function drawJumpToStaff($selectedID = false)
{
global $page;
$nullable = $selectedID === false;
$return = drawPanel(getString('jump_to') . ' ' . drawSelectUser('', $selectedID, $nullable, 0, true, true, 'Staff Member:'));
if ($page['is_admin'] && db_grab('SELECT COUNT(*) FROM users_requests WHERE is_active = 1')) {
$return = drawMessage('There are pending <a href="requests.php">account requests</a> for you to review.') . $return;
}
return $return;
}
function drawJumpToStaff($selectedID = false)
{
global $isAdmin;
$nullable = $selectedID === false;
$return = '
<table class="message">
<tr>
<td class="gray">Jump to ' . drawSelectUser("", $selectedID, $nullable, 0, true, true, "Staff Member:") . '</td>
</tr>
</table>';
if ($isAdmin) {
if ($r = db_grab("SELECT COUNT(*) FROM users_requests")) {
$return = drawServerMessage("There are pending <a href='requests.php'>account requests</a> for you to review.") . $return;
}
}
return $return;
}
<?php
include '../include.php';
url_query_require();
echo drawTop();
$r = db_grab('SELECT
(SELECT t.tag FROM contacts_tags t JOIN contacts_to_tags c2t ON t.id = c2t.tag_id WHERE t.is_active = 1 AND t.type_id = 10 AND c2t.contact_id = c.id) salutation,
c.firstname,
c.lastname,
(SELECT t.tag FROM contacts_tags t JOIN contacts_to_tags c2t ON t.id = c2t.tag_id WHERE t.is_active = 1 AND t.type_id = 11 AND c2t.contact_id = c.id) suffix,
c.organization,
c.title,
c.address_1,
c.address_2,
RIGHT("00000" + RTRIM(c.zip), 5) zip,
c.phone,
c.fax,
c.mobile_phone,
c.email,
z.city,
z.state,
c.notes
FROM contacts c
LEFT JOIN zip_codes z ON c.zip = z.zip
WHERE c.id = ' . $_GET['id']);
$d = new display();
$d->row('Name', $r['salutation'] . ' ' . $r['firstname'] . ' ' . $r['lastname'] . ($r['suffix'] ? ', ' . $r['suffix'] : ''));
$d->row('Company', $r['organization']);
$d->row('Job Title', $r['title']);
$d->row('Address', $r['address_1'] . ($r['address_2'] ? BR . $r['address_2'] : false) . BR . $r['city'] . ', ' . $r['state'] . ' ' . $r['zip']);
$d->row('Phone', $r['phone']);
<?php
include "../../include.php";
if ($posting) {
$theuser_id = $page['is_admin'] ? $_POST["created_user"] : $_SESSION["user_id"];
db_query("UPDATE press_releases SET\n\t\t\theadline = '{$_POST["headline"]}',\t\n\t\t\tdetail = '{$_POST["detail"]}',\t\n\t\t\tlocation = '{$_POST["location"]}',\t\n\t\t\ttext = '" . format_html($_POST["text"]) . "',\t\n\t\t\tcorporationID = {$_POST["corporationID"]},\n\t\t\tupdated_date = GETDATE(),\n\t\t\tupdated_user = {$theuser_id}\n\t\t\tWHERE id = " . $_GET["id"]);
url_change("../?id=" . $_GET["id"]);
}
echo drawTop();
$r = db_grab("SELECT id, headline, detail, location, releaseDate, corporationID, text FROM press_releases WHERE id = " . $_GET["id"]);
$form = new intranet_form();
if ($page['is_admin']) {
$form->addUser("created_user", "Posted By", $_SESSION["user_id"], false, "EEDDCC");
}
$form->addRow("itext", "Headline", "headline", $r["headline"], "", true, 255);
$form->addRow("itext", "Detail", "detail", $r["detail"], "", false, 255);
$form->addRow("itext", "Location", "location", $r["location"], "", true, 255);
$form->addRow("select", "Organization", "corporationID", "SELECT id, title from organizations ORDER BY title", $r["corporationID"]);
$form->addRow("date", "Date", "releaseDate", $r["releaseDate"]);
$form->addRow("textarea", "Text", "text", $r["text"], "", true);
$form->addRow("submit", "update press release");
$form->draw("Update Release");
echo drawBottom();
<?php
include "include.php";
if (isset($_GET["deleteID"])) {
if (db_grab("SELECT endDate FROM intranet_users WHERE userID = " . $_GET["deleteID"])) {
db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE() WHERE userID = " . $_GET["deleteID"]);
} else {
db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE(), endDate = GETDATE() WHERE userID = " . $_GET["deleteID"]);
}
url_query_drop("deleteID");
}
$orgs = array();
if (!isset($_GET["id"])) {
$_GET["id"] = 0;
}
$orgs[0] = "Shared";
$orgs = db_array("SELECT id, description FROM organizations ORDER BY description", $orgs);
drawTop();
?>
<table class="navigation staff" cellspacing="1">
<tr class="staff-hilite">
<?php
foreach ($orgs as $key => $value) {
?>
<td width="14.28%"<?php
if ($_GET["id"] == $key) {
?>
class="selected"<?php
}
?>
><?php
function login($username, $password, $skippass = false)
{
global $_SESSION;
//need id, fullname, email departmentid, ishelpdesk, homepage, update_days, updated_on, first
if ($skippass) {
$where = '';
error_debug('<b>login</b> running without password', __FILE__, __LINE__);
} else {
$where = ' AND ' . db_pwdcompare($password, 'u.password') . ' = 1';
error_debug('<b>login</b> running with password', __FILE__, __LINE__);
}
if ($user = db_grab('SELECT
u.id,
ISNULL(u.nickname, u.firstname) firstname,
u.lastname,
u.email,
' . db_pwdcompare('', 'u.password') . ' password,
u.departmentID,
d.isHelpdesk,
u.help,
u.is_admin,
u.updated_date,
u.language_id,
l.code language,
' . db_datediff('u.updated_date', 'GETDATE()') . ' update_days
FROM users u
LEFT JOIN languages l ON u.language_id = l.id
LEFT JOIN departments d ON u.departmentID = d.departmentID
WHERE u.email = \'' . $username . '\' AND u.is_active = 1' . $where)) {
//login was good
db_query('UPDATE users SET lastlogin = GETDATE() WHERE id = ' . $user['id']);
$_SESSION['user_id'] = $user['id'];
$_SESSION['is_admin'] = $user['is_admin'];
$_SESSION['email'] = $user['email'];
$_SESSION['homepage'] = '/bb/';
$_SESSION['departmentID'] = $user['departmentID'];
$_SESSION['isHelpdesk'] = $user['isHelpdesk'];
$_SESSION['update_days'] = $user['update_days'];
$_SESSION['updated_date'] = $user['updated_date'];
$_SESSION['password'] = $user['password'];
$_SESSION['language_id'] = $user['language_id'];
$_SESSION['language'] = $user['language'];
$_SESSION['full_name'] = $user['firstname'] . ' ' . $user['lastname'];
$_SESSION['isLoggedIn'] = true;
cookie('last_login', $user['email']);
cookie('last_email', $user['email']);
return true;
}
$_SESSION['user_id'] = false;
return false;
}
<?php
include "../include.php";
if (!isset($_GET["id"])) {
$_GET["id"] = "a";
}
echo drawTop();
$r = db_grab("SELECT tt.name, t.type_id, t.tag FROM contacts_tags t INNER JOIN contacts_tags_types tt ON t.type_id = tt.id WHERE t.id = " . $_GET["id"]);
?>
<table class="left" cellspacing="1">
<?php
echo drawHeaderRow($r["tag"], 4);
?>
<tr>
<th width="16"></th>
<th width="27%" align="left">Name</th>
<th width="48%" align="left">Company</th>
<th width="25%" align="left">Phone</th>
</tr>
<?php
$contacts = db_query("SELECT\r\n\t\t\t\t\t\to.id,\r\n\t\t\t\t\t\to.is_active,\r\n\t\t\t\t\t\ti.varchar_01 as firstname,\r\n\t\t\t\t\t\ti.varchar_02 as lastname,\r\n\t\t\t\t\t\ti.varchar_04 as organization,\r\n\t\t\t\t\t\ti.varchar_08 as phone,\r\n\t\t\t\t\t\ti.varchar_11 as email\r\n\t\t\t\t\tFROM contacts o\r\n\t\t\t\t\tJOIN contacts_instances i ON o.instanceCurrentID = i.id\r\n\t\t\t\t\tJOIN contacts_instances_to_tags i2t ON i.id = i2t.instanceID\r\n\t\t\t\t\tWHERE o.is_active = 1 AND i2t.tagID = {$_GET["id"]}\r\n\t\t\t\t\tORDER BY i.varchar_02, i.varchar_01");
while ($c = db_fetch($contacts)) {
if (strlen($c["organization"]) > 40) {
$c["organization"] = substr($c["organization"], 0, 39) . "...";
}
?>
<tr <?php
if (!$c["is_active"]) {
?>
class="deleted"<?php
}
<?php
include 'include.php';
url_query_require('skills.php');
if (!($skill = db_grab('SELECT title FROM skills where isActive = 1 AND id = ' . url_id()))) {
url_chagne('skills.php');
}
echo drawTop();
echo drawTableStart();
if ($isAdmin) {
echo drawHeaderRow($skill, 1, 'Edit', 'skill_add_edit.php?id=' . url_id());
} else {
echo drawHeaderRow($skill, 1);
}
if ($users = db_table('SELECT
u.userID,
u.firstName,
u.lastName
FROM users_to_skills u2s
JOIN intranet_users u ON u2s.user_id = u.userID
WHERE u2s.skill_id = ' . url_id() . ' AND u.isActive = 1
ORDER BY u.lastName, u.firstName')) {
?>
<tr>
<th>User</th>
</tr>
<?php
foreach ($users as $u) {
echo '<tr>
<td><a href="view.php?id=' . $u['userID'] . '">' . $u['firstName'] . ' ' . $u['lastName'] . '</a></td>
</tr>';
<?php
include "../../include.php";
echo drawTop();
$r = db_grab("SELECT programDesc FROM funders_programs WHERE programID = " . $_GET["id"]);
?>
<table class="left" cellspacing="1">
<?php
echo drawHeaderRow($r, 2);
?>
<tr>
<td class="left">Name</td>
<td><b><?php
echo $r;
?>
</b></td>
</tr>
<tr>
<td class="bottom" colspan="2"><?php
echo draw_form_button("edit name", "program_add_edit.php?id=" . $_GET["id"]);
?>
</td>
</tr>
</table>
<table class="left" cellspacing="1">
<tr>
<td colspan="5" class="head">
Funders Interesed in <?php
echo $r;
$r = db_grab('SELECT
u.firstname,
u.lastname,
u.nickname,
u.bio' . langExt() . ' bio,
u.email,
' . db_pwdcompare("", "u.password") . ' password,
u.phone,
u.lastlogin,
u.title' . langExt() . ' title,
f.name office,
u.officeID,
d.departmentName,
u.organization_id,
o.title' . langExt() . ' organization,
u.homeAddress1,
u.homeAddress2,
u.homeCity,
s.stateAbbrev,
u.homeZIP,
c.title' . langExt() . ' channel,
u.homePhone,
u.homeCell,
u.homeEmail,
u.emerCont1Name,
u.emerCont1Relationship,
u.emerCont1Phone,
u.emerCont1Cell,
u.emerCont1Email,
u.emerCont2Name,
u.emerCont2Relationship,
u.emerCont2Phone,
u.emerCont2Cell,
u.emerCont2Email,
u.startDate,
u.longDistanceCode,
u.endDate,
u.is_active,
u.is_admin,
r.description rank,
l.title language,
' . db_updated('u') . '
FROM users u
JOIN languages l ON u.language_id = l.id
LEFT JOIN users_to_channels u2c ON u.id = u2c.user_id
LEFT JOIN channels c ON u2c.channel_id = c.id
LEFT JOIN intranet_ranks r ON u.rankID = r.id
LEFT JOIN organizations o ON u.organization_id = o.id
LEFT JOIN departments d ON d.departmentID = u.departmentID
LEFT JOIN offices f ON f.id = u.officeID
LEFT JOIN intranet_us_states s ON u.homeStateID = s.stateID
WHERE u.id = ' . $_GET['id']);
<?php
include 'include.php';
if (!url_id()) {
url_query_add(array('id' => 1));
}
drawTop();
$locations = db_query("SELECT \n\t\to.id, \n\t\to.name\n\tFROM intranet_offices o \n\tORDER BY (SELECT COUNT(*) FROM intranet_users u WHERE u.officeID = o.id) DESC");
if (db_found($locations)) {
$pages = array();
while ($l = db_fetch($locations)) {
$pages["/staff/locations.php?id=" . $l["id"]] = $l["name"];
}
echo drawNavigationRow($pages, $location, true);
}
if ($_GET["id"] == "other") {
echo drawStaffList("u.isactive = 1 AND u.officeID <> 1 AND u.officeID <> 6 AND u.officeID <> 11 AND u.officeID <> 9");
} else {
$l = db_grab('SELECT name, address FROM intranet_offices WHERE id = ' . $_GET['id']);
if (!empty($l['address'])) {
echo drawServerMessage('<center><strong>' . $l['name'] . ' Office</strong><br>' . nl2br($l['address']) . '</center>');
}
echo drawStaffList("u.isactive = 1 and u.officeID = " . $_GET["id"]);
}
drawBottom();
<?php
include '../include.php';
echo drawTop();
if (url_action('delete')) {
db_delete('external_orgs');
url_change('./');
}
if (url_id()) {
echo drawTableStart();
echo drawHeaderRow($page['breadcrumbs'] . $page['title'], 2, getString('edit'), 'edit/?id=' . $_GET['id'], getString('delete'), drawDeleteLink());
$r = db_grab('SELECT e.title' . langExt() . ' title, e.url, e.description' . langExt() . ' description FROM external_orgs e WHERE e.id = ' . $_GET['id']);
?>
<tr>
<td class="left"><?php
echo getString('title');
?>
</td>
<td class='title'><?php
echo draw_link($r['url'], $r['title']);
?>
</td>
</tr>
<tr>
<td class="left"><?php
echo getString('description');
?>
</td>
<td class="text"><?php
echo $r['description'];
?>
if ($posting) {
error_debug('user is posting', __FILE__, __LINE__);
if ($uploading) {
list($_POST['content'], $_POST['type_id']) = file_get_uploaded('content', 'docs_types');
}
langTranslatePost('title,description');
$id = db_save('docs');
//debug();
db_checkboxes('categories', 'docs_to_categories', 'documentID', 'categoryID', $id);
if (getOption('channels')) {
db_checkboxes('channels', 'docs_to_channels', 'doc_id', 'channel_id', $id);
}
url_change('info.php?id=' . $id);
}
if (url_id()) {
$d = db_grab('SELECT title, description FROM docs WHERE id = ' . $_GET['id']);
$pageAction = getString('edit');
} else {
$pageAction = getString('add_new');
}
echo drawTop();
//load code for JS
$extensions = array();
$doctypes = array();
$types = db_query('SELECT description, extension FROM docs_types ORDER BY description');
while ($t = db_fetch($types)) {
$extensions[] = '(extension != "' . $t['extension'] . '")';
$doctypes[] = ' - ' . $t['description'] . ' (.' . $t['extension'] . ')';
}
?>
<script language='javascript'>
<?php
include "../include.php";
echo drawTop();
if (url_id()) {
$title = db_grab('SELECT title' . langExt() . ' title FROM press_clips_types WHERE id = ' . $_GET["id"]);
$result = db_table('SELECT c.id, c.title' . langExt() . ' title, c.pub_date, c.publication' . langExt() . ' publication, ISNULL(c.created_date, c.updated_date) updated FROM press_clips c ' . getChannelsWhere('press_clips', 'c', 'clip_id') . ' AND c.type_id = ' . $_GET["id"] . ' ORDER BY updated DESC');
$t = new table('press_clips', drawHeader(false, $title));
$t->set_column('title', 'l', getString('title'));
$t->set_column('publication', 'l', getString('publication'));
$t->set_column('pub_date', 'r', getString('published'));
foreach ($result as &$r) {
$r['title'] = draw_link('clip.php?id=' . $r['id'], format_string($r['title'], 50));
$r['pub_date'] = format_date($r['pub_date']);
}
echo $t->draw($result, 'There are no clips tagged <i>' . $title . '</i>.');
} else {
$t = new table('press_clips', drawHeader());
$t->set_column('category', 'l', getString('category'));
$t->set_column('clips', 'r', getString('clips'));
$result = db_table('SELECT t.id, t.title' . langExt() . ' category, (SELECT COUNT(*) FROM press_clips c WHERE c.type_id = t.id) clips FROM press_clips_types t ORDER BY t.precedence');
foreach ($result as &$r) {
$r['category'] = draw_link(url_query_add(array('id' => $r['id']), false), $r['category']);
}
echo $t->draw($result);
}
echo drawBottom();
$repliers = db_table("SELECT \n\t\t\t\tu.email,\n\t\t\t\tl.code\n\t\t\tFROM bb_followups f \n\t\t\tJOIN users u ON u.id = f.created_user \n\t\t\tJOIN languages l ON u.language_id = l.id\n\t\t\tWHERE u.is_active = 1 AND f.is_active = 1 AND f.topic_id = " . $_POST["topic_id"]);
foreach ($repliers as $r) {
$addresses[$r['code']][] = $r['email'];
}
foreach ($addresses as $lang => $emails) {
$topic = db_grab('SELECT
t.title' . langExt($lang) . ' title,
y.title' . langExt($lang) . ' type,
t.created_date
FROM bb_topics t
LEFT JOIN bb_topics_types y ON t.type_id = y.id
WHERE t.id = ' . $_POST['topic_id']);
$reply = db_grab('SELECT
f.description' . langExt($lang) . ' description,
ISNULL(u.nickname, u.firstname) firstname,
u.lastname
FROM bb_followups f
JOIN users u ON f.created_user = u.id
WHERE f.id = ' . $id);
$channels_text = db_array('SELECT c.title' . langExt($lang) . ' FROM bb_topics_to_channels t2c JOIN channels c ON t2c.channel_id = c.id WHERE t2c.topic_id = ' . $_POST['topic_id']);
$channels_text = implode(', ', $channels_text);
$message = '<p style="font-weight:bold;">' . $reply['firstname'] . ' ' . $reply['lastname'] . ' ' . getString('bb_followup', $lang) . '</p>
<p>' . getString('title', $lang) . ': ' . draw_link(url_base() . '/bb/topic.php?id=' . $id, $topic['title']) . '</p>
<p>' . getString('channels_label', $lang) . ': ' . $channels_text . '</p>';
if ($topic['type']) {
$message .= '<p>' . getString('category', $lang) . ': ' . $topic['type'] . '</p>';
}
$message .= '<div style="color:#555; border-top:1px dotted #555; padding-top:5px; margin-top:5px;">' . $reply['description'] . '</div>';
emailUser($emails, 'RE: ' . $topic['title'], $message);
}
}
?>
FFDDDD<?php
} else {
?>
F6F6F6<?php
}
?>
" width="18%"><?php
echo $t["name"];
?>
</td>
<td>
<?php
if ($t["fieldTypeID"] == 4) {
if (isset($_GET["id"])) {
$v = db_grab("SELECT i2t.tagID FROM contacts_instances_to_tags i2t JOIN contacts_tags t ON i2t.tagID = t.id WHERE i2t.instanceID = {$i["id"]} and t.type_id = {$t["tagTypeID"]} AND t.is_active = 1");
}
echo draw_form_select("tag_single_" . $t["tagTypeID"], "SELECT id, tag FROM contacts_tags WHERE type_id = {$t["tagTypeID"]} AND is_active = 1 ORDER BY precedence", @$v["tagID"], false, false, !$t["isRequired"]);
} elseif ($t["fieldTypeID"] == 5) {
?>
<table class="nospacing" cellpadding="0" cellspacing="0" border="0">
<?php
if (isset($_GET["id"])) {
$values = db_query("SELECT \r\n\t\t\t\t\t\t\t\t\t\tt.id, \r\n\t\t\t\t\t\t\t\t\t\tt.tag, \r\n\t\t\t\t\t\t\t\t\t\t(SELECT count(*) FROM contacts_instances_to_tags i2t WHERE i2t.tagID = t.id AND i2t.instanceID = {$i["id"]}) selected\r\n\t\t\t\t\t\t\t\t\tFROM contacts_tags t\r\n\t\t\t\t\t\t\t\t\tWHERE t.type_id = {$t["tagTypeID"]}\r\n\t\t\t\t\t\t\t\t\t\tAND t.is_active = 1\r\n\t\t\t\t\t\t\t\t\tORDER by t.precedence");
} else {
$values = db_query("SELECT \r\n\t\t\t\t\t\t\t\t\t\tt.id, \r\n\t\t\t\t\t\t\t\t\t\tt.tag,\r\n\t\t\t\t\t\t\t\t\t\t0 selected\r\n\t\t\t\t\t\t\t\t\tFROM contacts_tags t\r\n\t\t\t\t\t\t\t\t\tWHERE t.type_id = {$t["tagTypeID"]}\r\n\t\t\t\t\t\t\t\t\t\tAND t.is_active = 1\r\n\t\t\t\t\t\t\t\t\tORDER by t.precedence");
}
$oneFound = false;
while ($v = db_fetch($values)) {
?>
<tr>
} else {
$_GET["id"] = db_query("INSERT INTO it_laptops (\r\n\t\t\tlaptopName,\r\n\t\t\tlaptopModel,\r\n\t\t\tlaptopHomeID,\r\n\t\t\tlaptopSerial,\r\n\t\t\tlaptopExpressServiceCode,\r\n\t\t\tlaptopstatusID,\r\n\t\t\tlaptopServiceTag,\r\n\t\t\tlaptopOS,\r\n\t\t\tlaptopOffice,\r\n\t\t\tlaptopIsWireless,\r\n\t\t\tlaptopMACAddress,\r\n\t\t\tlaptopPurpose\r\n\t\t) VALUES (\r\n\t\t\t'" . $_POST["laptopName"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopModel"] . "',\t\t\t\r\n\t\t\t" . $_POST["laptopHomeID"] . ",\t\t\t\r\n\t\t\t'" . $_POST["laptopSerial"] . "',\r\n\t\t\t'" . $_POST["laptopExpressServiceCode"] . "',\r\n\t\t\t2,\r\n\t\t\t'" . $_POST["laptopServiceTag"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopOS"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopOffice"] . "',\t\t\t\r\n\t\t\t{$laptopIsWireless},\t\t\t\r\n\t\t\t'" . $_POST["laptopMACAddress"] . "',\r\n\t\t\t'" . $_POST["laptopPurpose"] . "'\r\n\t\t)");
}
//accessories
reset($_POST);
while (list($key, $value) = each($_POST)) {
@(list($control, $accessoryID) = explode("_", $key));
if ($control == "chkacc") {
db_query("INSERT INTO it_laptops_2_accessories (\r\n\t\t\t\tlaptopID,\r\n\t\t\t\taccessoryID\r\n\t\t\t) VALUES (\r\n\t\t\t\t" . $_GET["id"] . ",\r\n\t\t\t\t" . $accessoryID . "\r\n\t\t\t);");
}
}
url_change("laptop.php?id=" . $_GET["id"]);
}
echo drawTop();
if (isset($_GET["id"])) {
$r = db_grab("SELECT \r\n\t\t\t\t\t\tl.laptopName,\r\n\t\t\t\t\t\tl.laptopPurpose,\r\n\t\t\t\t\t\tl.laptopModel,\r\n\t\t\t\t\t\tl.laptopHomeID,\r\n\t\t\t\t\t\tl.laptopSerial,\r\n\t\t\t\t\t\tl.laptopExpressServiceCode,\r\n\t\t\t\t\t\tl.laptopServiceTag,\r\n\t\t\t\t\t\tl.laptopOS,\r\n\t\t\t\t\t\tl.laptopOffice,\r\n\t\t\t\t\t\tl.laptopIsWireless,\r\n\t\t\t\t\t\tl.laptopMACAddress\r\n\t\t\t\t\tFROM it_laptops l\r\n\t\t\t\t\tWHERE laptopID = " . $_GET["id"]);
$openEnded = empty($r["laptopEnd"]) ? true : false;
}
?>
<a name="closedtickets"></a>
<table class="left" cellspacing="1">
<?php
echo drawHeaderRow("Add Laptop", 2);
?>
<form method="post" action="<?php
echo $request["path_query"];
?>
">
<tr>
<td class="left">Laptop Name</td>
<?php
include "include.php";
url_query_require("users.php");
echo drawTop();
$result = db_query("select\r\n\t\t\t\tt.title,\r\n\t\t\t\tt.statusID,\r\n\t\t\t\t(SELECT COUNT(*) FROM helpdesk_tickets_followups f where f.ticketID = t.id) as ticketfollowups,\r\n\t\t\t\tt.created_user,\r\n\t\t\t\tt.updated_date,\r\n\t\t\t\tt.id,\r\n\t\t\t\tt.ownerID,\r\n\t\t\t\tt.priorityID,\r\n\t\t\t\tt.created_date,\r\n\t\t\t\tISNULL(u.nickname, u.firstname) first,\r\n\t\t\t\tu.lastname last,\r\n\t\t\t\t(SELECT COUNT(*) FROM users_to_modules a WHERE a.module_id = 3 AND a.user_id = t.created_user) is_adminIT\r\n\t\t\tFROM helpdesk_tickets t\r\n\t\t\tJOIN users u ON u.id = t.created_user\r\n\t\t\tWHERE t.created_user = {$_GET["id"]} {$where}\r\n\t\t\tORDER BY t.created_date DESC");
echo drawTicketFilter();
?>
<table class="left" cellspacing="1">
<?php
$u = db_grab("SELECT ISNULL(nickname, firstname) first, lastname last FROM users WHERE id = " . $_GET["id"]);
echo drawHeaderRow("<a href='users.php' class='white'>Users</a> > " . $u["first"] . " " . $u["last"] . " (" . db_found($result) . ")", 5);
if (db_found($result)) {
echo drawTicketHeader();
while ($r = db_fetch($result)) {
echo drawTicketRow($r);
}
} else {
if ($filtered) {
echo drawEmptyResult("No tickets for this user / month / year.", 5);
} else {
echo drawEmptyResult("This user hasn't posted any tickets.", 5);
}
}
?>
</table>
<?php
echo drawBottom();
<?php
include "include.php";
url_query_require("admins.php");
echo drawTop();
echo drawTicketFilter();
?>
<table class="left" cellspacing="1">
<?php
$result = db_query("SELECT\r\n\t\t\t\t\t\tt.title,\r\n\t\t\t\t\t\tt.statusID,\r\n\t\t\t\t\t\t(SELECT COUNT(*) FROM helpdesk_tickets_followups f WHERE f.ticketID = t.id) as ticketfollowups,\r\n\t\t\t\t\t\tt.created_user,\r\n\t\t\t\t\t\tt.updated_date,\r\n\t\t\t\t\t\tt.id,\r\n\t\t\t\t\t\tt.ownerID,\r\n\t\t\t\t\t\tt.priorityID,\r\n\t\t\t\t\t\tt.created_date,\r\n\t\t\t\t\t\tISNULL(u.nickname, u.firstname) first,\r\n\t\t\t\t\t\tu.lastname last\r\n\t\t\t\t\tFROM helpdesk_tickets t\r\n\t\t\t\t\tJOIN users u ON u.id = t.created_user\r\n\t\t\t\t\tWHERE t.ownerID = {$_GET["id"]} {$where}\r\n\t\t\t\t\tORDER BY t.created_date DESC");
$admin = db_grab("SELECT ISNULL(u.nickname, u.firstname) first FROM users u WHERE u.id = " . $_GET["id"]);
echo drawHeaderRow("<a href='admins.php' class='white'>Admins</a> > " . $admin["first"] . " (" . db_found($result) . ")", 5);
if (db_found($result)) {
echo drawTicketHeader();
while ($r = db_fetch($result)) {
echo drawTicketRow($r);
}
} else {
if ($filtered) {
echo drawEmptyResult("No tickets were assigned to this admin in this month / year", 5);
} else {
echo drawEmptyResult("No tickets were assigned to this admin.", 5);
}
}
?>
</table>
<?php
echo drawBottom();
foreach ($_POST['order'] as $id) {
db_query('UPDATE intranet_offices SET precedence = ' . $counter . ' WHERE id = ' . $id);
$counter++;
}
exit;
} else {
db_enter('intranet_offices', 'name address precedence');
url_query_drop('id');
}
} elseif (url_id() && url_action('delete')) {
db_query('DELETE FROM intranet_offices WHERE id = ' . $_GET['id']);
url_query_drop('action,id');
}
drawTop();
if (url_id()) {
if (!($l = db_grab('SELECT id, name, address, precedence FROM intranet_offices WHERE id = ' . $_GET['id']))) {
url_query_drop('id');
}
$form = new intranet_form();
$form->addRow('hidden', '', 'precedence', $l['precedence']);
$form->addRow('itext', 'Name', 'name', $l['name'], '', true, 255);
$form->addRow('textarea-plain', 'Address', 'address', $l['address'], '');
$form->addRow('submit', 'Save Changes');
$form->draw('Edit Location');
} else {
?>
<table cellspacing='1' class='left draggable locations'>
<thead>
<?php
echo drawHeaderRow(false, 4, 'new', '#bottom');
?>
<?php
include "../../include.php";
echo drawTop();
$r = db_grab("SELECT \n\t\tj.id,\n\t\tj.title,\n\t\tj.description,\n\t\tc.description corporationName,\n\t\to.name office,\n\t\tj.created_date, \n\t\tj.updated_date,\n\t\tj.deleted_date,\n\t\tu1.firstname created_userFirst,\n\t\tu1.lastname created_userLast,\n\t\tu2.firstname updated_userFirst,\n\t\tu2.lastname updated_userLast,\n\t\tu3.firstname deleted_userFirst,\n\t\tu3.lastname deleted_userLast\n\tFROM openings j\n\tLEFT JOIN organizations c ON j.corporationID = c.id\n\tLEFT JOIN offices o ON j.officeID = o.id\n\tLEFT JOIN users u1 ON j.created_user = u1.id\n\tLEFT JOIN users u2 ON j.updated_user = u2.id\n\tLEFT JOIN users u3 ON j.deleted_user = u3.id\n\t\n\tWHERE j.id = " . $_GET["id"]);
$r["created_user"] = $r["created_userFirst"] ? $r["created_userFirst"] . " " . $r["created_userLast"] : false;
$r["updated_user"] = $r["updated_userFirst"] ? $r["updated_userFirst"] . " " . $r["updated_userLast"] : false;
$r["deleted_user"] = $r["deleted_userFirst"] ? $r["deleted_userFirst"] . " " . $r["deleted_userLast"] : false;
?>
<table class="left" cellspacing="1">
<?php
if ($page['is_admin']) {
echo drawHeaderRow("View Position", 2, "edit", "position_edit.php?id=" . $_GET["id"]);
} else {
echo drawHeaderRow("View Position", 2);
}
?>
<tr>
<td class="left">Organization</td>
<td><?php
echo $r["corporationName"];
?>
</td>
</tr>
<tr>
<td class="left">Location</td>
<td><?php
echo $r["office"];
?>
</td>
</tr>
<?php
include "../../include.php";
url_query_require();
if ($posting) {
$id = db_save("wiki_topics");
db_checkboxes("tags", "wiki_topics_to_tags", "topicID", "tagID", $id);
url_change("topic.php?id=" . $id);
}
echo drawTop();
$r = db_grab("SELECT id, title, description, type_id FROM wiki_topics WHERE id = " . $_GET["id"]);
$form = new intranet_form();
if ($page['is_admin']) {
$form->addUser("created_user", "Posted By", $_SESSION["user_id"], false, true);
}
$form->addRow("itext", "Title", "title", $r["title"], "", true, 255);
$form->addRow("select", "Type", "type_id", "SELECT id, description FROM wiki_topics_types", $r["type_id"], true);
$form->addCheckboxes("tags", "Tags", "wiki_tags", "wiki_topics_to_tags", "topicID", "tagID", $_GET["id"]);
$form->addRow("textarea", "Description", "description", $r["description"], "", true);
$form->addRow("submit", "post wiki topic");
$form->draw("Add a Wiki Topic");
echo drawBottom();
$lastDept = "";
$count = db_found($result);
if ($count) {
echo drawHeaderRow($deptName . " Open Tickets", 4, "new", "#bottom");
?>
<tr>
<th width="50%" align="left">Short Description</th>
<th width="15%" align="left"><nobr>Submitted By</nobr></th>
<th width="20%" align="left">Status</th>
<th width="15%"><nobr>Assigned To</nobr></th>
</tr>
<?php
while ($r = db_fetch($result)) {
if ($r["department"] != $lastDept) {
$lastDept = $r["department"];
$count = db_grab("SELECT COUNT(*) tickets FROM helpdesk_tickets WHERE departmentID = " . $r["departmentID"] . " AND statusID <> 9");
?>
<tr class="group">
<td colspan="4"><?php
echo $lastDept;
?>
Tickets (<?php
echo $count;
?>
)</td>
</tr>
<?php
}
if ($r["departmentID"] == 2 && !$page['is_admin'] && $r["created_user"] != $_SESSION["user_id"]) {
//ticket not clickable in this scenario
?>
function db_id()
{
global $_josh;
db_open();
if ($_josh["db"]["language"] == "mysql") {
return mysql_insert_id();
} elseif ($_josh["db"]["language"] == "mssql") {
return db_grab("SELECT @@IDENTITY");
}
}
if ($posting) {
langTranslatePost('title,description,publication');
$id = db_save("press_clips");
if (getOption('channels')) {
db_checkboxes('channels', 'press_clips_to_channels', 'clip_id', 'channel_id', $id);
}
url_change_post("/press-clips/clip.php?id=" . $id);
} elseif ($included) {
$action = getString('add_new');
$_josh["request"]["path_query"] = "edit.php";
//shoddy way of setting the form target
$r["url"] = "http://";
} elseif (url_id()) {
$action = getString('edit');
echo drawTop();
$r = db_grab("SELECT id, title, url, publication, pub_date, description, type_id from press_clips WHERE id = " . $_GET["id"]);
$r["title"] = format_title($r["title"], "US");
} else {
$action = getString('add_new');
echo drawTop();
if (isset($_GET["title"])) {
$r["title"] = format_title($_GET["title"], "US");
}
if (isset($_GET["url"])) {
$r["url"] = $_GET["url"];
$url = url_parse($r["url"]);
if ($url["domainname"] == "nytimes") {
$r["publication"] = "NY Times";
$r["title"] = str_replace("- Nytimes.com", "", $r["title"]);
} elseif ($url["domainname"] == "latimes") {
$r["publication"] = "LA Times";
function emailITticket($id, $scenario, $admin = false, $debug = false)
{
global $_josh, $page;
$ticket = db_grab('SELECT
u.id,
(SELECT COUNT(*) FROM users_to_modules a WHERE a.user_id = u.id AND a.module_id = 3) isUserAdmin,
t.title,
t.created_user,
t.description,
t.departmentID,
ISNULL(u.nickname, u.firstname) first,
u.lastname last,
u.email,
' . db_updated('u') . ',
t.created_date,
t.priorityID,
t.statusID,
d.shortName department,
t.type_id,
y.description type,
u2.email as ownerEmail,
t.ownerID,
ISNULL(u2.nickname, u2.firstname) as ownerName
FROM helpdesk_tickets t
LEFT JOIN helpdesk_tickets_types y ON t.type_id = y.id
JOIN users u ON t.created_user = u.id
JOIN departments d ON t.departmentID = d.departmentID
LEFT JOIN users u2 ON t.ownerID = u2.id
WHERE t.id = ' . $id);
//yellow box
if ($scenario == "followup") {
$subject = "Followup On Your Helpdesk Ticket";
$message = drawMessage('There\'s been followup on your Helpdesk ticket - please see below. <b>Don\'t reply to this email!</b> Instead, please ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.');
} elseif ($scenario == "followupadmin") {
$subject = "Admin Followup on Helpdesk Ticket";
$message = drawMessage(draw_link('/staff/view.php?id=' . user(), $_SESSION['full_name']) . ' just made an administrative followup on this Helpdesk ticket. Regular staff were not copied on this message.');
} elseif ($scenario == "closed") {
$subject = "Your Ticket Has Been Closed";
$message = drawMessage('This is to let you know that your ticket has been closed. <b>Don\'t reply to this email!</b> You can still followup on this thread by ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'viewing your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.');
} elseif ($scenario == "assign") {
$subject = "Your Ticket Has Been Assigned";
$message = drawMessage(draw_link('/staff/view.php?id=' . user(), $_SESSION["full_name"]) . ' has assigned this ticket to ' . draw_link('/staff/view.php?id=' . $ticket['ownerID'], $ticket["ownerName"]) . '<b>Don\'t reply to this email!</b> Instead, please ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.');
} elseif ($scenario == "new") {
$subject = "New " . $ticket["department"] . " Ticket Posted";
$message = drawMessage('This is to let you know that a new ticket has just been posted to the Helpdesk. You can ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view the ticket') . ' in the intranet ticketing system.');
} elseif ($scenario == "critical") {
$subject = "Critical " . $ticket["department"] . " Ticket Still Open";
$message = drawMessage('A ticket flagged "Critical" is open on the Helpdesk. You can ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view the ticket') . ' in the intranet ticketing system.');
}
//$message .= drawtableStart() . drawHeaderRow(false, 2);
//recipients arrays
$users = array();
$admins = array();
if ($ticket["isUserAdmin"]) {
$admins[] = $ticket["email"];
} else {
$users[] = $ticket["email"];
}
if ($page['is_admin']) {
$admins[] = $_SESSION["email"];
} else {
$users[] = $_SESSION["email"];
}
//add owner if ticket is assigned
if ($ticket["ownerEmail"]) {
$admins[] = $ticket["ownerEmail"];
}
//owner logically has to be admin
$d_user = new display($page['breadcrumbs'] . $ticket['title'], false, false, 'thread');
$d_admin = new display($page['breadcrumbs'] . $ticket['title'], false, false, 'thread');
$d_user->row(drawName($ticket['created_user'], $ticket['first'] . ' ' . $ticket['last'], $ticket['created_date'], true, BR, $ticket['updated']), draw_h1($ticket['title']) . $ticket['description']);
$d_admin->row(drawName($ticket['created_user'], $ticket['first'] . ' ' . $ticket['last'], $ticket['created_date'], true, BR, $ticket['updated']), draw_h1($ticket['title']) . $ticket['description']);
//get followups
$followups = db_query('SELECT
u.id,
f.message,
(SELECT COUNT(*) FROM users_to_modules u2m WHERE u2m.user_id = u.id AND u2m.module_id = 3 AND u2m.is_admin = 1) isUserAdmin,
ISNULL(u.nickname, u.firstname) firstname,
u.lastname,
u.email,
f.created_date,
f.is_admin,
f.created_user,
' . db_updated('u') . '
FROM helpdesk_tickets_followups f
INNER JOIN users u ON f.created_user = u.id
WHERE f.ticketID = ' . $id . ' ORDER BY f.created_date');
while ($f = db_fetch($followups)) {
$d_admin->row(drawName($f['created_user'], $f['firstname'] . ' ' . $f['lastname'], $f['created_date'], true, BR, $f['updated']), $f['message']);
if (!$f['is_admin']) {
$d_user->row(drawName($f['created_user'], $f['firstname'] . ' ' . $f['lastname'], $f['created_date'], true, BR, $f['updated']), $f['message']);
}
if ($f['isUserAdmin']) {
$admins[] = $f['email'];
} else {
$users[] = $f['email'];
}
}
$admins = array_remove($_SESSION['email'], array_unique($admins));
$users = array_remove($_SESSION['email'], array_unique($users));
if ($debug) {
die(drawEmail($message . $d_admin->draw()));
}
//special codes for email
//todo: put this in db, possibly by adding something to the users table or something
if ($scenario == "new" && $ticket["departmentID"] == 3) {
$admins = array('*****@*****.**', '*****@*****.**', '*****@*****.**');
}
if ($scenario == "new" && $ticket["departmentID"] == 13) {
$admins = array('*****@*****.**', '*****@*****.**');
}
if ($scenario == "new" && $ticket["departmentID"] == 2) {
$admins = array('*****@*****.**', '*****@*****.**', '*****@*****.**', '*****@*****.**', '*****@*****.**');
}
if ($scenario == "critical" && $ticket["departmentID"] == 8) {
$admins = array('*****@*****.**');
}
if (count($admins)) {
//$admins = join(", ", $admins);
email($admins, drawEmail($message . $d_admin->draw()), $subject);
error_debug('admin message emailed to ' . implode(', ', $admins) . ' admins', __FILE__, __LINE__);
}
if (count($users) && $scenario != "followupadmin" && !$admin) {
//$users = join(", ", $users);
email($users, drawEmail($message . $d_user->draw()), $subject);
error_debug('user message emailed to ' . implode(', ', $users) . ' users', __FILE__, __LINE__);
}
}
<?php
include "../include.php";
$d = db_grab("SELECT \r\n\t\td.title,\r\n\t\td.extension, \r\n\t\td.content \r\n\tFROM helpdesk_tickets_attachments d \r\n\tWHERE d.id = " . $_GET["id"]);
//db_query("INSERT INTO docs_views ( documentID, user_id, viewedOn ) VALUES ( {$_GET["id"]}, {$_SESSION["user_id"]}, GETDATE() )");
file_download($d["content"], $d["title"], $d["extension"]);
<?php
include "../../include.php";
if ($posting) {
$id = db_save("queries");
url_change("./");
}
echo drawTop();
if (isset($_GET["id"])) {
$r = db_grab("SELECT \n\t\t\tq.databaseID,\n\t\t\td.dbname,\n\t\t\tq.name,\n\t\t\tq.description,\n\t\t\tq.query,\n\t\t\tq.is_active\n\t\tFROM queries q \n\t\tJOIN queries_databases d ON d.id = q.databaseID\n\t\tWHERE q.id = " . $_GET["id"]);
/*db_switch($r["dbname"]);
db_query($r["query"], false, true);
db_switch($_josh["db"]["database"]);*/
} else {
$r["is_active"] = 1;
}
$form = new intranet_form();
$form->addRow("hidden", "", "is_active", $r["is_active"]);
$form->addRow("select", "Database", "databaseID", "SELECT id, dbname from queries_databases order by dbname", @$r["databaseID"], true);
$form->addRow("itext", "Name", "name", @$r["name"], "", false, 50);
$form->addRow("textarea", "Description", "description", @$r["description"]);
$form->addRow("textarea-plain", "Query", "query", @$r["query"]);
$form->addRow("submit", "Save Changes");
if (isset($_GET["id"])) {
$form->draw("<a href='/queries/'>Database Queries</a> > Edit Query");
} else {
$form->draw("Add New Query");
}
echo drawBottom();
<?php
include '../include.php';
url_query_require();
if (url_action('delete')) {
db_delete('press_clips', $_GET['delete_id']);
url_change('/press-clips/');
}
echo drawTop();
echo drawTableStart();
echo drawHeaderRow($page['breadcrumbs'] . $page['title'], 2, getString('edit'), 'edit/?id=' . $_GET['id'], getString('delete'), drawDeleteLink());
$r = db_grab('SELECT c.title' . langExt() . ' title, c.url, c.pub_date, c.publication' . langExtT() . ' publication, c.type_id, c.description' . langExt() . ' description, t.title' . langExt() . ' type FROM press_clips c JOIN press_clips_types t ON c.type_id = t.id WHERE c.id = ' . $_GET['id']);
?>
<tr>
<td class="left"><?php
echo getString('title');
?>
</td>
<td class='title'><?php
echo $r['title'];
?>
</td>
</tr>
<tr>
<td class="left"><?php
echo getString('category');
?>
</td>
<td><?php
echo draw_link('categories.php?id=' . $r['type_id'], $r['type']);
?>
<?php
include "../../include.php";
url_query_require("types.php");
echo drawTop();
$r = db_grab("SELECT description FROM wiki_topics_types WHERE id = " . $_GET["id"]);
?>
<table class="left" cellspacing="1">
<?php
echo drawHeaderRow("<a href='types.php' class='white'>Types</a> > " . $r["description"], 4);
$topics = db_query("SELECT \n\t\tw.id,\n\t\tw.title,\n\t\tw.description,\n\t\tISNULL(u.nickname, u.firstname) first,\n\t\tu.lastname last,\n\t\tw.created_date\n\tFROM wiki_topics w\n\tJOIN wiki_topics_types t ON w.type_id = t.id\n\tJOIN users u ON w.created_user = u.id\n\tWHERE w.is_active = 1 AND w.type_id = " . $_GET["id"]);
if (db_found($topics)) {
?>
<tr>
<th width="16"></th>
<th align="left">Title</th>
<th align="left" width="100">Created By</th>
<th align="right" width="80">Created On</th>
</tr>
<?php
while ($t = db_fetch($topics)) {
?>
<tr height="36">
<td></td>
<td><a href="topic.php?id=<?php
echo $t["id"];
?>
"><?php
echo $t["title"];
?>
</a></td>
