function CleanArray(&$aArray) { if (get_magic_quotes_gpc() == 0) { return; } foreach ($aArray as $k => $v) { if (!is_array($aArray[$k])) { $aArray[$k] = GPCStripSlashes($aArray[$k]); } else { CleanArray($aArray[$k]); } } }
function Page() { global $dcl_info, $g_oSec; commonHeader(); if (!$g_oSec->HasPerm(DCL_ENTITY_PROJECT, DCL_PERM_VIEW)) { return PrintPermissionDenied(); } $oView = CreateObject('dcl.boView'); $oView->SetFromURL(); if (isset($_REQUEST['jumptopage']) && isset($_REQUEST['startrow']) && isset($_REQUEST['numrows'])) { $iPage = (int) $_REQUEST['jumptopage']; if ($iPage < 1) { $iPage = 1; } $oView->startrow = ($iPage - 1) * (int) $_REQUEST['numrows']; if ($oView->startrow < 0) { $oView->startrow = 0; } $oView->numrows = (int) $_REQUEST['numrows']; } else { $oView->numrows = 25; $oView->startrow = 0; } $filterStatus = -1; if (isset($_REQUEST['filterStatus'])) { $filterStatus = @DCL_Sanitize::ToSignedInt($_REQUEST['filterStatus']); } $filterReportto = @DCL_Sanitize::ToInt($_REQUEST['filterReportto']); $oView->RemoveDef('filternot', 'statuses.dcl_status_type'); $oView->RemoveDef('filter', 'statuses.dcl_status_type'); $oView->RemoveDef('filter', 'status'); $oView->RemoveDef('filterlike', 'name'); if ($filterStatus !== null && $filterStatus != 0) { if ($filterStatus == -1) { $oView->AddDef('filternot', 'statuses.dcl_status_type', '2'); } else { if ($filterStatus == -2) { $oView->AddDef('filter', 'statuses.dcl_status_type', '2'); } else { if ($filterStatus !== null) { $oView->AddDef('filter', 'status', $filterStatus); } } } } else { $oView->RemoveDef('filter', 'status'); } if ($filterReportto !== null && $filterReportto > 0) { $oView->ReplaceDef('filter', 'reportto', $filterReportto); } else { $oView->RemoveDef('filter', 'reportto'); } if (isset($_REQUEST['filterName']) && trim($_REQUEST['filterName']) != '') { $oView->AddDef('filterlike', 'name', GPCStripSlashes($_REQUEST['filterName'])); } $this->sColumnTitle = STR_CMMN_OPTIONS; $this->bShowPager = true; $this->Render($oView); }
function show() { global $dcl_info, $g_oSec; commonHeader(); if (!$g_oSec->HasPerm(DCL_ENTITY_PROJECT, DCL_PERM_VIEW)) { return PrintPermissionDenied(); } $oView = CreateObject('dcl.boView'); $oView->numrows = 25; $filterStatus = @DCL_Sanitize::ToSignedInt($_REQUEST['filterStatus']); $filterReportto = @DCL_Sanitize::ToInt($_REQUEST['filterReportto']); $oView->table = 'dcl_projects'; $oView->style = 'report'; $oView->title = 'Projects'; $oView->AddDef('columnhdrs', '', array(STR_CMMN_ID, STR_PRJ_LEAD, STR_PRJ_STATUS, STR_PRJ_NAME)); $oView->AddDef('columns', '', array('projectid', 'reportto.short', 'statuses.name', 'dcl_projects.name')); if ($dcl_info['DCL_PROJECT_BROWSE_PARENTS_ONLY'] == 'Y') { $oView->AddDef('filter', 'parentprojectid', 0); } $oView->AddDef('order', '', array('dcl_projects.name')); if ($filterStatus !== null) { if ($filterStatus > 0) { $oView->AddDef('filter', 'dcl_projects.status', $filterStatus); } else { if ($filterStatus == -1) { $oView->AddDef('filter', 'statuses.dcl_status_type', '2'); } else { $oView->AddDef('filternot', 'statuses.dcl_status_type', '2'); } } } else { $oView->AddDef('filternot', 'statuses.dcl_status_type', '2'); } if ($filterReportto !== null) { $oView->AddDef('filter', 'dcl_projects.reportto', $filterReportto); } if (isset($_REQUEST['filterName']) && trim($_REQUEST['filterName']) != '') { $oView->AddDef('filterlike', 'name', GPCStripSlashes($_REQUEST['filterName'])); } $oHtml = CreateObject('dcl.htmlProjectsBrowse'); $oHtml->Render($oView); }
function postwiki() { global $g_oSession, $g_oSec, $dcl_info; if (($type = DCL_Sanitize::ToInt($_REQUEST['type'])) === null || ($id = DCL_Sanitize::ToInt($_REQUEST['id'])) === null) { trigger_error('Data sanitize failed.'); return; } $name = GPCStripSlashes($_REQUEST['name']); $editmode = $_REQUEST['editmode']; $text = GPCStripSlashes($_REQUEST['text']); $id2 = @DCL_Sanitize::ToInt($_REQUEST['id2']); if ($type != DCL_ENTITY_WORKORDER) { $id2 = 0; } $o = CreateObject('dcl.dbWiki'); if ($o->Load($type, $id, $id2, $name) != -1) { $ddate = date("d M Y - H:i"); // Replace <d> tag with current date $o->page_text = str_replace("<d>", $ddate, $text); $o->page_text = ereg_replace("&(amp;)+", "&", $text); $o->page_ip = $g_oSession->Value('DCLNAME') . ' [' . $this->getlongip() . ']'; $o->Edit(); } $this->show(); }
function dbsearch() { global $g_oSec, $g_oSession; commonHeader(); $personnel = isset($_REQUEST['personnel']) && is_array($_REQUEST['personnel']) ? $_REQUEST['personnel'] : array(); $status = @$_REQUEST['status']; $is_public = @$_REQUEST['is_public']; $createdon = @$_REQUEST['createdon']; $closedon = @$_REQUEST['closedon']; $statuson = @$_REQUEST['statuson']; $lastactionon = @$_REQUEST['lastactionon']; $deadlineon = @$_REQUEST['deadlineon']; $eststarton = @$_REQUEST['eststarton']; $estendon = @$_REQUEST['estendon']; $starton = @$_REQUEST['starton']; $module_id = isset($_REQUEST['module_id']) && is_array($_REQUEST['module_id']) ? $_REQUEST['module_id'] : array(); $searchText = $_REQUEST['searchText']; $tags = $_REQUEST['tags']; $hotlist = $_REQUEST['hotlist']; $columns = $_REQUEST['columns']; $groups = $_REQUEST['groups']; $order = $_REQUEST['order']; $columnhdrs = $_REQUEST['columnhdrs']; $account = @DCL_Sanitize::ToIntArray($_REQUEST['account']); $entity_source_id = @DCL_Sanitize::ToIntArray($_REQUEST['entity_source_id']); $severity = @DCL_Sanitize::ToIntArray($_REQUEST['severity']); $priority = @DCL_Sanitize::ToIntArray($_REQUEST['priority']); $dcl_status_type = @DCL_Sanitize::ToIntArray($_REQUEST['dcl_status_type']); $product = @DCL_Sanitize::ToIntArray($_REQUEST['product']); $department = @DCL_Sanitize::ToIntArray($_REQUEST['department']); $project = @DCL_Sanitize::ToIntArray($_REQUEST['project']); $wo_type_id = @DCL_Sanitize::ToIntArray($_REQUEST['wo_type_id']); $dateFrom = DCL_Sanitize::ToDate($_REQUEST['dateFrom']); $dateTo = DCL_Sanitize::ToDate($_REQUEST['dateTo']); if (!$g_oSec->HasPerm(DCL_ENTITY_WORKORDER, DCL_PERM_SEARCH)) { return PrintPermissionDenied(); } $objView = CreateObject('dcl.boView'); $objView->table = 'workorders'; if (strlen($columnhdrs) > 0) { $columnhdrs = explode(',', $columnhdrs); } else { $columnhdrs = array(); } if (strlen($columns) > 0) { $columns = explode(',', $columns); } else { $columns = array(); } if (strlen($groups) > 0) { $groups = explode(',', $groups); } else { $groups = array(); } if (strlen($order) > 0) { $order = explode(',', $order); } else { $order = array(); } if (count($personnel) > 0 || count($department) > 0) { $fieldList = array('responsible', 'createby', 'closedby'); $bStrippedDepartments = false; $pers_sel = array(); foreach ($fieldList as $field) { if (!isset($_REQUEST[$field]) || $_REQUEST[$field] != '1') { continue; } if (count($personnel) > 0) { if (!$bStrippedDepartments) { $bStrippedDepartments = true; // Have actual personnel? If so, only set personnel for their associated departments instead of the department // then unset the department from the array foreach ($personnel as $encoded_pers) { list($dpt_id, $pers_id) = explode(',', $encoded_pers); $pers_sel[count($pers_sel)] = $pers_id; if (count($department) > 0 && in_array($dpt_id, $department)) { foreach ($department as $key => $department_id) { if ($department_id == $dpt_id) { unset($department[$key]); break; } } } } } $pers_sel = DCL_Sanitize::ToIntArray($pers_sel); if (count($pers_sel) > 0) { $objView->AddDef('filter', $field, $pers_sel); } } if (count($department) > 0) { $objView->AddDef('filter', $field . '.department', $department); } } } $fieldList = array('priority', 'severity', 'wo_type_id', 'entity_source_id'); foreach ($fieldList as $field) { if (count(${$field}) > 0) { $objView->AddDef('filter', $field, ${$field}); } } if (trim($tags) != '') { $objView->AddDef('filter', 'dcl_tag.tag_desc', $tags); } if (trim($hotlist) != '') { $objView->AddDef('filter', 'dcl_hotlist.hotlist_tag', $hotlist); } if (count($is_public) > 0) { foreach ($is_public as $publicValue) { if ($publicValue == 'Y' || $publicValue == 'N') { $objView->AddDef('filter', 'is_public', "'" . $publicValue . "'"); } } } if (count($module_id) > 0) { // Have modules? If so, only set module IDs for their associated products instead of the product ID // then unset the product id from the array $module = array(); foreach ($module_id as $encoded_mod) { list($mod_prod_id, $mod_id) = explode(',', $encoded_mod); $module[count($module)] = $mod_id; if (count($product) > 0 && in_array($mod_prod_id, $product)) { foreach ($product as $key => $product_id) { if ($product_id == $mod_prod_id) { unset($product[$key]); break; } } } } $objView->AddDef('filter', 'module_id', $module); } $g_oSession->Unregister('showBM'); if (count($product) > 0) { $objView->AddDef('filter', 'product', $product); // Adds BuildManager to drop down menu only if user selects a product if (count($product) == 1) { $g_oSession->Register('showBM', 1); } } $g_oSession->Edit(); if (($dcl_status_type = DCL_Sanitize::ToIntArray($dcl_status_type)) === null) { $dcl_status_type = array(); } if (count($status) > 0) { // Have statuses? If so, only set status IDs for their associated types instead of the status type ID // then unset the status type id from the array $statuses = array(); foreach ($status as $encoded_status) { list($type_id, $status_id) = explode(',', $encoded_status); if (($type_id = DCL_Sanitize::ToInt($type_id)) !== null && ($status_id = DCL_Sanitize::ToInt($status_id)) !== null) { $statuses[count($statuses)] = $status_id; if (count($dcl_status_type) > 0 && in_array($type_id, $dcl_status_type)) { foreach ($dcl_status_type as $key => $status_type_id) { if ($status_type_id == $type_id) { unset($dcl_status_type[$key]); break; } } } } } $objView->AddDef('filter', 'status', $statuses); } if (count($account) > 0) { $objView->AddDef('filter', 'dcl_wo_account.account_id', $account); } // already sanitized this one above if (count($dcl_status_type) > 0) { $objView->AddDef('filter', 'statuses.dcl_status_type', $dcl_status_type); } if (count($project) > 0) { $objView->AddDef('filter', 'dcl_projects.projectid', $project); } if ($dateFrom != '' || $dateTo != '') { $fieldList = array('createdon', 'closedon', 'statuson', 'lastactionon', 'deadlineon', 'eststarton', 'estendon', 'starton'); foreach ($fieldList as $field) { if (${$field} == '1') { $objView->AddDef('filterdate', $field, array($dateFrom, $dateTo)); } } } if ($searchText != '') { $fieldList = array('summary', 'notes', 'description'); foreach ($fieldList as $field) { if ($_REQUEST[$field] == '1') { $objView->AddDef('filterlike', $field, $searchText); } } } if (count($columns) > 0) { $objView->AddDef('columns', '', $columns); } if (count($groups) > 0) { foreach ($groups as $groupField) { if ($groupField == 'priorities.name') { $groups[$key] = 'priorities.weight'; } else { if ($groupField == 'severities.name') { $groups[$key] = 'severities.weight'; } } } $objView->AddDef('groups', '', $groups); } if (count($columnhdrs) > 0) { $objView->AddDef('columnhdrs', '', $columnhdrs); } if (count($order) > 0) { foreach ($order as $orderField) { if ($orderField == 'priorities.name') { $order[$key] = 'priorities.weight'; } else { if ($orderField == 'severities.name') { $order[$key] = 'severities.weight'; } } } $objView->AddDef('order', '', $order); } else { $objView->AddDef('order', '', array('jcn', 'seq')); } $objView->style = 'report'; if ($_REQUEST['title'] != '') { $objView->title = GPCStripSlashes($_REQUEST['title']); } else { $objView->title = STR_WO_RESULTSTITLE; } $obj =& CreateObject('dcl.htmlWorkOrderResults'); $obj->Render($objView); }