT forenames, surname FROM `{$GLOBALS['dbContacts']}` WHERE id = {$obj->id}";
$iresult = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$iobj = mysql_fetch_object($iresult);
$name = $iobj->forenames . ' ' . $iobj->surname;
break;
case 2:
//Engineer
$sql = "SELECT realname FROM `{$GLOBALS['dbUsers']}` WHERE id = {$obj->id}";
$iresult = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$iobj = mysql_fetch_object($iresult);
$name = $iobj->realname;
break;
case 3:
//Incident
$sql = "SELECT title FROM `{$GLOBALS['dbIncidents']}` WHERE id = {$obj->id}";
$iresult = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$iobj = mysql_fetch_object($iresult);
$name = "<a href=\"javascript:incident_details_window('{$obj->id}','incident{$obj->id}')\" class='info'>[{$obj->id}] {$iobj->title}</a>";
break;
}
echo "<tr class='{$shade}'><td>{$name}</td><td>";
echo dashlet_link('watch_incidents', $dashletid, $GLOBALS['strRemove'], 'edit', array('editaction' => 'delete', 'id' => $obj->id, 'type' => $i));
if ($shade == 'shade1') {
$shade = 'shade2';
} else {
$shade = 'shade1';
}
}
} else {
echo "<tr><td colspan='2'>{$GLOBALS['strNoIncidentsBeingWatchOfType']}</td></tr>";
}
}
echo "</table>";
break;
}
return $html;
}
/**
* HTML for a config variable input box
* @author Ivan Lucas
* @param string $setupvar The setup variable key name
* @param bool $showvarnames Whether to display the config variable name
* @returns string HTML
*/
function cfgVarInput($setupvar, $showvarnames = FALSE)
{
global $CONFIG, $CFGVAR;
if ($CFGVAR[$setupvar]['type'] == 'languageselect' or $CFGVAR[$setupvar]['type'] == 'languagemultiselect') {
$available_languages = available_languages();
}
$html .= "<div class='configvar'>";
if ($CFGVAR[$setupvar]['title'] != '') {
$title = $CFGVAR[$setupvar]['title'];
} else {
$title = $setupvar;
}
$html .= "<h4>{$title}</h4>";
if ($CFGVAR[$setupvar]['help'] != '') {
$html .= "<p class='helptip'>{$CFGVAR[$setupvar]['help']}</p>\n";
}
$value = '';
if (!$cfg_file_exists or $cfg_file_exists and $cfg_file_writable) {
$value = $CONFIG[$setupvar];
if (is_bool($value)) {
if ($value == TRUE) {
$value = 'TRUE';
} else {
$value = 'FALSE';
}
} elseif (is_array($value)) {
if (is_assoc($value)) {
$value = "array(" . implode_assoc('=>', ',', $value) . ")";
} else {
$value = "array(" . implode(',', $value) . ")";
}
}
if ($setupvar == 'db_password' and $_REQUEST['action'] != 'reconfigure') {
$value = '';
}
}
$value = stripslashes($value);
switch ($CFGVAR[$setupvar]['type']) {
case 'select':
$html .= "<select name='{$setupvar}' id='{$setupvar}'>";
if (empty($CFGVAR[$setupvar]['options'])) {
$CFGVAR[$setupvar]['options'] = "TRUE|FALSE";
}
$options = explode('|', $CFGVAR[$setupvar]['options']);
foreach ($options as $option) {
$html .= "<option value=\"{$option}\"";
if ($option == $value) {
$html .= " selected='selected'";
}
$html .= ">{$option}</option>\n";
}
$html .= "</select>";
break;
case 'percent':
$html .= "<select name='{$setupvar}' id='{$setupvar}'>";
for ($i = 0; $i <= 100; $i++) {
$html .= "<option value=\"{$i}\"";
if ($i == $value) {
$html .= " selected='selected'";
}
$html .= ">{$i}</option>\n";
}
$html .= "</select>%";
break;
case 'interfacestyleselect':
$html .= interfacestyle_drop_down($setupvar, $value);
break;
case 'languageselect':
if (empty($value)) {
$value = $_SESSION['lang'];
}
$html .= array_drop_down($available_languages, $setupvar, $value, '', TRUE);
break;
case 'languagemultiselect':
if (empty($value)) {
foreach ($available_languages as $code => $lang) {
$value[] = $code;
}
$checked = TRUE;
} else {
$checked = FALSE;
$replace = array('array(', ')', "'");
$value = str_replace($replace, '', $value);
$value = explode(',', $value);
}
$html .= array_drop_down($available_languages, $setupvar, $value, '', TRUE, TRUE);
$attributes = "onchange=\"toggle_multiselect('{$setupvar}[]')\"";
$html .= "<label>" . html_checkbox($setupvar . 'checkbox', $checked, "");
$html .= $GLOBALS['strAll'] . "</label>";
break;
case 'slaselect':
$html .= serviceleveltag_drop_down($setupvar, $value, TRUE);
break;
case 'userselect':
$html .= user_drop_down($setupvar, $value, FALSE, FALSE, '', TRUE);
break;
case 'siteselect':
$html .= site_drop_down($setupvar, $value, FALSE);
break;
case 'userstatusselect':
$html .= userstatus_drop_down($setupvar, $value);
break;
case 'roleselect':
$html .= role_drop_down($setupvar, $value);
break;
case 'number':
$html .= "<input type='text' name='{$setupvar}' id='{$setupvar}' size='7' value=\"{$value}\" />";
break;
case '1darray':
$replace = array('array(', ')', "'");
$value = str_replace($replace, '', $value);
$html .= "<input type='text' name='{$setupvar}' id='{$setupvar}' size='60' value=\"{$value}\" />";
break;
case '2darray':
$replace = array('array(', ')', "'", '\\r', '\\n');
$value = str_replace($replace, '', $value);
$value = str_replace(',', "\n", $value);
$html .= "<textarea name='{$setupvar}' id='{$setupvar}' cols='60' rows='10'>{$value}</textarea>";
break;
case 'password':
$html .= "<input type='password' id='cfg{$setupvar}' name='{$setupvar}' size='16' value=\"{$value}\" /> " . password_reveal_link("cfg{$setupvar}");
break;
case 'ldappassword':
$html .= "<input type='password' id='cfg{$setupvar}' name='{$setupvar}' size='16' value=\"{$value}\" /> " . password_reveal_link("cfg{$setupvar}");
$html .= " <a href='javascript:void(0);' onclick=\"checkLDAPDetails('status{$setupvar}');\">{$GLOBALS['strCheckLDAPDetails']}</a>";
break;
case 'text':
default:
if (strlen($CONFIG[$setupvar]) < 65) {
$html .= "<input type='text' name='{$setupvar}' id='{$setupvar}' size='60' value=\"{$value}\" />";
} else {
$html .= "<textarea name='{$setupvar}' id='{$setupvar}' cols='60' rows='10'>{$value}</textarea>";
}
}
if (!empty($CFGVAR[$setupvar]['unit'])) {
$html .= " {$CFGVAR[$setupvar]['unit']}";
}
if (!empty($CFGVAR[$setupvar]['helplink'])) {
$html .= ' ' . help_link($CFGVAR[$setupvar]['helplink']);
}
if ($setupvar == 'db_password' and $_REQUEST['action'] != 'reconfigure' and $value != '') {
$html .= "<p class='info'>The current password setting is not shown</p>";
}
if ($showvarnames) {
$html .= "<br />(<var>\$CONFIG['{$setupvar}']</var>)";
}
if ($CFGVAR[$setupvar]['statusfield'] == 'TRUE') {
$html .= "<div id='status{$setupvar}'></div>";
}
$html .= "</div>";
$html .= "<br />\n";
if ($c == 1) {
$c == 2;
} else {
$c = 1;
}
return $html;
}
// Edit existing site details
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
// This page requires authentication
require APPLICATION_LIBPATH . 'auth.inc.php';
// External variables
$action = $_REQUEST['action'];
$site = cleanvar($_REQUEST['site']);
$title = $strEditSite;
include APPLICATION_INCPATH . 'htmlheader.inc.php';
// Show select site form
if (empty($action) or $action == "showform" or empty($site)) {
echo "<h3>{$title}</h3>";
echo "<form action='{$_SERVER['PHP_SELF']}?action=edit' method='post'>";
echo "<table class='vertical'>";
echo "<tr><th>{$strSite}:</th><td>" . site_drop_down("site", 0) . "</td></tr>\n";
echo "</table>\n";
echo "<p><input name='submit' type='submit' value=\"{$strContinue}\" /></p>\n";
echo "</form>\n";
} elseif ($action == "edit") {
if ($site == 0) {
user_alert(sprintf($strFieldMustNotBeBlank, "'{$strSite}'"), E_USER_ERROR);
} else {
// Show edit site form
echo show_edit_site($site);
}
} elseif ($action == "update") {
// External Variables
$incident_pools = explode(',', "0,{$CONFIG['incident_pools']}");
$incident_quantity = $incident_pools[$_POST['incident_poolid']];
$name = cleanvar($_POST['name']);
echo "<form name='contactform' action='{$_SERVER['PHP_SELF']}?action=update' method='post' onsubmit='return confirm_action(\"{$strAreYouSureMakeTheseChanges}\");'>";
echo "<p align='center'>" . sprintf($strMandatoryMarked, "<sup class='red'>*</sup>") . "</p>";
echo "<table align='center' class='vertical'>";
echo "<tr><th>{$strName}: <sup class='red'>*</sup><br />{$strTitle}, {$strForenames}, {$strSurname}</th>";
echo "<td><input maxlength='50' name='courtesytitle' title='Courtesy Title (Mr, Mrs, Miss, Dr. etc.)' size='7' value='{$contactrow['courtesytitle']}' />\n";
// i18n courtesy title
echo "<input maxlength='100' name='forenames' size='15' title='Firstnames (or initials)' value='{$contactrow['forenames']}' />\n";
echo "<input maxlength='100' name='surname' size='20' title='{$strSurname}' value='{$contactrow['surname']}' />";
echo "</td></tr>\n";
echo "<tr><th>{$strTags}:</th><td><textarea rows='2' cols='60' name='tags'>";
echo list_tags($contact, TAG_CONTACT, false) . "</textarea></td></tr>\n";
echo "<tr><th>{$strJobTitle}:</th><td>";
echo "<input maxlength='255' name='jobtitle' size='40' value=\"{$contactrow['jobtitle']}\" />";
echo "</td></tr>\n";
echo "<tr><th>{$strSite}: <sup class='red'>*</sup></th><td>";
echo site_drop_down('siteid', $contactrow['siteid']) . "</td></tr>\n";
echo "<tr><th>{$strDepartment}:</th><td>";
echo "<input maxlength='100' name='department' size='40' value='{$contactrow['department']}' />";
echo "</td></tr>\n";
echo "<tr><th>{$strEmail}: <sup class='red'>*</sup></th><td>";
echo "<input maxlength='100' name='email' size='40' value='{$contactrow['email']}' />";
echo "<label>";
echo html_checkbox('dataprotection_email', $contactrow['dataprotection_email']);
echo "{$strEmail} {$strDataProtection}</label>";
echo "</td></tr>\n";
echo "<tr><th>{$strTelephone}:</th><td>";
echo "<input maxlength='50' name='phone' size='40' value='{$contactrow['phone']}' />";
echo "<label>";
echo html_checkbox('dataprotection_phone', $contactrow['dataprotection_phone']);
echo "{$strTelephone} {$strDataProtection}</label>";
echo "</td></tr>\n";