function drawJumpToStaff($selectedID = false) { global $page; $nullable = $selectedID === false; $return = drawPanel(getString('jump_to') . ' ' . drawSelectUser('', $selectedID, $nullable, 0, true, true, 'Staff Member:')); if ($page['is_admin'] && db_grab('SELECT COUNT(*) FROM users_requests WHERE is_active = 1')) { $return = drawMessage('There are pending <a href="requests.php">account requests</a> for you to review.') . $return; } return $return; }
function drawJumpToStaff($selectedID = false) { global $isAdmin; $nullable = $selectedID === false; $return = ' <table class="message"> <tr> <td class="gray">Jump to ' . drawSelectUser("", $selectedID, $nullable, 0, true, true, "Staff Member:") . '</td> </tr> </table>'; if ($isAdmin) { if ($r = db_grab("SELECT COUNT(*) FROM users_requests")) { $return = drawServerMessage("There are pending <a href='requests.php'>account requests</a> for you to review.") . $return; } } return $return; }
<?php include '../include.php'; url_query_require(); echo drawTop(); $r = db_grab('SELECT (SELECT t.tag FROM contacts_tags t JOIN contacts_to_tags c2t ON t.id = c2t.tag_id WHERE t.is_active = 1 AND t.type_id = 10 AND c2t.contact_id = c.id) salutation, c.firstname, c.lastname, (SELECT t.tag FROM contacts_tags t JOIN contacts_to_tags c2t ON t.id = c2t.tag_id WHERE t.is_active = 1 AND t.type_id = 11 AND c2t.contact_id = c.id) suffix, c.organization, c.title, c.address_1, c.address_2, RIGHT("00000" + RTRIM(c.zip), 5) zip, c.phone, c.fax, c.mobile_phone, c.email, z.city, z.state, c.notes FROM contacts c LEFT JOIN zip_codes z ON c.zip = z.zip WHERE c.id = ' . $_GET['id']); $d = new display(); $d->row('Name', $r['salutation'] . ' ' . $r['firstname'] . ' ' . $r['lastname'] . ($r['suffix'] ? ', ' . $r['suffix'] : '')); $d->row('Company', $r['organization']); $d->row('Job Title', $r['title']); $d->row('Address', $r['address_1'] . ($r['address_2'] ? BR . $r['address_2'] : false) . BR . $r['city'] . ', ' . $r['state'] . ' ' . $r['zip']); $d->row('Phone', $r['phone']);
<?php include "../../include.php"; if ($posting) { $theuser_id = $page['is_admin'] ? $_POST["created_user"] : $_SESSION["user_id"]; db_query("UPDATE press_releases SET\n\t\t\theadline = '{$_POST["headline"]}',\t\n\t\t\tdetail = '{$_POST["detail"]}',\t\n\t\t\tlocation = '{$_POST["location"]}',\t\n\t\t\ttext = '" . format_html($_POST["text"]) . "',\t\n\t\t\tcorporationID = {$_POST["corporationID"]},\n\t\t\tupdated_date = GETDATE(),\n\t\t\tupdated_user = {$theuser_id}\n\t\t\tWHERE id = " . $_GET["id"]); url_change("../?id=" . $_GET["id"]); } echo drawTop(); $r = db_grab("SELECT id, headline, detail, location, releaseDate, corporationID, text FROM press_releases WHERE id = " . $_GET["id"]); $form = new intranet_form(); if ($page['is_admin']) { $form->addUser("created_user", "Posted By", $_SESSION["user_id"], false, "EEDDCC"); } $form->addRow("itext", "Headline", "headline", $r["headline"], "", true, 255); $form->addRow("itext", "Detail", "detail", $r["detail"], "", false, 255); $form->addRow("itext", "Location", "location", $r["location"], "", true, 255); $form->addRow("select", "Organization", "corporationID", "SELECT id, title from organizations ORDER BY title", $r["corporationID"]); $form->addRow("date", "Date", "releaseDate", $r["releaseDate"]); $form->addRow("textarea", "Text", "text", $r["text"], "", true); $form->addRow("submit", "update press release"); $form->draw("Update Release"); echo drawBottom();
<?php include "include.php"; if (isset($_GET["deleteID"])) { if (db_grab("SELECT endDate FROM intranet_users WHERE userID = " . $_GET["deleteID"])) { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE() WHERE userID = " . $_GET["deleteID"]); } else { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE(), endDate = GETDATE() WHERE userID = " . $_GET["deleteID"]); } url_query_drop("deleteID"); } $orgs = array(); if (!isset($_GET["id"])) { $_GET["id"] = 0; } $orgs[0] = "Shared"; $orgs = db_array("SELECT id, description FROM organizations ORDER BY description", $orgs); drawTop(); ?> <table class="navigation staff" cellspacing="1"> <tr class="staff-hilite"> <?php foreach ($orgs as $key => $value) { ?> <td width="14.28%"<?php if ($_GET["id"] == $key) { ?> class="selected"<?php } ?> ><?php
function login($username, $password, $skippass = false) { global $_SESSION; //need id, fullname, email departmentid, ishelpdesk, homepage, update_days, updated_on, first if ($skippass) { $where = ''; error_debug('<b>login</b> running without password', __FILE__, __LINE__); } else { $where = ' AND ' . db_pwdcompare($password, 'u.password') . ' = 1'; error_debug('<b>login</b> running with password', __FILE__, __LINE__); } if ($user = db_grab('SELECT u.id, ISNULL(u.nickname, u.firstname) firstname, u.lastname, u.email, ' . db_pwdcompare('', 'u.password') . ' password, u.departmentID, d.isHelpdesk, u.help, u.is_admin, u.updated_date, u.language_id, l.code language, ' . db_datediff('u.updated_date', 'GETDATE()') . ' update_days FROM users u LEFT JOIN languages l ON u.language_id = l.id LEFT JOIN departments d ON u.departmentID = d.departmentID WHERE u.email = \'' . $username . '\' AND u.is_active = 1' . $where)) { //login was good db_query('UPDATE users SET lastlogin = GETDATE() WHERE id = ' . $user['id']); $_SESSION['user_id'] = $user['id']; $_SESSION['is_admin'] = $user['is_admin']; $_SESSION['email'] = $user['email']; $_SESSION['homepage'] = '/bb/'; $_SESSION['departmentID'] = $user['departmentID']; $_SESSION['isHelpdesk'] = $user['isHelpdesk']; $_SESSION['update_days'] = $user['update_days']; $_SESSION['updated_date'] = $user['updated_date']; $_SESSION['password'] = $user['password']; $_SESSION['language_id'] = $user['language_id']; $_SESSION['language'] = $user['language']; $_SESSION['full_name'] = $user['firstname'] . ' ' . $user['lastname']; $_SESSION['isLoggedIn'] = true; cookie('last_login', $user['email']); cookie('last_email', $user['email']); return true; } $_SESSION['user_id'] = false; return false; }
<?php include "../include.php"; if (!isset($_GET["id"])) { $_GET["id"] = "a"; } echo drawTop(); $r = db_grab("SELECT tt.name, t.type_id, t.tag FROM contacts_tags t INNER JOIN contacts_tags_types tt ON t.type_id = tt.id WHERE t.id = " . $_GET["id"]); ?> <table class="left" cellspacing="1"> <?php echo drawHeaderRow($r["tag"], 4); ?> <tr> <th width="16"></th> <th width="27%" align="left">Name</th> <th width="48%" align="left">Company</th> <th width="25%" align="left">Phone</th> </tr> <?php $contacts = db_query("SELECT\r\n\t\t\t\t\t\to.id,\r\n\t\t\t\t\t\to.is_active,\r\n\t\t\t\t\t\ti.varchar_01 as firstname,\r\n\t\t\t\t\t\ti.varchar_02 as lastname,\r\n\t\t\t\t\t\ti.varchar_04 as organization,\r\n\t\t\t\t\t\ti.varchar_08 as phone,\r\n\t\t\t\t\t\ti.varchar_11 as email\r\n\t\t\t\t\tFROM contacts o\r\n\t\t\t\t\tJOIN contacts_instances i ON o.instanceCurrentID = i.id\r\n\t\t\t\t\tJOIN contacts_instances_to_tags i2t ON i.id = i2t.instanceID\r\n\t\t\t\t\tWHERE o.is_active = 1 AND i2t.tagID = {$_GET["id"]}\r\n\t\t\t\t\tORDER BY i.varchar_02, i.varchar_01"); while ($c = db_fetch($contacts)) { if (strlen($c["organization"]) > 40) { $c["organization"] = substr($c["organization"], 0, 39) . "..."; } ?> <tr <?php if (!$c["is_active"]) { ?> class="deleted"<?php }
<?php include 'include.php'; url_query_require('skills.php'); if (!($skill = db_grab('SELECT title FROM skills where isActive = 1 AND id = ' . url_id()))) { url_chagne('skills.php'); } echo drawTop(); echo drawTableStart(); if ($isAdmin) { echo drawHeaderRow($skill, 1, 'Edit', 'skill_add_edit.php?id=' . url_id()); } else { echo drawHeaderRow($skill, 1); } if ($users = db_table('SELECT u.userID, u.firstName, u.lastName FROM users_to_skills u2s JOIN intranet_users u ON u2s.user_id = u.userID WHERE u2s.skill_id = ' . url_id() . ' AND u.isActive = 1 ORDER BY u.lastName, u.firstName')) { ?> <tr> <th>User</th> </tr> <?php foreach ($users as $u) { echo '<tr> <td><a href="view.php?id=' . $u['userID'] . '">' . $u['firstName'] . ' ' . $u['lastName'] . '</a></td> </tr>';
<?php include "../../include.php"; echo drawTop(); $r = db_grab("SELECT programDesc FROM funders_programs WHERE programID = " . $_GET["id"]); ?> <table class="left" cellspacing="1"> <?php echo drawHeaderRow($r, 2); ?> <tr> <td class="left">Name</td> <td><b><?php echo $r; ?> </b></td> </tr> <tr> <td class="bottom" colspan="2"><?php echo draw_form_button("edit name", "program_add_edit.php?id=" . $_GET["id"]); ?> </td> </tr> </table> <table class="left" cellspacing="1"> <tr> <td colspan="5" class="head"> Funders Interesed in <?php echo $r;
$r = db_grab('SELECT u.firstname, u.lastname, u.nickname, u.bio' . langExt() . ' bio, u.email, ' . db_pwdcompare("", "u.password") . ' password, u.phone, u.lastlogin, u.title' . langExt() . ' title, f.name office, u.officeID, d.departmentName, u.organization_id, o.title' . langExt() . ' organization, u.homeAddress1, u.homeAddress2, u.homeCity, s.stateAbbrev, u.homeZIP, c.title' . langExt() . ' channel, u.homePhone, u.homeCell, u.homeEmail, u.emerCont1Name, u.emerCont1Relationship, u.emerCont1Phone, u.emerCont1Cell, u.emerCont1Email, u.emerCont2Name, u.emerCont2Relationship, u.emerCont2Phone, u.emerCont2Cell, u.emerCont2Email, u.startDate, u.longDistanceCode, u.endDate, u.is_active, u.is_admin, r.description rank, l.title language, ' . db_updated('u') . ' FROM users u JOIN languages l ON u.language_id = l.id LEFT JOIN users_to_channels u2c ON u.id = u2c.user_id LEFT JOIN channels c ON u2c.channel_id = c.id LEFT JOIN intranet_ranks r ON u.rankID = r.id LEFT JOIN organizations o ON u.organization_id = o.id LEFT JOIN departments d ON d.departmentID = u.departmentID LEFT JOIN offices f ON f.id = u.officeID LEFT JOIN intranet_us_states s ON u.homeStateID = s.stateID WHERE u.id = ' . $_GET['id']);
<?php include 'include.php'; if (!url_id()) { url_query_add(array('id' => 1)); } drawTop(); $locations = db_query("SELECT \n\t\to.id, \n\t\to.name\n\tFROM intranet_offices o \n\tORDER BY (SELECT COUNT(*) FROM intranet_users u WHERE u.officeID = o.id) DESC"); if (db_found($locations)) { $pages = array(); while ($l = db_fetch($locations)) { $pages["/staff/locations.php?id=" . $l["id"]] = $l["name"]; } echo drawNavigationRow($pages, $location, true); } if ($_GET["id"] == "other") { echo drawStaffList("u.isactive = 1 AND u.officeID <> 1 AND u.officeID <> 6 AND u.officeID <> 11 AND u.officeID <> 9"); } else { $l = db_grab('SELECT name, address FROM intranet_offices WHERE id = ' . $_GET['id']); if (!empty($l['address'])) { echo drawServerMessage('<center><strong>' . $l['name'] . ' Office</strong><br>' . nl2br($l['address']) . '</center>'); } echo drawStaffList("u.isactive = 1 and u.officeID = " . $_GET["id"]); } drawBottom();
<?php include '../include.php'; echo drawTop(); if (url_action('delete')) { db_delete('external_orgs'); url_change('./'); } if (url_id()) { echo drawTableStart(); echo drawHeaderRow($page['breadcrumbs'] . $page['title'], 2, getString('edit'), 'edit/?id=' . $_GET['id'], getString('delete'), drawDeleteLink()); $r = db_grab('SELECT e.title' . langExt() . ' title, e.url, e.description' . langExt() . ' description FROM external_orgs e WHERE e.id = ' . $_GET['id']); ?> <tr> <td class="left"><?php echo getString('title'); ?> </td> <td class='title'><?php echo draw_link($r['url'], $r['title']); ?> </td> </tr> <tr> <td class="left"><?php echo getString('description'); ?> </td> <td class="text"><?php echo $r['description']; ?>
if ($posting) { error_debug('user is posting', __FILE__, __LINE__); if ($uploading) { list($_POST['content'], $_POST['type_id']) = file_get_uploaded('content', 'docs_types'); } langTranslatePost('title,description'); $id = db_save('docs'); //debug(); db_checkboxes('categories', 'docs_to_categories', 'documentID', 'categoryID', $id); if (getOption('channels')) { db_checkboxes('channels', 'docs_to_channels', 'doc_id', 'channel_id', $id); } url_change('info.php?id=' . $id); } if (url_id()) { $d = db_grab('SELECT title, description FROM docs WHERE id = ' . $_GET['id']); $pageAction = getString('edit'); } else { $pageAction = getString('add_new'); } echo drawTop(); //load code for JS $extensions = array(); $doctypes = array(); $types = db_query('SELECT description, extension FROM docs_types ORDER BY description'); while ($t = db_fetch($types)) { $extensions[] = '(extension != "' . $t['extension'] . '")'; $doctypes[] = ' - ' . $t['description'] . ' (.' . $t['extension'] . ')'; } ?> <script language='javascript'>
<?php include "../include.php"; echo drawTop(); if (url_id()) { $title = db_grab('SELECT title' . langExt() . ' title FROM press_clips_types WHERE id = ' . $_GET["id"]); $result = db_table('SELECT c.id, c.title' . langExt() . ' title, c.pub_date, c.publication' . langExt() . ' publication, ISNULL(c.created_date, c.updated_date) updated FROM press_clips c ' . getChannelsWhere('press_clips', 'c', 'clip_id') . ' AND c.type_id = ' . $_GET["id"] . ' ORDER BY updated DESC'); $t = new table('press_clips', drawHeader(false, $title)); $t->set_column('title', 'l', getString('title')); $t->set_column('publication', 'l', getString('publication')); $t->set_column('pub_date', 'r', getString('published')); foreach ($result as &$r) { $r['title'] = draw_link('clip.php?id=' . $r['id'], format_string($r['title'], 50)); $r['pub_date'] = format_date($r['pub_date']); } echo $t->draw($result, 'There are no clips tagged <i>' . $title . '</i>.'); } else { $t = new table('press_clips', drawHeader()); $t->set_column('category', 'l', getString('category')); $t->set_column('clips', 'r', getString('clips')); $result = db_table('SELECT t.id, t.title' . langExt() . ' category, (SELECT COUNT(*) FROM press_clips c WHERE c.type_id = t.id) clips FROM press_clips_types t ORDER BY t.precedence'); foreach ($result as &$r) { $r['category'] = draw_link(url_query_add(array('id' => $r['id']), false), $r['category']); } echo $t->draw($result); } echo drawBottom();
$repliers = db_table("SELECT \n\t\t\t\tu.email,\n\t\t\t\tl.code\n\t\t\tFROM bb_followups f \n\t\t\tJOIN users u ON u.id = f.created_user \n\t\t\tJOIN languages l ON u.language_id = l.id\n\t\t\tWHERE u.is_active = 1 AND f.is_active = 1 AND f.topic_id = " . $_POST["topic_id"]); foreach ($repliers as $r) { $addresses[$r['code']][] = $r['email']; } foreach ($addresses as $lang => $emails) { $topic = db_grab('SELECT t.title' . langExt($lang) . ' title, y.title' . langExt($lang) . ' type, t.created_date FROM bb_topics t LEFT JOIN bb_topics_types y ON t.type_id = y.id WHERE t.id = ' . $_POST['topic_id']); $reply = db_grab('SELECT f.description' . langExt($lang) . ' description, ISNULL(u.nickname, u.firstname) firstname, u.lastname FROM bb_followups f JOIN users u ON f.created_user = u.id WHERE f.id = ' . $id); $channels_text = db_array('SELECT c.title' . langExt($lang) . ' FROM bb_topics_to_channels t2c JOIN channels c ON t2c.channel_id = c.id WHERE t2c.topic_id = ' . $_POST['topic_id']); $channels_text = implode(', ', $channels_text); $message = '<p style="font-weight:bold;">' . $reply['firstname'] . ' ' . $reply['lastname'] . ' ' . getString('bb_followup', $lang) . '</p> <p>' . getString('title', $lang) . ': ' . draw_link(url_base() . '/bb/topic.php?id=' . $id, $topic['title']) . '</p> <p>' . getString('channels_label', $lang) . ': ' . $channels_text . '</p>'; if ($topic['type']) { $message .= '<p>' . getString('category', $lang) . ': ' . $topic['type'] . '</p>'; } $message .= '<div style="color:#555; border-top:1px dotted #555; padding-top:5px; margin-top:5px;">' . $reply['description'] . '</div>'; emailUser($emails, 'RE: ' . $topic['title'], $message); } }
?> FFDDDD<?php } else { ?> F6F6F6<?php } ?> " width="18%"><?php echo $t["name"]; ?> </td> <td> <?php if ($t["fieldTypeID"] == 4) { if (isset($_GET["id"])) { $v = db_grab("SELECT i2t.tagID FROM contacts_instances_to_tags i2t JOIN contacts_tags t ON i2t.tagID = t.id WHERE i2t.instanceID = {$i["id"]} and t.type_id = {$t["tagTypeID"]} AND t.is_active = 1"); } echo draw_form_select("tag_single_" . $t["tagTypeID"], "SELECT id, tag FROM contacts_tags WHERE type_id = {$t["tagTypeID"]} AND is_active = 1 ORDER BY precedence", @$v["tagID"], false, false, !$t["isRequired"]); } elseif ($t["fieldTypeID"] == 5) { ?> <table class="nospacing" cellpadding="0" cellspacing="0" border="0"> <?php if (isset($_GET["id"])) { $values = db_query("SELECT \r\n\t\t\t\t\t\t\t\t\t\tt.id, \r\n\t\t\t\t\t\t\t\t\t\tt.tag, \r\n\t\t\t\t\t\t\t\t\t\t(SELECT count(*) FROM contacts_instances_to_tags i2t WHERE i2t.tagID = t.id AND i2t.instanceID = {$i["id"]}) selected\r\n\t\t\t\t\t\t\t\t\tFROM contacts_tags t\r\n\t\t\t\t\t\t\t\t\tWHERE t.type_id = {$t["tagTypeID"]}\r\n\t\t\t\t\t\t\t\t\t\tAND t.is_active = 1\r\n\t\t\t\t\t\t\t\t\tORDER by t.precedence"); } else { $values = db_query("SELECT \r\n\t\t\t\t\t\t\t\t\t\tt.id, \r\n\t\t\t\t\t\t\t\t\t\tt.tag,\r\n\t\t\t\t\t\t\t\t\t\t0 selected\r\n\t\t\t\t\t\t\t\t\tFROM contacts_tags t\r\n\t\t\t\t\t\t\t\t\tWHERE t.type_id = {$t["tagTypeID"]}\r\n\t\t\t\t\t\t\t\t\t\tAND t.is_active = 1\r\n\t\t\t\t\t\t\t\t\tORDER by t.precedence"); } $oneFound = false; while ($v = db_fetch($values)) { ?> <tr>
} else { $_GET["id"] = db_query("INSERT INTO it_laptops (\r\n\t\t\tlaptopName,\r\n\t\t\tlaptopModel,\r\n\t\t\tlaptopHomeID,\r\n\t\t\tlaptopSerial,\r\n\t\t\tlaptopExpressServiceCode,\r\n\t\t\tlaptopstatusID,\r\n\t\t\tlaptopServiceTag,\r\n\t\t\tlaptopOS,\r\n\t\t\tlaptopOffice,\r\n\t\t\tlaptopIsWireless,\r\n\t\t\tlaptopMACAddress,\r\n\t\t\tlaptopPurpose\r\n\t\t) VALUES (\r\n\t\t\t'" . $_POST["laptopName"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopModel"] . "',\t\t\t\r\n\t\t\t" . $_POST["laptopHomeID"] . ",\t\t\t\r\n\t\t\t'" . $_POST["laptopSerial"] . "',\r\n\t\t\t'" . $_POST["laptopExpressServiceCode"] . "',\r\n\t\t\t2,\r\n\t\t\t'" . $_POST["laptopServiceTag"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopOS"] . "',\t\t\t\r\n\t\t\t'" . $_POST["laptopOffice"] . "',\t\t\t\r\n\t\t\t{$laptopIsWireless},\t\t\t\r\n\t\t\t'" . $_POST["laptopMACAddress"] . "',\r\n\t\t\t'" . $_POST["laptopPurpose"] . "'\r\n\t\t)"); } //accessories reset($_POST); while (list($key, $value) = each($_POST)) { @(list($control, $accessoryID) = explode("_", $key)); if ($control == "chkacc") { db_query("INSERT INTO it_laptops_2_accessories (\r\n\t\t\t\tlaptopID,\r\n\t\t\t\taccessoryID\r\n\t\t\t) VALUES (\r\n\t\t\t\t" . $_GET["id"] . ",\r\n\t\t\t\t" . $accessoryID . "\r\n\t\t\t);"); } } url_change("laptop.php?id=" . $_GET["id"]); } echo drawTop(); if (isset($_GET["id"])) { $r = db_grab("SELECT \r\n\t\t\t\t\t\tl.laptopName,\r\n\t\t\t\t\t\tl.laptopPurpose,\r\n\t\t\t\t\t\tl.laptopModel,\r\n\t\t\t\t\t\tl.laptopHomeID,\r\n\t\t\t\t\t\tl.laptopSerial,\r\n\t\t\t\t\t\tl.laptopExpressServiceCode,\r\n\t\t\t\t\t\tl.laptopServiceTag,\r\n\t\t\t\t\t\tl.laptopOS,\r\n\t\t\t\t\t\tl.laptopOffice,\r\n\t\t\t\t\t\tl.laptopIsWireless,\r\n\t\t\t\t\t\tl.laptopMACAddress\r\n\t\t\t\t\tFROM it_laptops l\r\n\t\t\t\t\tWHERE laptopID = " . $_GET["id"]); $openEnded = empty($r["laptopEnd"]) ? true : false; } ?> <a name="closedtickets"></a> <table class="left" cellspacing="1"> <?php echo drawHeaderRow("Add Laptop", 2); ?> <form method="post" action="<?php echo $request["path_query"]; ?> "> <tr> <td class="left">Laptop Name</td>
<?php include "include.php"; url_query_require("users.php"); echo drawTop(); $result = db_query("select\r\n\t\t\t\tt.title,\r\n\t\t\t\tt.statusID,\r\n\t\t\t\t(SELECT COUNT(*) FROM helpdesk_tickets_followups f where f.ticketID = t.id) as ticketfollowups,\r\n\t\t\t\tt.created_user,\r\n\t\t\t\tt.updated_date,\r\n\t\t\t\tt.id,\r\n\t\t\t\tt.ownerID,\r\n\t\t\t\tt.priorityID,\r\n\t\t\t\tt.created_date,\r\n\t\t\t\tISNULL(u.nickname, u.firstname) first,\r\n\t\t\t\tu.lastname last,\r\n\t\t\t\t(SELECT COUNT(*) FROM users_to_modules a WHERE a.module_id = 3 AND a.user_id = t.created_user) is_adminIT\r\n\t\t\tFROM helpdesk_tickets t\r\n\t\t\tJOIN users u ON u.id = t.created_user\r\n\t\t\tWHERE t.created_user = {$_GET["id"]} {$where}\r\n\t\t\tORDER BY t.created_date DESC"); echo drawTicketFilter(); ?> <table class="left" cellspacing="1"> <?php $u = db_grab("SELECT ISNULL(nickname, firstname) first, lastname last FROM users WHERE id = " . $_GET["id"]); echo drawHeaderRow("<a href='users.php' class='white'>Users</a> > " . $u["first"] . " " . $u["last"] . " (" . db_found($result) . ")", 5); if (db_found($result)) { echo drawTicketHeader(); while ($r = db_fetch($result)) { echo drawTicketRow($r); } } else { if ($filtered) { echo drawEmptyResult("No tickets for this user / month / year.", 5); } else { echo drawEmptyResult("This user hasn't posted any tickets.", 5); } } ?> </table> <?php echo drawBottom();
<?php include "include.php"; url_query_require("admins.php"); echo drawTop(); echo drawTicketFilter(); ?> <table class="left" cellspacing="1"> <?php $result = db_query("SELECT\r\n\t\t\t\t\t\tt.title,\r\n\t\t\t\t\t\tt.statusID,\r\n\t\t\t\t\t\t(SELECT COUNT(*) FROM helpdesk_tickets_followups f WHERE f.ticketID = t.id) as ticketfollowups,\r\n\t\t\t\t\t\tt.created_user,\r\n\t\t\t\t\t\tt.updated_date,\r\n\t\t\t\t\t\tt.id,\r\n\t\t\t\t\t\tt.ownerID,\r\n\t\t\t\t\t\tt.priorityID,\r\n\t\t\t\t\t\tt.created_date,\r\n\t\t\t\t\t\tISNULL(u.nickname, u.firstname) first,\r\n\t\t\t\t\t\tu.lastname last\r\n\t\t\t\t\tFROM helpdesk_tickets t\r\n\t\t\t\t\tJOIN users u ON u.id = t.created_user\r\n\t\t\t\t\tWHERE t.ownerID = {$_GET["id"]} {$where}\r\n\t\t\t\t\tORDER BY t.created_date DESC"); $admin = db_grab("SELECT ISNULL(u.nickname, u.firstname) first FROM users u WHERE u.id = " . $_GET["id"]); echo drawHeaderRow("<a href='admins.php' class='white'>Admins</a> > " . $admin["first"] . " (" . db_found($result) . ")", 5); if (db_found($result)) { echo drawTicketHeader(); while ($r = db_fetch($result)) { echo drawTicketRow($r); } } else { if ($filtered) { echo drawEmptyResult("No tickets were assigned to this admin in this month / year", 5); } else { echo drawEmptyResult("No tickets were assigned to this admin.", 5); } } ?> </table> <?php echo drawBottom();
foreach ($_POST['order'] as $id) { db_query('UPDATE intranet_offices SET precedence = ' . $counter . ' WHERE id = ' . $id); $counter++; } exit; } else { db_enter('intranet_offices', 'name address precedence'); url_query_drop('id'); } } elseif (url_id() && url_action('delete')) { db_query('DELETE FROM intranet_offices WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); if (url_id()) { if (!($l = db_grab('SELECT id, name, address, precedence FROM intranet_offices WHERE id = ' . $_GET['id']))) { url_query_drop('id'); } $form = new intranet_form(); $form->addRow('hidden', '', 'precedence', $l['precedence']); $form->addRow('itext', 'Name', 'name', $l['name'], '', true, 255); $form->addRow('textarea-plain', 'Address', 'address', $l['address'], ''); $form->addRow('submit', 'Save Changes'); $form->draw('Edit Location'); } else { ?> <table cellspacing='1' class='left draggable locations'> <thead> <?php echo drawHeaderRow(false, 4, 'new', '#bottom'); ?>
<?php include "../../include.php"; echo drawTop(); $r = db_grab("SELECT \n\t\tj.id,\n\t\tj.title,\n\t\tj.description,\n\t\tc.description corporationName,\n\t\to.name office,\n\t\tj.created_date, \n\t\tj.updated_date,\n\t\tj.deleted_date,\n\t\tu1.firstname created_userFirst,\n\t\tu1.lastname created_userLast,\n\t\tu2.firstname updated_userFirst,\n\t\tu2.lastname updated_userLast,\n\t\tu3.firstname deleted_userFirst,\n\t\tu3.lastname deleted_userLast\n\tFROM openings j\n\tLEFT JOIN organizations c ON j.corporationID = c.id\n\tLEFT JOIN offices o ON j.officeID = o.id\n\tLEFT JOIN users u1 ON j.created_user = u1.id\n\tLEFT JOIN users u2 ON j.updated_user = u2.id\n\tLEFT JOIN users u3 ON j.deleted_user = u3.id\n\t\n\tWHERE j.id = " . $_GET["id"]); $r["created_user"] = $r["created_userFirst"] ? $r["created_userFirst"] . " " . $r["created_userLast"] : false; $r["updated_user"] = $r["updated_userFirst"] ? $r["updated_userFirst"] . " " . $r["updated_userLast"] : false; $r["deleted_user"] = $r["deleted_userFirst"] ? $r["deleted_userFirst"] . " " . $r["deleted_userLast"] : false; ?> <table class="left" cellspacing="1"> <?php if ($page['is_admin']) { echo drawHeaderRow("View Position", 2, "edit", "position_edit.php?id=" . $_GET["id"]); } else { echo drawHeaderRow("View Position", 2); } ?> <tr> <td class="left">Organization</td> <td><?php echo $r["corporationName"]; ?> </td> </tr> <tr> <td class="left">Location</td> <td><?php echo $r["office"]; ?> </td> </tr>
<?php include "../../include.php"; url_query_require(); if ($posting) { $id = db_save("wiki_topics"); db_checkboxes("tags", "wiki_topics_to_tags", "topicID", "tagID", $id); url_change("topic.php?id=" . $id); } echo drawTop(); $r = db_grab("SELECT id, title, description, type_id FROM wiki_topics WHERE id = " . $_GET["id"]); $form = new intranet_form(); if ($page['is_admin']) { $form->addUser("created_user", "Posted By", $_SESSION["user_id"], false, true); } $form->addRow("itext", "Title", "title", $r["title"], "", true, 255); $form->addRow("select", "Type", "type_id", "SELECT id, description FROM wiki_topics_types", $r["type_id"], true); $form->addCheckboxes("tags", "Tags", "wiki_tags", "wiki_topics_to_tags", "topicID", "tagID", $_GET["id"]); $form->addRow("textarea", "Description", "description", $r["description"], "", true); $form->addRow("submit", "post wiki topic"); $form->draw("Add a Wiki Topic"); echo drawBottom();
$lastDept = ""; $count = db_found($result); if ($count) { echo drawHeaderRow($deptName . " Open Tickets", 4, "new", "#bottom"); ?> <tr> <th width="50%" align="left">Short Description</th> <th width="15%" align="left"><nobr>Submitted By</nobr></th> <th width="20%" align="left">Status</th> <th width="15%"><nobr>Assigned To</nobr></th> </tr> <?php while ($r = db_fetch($result)) { if ($r["department"] != $lastDept) { $lastDept = $r["department"]; $count = db_grab("SELECT COUNT(*) tickets FROM helpdesk_tickets WHERE departmentID = " . $r["departmentID"] . " AND statusID <> 9"); ?> <tr class="group"> <td colspan="4"><?php echo $lastDept; ?> Tickets (<?php echo $count; ?> )</td> </tr> <?php } if ($r["departmentID"] == 2 && !$page['is_admin'] && $r["created_user"] != $_SESSION["user_id"]) { //ticket not clickable in this scenario ?>
function db_id() { global $_josh; db_open(); if ($_josh["db"]["language"] == "mysql") { return mysql_insert_id(); } elseif ($_josh["db"]["language"] == "mssql") { return db_grab("SELECT @@IDENTITY"); } }
if ($posting) { langTranslatePost('title,description,publication'); $id = db_save("press_clips"); if (getOption('channels')) { db_checkboxes('channels', 'press_clips_to_channels', 'clip_id', 'channel_id', $id); } url_change_post("/press-clips/clip.php?id=" . $id); } elseif ($included) { $action = getString('add_new'); $_josh["request"]["path_query"] = "edit.php"; //shoddy way of setting the form target $r["url"] = "http://"; } elseif (url_id()) { $action = getString('edit'); echo drawTop(); $r = db_grab("SELECT id, title, url, publication, pub_date, description, type_id from press_clips WHERE id = " . $_GET["id"]); $r["title"] = format_title($r["title"], "US"); } else { $action = getString('add_new'); echo drawTop(); if (isset($_GET["title"])) { $r["title"] = format_title($_GET["title"], "US"); } if (isset($_GET["url"])) { $r["url"] = $_GET["url"]; $url = url_parse($r["url"]); if ($url["domainname"] == "nytimes") { $r["publication"] = "NY Times"; $r["title"] = str_replace("- Nytimes.com", "", $r["title"]); } elseif ($url["domainname"] == "latimes") { $r["publication"] = "LA Times";
function emailITticket($id, $scenario, $admin = false, $debug = false) { global $_josh, $page; $ticket = db_grab('SELECT u.id, (SELECT COUNT(*) FROM users_to_modules a WHERE a.user_id = u.id AND a.module_id = 3) isUserAdmin, t.title, t.created_user, t.description, t.departmentID, ISNULL(u.nickname, u.firstname) first, u.lastname last, u.email, ' . db_updated('u') . ', t.created_date, t.priorityID, t.statusID, d.shortName department, t.type_id, y.description type, u2.email as ownerEmail, t.ownerID, ISNULL(u2.nickname, u2.firstname) as ownerName FROM helpdesk_tickets t LEFT JOIN helpdesk_tickets_types y ON t.type_id = y.id JOIN users u ON t.created_user = u.id JOIN departments d ON t.departmentID = d.departmentID LEFT JOIN users u2 ON t.ownerID = u2.id WHERE t.id = ' . $id); //yellow box if ($scenario == "followup") { $subject = "Followup On Your Helpdesk Ticket"; $message = drawMessage('There\'s been followup on your Helpdesk ticket - please see below. <b>Don\'t reply to this email!</b> Instead, please ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.'); } elseif ($scenario == "followupadmin") { $subject = "Admin Followup on Helpdesk Ticket"; $message = drawMessage(draw_link('/staff/view.php?id=' . user(), $_SESSION['full_name']) . ' just made an administrative followup on this Helpdesk ticket. Regular staff were not copied on this message.'); } elseif ($scenario == "closed") { $subject = "Your Ticket Has Been Closed"; $message = drawMessage('This is to let you know that your ticket has been closed. <b>Don\'t reply to this email!</b> You can still followup on this thread by ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'viewing your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.'); } elseif ($scenario == "assign") { $subject = "Your Ticket Has Been Assigned"; $message = drawMessage(draw_link('/staff/view.php?id=' . user(), $_SESSION["full_name"]) . ' has assigned this ticket to ' . draw_link('/staff/view.php?id=' . $ticket['ownerID'], $ticket["ownerName"]) . '<b>Don\'t reply to this email!</b> Instead, please ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view your ticket') . ' in the intranet ticketing system.<br><br><b>Note:</b> if you add this sender to your "safe senders list," pictures will always download.'); } elseif ($scenario == "new") { $subject = "New " . $ticket["department"] . " Ticket Posted"; $message = drawMessage('This is to let you know that a new ticket has just been posted to the Helpdesk. You can ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view the ticket') . ' in the intranet ticketing system.'); } elseif ($scenario == "critical") { $subject = "Critical " . $ticket["department"] . " Ticket Still Open"; $message = drawMessage('A ticket flagged "Critical" is open on the Helpdesk. You can ' . draw_link('/helpdesk/ticket.php?id=' . $id, 'view the ticket') . ' in the intranet ticketing system.'); } //$message .= drawtableStart() . drawHeaderRow(false, 2); //recipients arrays $users = array(); $admins = array(); if ($ticket["isUserAdmin"]) { $admins[] = $ticket["email"]; } else { $users[] = $ticket["email"]; } if ($page['is_admin']) { $admins[] = $_SESSION["email"]; } else { $users[] = $_SESSION["email"]; } //add owner if ticket is assigned if ($ticket["ownerEmail"]) { $admins[] = $ticket["ownerEmail"]; } //owner logically has to be admin $d_user = new display($page['breadcrumbs'] . $ticket['title'], false, false, 'thread'); $d_admin = new display($page['breadcrumbs'] . $ticket['title'], false, false, 'thread'); $d_user->row(drawName($ticket['created_user'], $ticket['first'] . ' ' . $ticket['last'], $ticket['created_date'], true, BR, $ticket['updated']), draw_h1($ticket['title']) . $ticket['description']); $d_admin->row(drawName($ticket['created_user'], $ticket['first'] . ' ' . $ticket['last'], $ticket['created_date'], true, BR, $ticket['updated']), draw_h1($ticket['title']) . $ticket['description']); //get followups $followups = db_query('SELECT u.id, f.message, (SELECT COUNT(*) FROM users_to_modules u2m WHERE u2m.user_id = u.id AND u2m.module_id = 3 AND u2m.is_admin = 1) isUserAdmin, ISNULL(u.nickname, u.firstname) firstname, u.lastname, u.email, f.created_date, f.is_admin, f.created_user, ' . db_updated('u') . ' FROM helpdesk_tickets_followups f INNER JOIN users u ON f.created_user = u.id WHERE f.ticketID = ' . $id . ' ORDER BY f.created_date'); while ($f = db_fetch($followups)) { $d_admin->row(drawName($f['created_user'], $f['firstname'] . ' ' . $f['lastname'], $f['created_date'], true, BR, $f['updated']), $f['message']); if (!$f['is_admin']) { $d_user->row(drawName($f['created_user'], $f['firstname'] . ' ' . $f['lastname'], $f['created_date'], true, BR, $f['updated']), $f['message']); } if ($f['isUserAdmin']) { $admins[] = $f['email']; } else { $users[] = $f['email']; } } $admins = array_remove($_SESSION['email'], array_unique($admins)); $users = array_remove($_SESSION['email'], array_unique($users)); if ($debug) { die(drawEmail($message . $d_admin->draw())); } //special codes for email //todo: put this in db, possibly by adding something to the users table or something if ($scenario == "new" && $ticket["departmentID"] == 3) { $admins = array('*****@*****.**', '*****@*****.**', '*****@*****.**'); } if ($scenario == "new" && $ticket["departmentID"] == 13) { $admins = array('*****@*****.**', '*****@*****.**'); } if ($scenario == "new" && $ticket["departmentID"] == 2) { $admins = array('*****@*****.**', '*****@*****.**', '*****@*****.**', '*****@*****.**', '*****@*****.**'); } if ($scenario == "critical" && $ticket["departmentID"] == 8) { $admins = array('*****@*****.**'); } if (count($admins)) { //$admins = join(", ", $admins); email($admins, drawEmail($message . $d_admin->draw()), $subject); error_debug('admin message emailed to ' . implode(', ', $admins) . ' admins', __FILE__, __LINE__); } if (count($users) && $scenario != "followupadmin" && !$admin) { //$users = join(", ", $users); email($users, drawEmail($message . $d_user->draw()), $subject); error_debug('user message emailed to ' . implode(', ', $users) . ' users', __FILE__, __LINE__); } }
<?php include "../include.php"; $d = db_grab("SELECT \r\n\t\td.title,\r\n\t\td.extension, \r\n\t\td.content \r\n\tFROM helpdesk_tickets_attachments d \r\n\tWHERE d.id = " . $_GET["id"]); //db_query("INSERT INTO docs_views ( documentID, user_id, viewedOn ) VALUES ( {$_GET["id"]}, {$_SESSION["user_id"]}, GETDATE() )"); file_download($d["content"], $d["title"], $d["extension"]);
<?php include "../../include.php"; if ($posting) { $id = db_save("queries"); url_change("./"); } echo drawTop(); if (isset($_GET["id"])) { $r = db_grab("SELECT \n\t\t\tq.databaseID,\n\t\t\td.dbname,\n\t\t\tq.name,\n\t\t\tq.description,\n\t\t\tq.query,\n\t\t\tq.is_active\n\t\tFROM queries q \n\t\tJOIN queries_databases d ON d.id = q.databaseID\n\t\tWHERE q.id = " . $_GET["id"]); /*db_switch($r["dbname"]); db_query($r["query"], false, true); db_switch($_josh["db"]["database"]);*/ } else { $r["is_active"] = 1; } $form = new intranet_form(); $form->addRow("hidden", "", "is_active", $r["is_active"]); $form->addRow("select", "Database", "databaseID", "SELECT id, dbname from queries_databases order by dbname", @$r["databaseID"], true); $form->addRow("itext", "Name", "name", @$r["name"], "", false, 50); $form->addRow("textarea", "Description", "description", @$r["description"]); $form->addRow("textarea-plain", "Query", "query", @$r["query"]); $form->addRow("submit", "Save Changes"); if (isset($_GET["id"])) { $form->draw("<a href='/queries/'>Database Queries</a> > Edit Query"); } else { $form->draw("Add New Query"); } echo drawBottom();
<?php include '../include.php'; url_query_require(); if (url_action('delete')) { db_delete('press_clips', $_GET['delete_id']); url_change('/press-clips/'); } echo drawTop(); echo drawTableStart(); echo drawHeaderRow($page['breadcrumbs'] . $page['title'], 2, getString('edit'), 'edit/?id=' . $_GET['id'], getString('delete'), drawDeleteLink()); $r = db_grab('SELECT c.title' . langExt() . ' title, c.url, c.pub_date, c.publication' . langExtT() . ' publication, c.type_id, c.description' . langExt() . ' description, t.title' . langExt() . ' type FROM press_clips c JOIN press_clips_types t ON c.type_id = t.id WHERE c.id = ' . $_GET['id']); ?> <tr> <td class="left"><?php echo getString('title'); ?> </td> <td class='title'><?php echo $r['title']; ?> </td> </tr> <tr> <td class="left"><?php echo getString('category'); ?> </td> <td><?php echo draw_link('categories.php?id=' . $r['type_id'], $r['type']); ?>
<?php include "../../include.php"; url_query_require("types.php"); echo drawTop(); $r = db_grab("SELECT description FROM wiki_topics_types WHERE id = " . $_GET["id"]); ?> <table class="left" cellspacing="1"> <?php echo drawHeaderRow("<a href='types.php' class='white'>Types</a> > " . $r["description"], 4); $topics = db_query("SELECT \n\t\tw.id,\n\t\tw.title,\n\t\tw.description,\n\t\tISNULL(u.nickname, u.firstname) first,\n\t\tu.lastname last,\n\t\tw.created_date\n\tFROM wiki_topics w\n\tJOIN wiki_topics_types t ON w.type_id = t.id\n\tJOIN users u ON w.created_user = u.id\n\tWHERE w.is_active = 1 AND w.type_id = " . $_GET["id"]); if (db_found($topics)) { ?> <tr> <th width="16"></th> <th align="left">Title</th> <th align="left" width="100">Created By</th> <th align="right" width="80">Created On</th> </tr> <?php while ($t = db_fetch($topics)) { ?> <tr height="36"> <td></td> <td><a href="topic.php?id=<?php echo $t["id"]; ?> "><?php echo $t["title"]; ?> </a></td>