function drawDeleteLink($prompt = "Are you sure?", $id = false, $action = "delete", $index = "id")
{
global $_GET;
if (!$id && isset($_GET[$index])) {
$id = $_GET[$index];
}
$prompt = "'" . str_replace("'", '"', $prompt) . "'";
return "javascript:url_prompt('" . url_query_add(array("action" => $action, $index => $id), false) . "', " . $prompt . ");";
}
function url_action_add($action = false, $go = false)
{
return url_query_add(array("action" => $action), $go);
}
<th class='delete'></th>
</tr>
</thead>
<tbody>
<?php
$intranet_offices = db_query('SELECT id, name, address FROM intranet_offices ORDER BY precedence');
if ($max = db_found($intranet_offices)) {
while ($l = db_fetch($intranet_offices)) {
?>
<tr id='<?php
echo $l['id'];
?>
'>
<td class='reorder'><i class='glyphicon glyphicon-menu-hamburger'></i></td>
<td><a href="<?php
echo url_query_add(array('id' => $l['id']), false);
?>
"><?php
echo $l['name'];
?>
</a></td>
<td><?php
echo nl2br($l['address']);
?>
</td>
<?php
echo deleteColumn('Are you sure?', $l['id']);
?>
</tr>
<?php
}
$f->unset_fields('extension');
$f->set_field(array('name' => 'content', 'label' => getString('file'), 'type' => 'file', 'additional' => getString('upload_max') . file_get_max()));
$f->set_field(array('name' => 'categories', 'label' => getString('categories'), 'type' => 'checkboxes', 'options_table' => 'dl_categories', 'option_title' => 'title', 'linking_table' => 'dl_docs_to_categories', 'object_id' => 'doc_id', 'option_id' => 'category_id'));
echo $f->draw();
} else {
$result = db_table('SELECT
d.id,
d.title,
' . db_updated('d') . ',
d.extension,
c.title "group"
FROM dl_docs d
JOIN dl_docs_to_categories d2c ON d.id = d2c.doc_id
JOIN dl_categories c ON d2c.category_id = c.id
ORDER BY c.precedence, d.title;');
$links = $page['is_admin'] ? array(url_query_add(array('doc_id' => 'new'), false) => getString('add_new')) : false;
$t = new table('dl_docs', drawHeader($links));
$t->set_column('icon', 'd', ' ');
$t->set_column('title', 'l', getString('title'));
$t->set_column('updated', 'r', getString('updated'));
foreach ($result as &$r) {
$link = 'info.php?id=' . $r['id'];
$r['icon'] = file_icon($r['extension'], $link);
$r['title'] = draw_link($link, $r['title']);
if (getOption('languages')) {
$r['title'] .= ' (' . $r['language'] . ')';
}
$r['updated'] = format_date($r['updated']);
}
echo $t->draw($result, getString('documents_empty'));
}
<?php
include 'include.php';
if (!url_id()) {
url_query_add(array('id' => 1));
}
drawTop();
$locations = db_query("SELECT \n\t\to.id, \n\t\to.name\n\tFROM intranet_offices o \n\tORDER BY (SELECT COUNT(*) FROM intranet_users u WHERE u.officeID = o.id) DESC");
if (db_found($locations)) {
$pages = array();
while ($l = db_fetch($locations)) {
$pages["/staff/locations.php?id=" . $l["id"]] = $l["name"];
}
echo drawNavigationRow($pages, $location, true);
}
if ($_GET["id"] == "other") {
echo drawStaffList("u.isactive = 1 AND u.officeID <> 1 AND u.officeID <> 6 AND u.officeID <> 11 AND u.officeID <> 9");
} else {
$l = db_grab('SELECT name, address FROM intranet_offices WHERE id = ' . $_GET['id']);
if (!empty($l['address'])) {
echo drawServerMessage('<center><strong>' . $l['name'] . ' Office</strong><br>' . nl2br($l['address']) . '</center>');
}
echo drawStaffList("u.isactive = 1 and u.officeID = " . $_GET["id"]);
}
drawBottom();
if (url_action("delete")) {
db_query("UPDATE policy_docs SET is_active = 0, deleted_date = GETDATE(), deleted_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["id"]);
url_drop("id, action");
} elseif (url_id()) {
$d = db_grab("SELECT d.name, t.extension, d.content FROM policy_docs d JOIN docs_types t ON d.type_id = t.id WHERE d.id = " . $_GET["id"]);
//db_query("INSERT INTO docs_views ( documentID, user_id, viewedOn ) VALUES ( {$_GET["id"]}, {$_SESSION["user_id"]}, GETDATE() )");
file_download($d["content"], $d["name"], $d["extension"]);
}
//get nav options
$options = array();
$categories = db_query("SELECT id, description FROM policy_categories ORDER BY description");
while ($c = db_fetch($categories)) {
if (!isset($_GET["category"])) {
url_query_add(array("category" => $c["id"]));
}
$options[str_replace(url_base(), "", url_query_add(array("category" => $c["id"]), false))] = $c["description"];
}
echo drawTop();
echo drawNavigationRow($options, "areas", true);
?>
<table class="left">
<?php
if ($page['is_admin']) {
echo drawheaderRow("", 4, "add", "edit/");
} else {
echo drawheaderRow("", 3);
}
$docs = db_query("SELECT d.id, d.name, t.icon, ISNULL(d.updated_date, d.created_date) updated_date FROM policy_docs d JOIN docs_types t ON d.type_id = t.id WHERE d.is_active = 1 AND d.categoryID = " . $_GET["category"] . " ORDER BY d.name");
if (db_found($docs)) {
?>
<tr>
function drawBottom()
{
global $_josh, $modules, $helpdeskOptions, $helpdeskStatus, $modulettes, $page;
$return = '
</div>
<div id="right">
<div id="tools">
<a class="right button" href="/index.php?action=logout">' . getString('log_out') . '</a>
' . getString('hello') . ' <a href="/staff/view.php?id=' . $_SESSION['user_id'] . '"><b>' . $_SESSION['full_name'] . '</b></a>';
//search
$return .= '<form name="search" accept-charset="utf-8" method="get" action="/staff/search.php" onsubmit="javascript:return doSearch(this);">
<input type="text" name="q" placeholder="' . getString('staff_search') . '"/>
</form>';
//channel or language selectors
if (getOption('channels')) {
//$return .= draw_form_select('channel_id', 'SELECT id, title' . langExt() . ' title FROM channels WHERE is_active = 1 AND is_private = 0 ORDER BY precedence', $_SESSION['channel_id'], false, 'channels', 'url_query_set(\'channel_id\', this.value)', getString('networks_view_all'));
$return .= draw_form_select('channel_id', 'SELECT c.id, c.title' . langExt() . ' title FROM channels c WHERE c.is_active = 1 AND (c.is_private = 0 OR (SELECT COUNT(*) FROM users_to_channels u2c WHERE u2c.channel_id = c.id AND u2c.user_id = ' . user() . ') > 0) ORDER BY precedence', $_SESSION['channel_id'], false, 'channels', 'url_query_set(\'channel_id\', this.value)', getString('networks_view_all'));
}
if (getOption('languages')) {
$return .= draw_form_select('language_id', 'SELECT id, title FROM languages ORDER BY title', $_SESSION['language_id'], true, 'languages', 'url_query_set(\'language_id\', this.value)');
}
//links
$links = db_table('SELECT title' . langExt() . ' title, url FROM links WHERE is_active = 1 ORDER BY precedence');
foreach ($links as &$l) {
$l = draw_link($l['url'], $l['title'], true);
}
$return .= draw_div('#links', draw_container('h3', getString('links')) . (admin() ? draw_link('/a/admin/links.php', getString('edit'), false, array('class' => 'right button')) : false) . draw_list($links));
$return .= '</div>';
foreach ($modules as $m) {
$return .= '
<table class="right ' . $m['folder'] . '" cellspacing="1">
<tr>
<td colspan="2" class="head" style="background-color:#' . $m['color'] . ';">
<a href="/' . $m['folder'] . '/" class="left">' . $m['title'] . '</a>
' . draw_img('/images/arrows-new/' . format_boolean($m['is_closed'], 'up|down') . '.png', url_query_add(array('module' => $m['id']), false)) . '
</td>
</tr>';
if (!$m['is_closed']) {
include DIRECTORY_ROOT . DIRECTORY_SEPARATOR . $m['folder'] . DIRECTORY_SEPARATOR . 'pallet.php';
}
$return .= '</table>';
}
$return .= '</div>
<div id="footer">';
//if (admin()) $return .= 'page rendered in ' . format_time_exec() . '<br/>';
$return .= getString('copyright') . '<br/>';
if (getOption('legal')) {
$return .= draw_link('/login/legal.php', getString('legal_title'));
}
$return .= '</div></div>
<div id="subfooter"></div>
</body>
</html>';
//record pageview
if ($page['id'] && user()) {
db_query('INSERT INTO pages_views ( page_id, user_id, timestamp ) VALUES ( ' . $page['id'] . ', ' . user('NULL') . ', GETDATE() )');
}
return $return;
}
<?php
include "include.php";
if (url_action('delete')) {
db_delete('bb_topics_types');
url_drop('action,id');
}
echo drawTop();
$t = new table('bb_topics_types', drawHeader($page['is_admin'] ? array('category_edit.php' => getString('category_new')) : false));
$t->set_column('category', 'l', getString('category'));
$t->set_column('topics', 'r', getString('topics'));
if ($page['is_admin']) {
$t->set_column('delete', 'd', ' ');
}
$result = db_table('SELECT
y.id,
y.title' . langExt() . ' category,
(SELECT COUNT(*) FROM bb_topics t WHERE t.type_id = y.id AND t.is_active = 1) topics
FROM bb_topics_types y
WHERE y.is_active = 1
ORDER BY y.title');
foreach ($result as &$r) {
$r['category'] = draw_link('category.php?id=' . $r['id'], $r['category']);
if ($page['is_admin']) {
$r['delete'] = draw_img('/images/icons/delete.png', url_query_add(array('action' => 'delete', 'id' => $r['id']), false));
}
}
echo $t->draw($result, 'No categories added yet');
echo drawBottom();
} elseif (url_action('delete')) {
db_delete('dl_categories');
url_drop('action,id');
}
echo drawTop();
if (!empty($_GET['category_id'])) {
//category form
if ($_GET['category_id'] == 'new') {
$_GET['category_id'] = false;
}
$f = new form('dl_categories', $_GET['category_id'], ($_GET['category_id'] ? 'Edit' : 'Add') . ' Category');
$f->set_title_prefix($page['breadcrumbs']);
echo $f->draw();
} else {
//list of categories
$result = db_table('SELECT id, title, ' . db_updated() . ' FROM dl_categories WHERE is_active = 1 ORDER BY precedence');
$links = $page['is_admin'] ? array(url_query_add(array('category_id' => 'new'), false) => getString('add_new')) : false;
$t = new table('dl_categories', drawHeader($links));
$t->set_column('draggy', 'd', ' ');
$t->set_column('title', 'l', getString('title'));
$t->set_column('updated', 'r', getString('updated'));
$t->set_column('delete', 'd', ' ');
foreach ($result as &$r) {
$r['draggy'] = draw_img('/images/icons/move.png');
$r['title'] = draw_link(url_query_add(array('category_id' => $r['id']), false), $r['title']);
$r['updated'] = format_date($r['updated']);
$r['delete'] = draw_link(url_query_add(array('action' => 'delete', 'id' => $r['id']), false), 'x', false, 'confirm');
}
echo $t->draw($result, getString('categories_empty'));
}
echo drawBottom();
include "include.php";
$e = db_grab("SELECT \n\t\te.title, \n\t\te.description, \n\t\te.startDate, \n\t\tISNULL(u.nickname, u.firstname) first,\n\t\tu.lastname last,\n\t\te.createdBy,\n\t\te.createdOn,\n\t\tt.color,\n\t\tt.description type,\n\t\tMONTH(e.startDate) month, \n\t\tYEAR(e.startDate) year\n\tFROM calendar_events e\n\tJOIN intranet_users u ON e.createdBy = u.userID\n\tJOIN calendar_events_types t ON e.typeID = t.id\n\tWHERE e.id = " . $_GET["id"]);
if (url_action("delete")) {
db_query("DELETE FROM calendar_events WHERE id = " . $_GET["id"]);
url_change("/cal/?month=" . $e["month"] . "&year=" . $e["year"]);
}
drawTop();
echo drawNavigationCal($e["month"], $e["year"], true);
?>
<table class="left" cellspacing="1">
<?php
if ($isAdmin) {
echo drawHeaderRow("Event Details", 2, "edit", "event_edit.php?id=" . $_GET["id"], "delete", url_query_add(array("action" => "delete"), false));
} elseif ($user["id"] == $e["createdBy"]) {
echo drawHeaderRow("Event Details", 2, "edit", "event_edit.php?id=" . $_GET["id"], "delete", url_query_add(array("action" => "delete"), false));
} else {
echo drawHeaderRow("Event Details", 2);
}
?>
<tr>
<td class="left">Title</td>
<td class="right" bgcolor="#ffffff"><b><?php
echo $e["title"];
?>
</b></td>
</tr>
<tr>
<td class="left">Type</td>
<td><span class="block" style="background-color:<?php
echo $e["color"];
<?php
include "../include.php";
cookie("last_login");
if ($posting) {
if ($r = db_grab("SELECT userID FROM intranet_users WHERE email = '{$_POST["email"]}' AND isActive = 1")) {
email_user($_POST["email"], "Reset Your Password", drawEmptyResult('To reset your password, please <a href="http://' . $_josh["request"]["host"] . '/login/password_reset.php?id=' . $r . '">follow this link</a>.'));
url_change("password_confirm.php");
} else {
url_query_add(array("msg" => "email-not-found", "email" => $_POST["email"]));
//bad email
}
} elseif (isset($_GET["id"])) {
db_query("UPDATE intranet_users SET password = PWDENCRYPT('') WHERE userID = {$_GET["id"]} AND isActive = 1");
if ($r = db_grab("SELECT u.email, p.url FROM intranet_users u JOIN pages p ON u.homePageID = p.ID WHERE u.userID = {$_GET["id"]} AND u.isActive = 1")) {
login($r["email"], "", true);
cookie("last_login", $r["email"]);
url_change($r["url"]);
} else {
url_change(false);
}
}
?>
<html>
<head>
<title>Reset Your Password</title>
<link rel="stylesheet" type="text/css" href="<?php
echo $locale;
?>
style.css" />
<script language="javascript" src="/javascript.js"></script>
<td align="right"><?php
echo format_date($r["checkoutEnd"], "");
?>
</td>
<td align="center"><nobr><?php
if ($r["laptopStatusDesc"] == "In") {
?>
<a href="laptop_checkout.php?id=<?php
echo $r["laptopID"];
?>
">check out</a>
<?php
} else {
?>
<a href="<?php
echo url_query_add(array("checkin" => $r["laptopID"]), false);
?>
">check in</a>
<?php
}
?>
</nobr></td>
<td width="16"><a href="javascript:deactivateLaptop(<?php
echo $r["laptopID"];
?>
,'<?php
echo $r["laptopName"];
?>
');"><img src="/images/icons/delete.png" width="16" height="16" border="0"></a></td>
</tr>
<?php
<?php
include "include.php";
if ($posting) {
$_POST["isActive"] = 1;
$id = db_enter("calendar_events", "title description *startDate typeID");
url_query_add(array("month" => $_POST["startDateMonth"], "year" => $_POST["startDateYear"]));
}
if (!isset($_GET["month"]) || !isset($_GET["year"])) {
url_query_add(array("month" => $_josh["month"], "year" => $_josh["year"]));
}
drawTop();
echo drawNavigationCal($_GET["month"], $_GET["year"]);
//get events
$result = db_query("SELECT \n\t\t\te.id,\n\t\t\tDAY(e.startDate) startDay,\n\t\t\te.title,\n\t\t\tt.color\n\t\tFROM calendar_events e\n\t\tJOIN calendar_events_types t ON e.typeID = t.id\n\t\tWHERE e.isActive = 1 AND \n\t\t\tMONTH(e.startDate) = {$_GET["month"]} AND\n\t\t\tYEAR(e.startDate) = " . $_GET["year"]);
while ($r = db_fetch($result)) {
$events[$r["startDay"]][$r["id"]]["title"] = $r["title"];
$events[$r["startDay"]][$r["id"]]["color"] = $r["color"];
}
//SET UP VARIABLES
$monthname = $_josh["months"][$_GET['month'] - 1];
$firstday = date("w", mktime(0, 0, 0, $_GET["month"], 1, $_GET["year"]));
$lastday = date("d", mktime(0, 0, 0, $_GET["month"] + 1, 0, $_GET["year"]));
$prevmonth = $_GET['month'] - 1;
$prevyear = $_GET['year'];
$nextmonth = $_GET['month'] + 1;
$nextyear = $_GET['year'];
if ($prevmonth == 0) {
$prevmonth = 12;
$prevyear = $_GET['year'] - 1;
} elseif ($nextmonth == 13) {
function drawTicketRow($r, $mode = "status")
{
//mode can be status or type
global $priorityOptions, $statusOptions, $ownerOptions, $typeOptions, $_josh;
$return = '
<tr>
<td rowspan="2">' . drawName($r["created_user"], $r["first"] . ' ' . $r["last"], $r["created_date"], true, $r['updated']) . '</td>
<td colspan="3"><a href="ticket.php?id=' . $r["id"] . '"><b>' . $r["title"] . '</b></a></td>
<td rowspan="2">' . draw_img("/images/icons/delete.png", drawDeleteLink("Delete this ticket?", $r["id"], "delete", "ticketID")) . '</td>
</tr>
<tr>';
$t = array("ticketID" => $r["id"]);
if ($mode == "status") {
$return .= '<td>' . draw_form_select("", $priorityOptions, $r["priorityID"], false, "field", "location.href='" . url_query_add($t, false) . "&newPriority=' + this.value") . '</td>
<td>' . draw_form_select("", $statusOptions, $r["statusID"], true, "field", "location.href='" . url_query_add($t, false) . "&newStatus=' + this.value") . '</td>
<td>' . draw_form_select("", $ownerOptions, $r["ownerID"], false, "field", "location.href='" . url_query_add($t, false) . "&newOwner=' + this.value") . '</td>';
} elseif ($mode == "type") {
$return .= '<td colspan="3">' . draw_form_select("", $typeOptions, $r["type_id"], false, "field", "location.href='" . url_query_add($t, false) . "&newType=' + this.value") . '</td>';
}
$return .= '</tr>';
return $return;
}
function drawTop()
{
global $user, $_josh, $page, $isAdmin, $printing, $locale;
error_debug("starting top");
$title = $page["module"] . " > " . $page["name"];
?>
<!DOCTYPE html>
<html lang="en">
<head>
<meta charset="utf-8">
<meta http-equiv="X-UA-Compatible" content="IE=edge">
<meta name="viewport" content="width=device-width, initial-scale=1">
<title><?php
echo $title;
?>
</title>
<link rel="stylesheet" type="text/css" href="/assets/vendor/bootstrap/dist/css/bootstrap.min.css">
<link rel="stylesheet" type="text/css" href="/assets/css/style.css">
<!--[if IE]>
<link rel="stylesheet" type="text/css" href="<?php
echo $locale;
?>
style-ie.css" />
<![endif]-->
</head>
<body>
<?php
if (!$printing) {
?>
<div class="container">
<div class="row banner">
<div class="col-md-4">
<a href="/bb/"><img src="/assets/img/logo-cc.png" width="240" height="86" class="img-responsive"></a>
</div>
<div class="col-md-4">
<a href="/bb/"><img src="/assets/img/logo-hla.png" width="330" height="64" class="img-responsive"></a>
</div>
<div class="col-md-4">
<a href="/bb/"><img src="/assets/img/logo-hcfa.png" width="186" height="102" class="img-responsive"></a>
</div>
</div>
<div class="row">
<div id="left" class="col-md-8">
<div id="help">
<a class="button left" href="/bb/">
<i class="glyphicon glyphicon-home"></i>
Home
</a>
<a class="button right" href="<?php
echo url_query_add(array("toggleMenuPref" => "isOpenHelp"), false);
?>
">
<i class="glyphicon glyphicon-info-sign"></i>
<?php
if ($user["isOpenHelp"]) {
?>
Hide<?php
} else {
?>
Show<?php
}
?>
Help
</a>
<?php
if ($user["isOpenHelp"]) {
if ($user["isAdmin"]) {
?>
<a class="button right" href="/admin/edit-help.php?id=<?php
echo $page["id"];
?>
&returnTo=<?php
echo urlencode($_josh["request"]["path_query"]);
?>
">
<i class="glyphicon glyphicon-edit"></i>
Edit Page Info
</a>
<?php
}
?>
<div class="text">
<?php
echo $page["helpText"] ? $page["helpText"] : "No help is available for this page.";
?>
</div>
<?php
}
?>
</div>
<?php
}
if ($_josh["request"]["folder"] == "helpdesk") {
echo drawNavigationHelpdesk();
}
echo drawNavigation();
$_josh["drawn"]["top"] = true;
error_debug("finished drawing top");
}
<?php
include "include.php";
if ($posting) {
langTranslatePost('title,description');
$id = db_save('cal_events');
if (getOption('channels')) {
db_checkboxes('channels', 'cal_events_to_channels', 'event_id', 'channel_id', $id);
}
url_query_add(array("month" => $_POST['start_dateMonth'], "year" => $_POST['start_dateYear']));
}
if (!isset($_GET['month']) || !isset($_GET['year'])) {
url_query_add(array("month" => $_josh['month'], "year" => $_josh['year']));
}
echo drawTop();
echo drawNavigationCal($_GET['month'], $_GET['year']);
//get events
$result = db_query('SELECT
e.id,
DAY(e.start_date) startDay,
e.title' . langExt() . ' title,
t.color
FROM cal_events e
JOIN cal_events_types t ON e.type_id = t.id
' . getChannelsWhere('cal_events', 'e', 'event_id') . '
AND
MONTH(e.start_date) = ' . $_GET['month'] . ' AND
YEAR(e.start_date) = ' . $_GET['year']);
while ($r = db_fetch($result)) {
$events[$r['startDay']][$r['id']]['title'] = $r['title'];
$events[$r['startDay']][$r['id']]['color'] = $r['color'];
echo format_date_time($r["createdOn"]);
?>
</td>
<td width="16"><?php
echo draw_img($locale . "images/icons/delete.gif", url_query_add(array("action" => "deletereq", "id" => $r["id"]), false));
?>
</td>
</tr>
<?php
}
} else {
echo drawEmptyResult("No pending requests!");
}
echo drawTableEnd();
echo drawTableStart();
echo drawHeaderRow("Never Logged In", 3, "invite them all", url_query_add(array("action" => "invite"), false));
$result = db_query("SELECT userid, lastname, firstname, createdOn FROM intranet_users WHERE lastlogin IS NULL AND isactive = 1 ORDER BY lastname");
if (db_found($result)) {
?>
<tr>
<th width="70%">Name</th>
<th width="30%" class="r">Created Date</th>
<th></th>
</tr>
<?php
while ($r = db_fetch($result)) {
?>
<tr>
<td><a href="view.php?id=<?php
echo $r["userid"];
?>
?>
</td>
<td width="16"><?php
echo draw_img("/images/icons/delete.png", url_query_add(array("action" => "deletereq", "id" => $r["id"]), false));
?>
</td>
</tr>
<?php
}
} else {
echo drawEmptyResult(getString('staff_requests_empty'));
}
echo drawTableEnd();
//never logged in
echo drawTableStart();
echo drawHeaderRow(getString('staff_never_logged_in'), 3, getString('staff_invite_all'), url_query_add(array("action" => "invite"), false));
$result = db_query("SELECT id, lastname, firstname, created_date FROM users WHERE lastlogin IS NULL AND is_active = 1 ORDER BY lastname");
if (db_found($result)) {
?>
<tr>
<th width="70%"><?php
echo getString('name');
?>
</th>
<th width="30%" class="r"><?php
echo getString('date_created');
?>
</th>
<th></th>
</tr>
<?php
<?php
include "../include.php";
echo drawTop();
if (url_id()) {
$title = db_grab('SELECT title' . langExt() . ' title FROM press_clips_types WHERE id = ' . $_GET["id"]);
$result = db_table('SELECT c.id, c.title' . langExt() . ' title, c.pub_date, c.publication' . langExt() . ' publication, ISNULL(c.created_date, c.updated_date) updated FROM press_clips c ' . getChannelsWhere('press_clips', 'c', 'clip_id') . ' AND c.type_id = ' . $_GET["id"] . ' ORDER BY updated DESC');
$t = new table('press_clips', drawHeader(false, $title));
$t->set_column('title', 'l', getString('title'));
$t->set_column('publication', 'l', getString('publication'));
$t->set_column('pub_date', 'r', getString('published'));
foreach ($result as &$r) {
$r['title'] = draw_link('clip.php?id=' . $r['id'], format_string($r['title'], 50));
$r['pub_date'] = format_date($r['pub_date']);
}
echo $t->draw($result, 'There are no clips tagged <i>' . $title . '</i>.');
} else {
$t = new table('press_clips', drawHeader());
$t->set_column('category', 'l', getString('category'));
$t->set_column('clips', 'r', getString('clips'));
$result = db_table('SELECT t.id, t.title' . langExt() . ' category, (SELECT COUNT(*) FROM press_clips c WHERE c.type_id = t.id) clips FROM press_clips_types t ORDER BY t.precedence');
foreach ($result as &$r) {
$r['category'] = draw_link(url_query_add(array('id' => $r['id']), false), $r['category']);
}
echo $t->draw($result);
}
echo drawBottom();
function drawStaffRow($r, $searchterms = false)
{
global $isAdmin, $locale;
if ($searchterms) {
global $fields;
foreach ($fields as $f) {
if (isset($r[$f])) {
$r[$f] = format_hilite($r[$f], $searchterms);
}
}
}
$return = '<tr height="38">';
$return .= '<td class="image"><a href="/staff/view.php?id=' . $r["userID"] . '">' . drawImg($r["userID"]) . '</a></td>';
$return .= '<td><nobr><a href="view.php?id=' . $r["userID"] . '">' . $r["lastname"] . ', ' . $r["firstname"] . '</a>';
//if (!$r["isMain"]) $return .= "<br>" . $r["office"];
$return .= '</nobr></td><td>';
if ($r["title"]) {
$return .= $r["title"] . '<br>';
}
if ($r["departmentName"]) {
$return .= '<i>' . $r["departmentName"] . '</i><br>';
}
if ($r["corporationName"]) {
$return .= '<a href="/staff/organizations.php?id=' . $r["corporationID"] . '">' . $r["corporationName"] . '</a>';
}
$return .= '</td>
<td class="r"><nobr>' . format_phone($r["phone"]) . '</nobr></td>
';
if ($isAdmin) {
$return .= '<td class="delete"><a href="javascript:promptRedirect(\'' . url_query_add(array("action" => "delete", "staffID" => $r["userID"]), false) . '\', \'Delete this staff member?\');"><i class="glyphicon glyphicon-remove"></i></a></td>';
}
return $return . '</tr>';
}
<?php
$pageIsPublic = true;
include '../include.php';
if ($posting) {
if ($r = db_grab('SELECT id FROM users WHERE email = "' . $_POST['email'] . '" AND is_active = 1')) {
emailPassword($r);
url_change('password_confirm.php');
} else {
url_query_add(array('msg' => 'email-not-found', 'email' => $_POST['email']));
//bad email
}
} elseif (url_id()) {
$_SESSION['user_id'] = false;
db_query('UPDATE users SET password = NULL WHERE id = ' . $_GET['id'] . ' AND is_active = 1');
if ($email = db_grab('SELECT email FROM users WHERE id = ' . $_GET['id'] . ' AND is_active = 1')) {
login($email, '', true);
url_change($_SESSION['homepage']);
} else {
url_change(false);
}
} else {
cookie('last_login');
$_SESSION['user_id'] = false;
}
echo drawSimpleTop(getString('password_reset'));
if (@$_GET['msg'] == 'email-not-found') {
echo drawMessage(getString('login_password_reset_msg_email_not_found'));
} else {
echo drawMessage(getString('login_password_reset_msg'));
}
