/**
* Smarty escape modifier plugin
*
* Type: modifier<br>
* Name: escape<br>
* Purpose: Escape the string according to escapement type
* @link http://smarty.php.net/manual/en/language.modifier.escape.php
* escape (Smarty online manual)
* @param string
* @param html|htmlall|url|quotes|hex|hexentity|javascript
* @return string
*/
function smarty_modifier_escape($string, $esc_type = 'html')
{
switch ($esc_type) {
case 'html':
return htmlspecialchars($string, ENT_QUOTES);
case 'htmlall':
return htmlentities($string, ENT_QUOTES);
case 'link':
$sText = nl2br(htmlspecialchars($string));
$sRetVal = eregi_replace('(http|ftp|telnet|irc|https)://[^<>[:space:]]+[[:alnum:]/]', '<a target="_blank" href="\\0">\\0</a>', $sText);
// Pseudo stuff
$sRetVal = eregi_replace('dcl://workorders/([0-9]+)[-]([0-9]+)', '<a href="' . menuLink() . '?menuAction=boWorkorders.viewjcn&jcn=\\1&seq=\\2">\\0</a>', $sRetVal);
$sRetVal = eregi_replace('dcl://tickets/([0-9]+)', '<a href="' . menuLink() . '?menuAction=boTickets.view&ticketid=\\1">\\0</a>', $sRetVal);
$sRetVal = eregi_replace('dcl://projects/([0-9]+)', '<a href="' . menuLink() . '?menuAction=boProjects.viewproject&wostatus=0&project=\\1">\\0</a>', $sRetVal);
return $sRetVal;
case 'url':
return urlencode($string);
case 'date':
$o = new dclDB();
return $o->FormatDateForDisplay($string);
case 'timestamp':
$o = new dclDB();
return $o->FormatTimeStampForDisplay($string);
case 'rawurl':
return rawurlencode($string);
case 'quotes':
// escape unescaped single quotes
return preg_replace("%(?<!\\\\)'%", "\\'", $string);
case 'utf8xml':
return utf8_encode(htmlspecialchars($string, ENT_NOQUOTES));
case 'hex':
// escape every character into hex
$return = '';
for ($x = 0; $x < strlen($string); $x++) {
$return .= '%' . bin2hex($string[$x]);
}
return $return;
case 'hexentity':
$return = '';
for ($x = 0; $x < strlen($string); $x++) {
$return .= '&#x' . bin2hex($string[$x]) . ';';
}
return $return;
case 'javascript':
// escape quotes and backslashes and newlines
return strtr($string, array('\\' => '\\\\', "'" => "\\'", '"' => '\\"', "\r" => '\\r', "\n" => '\\n'));
default:
return $string;
}
}
function ShowTimesheet($query, $iGroupColumn)
{
$bExport = isset($_REQUEST['export']) && $_REQUEST['export'] == '1';
$responsible = '';
$oMeta =& CreateObject('dcl.DCL_MetadataDisplay');
if ($_REQUEST['bytype'] == '1') {
if (($responsible = DCL_Sanitize::ToInt($_REQUEST['responsible'])) === null) {
trigger_error('Data sanitize failed.');
return;
}
$sReportFor = $oMeta->GetPersonnel($responsible);
} else {
if (($department = DCL_Sanitize::ToInt($_REQUEST['department'])) === null) {
trigger_error('Data sanitize failed.');
return;
}
$sReportFor = $oMeta->GetDepartment($department);
}
if (($begindate = DCL_Sanitize::ToDate($_REQUEST['begindate'])) === null || ($enddate = DCL_Sanitize::ToDate($_REQUEST['enddate'])) === null) {
trigger_error('Data sanitize failed.');
return;
}
$oBeginDate = new DCLDate();
$oBeginDate->SetFromDisplay($begindate);
$oEndDate = new DCLDate();
$oEndDate->SetFromDisplay($enddate);
$aDateArray = array();
for ($iTime = $oBeginDate->time; $iTime <= $oEndDate->time; $iTime += 86400) {
$oBeginDate->time = $iTime;
$aDateArray[$oBeginDate->ToDisplay()] = 0.0;
}
$aReportArray = array();
$objDB = new dclDB();
if ($objDB->Query($query) != -1) {
if ($objDB->next_record()) {
do {
$sArrayIndex = $objDB->f('name');
if (!isset($aReportArray[$sArrayIndex])) {
$aReportArray[$sArrayIndex] = $aDateArray;
}
$aReportArray[$sArrayIndex][$objDB->FormatDateForDisplay($objDB->f('actionon'))] += $objDB->f('hours');
} while ($objDB->next_record());
$aTotalArray = $aDateArray;
$aDisplayArray = array();
ksort($aReportArray);
$iIndex = 0;
foreach ($aReportArray as $sGroup => $aHours) {
$aDisplayArray[$iIndex] = array();
$aDisplayArray[$iIndex][] = $sGroup;
$fTotal = 0.0;
foreach ($aHours as $sDate => $fHours) {
$aTotalArray[$sDate] += $fHours;
$aDisplayArray[$iIndex][] = $fHours;
$fTotal += $fHours;
}
$aDisplayArray[$iIndex][] = $fTotal;
$iIndex++;
}
if ($bExport) {
$aDisplayArray[$iIndex] = array();
$aDisplayArray[$iIndex][] = 'Total';
$fTotal = 0.0;
foreach ($aTotalArray as $sDate => $fHours) {
$aDisplayArray[$iIndex][] = $fHours;
$fTotal += $fHours;
}
$aDisplayArray[$iIndex][] = $fTotal;
$nameArray = array_merge(array(''), array_keys($aDateArray), array('Total'));
ExportArray($nameArray, $aDisplayArray);
} else {
$oTable = CreateObject('dcl.htmlTable');
$oTable->addColumn('', 'string');
foreach (array_keys($aDateArray) as $sDate) {
$oTable->addColumn($sDate, 'numeric');
}
$oTable->addColumn('Total', 'numeric');
$oTable->addFooter('Total');
$fTotal = 0.0;
foreach ($aTotalArray as $sDate => $fHours) {
$oTable->addFooter($fHours);
$fTotal += $fHours;
}
$oTable->addFooter($fTotal);
$oTable->setData($aDisplayArray);
$oTable->setShowRownum(true);
$oTable->setCaption(sprintf(STR_WOST_ACTIVITYTITLE, $sReportFor, $begindate, $enddate));
$oTable->addToolbar(menuLink('', sprintf('menuAction=reportPersonnelActivity.execute&export=1×heet=Y&responsible=%s&begindate=%s&enddate=%s&bytype=%d&groupby=%d&department=%d', $responsible, $begindate, $enddate, $_REQUEST['bytype'], $_REQUEST['groupby'], $_REQUEST['department'])), STR_VW_EXPORTRESULTS);
$oTable->render();
}
} else {
if ($bExport) {
commonHeader();
}
trigger_error(STR_WOST_NOACTIVITY, E_USER_NOTICE);
$this->getparameters(false);
}
}
}
function Render()
{
commonHeader();
if (($id = DCL_Sanitize::ToInt($_REQUEST['projectid'])) === null) {
return PrintPermissionDenied();
}
if (($days = DCL_Sanitize::ToInt($_REQUEST['days'])) === null) {
return PrintPermissionDenied();
}
if (($endon = DCL_Sanitize::ToDate($_REQUEST['endon'])) === null) {
return PrintPermissionDenied();
}
$oDate = new DCLDate();
$oDate->SetFromDisplay($endon);
$endon = $oDate->ToDB();
$oDate->time = mktime(0, 0, 0, date('m', $oDate->time), date('d', $oDate->time) - $days, date('Y', $oDate->time));
$beginon = $oDate->ToDB();
$sSQL = '';
if (isset($_REQUEST['scope'])) {
$sSQL = $this->GetScopeSQL($id, $beginon, $endon);
}
if (isset($_REQUEST['timecards'])) {
if ($sSQL != '') {
$sSQL .= ' UNION ALL ';
}
$sSQL .= $this->GetTimeCardSQL($id, $beginon, $endon);
}
if (isset($_REQUEST['code'])) {
if ($sSQL != '') {
$sSQL .= ' UNION ALL ';
}
$sSQL .= $this->GetWorkOrderCodeSQL($id, $beginon, $endon);
$sSQL .= ' UNION ALL ';
$sSQL .= $this->GetProjectCodeSQL($id, $beginon, $endon);
}
if ($sSQL == '') {
ShowError('No options selected.', __FILE__, __LINE__, null);
return;
}
$sSQL .= ' ORDER BY 2 DESC';
$oDB = new dclDB();
if ($oDB->Query($sSQL) !== -1) {
$aResults = array();
while ($oDB->next_record()) {
$aRecord = array();
$aRecord[] = $oDB->FormatDateForDisplay($oDB->f(1));
$oDB->objTimestamp->SetFromDB($oDB->f(1));
$aRecord[] = $oDB->objTimestamp->ToTimeOnly();
if ($oDB->f(0) == 4) {
$aRecord[] = '<a href="' . menuLink('', 'menuAction=boProjects.viewproject&project=' . $id) . '">[' . $id . '] ' . htmlspecialchars($oDB->f(5)) . '</a>';
} else {
$aRecord[] = '<a href="' . menuLink('', 'menuAction=boWorkorders.viewjcn&jcn=' . $oDB->f(2) . '&seq=' . $oDB->f(3)) . '">[' . $oDB->f(2) . '-' . $oDB->f(3) . '] ' . htmlspecialchars($oDB->f(6)) . '</a>';
}
$aRecord[] = $oDB->f(7);
$aRecord[] = $oDB->f(8);
$aRecord[] = $oDB->f(9);
$aResults[] = $aRecord;
}
$oTable =& CreateObject('dcl.htmlTable');
$oTable->setCaption('Project Timeline');
$oTable->addColumn('Date', 'string');
$oTable->addColumn('Time', 'string');
$oTable->addColumn('Item', 'html');
$oTable->addColumn('Current Status', 'string');
$oTable->addColumn('Action By', 'string');
$oTable->addColumn('Action Description', 'string');
$oTable->addGroup(0);
$oTable->setData($aResults);
$oTable->setShowRownum(true);
$oTable->render();
}
}
