예제 #1
0
    }
} elseif ($_POST["postback"] == "U") {
    $var_title = trim($_POST["txtPerTitle"]);
    $var_notes = trim($_POST["txtNotes"]);
    $var_refno = trim($_POST["txtRefno"]);
    $var_pdate = trim($_POST["txtDate"]);
    $var_staff = trim($_POST["txtStaff"]);
    $dup_flag = 0;
    //check duplicate name department name
    $sql = "SELECT nPNId   FROM sptbl_personalnotes WHERE vPNTitle='" . mysql_real_escape_string($var_deptname) . "'";
    $sql .= " and nPNId !={$var_id}";
    $rs = executeSelect($sql, $conn);
    if (mysql_num_rows($rs) > 0) {
        $dup_flag = 1;
    }
    if (validateUpdation() == true and $dup_flag == 0) {
        $sql = "Update sptbl_personalnotes set \r\n\t\t\t\t\t    vPNTitle='" . mysql_real_escape_string($var_title) . "',\r\n\t\t\t\t\t    tPNDesc='" . mysql_real_escape_string($var_notes) . "',\r\n\t\t\t\t\t    dDate  =now() \r\n\t\t\t\t\t    where nPNId='" . mysql_real_escape_string($var_id) . "'";
        executeQuery($sql, $conn);
        //Insert the actionlog
        if (logActivity()) {
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_UPDATION . "','Personal Notes','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_message = MESSAGE_RECORD_UPDATED;
        $flag_msg = "class='msg_success'";
    } else {
        $var_message = MESSAGE_RECORD_ERROR;
        $flag_msg = "class='msg_success'";
    }
}
function validateDeletion()
예제 #2
0
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_DELETION . "','Language','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_langCode = "";
        $var_langDesc = "";
        $var_id = "";
        $var_message = MESSAGE_RECORD_DELETED;
        $flag_msg = 'class="msg_success"';
    } else {
        $var_message = MESSAGE_RECORD_ERROR;
        $flag_msg = 'class="msg_error"';
    }
} elseif ($_POST["postback"] == "U") {
    $var_langCode = trim($_POST["txtLangCode"]);
    $var_langDesc = trim($_POST["txtLangDesc"]);
    if (validateUpdation($var_langCode, $var_langDesc) == true and $var_langCode != "en") {
        $sql = "Update sptbl_lang set    vLangDesc='" . mysql_real_escape_string($var_langDesc) . "'  where vLangCode='" . mysql_real_escape_string($var_id) . "'";
        executeQuery($sql, $conn);
        //Insert the actionlog
        if (logActivity()) {
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_UPDATION . "','Language','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_message = MESSAGE_RECORD_UPDATED;
        $flag_msg = 'class="msg_success"';
    } else {
        $var_message = MESSAGE_RECORD_ERROR;
        $flag_msg = 'class="msg_error"';
    }
}
function validateAddition($var_langCode, $var_langDesc)
         $errorcode = MESSAGE_UPLOAD_ERROR_6;
         break;
     default:
         $file_name = $uploadstatus;
         break;
 }
 $sql = "SELECT nDLId   FROM sptbl_downloads WHERE   vDescription ='" . mysql_real_escape_string($var_desc) . "'";
 $sql .= "and nDLId !={$var_id}";
 $rs = executeSelect($sql, $conn);
 if (mysql_num_rows($rs) > 0) {
     if ($file_name != "") {
         @unlink("../downloads/" . $file_name);
     }
     $dup_flag = 1;
 }
 if (validateUpdation() == true and $dup_flag == 0 and $errorcode == "") {
     if ($file_name != "") {
         $file_name = "downloads/" . $file_name;
         $seturlfld = " ,vURL='" . mysql_real_escape_string($file_name) . "' ";
         //unlink the old file
         $sql = "SELECT vURL    FROM sptbl_downloads WHERE   nDLId ={$var_id}";
         $rs_oldurl = executeSelect($sql, $conn);
         $rowoldurl = mysql_fetch_array($rs_oldurl);
         $oldurl = $rowoldurl['vURL'];
         @unlink("../" . $oldurl);
         $var_url = $file_name;
     } else {
         $seturlfld = " ";
     }
     $sql = "Update sptbl_downloads  set vDescription  ='" . mysql_real_escape_string($var_desc) . "',\n\t\t\t\t\t     dPostdate =now()";
     $sql .= $seturlfld;
예제 #4
0
        $sql = "Delete from sptbl_reminders where nRemId='" . mysql_real_escape_string($var_id) . "' ";
        executeQuery($sql, $conn);
        if (logActivity()) {
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_DELETION . "','Reminders','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_message = "<font color=red>" . MESSAGE_RECORD_DELETED . "</font>";
        $var_title = "";
        $var_desc = "";
        $var_alert = date("m-d-Y H:i", time());
        $var_id = "";
    } else {
        $var_message = "<font color=red>" . MESSAGE_RECORD_ERROR . "</font>";
    }
} elseif ($_POST["postback"] == "U") {
    if (validateUpdation() == true) {
        $sql = "Update sptbl_reminders set\r\n                                        vRemTitle='" . mysql_real_escape_string($var_title) . "',\r\n                                        tRemDesc='" . mysql_real_escape_string($var_desc) . "',\r\n                                        dRemAlert='{$var_time}' where nRemId='" . mysql_real_escape_string($var_id) . "'";
        executeQuery($sql, $conn);
        if (logActivity()) {
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_UPDATION . "','Reminders','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_message = "<font color=red>" . MESSAGE_RECORD_UPDATED . "</font>";
    } else {
        $var_message = "<font color=red>" . MESSAGE_RECORD_ERROR . "</font>";
    }
}
function validateAddition()
{
    global $var_time;
    if (trim($_POST["txtTitle"]) == "" || trim($_POST["txtDesc"]) == "") {
     $charr = explode(",", $childlist);
     array_push($charr, $var_id);
     $charr = array_unique($charr);
     array_push($charr, $var_parentid);
     $cnt_arr1 = count($charr);
     $charr = array_unique($charr);
     $cnt_arr2 = count($charr);
 }
 if ($cnt_arr1 != $cnt_arr2) {
     $dup_flag = 1;
 } else {
     if ($var_id == $var_parentid) {
         $dup_flag = 1;
     }
 }
 if (validateUpdation($var_id, $var_companyid, $var_parentid) == true and $dup_flag == 0) {
     if (!isUniqueEmail($var_email, $var_id, "d")) {
         $var_message = MESSAGE_NONUNIQUE_EMAIL;
         $flag_msg = 'class="msg_error"';
     } else {
         //fetch the old parent
         $qry = "select * from sptbl_depts where nDeptId='" . $var_id . "'";
         $rsgetdept = mysql_query($qry);
         $deptrow = mysql_fetch_array($rsgetdept);
         $oldparentid = $deptrow['nDeptParent'];
         $sql = "Update sptbl_depts set nCompId='" . mysql_real_escape_string($var_companyid) . "',\n\t\t\t\t\t\t\t\tvDeptDesc='" . mysql_real_escape_string($var_deptname) . "',\n\t\t\t\t\t\t\t\tnDeptParent='" . mysql_real_escape_string($var_parentid) . "',\n\t\t\t\t\t\t\t\tvDeptCode='" . mysql_real_escape_string($var_deptcode) . "',\n\t\t\t\t\t\t\t\tvDeptMail='" . mysql_real_escape_string($var_email) . "',\n\t\t\t\t\t\t\t\tnResponseTime='" . mysql_real_escape_string($var_responsetime) . "' \n\t\t\t\t\t\t\t\twhere nDeptId='" . mysql_real_escape_string($var_id) . "'";
         executeQuery($sql, $conn);
         $qry = "delete from sptbl_staffdept where nDeptId='" . $var_parentid . "'";
         mysql_query($qry);
         $updatePop3 = "Update sptbl_pop3settings set vDeptEMail='" . mysql_real_escape_string($var_email) . "', vUserName='******'\n\t\t\t\t\t\t\t\twhere nDeptId='" . mysql_real_escape_string($var_id) . "'";
         executeQuery($updatePop3, $conn);
예제 #6
0
         case "IF":
             $errorcode = MESSAGE_UPLOAD_ERROR_6;
             break;
             //			   case "FE":
             //			            $errorcode=MESSAGE_UPLOAD_ERROR_5;
             //				         break;
         //			   case "FE":
         //			            $errorcode=MESSAGE_UPLOAD_ERROR_5;
         //				         break;
         default:
             $txticon_Url = $uploadstatus;
             break;
     }
 }
 // Upload icon  ends
 if (validateUpdation($var_prtyid) == true) {
     if ($var_oldpriority == 0) {
         $var_prtyvalue = 0;
     }
     $sql = "update sptbl_priorities set nPriorityValue='" . mysql_real_escape_string($var_prtyvalue) . "',";
     $sql .= "vPriorityDesc='" . mysql_real_escape_string($var_prtydesc) . "',vTicketColor='" . mysql_real_escape_string($var_prtycolor) . "' ";
     if ($txticon_Url != "") {
         $sql .= " , vPrioritie_icon='" . mysql_real_escape_string($txticon_Url) . "' ";
         $hidioniconename = $_POST['hidioniconename'];
         if ($hidioniconename != "") {
             $filepath = "" . $hidioniconename;
             if (strpos($filepath, "noicon.j") === false) {
                 if (file_exists($filepath)) {
                     unlink($filepath);
                 }
             }
 $var_staffLogin = trim($_POST["txtStaffLogin"]);
 $var_password = $_POST["txtPassword"];
 $var_email = $_POST["txtEmail"];
 $var_yim = $_POST["txtYim"];
 $var_smsMail = $_POST["txtSmsMail"];
 $var_mobile = $_POST["txtMobile"];
 $var_cssId = $_POST["cmbCssId"];
 $var_refreshRate = $_POST["cmbRefresh"];
 settype($var_refreshRate, integer);
 $var_notifyAssign = $_POST["rdNotifyAssign"] == "1" ? $_POST["rdNotifyAssign"] : "0";
 $var_notifyPvtMsg = $_POST["rdNotifyPvtMsg"] == "1" ? $_POST["rdNotifyPvtMsg"] : "0";
 $var_notifyKB = $_POST["rdNotifyKB"] == "1" ? $_POST["rdNotifyKB"] : "0";
 $var_watcher = $_POST["rdWatcher"] == "1" ? $_POST["rdWatcher"] : "0";
 $var_notifyArrival = $_POST["rdNotifyArrival"] == "1" ? $_POST["rdNotifyArrival"] : "0";
 $var_signature = $_POST["txtSignature"];
 $updationflag = validateUpdation();
 if ($updationflag == 1) {
     if (!isUniqueEmail($var_email, $var_id, "s")) {
         $var_message = MESSAGE_NONUNIQUE_EMAIL;
         $flag_msg = 'class="msg_error"';
     } else {
         $sql = "Update sptbl_staffs set vStaffname='" . mysql_real_escape_string($var_staffName) . "',\n\t\t\t\t\t\t" . ($var_password != "" ? "vPassword='******'," : "") . "vMail='" . mysql_real_escape_string($var_email) . "',\n\t\t\t\t\t\tvYIM='" . mysql_real_escape_string($var_yim) . "',\n\t\t\t\t\t\tvSMSMail='" . mysql_real_escape_string($var_smsMail) . "',\n\t\t\t\t\t\tvMobileNo='" . mysql_real_escape_string($var_mobile) . "',\n\t\t\t\t\t\tnCSSId='" . mysql_real_escape_string($var_cssId) . "',\n\t\t\t\t\t\tnRefreshRate='" . mysql_real_escape_string($var_refreshRate) . "',\n\t\t\t\t\t\tnNotifyAssign='" . $var_notifyAssign . "',\n\t\t\t\t\t\tnNotifyPvtMsg='" . $var_notifyPvtMsg . "',\n\t\t\t\t\t\tnNotifyKB='" . $var_notifyKB . "',\n\t\t\t\t\t\tnWatcher='" . $var_watcher . "',\n\t\t\t\t\t\tnNotifyArrival='" . $var_notifyArrival . "',\n\t\t\t\t\t\ttSignature='" . mysql_real_escape_string($var_signature) . "'  where nStaffId='" . mysql_real_escape_string($var_id) . "'";
         executeQuery($sql, $conn);
         //Insert the actionlog
         if (logActivity()) {
             $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_UPDATION . "','Staff','" . mysql_real_escape_string($var_id) . "',now())";
             executeQuery($sql, $conn);
         }
         $var_message = MESSAGE_RECORD_UPDATED;
         $flag_msg = 'class="msg_success"';
         if ($var_password != "") {
예제 #8
0
        $flag_msg = 'class="msg_error"';
    }
} elseif ($_POST["postback"] == "U") {
    $var_companyName = trim($_POST["txtCompanyName"]);
    $var_address1 = trim($_POST["txtAddress1"]);
    $var_address2 = trim($_POST["txtAddress2"]);
    $var_city = trim($_POST["txtCity"]);
    $var_state = trim($_POST["txtState"]);
    $var_phone = trim($_POST["txtPhone"]);
    $var_fax = trim($_POST["txtFax"]);
    $var_email = trim($_POST["txtEmail"]);
    $var_zip = trim($_POST["txtZip"]);
    $var_contact = trim($_POST["txtContact"]);
    $var_country = trim($_POST["cmbCountry"]);
    $var_message = "";
    if (validateUpdation($var_email, $var_message) == true) {
        $sql = "Update sptbl_companies set vCompName='" . mysql_real_escape_string($var_companyName) . "',\r\n\t\t\t\t\tvCompAddress1='" . mysql_real_escape_string($var_address1) . "',\r\n\t\t\t\t\tvCompAddress2='" . mysql_real_escape_string($var_address2) . "',\r\n\t\t\t\t\tvCompCity='" . mysql_real_escape_string($var_city) . "',\r\n\t\t\t\t\tvCompState='" . mysql_real_escape_string($var_state) . "',\r\n\t\t\t\t\tnCompZip='" . mysql_real_escape_string($var_zip) . "',\r\n\t\t\t\t\tvCompCountry='" . mysql_real_escape_string($var_country) . "',\r\n\t\t\t\t\tvCompPhone='" . mysql_real_escape_string($var_phone) . "',\r\n\t\t\t\t   vCompFax='" . mysql_real_escape_string($var_fax) . "',\r\n\t\t\t\t   vCompMail='" . mysql_real_escape_string($var_email) . "',\r\n\t\t\t\t   vCompContact='" . mysql_real_escape_string($var_contact) . "' where nCompId='" . mysql_real_escape_string($var_id) . "'";
        executeQuery($sql, $conn);
        //Insert the actionlog
        if (logActivity()) {
            $sql = "Insert into sptbl_actionlog(nALId,nStaffId,vAction,vArea,nRespId,dDate) Values('','{$var_staffid}','" . TEXT_UPDATION . "','Company','" . mysql_real_escape_string($var_id) . "',now())";
            executeQuery($sql, $conn);
        }
        $var_message = MESSAGE_RECORD_UPDATED;
        $flag_msg = 'class="msg_success"';
    }
    /*			else {
    				$var_message = "<font color=red>" . MESSAGE_RECORD_ERROR . "</font>";
    			}*/
}
function validateAddition($var_email, &$var_message)
    }
} elseif ($_POST["postback"] == "U") {
    // Updating Rule
    $ruleName = trim($_POST["txtRuleName"]);
    $comapny = trim($_POST["txtCompany"]);
    $dept = trim($_POST["txtDept"]);
    $staff = trim($_POST["txtStaff"]);
    $settings = trim($_POST["settings"]);
    $txtResponseSetting = trim($_POST["txtResponseSetting"]);
    $var_message = "";
    $Time_settings = $settings == 'T' ? "Y" : "N";
    $Count_settings = $settings == 'C' ? "Y" : "N";
    $txtTime = $Time_settings == 'Y' ? $txtResponseSetting : "";
    $txtCount = $Count_settings == 'Y' ? $txtResponseSetting : "";
    $var_message = "";
    if (validateUpdation($ruleName, $var_message) == true) {
        $sql = "Update sptbl_escalationrules set vRuleName='" . mysql_real_escape_string($ruleName) . "',\n\t\t\t\t\tnCompId='" . mysql_real_escape_string($comapny) . "',\n\t\t\t\t\tnDeptId='" . mysql_real_escape_string($dept) . "',\n\t\t\t\t\teRespTimeSetting='" . mysql_real_escape_string($Time_settings) . "',\n\t\t\t\t\teRespCountSetting='" . mysql_real_escape_string($Count_settings) . "',\n\t\t\t\t\tnResponseTime='" . mysql_real_escape_string($txtTime) . "',\n\t\t\t\t\tnResponseCount='" . mysql_real_escape_string($txtCount) . "',\n\t\t\t\t\tnStaffId='" . mysql_real_escape_string($staff) . "'\n                                        where nERId='" . mysql_real_escape_string($var_id) . "'";
        executeQuery($sql, $conn);
        $var_message = MESSAGE_RECORD_UPDATED;
        $flag_msg = 'class="msg_success"';
    } else {
        $var_message = MESSAGE_RECORD_DUPILCATION;
        $flag_msg = 'class="msg_error"';
    }
}
function validateAddition($ruleName, &$var_message)
{
    global $conn, $flag_msg, $var_message;
    if (trim($_POST["txtRuleName"]) == "" || trim($_POST["txtCompany"]) == "" || trim($_POST["txtDept"]) == "" || trim($_POST["txtStaff"]) == "") {
        $var_message = MESSAGE_RECORD_ERROR;
        $flag_msg = 'class="msg_error"';