function mod_globals($mod_varname = FALSE, $mod_definition = FALSE, $mod_action = "show_form")
{
global $prefix, $hlpdsk_prefix, $tts, $name, $cmdOk, $admin_tabtable;
switch ($mod_action) {
case "update":
if ($mod_varname) {
$mod_varname = Security::sqlsecure($mod_varname);
$mod_definition = Security::sqlsecure($mod_definition);
$query = "update {$prefix}{$hlpdsk_prefix}_config set definition='{$mod_definition}' where varname='{$mod_varname}'";
if ($tts->query($query, $tts)) {
return TRUE;
}
}
return FALSE;
break;
case "insert":
if ($mod_varname) {
$mod_varname = Security::sqlsecure($mod_varname);
$mod_definition = Security::sqlsecure($mod_definition);
$query = "insert into {$prefix}{$hlpdsk_prefix}_config (varname,definition) values ('{$mod_varname}','{$mod_definition}')";
#echo "$query";exit();
if ($tts->query($query, $tts)) {
return TRUE;
}
}
return FALSE;
break;
case "delete":
if ($mod_varname) {
$mod_varname = Security::sqlsecure($mod_varname);
$mod_definition = Security::sqlsecure($mod_definition);
$query = "delete from {$prefix}{$hlpdsk_prefix}_config where varname='{$mod_varname}'";
if ($tts->query($query, $tts)) {
return TRUE;
}
}
return FALSE;
break;
}
$response = "<form action=\"admin.php?admin_tabtable={$admin_tabtable}&func=mod_globals\" method=POST>";
$response .= "<table border=1><tr>";
$response .= "<td><font class=content>varname<input name=mod_varname type=text></td>";
$response .= "<td><font class=content>definition<textarea name=mod_definition style=\"HEIGHT: 145px; WIDTH: 500px\"></textarea></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>" . "<td><font class=content>modify<input name=mod_action type=radio value=\"update\" checked></td>";
$response .= "</tr></table>";
$button = new button();
$button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();");
$response .= $button_submit . "</form>";
return $response;
}
case 'messages':
echo '<br/>';
echo '<br/>';
echo '<table width="100%" cellpadding="0" cellspacing="0">';
echo '<tr><td class="TableHead2"><input name="dummy" value="dummy" onclick="javascript:invert_selection()" type="checkbox"></td><td class="TableHead2" width="30%">Sender</td><td class="TableHead2" width="100%">Message</td></tr>';
$db->query("SELECT * FROM messages_messages WHERE user_id='{$GO_SECURITY->user_id}'ORDER BY ctime DESC");
while ($db->next_record()) {
$sender = show_profile($db->f('user_id'), '', 'normal', $link_back);
$message = htmlspecialchars($db->f('text'));
echo "<tr id=\"" . $db->f('id') . "\"><td><input id=\"C_" . $db->f('id') . "\" type=\"checkbox\" name=\"msgs[]\" value=\"" . $db->f('id') . "\" onclick=\"javascript:item_click(this)\" /></td><td>{$sender}</td><td>{$message}</td></tr>";
echo '<tr><td colspan="99" height="1"><img src="' . $GO_THEME->images['cccccc'] . '" border="0" height="1" width="100%" /></td></tr>';
}
echo '</table>';
$button = new button();
echo '<br/>';
echo $button->get_button('Delete', "document.forms[0].task.value='delete';document.forms[0].submit();");
break;
case 'properties':
if (!$db->query("SELECT * from messages_users WHERE user_id={$GO_SECURITY->user_id}") || !$db->next_record()) {
$acl_write = $GO_SECURITY->get_new_acl('message write: ' . $GO_SECURITY->user_id);
if ($acl_write > 0) {
$db->query("INSERT INTO messages_users (user_id,acl_write) VALUES ('{$GO_SECURITY->user_id}','{$acl_write}')");
}
$db->query("SELECT * from messages_users WHERE user_id={$GO_SECURITY->user_id}");
$db->next_record();
}
$tabtable = new tabtable('messages_tab', 'Messages', '100%', '400', '120', '', true);
$tabtable->add_tab('properties', 'Properties');
$tabtable->add_tab('permissions', 'Permissions');
$tabtable->print_head();
switch ($tabtable->get_active_tab_id()) {
$GO_MODULES->authenticate('opentts');
//set the page title for the header file
$page_title = "Opentts";
require $GO_THEME->theme_path . "header.inc";
$tts = new db();
require_once "classes.php";
require_once "menu.php";
$func = '';
if (isset($_POST['func'])) {
$func = $_POST['func'];
}
if (isset($_GET['func'])) {
$func = $_GET['func'];
}
$button = new button();
$button_left = $button->get_button($cmdAdd, 'addItems(this.form.AvailItems,this.form.AvailValue, this.form.SelItems);');
$button_right = $button->get_button($cmdDelete, 'addItemToTextBox(this.form.SelItems,this.form.AvailValue,this.form.AvailItems);removeItems(this.form.SelItems);');
$button_submit = $button->get_button($cmdOk, "javascript:this.form.Sel.value = makeStringFromSelect(this.form.SelItems); this.form.submit();");
$button_reset = $button->get_button($cmdReset, "javascript:this.form.reset();");
$tabtable = new tabtable('admin_tabtable', $helpdesk_title_admin, '100%', '400');
#$tabtable->add_tab('welcome', $helpdesk_menu_administration);
$tabtable->add_tab('categories', $helpdesk_menu_categories);
$tabtable->add_tab('agents', $helpdesk_menu_groups);
$tabtable->add_tab('permissions', $helpdesk_menu_permissions);
$tabtable->add_tab('priorities', $helpdesk_menu_priorities);
$tabtable->add_tab('projects', $helpdesk_menu_projects);
$tabtable->add_tab('status', $helpdesk_menu_status);
#$tabtable->add_tab('edit_globals', $helpdesk_menu_globals);
$tabtable->print_head();
$admin_tabtable = $tabtable->active_tab;
if (Security::is_action_allowed("admin")) {
function show_search()
{
global $name, $hlpdsk_prefix, $tts, $prefix, $strtosearch, $limit, $limit_rows, $search_status, $submit, $GO_LANGUAGE;
require $GO_LANGUAGE->get_language_file('opentts');
if ($submit == "prev" and $limit >= $limit_rows) {
$limit -= $limit_rows;
}
if ($submit == "next") {
$limit += $limit_rows;
}
if ($submit == "search") {
$limit = 0;
}
if ($submit and $limit_rows == -1) {
$limit_rows = 10;
}
if (!$limit) {
$limit = 0;
}
if (!$limit_rows) {
$limit_rows = -1;
}
$response = " <DIV align=center>" . "<TABLE BORDER=0 CELLSPACING=1 CELLPADDING=1 class=boxcontent>" . "<TR><TD>" . "<FORM action=\"queries.php\" method=POST id=frmsearch name=frmsearch>" . "<STRONG><font class=content>{$tts_lang_search}</STRONG><BR>" . "<INPUT type=\"text\" name=strtosearch value=\"" . Security::htmlsecure($strtosearch) . "\" size=60 class=textbox><br>";
$response .= "</td></tr>";
$response .= "<tr><td>";
$query = "select status_id,status_name,show_by_default from {$prefix}{$hlpdsk_prefix}_status";
$tts->query($query);
$colbreak = 0;
$response .= "<table border=1 width=100%>";
while ($tts->next_record()) {
$status_id = $tts->f('status_id');
$status_name = $tts->f('status_name');
$show_by_default = $tts->f('show_by_default');
if ($colbreak == 0) {
$response .= "<tr>";
}
if (!$search_status) {
if ($show_by_default == 1) {
$checked = "checked";
} else {
$checked = "";
}
} else {
if ($search_status[$status_id] == "on") {
$checked = "checked";
} else {
$checked = "";
}
}
$response .= "<td><font class=content>{$status_name}:<input name=search_status[{$status_id}] type=checkbox {$checked}></td>";
$colbreak += 1;
if (2 == $colbreak) {
$response .= "</tr>";
$colbreak = 0;
}
}
$response .= "</table>";
$response .= "</td></tr>";
$response .= "<tr><td>";
$response .= "<INPUT type=\"hidden\" value=\"search\" name=\"action\">";
$button = new button();
$response .= $button->get_button($cmdSearch, 'javascript:document.frmsearch.submit();');
if ($submit) {
$response .= "<input type=\"submit\" value=\"prev\" name=submit><input type=\"submit\" value=\"next\" name=submit> ";
}
$response .= "</FORM></TD>";
$response .= " </TR></TABLE>";
return $response;
}
function showrecords()
{
global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE;
require $GO_LANGUAGE->get_language_file('opentts');
$acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
$acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'");
if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) {
$query_condition = " ";
} else {
$query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')";
}
$querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} ";
$tts->query($querytext);
$recordcount = $tts->num_rows();
$row = 0;
if ($recordcount = 0) {
return 'missing';
}
while ($tts->next_record()) {
$post_date = $tts->f('post_date');
$due_date = $tts->f('due_date');
$end_date = $tts->f('end_date');
$complete = $tts->f('complete');
$t_from = $tts->f('t_from');
$t_stage = $tts->f('t_stage');
$t_category = $tts->f('t_category');
$t_priority = $tts->f('t_priority');
$t_subject = htmlspecialchars($tts->f('t_subject'));
$t_description = htmlspecialchars($tts->f('t_description'));
#$t_description=str_replace("\n"," <br> ",$t_description);
$t_assigned = $tts->f('t_assigned');
$t_email = $tts->f('t_email');
$t_sms = $tts->f('t_sms');
$t_status = $tts->f('t_status');
$change_date = htmlspecialchars($tts->f('change_date'));
$activity_id = $tts->f('activity_id');
$project_id = $tts->f('project_id');
$due_date = date("Y/m/d H:i", $due_date);
$end_date = date("Y/m/d H:i", $end_date);
$action_changes = $javascript;
if ($t_sms == "on") {
$t_sms = " CHECKED";
}
if ($t_email == "on") {
$t_email = " CHECKED";
}
if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) {
$button = new button();
$action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()");
$action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()");
} else {
$action_changes .= '';
}
$action_changes .= "</form></center>";
$tts_lang_ticket_number = "Ticket Number:";
$tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date);
$fullname = opentts::get_fullname($t_from);
if (Security::is_action_allowed("imperson", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_from', $t_from);
$tts_lang_issuer = $select->get_link("{$tts_lang_issuer}");
$tts_lang_issuer_value = $select->get_field();
} else {
$tts_lang_issuer_value = "{$fullname}";
}
$stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'"));
$category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'"));
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>";
$t_assigned_name = Security::whatsmyname($t_assigned);
if (Security::is_action_allowed("change_subject", 0, $acl_write)) {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>";
} else {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>";
}
$tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>";
$tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date);
$tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>";
$post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">";
if (Security::is_action_allowed("change_project", 0, $acl_write)) {
$project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id"));
$tts_lang_project_value = "{$project_name}";
} else {
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$tts_lang_project_value = "{$project_name}";
}
$fullname = opentts::get_fullname($t_assigned);
if (Security::is_action_allowed("change_assigned", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_assigned', $t_assigned);
$tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}");
$tts_lang_assign_to_value = $select->get_field();
} else {
$tts_lang_assign_to_value = "{$fullname}";
}
if (Security::is_action_allowed("change_end_date", 0, $acl_write)) {
$time = strtotime($end_date);
#$end_date_d_m_y=date("Y/m/d",$time);
$end_date_h = date("H", $time);
$end_date_i = date("i", $time);
$today = date($_SESSION['GO_SESSION']['date_format'], $time);
$end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today);
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$end_date .= '<td>';
$end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h);
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i);
if ($htmldirection == 'rtl') {
$end_date .= "{$end_date_i_value}:{$end_date_h_value}";
} else {
$end_date .= "{$end_date_h_value}:{$end_date_i_value}";
}
$tts_lang_end_date_value = "{$end_date} ";
} else {
$tts_lang_end_date_value = "{$end_date}";
}
if (Security::is_action_allowed("change_complete", 0, $acl_write)) {
$_PERCENTAGE_COMPLETE_VALUE = select_option("{$complete}", "{$select_complete}");
} else {
$_PERCENTAGE_COMPLETE_VALUE = "{$complete} %";
}
if (Security::is_action_allowed("change_due_date", 0, $acl_write)) {
$time = strtotime($due_date);
$due_date_d_m_y = date($_SESSION['GO_SESSION']['date_format'], $time);
$due_date_h = date("H", $time);
$due_date_i = date("i", $time);
$today = date($_SESSION['GO_SESSION']['date_format'], $time);
$due_date = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today, '', '', 'onchange="javascript:document.change_status.end_date_d_m_y.value=this.value;"');
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$due_date .= '<td>';
$due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"');
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"');
if ($htmldirection == 'rtl') {
$due_date .= "{$due_date_i_value}:{$due_date_h_value}";
} else {
$due_date .= "{$due_date_h_value}:{$due_date_i_value}";
}
$tts_lang_due_date_value = "{$due_date} ";
} else {
$tts_lang_due_date_value = "{$tts_lang_due_date}{$due_date}";
}
if (Security::is_action_allowed("change_activity", 0, $acl_write)) {
$activity = select_option("{$activity_id}", fill_select("activity_id", "{$prefix}{$hlpdsk_prefix}_activities", "activity_id", "activity_name", " "));
$tts_lang_activity_value = "<br>{$activity} ";
} else {
$tts_lang_activity_value = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", "where activity_id='{$activity_id}'"));
}
if (Security::is_action_allowed("change_status", 0, $acl_write)) {
$t_status_sel = select_option("{$t_status}", fill_select("t_status", "{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name", " "));
$tts_lang_status_value = "<br>{$t_status_sel}";
} else {
$status_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_status", "status_name", " where status_id='{$t_status}'"));
$tts_lang_status_value = "{$status_name}";
}
if (Security::is_action_allowed("change_priority", 0, $acl_write)) {
$t_priorities = select_option("{$t_priority}", fill_select("t_priority", "{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name", " "));
$tts_lang_priority_value = "{$t_priorities}<br>";
} else {
$t_priority_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_priorities", "priority_name", " where priority_id={$t_priority}"));
$tts_lang_priority_value = "{$t_priority_name}";
}
if (Security::is_action_allowed("change_category", 0, $acl_write)) {
$t_category = select_option("{$t_category}", fill_select("t_category", "{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name", " "));
$tts_lang_category_value = "{$t_category}<br>";
} else {
$tts_lang_category_value = "{$category_name}";
}
if (Security::is_action_allowed("change_stage", 0, $acl_write)) {
$t_stage = select_option("{$t_stage}", fill_select("t_stage", "{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name", " "));
$tts_lang_stage_value = "<br>{$t_stage}<br>";
} else {
$tts_lang_stage_value = Security::htmlsecure("{$stage_name}");
}
$mailto_subject = "?subject=" . addslashes("Ticket Task {$Ticket_Number}: ") . addslashes($t_subject);
$mailto_body = "&body=" . addslashes("Ticket/Task: {$Ticket_Number} / ") . addslashes($t_description);
$mailto = $mailto_subject . $mailto_body;
$tts_lang_mail_this = "<a href=\"mailto:{$mailto}\">Send email</a>";
$tts_lang_estimated_time = $_MONEY = '';
$tts_lang_mail_this = "";
$file = "themes/{$hlpdsk_theme}/showline_ticket.html";
$file = addslashes(implode("", file($file)));
eval("\$content=stripslashes(\" {$file}\");");
echo $content;
$row++;
}
}
if (Security::is_action_allowed("set_due_date")) {
$time = date($_SESSION['GO_SESSION']['date_format'], time());
$tts_lang_due_date_value = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $time, '', '', 'onchange="javascript:document.new_ticket.end_date_d_m_y.value=this.value;"');
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$tts_lang_due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"');
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$tts_lang_due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"');
if ($htmldirection == 'rtl') {
$tts_lang_due_date_value .= "{$tts_lang_due_date_i_value}:{$tts_lang_due_date_h_value}";
} else {
$tts_lang_due_date_value .= "{$tts_lang_due_date_h_value}:{$tts_lang_due_date_i_value}";
}
} else {
$tts_lang_due_date_value = "";
}
$tts_lang_notify_by .= " email <input type=checkbox name=t_email>";
$tts_lang_post_date_value = "{$post_date}";
$_POST = "<form name=\"new_ticket\" method=\"POST\" action=\"entry_proc.php\">";
$button = new button();
$action_changes = $button->get_button($cmdOk, "javascript:document.new_ticket.submit()");
$action_changes .= ' ' . $button->get_button($cmdReset, "javascript:document.new_ticket.reset()");
$_ACTION = $javascript . $action_changes . "</form>";
//
$file = "themes/{$hlpdsk_theme}/entry_ticket.html";
$file = addslashes(implode("", file($file)));
eval("\$content=stripslashes(\"{$file}\");");
echo "<center>{$content}</center>";
}
$tabtable->print_foot();
function show_default_agent_table()
{
global $tts, $prefix, $hlpdsk_prefix, $name, $admin_tabtable, $cmdOk, $cmdReset;
$query = "select * from {$prefix}{$hlpdsk_prefix}_groups_members where gid=2";
$content = "<br><h2>Change Default agent</h2><br>";
$content .= "<form method=POST action='admin.php?admin_tabtable={$admin_tabtable}&func=set_default_agent'>";
$content .= "<table border=1><tr><td>select</td><td>agent</td></tr>";
if ($tts->query($query, $tts)) {
while ($tts->next_record()) {
if ($tts->f('uid_default') == 1) {
$choosen_one = "checked";
} else {
$choosen_one = "";
}
$content .= "<tr><td><input type=radio name=\"choosen_one\" value=\"" . $tts->f('uid') . "\" {$choosen_one} ></td><td>" . Security::whatsmyname($tts->f('uid')) . "</td></tr>";
}
$content .= "</table>";
$button = new button();
$button_submit = $button->get_button($cmdOk, "javascript:this.form.submit();");
$button_reset = $button->get_button($cmdReset, "javascript:this.for\nm.reset();");
$content .= "{$button_submit}.{$button_reset}</form>";
return $content;
}
return FALSE;
}
