function load_file($users_file, $group, $profile, $nivel, $pass_policy, $avatar)
{
$file_handle = fopen($users_file, "r");
global $config;
enterprise_include('include/functions_license.php', true);
$is_manager_profile = enterprise_hook('license_check_manager_profile', array($profile));
if ($is_manager_profile == ENTERPRISE_NOT_HOOK) {
$users_check = true;
} else {
if ($is_manager_profile) {
$users_check = enterprise_hook('license_check_manager_users_num');
} else {
$users_check = enterprise_hook('license_check_regular_users_num');
}
}
while (!feof($file_handle) && $users_check === true) {
$line = fgets($file_handle);
preg_match_all('/(.*),/', $line, $matches);
$values = explode(',', $line);
$id_usuario = $values[0];
$pass = $values[1];
$pass = md5($pass);
$nombre_real = $values[2];
$mail = $values[3];
$tlf = $values[4];
$desc = $values[5];
$avatar = $values[6];
$disabled = $values[7];
$id_company = $values[8];
$num_employee = $values[9];
$enable_login = $values[10];
$force_change_pass = 0;
if ($pass_policy) {
$force_change_pass = 1;
}
$value = array('id_usuario' => $id_usuario, 'nombre_real' => $nombre_real, 'password' => $pass, 'comentarios' => $desc, 'direccion' => $mail, 'telefono' => $tlf, 'nivel' => $nivel, 'avatar' => $avatar, 'disabled' => $disabled, 'id_company' => $id_company, 'num_employee' => $num_employee, 'enable_login' => $enable_login, 'force_change_pass' => $force_change_pass);
if ($id_usuario != '' && $nombre_real != '') {
if ($id_usuario == get_db_value('id_usuario', 'tusuario', 'id_usuario', $id_usuario)) {
echo ui_print_error_message(__('User ') . $id_usuario . __(' already exists'), '', true, 'h3', true);
} else {
$resul = process_sql_insert('tusuario', $value);
if ($resul == false) {
$value2 = array('id_usuario' => $id_usuario, 'id_perfil' => $profile, 'id_grupo' => $group, 'assigned_by' => $config["id_user"]);
if ($id_usuario != '') {
process_sql_insert('tusuario_perfil', $value2);
}
}
}
}
}
if ($users_check === false) {
echo ui_print_error_message(__('The number of users has reached the license limit'), '', true, 'h3', true);
}
fclose($file_handle);
echo ui_print_success_message(__('File loaded'), '', true, 'h3', true);
return;
}
function get_event_date_sql($start_date, $end_date, $id_user = '')
{
global $config;
if (empty($id_user)) {
$id_user = $config["id_user"];
}
$return = enterprise_hook('get_event_date_sql_extra', array($start_date, $end_date, $id_user));
if ($return !== ENTERPRISE_NOT_HOOK) {
$sql = $return;
} else {
$sql = sprintf("SELECT *\n\t\t\t\t\t\tFROM tagenda\n\t\t\t\t\t\tWHERE (id_user = '******' OR public = 1)\n\t\t\t\t\t\t\tAND timestamp >= '%s'\n\t\t\t\t\t\t\tAND timestamp <= '%s'\n\t\t\t\t\t\tORDER BY timestamp ASC", $id_user, $end_date, $start_date);
}
return $sql;
}
function check_incident_access($id)
{
global $config;
if ($id) {
$incident = get_incident($id);
if ($incident !== false) {
$id_grupo = $incident['id_grupo'];
} else {
echo "<h1>" . __("Ticket") . "</h1>";
echo ui_print_error_message(__("There is no information for this ticket"), '', true, 'h3', true);
echo "<br>";
echo "<a style='margin-left: 90px' href='index.php?sec=incidents&sec2=operation/incidents/incident_search'>" . __("Try the search form to find the ticket") . "</a>";
return false;
}
}
if (isset($incident)) {
//Incident creators must see their incidents
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
$standalone_check = enterprise_hook("manage_standalone", array($incident));
if ($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl || $standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to ticket (External user) " . $id);
include "general/noaccess.php";
return false;
}
} else {
if (!give_acl($config['id_user'], $id_grupo, "IR")) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to ticket " . $id);
include "general/noaccess.php";
return false;
} else {
//No incident but ACLs enabled
echo ui_print_error_message(__("The ticket doesn't exist"), '', true, 'h3', true);
return false;
}
}
return true;
}
// ==================================================
// Copyright (c) 2008 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
include_once 'include/functions_crm.php';
$read = enterprise_hook('crm_check_user_profile', array($config['id_user'], 'cr'));
$write = enterprise_hook('crm_check_user_profile', array($config['id_user'], 'cw'));
$manage = enterprise_hook('crm_check_user_profile', array($config['id_user'], 'cm'));
$enterprise = false;
if ($result === ENTERPRISE_NOT_HOOK) {
$read = true;
$write = true;
$manage = true;
} else {
$enterprise = true;
if (!$read) {
include "general/noaccess.php";
exit;
}
}
$search_text = (string) get_parameter('search_text');
$search_role = (int) get_parameter("search_role");
$search_country = (string) get_parameter("search_country");
echo $row["name"] . ' <a href="index.php?sec=inventory&sec2=operation/inventories/inventory_detail&id=' . $row['id'] . '">' . print_image("images/application_edit.png", true, array("style" => 'vertical-align: middle;')) . '</a>';
echo "</a>";
if ($end) {
echo "<div hiddenDiv='1' loadDiv='0' class='tree_view' id='tree_div" . $aux_ref_tree . "_inventory_" . $row["id"] . "'></div>";
} else {
echo "<div hiddenDiv='1' loadDiv='0' class='tree_view tree_view_branch' id='tree_div" . $aux_ref_tree . "_inventory_" . $row["id"] . "'></div>";
}
echo "</li>";
}
}
echo "</ul>\n";
//TERCER NIVEL DEL ARBOL.
if ($type == 'inventory') {
$sql = "SELECT id FROM tinventory WHERE `id_parent`={$id_item}";
$cont_invent = get_db_all_rows_sql($sql);
$cont = enterprise_hook('inventory_get_user_inventories', array($config['id_user'], $cont_invent));
if ($cont === ENTERPRISE_NOT_HOOK) {
$cont = $cont_invent;
}
if (!$cont) {
$cont = array();
}
$countRows = count($cont);
$count_blanks = strlen($ref_tree);
if ($countRows == false) {
$countRows = 0;
}
if ($countRows == 0) {
echo "<ul style='margin: 0; padding: 0;'>\n";
echo "<li style='margin: 0; padding: 0;'>";
echo "<i>" . __("Empty") . "</i>";
function print_groups_table($groups)
{
enterprise_include("include/functions_groups.php");
$return = enterprise_hook('print_groups_table_extra', array($groups));
if ($return === ENTERPRISE_NOT_HOOK) {
echo "<div class='divresult'>";
echo '<table width="99%" class="listing" id="table1">';
echo '<thead>';
echo '<tr>';
echo '<th class="header c0" scope="col">' . __('Users') . '</th>';
echo '<th class="header c1" scope="col">' . __('Icon') . '</th>';
echo '<th class="header c2" scope="col">' . __('Name') . '</th>';
echo '<th class="header c3" scope="col">' . __('Parent') . '</th>';
echo '<th class="header c4" scope="col">' . __('Delete') . '</th>';
echo '</tr>';
echo '</thead>';
$count = 0;
if ($groups === false) {
$groups = array();
}
if (!empty($groups)) {
foreach ($groups as $group) {
$data = array();
$num_users = get_db_value("COUNT(id_usuario)", "tusuario_perfil", "id_grupo", $group["id_grupo"]);
if ($num_users > 0) {
$users_icon = '<a href="javascript:"><img src="images/group.png" title="' . __('Show and hide the user list') . '" /></a>';
} else {
$users_icon = '';
}
$icon = '';
if ($group['icon'] != '') {
$icon = '<img src="images/groups_small/' . $group['icon'] . '" />';
}
if ($group["id_grupo"] != 1) {
$group_name = '<a href="index.php?sec=users&sec2=godmode/grupos/configurar_grupo&id=' . $group['id_grupo'] . '">' . $group['nombre'] . '</a>';
} else {
$group_name = $group["nombre"];
}
$parent = dame_nombre_grupo($group["parent"]);
//Group "all" is special not delete and no update
if ($group["id_grupo"] != 1) {
$delete_button = '<a href="index.php?sec=users&
sec2=godmode/grupos/lista_grupos&
id_grupo=' . $group["id_grupo"] . '&
delete_group=1&id=' . $group["id_grupo"] . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\'))
return false;">
<img src="images/cross.png"></a>';
} else {
$delete_button = "";
}
echo '<tr id="table1-' . $count . '" style="border:1px solid #505050;" class="datos2">';
echo '<td id="table1-' . $count . '-0" style="text-align:center; width:40px;" class="datos2">' . $users_icon . '</td>';
echo '<td id="table1-' . $count . '-1" style="width:40px;" class="datos2">' . $icon . '</td>';
echo '<td id="table1-' . $count . '-2" style=" font-weight: bold;" class="datos2">' . $group_name . '</td>';
echo '<td id="table1-' . $count . '-3" style="" class="datos2">' . $parent . '</td>';
echo '<td id="table1-' . $count . '-4" style=" text-align:center; width:40px;" class="datos2">' . $delete_button . '</td>';
echo '</tr>';
echo '<tr id="table1-' . $count . '-users" style="display:none;">';
echo '<td colspan="5" style="text-align:center; background-color:#e6e6e6;">';
echo '<table width="99%" cellpadding="0" cellspacing="0" border="0px" id="table_users_' . $count . '">';
echo '<tr style="text-align:center;">';
if ($num_users > 0) {
$users_sql = "SELECT * FROM tusuario_perfil WHERE id_grupo =" . $group["id_grupo"] . " ORDER BY id_usuario";
$count_users = 0;
$new = true;
while ($user = get_db_all_row_by_steps_sql($new, $result_users, $users_sql)) {
$new = false;
if ($count_users >= 4) {
$count_users = 0;
echo '</tr>';
echo '<tr style="text-align:center;">';
}
$user_name = "<a href=\"index.php?sec=users&sec2=godmode/usuarios/configurar_usuarios&update_user="******"\"><strong>" . $user['id_usuario'] . "</strong></a>";
$user_real_name = get_db_value("nombre_real", "tusuario", "id_usuario", $user['id_usuario']);
$delete_icon = '<a href="index.php?sec=users&sec2=godmode/grupos/lista_grupos&delete_user=1&id_user_delete=' . $user['id_usuario'] . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\')) return false;"><img src="images/cross.png"></a>';
$user_name = "{$user_name} ({$user_real_name}) " . $delete_icon;
echo '<td style="background-color:#e6e6e6;"">' . $user_name . '</td>';
$count_users++;
}
} else {
echo '<td style="background-color:#e6e6e6;"">' . __('There are no users') . '</td>';
}
echo '</tr>';
echo '</table>';
echo '</td>';
echo '</tr>';
echo "<script type=\"text/javascript\">\n\t\t\t\t\t \$(document).ready (function () {\n\t\t\t\t\t\t \$(\"#table1-{$count}-0\").click(function() {\n\t\t\t\t\t\t\t \$(\"#table1-{$count}-users\").toggle();\n\t\t\t\t\t\t });\n\t\t\t\t\t });\n\t\t\t\t\t </script>";
$count++;
}
}
echo '</table>';
if (empty($groups)) {
echo ui_print_error_message(__("No groups"), '', true, 'h3', true);
}
echo '</div>';
}
}
$id_grupo = "";
$creacion_incidente = "";
$id = (int) get_parameter ('id');
$clean_output = get_parameter('clean_output');
if (! $id) {
require ("general/noaccess.php");
exit;
}
$incident = get_db_row ('tincidencia', 'id_incidencia', $id);
//user with IR and incident creator see the information
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
$standalone_check = enterprise_hook("manage_standalone", array($incident));
if (($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl) || ($standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check)) {
audit_db ($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation","Trying to access to ticket #".$id);
include ("general/noaccess.php");
exit;
}
//Clean output we need to print incident title header :)
if ($clean_output) {
echo '<h1 class="ticket_clean_report_title">'.__("Statistics")."</h1>";
}
$fields = array(SECONDS_1DAY => "1 day",
SECONDS_2DAY => "2 days",
SECONDS_1WEEK => "1 week",
echo "</li>";
}
// Inventory
if (give_acl($config["id_user"], 0, "VR") && (get_standalone_user($config["id_user"]) == false) && $show_inventory != MENU_HIDDEN) {
if ($sec == "inventory" )
echo "<li id='current' class='inventory'>";
else
echo "<li class='inventory'>";
echo "<div>|</div>";
echo "<a href='index.php?sec=inventory&sec2=operation/inventories/inventory'>".__('Inventory')."</a></li>";
}
enterprise_include("include/functions_reporting.php", true);
enterprise_hook("enterprise_main_menu_reports", array($show_reports, $sec));
// Customers
if ((give_acl($config["id_user"], 0, "CR") || (give_acl($config["id_user"], 0, "CN"))) && (get_standalone_user($config["id_user"]) == false) && $show_customers != MENU_HIDDEN) {
if ($sec == "customers" )
echo "<li id='current' class='customer'>";
else
echo "<li class='customer'>";
echo "<div>|</div>";
if (give_acl($config["id_user"], 0, "CR"))
echo "<a href='index.php?sec=customers&sec2=operation/companies/company_detail'>".__('Customers')."</a></li>";
}
if (($show_people != MENU_HIDDEN) && (get_standalone_user($config["id_user"]) == false)) {
// Users
/**
* process_user_login accepts $login and $pass and handles it according to current authentication scheme
*
* @param string $login
* @param string $pass
*
* @return mixed False in case of error or invalid credentials, the username in case it's correct.
*/
function process_user_login($login, $pass)
{
global $config, $mysql_cache;
include_once $config['homedir'] . "/include/functions_profile.php";
// Always authenticate admins against the local database
if (strtolower($config["auth_methods"]) == 'mysql' || dame_admin($login)) {
$sql = sprintf("SELECT `id_usuario`, `password` FROM `tusuario` WHERE `disabled` = 0 AND `id_usuario` = '%s' AND `enable_login` = 1", $login);
$row = get_db_row_sql($sql);
//Check that row exists, that password is not empty and that password is the same hash
if ($row !== false && $row["password"] !== md5("") && $row["password"] == md5($pass)) {
// Login OK
// Nick could be uppercase or lowercase (select in MySQL
// is not case sensitive)
// We get DB nick to put in PHP Session variable,
// to avoid problems with case-sensitive usernames.
// Thanks to David Muñiz for Bug discovery :)
return $row["id_usuario"];
} else {
$mysql_cache["auth_error"] = "User not found in database or incorrect password";
}
return false;
// Remote authentication
} else {
switch ($config["auth_methods"]) {
// LDAP
case 'ldap':
$sql = sprintf("SELECT `disabled` FROM `tusuario` WHERE `id_usuario` = '%s'", $login);
$disabled = get_db_sql($sql);
// Check if user is disabled
if ($disabled == 1) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
if (ldap_process_user_login($login, $pass) === false) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
break;
// Active Directory
// Active Directory
case 'ad':
if (enterprise_hook('ad_process_user_login', array($login, $pass)) === false) {
return false;
}
break;
// Remote Pandora FMS
/* case 'pandora':
break;
// Remote Babel Enterprise
case 'babel':
break;
// Remote Integria
case 'integria':
break; */
// Unknown authentication method
// Remote Pandora FMS
/* case 'pandora':
break;
// Remote Babel Enterprise
case 'babel':
break;
// Remote Integria
case 'integria':
break; */
// Unknown authentication method
default:
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
// Authentication ok, check if the user exists in the local database
if (is_user($login)) {
return $login;
}
// The user does not exist and can not be created
if ($config['autocreate_remote_users'] == 0 || is_user_blacklisted($login)) {
$config["auth_error"] = "Ooops User not found in database or incorrect password";
return false;
}
// Create the user in the local database
if (create_user($login, $pass, array('nombre_real' => $login, 'comentarios' => 'Imported from ' . $config['auth_methods'])) === false) {
$config["auth_error"] = "User not found in database or incorrect password";
return false;
}
profile_create_user_profile($login, $config['default_remote_profile'], $config['default_remote_group']);
return $login;
}
return false;
}
function api_update_incident($return_type, $user, $params)
{
$id_incident = $params[0];
$values['titulo'] = $params[1];
// Check if user and title is not empty and user exists
if (empty($values['titulo'])) {
return;
}
if (!check_user_incident($user, $id_incident)) {
return;
}
$timestamp = print_mysql_timestamp();
$values['descripcion'] = $params[2];
$values['epilog'] = $params[3];
$values['id_grupo'] = $params[4];
$values['prioridad'] = $params[5];
$values['resolution'] = $params[6];
$values['estado'] = $params[7];
$values['id_usuario'] = $params[8];
$id_parent = $params[9];
if ($id_parent != 0 && $id_parent != '') {
$values['id_parent'] = $params[9];
}
$values['id_incident_type'] = $params[10];
$values['extra_data'] = $params[11];
$values['extra_data2'] = $params[12];
$values['actualizacion'] = $timestamp;
if ($values['estado'] == 7) {
$values['cierre'] = $timestamp;
}
$id_incident_type = $values['id_incident_type'];
$old_incident = get_incident($id_incident);
if (!$old_incident['old_status2']) {
$values['old_status'] = $old_incident["old_status"];
$values['old_resolution'] = $old_incident["old_resolution"];
$values['old_status2'] = $values['estado'];
$values['old_resolution2'] = $values['resolution'];
} else {
if ($old_incident['old_status2'] == $values['estado'] && $old_incident['old_resolution2'] == $values['resolution']) {
$values['old_status'] = $old_incident["old_status"];
$values['old_resolution'] = $old_incident["old_resolution"];
$values['old_status2'] = $old_incident["old_status2"];
$values['old_resolution2'] = $old_incident["old_resolution2"];
} else {
$values['old_status'] = $old_incident["old_status2"];
$values['old_resolution'] = $old_incident["old_resolution2"];
$values['old_status2'] = $values['estado'];
$values['old_resolution2'] = $values['resolution'];
}
}
$old_status = api_get_status_incident($id_incident);
$values['old_status'] = $old_status;
$old_resolution = api_get_resolution_incident($id_incident);
$values['old_resolution'] = $old_resolution;
$new_status = $values['estado'];
$check_status = enterprise_hook("incidents_check_allowed_status", array($old_status, $new_status, false, true, true, $old_resolution));
if ($check_status == ENTERPRISE_NOT_HOOK) {
$check_status = true;
}
if ($values['estado'] == STATUS_CLOSED) {
//~ $check_resolution = enterprise_hook("incidents_check_allowed_resolution", array($resolution, $values['estado'], $id_incident, true));
$check_resolution = enterprise_hook("incidents_check_allowed_resolution", array($values['resolution'], $values['estado'], $id_incident, true));
if ($check_resolution == ENTERPRISE_NOT_HOOK) {
$check_resolution = true;
}
} else {
$check_resolution = true;
//~ $enterprise = enterprise_hook("incidents_check_allowed_resolution", array($resolution, $values['estado'], $id_incident, true));
$enterprise = enterprise_hook("incidents_check_allowed_resolution", array($values['resolution'], $values['estado'], $id_incident, true));
if ($enterprise != ENTERPRISE_NOT_HOOK) {
$values['resolution'] = 0;
}
}
if ($check_status && $check_resolution) {
$result = process_sql_update('tincidencia', $values, array('id_incidencia' => $id_incident));
//Add traces and statistic information
incidents_set_tracking($id_incident, 'update', $values['prioridad'], $values['estado'], $values['resolution'], $user, $values['id_grupo']);
//Add only update info
incident_tracking($id_incident, INCIDENT_UPDATED);
if ($id_incident_type != 0) {
//in the massive operations no change id_incident_type
$sql_label = "SELECT `label` FROM `tincident_type_field` WHERE id_incident_type = {$id_incident_type}";
$labels = get_db_all_rows_sql($sql_label);
if ($labels === false) {
$labels = array();
}
$num_params = 13;
foreach ($labels as $label) {
$values_type_field['data'] = $params[$num_params];
$id_incident_field = get_db_value_filter('id', 'tincident_type_field', array('id_incident_type' => $id_incident_type, 'label' => $label['label']), 'AND');
$values_type_field['id_incident_field'] = $id_incident_field;
$values_type_field['id_incident'] = $id_incident;
$exists_id = get_db_value_filter('id', 'tincident_field_data', array('id_incident' => $id_incident, 'id_incident_field' => $id_incident_field), 'AND');
if ($exists_id) {
process_sql_update('tincident_field_data', $values_type_field, array('id_incident_field' => $id_incident_field, 'id_incident' => $id_incident), 'AND');
} else {
process_sql_insert('tincident_field_data', $values_type_field);
}
$num_params++;
}
}
switch ($return_type) {
case "xml":
echo xml_node($result);
break;
case "csv":
echo $result;
break;
}
}
}
echo '<a href="index.php?sec=users&sec2=operation/inventories/inventory_reports">' . __('Custom reports') . '</a>';
echo '</li>';
enterprise_hook('show_programmed_reports', array($sec2));
echo "</ul></div>";
} else {
echo "<div class='portlet'>";
echo "<h3>" . __('People reporting') . "</h3>";
echo "<ul class='sidemenu'>";
if ($sec2 == "operation/inventories/inventory_reports" || $sec2 == "operation/inventories/inventory_reports_detail") {
echo "<li id='sidesel'>";
} else {
echo "<li>";
}
echo '<a href="index.php?sec=users&sec2=operation/inventories/inventory_reports">' . __('Custom reports') . '</a>';
echo '</li>';
enterprise_hook('show_programmed_reports', array($sec2));
echo "</ul></div>";
}
// PEOPLE MANAGEMENT
if (give_acl($config["id_user"], 0, "UM") && $show_people != MENU_LIMITED) {
if ($show_people != MENU_MINIMAL) {
echo "<div class='portlet'>";
echo "<h3>" . __('People management') . "</h3>";
echo "<ul class='sidemenu'>";
// Usermanager
if ($sec2 == "godmode/usuarios/lista_usuarios") {
echo "<li id='sidesel'>";
} else {
echo "<li>";
}
echo "<a href='index.php?sec=users&sec2=godmode/usuarios/lista_usuarios'>" . __('Manage users') . "</a>";
incident_tracking($id_ticket, INCIDENT_GOLD_MEDAL_REMOVED, $values['id_usuario']);
audit_db($config['id_user'], $config["REMOTE_ADDR"], "Gold medal removed", "Gold medal removed by user " . $config['id_user'] . " to the ticket #" . $id_ticket);
break;
case 3:
//Add black medal
incident_tracking($id_ticket, INCIDENT_BLACK_MEDAL_ADDED, $values['id_usuario']);
audit_db($config['id_user'], $config["REMOTE_ADDR"], "Black medal added", "Black medal added by user " . $config['id_user'] . " to the ticket #" . $id_ticket);
break;
case 4:
//Remove black medal
incident_tracking($id_ticket, INCIDENT_BLACK_MEDAL_REMOVED, $values['id_usuario']);
audit_db($config['id_user'], $config["REMOTE_ADDR"], "Black medal removed", "Black medal removed by user " . $config['id_user'] . " to the ticket #" . $id_ticket);
break;
}
}
enterprise_hook("incidents_run_realtime_workflow_rules", array($id_ticket));
}
}
if ($search_ajax) {
$filter = array();
$filter['inverse_filter'] = (bool) get_parameter('search_inverse_filter');
$filter['string'] = (string) get_parameter('search_string');
$filter['status'] = (int) get_parameter('search_status', -10);
$filter['priority'] = (int) get_parameter('search_priority', -1);
$filter['id_group'] = (int) get_parameter('search_id_group', 1);
$filter['id_company'] = (int) get_parameter('search_id_company');
$filter['id_inventory'] = (int) get_parameter('search_id_inventory');
$filter['id_incident_type'] = (int) get_parameter('search_id_incident_type');
$filter['id_user'] = (string) get_parameter('search_id_user', '');
$filter['id_user_or_creator'] = (string) get_parameter('id_user_or_creator');
$filter['first_date'] = (string) get_parameter('search_first_date');
function incidents_get_filter_tickets_tree($filters, $mode = false, $limit = false)
{
global $config;
/* Set default values if none is set */
$filters['string'] = isset($filters['string']) ? $filters['string'] : '';
$filters['status'] = isset($filters['status']) ? $filters['status'] : -10;
$filters['priority'] = isset($filters['priority']) ? $filters['priority'] : -1;
$filters['id_group'] = isset($filters['id_group']) ? $filters['id_group'] : -1;
$filters['id_company'] = isset($filters['id_company']) ? $filters['id_company'] : 0;
$filters['id_inventory'] = isset($filters['id_inventory']) ? $filters['id_inventory'] : 0;
$filters['id_incident_type'] = isset($filters['id_incident_type']) ? $filters['id_incident_type'] : 0;
$filters['id_user'] = isset($filters['id_user']) ? $filters['id_user'] : '';
$filters['id_user_or_creator'] = isset($filters['id_user_or_creator']) ? $filters['id_user_or_creator'] : '';
$filters['from_date'] = isset($filters['from_date']) ? $filters['from_date'] : 0;
$filters['first_date'] = isset($filters['first_date']) ? $filters['first_date'] : '';
$filters['last_date'] = isset($filters['last_date']) ? $filters['last_date'] : '';
$filters['id_creator'] = isset($filters['id_creator']) ? $filters['id_creator'] : '';
$filters['editor'] = isset($filters['editor']) ? $filters['editor'] : '';
$filters['closed_by'] = isset($filters['closed_by']) ? $filters['closed_by'] : '';
$filters['resolution'] = isset($filters['resolution']) ? $filters['resolution'] : '';
$filters["offset"] = isset($filters['offset']) ? $filters['offset'] : 0;
$filters["group_by_project"] = isset($filters['group_by_project']) ? $filters['group_by_project'] : 0;
$filters["id_task"] = isset($filters['id_task']) ? $filters['id_task'] : -1;
$filters["sla_state"] = isset($filters['sla_state']) ? $filters['sla_state'] : 0;
$filters["left_sla"] = isset($filters['left_sla']) ? $filters['left_sla'] : 0;
$filters["right_sla"] = isset($filters['right_sla']) ? $filters['right_sla'] : 0;
$filters["show_hierarchy"] = isset($filters['show_hierarchy']) ? $filters['show_hierarchy'] : 0;
if (empty($filters['status'])) {
$filters['status'] = implode(',', array_keys(get_indicent_status()));
}
// Not closed
if ($filters["status"] == -10) {
$filters['status'] = "1,2,3,4,5,6";
}
$resolutions = get_incident_resolutions();
$sql_clause = '';
if ($filters['priority'] != -1) {
$sql_clause .= sprintf(' AND prioridad = %d', $filters['priority']);
}
if ($filters['id_group'] != 1) {
if ($filters["show_hierarchy"]) {
$children = groups_get_childrens($filters['id_group']);
$ids = $filters['id_group'];
foreach ($children as $child) {
$ids .= "," . $child['id_grupo'];
}
$sql_clause .= " AND id_grupo IN (" . $ids . ")";
} else {
$sql_clause .= sprintf(' AND id_grupo = %d', $filters['id_group']);
}
}
if (!empty($filters['id_user'])) {
$sql_clause .= sprintf(' AND id_usuario = "%s"', $filters['id_user']);
}
if (!empty($filters['id_user_or_creator'])) {
$sql_clause .= sprintf(' AND (id_usuario = "%s" OR id_creator = "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']);
}
if (!empty($filters['resolution']) && $filters['resolution'] > -1) {
$sql_clause .= sprintf(' AND resolution = %d', $filters['resolution']);
}
if ($filters['id_task'] == 0) {
$sql_clause .= sprintf(' AND id_task = 0');
} else {
if ($filters['id_task'] != -1) {
$sql_clause .= sprintf(' AND id_task = %d', $filters['id_task']);
}
}
//Incident type 0 means all and incident type -1 means without type
if ($filters["id_incident_type"] != -1) {
if ($filters["id_incident_type"]) {
$sql_clause .= sprintf(' AND id_incident_type = %d', $filters['id_incident_type']);
}
$incident_fields = array();
foreach ($filters as $key => $value) {
// If matchs an incident field, ad an element to the array with their real id and its data
if (preg_match("/^type_field_/", $key)) {
$incident_fields[preg_replace("/^type_field_/", "", $key)] = $value;
}
}
foreach ($incident_fields as $id => $data) {
if ($data !== "") {
$sql_clause .= sprintf(' AND id_incidencia = ANY (SELECT id_incident
FROM tincident_field_data
WHERE id_incident_field = "%s"
AND data LIKE "%%%s%%")', $id, $data);
}
}
}
if (!empty($filters['from_date']) && $filters['from_date'] > 0) {
$last_date_seconds = $filters['from_date'] * 24 * 60 * 60;
$filters['first_date'] = date('Y-m-d H:i:s', time() - $last_date_seconds);
$sql_clause .= sprintf(' AND inicio >= "%s"', $filters['first_date']);
$filters['last_date'] = "";
} else {
if (!empty($filters['first_date'])) {
$time = strtotime($filters['first_date']);
//00:00:00 to set date at the beginig of the day
$sql_clause .= sprintf(' AND inicio >= "%s"', date("Y-m-d 00:00:00", $time));
}
if (!empty($filters['last_date'])) {
$time = strtotime($filters['last_date']);
if (!empty($filters['first_date'])) {
//23:59:59 to set date at the end of day
$sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d 23:59:59", $time));
} else {
$time_from = strtotime($filters['first_date']);
if ($time_from < $time) {
$sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d", $time));
}
}
}
}
if (!empty($filters['id_creator'])) {
$sql_clause .= sprintf(' AND id_creator = "%s"', $filters['id_creator']);
}
if (!empty($filters['editor'])) {
$sql_clause .= sprintf(' AND editor = "%s"', $filters['editor']);
}
if (!empty($filters['closed_by'])) {
$sql_clause .= sprintf(' AND closed_by = "%s"', $filters['closed_by']);
}
if (!empty($filters['sla_state'])) {
switch ($filters['sla_state']) {
case 0:
$sla_filter = ' ';
break;
case 1:
$sla_filter = "AND (sla_disabled = 0 AND affected_sla_id <> 0)";
break;
case 2:
$sla_filter = "AND (sla_disabled = 0 AND affected_sla_id = 0)";
break;
}
}
if ($filters['order_by'] && !is_array($filters['order_by'])) {
$order_by_array = json_decode(clean_output($filters["order_by"]), true);
} else {
$order_by_array = $filters['order_by'];
}
//Use config block size if no other was given
if ($limit) {
if (!isset($filters["limit"])) {
$filters["limit"] = $config["block_size"];
}
}
$order_by = "";
if ($order_by_array) {
foreach ($order_by_array as $key => $value) {
if ($value) {
$order_by .= " {$key} {$value}, ";
}
}
}
switch ($mode) {
case 'count':
//Just count items
$sql = sprintf('SELECT COUNT(id_incidencia) FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter);
$count = get_db_value_sql($sql);
if ($count === false) {
return 0;
}
return $count;
break;
case 'tasks':
$sql = sprintf('SELECT id_task FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s
GROUP BY id_task', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter);
$tasks = get_db_all_rows_sql($sql);
if ($tasks === false) {
return false;
}
return $tasks;
break;
case 'tickets':
default:
//Select all items and return all information
$sql = sprintf('SELECT * FROM tincidencia FD
WHERE estado IN (%s)
%s
AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%"
OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%"
OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))
%s
ORDER BY %s actualizacion DESC', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter, $order_by);
$incidents = get_db_all_rows_sql($sql);
if ($incidents === false) {
return false;
}
$result = array();
foreach ($incidents as $incident) {
//Check external users ACLs
$external_check = enterprise_hook("manage_external", array($incident));
if ($external_check !== ENTERPRISE_NOT_HOOK && !$external_check) {
continue;
} else {
//Normal ACL pass if IR for this group or if the user is the incident creator
//or if the user is the owner or if the user has workunits
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
if (!$check_acl) {
continue;
}
}
$inventories = get_inventories_in_incident($incident['id_incidencia'], false);
if ($filters['id_inventory']) {
$found = false;
foreach ($inventories as $inventory) {
if ($inventory['id'] == $filters['id_inventory']) {
$found = true;
break;
}
}
if (!$found) {
continue;
}
}
if ($filters['id_company']) {
$found = false;
$user_creator = $incident['id_creator'];
$user_company = get_db_value('id_company', 'tusuario', 'id_usuario', $user_creator);
//If company do no match, dismiss incident
if ($filters['id_company'] != $user_company) {
continue;
}
}
if ($filters['left_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
//If sla do not match, dismiss incident
if ($filters['left_sla'] > $percent_sla_incident) {
continue;
}
}
if ($filters['right_sla']) {
$percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia']));
//If sla do not match, dismiss incident
if ($filters['right_sla'] < $percent_sla_incident) {
continue;
}
}
array_push($result, $incident);
}
return $result;
break;
}
}
function inventories_show_list($sql_search, $sql_count, $params = '', $last_update = 0)
{
global $config;
$is_enterprise = false;
if (file_exists("enterprise/include/functions_inventory.php")) {
require_once "enterprise/include/functions_inventory.php";
$is_enterprise = true;
}
$write_permission = enterprise_hook('inventory_check_acl', array($config['id_user'], $id, true));
$params .= "&mode=list";
if (!$sql_search) {
$sql_search = "SELECT * FROM tinventory";
}
if ($last_update) {
$sql_search .= " ORDER BY last_update DESC";
} else {
$sql_search .= " ORDER BY name ASC";
}
$clean_output = get_parameter("clean_output");
if ($clean_output) {
$block_limit = 5000;
} else {
$block_limit = $config["block_size"];
}
$sql_search .= " LIMIT " . $block_limit;
$offset = get_parameter("offset", 0);
$sql_search .= " OFFSET {$offset}";
$inventories_aux = get_db_all_rows_sql($sql_search);
$count_inv = get_db_value_sql($sql_count);
if ($is_enterprise) {
$inventories = inventory_get_user_inventories($config['id_user'], $inventories_aux);
} else {
$inventories = $inventories_aux;
}
if ($inventories === false) {
echo "<h3 class='error'>" . __("Empty inventory") . "</h3>";
} else {
$result_check = inventories_check_same_object_type_list($inventories);
$table->id = 'inventory_list';
$table->class = 'listing';
$table->width = '100%';
$table->data = array();
$table->head = array();
$table->colspan = array();
$table->head[0] = __('Id');
$table->head[1] = __('Name');
$table->head[2] = __('Owner');
$table->head[3] = __("Parent object");
$table->head[4] = __('Object type');
$table->head[5] = __('Manufacturer');
$table->head[6] = __('Contract');
if ($result_check) {
$res_object_fields = inventories_get_all_type_field($result_check, false, true);
$i = 6;
foreach ($res_object_fields as $key => $object_field) {
if (isset($object_field["label"])) {
$table->head[$i] = $object_field['label'];
$i++;
}
}
$table->head[$i] = __('Actions');
if ($write_permission) {
$table->head[$i] = print_checkbox('inventorycb-all', "", false, true);
}
} else {
if (!$clean_output) {
$table->head[7] = __('Actions');
}
if ($write_permission) {
$table->head[8] = print_checkbox('inventorycb-all', "", false, true);
}
}
$count = $count_inv;
$url_pag = "index.php?sec=inventory&sec2=operation/inventories/inventory" . $params;
$offset = get_parameter("offset");
if (!$clean_output) {
pagination($count, $url_pag, $offset);
}
$idx = 0;
foreach ($inventories as $key => $inventory) {
$data = array();
if (defined('AJAX')) {
$url = "javascript:loadInventory(" . $inventory['id'] . ");";
} else {
$url = 'index.php?sec=inventory&sec2=operation/inventories/inventory_detail&id=' . $inventory['id'];
}
$data[0] = "<a href=" . $url . ">" . $inventory['id'] . "</a>";
$data[1] = "<a href=" . $url . ">" . $inventory['name'] . '</a>';
if ($inventory['owner'] != '') {
$name_owner = get_db_value('nombre_real', 'tusuario', 'id_usuario', $inventory['owner']);
} else {
$name_owner = '--';
}
$data[2] = "<a href=" . 'index.php?sec=inventory&sec2=users&sec2=operation/users/user_edit&id=' . $inventory['owner'] . ">" . $name_owner . '</a>';
if ($inventory["id_parent"] != 0) {
$name_parent = get_db_value('name', 'tinventory', 'id', $inventory['id_parent']);
$data[3] = "<a href=" . 'index.php?sec=inventory&sec2=operation/inventories/inventory_detail&id=' . $inventory['id_parent'] . ">" . $name_parent . '</a>';
} else {
$name_parent = '--';
$data[3] = $name_parent;
}
if ($inventory['id_object_type'] != 0) {
$name_object = get_db_value('name', 'tobject_type', 'id', $inventory['id_object_type']);
$data[4] = "<a href=" . 'index.php?sec=inventory&sec2=operation/inventories/manage_objects&id=' . $inventory['id_object_type'] . ">" . $name_object . '</a>';
} else {
$name_object = '--';
$data[4] = $name_object;
}
if ($inventory['id_manufacturer'] != 0) {
$name_manufacturer = get_db_value('name', 'tmanufacturer', 'id', $inventory['id_manufacturer']);
$data[5] = "<a href=" . 'index.php?sec=inventory&sec2=operation/manufacturers/manufacturer_detail&id=' . $inventory['id_manufacturer'] . ">" . $name_manufacturer . '</a>';
} else {
$name_manufacturer = '--';
$data[5] = $name_manufacturer;
}
if ($inventory['id_contract'] != 0) {
$name_contract = get_db_value('name', 'tcontract', 'id', $inventory['id_contract']);
$data[6] = "<a href=" . 'index.php?sec=inventory&sec2=customers&sec2=operation/contracts/contract_detail&id_contract=' . $inventory['id_contract'] . ">" . $name_contract . '</a>';
} else {
$name_contract = '--';
$data[6] = $name_contract;
}
if ($result_check) {
$result_object_fields = inventories_get_all_type_field($result_check, $inventory['id'], true);
$i = 6;
foreach ($result_object_fields as $k => $ob_field) {
if (isset($ob_field["label"])) {
$data[$i] = $ob_field['data'];
$i++;
}
}
if (!$clean_output) {
$data[$i] = '<a href="javascript: toggleInventoryInfo(' . $inventory['id'] . ')" id="show_info-' . $inventory["id"] . '">';
$data[$i] .= print_image("images/information.png", true, array("title" => __('Show object type fields')));
$data[$i] .= '</a> ';
if ($write_permission) {
$data[$i] .= '<a href="index.php?sec=inventory&sec2=operation/inventories/inventory&quick_delete=' . $inventory["id"] . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\')) return false;"><img src="images/cross.png"></a>';
}
}
if ($write_permission) {
$data[$i] = print_checkbox_extended('inventorycb-' . $inventory['id'], $inventory['id'], false, '', '', 'class="cb_inventory"', true);
}
} else {
if (!$clean_output) {
$data[7] = '<a href="javascript: toggleInventoryInfo(' . $inventory['id'] . ')" id="show_info-' . $inventory["id"] . '">';
$data[7] .= print_image("images/information.png", true, array("title" => __('Show object type fields')));
$data[7] .= '</a> ';
if ($write_permission) {
$data[7] .= '<a href="index.php?sec=inventory&sec2=operation/inventories/inventory&quick_delete=' . $inventory["id"] . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\')) return false;"><img src="images/cross.png"></a>';
}
}
if ($write_permission) {
$data[8] = print_checkbox_extended('inventorycb-' . $inventory['id'], $inventory['id'], false, '', '', 'class="cb_inventory"', true);
}
}
$table->rowclass[$idx] = 'inventory_info_' . $inventory["id"];
$idx++;
array_push($table->data, $data);
if (!$clean_output) {
$data_info = array();
$table_info->width = '98%';
$table_info->class = 'databox_color_without_line';
$table_info->size = array();
$table_info->style = array();
$table_info->data = array();
$res_obj_fields = inventories_get_all_type_field($inventory['id_object_type'], $inventory['id'], false);
if (empty($res_obj_fields)) {
$table_info->data[0][0] = '<b>' . __('No data to show') . '</b>';
} else {
$j = 0;
foreach ($res_obj_fields as $k => $ob_field) {
if (isset($ob_field['label']) && $ob_field['label'] != "") {
if ($ob_field['type'] == 'external') {
$table_info->align[$j] = 'left;';
$table_info->data[$j][$j] = '<b>' . $ob_field['label'];
$table_info->data[$j][$j] .= ' : ' . '</b>';
$table_info->data[$j][$j] .= $ob_field['data'];
$j++;
if (isset($ob_field['external_label']) && $ob_field['external_label'] != '') {
$label_value = get_db_value_sql("SELECT " . $ob_field['external_label'] . " FROM " . $ob_field['external_table_name'] . " WHERE " . $ob_field['external_reference_field'] . " = " . $ob_field['data']);
$table_info->align[$j] = 'left;';
$table_info->data[$j][$j] = '<b>' . $ob_field['external_label'];
$table_info->data[$j][$j] .= ' : ' . '</b>';
$table_info->data[$j][$j] .= $label_value;
$j++;
}
} else {
$table_info->align[$j] = 'left;';
$table_info->data[$j][$j] = '<b>' . $ob_field['label'];
$table_info->data[$j][$j] .= ' : ' . '</b>';
$table_info->data[$j][$j] .= $ob_field['data'];
$j++;
}
}
}
}
$data_info['row_info'] = print_table($table_info, true);
$table_info->colspan[0][0] = 6;
$table->rowclass[$idx] = 'inventory_more_info_' . $inventory["id"];
$table->rowstyle[$idx] = 'display: none;';
if ($write_permission) {
$table->colspan[$idx]["row_info"] = 8;
} else {
$table->colspan[$idx]["row_info"] = 7;
}
array_push($table->data, $data_info);
$idx++;
}
}
print_table($table);
if (!$clean_output) {
pagination($count, $url_pag, $offset, true);
}
}
}
function check_crm_acl($type, $flag, $user = false, $id = false)
{
global $config;
if (!$user) {
$user = $config['id_user'];
}
$permission = false;
switch ($type) {
case 'company':
if ($id) {
$permission = enterprise_hook('crm_check_acl_company', array($user, $id, $flag));
} else {
$permission = enterprise_hook('crm_check_user_profile', array($user, $flag));
}
break;
case 'other':
if ($id) {
$permission = enterprise_hook('crm_check_acl_other', array($user, $id, $flag));
}
break;
case 'invoice':
if ($id) {
$permission = enterprise_hook('crm_check_acl_invoice', array($user, $id));
}
break;
case 'lead':
if ($id) {
$permission = enterprise_hook('crm_check_acl_lead', array($user, $id, $flag));
} else {
$permission = enterprise_hook('crm_check_user_profile', array($user, $flag));
}
break;
case 'contract':
if ($id) {
$permission = enterprise_hook('crm_check_acl_contract', array($user, $id, $flag));
} else {
$permission = enterprise_hook('crm_check_user_profile', array($user, $flag));
}
break;
}
if ($permission === ENTERPRISE_NOT_HOOK) {
$permission = true;
}
return $permission;
}
function inventories_show_list($sql_search, $sql_count, $params = '', $last_update = 0, $modal = 0)
{
global $config;
$is_enterprise = false;
if (file_exists("enterprise/include/functions_inventory.php")) {
require_once "enterprise/include/functions_inventory.php";
$is_enterprise = true;
}
$write_permission = enterprise_hook('inventory_check_acl', array($config['id_user'], $id, true));
$params['mode'] = 'list';
if (!$sql_search) {
$sql_search = "SELECT * FROM tinventory";
}
$pure = get_parameter("pure");
if ($pure) {
$block_limit = 5000;
} else {
$block_limit = $config["block_size"];
}
$sql_search .= " LIMIT " . $block_limit;
$offset = get_parameter("offset", 0);
$sql_search .= " OFFSET {$offset}";
$inventories_aux = get_db_all_rows_sql($sql_search);
$count_inv = get_db_value_sql($sql_count);
if ($is_enterprise) {
$inventories = inventory_get_user_inventories($config['id_user'], $inventories_aux);
} else {
$inventories = $inventories_aux;
}
if ($inventories === false) {
echo ui_print_error_message(__("Empty inventory"), '', true, 'h3', true);
} else {
$result_check = inventories_check_same_object_type_list($inventories);
$table->id = 'inventory_list';
$table->class = 'listing';
$table->width = '100%';
$table->data = array();
$table->head = array();
$table->colspan = array();
$table->head[0] = __('Id');
$table->head[1] = __('Name');
$table->head[2] = __('Owner');
$table->head[3] = __("Parent object");
$table->head[4] = __('Object type');
$table->head[5] = __('Manufacturer');
$table->head[6] = __('Contract');
$table->head[7] = __('Status');
$table->head[8] = __('Receipt date');
if ($result_check) {
$res_object_fields = inventories_get_all_type_field($result_check, false, true);
$i = 9;
foreach ($res_object_fields as $key => $object_field) {
if (isset($object_field["label"])) {
$table->head[$i] = $object_field['label'];
$i++;
}
}
if (!$pure) {
if (!$modal) {
$table->head[$i] = __('Actions');
if ($write_permission) {
$i = $i + 1;
$table->head[$i] = print_checkbox('inventorycb-all', "", false, true);
}
}
}
} else {
if (!$pure) {
if (!$modal) {
$table->head[9] = __('Actions');
if ($write_permission) {
$table->head[10] = print_checkbox('inventorycb-all', "", false, true);
}
}
}
}
$count = $count_inv;
$params = json_encode($params);
$params = base64_encode($params);
$url_pag = "index.php?sec=inventory&sec2=operation/inventories/inventory¶ms=" . $params;
$offset = get_parameter("offset");
if (!$pure) {
pagination($count, $url_pag, $offset, false, '', 0, true);
}
$idx = 0;
foreach ($inventories as $key => $inventory) {
$data = array();
if ($modal) {
$url = "javascript:loadInventory(" . $inventory['id'] . ");";
} else {
$url = 'index.php?sec=inventory&sec2=operation/inventories/inventory_detail&id=' . $inventory['id'];
}
$data[0] = "<a href=" . $url . ">" . $inventory['id'] . "</a>";
$data[1] = "<a href=" . $url . ">" . $inventory['name'] . '</a>';
if ($inventory['owner'] != '') {
$name_owner = get_db_value('nombre_real', 'tusuario', 'id_usuario', $inventory['owner']);
} else {
$name_owner = '--';
}
$data[2] = "<a href=" . 'index.php?sec=users&sec2=operation/users/user_edit&id=' . $inventory['owner'] . ">" . $name_owner . '</a>';
if ($inventory["id_parent"] != 0) {
$name_parent = get_db_value('name', 'tinventory', 'id', $inventory['id_parent']);
$data[3] = "<a href=" . 'index.php?sec=inventory&sec2=operation/inventories/inventory_detail&id=' . $inventory['id_parent'] . ">" . $name_parent . '</a>';
} else {
$name_parent = '--';
$data[3] = $name_parent;
}
if ($inventory['id_object_type'] != 0) {
$name_object = get_db_value('name', 'tobject_type', 'id', $inventory['id_object_type']);
$data[4] = "<a href=" . 'index.php?sec=inventory&sec2=operation/inventories/manage_objects&id=' . $inventory['id_object_type'] . ">" . $name_object . '</a>';
} else {
$name_object = '--';
$data[4] = $name_object;
}
if ($inventory['id_manufacturer'] != 0) {
$name_manufacturer = get_db_value('name', 'tmanufacturer', 'id', $inventory['id_manufacturer']);
$data[5] = "<a href=" . 'index.php?sec=inventory&sec2=operation/manufacturers/manufacturer_detail&id=' . $inventory['id_manufacturer'] . ">" . $name_manufacturer . '</a>';
} else {
$name_manufacturer = '--';
$data[5] = $name_manufacturer;
}
if ($inventory['id_contract'] != 0) {
$name_contract = get_db_value('name', 'tcontract', 'id', $inventory['id_contract']);
$data[6] = "<a href=" . 'index.php?sec=customers&sec2=operation/contracts/contract_detail&id_contract=' . $inventory['id_contract'] . ">" . $name_contract . '</a>';
} else {
$name_contract = '--';
$data[6] = $name_contract;
}
if ($inventory['status'] != "") {
$data[7] = __($inventory['status']);
} else {
$status_none = '--';
$data[7] = $status_none;
}
if ($inventory['receipt_date'] != "") {
$data[8] = $inventory['receipt_date'];
} else {
$receipt_date = '--';
$data[8] = $receipt_date;
}
if ($result_check) {
$result_object_fields = inventories_get_all_type_field($result_check, $inventory['id'], true);
$i = 9;
foreach ($result_object_fields as $k => $ob_field) {
if (isset($ob_field["label"])) {
$data[$i] = $ob_field['data'];
$i++;
}
}
if (!$pure) {
if (!$modal) {
if ($write_permission) {
$data[$i] .= '<a href="index.php?sec=inventory&sec2=operation/inventories/inventory&quick_delete=' . $inventory["id"] . '¶ms=' . $params . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\')) return false;"><img src="images/cross.png"></a>';
}
}
}
if (!$pure) {
if (!$modal) {
if ($write_permission) {
$i = $i + 1;
$data[$i] = print_checkbox_extended('inventorycb-' . $inventory['id'], $inventory['id'], false, '', '', 'class="cb_inventory"', true);
}
}
}
} else {
if (!$pure) {
if (!$modal) {
if ($write_permission) {
$data[9] .= '<a href="index.php?sec=inventory&sec2=operation/inventories/inventory&quick_delete=' . $inventory["id"] . '" onClick="if (!confirm(\'' . __('Are you sure?') . '\')) return false;"><img src="images/cross.png"></a>';
}
}
}
if (!$pure) {
if (!$modal) {
if ($write_permission) {
$data[10] = print_checkbox_extended('inventorycb-' . $inventory['id'], $inventory['id'], false, '', '', 'class="cb_inventory"', true);
}
}
}
}
$table->rowclass[$idx] = 'inventory_info_' . $inventory["id"];
$idx++;
array_push($table->data, $data);
}
echo '<div id= "inventory_only_table">';
print_table($table);
echo '</div>';
if (!$pure) {
pagination($count, $url_pag, $offset, true, '', 0, true);
if (!$modal) {
if ($write_permission) {
echo '<div class="button-form">';
echo print_button(__('Delete All'), '', false, 'javascript: delete_massive_inventory()', 'class="sub"', true);
echo '</div>';
}
}
}
}
}
$holidays = "<table>";
foreach ($holidays_array as $ha) {
$holidays .= "<tr>";
$holidays .= "<td>";
$holidays .= $ha["day"];
$holidays .= "</td>";
$holidays .= "<td>";
$holidays .= "<a href='index.php?sec=godmode&sec2=godmode/setup/incidents_setup&del_day=1&day=" . $ha["id"] . "'><img src='images/cross.png'></a>";
$holidays .= "</td>";
$holidays .= "</tr>";
}
$holidays .= "</table>";
}
$table->data[0][1] .= $holidays;
$holidays_table = print_table($table, true);
$table_anonym = enterprise_hook('setup_print_incident_anonymize');
if ($table_anonym === ENTERPRISE_NOT_HOOK) {
$table_anonym = "";
}
$incident_reporter_options[0] = __('Disabled');
$incident_reporter_options[1] = __('Enabled');
$newsletter_options[0] = __('Disabled');
$newsletter_options[1] = __('Enabled');
$ticket_options[0] = __('Disabled');
$ticket_options[1] = __('Enabled');
echo "<table width='99%' class='search-table-button\n'>";
echo "<tr>";
echo "<td style='vertical-align: top;'>" . print_input_text("iwu_defaultime", $config["iwu_defaultime"], '', 5, 5, true, __('Ticket WU Default time')) . "</td>";
echo "<td style='vertical-align: top;'>" . print_select($incident_reporter_options, "email_on_incident_update", $config["email_on_incident_update"], '', '', '', true, 0, true, __('Send email on every ticket update')) . print_help_tip(__("Enabling this, you will get emails on file attachs also. If left disabled, you only get notifications only in major events on tickets"), true) . "</td>";
echo "<td style='vertical-align: top;'>" . print_input_text("limit_size", $config["limit_size"], '', 5, 5, true, __('Max. tickets by search')) . integria_help("limit_size", true) . "</td>";
echo "</tr>";
// INTEGRIA - the ITIL Management System
// http://integria.sourceforge.net
// ==================================================
// Copyright (c) 2012 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
enterprise_include('include/functions_crm.php');
$manager = enterprise_hook('crm_check_acl_news', array($config['id_user']));
if ($manager === ENTERPRISE_NOT_HOOK) {
$manager = true;
} else {
if (!$manager) {
include "general/noaccess.php";
exit;
}
}
$id = (int) get_parameter('id');
$create = (bool) get_parameter('create');
$update = (bool) get_parameter('update');
$delete = (bool) get_parameter('delete');
$validate_newsletter = (bool) get_parameter('validate_newsletter', 0);
if ($validate_newsletter) {
$sql = "SELECT * FROM tnewsletter_address WHERE id_newsletter = {$id} AND validated = 0";
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login ();
$id = (int) get_parameter ('id');
$incident_creator = get_db_value ("id_creator", "tincidencia", "id_incidencia", $id);
$incident = get_db_row ('tincidencia', 'id_incidencia', $id);
//user with IR and incident creator see the information
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident));
$external_check = enterprise_hook("manage_external", array($incident));
if (($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl) || ($external_check !== ENTERPRISE_NOT_HOOK && !$external_check)) {
// Doesn't have access to this page
audit_db ($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation",
'Trying to access files of ticket #'.$id." '".$titulo."'");
if (!defined ('AJAX')) {
include ("general/noaccess.php");
exit;
} else {
return;
}
}
if (!$id) {
audit_db ($config['id_user'], $REMOTE_ADDR, "ACL Violation",
function combo_download_categories($id_category, $show_any = false, $label = false, $return = false)
{
global $config;
enterprise_include('include/functions_form.php');
$result = enterprise_hook('combo_download_categories_extra', array($id_category, $show_any, $label, true));
if ($result === ENTERPRISE_NOT_HOOK) {
$sql = "SELECT * FROM tdownload_category ORDER BY 2";
$result = process_sql($sql);
if ($result == false) {
$result = array();
}
$categories = array();
foreach ($result as $row) {
if (give_acl($config["id_user"], $row["id_group"], "KR")) {
$categories[$row["id"]] = $row["name"];
}
}
if ($show_any) {
$nothing = __('Any');
} else {
$nothing = '';
}
if ($label) {
$label = __('Category');
} else {
$label = false;
}
$result = print_select($categories, 'id_category', $id_category, '', $nothing, 0, $return, 0, false, $label);
}
if ($return) {
return $result;
} else {
echo $result;
}
}
function load_menu_visibility()
{
global $show_projects;
global $show_incidents;
global $show_inventory;
global $show_kb;
global $show_file_releases;
global $show_people;
global $show_todo;
global $show_agenda;
global $show_setup;
global $show_box;
global $show_wiki;
global $show_customers;
global $config;
// Get visibility permissions to sections
$show_projects = enterprise_hook('get_menu_section_access', array('projects'));
if ($show_projects == ENTERPRISE_NOT_HOOK) {
$show_projects = MENU_FULL;
}
$show_incidents = enterprise_hook('get_menu_section_access', array('incidents'));
if ($show_incidents == ENTERPRISE_NOT_HOOK) {
$show_incidents = MENU_FULL;
}
$show_inventory = enterprise_hook('get_menu_section_access', array('inventory'));
if ($show_inventory == ENTERPRISE_NOT_HOOK) {
$show_inventory = MENU_FULL;
}
$show_kb = enterprise_hook('get_menu_section_access', array('kb'));
if ($show_kb == ENTERPRISE_NOT_HOOK) {
$show_kb = MENU_FULL;
}
$show_file_releases = enterprise_hook('get_menu_section_access', array('file_releases'));
if ($show_file_releases == ENTERPRISE_NOT_HOOK) {
$show_file_releases = MENU_FULL;
}
$show_people = enterprise_hook('get_menu_section_access', array('people'));
if ($show_people == ENTERPRISE_NOT_HOOK) {
$show_people = MENU_FULL;
}
$show_agenda = enterprise_hook('get_menu_section_access', array('agenda'));
if ($show_agenda == ENTERPRISE_NOT_HOOK) {
$show_agenda = MENU_FULL;
}
$show_setup = enterprise_hook('get_menu_section_access', array('setup'));
if ($show_setup == ENTERPRISE_NOT_HOOK) {
$show_setup = MENU_FULL;
}
$show_wiki = enterprise_hook('get_menu_section_access', array('wiki'));
if ($show_wiki == ENTERPRISE_NOT_HOOK) {
$show_wiki = MENU_FULL;
}
$show_customers = enterprise_hook('get_menu_section_access', array('customers'));
if ($show_customers == ENTERPRISE_NOT_HOOK) {
$show_customers = MENU_FULL;
}
$sec = get_parameter('sec', '');
if (!isset($customers)) {
$customers = "";
}
$show_box = $sec == "projects" && $show_projects == MENU_FULL || $sec == "incidents" && $show_incidents == MENU_FULL || $sec == "inventory" && $show_inventory == MENU_FULL || $sec == "kb" && $show_kb == MENU_FULL || $sec == "download" && $show_file_releases == MENU_FULL || $sec == "users" && $show_people == MENU_FULL || $sec == "godmode" && $show_setup == MENU_FULL || $sec == "wiki" && $show_wiki == MENU_FULL || $sec == "customers" && $customers == MENU_FULL || dame_admin($config['id_user']);
}
// INTEGRIA - the ITIL Management System
// http://integria.sourceforge.net
// ==================================================
// Copyright (c) 2012 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
enterprise_include('include/functions_crm.php');
$permission = enterprise_hook('crm_check_acl_news', array($config['id_user']));
if ($permission === ENTERPRISE_NOT_HOOK) {
$permission = true;
} else {
if (!$permission) {
include "general/noaccess.php";
exit;
}
}
$create = get_parameter("create", 0);
$id = get_parameter("id", 0);
if ($create == 1) {
if (!$permission) {
audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to create a new newsletter");
require "general/noaccess.php";
exit;
echo "<h3 class='error'>" . __('Could not be created') . "</h3>";
} else {
echo "<h3 class='suc'>" . __('Successfully created') . "</h3>";
$id_data = mysql_insert_id();
//insert_event ("KB ITEM CREATED", $id_data, 0, $title);
audit_db($config["id_user"], $config["REMOTE_ADDR"], "KB", "Created kb item {$id_data} - {$title}");
}
}
// Attach DELETE
// ==============
if (isset($_GET["delete_attach"])) {
$id_attachment = get_parameter("delete_attach", 0);
$id_kb = get_parameter("update", 0);
$attach_row = get_db_row("tattachment", "id_attachment", $id_attachment);
$nombre_archivo = $config["homedir"] . "attachment/" . $id_attachment . "_" . $attach_row["filename"];
$item_accesibility = enterprise_hook('check_kb_item_accessibility_extra', array($id_user, $id_kb));
if ($item_accesibility == ENTERPRISE_NOT_HOOK) {
$item_accesibility = true;
}
//~ if ($id_kb && ! check_kb_item_accesibility($id_user, $id_kb)) {
if ($id_kb && $item_accesibility != true) {
audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item");
require "general/noaccess.php";
exit;
}
$sql = " DELETE FROM tattachment WHERE id_attachment =" . $id_attachment;
process_sql($sql);
unlink($nombre_archivo);
//insert_event ("KB ITEM UPDATED", $id_kb, 0, "File ".$attach_row["filename"]." deleted");
audit_db($config["id_user"], $config["REMOTE_ADDR"], "KB", "Deleted kb item {$id_kb} - " . $attach_row["filename"]);
echo "<h3 class='suc'>" . __('Attach deleted ok') . "</h3>";
function get_users_in_group($id_user = false, $id_group = false, $access = 'IR')
{
global $config;
$return = enterprise_hook('get_users_in_group_extra', array($id_user, $id_group, $access));
if ($return !== ENTERPRISE_NOT_HOOK) {
return $return;
}
return true;
}
if ($incident !== false && (give_acl($config['id_user'], $id_grupo, "IR") || $incident["id_creator"] == $config["id_user"])) {
if (get_external_user($config["id_user"]) and $incident["id_creator"] != $config["id_user"]) {
echo 0;
} else {
echo 1;
}
} else {
echo 0;
}
if (defined('AJAX')) {
return;
}
}
if (isset($incident)) {
//Incident creators must see their incidents
$check_acl = enterprise_hook("incidents_check_incident_acl", array($incident, false, "IW"));
if ($check_acl !== ENTERPRISE_NOT_HOOK && !$check_acl) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to ticket (External user) " . $id);
include "general/noaccess.php";
exit;
}
} else {
if (!give_acl($config['id_user'], $id_grupo, "IR")) {
// Doesn't have access to this page
audit_db($config['id_user'], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to ticket " . $id);
include "general/noaccess.php";
exit;
}
}
$id_grupo = 0;
$slas = array();
$slas[0] = __("None");
foreach ($slas_aux as $s) {
$slas[$s["id"]] = $s["name"];
}
$table->data[5][1] = print_select($slas, 'id_sla', $id_sla, '', '', 0, true, false, false, __('Ticket SLA'));
$table->data[6][0] = print_input_text('inventory_name', $inventory_name, '', 25, 0, true, __('Default Inventory object'), false);
$table->data[6][0] .= "<a href='javascript: show_inventory_search(\"\",\"\",\"\",\"\",\"\",\"\");'>" . ' ' . __('Search parent') . "</a>";
$table->data[6][0] .= print_input_hidden('id_inventory', $id_inventory, true);
$table->data[6][1] = print_input_text('email_from', $email_from, '', 40, 0, true, __('Email from'));
if ($config['enteprise'] == 1) {
$table->data[7][0] = print_textarea("email_group", 5, 40, $email_group, '', true, __('Email group') . print_help_tip(__("Place each email address in a new line. You can use regular expresions"), true));
}
echo '<form id="form-configurar_grupo" method="post" action="index.php?sec=users&sec2=godmode/grupos/lista_grupos">';
print_table($table);
enterprise_hook("groups_email_queue_form", array($autocreate_user, $grant_access, $send_welcome, $default_company, $welcome_email, $email_queue, $default_profile, $user_level, $incident_type));
echo '<div class="button" style="width: ' . $table->width . '">';
if ($id) {
print_submit_button(__('Update'), '', false, 'class="sub upd"');
print_input_hidden('update_group', 1);
print_input_hidden('id', $id);
} else {
print_submit_button(__('Create'), '', false, 'class="sub next"');
print_input_hidden('create_group', 1);
}
echo '</div></form>';
echo "<div class= 'dialog ui-dialog-content' id='inventory_search_window'></div>";
?>
<script type="text/javascript" src="include/js/jquery.ui.autocomplete.js"></script>
<script type="text/javascript" src="include/js/jquery.validation.functions.js"></script>
serialize_in_temp($filter, $config["id_user"]);
//tree_search_submit()
$table_search->data[3][1] = print_button(__('Export to CSV'), '', false, 'tree_search_submit(); window.open(\'' . 'include/export_csv.php?export_csv_inventory=1'.'\');', 'class="sub csv"', true);
//button
$table_search->data[3][2] = print_submit_button (__('Search'), 'search', false, 'class="sub search"', true);
$search_other .= print_table($table_search, true);
$search_other .= '</div>';
print_container_div("inventory_form",__("Inventory form search"),$search_other, 'open', false, false);
echo '</form>';
}
$write_permission = enterprise_hook ('inventory_check_acl', array ($config['id_user'], $id, true));
$page = (int)get_parameter('page', 1);
switch ($mode) {
case 'tree':
echo '<div class = "inventory_tree_table" id = "inventory_tree_table">';
inventories_print_tree($sql_search_pagination, $last_update);
echo '</div>';
break;
case 'list':
echo '<div id="tmp_data"></div>';
echo '<div class = "inventory_list_table" id = "inventory_list_table">';
echo '<div id= "inventory_only_table">';
inventories_show_list2($sql_search, $sql_search_count, $params, $block_size, 0, $count_object_custom_fields, $sql_search_pagination);
echo '</div>';
echo '</div>';
// INTEGRIA - the ITIL Management System
// http://integria.sourceforge.net
// ==================================================
// Copyright (c) 2008 Ártica Soluciones Tecnológicas
// http://www.artica.es <*****@*****.**>
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; version 2
// This program is distributed in the hope that it will be useful,
// but WITHOUT ANY WARRANTY; without even the implied warranty of
// MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
// GNU General Public License for more details.
global $config;
check_login();
include_once 'include/functions_crm.php';
$read = enterprise_hook('crm_check_user_profile', array($config['id_user'], 'cr'));
$enterprise = false;
if ($result === ENTERPRISE_NOT_HOOK) {
$read = true;
} else {
$enterprise = true;
if (!$read) {
include "general/noaccess.php";
exit;
}
}
$search_text = (string) get_parameter('search_text');
$id_company = (int) get_parameter('id_company_search');
$last_date = (int) get_parameter('last_date_search');
$start_date = (string) get_parameter('start_date_search');
$end_date = (string) get_parameter('end_date_search');
function print_html_report_button($href, $value = "HTML report", $id = "", $attr = "")
{
global $config;
enterprise_include('include/functions_reporting_pdf.php', true);
$return = enterprise_hook('print_html_report_button_extra', array($href, $value, $id, $attr));
if ($return !== ENTERPRISE_NOT_HOOK) {
return $return;
} else {
return "";
}
}
update_config_token("inventory_default_companies", $config["inventory_default_companies"]);
update_config_token("inventory_default_users", $config["inventory_default_users"]);
foreach ($labels as $k => $lab) {
$config["pandora_{$k}"] = get_parameter("pandora_{$k}");
update_config_token("pandora_{$k}", $config["pandora_{$k}"]);
}
echo ui_print_success_message(__('Successfully updated'), '', true, 'h3', true);
}
$table = new StdClass();
$table->width = '100%';
$table->class = 'search-table-button';
$table->colspan = array();
$table->data = array();
$button = print_input_hidden('update', 1, true);
$button .= print_submit_button(__('Update'), 'upd_button', false, 'class="sub upd"', true);
$table_remote_inventory = enterprise_hook('setup_print_remote_inventory_type');
if ($table_remote_inventory !== ENTERPRISE_NOT_HOOK) {
$table->data[3][0] = $table_remote_inventory;
$table->colspan[3][0] = 2;
}
echo "<form name='setup' method='post' id='inventory_status_form'>";
print_table($table);
echo "<div class='button-form'>";
echo $button;
echo "</div>";
echo '</form>';
?>
<script type="text/javascript" src="include/js/integria_inventory.js"></script>
<script type="text/javascript" src="include/js/jquery.validation.functions.js"></script>
<script type="text/javascript">