/
inventory_view.php
121 lines (106 loc) · 3.75 KB
/
inventory_view.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
<?php
// inventory_view.php - View inventory items
//
// SiT (Support Incident Tracker) - Support call tracking system
// Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
//
// This software may be used and distributed according to the terms
// of the GNU General Public License, incorporated herein by reference.
$permission = 0;
require ('core.php');
require (APPLICATION_LIBPATH . 'functions.inc.php');
require (APPLICATION_LIBPATH . 'auth.inc.php');
$title = "$strInventory - $strView";
include (APPLICATION_INCPATH . 'htmlheader.inc.php');
if(!$CONFIG['inventory_enabled'])
{
html_redirect('index.php', FALSE);
exit;
}
if (is_numeric($_GET['id']))
{
//View site inventory
$id = $_GET['id'];
if (!empty($_REQUEST['filter']))
{
$filter = cleanvar($_REQUEST['filter']);
}
$sql = "SELECT *, i.name AS name , i.id AS id, ";
$sql .= "i.notes AS notes, ";
$sql .= "i.active AS active ";
$sql .= "FROM `{$dbInventory}` AS i ";
$sql .= "WHERE i.id='{$id}' ";
$result = mysql_query($sql);
if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_WARNING);
if (mysql_num_rows($result) > 0)
{
$row = mysql_fetch_object($result);
if (($row->privacy == 'private' AND $sit[2] != $row->createdby) OR
$row->privacy == 'adminonly' AND !user_permission($sit[2], 22))
{
html_redirect('inventory.php', FALSE);
exit;
}
echo "<h2>".icon('inventory', 32)." {$strInventory}</h2>";
echo "<div id='container' style='width: 40%'>";
echo "<h3>{$row->name}";
if ($row->active != 1)
{
echo " (inactive)";
}
echo " (<small><a href='inventory_edit.php?id={$id}'>";
echo "{$strEdit}</a></small>)</h3>";
echo "<p><strong>{$strType}:</strong> ";
echo "{$CONFIG['inventory_types'][$row->type]}</p>";
if (!empty($row->identifier))
{
echo "<p><strong>{$strID}:</strong> {$row->identifier}</p>";
}
echo "<p><strong>{$strAddress}:</strong> $row->address</p>";
if (!empty($row->contactid))
{
echo "<p><strong>{$strOwner}:</strong> ";
echo "<a href='contact_details.php?id={$row->contactid}'>";
echo contact_realname($row->contactid)."</a></p>";
}
echo "<p><strong>{$strUsername}:</strong> ";
if (($row->privacy == 'adminonly' AND !user_permission($sit[2], 22)) OR
($row->privacy == 'private' AND $row->createdby != $sit[2]))
{
echo "<strong>{$strWithheld}</strong>";
}
else
{
echo $row->username;
}
echo "</p>";
echo "<p><strong>{$strPassword}:</strong> ";
if (($row->privacy == 'adminonly' AND !user_permission($sit[2], 22)) OR
($row->privacy == 'private' AND $row->createdby != $sit[2]))
{
echo "<strong>{$strWithheld}</strong>";
}
else
{
echo $row->password;
}
echo "</p>";
if (!empty($row->notes))
{
echo "<p><strong>{$strNotes}: </strong> {$row->notes}</p>";
}
echo "<strong>{$strCreatedBy}:</strong> ".user_realname($row->createdby);
echo " {$row->created}, <strong>{$strLastModifiedBy}:</strong> ";
echo user_realname($row->modifiedby)." {$row->modified}</p>";
echo "</div>";
echo "<p align='center'><a href='inventory_site.php?id={$row->siteid}'>";
echo "{$strBackToList}</a></p>";
}
else
{
echo "<h2>".icon('inventory', 32)." {$strInventory}</h2>";
echo "<p class='info'>{$strNoRecords}</p>";
}
include (APPLICATION_INCPATH . 'htmlfooter.inc.php');
}
?>