function UpdateTeam($tn, $data)
{
DenyGuest();
// Don't allow Guests to do this...
$loc = "teamlib.php->UpdateTeam";
$fields = array(array("BestPicID", "int"), array("NickName", "str"));
$tn = intval($tn);
if ($tn < 1 || $tn > 9999) {
DieWithMsg($loc, "illegal tn value.");
}
$row = GetTeamInfo($tn);
if ($row == false) {
// This will be the first insert!
// Add the teamnumber field and data.
$fields[] = array("TeamNumber", "int");
$data["TeamNumber"] = $tn;
$sql = "INSERT INTO Teams " . GenerateSqlInsert($data, $fields);
SqlQuery($loc, $sql);
return true;
} else {
// This will be an update.
$set = GenerateSqlSet($data, $fields);
if ($set == false) {
return false;
}
$sql = "UPDATE Teams SET " . $set . " WHERE TeamNumber = " . intval($tn);
SqlQuery($loc, $sql);
return true;
}
}
$doform = false;
$link_to_view = false;
$picid = 0;
$param_list = array(array("FieldName" => "Title", "FieldType" => "Text", "Caption" => "Title of New Work Order"), array("FieldName" => "Project", "FieldType" => "Selection", "Selection" => $WOProjects, "Caption" => "Project"), array("FieldName" => "DateNeedBy", "FieldType" => "Date", "Caption" => "Date Needed"), array("FieldName" => "Priority", "FieldType" => "Selection", "Selection" => $WOPriorities, "Caption" => "Priority"), array("FieldName" => "Requestor", "FieldType" => "Selection", "Selection" => $WOIPTeams, "Caption" => "Requesting IPT"), array("FieldName" => "Receiver", "FieldType" => "Selection", "Selection" => $WOIPTeams, "Caption" => "Receiving IPT"), array("FieldName" => "Description", "FieldType" => "TextArea", "Rows" => 10, "Columns" => 72, "Caption" => "Describe Work"));
if ($_SERVER["REQUEST_METHOD"] == "GET") {
// Set up defaults...
$data["Priority"] = $WOPriorities[0];
$data["Requestor"] = $userIPT;
$data["Receiver"] = $userIPT;
$data["DateNeedBy"] = date('Y-m-d', time() + 5 * 24 * 3600);
PopulateParamList($param_list, $data);
$doform = true;
goto GenerateHtml;
}
if ($_SERVER["REQUEST_METHOD"] == "POST") {
DenyGuest();
PopulateParamList($param_list, $_POST);
// Check for required inputs:
$sEmpty = array();
if (empty($_POST["Title"])) {
$sEmpty[] = "Title";
}
if (empty($_POST["Priority"])) {
$sEmpty[] = "Priority";
}
if (empty($_POST["Project"])) {
$sEmpty[] = "Project";
}
if (empty($_POST["Requestor"])) {
$sEmpty[] = "Requesting IPT";
}
function PicFileUpload($FileInfo)
{
$loc = rmabs(__FILE__ . ".PicFileUpload");
DenyGuest();
// Don't allow guests to do this.
$missing = "";
if (!isset($FileInfo["name"])) {
$missing .= '"name" ';
}
if (!isset($FileInfo["type"])) {
$missing .= '"type" ';
}
if (!isset($FileInfo["tmp_name"])) {
$missing .= '"tmp_name" ';
}
if (!isset($FileInfo["error"])) {
$missing .= '"error" ';
}
if (!isset($FileInfo["size"])) {
$missing .= '"size" ';
}
if (!empty($missing)) {
echo 'missing';
log_error($loc, array("Error on Pic Upload.", "Input Array missing elements:", $missing));
return false;
}
$name = $FileInfo["name"];
$type = $FileInfo["type"];
$tmpfile = $FileInfo["tmp_name"];
$errors = $FileInfo["error"];
$size = $FileInfo["size"];
if ($errors != 0) {
echo 'error not zero';
log_error($loc, array("Error on Pic Upload." . "Error Not Zero."));
return false;
}
if ($size <= 0) {
echo 'size';
log_error($loc, "Error on Pic Upload. Size is zero.");
return false;
}
if ($type != "image/jpeg") {
echo 'type';
log_error($loc, "Error on Pic Upload. Wrong Type, should be image/jpeg. Found: " . $type);
return false;
}
$picid = StorePicture($tmpfile, true);
return $picid;
}
function StoreEvent($fields)
{
DenyGuest();
// Don't allow Guests to do this...
$loc = 'readerlib.php=>StoreEvent';
$sql = 'INSERT INTO EventTimes (Name, StartTime, EndTime, Type, Purpose) ';
$sql .= 'VALUES (';
$sql .= ' "' . SqlClean($fields["Name"]) . '"';
$sql .= ', "' . SqlClean($fields["StartTime"]) . '"';
$sql .= ', "' . SqlClean($fields["EndTime"]) . '"';
$sql .= ', "' . SqlClean($fields["Type"]) . '"';
$sql .= ', "' . SqlClean($fields["Purpose"]) . '"';
$sql .= ')';
SqlQuery($loc, $sql);
}
function UpdateAssignementCount($wid)
{
$loc = rmabs(__FILE__ . "UpdateAssignementCount");
DenyGuest();
// Don't allow Guests to do this...
$workers = GetAssignedWorkers($wid);
$assgined = 0;
if (count($workers) > 0) {
$assgined = 1;
}
$sql = "UPDATE WorkOrders SET Assigned=" . $assgined . ' WHERE WID=' . $wid;
SqlQuery($loc, $sql);
}
function CreateNewUser($params)
{
global $config;
$loc = "userlib.php->CreateNewUser";
DenyGuest();
// Don't allow Guests to do this...
if (empty($params["LastName"])) {
return "Last name cannot be empty.";
}
if (empty($params["FirstName"])) {
return "First name cannot be empty.";
}
if (empty($params["UserName"])) {
return "Username cannot be empty.";
}
if (empty($params["PasswordHash"])) {
if (empty($params["Password"])) {
return "Password cannot be empty.";
}
}
$username = SqlClean($params["UserName"]);
$lastname = SqlClean($params["LastName"]);
$firstname = SqlClean($params["FirstName"]);
$nickname = "";
$title = "";
$email = "";
$tags = "";
$ipt = "";
$active = false;
if (isset($params["NickName"])) {
$nickname = SQLClean($params["NickName"]);
}
if (isset($params["Title"])) {
$title = SQLClean($params["Title"]);
}
if (isset($params["Email"])) {
$email = SQLClean($params["Email"]);
}
if (isset($params["Tags"])) {
$tags = SQLClean($params["Tags"]);
}
if (isset($params["IPT"])) {
$ipt = SqlClean($params["IPT"]);
}
if (isset($params["Active"])) {
$active = $params["Active"];
}
// Check for duplicate username.
$sql = 'SELECT UserID FROM Users WHERE UserName="******"';
$result = SqlQuery($loc, $sql);
if ($result->num_rows > 0) {
$msg = 'Unable to add new user. Duplicate username. (' . $username . ')';
log_msg($loc, $msg);
return $msg;
}
// Check for duplicate first/last name
$sql = 'SELECT UserID FROM Users WHERE LastName="' . $lastname . '" AND FirstName="' . $firstname . '"';
$result = SqlQuery($loc, $sql);
if ($result->num_rows > 0) {
$msg = 'Unable to add new user. Duplicate first/last name. (' . $lastname . ', ' . $firstname . ')';
log_msg($loc, $msg);
return $msg;
}
// Build the sql to add user.
$pwhash = "";
if (!empty($params["PasswordHash"])) {
$pwhash = $params["PasswordHash"];
} else {
$pwhash = crypt($params["Password"], $config["Salt"]);
}
$sql = 'INSERT INTO Users (UserName, PasswordHash, LastName, FirstName, NickName, ' . 'Title, Email, Tags, IPT, Active) ';
$sql .= ' VALUES(';
$sql .= ' "' . $username . '"';
$sql .= ', "' . $pwhash . '"';
$sql .= ', "' . $lastname . '"';
$sql .= ', "' . $firstname . '"';
$sql .= ', "' . $nickname . '"';
$sql .= ', "' . $title . '"';
$sql .= ', "' . $email . '"';
$sql .= ', "' . $tags . '"';
$sql .= ', "' . $ipt . '"';
$sql .= ', ' . TFstr($active);
$sql .= ')';
$result = SqlQuery($loc, $sql);
log_msg($loc, array("New User added! Username="******"Full name= " . $lastname . ', ' . $firstname, "tags=" . $tags . ", Active=" . TFstr($active)));
return true;
}
