public function external_hook($hook) { switch ($hook) { case 'popup': // popup not used any more. cross domain issues. // load up the full script to be injected into our clients website. $website_id = isset($_REQUEST['i']) ? (int) $_REQUEST['i'] : false; $change_request_id = $change_id = isset($_REQUEST['change_id']) ? (int) $_REQUEST['change_id'] : false; $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; $type = isset($_REQUEST['type']) ? $_REQUEST['type'] : false; if ($type == 'popupjs') { @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Content-type: text/javascript"); } if ($website_id && $hash && module_change_request::link_popup($website_id, true) == $hash) { $change_history = module_change_request::get_remaining_changes($website_id); $step = isset($_REQUEST['step']) ? (int) $_REQUEST['step'] : 0; // get the change details out if ($change_request_id) { $change_request = module_change_request::get_change_request_by_website($website_id, $change_request_id); } else { $change_request = array(); } if (!$change_request) { $change_request = array('change_request_id' => 0, 'name' => '', 'request' => '', 'attachments' => array()); } switch ($type) { case 'save': // saving a change. $data = $_POST; $data['url'] = urldecode($data['url']); $data['website_id'] = $website_id; $data['change_request_id'] = $change_request['change_request_id']; if (isset($_REQUEST['completed_test'])) { if (!isset($_REQUEST['completed']) || !$_REQUEST['completed']) { $data['status'] = _CHANGE_REQUEST_STATUS_NEW; // not completed. } else { $data['status'] = _CHANGE_REQUEST_STATUS_COMPLETE; // completed! } } if (isset($_REQUEST['delete_request'])) { $data['status'] = _CHANGE_REQUEST_STATUS_DELETE; // deleted } $change_request_id = update_insert('change_request_id', $change_request['change_request_id'], 'change_request', $data); // redirect to send email page if we're logged in if (module_security::is_logged_in() && isset($_REQUEST['completed_send_email']) && $_REQUEST['completed_send_email'] && self::can_i('edit', 'Change Requests')) { // don't do the template, do the redirect to the email page (todo!) redirect_browser(self::link_open($change_request_id)); } else { // send email to administrator (everyone with change request edit permissions?) about this change request. $alert_users = module_user::get_users_by_permission(array('category' => 'Change Request', 'name' => 'Change Requests', 'module' => 'change_request', 'edit' => 1)); $email_data = get_single('change_request', 'change_request_id', $change_request_id); $customer_data = $website_data = array(); if ($website_id) { $website_data = module_website::get_website($website_id); $email_data['website_name'] = $website_data['name']; $email_data['website_link'] = module_website::link_open($website_id, true); if ($website_data && $website_data['customer_id']) { $customer_data = module_customer::get_customer($website_data['customer_id'], true); } } if (isset($email_data['request'])) { $email_data['request'] = nl2br($email_data['request']); // for the plain text emails. } foreach ($alert_users as $alert_user) { // todo: make sure this staff member has access to this website? // nfi how to figure this out. maybe we just look for staff members who are assigned jobs/tasks against this website? $template = module_template::get_template_by_key('change_request_alert_email'); $template->assign_values(array_merge($customer_data, $website_data, $email_data)); $html = $template->render('html'); // send an email to this user. $email = module_email::new_email(); $email->replace_values = array_merge($customer_data, $website_data, $email_data); $email->set_to('user', $alert_user['user_id']); $email->set_from('user', module_security::get_loggedin_id() ? module_security::get_loggedin_id() : isset($customer_data['primary_user_id']) ? $customer_data['primary_user_id'] : 0); $email->set_subject($template->description); // do we send images inline? $email->set_html($html); if ($email->send()) { // it worked successfully!! // sweet. } else { /// log err? set_error(_l('Failed to send change notification email to User ID: %s Email: %s Status: %s Error: %s', $alert_user['user_id'], json_encode($email->to), $email->status, $email->error_text)); } } } // display thankyou template. module_template::init_template('change_request_submitted', '<h2>Change Request</h2> <p>Thank you. Your change request has been submitted successfully.</p> <p>Please <a href="{URL}">click here</a> to continue.</p> ', 'Displayed after a change request is created/updated.', 'code'); // correct! // load up the receipt template. $template = module_template::get_template_by_key('change_request_submitted'); $template->page_title = _l("Change Request"); foreach ($data as $key => $val) { if (!is_array($val)) { $data[$key] = htmlspecialchars($val); } } $template->assign_values($data); echo $template->render('pretty_html'); exit; break; case 'display_change': ob_start(); ?> <div class="title"> <?php _e('Change request'); ?> </div> <div class="content"> <p><?php echo nl2br(htmlspecialchars($change_request['request'])); ?> </p> <div class="wp3changerequest_actions"> <p> <!-- <strong><?php _e('Attachments:'); ?> </strong> <?php if (!$change_request['attachments']) { ?> - none - <?php } else { foreach ($change_request['attachments'] as $attachment) { ?> <a href="#"><?php echo htmlspecialchars($attachment->name); ?> </a> <?php } ?> <?php } ?> <br/>--> <strong><?php _e('Created by:'); ?> </strong> <?php echo htmlspecialchars($change_request['name']); ?> <br/> <strong><?php _e('Created on:'); ?> </strong> <?php echo print_date($change_request['date_created'], true); ?> <?php if (isset($change_request['job_id']) && $change_request['job_id']) { ?> <br/> <strong><?php _e('Converted to job:'); ?> </strong> <?php _e('This task has been converted to a Job'); ?> <?php } ?> </p> <?php if (!isset($change_request['job_id']) || !$change_request['job_id'] || self::can_i('edit', 'Change Requests')) { ?> <p align="center"> <input type="button" name="edit" value="<?php _e('Edit'); ?> " class="wp3changerequest_button wp3changerequest_button_small" onclick="dtbaker_changerequest.edit(<?php echo $change_request_id; ?> ); return false;"> </p> <?php } ?> </div> </div> <?php $change_request['html'] = preg_replace('/\\s+/', ' ', ob_get_clean()); // echo json_encode($change_request); // exit; @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Content-type: text/javascript"); ?> var t = dtbaker_changerequest; var change_id = <?php echo $change_request_id; ?> ; var msg = <?php echo json_encode($change_request); ?> ; jQuery('body').prepend('<div class="wp3changerequest_change" id="dtbaker_change_'+change_id+'" style="'+((!t.show_postits) ? 'display:none;':'')+'"></div>'); var box = jQuery('#dtbaker_change_'+change_id); box.html(msg.html); if(msg.status == 0){ box.addClass('wp3changerequest_change_pending'); }else if(msg.status == 2){ box.addClass('wp3changerequest_change_complete'); }else if(msg.status == 3){ box.addClass('wp3changerequest_change_deleted'); } box.css('top',msg.y+'px'); box.data('window_width',msg.window_width); box.data('left',msg.x); t.set_left(change_id); with({i:change_id}){ jQuery(window).resize(function () { t.set_left(i); }); } box.data('original_height',box.height()); box.css('overflow','hidden'); jQuery('.title',box).slideUp(); box.stop(true, true).animate({ height: t.min_height, width: t.min_width },500); box.hover(function(){ jQuery(this).addClass('wp3changerequest_change_active'); jQuery('.title',this).stop(true, true).slideDown(); jQuery(this).stop().animate({ width: t.max_width, height: jQuery(this).data('original_height'), opacity: 1 },500); },function(){ jQuery('.title',this).stop(true, true).slideUp(); jQuery(this).stop().animate({ width: t.min_width, height: t.min_height, opacity: 0.7 },500,function(){ jQuery(this).removeClass('wp3changerequest_change_active'); }); }) <?php break; default: @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Content-type: text/javascript"); ob_start(); include 'pages/popup.php'; $html = ob_get_clean(); $html = addcslashes($html, "'"); $html = preg_replace('#\\r|\\n#', "' +\n'", $html); // inject using javascript. fixes cross domain issues ?> if(!jQuery('#dtbaker_changerequest_inlinewizard').length){ // fix for jQuery 1.9+ jQuery('body').append('<div id="dtbaker_changerequest_inlinewizard" style="display:none;"></div>'); } jQuery('#dtbaker_changerequest_inlinewizard').html('<?php echo $html; ?> '); <?php } } exit; break; case 'script': // load up the full script to be injected into our clients website. $website_id = isset($_REQUEST['i']) ? (int) $_REQUEST['i'] : false; $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; @ob_end_clean(); header("Expires: Mon, 26 Jul 1997 05:00:00 GMT"); header("Cache-Control: no-cache"); header("Pragma: no-cache"); header("Content-type: text/javascript"); if ($website_id && $hash && module_change_request::link_script($website_id, true) == $hash) { include "js/client.js"; $client_url = isset($_REQUEST['url']) ? $_REQUEST['url'] : false; if ($client_url) { $change_requests = self::get_change_requests(array('website_id' => $website_id, 'url' => $client_url)); // todo - option this out incase url causes issues. ie: old js check method ?> jQuery(function(){ <?php foreach ($change_requests as $change_request) { $displayed = false; if ($change_request['status'] == _CHANGE_REQUEST_STATUS_NEW) { $displayed = true; ?> dtbaker_changerequest.display_change(<?php echo $change_request['change_request_id']; ?> ); <?php } if (isset($_SESSION['_change_request_highlight']) && $_SESSION['_change_request_highlight'] == $change_request['change_request_id']) { ?> <?php if (!$displayed) { ?> dtbaker_changerequest.display_change(<?php echo $change_request['change_request_id']; ?> ); <?php } ?> dtbaker_changerequest.highlight(<?php echo (int) $_SESSION['_change_request_highlight']; ?> ); <?php unset($_SESSION['_change_request_highlight']); } } ?> }); <?php } else { // not posting the URL, some setups do not like this // get list of active change requests $change_requests = self::get_change_requests(array('website_id' => $website_id, 'status' => _CHANGE_REQUEST_STATUS_NEW)); // we also do completed ones because the change request highlight countbe in there $completed_change_requests = self::get_change_requests(array('website_id' => $website_id, 'status' => _CHANGE_REQUEST_STATUS_COMPLETE)); ?> jQuery(function(){ var current_url = window.location.href; <?php foreach ($change_requests as $change_request) { ?> if(current_url == '<?php echo addcslashes(htmlspecialchars($change_request['url']), "'"); ?> '){ // todo: do this better! dtbaker_changerequest.display_change(<?php echo $change_request['change_request_id']; ?> ); } <?php } ?> <?php // todo: do we display all previous change requests on the page or not? if (isset($_SESSION['_change_request_highlight']) && $_SESSION['_change_request_highlight']) { echo '// Checking for request: ' . (int) $_SESSION['_change_request_highlight']; foreach ($completed_change_requests as $complete_change_request) { if ($complete_change_request['change_request_id'] == $_SESSION['_change_request_highlight']) { // show this completed one as well. ?> dtbaker_changerequest.display_change(<?php echo $complete_change_request['change_request_id']; ?> ); <?php } } ?> dtbaker_changerequest.highlight(<?php echo (int) $_SESSION['_change_request_highlight']; ?> ); <?php // todo: move this unset over to the "display_change" callback so we only remove the session when we know it has been displayed. unset($_SESSION['_change_request_highlight']); } ?> }); <?php } } exit; break; case 'public': $website_id = isset($_REQUEST['i']) ? (int) $_REQUEST['i'] : false; $hash = isset($_REQUEST['hash']) ? $_REQUEST['hash'] : false; if ($website_id && $hash && module_change_request::link_public($website_id, true) == $hash) { // correct! // redirect to website with our "change_request" url parameter, that is picked up by the included text. $website = module_website::get_website($website_id); $change_request_website = get_single('change_request_website', 'website_id', $website_id); if ($change_request_website && $change_request_website['enabled']) { $url = module_website::urlify($website['url']); // todo - pass this to a (yet to be created) method in website that will deal with https:// or http:// based on user input. stop hardcoding http! if (isset($_REQUEST['change_request_id'])) { $selected_change_request = self::get_change_request_by_website($website_id, (int) $_REQUEST['change_request_id']); if ($selected_change_request && $selected_change_request['url']) { $url = $selected_change_request['url']; } //$url .= "&change_request_id=".(int)$_REQUEST['change_request_id']; $_SESSION['_change_request_highlight'] = (int) $_REQUEST['change_request_id']; } $url = $url . (strpos($url, '?') === false ? '?' : '&') . 'change_request=' . self::link_script($website_id, true); redirect_browser($url); } } echo "Change request disabled."; break; } }
function save_file_comments($file_id) { if (isset($_REQUEST['new_comment_text']) && strlen($_REQUEST['new_comment_text'])) { $file_data = $this->get_file($file_id); $item_data = array("file_id" => $file_id, "create_user_id" => module_security::get_loggedin_id(), "comment" => $_REQUEST['new_comment_text']); update_insert("file_comment_id", "new", "file_comment", $item_data); $file_data['comment'] = $_REQUEST['new_comment_text']; // do we schedule an alert for this file upload? if (module_security::can_user(module_security::get_loggedin_id(), _FILE_COMMENT_ALERT_STRING)) { // the current user is one who receives file alerts. // so for now we don't schedule this alert. // hmm - this might not work with a team environment, we'll send alerts no matter what :) } $alert_users = module_user::get_users_by_permission(array('category' => _LABEL_USER_SPECIFIC, 'name' => _FILE_COMMENT_ALERT_STRING, 'module' => 'config', 'view' => 1)); if (count($file_data['staff_ids'])) { foreach ($alert_users as $user_id => $alert_user) { if (!in_array($user_id, $file_data['staff_ids'])) { // this user has permissions to receive alerts, but they're not assigned. unset($alert_users[$user_id]); } } } else { if (isset($alert_users[1])) { unset($alert_users[1]); // skip admin for now until we can control that option } } // dont set a notification to ourselves. if (isset($alert_users[module_security::get_loggedin_id()])) { unset($alert_users[module_security::get_loggedin_id()]); } $file_data['customer_name'] = ''; $file_data['customer_link'] = ''; if (isset($file_data['customer_id']) && $file_data['customer_id']) { $customer_data = module_customer::get_customer($file_data['customer_id']); $file_data['customer_name'] = $customer_data['customer_name']; $file_data['customer_link'] = module_customer::link_open($file_data['customer_id']); } $file_data['file_link'] = self::link_open($file_id); foreach ($alert_users as $alert_user) { if (isset($alert_user['customer_id']) && $alert_user['customer_id'] > 0) { // only send this user an alert of the file is from this customer account. if (!isset($file_data['customer_id']) || $file_data['customer_id'] != $alert_user['customer_id']) { continue; // skip this user } } $notification_data = array('email_id' => 0, 'view_time' => 0, 'notification_type' => _FILE_NOTIFICATION_TYPE_COMMENTED, 'file_id' => $file_id, 'user_id' => $alert_user['user_id']); $template = module_template::get_template_by_key('file_comment_alert_email'); $template->assign_values($file_data); $html = $template->render('html'); // send an email to this user. $email = module_email::new_email(); $email->file_id = $file_id; $email->replace_values = $file_data; $email->set_to('user', $alert_user['user_id']); $email->set_from('user', module_security::get_loggedin_id()); $email->set_subject($template->description); // do we send images inline? $email->set_html($html); if ($email->send()) { // it worked successfully!! // sweet. $notification_data['email_id'] = $email->email_id; } else { /// log err? set_error('Failed to send notification email to user id ' . $alert_users['user_id']); } update_insert('file_notification_id', 'new', 'file_notification', $notification_data); } } }
public static function get_ticket_staff() { $admins = module_user::get_users_by_permission(array('category' => 'Ticket', 'name' => 'Tickets', 'module' => 'ticket', 'edit' => 1)); return $admins; }