/**
 * Smarty escape modifier plugin
 *
 * Type:     modifier<br>
 * Name:     escape<br>
 * Purpose:  Escape the string according to escapement type
 * @link http://smarty.php.net/manual/en/language.modifier.escape.php
 *          escape (Smarty online manual)
 * @param string
 * @param html|htmlall|url|quotes|hex|hexentity|javascript
 * @return string
 */
function smarty_modifier_escape($string, $esc_type = 'html')
{
    switch ($esc_type) {
        case 'html':
            return htmlspecialchars($string, ENT_QUOTES);
        case 'htmlall':
            return htmlentities($string, ENT_QUOTES);
        case 'link':
            $sText = nl2br(htmlspecialchars($string));
            $sRetVal = eregi_replace('(http|ftp|telnet|irc|https)://[^<>[:space:]]+[[:alnum:]/]', '<a target="_blank" href="\\0">\\0</a>', $sText);
            // Pseudo stuff
            $sRetVal = eregi_replace('dcl://workorders/([0-9]+)[-]([0-9]+)', '<a href="' . menuLink() . '?menuAction=boWorkorders.viewjcn&jcn=\\1&seq=\\2">\\0</a>', $sRetVal);
            $sRetVal = eregi_replace('dcl://tickets/([0-9]+)', '<a href="' . menuLink() . '?menuAction=boTickets.view&ticketid=\\1">\\0</a>', $sRetVal);
            $sRetVal = eregi_replace('dcl://projects/([0-9]+)', '<a href="' . menuLink() . '?menuAction=boProjects.viewproject&wostatus=0&project=\\1">\\0</a>', $sRetVal);
            return $sRetVal;
        case 'url':
            return urlencode($string);
        case 'date':
            $o = new dclDB();
            return $o->FormatDateForDisplay($string);
        case 'timestamp':
            $o = new dclDB();
            return $o->FormatTimeStampForDisplay($string);
        case 'rawurl':
            return rawurlencode($string);
        case 'quotes':
            // escape unescaped single quotes
            return preg_replace("%(?<!\\\\)'%", "\\'", $string);
        case 'utf8xml':
            return utf8_encode(htmlspecialchars($string, ENT_NOQUOTES));
        case 'hex':
            // escape every character into hex
            $return = '';
            for ($x = 0; $x < strlen($string); $x++) {
                $return .= '%' . bin2hex($string[$x]);
            }
            return $return;
        case 'hexentity':
            $return = '';
            for ($x = 0; $x < strlen($string); $x++) {
                $return .= '&#x' . bin2hex($string[$x]) . ';';
            }
            return $return;
        case 'javascript':
            // escape quotes and backslashes and newlines
            return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n'));
        default:
            return $string;
    }
}
 function ShowTimesheet($query, $iGroupColumn)
 {
     $bExport = isset($_REQUEST['export']) && $_REQUEST['export'] == '1';
     $responsible = '';
     $oMeta =& CreateObject('dcl.DCL_MetadataDisplay');
     if ($_REQUEST['bytype'] == '1') {
         if (($responsible = DCL_Sanitize::ToInt($_REQUEST['responsible'])) === null) {
             trigger_error('Data sanitize failed.');
             return;
         }
         $sReportFor = $oMeta->GetPersonnel($responsible);
     } else {
         if (($department = DCL_Sanitize::ToInt($_REQUEST['department'])) === null) {
             trigger_error('Data sanitize failed.');
             return;
         }
         $sReportFor = $oMeta->GetDepartment($department);
     }
     if (($begindate = DCL_Sanitize::ToDate($_REQUEST['begindate'])) === null || ($enddate = DCL_Sanitize::ToDate($_REQUEST['enddate'])) === null) {
         trigger_error('Data sanitize failed.');
         return;
     }
     $oBeginDate = new DCLDate();
     $oBeginDate->SetFromDisplay($begindate);
     $oEndDate = new DCLDate();
     $oEndDate->SetFromDisplay($enddate);
     $aDateArray = array();
     for ($iTime = $oBeginDate->time; $iTime <= $oEndDate->time; $iTime += 86400) {
         $oBeginDate->time = $iTime;
         $aDateArray[$oBeginDate->ToDisplay()] = 0.0;
     }
     $aReportArray = array();
     $objDB = new dclDB();
     if ($objDB->Query($query) != -1) {
         if ($objDB->next_record()) {
             do {
                 $sArrayIndex = $objDB->f('name');
                 if (!isset($aReportArray[$sArrayIndex])) {
                     $aReportArray[$sArrayIndex] = $aDateArray;
                 }
                 $aReportArray[$sArrayIndex][$objDB->FormatDateForDisplay($objDB->f('actionon'))] += $objDB->f('hours');
             } while ($objDB->next_record());
             $aTotalArray = $aDateArray;
             $aDisplayArray = array();
             ksort($aReportArray);
             $iIndex = 0;
             foreach ($aReportArray as $sGroup => $aHours) {
                 $aDisplayArray[$iIndex] = array();
                 $aDisplayArray[$iIndex][] = $sGroup;
                 $fTotal = 0.0;
                 foreach ($aHours as $sDate => $fHours) {
                     $aTotalArray[$sDate] += $fHours;
                     $aDisplayArray[$iIndex][] = $fHours;
                     $fTotal += $fHours;
                 }
                 $aDisplayArray[$iIndex][] = $fTotal;
                 $iIndex++;
             }
             if ($bExport) {
                 $aDisplayArray[$iIndex] = array();
                 $aDisplayArray[$iIndex][] = 'Total';
                 $fTotal = 0.0;
                 foreach ($aTotalArray as $sDate => $fHours) {
                     $aDisplayArray[$iIndex][] = $fHours;
                     $fTotal += $fHours;
                 }
                 $aDisplayArray[$iIndex][] = $fTotal;
                 $nameArray = array_merge(array(''), array_keys($aDateArray), array('Total'));
                 ExportArray($nameArray, $aDisplayArray);
             } else {
                 $oTable = CreateObject('dcl.htmlTable');
                 $oTable->addColumn('', 'string');
                 foreach (array_keys($aDateArray) as $sDate) {
                     $oTable->addColumn($sDate, 'numeric');
                 }
                 $oTable->addColumn('Total', 'numeric');
                 $oTable->addFooter('Total');
                 $fTotal = 0.0;
                 foreach ($aTotalArray as $sDate => $fHours) {
                     $oTable->addFooter($fHours);
                     $fTotal += $fHours;
                 }
                 $oTable->addFooter($fTotal);
                 $oTable->setData($aDisplayArray);
                 $oTable->setShowRownum(true);
                 $oTable->setCaption(sprintf(STR_WOST_ACTIVITYTITLE, $sReportFor, $begindate, $enddate));
                 $oTable->addToolbar(menuLink('', sprintf('menuAction=reportPersonnelActivity.execute&export=1&timesheet=Y&responsible=%s&begindate=%s&enddate=%s&bytype=%d&groupby=%d&department=%d', $responsible, $begindate, $enddate, $_REQUEST['bytype'], $_REQUEST['groupby'], $_REQUEST['department'])), STR_VW_EXPORTRESULTS);
                 $oTable->render();
             }
         } else {
             if ($bExport) {
                 commonHeader();
             }
             trigger_error(STR_WOST_NOACTIVITY, E_USER_NOTICE);
             $this->getparameters(false);
         }
     }
 }
 function Render()
 {
     commonHeader();
     if (($id = DCL_Sanitize::ToInt($_REQUEST['projectid'])) === null) {
         return PrintPermissionDenied();
     }
     if (($days = DCL_Sanitize::ToInt($_REQUEST['days'])) === null) {
         return PrintPermissionDenied();
     }
     if (($endon = DCL_Sanitize::ToDate($_REQUEST['endon'])) === null) {
         return PrintPermissionDenied();
     }
     $oDate = new DCLDate();
     $oDate->SetFromDisplay($endon);
     $endon = $oDate->ToDB();
     $oDate->time = mktime(0, 0, 0, date('m', $oDate->time), date('d', $oDate->time) - $days, date('Y', $oDate->time));
     $beginon = $oDate->ToDB();
     $sSQL = '';
     if (isset($_REQUEST['scope'])) {
         $sSQL = $this->GetScopeSQL($id, $beginon, $endon);
     }
     if (isset($_REQUEST['timecards'])) {
         if ($sSQL != '') {
             $sSQL .= ' UNION ALL ';
         }
         $sSQL .= $this->GetTimeCardSQL($id, $beginon, $endon);
     }
     if (isset($_REQUEST['code'])) {
         if ($sSQL != '') {
             $sSQL .= ' UNION ALL ';
         }
         $sSQL .= $this->GetWorkOrderCodeSQL($id, $beginon, $endon);
         $sSQL .= ' UNION ALL ';
         $sSQL .= $this->GetProjectCodeSQL($id, $beginon, $endon);
     }
     if ($sSQL == '') {
         ShowError('No options selected.', __FILE__, __LINE__, null);
         return;
     }
     $sSQL .= ' ORDER BY 2 DESC';
     $oDB = new dclDB();
     if ($oDB->Query($sSQL) !== -1) {
         $aResults = array();
         while ($oDB->next_record()) {
             $aRecord = array();
             $aRecord[] = $oDB->FormatDateForDisplay($oDB->f(1));
             $oDB->objTimestamp->SetFromDB($oDB->f(1));
             $aRecord[] = $oDB->objTimestamp->ToTimeOnly();
             if ($oDB->f(0) == 4) {
                 $aRecord[] = '<a href="' . menuLink('', 'menuAction=boProjects.viewproject&project=' . $id) . '">[' . $id . '] ' . htmlspecialchars($oDB->f(5)) . '</a>';
             } else {
                 $aRecord[] = '<a href="' . menuLink('', 'menuAction=boWorkorders.viewjcn&jcn=' . $oDB->f(2) . '&seq=' . $oDB->f(3)) . '">[' . $oDB->f(2) . '-' . $oDB->f(3) . '] ' . htmlspecialchars($oDB->f(6)) . '</a>';
             }
             $aRecord[] = $oDB->f(7);
             $aRecord[] = $oDB->f(8);
             $aRecord[] = $oDB->f(9);
             $aResults[] = $aRecord;
         }
         $oTable =& CreateObject('dcl.htmlTable');
         $oTable->setCaption('Project Timeline');
         $oTable->addColumn('Date', 'string');
         $oTable->addColumn('Time', 'string');
         $oTable->addColumn('Item', 'html');
         $oTable->addColumn('Current Status', 'string');
         $oTable->addColumn('Action By', 'string');
         $oTable->addColumn('Action Description', 'string');
         $oTable->addGroup(0);
         $oTable->setData($aResults);
         $oTable->setShowRownum(true);
         $oTable->render();
     }
 }