/**
* presave functions are called before the session storage of tab data
* is destroyed. It can be used to save this data to be used later in
* the postsave function.
*/
function resource_presave()
{
global $other_resources;
//check to see if we are in the post save list or if we need to query the session.
$other_resources = dPgetParam($_POST, 'hresource_assign');
dprint(__FILE__, __LINE__, 5, "setting other resources to {$other_resources}");
}
function sendNewPass()
{
global $AppUI;
$_live_site = dPgetConfig('base_url');
$_sitename = dPgetConfig('company_name');
// ensure no malicous sql gets past
$checkusername = trim(dPgetParam($_POST, 'checkusername', ''));
$checkusername = db_escape($checkusername);
$confirmEmail = trim(dPgetParam($_POST, 'checkemail', ''));
$confirmEmail = mb_strtolower(db_escape($confirmEmail));
$q = new DBQuery();
$q->addTable('users', 'u');
$q->addQuery('u.user_id');
$q->addWhere('user_username=\'' . $checkusername . '\' AND LOWER(contact_email)=\'' . $confirmEmail . '\'');
$q->leftJoin('contacts', 'c', 'u.user_contact = c.contact_id');
if (!($user_id = $q->loadResult()) || !$checkusername || !$confirmEmail) {
$AppUI->setMsg('Invalid username or email.', UI_MSG_ERROR);
$AppUI->redirect();
}
$newpass = makePass();
$message = $AppUI->_('sendpass0', UI_OUTPUT_RAW) . ' ' . $checkusername . ' ' . $AppUI->_('sendpass1', UI_OUTPUT_RAW) . ' ' . $_live_site . ' ' . $AppUI->_('sendpass2', UI_OUTPUT_RAW) . ' ' . $newpass . ' ' . $AppUI->_('sendpass3', UI_OUTPUT_RAW);
$subject = "{$_sitename} :: " . $AppUI->_('sendpass4', UI_OUTPUT_RAW) . " - {$checkusername}";
$m = new Mail();
// create the mail
$m->From("dotProject@" . dPgetConfig('site_domain'));
$m->To($confirmEmail);
$m->Subject($subject);
$m->Body($message, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : "");
// set the body
$m->Send();
// send the mail
$newpass = md5($newpass);
$q->clear();
$q->addTable('users');
$q->addUpdate('user_password', $newpass, true);
$q->addWhere('user_id=\'' . $user_id . '\'');
$cur = $q->exec();
if (!$cur) {
die('SQL error' . $database->stderr(true));
} else {
$AppUI->setMsg('New User Password created and emailed to you');
$AppUI->redirect();
}
}
function sendNewPass()
{
global $AppUI;
$_live_site = dPgetConfig('base_url');
$_sitename = dPgetConfig('company_name');
// ensure no malicous sql gets past
$checkusername = trim(dPgetParam($_POST, 'checkusername', ''));
$checkusername = db_escape($checkusername);
$confirmEmail = trim(dPgetParam($_POST, 'checkemail', ''));
$confirmEmail = mb_strtolower(db_escape($confirmEmail));
$query = 'SELECT user_id FROM users LEFT JOIN contacts ON user_contact = contact_id' . " WHERE user_username='******' AND LOWER(contact_email)='{$confirmEmail}'";
if (!($user_id = db_loadResult($query)) || !$checkusername || !$confirmEmail) {
$AppUI->setMsg('Invalid username or email.', UI_MSG_ERROR);
$AppUI->redirect();
}
$newpass = makePass();
$message = $AppUI->_('sendpass0', UI_OUTPUT_RAW) . ' ' . $checkusername . ' ' . $AppUI->_('sendpass1', UI_OUTPUT_RAW) . ' ' . $_live_site . ' ' . $AppUI->_('sendpass2', UI_OUTPUT_RAW) . ' ' . $newpass . ' ' . $AppUI->_('sendpass3', UI_OUTPUT_RAW);
$subject = "{$_sitename} :: " . $AppUI->_('sendpass4', UI_OUTPUT_RAW) . " - {$checkusername}";
$m = new Mail();
// create the mail
$m->From("dotProject@" . dPgetConfig('site_domain'));
$m->To($confirmEmail);
$m->Subject($subject);
$m->Body($message, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : "");
// set the body
$m->Send();
// send the mail
$newpass = md5($newpass);
$sql = "UPDATE users SET user_password='******' WHERE user_id='{$user_id}'";
$cur = db_exec($sql);
if (!$cur) {
die('SQL error' . $database->stderr(true));
} else {
$AppUI->setMsg('New User Password created and emailed to you');
$AppUI->redirect();
}
}
if ($user_id && $m_orig == 'admin' && $a_orig == 'viewuser') {
$q->addWhere('project_owner = ' . $user_id);
}
if ($showInactive != '1') {
$q->addWhere('project_status != 7');
}
$pjobj->setAllowedSQL($AppUI->user_id, $q, null, 'p');
$q->addGroup('p.project_id');
$q->addOrder('project_name, task_end_date DESC');
$projects = $q->loadList();
$q->clear();
// Don't push the width higher than about 1200 pixels, otherwise it may not display.
$width = min(dPgetParam($_GET, 'width', 600), 1400);
$start_date = dPgetParam($_GET, 'start_date', 0);
$end_date = dPgetParam($_GET, 'end_date', 0);
$showAllGantt = dPgetParam($_REQUEST, 'showAllGantt', '0');
//$showTaskGantt = dPgetParam($_GET, 'showTaskGantt', '0');
$graph = new GanttGraph($width);
$graph->ShowHeaders(GANTT_HYEAR | GANTT_HMONTH | GANTT_HDAY | GANTT_HWEEK);
$graph->SetFrame(false);
$graph->SetBox(true, array(0, 0, 0), 2);
$graph->scale->week->SetStyle(WEEKSTYLE_FIRSTDAY);
$pLocale = setlocale(LC_TIME, 0);
// get current locale for LC_TIME
$res = @setlocale(LC_TIME, $AppUI->user_lang[0]);
if ($res) {
// Setting locale doesn't fail
$graph->scale->SetDateLocale($AppUI->user_lang[0]);
}
setlocale(LC_TIME, $pLocale);
if ($start_date && $end_date) {
<?php
//$Id: do_task_assign_aed.php 5731 2008-06-06 23:02:31Z merlinyoda $
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$del = isset($_POST['del']) ? $_POST['del'] : 0;
$rm = isset($_POST['rm']) ? $_POST['rm'] : 0;
$hassign = @$_POST['hassign'];
$htasks = @$_POST['htasks'];
$store = dPgetParam($_POST, 'store', 0);
$chUTP = dPgetParam($_POST, 'chUTP', 0);
$percentage_assignment = dPgetParam($_POST, 'percentage_assignment');
$user_task_priority = dPgetParam($_POST, 'user_task_priority');
$user_id = @$_POST['user_id'];
// prepare the percentage of assignment per user as required by CTask::updateAssigned()
$hperc_assign_ar = array();
if (isset($hassign)) {
$tarr = explode(',', $hassign);
foreach ($tarr as $uid) {
if (intval($uid) > 0) {
$hperc_assign_ar[$uid] = $percentage_assignment;
}
}
}
// prepare a list of tasks to process
$htasks_ar = array();
if (isset($htasks)) {
$tarr = explode(',', $htasks);
foreach ($tarr as $tid) {
if (intval($tid) > 0) {
$q->addJoin('projects', 'p', 'p.project_id = t.task_project');
$q->addJoin('companies', 'c', 'p.project_company = c.company_id');
$q->addQuery('u.user_username, t.task_name, t.task_start_date, t.task_milestone' . ', ut.perc_assignment, t.task_end_date, t.task_dynamic' . ', p.project_color_identifier, p.project_name');
$q->addOrder('t.task_name, t.task_start_date, t.task_end_date, ut.perc_assignment');
$tasks = $q->loadList();
$q->clear();
$q->addTable('user_tasks', 'ut');
$q->innerJoin('users', 'u', 'u.user_id = ut.user_id');
$q->innerJoin('tasks', 't', 't.task_id = ut.task_id');
$q->addQuery('min(t.task_start_date) AS task_min_date, max(t.task_end_date) AS task_max_date');
$taskMinMax = $q->loadList();
$q->clear();
$width = dPgetParam($_GET, 'width', 600);
$start_date = dPgetParam($_GET, 'start_date', 0);
$end_date = dPgetParam($_GET, 'end_date', 0);
$showTaskGantt = dPgetParam($_GET, 'showTaskGantt', 0);
$graph2 = new GanttGraph($width);
$graph2->ShowHeaders(GANTT_HYEAR | GANTT_HMONTH | GANTT_HDAY | GANTT_HWEEK);
$graph2->SetFrame(false);
$graph2->SetBox(true, array(0, 0, 0), 2);
$graph2->scale->week->SetStyle(WEEKSTYLE_FIRSTDAY);
$pLocale = setlocale(LC_TIME, 0);
// get current locale for LC_TIME
$res = @setlocale(LC_TIME, $AppUI->user_lang[2]);
if ($res) {
// Setting locale doesn't fail
$graph->scale->SetDateLocale($AppUI->user_lang[2]);
}
setlocale(LC_TIME, $pLocale);
if ($start_date && $end_date) {
$graph2->SetDateRange($start_date, $end_date);
<?php
/* FILES $Id: index.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
// "File" filters info
$AppUI->setState('FileIdxTab', (int) dPgetParam($_GET, 'tab'));
$tab = $AppUI->getState('FileIdxTab', 0);
$active = intval(!$AppUI->getState('FileIdxTab'));
// to pass to "new file" button
$folder = intval(dPgetParam($_GET, 'folder', 0));
// "Project" filters info
require_once $AppUI->getModuleClass('projects');
// retrieve any state parameters
if (isset($_REQUEST['project_id'])) {
$AppUI->setState('FileIdxProject', $_REQUEST['project_id']);
}
$project_id = $AppUI->getState('FileIdxProject', 0);
/*
* get "Allowed" projects for filter list
* ("All" is always allowed when basing permission on projects)
*/
$project = new CProject();
$extra = array('from' => 'files', 'where' => 'project_id = file_project');
$projects = $project->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name', null, $extra);
$projects = arrayMerge(array('0' => $AppUI->_('All', UI_OUTPUT_RAW)), $projects);
// get SQL for allowed projects/tasks and folders
$task = new CTask();
$allowedProjects = $project->getAllowedSQL($AppUI->user_id, 'file_project');
global $AppUI, $project_id, $task_id, $deny, $canRead, $canEdit, $dPconfig, $cfObj, $m, $obj;
require_once $AppUI->getModuleClass('files');
global $allowed_folders_ary, $denied_folders_ary, $limited;
$cfObj = new CFileFolder();
$allowed_folders_ary = $cfObj->getAllowedRecords($AppUI->user_id);
$denied_folders_ary = $cfObj->getDeniedRecords($AppUI->user_id);
$limited = count($allowed_folders_ary) < $cfObj->countFolders() ? true : false;
if (!$limited) {
$canEdit = true;
} else {
if ($limited && array_key_exists($folder, $allowed_folders_ary)) {
$canEdit = true;
} else {
$canEdit = false;
}
}
$showProject = false;
$project_id = $obj->task_project;
if (getPermission('files', 'edit')) {
echo '<a href="?m=files&a=addedit&project_id=' . $project_id . '&file_task=' . $task_id . '">' . $AppUI->_('Attach a file') . '</a>';
echo dPshowImage(dPfindImage('stock_attach-16.png', $m), 16, 16, '');
}
$canAccess_folders = getPermission('file_folders', 'access');
if ($canAccess_folders) {
$folder = (int) dPgetParam($_GET, 'folder', 0);
require DP_BASE_DIR . '/modules/files/folders_table.php';
} else {
if (getPermission('files', 'view')) {
require DP_BASE_DIR . '/modules/files/index_table.php';
}
}
<?php
/* PROJECTS $Id: view.php,v 1.94.4.11 2007/08/10 00:30:31 merlinyoda Exp $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$project_id = intval(dPgetParam($_GET, "project_id", 0));
// check permissions for this record
$perms =& $AppUI->acl();
$canRead = $perms->checkModuleItem($m, 'view', $project_id);
$canEdit = $perms->checkModuleItem($m, 'edit', $project_id);
$canEditT = $perms->checkModule('tasks', 'add');
if (!$canRead) {
$AppUI->redirect("m=public&a=access_denied");
}
// retrieve any state parameters
if (isset($_GET['tab'])) {
$AppUI->setState('ProjVwTab', $_GET['tab']);
}
$tab = $AppUI->getState('ProjVwTab') !== NULL ? $AppUI->getState('ProjVwTab') : 0;
// check if this record has dependencies to prevent deletion
$msg = '';
$obj = new CProject();
// Now check if the proect is editable/viewable.
$denied = $obj->getDeniedRecords($AppUI->user_id);
if (in_array($project_id, $denied)) {
$AppUI->redirect("m=public&a=access_denied");
}
$canDelete = $obj->canDelete($msg, $project_id);
// get critical tasks (criteria: task_end_date)
$criticalTasks = $project_id > 0 ? $obj->getCriticalTasks($project_id) : NULL;
<?php
/* CONTACTS $Id: view.php 6200 2013-01-15 06:24:08Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$contact_id = intval(dPgetParam($_GET, 'contact_id', 0));
$AppUI->savePlace();
// load the record data
$msg = '';
$row = new CContact();
$canDelete = $row->canDelete($msg, $contact_id);
// Don't allow to delete contacts, that have a user associated to them.
$q = new DBQuery();
$q->addTable('users');
$q->addQuery('user_id');
$q->addWhere('user_contact = ' . $contact_id);
$sql = $q->prepare();
$q->clear();
$tmp_user = db_loadResult($sql);
if (!empty($tmp_user)) {
$canDelete = false;
}
$canEdit = getPermission($m, 'edit', $contact_id);
if (!$row->load($contact_id) && $contact_id > 0) {
$AppUI->setMsg('Contact');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect();
} else {
if ($row->contact_private && $row->contact_owner != $AppUI->user_id && $row->contact_owner && $contact_id != 0) {
$AppUI->redirect('m=public&a=access_denied');
$filter = "dept_company = " . $_GET["company_id"];
$additional_get_information = "company_id=" . $_GET["company_id"];
break;
}
$q = new DBQuery();
$q->addTable($table_name);
$q->addQuery("{$id_field}, {$name_field}");
if ($filter != null) {
$q->addWhere($filter);
}
$q->addOrder($name_field);
$company_list = array("0" => "") + $q->loadHashList();
?>
<?php
if (dPgetParam($_POST, $id_field, 0) != 0) {
$q = new DBQuery();
$q->addTable($table_name);
$q->addQuery('*');
$q->addWhere("{$id_field}=" . $_POST[$id_field]);
$sql = $q->prepare();
$q->clear();
db_loadHash($sql, $r_data);
$data_update_script = "";
$update_address = isset($_POST["overwrite_address"]);
if ($table_name == "companies") {
$update_fields = array();
if ($update_address) {
$update_fields = array("company_address1" => "contact_address1", "company_address2" => "contact_address2", "company_city" => "contact_city", "company_state" => "contact_state", "company_zip" => "contact_zip", "company_phone1" => "contact_phone", "company_phone2" => "contact_phone2", "company_fax" => "contact_fax");
}
$data_update_script = "opener.setCompany('" . $_POST[$id_field] . "', '" . db_escape($r_data[$name_field]) . "');\n";
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$show_all = (int) dPgetParam($_REQUEST, 'show_all', 0);
$company_id = (int) dPgetParam($_REQUEST, 'company_id', 0);
$contact_id = (int) dPgetParam($_POST, 'contact_id', 0);
$call_back = dPgetCleanParam($_GET, 'call_back', null);
$contacts_submited = (int) dPgetParam($_POST, 'contacts_submited', 0);
$selected_contacts_id = dPgetCleanParam($_GET, 'selected_contacts_id', '');
if (dPgetParam($_POST, 'selected_contacts_id')) {
$selected_contacts_id = dPgetCleanParam($_POST, 'selected_contacts_id');
}
?>
<script language="javascript">
function setContactIDs (method,querystring)
{
var URL = 'index.php?m=public&a=contact_selector';
var field = document.getElementsByName('contact_id[]');
var selected_contacts_id = document.frmContactSelect.selected_contacts_id;
var currentIDstring = selected_contacts_id.value.toString();
var currentIDs = currentIDstring.split(',');
var addkeepIDs = new Array();
var dropIDs = new Array();
var resultIDs = new Array();
var i = 0;
var j = 0;
var flag = 0;
}
global $AppUI, $project_id, $deny, $canRead, $canEdit, $dPconfig, $cfObj, $m;
require_once $AppUI->getModuleClass('files');
global $allowed_folders_ary, $denied_folders_ary, $limited;
$cfObj = new CFileFolder();
$allowed_folders_ary = $cfObj->getAllowedRecords($AppUI->user_id);
$denied_folders_ary = $cfObj->getDeniedRecords($AppUI->user_id);
$limited = count($allowed_folders_ary) < $cfObj->countFolders() ? true : false;
if (!$limited) {
$canEdit = true;
} else {
if ($limited && array_key_exists($folder, $allowed_folders_ary)) {
$canEdit = true;
} else {
$canEdit = false;
}
}
$showProject = false;
if (getPermission('files', 'edit')) {
echo '<a href="?m=files&a=addedit&project_id=' . $project_id . '">' . $AppUI->_('Attach a file') . '</a>';
echo dPshowImage(dPfindImage('stock_attach-16.png', $m), 16, 16, '');
}
$canAccess_folders = getPermission('file_folders', 'access');
if ($canAccess_folders) {
$folder = dPgetParam($_GET, 'folder', 0);
require DP_BASE_DIR . '/modules/files/folders_table.php';
} else {
if (getPermission('files', 'view')) {
require DP_BASE_DIR . '/modules/files/index_table.php';
}
}
if (!$project_id) {
$showProject = true;
}
// get company to filter files by
//if (isset( $_POST['company_id'] )) {
// $AppUI->setState( 'FileIdxCompany', intval( $_POST['company_id'] ) );
//}
//$company_id = $AppUI->getState( 'FileIdxCompany' ) !== NULL ? $AppUI->getState( 'FileIdxCompany' ) : $AppUI->user_company;
if (!isset($company_id)) {
$company_id = dPgetParam($_REQUEST, 'company_id', 0);
}
$obj = new CCompany();
$allowed_companies_ary = $obj->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$allowed_companies = implode(",", array_keys($allowed_companies_ary));
if (!isset($task_id)) {
$task_id = dPgetParam($_REQUEST, 'task_id', 0);
}
global $xpg_min, $xpg_pagesize;
$xpg_pagesize = 30;
$xpg_min = $xpg_pagesize * ($page - 1);
// This is where we start our record set from
// load the following classes to retrieved denied records
include_once $AppUI->getModuleClass('projects');
include_once $AppUI->getModuleClass('tasks');
$project = new CProject();
$deny1 = $project->getDeniedRecords($AppUI->user_id);
$task = new CTask();
$deny2 = $task->getDeniedRecords($AppUI->user_id);
global $file_types;
$file_types = dPgetSysVal("FileType");
$folder = $folder ? $folder : 0;
<?php
/* CONTACTS $Id: do_contact_aed.php 5872 2009-04-25 00:09:56Z merlinyoda $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$obj = new CContact();
$msg = '';
if (!$obj->bind($_POST)) {
$AppUI->setMsg($obj->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
$del = dPgetParam($_POST, 'del', 0);
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('Contact');
if ($del) {
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
} else {
$AppUI->setMsg("deleted", UI_MSG_ALERT, true);
$AppUI->redirect("m=contacts");
}
} else {
$isNotNew = @$_POST['contact_id'];
if ($msg = $obj->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$AppUI->setMsg($isNotNew ? 'updated' : 'added', UI_MSG_OK, true);
}
$AppUI->redirect();
<?php
/* FORUMS $Id: view_pdf.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not call this file directly.');
}
$AppUI->savePlace();
$sort = dPgetCleanParam($_REQUEST, 'sort', 'asc');
$forum_id = (int) dPgetParam($_REQUEST, 'forum_id', 0);
$message_id = (int) dPgetParam($_REQUEST, 'message_id', 0);
if (!getPermission('forums', 'view', $message_id)) {
$AppUI->redirect("m=public&a=access_denied");
}
$q = new DBQuery();
$q->addTable('forums');
$q->addTable('forum_messages', 'msg');
$q->addQuery('msg.*, contact_first_name, contact_last_name, contact_email, user_username,
forum_moderated, visit_user');
$q->addJoin('forum_visits', 'v', "visit_user = {$AppUI->user_id} AND visit_forum = {$forum_id} AND visit_message = msg.message_id");
$q->addJoin('users', 'u', 'message_author = u.user_id');
$q->addJoin('contacts', 'con', 'contact_id = user_contact');
$q->addWhere("forum_id = message_forum AND (message_id = {$message_id} OR message_parent = {$message_id})");
if (dPgetConfig('forum_descendent_order') || dPgetCleanParam($_REQUEST, 'sort', 0)) {
$q->addOrder("message_date {$sort}");
}
$messages = $q->loadList();
$x = false;
$date = new CDate();
$pdfdata = array();
$pdfhead = array('Date', 'User', 'Message');
$new_messages = array();
This program is distributed in the hope that it will be useful,
but WITHOUT ANY WARRANTY; without even the implied warranty of
MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
along with this program. If not, see <http://www.gnu.org/licenses/>.
*/
// one site for both adding and editing timesheet's log items
// besides the following lines show the possiblities of the dPframework
// retrieve GET-Parameters via dPframework
// please always use this way instead of hard code (e.g. there have been some problems with REGISTER_GLOBALS=OFF with hard code)
global $AppUI, $user_id, $percent;
$user_id = $AppUI->user_id;
$task_log_id = intval(dPgetParam($_GET, "task_log_id", 0));
$task_log_name = intval(dPgetParam($_GET, "task_log_name", 0));
// check permissions for this record
$canEdit = !getDenyEdit($m, $task_log_id);
if (!$canEdit) {
$AppUI->redirect("m=public&a=access_denied");
}
// use the object oriented design of dP for loading the log that should be edited
// therefore create a new instance of the Timesheet Class
$obj = new CTimesheet();
$df = $AppUI->getPref('SHDATEFORMAT');
// pull users
// pull users
$q = new DBQuery();
$q->addTable('tasks', 't');
$q->addTable('projects', 'p');
$q->addTable('user_tasks', 'u');
<?php
/* FORUMS $Id: post_message.php 5541 2007-11-25 22:31:12Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
// Add / Edit forum
$message_id = isset($_GET['message_id']) ? $_GET['message_id'] : 0;
$message_parent = isset($_GET['message_parent']) ? $_GET['message_parent'] : -1;
$forum_id = dPgetParam($_REQUEST, 'forum_id', 0);
// Build a back-url for when the back button is pressed
$back_url_params = array();
foreach ($_GET as $k => $v) {
if ($k != 'post_message') {
$back_url_params[] = "{$k}={$v}";
}
}
$back_url = implode('&', $back_url_params);
//Pull forum information
$q = new DBQuery();
$q->addTable('forums');
$q->addTable('projects');
$q->addQuery('forum_name, forum_owner, forum_moderated, project_name, project_id');
$q->addWhere("forums.forum_id = {$forum_id}");
$q->addWhere('forums.forum_project = projects.project_id');
$res = $q->exec();
$forum_info = $q->fetchRow();
$q->clear();
echo db_error();
//pull message information
$q = new DBQuery();
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
$do_report = (bool) dPgetParam($_POST, 'do_report', true);
$log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0);
$log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0);
$log_all = (bool) dPgetParam($_POST, 'log_all', true);
$use_period = (int) dPgetParam($_POST, 'use_period', 0);
$show_orphaned = (int) dPgetParam($_POST, 'show_orphaned', 0);
$display_week_hours = (int) dPgetParam($_POST, 'display_week_hours', 0);
$max_levels = dPgetCleanParam($_POST, 'max_levels', '');
$log_userfilter = (int) dPgetParam($_POST, 'log_userfilter', 0);
$company_id = dPgetCleanParam($_POST, 'company_id', 'all');
$project_id = dPgetCleanParam($_POST, 'project_id', 'all');
require_once $AppUI->getModuleClass('projects');
require_once $AppUI->getModuleClass('tasks');
$proj = new CProject();
// filtering by companies
$projects = $proj->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name');
$projFilter = arrayMerge(array('all' => $AppUI->_('All Projects')), $projects);
$durnTypes = dPgetSysVal('TaskDurationType');
$taskPriority = dPgetSysVal('TaskPriority');
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate();
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
$now = new CDate();
if (!$log_start_date) {
$start_date->subtractSpan(new Date_Span('14,0,0,0'));
<?php
/* RESOURCES $Id: do_resource_aed.php 6149 2012-01-09 11:58:40Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$del = (int) dPgetParam($_POST, 'del', 0);
$obj = new CResource();
$msg = '';
if (!$obj->bind($_POST)) {
$AppUI->setMsg($obj->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
$AppUI->setMsg('Resource');
if ($del) {
if (!$obj->canDelete($msg)) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
}
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
} else {
$AppUI->setMsg('deleted', UI_MSG_ALERT, true);
$AppUI->redirect('', -1);
}
} else {
if ($msg = $obj->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$AppUI->setMsg($_POST['resource_id'] ? 'updated' : 'added', UI_MSG_OK, true);
<?php
/* FILES $Id: index.php 6038 2010-10-03 05:49:01Z ajdonnison $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$AppUI->savePlace();
// retrieve any state parameters
if (isset($_REQUEST['project_id'])) {
$AppUI->setState('LinkIdxProject', intval($_REQUEST['project_id']));
}
$project_id = $AppUI->getState('LinkIdxProject') !== NULL ? $AppUI->getState('LinkIdxProject') : 0;
if (dPgetParam($_GET, 'tab', -1) != -1) {
$AppUI->setState('LinkIdxTab', intval(dPgetParam($_GET, 'tab')));
}
$tab = $AppUI->getState('LinkIdxTab') !== NULL ? $AppUI->getState('LinkIdxTab') : 0;
$active = intval(!$AppUI->getState('LinkIdxTab'));
require_once $AppUI->getModuleClass('projects');
// get the list of visible companies
$extra = array('from' => 'links', 'where' => 'project_id = link_project');
$project = new CProject();
$projects = $project->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name', null, $extra);
$projects = arrayMerge(array('0' => $AppUI->_('All', UI_OUTPUT_JS)), $projects);
// setup the title block
$titleBlock = new CTitleBlock('Links', 'folder5.png', $m, "{$m}.{$a}");
$titleBlock->addCell($AppUI->_('Search') . ':');
$titleBlock->addCell('<input type="text" class="text" size="10" name="search" onchange="javascript:document.searchfilter.submit();" value=' . "'{$search}'" . 'title="' . $AppUI->_('Search in name and description fields', UI_OUTPUT_JS) . '"/>', '', '<form action="?m=links" method="post" id="searchfilter">', '</form>');
$titleBlock->addCell($AppUI->_('Filter') . ':');
$titleBlock->addCell(arraySelect($projects, 'project_id', 'onchange="javascript:document.pickProject.submit()" size="1" class="text"', $project_id), '', '<form name="pickProject" action="?m=links" method="post">', '</form>');
if ($canEdit) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new link') . '" />', '', '<form action="?m=links&a=addedit" method="post">', '</form>');
function notifyOwner()
{
$q = new DBQuery();
global $AppUI, $locale_char_set;
$q->addTable('projects');
$q->addQuery('project_name');
$q->addWhere('project_id=' . $this->task_project);
$sql = $q->prepare();
$q->clear();
$projname = htmlspecialchars_decode(db_loadResult($sql));
$mail = new Mail();
$mail->Subject($projname . '::' . $this->task_name . ' ' . $AppUI->_($this->_action, UI_OUTPUT_RAW), $locale_char_set);
// c = creator
// a = assignee
// o = owner
$q->addTable('tasks', 't');
$q->leftJoin('user_tasks', 'u', 'u.task_id = t.task_id');
$q->leftJoin('users', 'o', 'o.user_id = t.task_owner');
$q->leftJoin('contacts', 'oc', 'oc.contact_id = o.user_contact');
$q->leftJoin('users', 'c', 'c.user_id = t.task_creator');
$q->leftJoin('contacts', 'cc', 'cc.contact_id = c.user_contact');
$q->leftJoin('users', 'a', 'a.user_id = u.user_id');
$q->leftJoin('contacts', 'ac', 'ac.contact_id = a.user_contact');
$q->addQuery('t.task_id, cc.contact_email as creator_email' . ', cc.contact_first_name as creator_first_name' . ', cc.contact_last_name as creator_last_name' . ', oc.contact_email as owner_email' . ', oc.contact_first_name as owner_first_name' . ', oc.contact_last_name as owner_last_name' . ', a.user_id as assignee_id, ac.contact_email as assignee_email' . ', ac.contact_first_name as assignee_first_name' . ', ac.contact_last_name as assignee_last_name');
$q->addWhere(' t.task_id = ' . $this->task_id);
$sql = $q->prepare();
$q->clear();
$users = db_loadList($sql);
if (count($users)) {
$body = $AppUI->_('Project', UI_OUTPUT_RAW) . ': ' . $projname . "\n" . $AppUI->_('Task', UI_OUTPUT_RAW) . ': ' . $this->task_name . "\n" . $AppUI->_('URL', UI_OUTPUT_RAW) . ': ' . DP_BASE_URL . '/index.php?m=tasks&a=view&task_id=' . $this->task_id . "\n\n" . $AppUI->_('Description', UI_OUTPUT_RAW) . ': ' . "\n" . $this->task_description . "\n\n" . $AppUI->_('Creator', UI_OUTPUT_RAW) . ': ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . "\n\n" . $AppUI->_('Progress', UI_OUTPUT_RAW) . ': ' . $this->task_percent_complete . '%' . "\n\n" . dPgetParam($_POST, 'task_log_description');
$mail->Body($body, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : '');
$mail->From('"' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . '" <' . $AppUI->user_email . '>');
}
if ($mail->ValidEmail($users[0]['owner_email'])) {
$mail->To($users[0]['owner_email'], true);
$mail->Send();
}
return '';
}
<?php
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
// Copyright 2004 Adam Donnison <*****@*****.**>
$resource_id = intval(dPgetParam($_GET, 'resource_id', null));
$canDelete = getPermission('resources', 'delete', $resource_id);
$canView = getPermission('resources', 'view', $resource_id);
if (!$resource_id && !getPermission('resources', 'add') || !$canView || !$canEdit) {
$AppUI->redirect('m=public&a=access_denied');
}
$obj = new CResource();
if ($resource_id && !$obj->load($resource_id)) {
$AppUI->setMsg('Resource');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect();
}
$titleBlock = new CTitleBlock($resource_id ? 'Edit Resource' : 'Add Resource', 'helpdesk.png', $m, "{$m}.{$a}");
$titleBlock->addCrumb('?m=resources', 'resource list');
if ($resource_id) {
$titleBlock->addCrumb("?m=resources&a=view&resource_id={$resource_id}", 'view this resource');
}
$titleBlock->show();
$typelist = $obj->typeSelect();
?>
<form name="editfrm" action="?m=resources" method="post">
<input type="hidden" name="dosql" value="do_resource_aed" />
<input type="hidden" name="resource_id" value="<?php
echo dPformSafe($resource_id);
?>
/* FORUMS $Id$ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
// Add / Edit forum
$forum_id = intval(dPgetParam($_GET, 'forum_id', 0));
$forum_project = intval(dPgetParam($_GET, 'forum_project', 0));
// check permissions for this record
$canEdit = getPermission($m, 'edit', $forum_id);
if (!$canEdit || !$canAuthor) {
$AppUI->redirect("m=public&a=access_denied");
}
// load the companies class to retrieved denied projects
require_once $AppUI->getModuleClass('projects');
$forum_id = intval(dPgetParam($_GET, 'forum_id', 0));
//Pull forum information
$q = new DBQuery();
$q->addTable('forums');
$q->addWhere("forums.forum_id = {$forum_id}");
$res = $q->exec();
echo db_error();
$forum_info = db_fetch_assoc($res);
$status = isset($forum_info["forum_status"]) ? $forum_info["forum_status"] : -1;
// get any project records denied from viewing
$projObj = new CProject();
//Pull project Information
$q = new DBQuery();
$q->addTable('projects');
$q->addQuery('project_id, project_name');
$q->addWhere('project_status <> 7');
f.submit();
}
</script>
<?php
}
// get the prefered date format
$df = $AppUI->getPref('SHDATEFORMAT');
$reports = $AppUI->readFiles(dPgetConfig('root_dir') . "/modules/projects/reports", "\\.php\$");
// setup the title block
if (!$suppressHeaders) {
$titleBlock = new CTitleBlock('Project Reports');
$titleBlock->addButton("projects list", 'index.php?m=projects');
$titleBlock->show();
}
$report_type_var = dPgetParam($_GET, 'report_type', '');
if (!empty($report_type_var)) {
$report_type_var = '&report_type=' . $report_type;
}
$title_ext = '';
if ($report_type != '') {
$rfx = DP_BASE_DIR . "/modules/projects/reports/" . $report_type . '.' . $AppUI->user_locale . '.txt';
if (file_exists($rfx)) {
$ds = file($rfx);
$title_ext = ' - ' . $ds[0];
}
}
if (!$suppressHeaders) {
if (!isset($display_project_name)) {
$display_project_name = $AppUI->_('All');
}
<?php
/* FILES $Id: index.php,v 1.33 2005/02/22 03:17:13 cyberhorse Exp $ */
$AppUI->savePlace();
// retrieve any state parameters
if (isset($_REQUEST['project_id'])) {
$AppUI->setState('FileIdxProject', $_REQUEST['project_id']);
}
$project_id = $AppUI->getState('FileIdxProject', 0);
if (dPgetParam($_GET, 'tab', -1) != -1) {
$AppUI->setState('FileIdxTab', dPgetParam($_GET, 'tab'));
}
$tab = $AppUI->getState('FileIdxTab', 0);
$active = intval(!$AppUI->getState('FileIdxTab'));
require_once $AppUI->getModuleClass('projects');
// get the list of visible companies
$extra = array('from' => 'files', 'where' => 'project_id = file_project');
$project = new CProject();
$projects = $project->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name', null, $extra);
$allowedProjects = array_keys($projects);
$projects = arrayMerge(array('0' => $AppUI->_('All', UI_OUTPUT_RAW)), $projects);
// setup the title block
$titleBlock = new CTitleBlock('Files', 'folder5.png', $m, "{$m}.{$a}");
$titleBlock->addCell($AppUI->_('Filter') . ':');
$titleBlock->addCell(arraySelect($projects, 'project_id', 'onChange="document.pickProject.submit()" size="1" class="text"', $project_id), '', '<form name="pickProject" action="?m=files" method="post">', '</form>');
if ($canEdit) {
$titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new file') . '">', '', '<form action="?m=files&a=addedit" method="post">', '</form>');
}
$titleBlock->show();
$file_types = dPgetSysVal("FileType");
if ($tab != -1) {
// prepare (and translate) the module name ready for the suffix
if ($del) {
$project_id = dPgetParam($_POST, 'project_id', 0);
$canDelete = $obj->canDelete($msg, $project_id);
if (!$canDelete) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
}
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
} else {
$AppUI->setMsg("Project deleted", UI_MSG_ALERT);
$AppUI->redirect("m=projects");
}
} else {
if ($msg = $obj->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
} else {
$isNotNew = @$_POST['project_id'];
if ($importTask_projectId = dPgetParam($_POST, 'import_tasks_from', '0')) {
$obj->importTasks($importTask_projectId);
}
$AppUI->setMsg($isNotNew ? 'Project updated' : 'Project inserted', UI_MSG_OK, true);
$custom_fields = new CustomFields($m, 'addedit', $obj->project_id, "edit");
$custom_fields->bind($_POST);
$sql = $custom_fields->store($obj->project_id);
// Store Custom Fields
}
$AppUI->redirect();
}
$title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}";
$fields = array("headings" => array("From", "To", "Subject", "Date", "Cc", "<br />"), "columns" => array("author", "recipient", "subject", "timestamp", "cc", "body"), "types" => array("email", "original_author", "normal", "elapsed_date", "email", "body"));
} else {
if ($ticket_type == "Staff Comment") {
$title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}";
$fields = array("headings" => array("From", "Date", "<br />"), "columns" => array("author", "timestamp", "body"), "types" => array("email", "elapsed_date", "body"));
} else {
$title = $AppUI->_('Ticket') . " #{$ticket}";
$fields = array('headings' => array('From', 'Subject', 'Date', 'Cc', 'Status', 'Priority', 'Owner', 'Company', 'Project', '<br />'), 'columns' => array('author', 'subject', 'timestamp', 'cc', 'type', 'priority', 'assignment', 'ticket_company', 'ticket_project', 'body'), 'types' => array('email', 'normal', 'elapsed_date', 'email', 'status', 'priority_select', 'assignment', 'ticket_company', 'ticket_project', 'body'));
}
}
/* perform updates */
$orig_assignment = dPgetParam($_POST, 'orig_assignment', '');
$author = dPgetParam($_POST, 'author', '');
$priority = dPgetParam($_POST, 'priority', '');
$subject = dPgetParam($_POST, 'subject', '');
if (@$type_toggle || @$priority_toggle || @$assignment_toggle) {
do_query("UPDATE tickets SET type = '{$type_toggle}', priority = '{$priority_toggle}', assignment = '{$assignment_toggle}' WHERE ticket = '{$ticket}'");
//Emailing notifications.
$change = ' ';
if ($type_toggle) {
$change .= $AppUI->_('Status changed') . ' ';
}
if ($priority_toggle) {
$change .= $AppUI->_('Priority changed') . ' ';
}
if ($assignment_toggle) {
$change .= $AppUI->_('Assignment changed') . ' ';
}
$boundary = "_lkqwkASDHASK89271893712893";
$message = "--{$boundary}\n";
<?php
/* COMPANIES $Id: addedit.php 4800 2007-03-06 00:34:46Z merlinyoda $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$company_id = intval(dPgetParam($_GET, "company_id", 0));
// check permissions for this company
$perms =& $AppUI->acl();
// If the company exists we need edit permission,
// If it is a new company we need add permission on the module.
if ($company_id) {
$canEdit = $perms->checkModuleItem($m, "edit", $company_id);
} else {
$canEdit = $perms->checkModule($m, "add");
}
if (!$canEdit) {
$AppUI->redirect("m=public&a=access_denied");
}
// load the company types
$types = dPgetSysVal('CompanyType');
// load the record data
$q = new DBQuery();
$q->addTable('companies');
$q->addQuery('companies.*');
$q->addQuery('con.contact_first_name');
$q->addQuery('con.contact_last_name');
$q->addJoin('users', 'u', 'u.user_id = companies.company_owner');
$q->addJoin('contacts', 'con', 'u.user_contact = con.contact_id');
$q->addWhere('companies.company_id = ' . $company_id);
$sql = $q->prepare();
<?php
$coarseness = dPgetParam($_POST, "coarseness", 1);
$do_report = dPgetParam($_POST, "do_report", 0);
$hideNonWd = dPgetParam($_POST, "hideNonWd", 0);
$log_start_date = dPgetParam($_POST, "log_start_date", 0);
$log_end_date = dPgetParam($_POST, "log_end_date", 0);
$use_assigned_percentage = dPgetParam($_POST, "use_assigned_percentage", 0);
$user_id = dPgetParam($_POST, "user_id", $AppUI->user_id);
// create Date objects from the datetime fields
$start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate(date("Y-m-01"));
$end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate();
$end_date->setTime(23, 59, 59);
?>
<script language="javascript">
Calendar.enabled = true;
</script>
<form name="editFrm" action="index.php?m=projects&a=reports" method="post">
<input type="hidden" name="project_id" value="<?php
echo $project_id;
?>
" />
<input type="hidden" name="report_category" value="<?php
echo $report_category;
?>
" />
<input type="hidden" name="report_type" value="<?php
echo $report_type;
?>
