<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$do_report = dPgetParam($_POST, 'do_report', 0);
$log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0);
$log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0);
$log_all = (int) dPgetParam($_POST['log_all'], 0);
$group_by_unit = dPgetCleanParam($_POST['group_by_unit'], 'day');
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate();
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
if (!$log_start_date) {
$start_date->subtractSpan(new Date_Span('14,0,0,0'));
}
$end_date->setTime(23, 59, 59);
?>
<script language="javascript">
var calendarField = '';
function popCalendar(field) {
calendarField = field;
idate = eval('document.editFrm.log_' + field + '.value');
window.open('index.php?m=public&a=calendar&dialog=1&callback=setCalendar&date=' + idate, 'calwin', 'width=250, height=220, scrollbars=no, status=no');
}
/**
* @param string Input date in the format YYYYMMDD
* @param string Formatted date
$sort = dPgetCleanParam($_REQUEST, 'sort', 'asc');
$forum_id = (int) dPgetParam($_REQUEST, 'forum_id', 0);
$message_id = (int) dPgetParam($_REQUEST, 'message_id', 0);
if (!getPermission('forums', 'view', $message_id)) {
$AppUI->redirect("m=public&a=access_denied");
}
$q = new DBQuery();
$q->addTable('forums');
$q->addTable('forum_messages', 'msg');
$q->addQuery('msg.*, contact_first_name, contact_last_name, contact_email, user_username,
forum_moderated, visit_user');
$q->addJoin('forum_visits', 'v', "visit_user = {$AppUI->user_id} AND visit_forum = {$forum_id} AND visit_message = msg.message_id");
$q->addJoin('users', 'u', 'message_author = u.user_id');
$q->addJoin('contacts', 'con', 'contact_id = user_contact');
$q->addWhere("forum_id = message_forum AND (message_id = {$message_id} OR message_parent = {$message_id})");
if (dPgetConfig('forum_descendent_order') || dPgetCleanParam($_REQUEST, 'sort', 0)) {
$q->addOrder("message_date {$sort}");
}
$messages = $q->loadList();
$x = false;
$date = new CDate();
$pdfdata = array();
$pdfhead = array('Date', 'User', 'Message');
$new_messages = array();
foreach ($messages as $row) {
// Find the parent message - the topic.
if ($row['message_id'] == $message_id) {
$topic = $row['message_title'];
}
$q = new DBQuery();
$q->addTable('forum_messages');
if ($canAuthor) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new ticket') . '">', '', '<form name="ticketform" action="?m=ticketsmith&a=post_ticket" method="post">', '</form>');
}
$titleBlock->show();
require DP_BASE_DIR . '/modules/ticketsmith/config.inc.php';
require DP_BASE_DIR . '/modules/ticketsmith/common.inc.php';
$column = $CONFIG["order_by"];
$direction = $CONFIG["message_order"];
$offset = 0;
$limit = $CONFIG["view_rows"];
$dbprefix = dPgetConfig('dbprefix', '');
$type = dPgetCleanParam($_GET, 'type', '');
$column = dPgetCleanParam($_GET, 'column', $column);
$direction = dPgetCleanParam($_GET, 'direction', $direction);
$offset = dPgetCleanParam($_GET, 'offset', $offset);
$action = dPgetCleanParam($_REQUEST, 'action', null);
if ($type == '') {
if ($AppUI->getState("ticket_type")) {
$type = $AppUI->getState("ticket_type");
} else {
$type = "Open";
}
} else {
$AppUI->setState("ticket_type", $type);
}
/* expunge deleted tickets */
if (@$action == "expunge") {
$deleted_parents = column2array("SELECT ticket FROM {$dbprefix}tickets WHERE type = 'Deleted'");
for ($loop = 0; $loop < count($deleted_parents); $loop++) {
do_query("DELETE FROM " . $dbprefix . "tickets WHERE ticket = '{$deleted_parents[$loop]}'");
do_query("DELETE FROM " . $dbprefix . "tickets WHERE parent = '{$deleted_parents[$loop]}'");
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not call this file directly.');
}
require_once $AppUI->getSystemClass('ui');
require_once $AppUI->getSystemClass('date');
$df = $AppUI->getPref('SHDATEFORMAT');
$date = dPgetCleanParam($_GET, 'date');
$field = dPgetCleanParam($_GET, 'field');
$this_day = new CDate($date);
$formatted_date = $this_day->format($df);
?>
<script language="JavaScript" type="text/javascript">
<!--
window.parent.document.<?php
echo $field;
?>
.value = '<?php
echo $formatted_date;
?>
';
//-->
</script>
<?php
/* PUBLIC $Id: chpwd.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
if (!($user_id = (int) dPgetParam($_REQUEST, 'user_id', 0))) {
$user_id = @$AppUI->user_id;
}
// check for a non-zero user id
if ($user_id) {
$old_pwd = db_escape(trim(dPgetCleanParam($_POST, 'old_pwd', null)));
$new_pwd1 = db_escape(trim(dPgetCleanParam($_POST, 'new_pwd1', null)));
$new_pwd2 = db_escape(trim(dPgetCleanParam($_POST, 'new_pwd2', null)));
// has the change form been posted
if ($new_pwd1 && $new_pwd2 && $new_pwd1 == $new_pwd2) {
// check that the old password matches
$old_md5 = md5($old_pwd);
$q = new DBQuery();
$q->addQuery('user_id');
$q->addTable('users');
$q->addWhere("user_password='******' AND user_id={$user_id}");
if ($AppUI->user_type == 1 || $q->loadResult() == $user_id) {
require_once $AppUI->getModuleClass('admin');
$user = new CUser();
$user->user_id = $user_id;
$user->user_password = $new_pwd1;
if ($msg = $user->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
echo $AppUI->_('chgpwUpdated');
}
if (isset($locale_char_set)) {
header('Content-type: text/html;charset=' . $locale_char_set);
}
require DP_BASE_DIR . '/style/' . $uistyle . '/login.php';
session_unset();
session_destroy();
exit;
}
}
$AppUI =& $_SESSION['AppUI'];
require_once DP_BASE_DIR . '/includes/permissions.php';
//require_once (DP_BASE_DIR . '/classes/kses.class.php'); // Required before main_functions
if (isset($_GET['m'])) {
// set the module from the url
$m = $AppUI->checkFileName(dPgetCleanParam($_GET, 'm', getReadableModule()));
}
$perms =& $AppUI->acl();
$canRead = $perms->checkModule('files', 'view');
if (!$canRead) {
$AppUI->redirect('m=public&a=access_denied');
}
$file_id = isset($_GET['file_id']) ? (int) $_GET['file_id'] : 0;
if ($file_id) {
// projects tat are denied access
require_once $AppUI->getModuleClass('projects');
require_once $AppUI->getModuleClass('files');
$project = new CProject();
$allowedProjects = $project->getAllowedRecords($AppUI->user_id, 'project_id, project_name');
$fileclass = new CFile();
$fileclass->load($file_id);
<?php
//$Id: do_task_assign_aed.php 6149 2012-01-09 11:58:40Z ajdonnison $
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$del = isset($_POST['del']) ? $_POST['del'] : 0;
$rm = isset($_POST['rm']) ? $_POST['rm'] : 0;
$hassign = @$_POST['hassign'];
$htasks = @$_POST['htasks'];
$store = (int) dPgetParam($_POST, 'store', 0);
$chUTP = (int) dPgetParam($_POST, 'chUTP', 0);
$percentage_assignment = dPgetCleanParam($_POST, 'percentage_assignment');
$user_task_priority = dPgetCleanParam($_POST, 'user_task_priority');
$user_id = @$_POST['user_id'];
// prepare the percentage of assignment per user as required by CTask::updateAssigned()
$hperc_assign_ar = array();
if (isset($hassign)) {
$tarr = explode(',', $hassign);
foreach ($tarr as $uid) {
if (intval($uid) > 0) {
$hperc_assign_ar[$uid] = $percentage_assignment;
}
}
}
// prepare a list of tasks to process
$htasks_ar = array();
if (isset($htasks)) {
$tarr = explode(',', $htasks);
foreach ($tarr as $tid) {
if (intval($tid) > 0) {
<?php
/* SYSTEM $Id: translate_save.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
/**
* Processes the entries in the translation form.
* @version $Revision: 6149 $
* @author Andrew Eddie <users.sourceforge.net>
*/
if (!defined('DP_BASE_DIR')) {
die('You should not call this file directly.');
}
$module = dPgetCleanParam($_POST, 'module', 0);
$lang = dPgetCleanParam($_POST, 'lang', $AppUI->user_locale);
$trans = dPgetCleanParam($_POST, 'trans', 0);
//echo '<pre>';print_r($trans);echo '</pre>';die;
// save to core locales if a translation exists there, otherwise save
// into the module's local locale area if it exists. If not then
// the core table is updated.
$core_filename = DP_BASE_DIR . '/locales/' . $lang . '/' . $module . '.inc';
if (file_exists($core_filename)) {
$filename = $core_filename;
} else {
$mod_locale = DP_BASE_DIR . '/modules/' . $module . '/locales';
if (is_dir($mod_locale)) {
$filename = DP_BASE_DIR . '/modules/' . $module . '/locales/' . $lang . '.inc';
} else {
$filename = $core_filename;
}
}
$fp = fopen($filename, 'wt');
if (!$fp) {
$filter = "dept_company = " . $_GET["company_id"];
$additional_get_information = "company_id=" . $_GET["company_id"];
break;
}
$q = new DBQuery();
$q->addTable($table_name);
$q->addQuery("{$id_field}, {$name_field}");
if ($filter != null) {
$q->addWhere($filter);
}
$q->addOrder($name_field);
$company_list = array("0" => "") + $q->loadHashList();
?>
<?php
if (dPgetCleanParam($_POST, $id_field, 0) != 0) {
$q = new DBQuery();
$q->addTable($table_name);
$q->addQuery('*');
$q->addWhere("{$id_field}=" . $_POST[$id_field]);
$sql = $q->prepare();
$q->clear();
db_loadHash($sql, $r_data);
$data_update_script = "";
$update_address = isset($_POST["overwrite_address"]);
if ($table_name == "companies") {
$update_fields = array();
if ($update_address) {
$update_fields = array("company_address1" => "contact_address1", "company_address2" => "contact_address2", "company_city" => "contact_city", "company_state" => "contact_state", "company_zip" => "contact_zip", "company_phone1" => "contact_phone", "company_phone2" => "contact_phone2", "company_fax" => "contact_fax");
}
$data_update_script = "opener.setCompany('" . $_POST[$id_field] . "', '" . db_escape($r_data[$name_field]) . "');\n";
}
if ($user_id && $m_orig == 'admin' && $a_orig == 'viewuser') {
$q->addWhere('project_owner = ' . $user_id);
}
if ($showInactive != '1') {
$q->addWhere('project_status != 7');
}
$pjobj->setAllowedSQL($AppUI->user_id, $q, null, 'p');
$q->addGroup('p.project_id');
$q->addOrder('project_name, task_end_date DESC');
$projects = $q->loadList();
$q->clear();
// Don't push the width higher than about 1200 pixels, otherwise it may not display.
$width = min((int) dPgetParam($_GET, 'width', 600), 1400);
$start_date = dPgetCleanParam($_GET, 'start_date', 0);
$end_date = dPgetCleanParam($_GET, 'end_date', 0);
$showAllGantt = (int) dPgetParam($_REQUEST, 'showAllGantt', '0');
//$showTaskGantt = dPgetParam($_GET, 'showTaskGantt', '0');
$graph = new GanttGraph($width);
$graph->ShowHeaders(GANTT_HYEAR | GANTT_HMONTH | GANTT_HDAY | GANTT_HWEEK);
$graph->SetFrame(false);
$graph->SetBox(true, array(0, 0, 0), 2);
$graph->scale->week->SetStyle(WEEKSTYLE_FIRSTDAY);
$pLocale = setlocale(LC_TIME, 0);
// get current locale for LC_TIME
$res = @setlocale(LC_TIME, $AppUI->user_lang[0]);
if ($res) {
// Setting locale doesn't fail
$graph->scale->SetDateLocale($AppUI->user_lang[0]);
}
setlocale(LC_TIME, $pLocale);
}
$AppUI->savePlace();
dPsetMicroTime();
require_once $AppUI->getModuleClass('companies');
require_once $AppUI->getModuleClass('tasks');
// retrieve any state parameters
if (isset($_REQUEST['company_id'])) {
$AppUI->setState('CalIdxCompany', intval($_REQUEST['company_id']));
}
$company_id = $AppUI->getState('CalIdxCompany', 0);
// Using simplified set/get semantics. Doesn't need as much code in the module.
$event_filter = $AppUI->checkPrefState('CalIdxFilter', @$_REQUEST['event_filter'], 'EVENTFILTER', 'my');
// get the passed timestamp (today if none)
$ctoday = new CDate();
$today = $ctoday->format(FMT_TIMESTAMP_DATE);
$date = dPgetCleanParam($_GET, 'date', $today);
// get the list of visible companies
$company = new CCompany();
$companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => $AppUI->_('All')), $companies);
#echo '<pre>';print_r($events);echo '</pre>';
// setup the title block
$titleBlock = new CTitleBlock('Monthly Calendar', 'myevo-appointments.png', $m, "{$m}.{$a}");
$titleBlock->addCell($AppUI->_('Company') . ':');
$titleBlock->addCell(arraySelect($companies, 'company_id', 'onchange="javascript:document.pickCompany.submit()" class="text"', $company_id), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickCompany">', '</form>');
$titleBlock->addCell($AppUI->_('Event Filter') . ':');
$titleBlock->addCell(arraySelect($event_filter_list, 'event_filter', 'onchange="javascript:document.pickFilter.submit()" class="text"', $event_filter, true), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickFilter">', '</form>');
$titleBlock->show();
?>
<script language="javascript" type="text/javascript">
if ($obj->project_start_date) {
$date = new CDate($obj->project_start_date);
$obj->project_start_date = $date->format(FMT_DATETIME_MYSQL);
}
if ($obj->project_end_date) {
$date = new CDate($obj->project_end_date);
$date->setTime(23, 59, 59);
$obj->project_end_date = $date->format(FMT_DATETIME_MYSQL);
}
if ($obj->project_actual_end_date) {
$date = new CDate($obj->project_actual_end_date);
$obj->project_actual_end_date = $date->format(FMT_DATETIME_MYSQL);
}
// let's check if there are some assigned departments to project
if (!dPgetParam($_POST, "project_departments", 0)) {
$obj->project_departments = implode(",", dPgetCleanParam($_POST, "dept_ids", array()));
}
$del = (int) dPgetParam($_POST, 'del', 0);
// prepare (and translate) the module name ready for the suffix
if ($del) {
$project_id = (int) dPgetParam($_POST, 'project_id', 0);
$canDelete = $obj->canDelete($msg, $project_id);
if (!$canDelete) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
}
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
} else {
$AppUI->setMsg("Project deleted", UI_MSG_ALERT);
if (getPermission('admin', 'view')) {
$titleBlock->addCell();
$titleBlock->addCell($AppUI->_('User') . ':');
$perms =& $AppUI->acl();
$user_list = $perms->getPermittedUsers('tasks');
$titleBlock->addCell(arraySelect($user_list, 'user_id', 'size="1" class="text"' . ' onchange="javascript:document.userIdForm.submit();"', $user_id, false), '', '<form action="?m=tasks" method="post" name="userIdForm">', '</form>');
}
$titleBlock->addCell();
$titleBlock->addCell($AppUI->_('Company') . ':');
$titleBlock->addCell(arraySelect($filters2, 'f2', 'size=1 class=text onchange="javascript:document.companyFilter.submit();"', $f2, false), '', '<form action="?m=tasks" method="post" name="companyFilter">', '</form>');
$titleBlock->addCell();
if ($canEdit && $project_id) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new task') . '" />', '', '<form action="?m=tasks&a=addedit&task_project=' . $project_id . '" method="post">', '</form>');
}
$titleBlock->show();
if (dPgetCleanParam($_GET, 'inactive', '') == 'toggle') {
$AppUI->setState('inactive', $AppUI->getState('inactive') == -1 ? 0 : -1);
}
$in = $AppUI->getState('inactive') == -1 ? '' : 'in';
// use a new title block (a new row) to prevent from oversized sites
$titleBlock = new CTitleBlock('', 'shim.gif');
$titleBlock->showhelp = false;
$titleBlock->addCell(' ' . $AppUI->_('Task Filter') . ':');
$titleBlock->addCell(arraySelect($filters, 'f', 'size=1 class=text onchange="javascript:document.taskFilter.submit();"', $f, true), '', '<form action="?m=tasks" method="post" name="taskFilter">', '</form>');
$titleBlock->addCell();
$titleBlock->addCrumb('?m=tasks&a=todo&user_id=' . $user_id, 'my todo');
if ((int) dPgetParam($_GET, 'pinned') == 1) {
$titleBlock->addCrumb('?m=tasks', 'all tasks');
} else {
$titleBlock->addCrumb('?m=tasks&pinned=1', 'my pinned tasks');
}
die('You should not access this file directly.');
}
function selPermWhere($obj, $idfld, $namefield, $prefix = '')
{
global $AppUI;
$allowed = $obj->getAllowedRecords($AppUI->user_id, "{$idfld}, {$namefield}");
if (count($allowed)) {
$prfx = $prefix ? "{$prefix}." : "";
return " {$prfx}{$idfld} IN (" . implode(",", array_keys($allowed)) . ") ";
} else {
return null;
}
}
$debug = false;
$callback = dPgetCleanParam($_GET, 'callback', 0);
$table = dPgetCleanParam($_GET, 'table', 0);
$user_id = (int) dPgetParam($_GET, 'user_id', 0);
$ok = $callback & $table;
$title = "Generic Selector";
$modclass = $AppUI->getModuleClass($table);
if ($modclass && file_exists($modclass)) {
require_once $modclass;
}
$q = new DBQuery();
$q->addTable($table, 'a');
$query_result = false;
switch ($table) {
case 'companies':
$obj = new CCompany();
$title = 'Company';
$q->addQuery('company_id, company_name');
$m = $dPconfig['default_view_m'];
$def_a = !empty($dPconfig['default_view_a']) ? $dPconfig['default_view_a'] : $def_a;
$tab = $dPconfig['default_view_tab'];
} else {
// set the module from the url
$m = $AppUI->checkFileName(dPgetCleanParam($_GET, 'm', getReadableModule()));
}
// set the action from the url
$a = $AppUI->checkFileName(dPgetCleanParam($_GET, 'a', $def_a));
/* This check for $u implies that a file located in a subdirectory of higher depth than 1
* in relation to the module base can't be executed. So it would'nt be possible to
* run for example the file module/directory1/directory2/file.php
* Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are
* not allowed in the request parameters.
*/
$u = $AppUI->checkFileName(dPgetCleanParam($_GET, 'u', ''));
// load module based locale settings
@(include_once DP_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php');
@(include_once DP_BASE_DIR . '/locales/core.php');
setlocale(LC_TIME, $AppUI->user_lang);
$m_config = dPgetConfig($m);
@(include_once DP_BASE_DIR . '/functions/' . $m . '_func.php');
// TODO: canRead/Edit assignements should be moved into each file
// check overall module permissions
// these can be further modified by the included action files
$perms =& $AppUI->acl();
$canAccess = $perms->checkModule($m, 'access');
$canRead = $perms->checkModule($m, 'view');
$canEdit = $perms->checkModule($m, 'edit');
$canAuthor = $perms->checkModule($m, 'add');
$canDelete = $perms->checkModule($m, 'delete');
<?php
/* PUBLIC $Id: color_selector.php 6182 2012-11-02 09:17:02Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$callback = dPgetCleanParam($_GET, 'callback', '');
?>
<script language="javascript">
function setClose(color) {
window.opener.<?php
echo $callback;
?>
(color);
window.close();
}
</script>
<?php
$colors = dPgetSysVal('ProjectColors');
if ($dPconfig['restrict_color_selection']) {
?>
<table border="0" cellpadding="1" cellspacing="2" width="292" align="center">
<tr>
<td valign="top" colspan="2">
<strong><?php
echo $AppUI->_('Color Selector');
?>
</strong>
</td>
</tr>
<?php
$title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}";
$fields = array("headings" => array("From", "To", "Subject", "Date", "Cc", "<br />"), "columns" => array("author", "recipient", "subject", "timestamp", "cc", "body"), "types" => array("email", "original_author", "normal", "elapsed_date", "email", "body"));
} else {
if ($ticket_type == "Staff Comment") {
$title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}";
$fields = array("headings" => array("From", "Date", "<br />"), "columns" => array("author", "timestamp", "body"), "types" => array("email", "elapsed_date", "body"));
} else {
$title = $AppUI->_('Ticket') . " #{$ticket}";
$fields = array('headings' => array('From', 'Subject', 'Date', 'Cc', 'Status', 'Priority', 'Owner', 'Company', 'Project', '<br />'), 'columns' => array('author', 'subject', 'timestamp', 'cc', 'type', 'priority', 'assignment', 'ticket_company', 'ticket_project', 'body'), 'types' => array('email', 'normal', 'elapsed_date', 'email', 'status', 'priority_select', 'assignment', 'ticket_company', 'ticket_project', 'body'));
}
}
/* perform updates */
$orig_assignment = dPgetCleanParam($_POST, 'orig_assignment', '');
$author = dPgetCleanParam($_POST, 'author', '');
$priority = dPgetCleanParam($_POST, 'priority', '');
$subject = dPgetCleanParam($_POST, 'subject', '');
if (@$type_toggle || @$priority_toggle || @$assignment_toggle) {
do_query("UPDATE {$dbprefix}tickets SET type = '{$type_toggle}', priority = '{$priority_toggle}', assignment = '{$assignment_toggle}' WHERE ticket = '{$ticket}'");
//Emailing notifications.
$change = ' ';
if ($type_toggle) {
$change .= $AppUI->_('Status changed') . ' ';
}
if ($priority_toggle) {
$change .= $AppUI->_('Priority changed') . ' ';
}
if ($assignment_toggle) {
$change .= $AppUI->_('Assignment changed') . ' ';
}
$boundary = "_lkqwkASDHASK89271893712893";
$message = "--{$boundary}\n";
<?php
/* CALENDAR $Id: addedit.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$event_id = intval(dPgetParam($_GET, 'event_id', 0));
$is_clash = isset($_SESSION['event_is_clash']) ? $_SESSION['event_is_clash'] : false;
// check permissions
$canAuthor = getPermission('events', 'add', $event_id);
$canEdit = getPermission('events', 'edit', $event_id);
if (!($canEdit && $event_id || $canAuthor && !$event_id)) {
$AppUI->redirect('m=public&a=access_denied');
}
// get the passed timestamp (today if none)
$date = dPgetCleanParam($_GET, 'date', null);
// load the record data
$obj = new CEvent();
if ($is_clash) {
$obj->bind($_SESSION['add_event_post']);
} else {
if (!$obj->load($event_id) && $event_id) {
$AppUI->setMsg('Event');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect();
}
}
// load the event types
$types = dPgetSysVal('EventType');
// Load the users
$perms =& $AppUI->acl();
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
if (!$AppUI->acl()->checkModule($m, 'edit')) {
$AppUI->redirect('m=public&a=access_denied');
}
$user_id = (int) dPgetParam($_POST, 'user');
$projects = dPgetCleanParam($_POST, 'project');
$from_user = (int) dPgetParam($_POST, 'from_user');
if (count($projects) > 1) {
$project_where = 'IN (';
$first = true;
foreach ($projects as $prj) {
if ($first) {
$first = false;
} else {
$project_where .= ',';
}
$project_where .= (int) $prj;
}
$project_where .= ')';
} else {
$project_where = '= ' . (int) $projects[0];
}
// Need to figure out which items to update. Easiest to do this
// as separate queries.
// Projects:
$q = new DBQuery();
$q->addUpdate('project_owner', $user_id);
$tasks_opened[] = $_GET['open_task_id'];
}
// Closing tasks needs also to be within tasks iteration in order to
// close down all child tasks
if (($close_task_id = dPGetParam($_GET, 'close_task_id', 0)) > 0) {
closeOpenedTask($close_task_id);
}
// We need to save tasks_opened until the end because some tasks are closed within tasks iteration
/// End of tasks_opened routine
$durnTypes = dPgetSysVal('TaskDurationType');
$taskPriority = dPgetSysVal('TaskPriority');
$task_project = $project_id;
$task_sort_item1 = dPgetCleanParam($_GET, 'task_sort_item1', '');
$task_sort_type1 = dPgetCleanParam($_GET, 'task_sort_type1', '');
$task_sort_item2 = dPgetCleanParam($_GET, 'task_sort_item2', '');
$task_sort_type2 = dPgetCleanParam($_GET, 'task_sort_type2', '');
$task_sort_order1 = intval(dPgetParam($_GET, 'task_sort_order1', 0));
$task_sort_order2 = intval(dPgetParam($_GET, 'task_sort_order2', 0));
if (isset($_POST['show_task_options'])) {
$AppUI->setState('TaskListShowIncomplete', (int) dPgetParam($_POST, 'show_incomplete', 0));
}
$showIncomplete = $AppUI->getState('TaskListShowIncomplete', 0);
$project =& new CProject();
// $allowedProjects = $project->getAllowedRecords($AppUI->user_id, 'project_id, project_name');
$allowedProjects = $project->getAllowedSQL($AppUI->user_id);
$working_hours = $dPconfig['daily_working_hours'] ? $dPconfig['daily_working_hours'] : 8;
$q->addQuery('project_id, project_color_identifier, project_name');
$q->addQuery('SUM(task_duration * task_percent_complete * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) / SUM(task_duration * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) AS project_percent_complete');
$q->addQuery('company_name');
$q->addTable('projects', 'pr');
$q->leftJoin('tasks', 't1', 'pr.project_id = t1.task_project');
$AppUI->redirect("m=public&a=access_denied");
}
// setup the title block
$titleBlock = new CTitleBlock('Trouble Ticket Management', 'gconf-app-icon.png', $m, "{$m}.{$a}");
if ($canAuthor) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new ticket') . '">', '', '<form name="ticketform" action="?m=ticketsmith&a=post_ticket" method="post">', '</form>');
}
$titleBlock->show();
require DP_BASE_DIR . '/modules/ticketsmith/config.inc.php';
require DP_BASE_DIR . '/modules/ticketsmith/common.inc.php';
$column = $CONFIG["order_by"];
$direction = $CONFIG["message_order"];
$offset = 0;
$limit = $CONFIG["view_rows"];
$dbprefix = dPgetConfig('dbprefix', '');
$type = dPgetCleanParam($_GET, 'type', '');
$column = dPgetParam($_GET, 'column', $column);
$direction = dPgetParam($_GET, 'direction', $direction);
$offset = dPgetParam($_GET, 'offset', $offset);
$action = dPgetParam($_REQUEST, 'action', null);
if ($type == '') {
if ($AppUI->getState("ticket_type")) {
$type = $AppUI->getState("ticket_type");
} else {
$type = "Open";
}
} else {
$AppUI->setState("ticket_type", $type);
}
/* expunge deleted tickets */
if (@$action == "expunge") {
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
/**
* Generates a report of the task logs for given dates
*/
if (!getPermission('task_log', 'view')) {
redirect('m=public&a=access_denied');
}
$do_report = dPgetParam($_GET, "do_report", '');
$log_all = (int) dPgetParam($_GET, 'log_all', 0);
$log_pdf = (int) dPgetParam($_GET, 'log_pdf', 0);
$log_ignore = (int) dPgetParam($_GET, 'log_ignore', 0);
$log_userfilter = (int) dPgetParam($_GET, 'log_userfilter', '0');
$log_start_date = dPgetCleanParam($_GET, "log_start_date", 0);
$log_end_date = dPgetCleanParam($_GET, "log_end_date", 0);
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate();
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
if (!$log_start_date) {
$start_date->subtractSpan(new Date_Span("14,0,0,0"));
}
$end_date->setTime(23, 59, 59);
?>
<script language="javascript">
var calendarField = '';
function popCalendar(field) {
calendarField = field;
idate = eval('document.editFrm.log_' + field + '.value');
window.open('index.php?m=public&a=calendar&dialog=1&callback=setCalendar&date=' + idate, 'calwin', 'width=250, height=220, scrollbars=no, status=no');
function notifyOwner()
{
$q = new DBQuery();
global $AppUI, $locale_char_set;
$q->addTable('projects');
$q->addQuery('project_name');
$q->addWhere('project_id=' . $this->task_project);
$sql = $q->prepare();
$q->clear();
$projname = htmlspecialchars_decode(db_loadResult($sql));
$mail = new Mail();
$mail->Subject($projname . '::' . $this->task_name . ' ' . $AppUI->_($this->_action, UI_OUTPUT_RAW), $locale_char_set);
// c = creator
// a = assignee
// o = owner
$q->addTable('tasks', 't');
$q->leftJoin('user_tasks', 'u', 'u.task_id = t.task_id');
$q->leftJoin('users', 'o', 'o.user_id = t.task_owner');
$q->leftJoin('contacts', 'oc', 'oc.contact_id = o.user_contact');
$q->leftJoin('users', 'c', 'c.user_id = t.task_creator');
$q->leftJoin('contacts', 'cc', 'cc.contact_id = c.user_contact');
$q->leftJoin('users', 'a', 'a.user_id = u.user_id');
$q->leftJoin('contacts', 'ac', 'ac.contact_id = a.user_contact');
$q->addQuery('t.task_id, cc.contact_email as creator_email' . ', cc.contact_first_name as creator_first_name' . ', cc.contact_last_name as creator_last_name' . ', oc.contact_email as owner_email' . ', oc.contact_first_name as owner_first_name' . ', oc.contact_last_name as owner_last_name' . ', a.user_id as assignee_id, ac.contact_email as assignee_email' . ', ac.contact_first_name as assignee_first_name' . ', ac.contact_last_name as assignee_last_name');
$q->addWhere(' t.task_id = ' . $this->task_id);
$sql = $q->prepare();
$q->clear();
$users = db_loadList($sql);
if (count($users)) {
$body = $AppUI->_('Project', UI_OUTPUT_RAW) . ': ' . $projname . "\n" . $AppUI->_('Task', UI_OUTPUT_RAW) . ': ' . $this->task_name . "\n" . $AppUI->_('URL', UI_OUTPUT_RAW) . ': ' . DP_BASE_URL . '/index.php?m=tasks&a=view&task_id=' . $this->task_id . "\n\n" . $AppUI->_('Description', UI_OUTPUT_RAW) . ': ' . "\n" . $this->task_description . "\n\n" . $AppUI->_('Creator', UI_OUTPUT_RAW) . ': ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . "\n\n" . $AppUI->_('Progress', UI_OUTPUT_RAW) . ': ' . $this->task_percent_complete . '%' . "\n\n" . dPgetCleanParam($_POST, 'task_log_description');
$mail->Body($body, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : '');
$mail->From('"' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . '" <' . $AppUI->user_email . '>');
}
if ($mail->ValidEmail($users[0]['owner_email'])) {
$mail->To($users[0]['owner_email'], true);
$mail->Send();
}
return '';
}
// Let's update project status!
if (isset($_GET['update_project_status']) && isset($_GET['project_status']) && isset($_GET['project_id'])) {
$projects_id = $_GET['project_id'];
// This must be an array
foreach ($projects_id as $project_id) {
$q->addTable('projects');
$q->addUpdate('project_status', $_GET['project_status']);
$q->addWhere('project_id = ' . $project_id);
$q->exec();
$q->clear();
}
}
// End of project status update
// retrieve any state parameters
if (isset($_GET['tab'])) {
$AppUI->setState('ProjIdxTab', intval(dPgetCleanParam($_GET, 'tab')));
}
$std_tab = 500;
if (is_array(dPgetSysVal('StandardProjectTab')) && count(dPgetSysVal('StandardProjectTab') > 0)) {
$std_tab_value = array_values(dPgetSysVal('StandardProjectTab'));
$std_tab = $std_tab_value[0];
}
$tab = $AppUI->getState('ProjIdxTab') !== NULL ? $AppUI->getState('ProjIdxTab') : $std_tab;
$currentTabId = $tab;
$active = intval(!$AppUI->getState('ProjIdxTab'));
if (isset($_POST['company_id'])) {
$AppUI->setState('ProjIdxCompany', intval($_POST['company_id']));
}
$company_id = $AppUI->getState('ProjIdxCompany') !== NULL ? $AppUI->getState('ProjIdxCompany') : $AppUI->user_company;
$company_prefix = 'company_';
if (isset($_POST['department'])) {
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$show_all = (int) dPgetParam($_REQUEST, 'show_all', 0);
$company_id = (int) dPgetParam($_REQUEST, 'company_id', 0);
$contact_id = (int) dPgetParam($_POST, 'contact_id', 0);
$call_back = dPgetCleanParam($_GET, 'call_back', null);
$contacts_submited = (int) dPgetParam($_POST, 'contacts_submited', 0);
$selected_contacts_id = dPgetCleanParam($_GET, 'selected_contacts_id', '');
if (dPgetParam($_POST, 'selected_contacts_id')) {
$selected_contacts_id = dPgetCleanParam($_POST, 'selected_contacts_id');
}
?>
<script language="javascript">
function setContactIDs (method,querystring)
{
var URL = 'index.php?m=public&a=contact_selector';
var field = document.getElementsByName('contact_id[]');
var selected_contacts_id = document.frmContactSelect.selected_contacts_id;
var currentIDstring = selected_contacts_id.value.toString();
var currentIDs = currentIDstring.split(',');
var addkeepIDs = new Array();
var dropIDs = new Array();
var resultIDs = new Array();
var i = 0;
var j = 0;
var flag = 0;
$showPinned = $AppUI->getState('TaskDayShowPin', 0);
} else {
$showPinned = (int) dPgetParam($_POST, 'showPinned', '0');
$showPinned = $showPinned != '0' ? '1' : $showPinned;
$showArcProjs = (int) dPgetParam($_POST, 'showArcProjs', '0');
$showArcProjs = $showArcProjs != '0' ? '1' : $showArcProjs;
$showHoldProjs = (int) dPgetParam($_POST, 'showHoldProjs', '0');
$showHoldProjs = $showHoldProjs != '0' ? '1' : $showHoldProjs;
$showDynTasks = (int) dPgetParam($_POST, 'showDynTasks', '0');
$showDynTasks = $showDynTasks != '0' ? '1' : $showDynTasks;
$showLowTasks = (int) dPgetParam($_POST, 'showLowTasks', '0');
$showLowTasks = $showLowTasks != '0' ? '1' : $showLowTasks;
}
// months to scroll
$scroll_date = 1;
$display_option = dPgetCleanParam($_POST, 'display_option', 'this_month');
// format dates
$df = $AppUI->getPref('SHDATEFORMAT');
if ($display_option == 'custom') {
// custom dates
$start_date = intval($sdate) ? new CDate($sdate) : new CDate();
$end_date = intval($edate) ? new CDate($edate) : new CDate();
} else {
// month
$start_date = new CDate();
$start_date->day = 1;
$end_date = new CDate($start_date);
$end_date->addMonths($scroll_date);
}
// setup the title block
if (!@$min_view) {
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
$do_report = (bool) dPgetParam($_POST, 'do_report', true);
$log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0);
$log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0);
$log_all = (bool) dPgetParam($_POST, 'log_all', true);
$use_period = (int) dPgetParam($_POST, 'use_period', 0);
$show_orphaned = (int) dPgetParam($_POST, 'show_orphaned', 0);
$display_week_hours = (int) dPgetParam($_POST, 'display_week_hours', 0);
$max_levels = dPgetCleanParam($_POST, 'max_levels', '');
$log_userfilter = (int) dPgetParam($_POST, 'log_userfilter', 0);
$company_id = dPgetCleanParam($_POST, 'company_id', 'all');
$project_id = dPgetCleanParam($_POST, 'project_id', 'all');
require_once $AppUI->getModuleClass('projects');
require_once $AppUI->getModuleClass('tasks');
$proj = new CProject();
// filtering by companies
$projects = $proj->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name');
$projFilter = arrayMerge(array('all' => $AppUI->_('All Projects')), $projects);
$durnTypes = dPgetSysVal('TaskDurationType');
$taskPriority = dPgetSysVal('TaskPriority');
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate();
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
$now = new CDate();
if (!$log_start_date) {
$start_date->subtractSpan(new Date_Span('14,0,0,0'));
}
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$do_report = dPgetParam($_POST, 'do_report', 0);
$log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0);
$log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0);
$log_all = (int) dPgetParam($_POST['log_all'], 0);
$use_period = (int) dPgetParam($_POST, 'use_period', 0);
$display_week_hours = (int) dPgetParam($_POST, 'display_week_hours', 0);
$max_levels = dPgetCleanParam($_POST, 'max_levels', '');
$log_userfilter = dPgetCleanParam($_POST, 'log_userfilter', '');
$log_open = (int) dPgetParam($_POST, 'log_open', 0);
$pdf_output = (int) dPgetParam($_POST, 'pdf_output', 0);
$table_header = '';
$table_rows = '';
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate();
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
if (!$log_start_date) {
$start_date->subtractSpan(new Date_Span('14,0,0,0'));
}
$end_date->setTime(23, 59, 59);
?>
<script language="javascript">
var calendarField = '';
function popCalendar(field) {
calendarField = field;
// check if session has previously been initialised
// if no ask for logging and do redirect
if (!isset($_SESSION['AppUI']) || isset($_GET['logout'])) {
$_SESSION['AppUI'] = new CAppUI();
$AppUI =& $_SESSION['AppUI'];
$AppUI->checkStyle();
require_once $AppUI->getSystemClass('dp');
require_once DP_BASE_DIR . '/misc/debug.php';
if ($AppUI->doLogin()) {
$AppUI->loadPrefs(0);
}
// check if the user is trying to log in
if (isset($_REQUEST['login'])) {
$username = dPgetCleanParam($_POST, 'username', '');
$password = dPgetCleanParam($_POST, 'password', '');
$redirect = dPgetCleanParam($_REQUEST, 'redirect', '');
$ok = $AppUI->login($username, $password);
if (!$ok) {
//display login failed message
$uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $dPconfig['host_style'];
$AppUI->setMsg('Login Failed');
require DP_BASE_DIR . '/style/' . $uistyle . '/login.php';
session_unset();
exit;
}
header('Location: fileviewer.php?' . $redirect);
exit;
}
$uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $dPconfig['host_style'];
// check if we are logged in
if ($AppUI->doLogin()) {
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$del = dPgetParam($_POST, 'del');
$edit = dPgetCleanParam($_POST, 'edit');
$obj = new bcode();
$obj->_billingcode_id = (int) dPgetParam($_POST, 'billingcode_id', 0);
$company_id = (int) dPgetParam($_REQUEST, 'company_id', 0);
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('Billing Codes');
if ($del) {
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$AppUI->setMsg('deleted', UI_MSG_ALERT, true);
}
} else {
if ($edit) {
$obj->_billingcode_id = $edit;
}
$obj->billingcode_value = dPgetCleanParam($_REQUEST, 'billingcode_value');
$obj->billingcode_name = dPgetCleanParam($_REQUEST, 'billingcode_name');
$obj->billingcode_desc = dPgetCleanParam($_REQUEST, 'billingcode_desc');
$obj->company_id = $company_id;
if ($msg = $obj->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$AppUI->setMsg('updated', UI_MSG_OK, true);
}
}
$AppUI->redirect('m=system&a=billingcode&company_id=' . $company_id);
