include "../include.php"; if (url_action("delete")) { if (!isset($_GET["staffID"]) && isset($_GET["id"])) { $_GET["staffID"] = $_GET["id"]; } $r = db_grab("SELECT firstname, lastname, endDate FROM intranet_users WHERE userID = " . $_GET["staffID"]); if ($r["endDate"]) { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE() WHERE userID = " . $_GET["staffID"]); } else { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE(), endDate = GETDATE() WHERE userID = " . $_GET["staffID"]); } if ($locale == "/_seedco/") { email("jreisner@seedco.org,pchoi@seedco.org", "<a href='http://intranet.seedco.org/staff/view.php?id=" . $_GET["staffID"] . "'>" . $r["firstname"] . " " . $r["lastname"] . "</a> was just deactivated on the Intranet.", "Intranet: Staff Deleted"); } url_query_drop("action,staffID"); } function drawJumpToStaff($selectedID = false) { global $isAdmin; $nullable = $selectedID === false; $return = ' <table class="message"> <tr> <td class="gray">Jump to ' . drawSelectUser("", $selectedID, $nullable, 0, true, true, "Staff Member:") . '</td> </tr> </table>'; if ($isAdmin) { if ($r = db_grab("SELECT COUNT(*) FROM users_requests")) { $return = drawServerMessage("There are pending <a href='requests.php'>account requests</a> for you to review.") . $return; }
<?php include "include.php"; if (isset($_GET["deleteID"])) { if (db_grab("SELECT endDate FROM intranet_users WHERE userID = " . $_GET["deleteID"])) { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE() WHERE userID = " . $_GET["deleteID"]); } else { db_query("UPDATE intranet_users SET isActive = 0, deletedBy = {$user["id"]}, deletedOn = GETDATE(), endDate = GETDATE() WHERE userID = " . $_GET["deleteID"]); } url_query_drop("deleteID"); } $orgs = array(); if (!isset($_GET["id"])) { $_GET["id"] = 0; } $orgs[0] = "Shared"; $orgs = db_array("SELECT id, description FROM organizations ORDER BY description", $orgs); drawTop(); ?> <table class="navigation staff" cellspacing="1"> <tr class="staff-hilite"> <?php foreach ($orgs as $key => $value) { ?> <td width="14.28%"<?php if ($_GET["id"] == $key) { ?> class="selected"<?php } ?> ><?php
<?php include "include.php"; if (url_action("deletereq")) { db_query("DELETE FROM users_requests WHERE id = " . $_GET["id"]); url_query_drop("action,id"); } elseif (url_action("invite")) { $result = db_query('SELECT id FROM users WHERE lastlogin IS NULL AND is_active = 1'); while ($r = db_fetch($result)) { emailInvite($r['id']); } url_query_drop("action"); } echo drawTop(); echo drawJumpToStaff(); echo drawTableStart(); echo drawHeaderRow("", 3); $result = db_query("SELECT id, lastname, firstname, created_date FROM users_requests WHERE is_active = 1 ORDER BY created_date DESC"); if (db_found($result)) { ?> <tr> <th width="70%">Name</th> <th width="30%" class="r">Invited On</th> <th></th> </tr> <?php while ($r = db_fetch($result)) { ?> <tr> <td><a href="add_edit.php?requestID=<?php echo $r["id"];
} elseif ($_SESSION['update_days'] > 90 || empty($_SESSION['updated_date'])) { error_debug('user needs address update', __FILE__, __LINE__); if ($_josh['request']['path'] != '/staff/add_edit.php') { url_change('/staff/add_edit.php?id=' . $_SESSION['user_id']); } } //handle side menu pref updates error_debug('handle side menu pref updates', __FILE__, __LINE__); if (isset($_GET['module'])) { //todo ajax if (db_grab('SELECT COUNT(*) FROM users_to_modules_closed WHERE module_id = ' . $_GET['module'] . ' AND user_id = ' . $_SESSION['user_id'])) { db_query('DELETE FROM users_to_modules_closed WHERE module_id = ' . $_GET['module'] . ' AND user_id = ' . $_SESSION['user_id']); } else { db_query('INSERT INTO users_to_modules_closed ( module_id, user_id ) VALUES ( ' . $_GET['module'] . ', ' . $_SESSION['user_id'] . ' )'); } url_query_drop('module'); } elseif (isset($_GET['channel_id'])) { $_SESSION['channel_id'] = empty($_GET['channel_id']) ? false : $_GET['channel_id']; url_drop('channel_id'); } } //obsolete functions error_debug('include obsolete.php', __FILE__, __LINE__); include DIRECTORY_ROOT . '/obsolete.php'; //done! error_debug('done processing include!', __FILE__, __LINE__); //draw functions function drawColumnDelete($id) { return draw_img('/images/icons/delete.png', 'javascript:confirmDelete(' . $id . ');'); }
<?php include '../include.php'; if (url_action('delete')) { if (!isset($_GET['delete_id']) && isset($_GET['id'])) { $_GET['delete_id'] = $_GET['id']; } $r = db_grab('SELECT firstname, lastname, endDate FROM users WHERE id = ' . $_GET['delete_id']); if ($r['endDate']) { db_query('UPDATE users SET is_active = 0, deleted_user = '******'user_id'] . ', deleted_date = GETDATE() WHERE id = ' . $_GET['delete_id']); } else { db_query('UPDATE users SET is_active = 0, deleted_user = '******'user_id'] . ', deleted_date = GETDATE(), endDate = GETDATE() WHERE id = ' . $_GET['delete_id']); } if (getOption('staff_alertdelete')) { emailAdmins('Intranet: Staff Deleted', draw_link(url_base() . '/staff/view.php?id=' . $_GET['staffID'], $r['firstname'] . ' ' . $r['lastname']) . ' was just deactivated on the Intranet.'); } url_query_drop('action,delete_id'); } function drawJumpToStaff($selectedID = false) { global $page; $nullable = $selectedID === false; $return = drawPanel(getString('jump_to') . ' ' . drawSelectUser('', $selectedID, $nullable, 0, true, true, 'Staff Member:')); if ($page['is_admin'] && db_grab('SELECT COUNT(*) FROM users_requests WHERE is_active = 1')) { $return = drawMessage('There are pending <a href="requests.php">account requests</a> for you to review.') . $return; } return $return; }
} elseif (isset($_GET["newType"])) { if (empty($_GET["newType"])) { $_GET["newType"] = "NULL"; } db_query("UPDATE helpdesk_tickets SET type_id = {$_GET["newType"]}, updated_date = GETDATE(), updated_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["ticketID"]); } elseif (isset($_GET["newTime"])) { if (empty($_GET["newTime"])) { $_GET["newTime"] = 0; } db_query("UPDATE helpdesk_tickets SET timeSpent = {$_GET["newTime"]}, updated_date = GETDATE(), updated_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["ticketID"]); } elseif (isset($_GET["newDepartment"])) { db_query("UPDATE helpdesk_tickets SET departmentID = {$_GET["newDepartment"]}, type_id = NULL, updated_date = GETDATE(), updated_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["ticketID"]); } elseif (isset($_GET["newUser"])) { db_query("UPDATE helpdesk_tickets SET created_user = {$_GET["newUser"]}, updated_date = GETDATE(), updated_user = {$_SESSION["user_id"]} WHERE id = " . $_GET["ticketID"]); } url_query_drop("ticketID, newOwner, newStatus, newPriority, newDepartment, newType"); } else { //load dropdown values -- owner, status, priority, department, type $ownerOptions = array(); $result = db_query("SELECT \n\t\t\tu.id, \n\t\t\tISNULL(u.nickname, u.firstname) first \n\t\t\tFROM users u\n\t\t\tLEFT JOIN users_to_modules a ON a.user_id = u.id \n\t\t\tWHERE \n\t\t\t\tu.is_active = 1 AND\n\t\t\t\t( a.module_id = 3 OR u.is_admin = 1 ) \n\t\t\t\tAND\n\t\t\t\tu.departmentID = {$departmentID}\n\t\t\tORDER BY first"); while ($r = db_fetch($result)) { $ownerOptions[$r["id"]] = $r["first"]; } $statusOptions = array(); $result = db_query("SELECT id, description FROM helpdesk_tickets_statuses"); while ($r = db_fetch($result)) { if ($r["id"] != 9) { $statusOptions[$r["id"]] = $r["description"]; } } $result = db_query("SELECT id, description FROM helpdesk_tickets_priorities");
db_query('UPDATE intranet_offices SET precedence = ' . $counter . ' WHERE id = ' . $id); $counter++; } exit; } else { db_enter('intranet_offices', 'name address precedence'); url_query_drop('id'); } } elseif (url_id() && url_action('delete')) { db_query('DELETE FROM intranet_offices WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); if (url_id()) { if (!($l = db_grab('SELECT id, name, address, precedence FROM intranet_offices WHERE id = ' . $_GET['id']))) { url_query_drop('id'); } $form = new intranet_form(); $form->addRow('hidden', '', 'precedence', $l['precedence']); $form->addRow('itext', 'Name', 'name', $l['name'], '', true, 255); $form->addRow('textarea-plain', 'Address', 'address', $l['address'], ''); $form->addRow('submit', 'Save Changes'); $form->draw('Edit Location'); } else { ?> <table cellspacing='1' class='left draggable locations'> <thead> <?php echo drawHeaderRow(false, 4, 'new', '#bottom'); ?> <tr>
function url_drop($deletes = false, $go = true) { //alias for url_query_drop return url_query_drop($deletes, $go); }
WHERE f.id = ' . $id); $channels_text = db_array('SELECT c.title' . langExt($lang) . ' FROM bb_topics_to_channels t2c JOIN channels c ON t2c.channel_id = c.id WHERE t2c.topic_id = ' . $_POST['topic_id']); $channels_text = implode(', ', $channels_text); $message = '<p style="font-weight:bold;">' . $reply['firstname'] . ' ' . $reply['lastname'] . ' ' . getString('bb_followup', $lang) . '</p> <p>' . getString('title', $lang) . ': ' . draw_link(url_base() . '/bb/topic.php?id=' . $id, $topic['title']) . '</p> <p>' . getString('channels_label', $lang) . ': ' . $channels_text . '</p>'; if ($topic['type']) { $message .= '<p>' . getString('category', $lang) . ': ' . $topic['type'] . '</p>'; } $message .= '<div style="color:#555; border-top:1px dotted #555; padding-top:5px; margin-top:5px;">' . $reply['description'] . '</div>'; emailUser($emails, 'RE: ' . $topic['title'], $message); } } bbDrawRss(); url_change(); } elseif (isset($_GET['delete'])) { db_delete('bb_topics'); bbDrawRss(); url_change('/bb/'); } elseif (isset($_GET['deleteFollowupID'])) { db_delete('bb_followups', $_GET['deleteFollowupID']); bbDrawRss(); url_query_drop('deleteFollowupID'); } //get topic data if (!($r = bbDrawTopic($_GET['id']))) { url_change('/bb/'); } echo drawTop(); echo $r; echo drawBottom();
if (!isset($page["moduleID"])) { $page["moduleID"] = 0; } if (!isset($modules[$page["moduleID"]])) { error_debug("unspecified module"); $modules[$page["moduleID"]]["pallet"] = false; $modules[$page["moduleID"]]["isPublic"] = false; $modules[$page["moduleID"]]["pallet"] = false; $modules[$page["moduleID"]]["name"] = "Intranet"; $modules[$page["moduleID"]]["isAdmin"] = false; } //handle switch updates //side menu pref if (isset($_GET["toggleMenuPref"])) { db_query("UPDATE intranet_users SET " . $_GET["toggleMenuPref"] . " = " . abs($user[$_GET["toggleMenuPref"]] - 1) . " WHERE userID = " . $user["id"] . ";"); url_query_drop("toggleMenuPref"); } //done! error_debug("done processing include!"); //custom functions - miscellaneous function includeLibrary() { global $_josh; $possibilities = array("/home/hcfacc/www/joshlib/index.php", "/home/forge/hcfa-cc.joshreisner.com/joshlib/index.php", "/Users/joshreisner/Sites/hcfa-cc/joshlib/index.php"); foreach ($possibilities as $p) { if (@(include $p)) { return $_josh; } } return false; }
} die(drawSpotlight()); } else { $id = db_enter('spotlight', 'title url precedence'); if ($uploading && file_ext($_FILES["userfile"]['name']) == 'jpg') { define('DIRECTORY_ROOT', $_SERVER['DOCUMENT_ROOT']); define('DIRECTORY_WRITE', '/uploads'); $image = format_image($_FILES["userfile"]["tmp_name"], 'jpg'); $image = format_image_resize($image, 320, 320); file_put('/uploads/spotlight/' . $id . '.jpg', $image); } url_change(); } } elseif (!empty($_GET['id']) && url_action('delete')) { db_query('DELETE FROM spotlight WHERE id = ' . $_GET['id']); url_query_drop('action,id'); } drawTop(); ?> <table cellspacing="1" class="left draggable spotlight"> <thead> <?php echo drawHeaderRow(false, 5, "new", "#bottom"); ?> <tr> <th class="reorder"></th> <th>Image</th> <th>Link</th> <th>Address</th> <th class="delete"></th> </tr>
$_POST["topicID"] = $_GET["id"]; $editing = false; $id = db_enter("bulletin_board_followups", "topicID |description"); db_grab("SELECT topicID FROM bulletin_board_followups WHERE id = " . $id); db_query("UPDATE bulletin_board_topics SET threadDate = GETDATE() WHERE id = " . $_GET["id"]); syndicateBulletinBoard(); url_change(); } //set topic and followups to deleted if (isset($_GET["delete"])) { db_query("UPDATE bulletin_board_topics SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE id = " . $_GET["id"]); syndicateBulletinBoard(); url_change("/bb/"); } elseif (isset($_GET["deleteFollowupID"])) { db_query("UPDATE bulletin_board_followups SET \n\t\t\t\tisActive = 0,\n\t\t\t\tdeletedOn = GETDATE(),\n\t\t\t\tdeletedBy = {$user["id"]}\n\t\t\t WHERE ID = " . $_GET["deleteFollowupID"]); url_query_drop("deleteFollowupID"); } //get topic data $r = db_grab("SELECT \n\t\tt.title,\n\t\tt.description,\n\t\tt.createdOn,\n\t\tt.isAdmin,\n\t\tu.userID,\n\t\tISNULL(u.nickname, u.firstname) firstname,\n\t\tu.lastname\n\t\tFROM bulletin_board_topics t\n\t\tJOIN intranet_users u ON t.createdBy = u.userID\n\t\tWHERE t.id = " . $_GET["id"]); //check that it exists if (empty($r)) { url_change("/bb/"); } drawTop(); echo drawSyndicateLink("bb"); $isPoster = $r["userID"] == $user["id"] ? true : false; if (!$printing) { $r["description"] = htmlwrap($r["description"]); } //if ($_GET["id"] == 7966) echo drawServerMessage("<b>Note</b>: This comments on this post are organized in reverse-chronological order."); if ($r["isAdmin"]) {
} elseif (isset($_GET["deactivateTag"])) { db_query("UPDATE contacts_tags SET is_active = 0 WHERE id = " . $_GET["deactivateTag"]); url_query_drop("deactivateTag"); } elseif (isset($_GET["alphabetize"])) { $tags = db_query("SELECT tag FROM contacts_tags WHERE type_id = " . $_GET["id"]); $values = array(); while ($t = db_fetch($tags)) { $values[] = $t["tag"]; } sort($values); $counter = 1; foreach ($values as $value) { db_query("UPDATE contacts_tags SET precedence = {$counter} WHERE type_id = {$_GET["id"]} AND tag = '{$value}'"); $counter++; } url_query_drop("alphabetize"); } elseif (isset($_GET["moveTagUp"])) { //code not written yet $tag = db_grab("SELECT type_id, precedence FROM contacts_tags WHERE id = " . $_GET["moveTagUp"]); } elseif (isset($_GET["moveTagDown"])) { //code not written yet $tag = db_grab("SELECT type_id, precedence FROM contacts_tags WHERE id = " . $_GET["moveTagDown"]); } echo drawTop(); ?> <script language="javascript"> <!-- function validate(form) { if (!form.tag.value.length) return false; return true; }