if (! get_workorder_acl($todo["id"])) { audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser"); require ($general_error); exit; } $data["filename"] = safe_output($data["filename"]); $fileLocation = $config["homedir"]."/attachment/".$data["id_attachment"]."_".$data["filename"]; $last_name = $data["filename"]; break; case "kb": $data = get_db_row ("tattachment", "id_attachment", $id_attachment); if (! check_kb_item_accessibility($config["id_user"], $id_attachment)) { audit_db($config["id_user"],$config["REMOTE_ADDR"], "ACL Violation","Trying to access Downloads browser"); require ($general_error); exit; } $data["filename"] = safe_output($data["filename"]); $fileLocation = $config["homedir"]."/attachment/".$data["id_attachment"]."_".$data["filename"]; $last_name = $data["filename"]; break; case "company": $data = get_db_row ("tattachment", "id_attachment", $id_attachment); $read_permission = check_crm_acl ('company', 'cr', $config['id_user'], $data["id_company"]);
// Get incident data $incident = get_db_row_sql('SELECT titulo, descripcion, epilog FROM tincidencia WHERE id_incidencia = ' . $id_incident); if ($incident !== false) { $title = $incident['titulo']; $data = $incident['descripcion'] . "\n\n" . $incident['epilog']; } } } else { $id = get_parameter("update", -1); $row = get_db_row("tkb_data", "id", $id); $data = $row["data"]; $title = $row["title"]; $id_product = $row["id_product"]; $id_language = $row["id_language"]; $id_category = $row["id_category"]; if ($id != -1 && !check_kb_item_accessibility($id_user, $id)) { audit_db($id_user, $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item"); require "general/noaccess.php"; exit; } } echo "<h2>" . __('KB Data management') . "</h2>"; if ($id == -1) { echo "<h3>" . __('Create a new KB item') . "</a></h3>"; echo "<form id='form-kb_item' name=prodman method='post' action='index.php?sec=kb&sec2=operation/kb/manage_data&create2'>"; } else { echo "<h3>" . __('Update existing KB item') . "</a></h3>"; echo "<form id='form-kb_item' enctype='multipart/form-data' name=prodman2 method='post' action='index.php?sec=kb&sec2=operation/kb/manage_data&update2'>"; echo "<input id='id_kb_item' type=hidden name=id value='{$id}'>"; } echo '<table width="90%" class="databox">';
check_login(); if (!give_acl($config["id_user"], 0, "KR")) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access KB Browser"); require "general/noaccess.php"; exit; } // Review form if (!isset($_GET["view"])) { return; } $edit_perm = false; if (give_acl($config["id_user"], 0, "KW")) { $edit_perm = true; } $id = (int) get_parameter('view'); if ($id && !check_kb_item_accessibility($config["id_user"], $id)) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to access to KB forbidden item"); require "general/noaccess.php"; exit; } $kb_data = get_db_row("tkb_data", "id", $id); $data = $kb_data["data"]; $title = $kb_data["title"]; $timestamp = $kb_data["timestamp"]; $id_language = $kb_data["id_language"]; $product = ''; if ($kb_data["id_product"]) { $product = get_db_value('name', 'tkb_product', 'id', $kb_data['id_product']); } $category = ''; if ($kb_data["id_category"]) {