function save()
{
$current_user =& singleton("current_user");
global $TPL;
$errors = $this->validate();
if ($errors) {
alloc_error($errors);
} else {
$existing = $this->all_row_fields;
if ($existing["taskStatus"] != $this->get_value("taskStatus")) {
$db = new db_alloc();
$db->query("call change_task_status(%d,'%s')", $this->get_id(), $this->get_value("taskStatus"));
$row = $db->qr("SELECT taskStatus\n ,dateActualCompletion\n ,dateActualStart\n ,dateClosed\n ,closerID\n FROM task\n WHERE taskID = %d", $this->get_id());
// Changing a task's status changes these fields.
// Unfortunately the call to save() below erroneously nukes these fields.
// So we manually set them to whatever change_task_status() has dictated.
$this->set_value("taskStatus", $row["taskStatus"]);
$this->set_value("dateActualCompletion", $row["dateActualCompletion"]);
$this->set_value("dateActualStart", $row["dateActualStart"]);
$this->set_value("dateClosed", $row["dateClosed"]);
$this->set_value("closerID", $row["closerID"]);
}
return parent::save();
}
}
function save()
{
$current_user =& singleton("current_user");
$timeSheet = new timeSheet();
$timeSheet->set_id($this->get_value("timeSheetID"));
$timeSheet->select();
$timeSheet->load_pay_info();
list($amount_used, $amount_allocated) = $timeSheet->get_amount_allocated("%mo");
$this->currency = $timeSheet->get_value("currencyTypeID");
$this->set_value("comment", rtrim($this->get_value("comment")));
$amount_of_item = $this->calculate_item_charge($timeSheet->get_value("currencyTypeID"), $timeSheet->get_value("customerBilledDollars"));
if ($amount_allocated && $amount_of_item + $amount_used > $amount_allocated) {
alloc_error("Adding this Time Sheet Item would exceed the amount allocated on the Pre-paid invoice. Time Sheet Item not saved.");
}
// If unit is changed via CLI
if ($this->get_value("timeSheetItemDurationUnitID") && $timeSheet->pay_info["project_rateUnitID"] && $timeSheet->pay_info["project_rateUnitID"] != $this->get_value("timeSheetItemDurationUnitID") && !$timeSheet->can_edit_rate()) {
alloc_error("Not permitted to edit time sheet item unit.");
}
if (!$this->get_value("timeSheetItemDurationUnitID") && $timeSheet->pay_info["project_rateUnitID"]) {
$this->set_value("timeSheetItemDurationUnitID", $timeSheet->pay_info["project_rateUnitID"]);
}
// Last ditch perm checking - useful for the CLI
if (!is_object($timeSheet) || !$timeSheet->get_id()) {
alloc_error("Unknown time sheet.");
}
if ($timeSheet->get_value("status") != "edit" && !$this->skip_tsi_status_check) {
alloc_error("Time sheet is not at status edit");
}
if (!$this->is_owner()) {
alloc_error("Time sheet is not editable for you.");
}
$rtn = parent::save();
$timeSheet->update_related_invoices();
return $rtn;
}
function get_balance($where = array(), $debug = "")
{
$current_user =& singleton("current_user");
// If no status is requested then default to approved.
$where["status"] or $where["status"] = "approved";
if (!$this->is_owner() && !$current_user->have_role("admin")) {
return false;
}
// Get belance
$db = new db_alloc();
$query = prepare("SELECT sum( if(fromTfID=%d,-amount,amount) * pow(10,-currencyType.numberToBasic) * exchangeRate) AS balance \n FROM transaction \n LEFT JOIN currencyType ON transaction.currencyTypeID = currencyType.currencyTypeID\n WHERE (tfID = %d or fromTfID = %d) ", $this->get_id(), $this->get_id(), $this->get_id());
// Build up the rest of the WHERE sql
foreach ($where as $column_name => $value) {
$op = " = ";
if (is_array($value)) {
$op = $value[0];
$value = $value[1];
}
$query .= " AND " . $column_name . $op . " '" . db_esc($value) . "'";
}
#echo "<br>".$debug." q: ".$query;
$db->query($query);
$db->next_record() || alloc_error("TF {$tfID} not found in tf::get_balance");
return $db->f("balance");
}
function get_value($dest = DST_VARIABLE, $parent = null)
{
if ($dest == DST_DATABASE) {
if (isset($this->value) && imp($this->value) || $this->empty_to_null == false) {
return "'" . db_esc($this->value) . "'";
} else {
return "NULL";
}
} else {
if ($dest == DST_HTML_DISPLAY) {
if ($this->type == "money" && imp($this->value)) {
$c = $parent->currency;
if ($this->currency && isset($parent->data_fields[$this->currency])) {
$c = $parent->get_value($this->currency);
}
if (!$c) {
alloc_error("db_field::get_value(): No currency specified for " . $parent->classname . "." . $this->name . " (currency:" . $c . ")");
} else {
if ($this->value == $parent->all_row_fields[$this->name]) {
return page::money($c, $this->value, "%mo");
}
}
}
return page::htmlentities($this->value);
} else {
return $this->value;
}
}
}
function apply_patch($f)
{
global $TPL;
static $files;
// Should never attempt to apply the same patch twice.. in case
// there are function declarations in the .php patches.
if ($files[$f]) {
return;
}
$files[$f] = true;
$db = new db_alloc();
$file = basename($f);
$failed = false;
$comments = array();
// This is an important patch that converts money from 120.34 to 12034.
// We MUST ensure that the user has a currency set before applying this patch.
if ($file == "patch-00188-alla.sql") {
if (!config::get_config_item('currency')) {
alloc_error("No default currency is set! Login to alloc (ignore any errors, you may need to manually change the url to config/config.php after logging in) go to Setup -> Finance and select a Main Currency. And then click the 'Update Transactions That Have No Currency' button. Then return here and apply this patch (patch-188). IT IS REALLY IMPORTANT THAT YOU FOLLOW THESE INSTRUCTIONS as the storage format for monetary amounts has changed.", true);
}
}
// Try for sql file
if (strtolower(substr($file, -4)) == ".sql") {
list($sql, $comments) = parse_sql_file($f);
foreach ($sql as $query) {
if (!$db->query($query)) {
#$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$db->get_error();
$failed = true;
alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $db->get_error());
}
}
if (!$failed) {
$TPL["message_good"][] = "Successfully Applied: " . $f;
}
// Try for php file
} else {
if (strtolower(substr($file, -4)) == ".php") {
$str = execute_php_file("../patches/" . $file);
if ($str && !defined("FORCE_PATCH_SUCCEED_" . $file)) {
#$TPL["message"][] = "<b style=\"color:red\">Error:</b> ".$f."<br>".$str;
$failed = true;
ob_end_clean();
alloc_error("<b style=\"color:red\">Error:</b> " . $f . "<br>" . $str);
} else {
$TPL["message_good"][] = "Successfully Applied: " . $f;
}
}
}
if (!$failed) {
$q = prepare("INSERT INTO patchLog (patchName, patchDesc, patchDate) \n VALUES ('%s','%s','%s')", $file, implode(" ", $comments), date("Y-m-d H:i:s"));
$db->query($q);
}
}
function save()
{
// Just ensure multiple 0 entries cannot be saved.
if ($this->get_value("commissionPercent") == 0) {
$q = prepare("SELECT * FROM projectCommissionPerson WHERE projectID = %d AND commissionPercent = 0 AND projectCommissionPersonID != %d", $this->get_value("projectID"), $this->get_id());
$db = new db_alloc();
$db->query($q);
if ($db->next_record()) {
$fail = true;
alloc_error("Only one Time Sheet Commission is allowed to be set to 0%");
}
}
if (!$fail) {
parent::save();
}
}
function add_tsiHint($stuff)
{
$current_user =& singleton("current_user");
$errstr = "Failed to record new time sheet item hint. ";
$username = $stuff["username"];
$people = person::get_people_by_username();
$personID = $people[$username]["personID"];
$personID or alloc_error("Person " . $username . " not found.");
$taskID = $stuff["taskID"];
$projectID = $stuff["projectID"];
$duration = $stuff["duration"];
$comment = $stuff["comment"];
$date = $stuff["date"];
if ($taskID) {
$task = new task();
$task->set_id($taskID);
$task->select();
$projectID = $task->get_value("projectID");
$extra = " for task " . $taskID;
}
$projectID or alloc_error(sprintf($errstr . "No project found%s.", $extra));
$row_projectPerson = projectPerson::get_projectPerson_row($projectID, $current_user->get_id());
$row_projectPerson or alloc_error($errstr . "The person(" . $current_user->get_id() . ") has not been added to the project(" . $projectID . ").");
if ($row_projectPerson && $projectID) {
// Add new time sheet item
$tsiHint = new tsiHint();
$d = $date or $d = date("Y-m-d");
$tsiHint->set_value("date", $d);
$tsiHint->set_value("duration", $duration);
if (is_object($task)) {
$tsiHint->set_value("taskID", sprintf("%d", $taskID));
}
$tsiHint->set_value("personID", $personID);
$tsiHint->set_value("comment", $comment);
$tsiHint->save();
$ID = $tsiHint->get_id();
}
if ($ID) {
return array("status" => "yay", "message" => $ID);
} else {
alloc_error($errstr . "Time hint not added.");
}
}
function save()
{
// These need to be in here instead of validate(), because
// validate is called after save() and we need these values set for save().
$this->get_value("currencyTypeID") or $this->set_value("currencyTypeID", config::get_config_item("currency"));
$this->get_value("destCurrencyTypeID") or $this->set_value("destCurrencyTypeID", config::get_config_item("currency"));
// The data prior to the save
$old = $this->all_row_fields;
if ($old["status"] != $this->get_value("status") && $this->get_value("status") == "approved") {
$this->set_value("dateApproved", date("Y-m-d"));
$field_changed = true;
} else {
if ($this->get_value("status") != "approved") {
$this->set_value("dateApproved", "");
}
}
if ($old["currencyTypeID"] != $this->get_value("currencyTypeID")) {
$field_changed = true;
}
if ($old["destCurrencyTypeID"] != $this->get_value("destCurrencyTypeID")) {
$field_changed = true;
}
$db = new db_alloc();
// If there already is an exchange rate set for an approved
// transaction, then there's no need to update the exchange rate
if ($this->get_value("exchangeRate") && $this->get_value("dateApproved") && !$field_changed) {
// Else update the transaction's exchange rate
} else {
$this->get_value("transactionCreatedTime") and $date = format_date("Y-m-d", $this->get_value("transactionCreatedTime"));
$this->get_value("transactionModifiedTime") and $date = format_date("Y-m-d", $this->get_value("transactionModifiedTime"));
$this->get_value("transactionDate") and $date = $this->get_value("transactionDate");
$this->get_value("dateApproved") and $date = $this->get_value("dateApproved");
$er = exchangeRate::get_er($this->get_value("currencyTypeID"), $this->get_value("destCurrencyTypeID"), $date);
if (!$er) {
alloc_error("Unable to determine exchange rate for " . $this->get_value("currencyTypeID") . " to " . $this->get_value("destCurrencyTypeID") . " for date: " . $date);
} else {
$this->set_value("exchangeRate", $er);
}
}
return parent::save();
}
function PclZip($p_zipname)
{
//--(MAGIC-PclTrace)--//PclTraceFctStart(__FILE__, __LINE__, 'PclZip::PclZip', "zipname=$p_zipname");
// ----- Tests the zlib
if (!function_exists('gzopen')) {
//--(MAGIC-PclTrace)--//PclTraceFctMessage(__FILE__, __LINE__, 1, "zlib extension seems to be missing");
alloc_error('Abort ' . basename(__FILE__) . ' : Missing zlib extensions');
}
// ----- Set the attributes
$this->zipname = $p_zipname;
$this->zip_fd = 0;
$this->magic_quotes_status = -1;
// ----- Return
//--(MAGIC-PclTrace)--//PclTraceFctEnd(__FILE__, __LINE__, 1);
return;
}
* allocPSA is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
* License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with allocPSA. If not, see <http://www.gnu.org/licenses/>.
*/
require_once "../alloc.php";
if (!config::get_config_item("mainTfID")) {
alloc_error("This functionality will not work until you set a Finance TF on the Setup -> Finance screen.");
}
$field_map = array("date" => 0, "account" => 1, "num" => 2, "description" => 3, "memo" => 4, "category" => 5, "clr" => 6, "amount" => 7);
if ($_POST["upload"]) {
$db = new db_alloc();
is_uploaded_file($_FILES["expenses_file"]["tmp_name"]) || alloc_error("File referred to was not an uploaded file", true);
// Prevent attacks by setting $expenses_file in URL
$lines = file($_FILES["expenses_file"]["tmp_name"]);
reset($lines);
while (list(, $line) = each($lines)) {
// Ignore blank lines
if (trim($line) == "") {
continue;
}
// Read field values from the line
$fields = explode("\t", $line);
$date = trim($fields[$field_map["date"]]);
$account = trim($fields[$field_map["account"]]);
$num = trim($fields[$field_map["num"]]);
$description = trim($fields[$field_map["description"]]);
$memo = trim($fields[$field_map["memo"]]);
function add_comment_from_email($email_receive, $entity)
{
$current_user =& singleton("current_user");
$commentID = comment::add_comment($entity->classname, $entity->get_id(), $email_receive->get_converted_encoding());
$commentID or alloc_error("Unable to create an alloc comment (" . $entity->classname . ":" . $entity->get_id() . ") from email.");
$comment = new comment();
$comment->set_id($commentID);
$comment->select();
$comment->set_value("commentEmailUID", $email_receive->msg_uid);
$comment->set_value("commentEmailMessageID", $email_receive->mail_headers["message-id"]);
$comment->rename_email_attachment_dir($email_receive->dir);
// Try figure out and populate the commentCreatedUser/commentCreatedUserClientContactID fields
list($from_address, $from_name) = parse_email_address($email_receive->mail_headers["from"]);
list($personID, $clientContactID, $from_name) = comment::get_person_and_client($from_address, $from_name, $entity->get_project_id());
$personID and $comment->set_value('commentCreatedUser', $personID);
$clientContactID and $comment->set_value('commentCreatedUserClientContactID', $clientContactID);
$comment->set_value("commentCreatedUserText", $email_receive->mail_headers["from"]);
$comment->set_value("commentEmailMessageID", $email_receive->mail_headers["message-id"]);
$comment->updateSearchIndexLater = true;
$comment->skip_modified_fields = true;
$comment->save();
if ($email_receive->mimebits) {
comment::update_mime_parts($comment->get_id(), $email_receive->mimebits);
}
// CYBER-ONLY: Re-open task, if comment has been made by an external party.
if (config::for_cyber() && !$comment->get_value('commentCreatedUser')) {
$e = $entity->get_parent_object();
if ($e->classname == "task" && substr($e->get_value("taskStatus"), 0, 4) != "open") {
$tmp = $current_user;
$current_user = new person();
$personID = $e->get_value("managerID") or $personID = $e->get_value("personID") or $personID = $e->get_value("creatorID");
$current_user->load_current_user($personID);
// fake identity
singleton("current_user", $current_user);
$e->set_value("taskStatus", "open_inprogress");
$e->save();
$current_user = $tmp;
}
}
return $comment;
}
if ($_POST["save"]) {
$expenseForm->read_globals();
if ($expenseForm->get_value("reimbursementRequired") == 0 || $expenseForm->get_value("reimbursementRequired") == 1) {
$expenseForm->set_value("paymentMethod", "");
}
$expenseForm->set_value("seekClientReimbursement", $_POST["seekClientReimbursement"] ? 1 : 0);
$expenseForm->set_value("expenseFormComment", rtrim($expenseForm->get_value("expenseFormComment")));
$expenseForm->save();
alloc_redirect($TPL["url_alloc_expenseForm"] . "expenseFormID=" . $expenseForm->get_id());
exit;
} else {
if ($_POST["finalise"]) {
$db = new db_alloc();
$hasItems = $db->qr("SELECT * FROM transaction WHERE expenseFormID = %d", $expenseForm->get_id());
if (!$hasItems) {
alloc_error("Unable to submit expense form, no items have been added.");
alloc_redirect($TPL["url_alloc_expenseForm"] . "expenseFormID=" . $expenseForm->get_id());
exit;
}
$expenseForm->read_globals();
if ($expenseForm->get_value("reimbursementRequired") == 0 || $expenseForm->get_value("reimbursementRequired") == 1) {
$expenseForm->set_value("paymentMethod", "");
}
$expenseForm->set_value("seekClientReimbursement", $_POST["seekClientReimbursement"] ? 1 : 0);
$expenseForm->set_value("expenseFormFinalised", 1);
$expenseForm->set_value("expenseFormComment", rtrim($expenseForm->get_value("expenseFormComment")));
$expenseForm->save();
alloc_redirect($TPL["url_alloc_expenseForm"] . "expenseFormID=" . $expenseForm->get_id());
exit;
} else {
if ($_POST["unfinalise"]) {
function add_remove_ips($ip, $entity, $entityID, $projectID = null)
{
$parties = explode(",", $ip);
foreach ($parties as $party) {
$party = trim($party);
// remove an ip
if ($party[0] == "%") {
list($personID, $name, $email) = interestedParty::expand_ip(implode("", array_slice(str_split($party), 1)), $projectID);
interestedParty::delete_interested_party($entity, $entityID, $email);
// add an ip
} else {
list($personID, $name, $email) = interestedParty::expand_ip($party, $projectID);
if (!$email || strpos($email, "@") === false) {
alloc_error("Unable to add interested party: " . $party);
} else {
interestedParty::add_interested_party(array("entity" => $entity, "entityID" => $entityID, "fullName" => $name, "emailAddress" => $email, "personID" => $personID));
}
}
}
}
function get_value($field_name, $dest = DST_VARIABLE)
{
$field = $this->data_fields[$field_name];
if (!is_object($field)) {
$msg = "Field {$field_name} does not exist in " . $this->data_table;
alloc_error($msg);
return $msg;
}
if (!$this->can_read_field($field_name)) {
return "Permission denied to " . $this->permissions[$this->data_fields[$field_name]->read_perm_name] . " of " . $this->data_table . "." . $field_name;
}
$c = $this->currency;
if (isset($this->data_fields["currencyTypeID"]) && imp($this->data_fields["currencyTypeID"]->get_value())) {
$c = $this->data_fields["currencyTypeID"]->get_value();
}
$c and $this->currency = $c;
return $field->get_value($dest, $this);
}
function add_timeSheetItem($stuff)
{
$current_user =& singleton("current_user");
$errstr = "Failed to record new time sheet item. ";
$taskID = $stuff["taskID"];
$projectID = $stuff["projectID"];
$duration = $stuff["duration"];
$comment = $stuff["comment"];
$emailUID = $stuff["msg_uid"];
$emailMessageID = $stuff["msg_id"];
$date = $stuff["date"];
$unit = $stuff["unit"];
$multiplier = $stuff["multiplier"];
if ($taskID) {
$task = new task();
$task->set_id($taskID);
$task->select();
$projectID = $task->get_value("projectID");
$extra = " for task " . $taskID;
}
$projectID or alloc_error(sprintf($errstr . "No project found%s.", $extra));
$row_projectPerson = projectPerson::get_projectPerson_row($projectID, $current_user->get_id());
$row_projectPerson or alloc_error($errstr . "The person(" . $current_user->get_id() . ") has not been added to the project(" . $projectID . ").");
if ($row_projectPerson && $projectID) {
if ($stuff["timeSheetID"]) {
$q = prepare("SELECT *\n FROM timeSheet\n WHERE status = 'edit'\n AND personID = %d\n AND timeSheetID = %d\n ORDER BY dateFrom\n LIMIT 1\n ", $current_user->get_id(), $stuff["timeSheetID"]);
$db = new db_alloc();
$db->query($q);
$row = $db->row();
$row or alloc_error("Couldn't find an editable time sheet with that ID.");
} else {
$q = prepare("SELECT *\n FROM timeSheet\n WHERE status = 'edit'\n AND projectID = %d\n AND personID = %d\n ORDER BY dateFrom\n LIMIT 1\n ", $projectID, $current_user->get_id());
$db = new db_alloc();
$db->query($q);
$row = $db->row();
}
// If no timeSheets add a new one
if (!$row) {
$project = new project();
$project->set_id($projectID);
$project->select();
$timeSheet = new timeSheet();
$timeSheet->set_value("projectID", $projectID);
$timeSheet->set_value("status", "edit");
$timeSheet->set_value("personID", $current_user->get_id());
$timeSheet->set_value("recipient_tfID", $current_user->get_value("preferred_tfID"));
$timeSheet->set_value("customerBilledDollars", page::money($project->get_value("currencyTypeID"), $project->get_value("customerBilledDollars"), "%mo"));
$timeSheet->set_value("currencyTypeID", $project->get_value("currencyTypeID"));
$timeSheet->save();
$timeSheetID = $timeSheet->get_id();
// Else use the first timesheet we found
} else {
$timeSheetID = $row["timeSheetID"];
}
$timeSheetID or alloc_error($errstr . "Couldn't locate an existing, or create a new Time Sheet.");
// Add new time sheet item
if ($timeSheetID) {
$timeSheet = new timeSheet();
$timeSheet->set_id($timeSheetID);
$timeSheet->select();
$tsi = new timeSheetItem();
$tsi->currency = $timeSheet->get_value("currencyTypeID");
$tsi->set_value("timeSheetID", $timeSheetID);
$d = $date or $d = date("Y-m-d");
$tsi->set_value("dateTimeSheetItem", $d);
$tsi->set_value("timeSheetItemDuration", $duration);
$tsi->set_value("timeSheetItemDurationUnitID", $unit);
if (is_object($task)) {
$tsi->set_value("description", $task->get_name());
$tsi->set_value("taskID", sprintf("%d", $taskID));
$_POST["timeSheetItem_taskID"] = sprintf("%d", $taskID);
// this gets used in timeSheetItem->save();
}
$tsi->set_value("personID", $current_user->get_id());
$tsi->set_value("rate", page::money($timeSheet->get_value("currencyTypeID"), $row_projectPerson["rate"], "%mo"));
$tsi->set_value("multiplier", $multiplier);
$tsi->set_value("comment", $comment);
$tsi->set_value("emailUID", $emailUID);
$tsi->set_value("emailMessageID", $emailMessageID);
$tsi->save();
$id = $tsi->get_id();
$tsi = new timeSheetItem();
$tsi->set_id($id);
$tsi->select();
$ID = $tsi->get_value("timeSheetID");
}
}
if ($ID) {
return array("status" => "yay", "message" => $ID);
} else {
alloc_error($errstr . "Time not added.");
}
}
<?php
/*
* Copyright (C) 2006-2011 Alex Lance, Clancy Malcolm, Cyber IT Solutions
* Pty. Ltd.
*
* This file is part of the allocPSA application <*****@*****.**>.
*
* allocPSA is free software: you can redistribute it and/or modify it
* under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at
* your option) any later version.
*
* allocPSA is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
* License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with allocPSA. If not, see <http://www.gnu.org/licenses/>.
*/
require_once "../alloc.php";
if (!$current_user->is_employee()) {
alloc_error("You do not have permission to access invoices", true);
}
$invoiceID = $_POST["invoiceID"] or $invoiceID = $_GET["invoiceID"];
$verbose = $_GET["verbose"];
$invoice = new invoice();
$invoice->set_id($invoiceID);
$invoice->select();
$invoice->generate_invoice_file($verbose);
/**
* getSendArray() returns the arguments required for Mail::send()
* used to build the arguments for a mail::send() call
*
* Usage:
* $mailtext = Full email (for example generated by a template)
* $decoder = new Mail_mimeDecode($mailtext);
* $parts = $decoder->getSendArray();
* if (!PEAR::isError($parts) {
* list($recipents,$headers,$body) = $parts;
* $mail = Mail::factory('smtp');
* $mail->send($recipents,$headers,$body);
* } else {
* echo $parts->message;
* }
* @return mixed array of recipeint, headers,body or Pear_Error
* @access public
* @author Alan Knowles <*****@*****.**>
*/
function getSendArray()
{
// prevent warning if this is not set
$this->_decode_headers = FALSE;
$headerlist = $this->_parseHeaders($this->_header);
$to = "";
if (!$headerlist) {
alloc_error("Mail_mimeDecode::getSendArray() message did not contain headers");
}
foreach ($headerlist as $item) {
$header[$item['name']] = $item['value'];
switch (strtolower($item['name'])) {
case "to":
case "cc":
case "bcc":
$to .= "," . $item['value'];
default:
break;
}
}
if ($to == "") {
alloc_error("Mail_mimeDecode::getSendArray() message did not contain any recipents");
}
$to = substr($to, 1);
return array($to, $header, $this->_body);
}
* under the terms of the GNU Affero General Public License as published by
* the Free Software Foundation, either version 3 of the License, or (at
* your option) any later version.
*
* allocPSA is distributed in the hope that it will be useful, but WITHOUT
* ANY WARRANTY; without even the implied warranty of MERCHANTABILITY or
* FITNESS FOR A PARTICULAR PURPOSE. See the GNU Affero General Public
* License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with allocPSA. If not, see <http://www.gnu.org/licenses/>.
*/
require_once "../alloc.php";
$info["host"] = config::get_config_item("allocEmailHost");
$info["port"] = config::get_config_item("allocEmailPort");
$info["username"] = config::get_config_item("allocEmailUsername");
$info["password"] = config::get_config_item("allocEmailPassword");
$info["protocol"] = config::get_config_item("allocEmailProtocol");
if (!$info["host"]) {
alloc_error("Email mailbox host not defined, assuming email function is inactive.", true);
}
$email_receive = new email_receive($info);
$email_receive->open_mailbox(config::get_config_item("allocEmailFolder"), OP_HALFOPEN | OP_READONLY);
$email_receive->set_msg($_REQUEST["id"]);
$new_nums = $email_receive->get_new_email_msg_uids();
in_array($_REQUEST["id"], (array) $new_nums) and $new = true;
$mail_text = $email_receive->fetch_mail_text();
$new and $email_receive->set_unread();
// might have to "unread" the email, if it was new, i.e. set it back to new
$email_receive->close();
echo nl2br(trim(page::htmlentities($mail_text)));
}
$TPL["reimbursementRequired_checked"] = $transactionRepeat->get_value("reimbursementRequired") ? " checked" : "";
if ($transactionRepeat->get_value("transactionRepeatModifiedUser")) {
$db->query("select username from person where personID=%d", $transactionRepeat->get_value("transactionRepeatModifiedUser"));
$db->next_record();
$TPL["user"] = $db->f("username");
}
if (have_entity_perm("tf", PERM_READ, $current_user, false)) {
// Person can access all TF records
$q = prepare("SELECT tfID AS value, tfName AS label \n FROM tf \n WHERE tfActive = 1 \n OR tf.tfID = %d \n OR tf.tfID = %d \n ORDER BY tfName", $transactionRepeat->get_value("tfID"), $transactionRepeat->get_value("fromTfID"));
} else {
if (have_entity_perm("tf", PERM_READ, $current_user, true)) {
// Person can only read TF records that they own
$q = prepare("SELECT tf.tfID AS value, tf.tfName AS label\n FROM tf, tfPerson \n WHERE tfPerson.personID=%d \n AND tf.tfID=tfPerson.tfID \n AND (tf.tfActive = 1 OR tf.tfID = %d OR tf.tfID = %d)\n ORDER BY tfName", $current_user->get_id(), $transactionRepeat->get_value("tfID"), $transactionRepeat->get_value("fromTfID"));
} else {
alloc_error("No permissions to generate TF list");
}
}
//special case for disabled TF. Include it in the list, but also add a warning message.
$tf = new tf();
$tf->set_id($transactionRepeat->get_value("tfID"));
if ($tf->select() && !$tf->get_value("tfActive")) {
$TPL["message_help"][] = "This expense is allocated to an inactive TF. It will not create transactions.";
}
$tf = new tf();
$tf->set_id($transactionRepeat->get_value("fromTfID"));
if ($tf->select() && !$tf->get_value("tfActive")) {
$TPL["message_help"][] = "This expense is sourced from an inactive TF. It will not create transactions.";
}
$m = new meta("currencyType");
$currencyOps = $m->get_assoc_array("currencyTypeID", "currencyTypeID");
}
// This needs to be just above the newTimeSheet_projectID logic
$projectID = $timeSheet->get_value("projectID");
// If we are entering the page from a project link: New time sheet
if ($_GET["newTimeSheet_projectID"] && !$projectID) {
$_GET["taskID"] and $tid = "&taskID=" . $_GET["taskID"];
$projectID = $_GET["newTimeSheet_projectID"];
$db = new db_alloc();
$q = prepare("SELECT * FROM timeSheet WHERE status = 'edit' AND personID = %d AND projectID = %d", $current_user->get_id(), $projectID);
$db->query($q);
if ($db->next_record()) {
alloc_redirect($TPL["url_alloc_timeSheet"] . "timeSheetID=" . $db->f("timeSheetID") . $tid);
}
}
if ($_GET["newTimeSheet_projectID"] && !$db->qr("SELECT * FROM projectPerson WHERE personID = %d AND projectID = %d", $current_user->get_id(), $_GET["newTimeSheet_projectID"])) {
alloc_error("You are not a member of the project (id:" . page::htmlentities($_GET["newTimeSheet_projectID"]) . "), please get a manager to add you to the project.");
}
$db->query($query);
while ($db->row()) {
$project_array[$db->f("projectID")] = $db->f("projectName");
}
$TPL["timeSheet_projectName"] = $project_array[$projectID];
$TPL["timeSheet_projectID"] = $projectID;
$TPL["taskID"] = $_GET["taskID"];
// Get the project record to determine which button for the edit status.
if ($projectID != 0) {
$project = new project();
$project->set_id($projectID);
$project->select();
$projectManagers = $project->get_timeSheetRecipients();
if (!$projectManagers) {
function move_forwards()
{
$current_user =& singleton("current_user");
global $TPL;
$status = $this->get_value("status");
$db = new db_alloc();
if ($this->get_value("clientID")) {
$c = $this->get_foreign_object("client");
$extra = " for " . $c->get_value("clientName");
$taskDesc[] = "";
}
$taskname1 = "Sale " . $this->get_id() . ": raise an invoice" . $extra;
$taskname2 = "Sale " . $this->get_id() . ": place an order to the supplier";
$taskname3 = "Sale " . $this->get_id() . ": pay the supplier";
$taskname4 = "Sale " . $this->get_id() . ": deliver the goods / action the work";
$cyberadmin = 59;
$taskDesc[] = "Sale items:";
$taskDesc[] = "";
foreach ((array) $this->get_productSaleItems() as $psiID => $psi_row) {
$p = new product();
$p->set_id($psi_row["productID"]);
$taskDesc[] = " " . page::money($psi_row["sellPriceCurrencyTypeID"], $psi_row["sellPrice"], "%S%mo") . " for " . $psi_row["quantity"] . " x " . $p->get_name();
$hasItems = true;
}
if (!$hasItems) {
return alloc_error("No sale items have been added.");
}
$amounts = $this->get_amounts();
$taskDesc[] = "";
$taskDesc[] = "Total: " . $amounts["total_sellPrice"];
$taskDesc[] = "Total inc " . config::get_config_item("taxName") . ": " . $amounts["total_sellPrice_plus_gst"];
$taskDesc[] = "";
$taskDesc[] = "Refer to the sale in alloc for up-to-date information:";
$taskDesc[] = config::get_config_item("allocURL") . "sale/productSale.php?productSaleID=" . $this->get_id();
$taskDesc = implode("\n", $taskDesc);
if ($status == "edit") {
$this->set_value("status", "allocate");
$items = $this->get_productSaleItems();
foreach ($items as $r) {
$psi = new productSaleItem();
$psi->set_id($r["productSaleItemID"]);
$psi->select();
if (!$db->qr("SELECT transactionID FROM transaction WHERE productSaleItemID = %d", $psi->get_id())) {
$psi->create_transactions();
}
}
} else {
if ($status == "allocate") {
$this->set_value("status", "admin");
// 1. from salesperson to admin
$q = prepare("SELECT * FROM task WHERE projectID = %d AND taskName = '%s'", $cyberadmin, $taskname1);
if (config::for_cyber() && !$db->qr($q)) {
$task = new task();
$task->set_value("projectID", $cyberadmin);
// Cyber Admin Project
$task->set_value("taskName", $taskname1);
$task->set_value("managerID", $this->get_value("personID"));
// salesperson
$task->set_value("personID", 67);
// Cyber Support people (jane)
$task->set_value("priority", 3);
$task->set_value("taskTypeID", "Task");
$task->set_value("taskDescription", $taskDesc);
$task->set_value("dateTargetStart", date("Y-m-d"));
$task->set_value("dateTargetCompletion", date("Y-m-d", date("U") + 60 * 60 * 24 * 7));
$task->save();
$TPL["message_good"][] = "Task created: " . $task->get_id() . " " . $task->get_value("taskName");
$p1 = new person();
$p1->set_id($this->get_value("personID"));
$p1->select();
$p2 = new person();
$p2->set_id(67);
$p2->select();
$recipients[$p1->get_value("emailAddress")] = array("name" => $p1->get_name(), "addIP" => true, "internal" => true);
$recipients[$p2->get_value("emailAddress")] = array("name" => $p2->get_name(), "addIP" => true, "internal" => true);
$comment = $p2->get_name() . ",\n\n" . $taskname1 . "\n\n" . $taskDesc;
$commentID = comment::add_comment("task", $task->get_id(), $comment, "task", $task->get_id());
$emailRecipients = comment::add_interested_parties($commentID, null, $recipients);
// Re-email the comment out, including any attachments
if (!comment::send_comment($commentID, $emailRecipients)) {
alloc_error("Email failed to send.");
} else {
$TPL["message_good"][] = "Emailed task comment to " . $p1->get_value("emailAddress") . ", " . $p2->get_value("emailAddress") . ".";
}
}
} else {
if ($status == "admin" && $this->have_perm(PERM_APPROVE_PRODUCT_TRANSACTIONS)) {
$this->set_value("status", "finished");
if ($_REQUEST["changeTransactionStatus"]) {
$rows = $this->get_productSaleItems();
foreach ($rows as $row) {
$ids[] = $row["productSaleItemID"];
}
if ($ids) {
$q = prepare("UPDATE transaction SET status = '%s' WHERE productSaleItemID in (%s)", $_REQUEST["changeTransactionStatus"], $ids);
$db = new db_alloc();
$db->query($q);
}
}
// 2. from admin to salesperson
$q = prepare("SELECT * FROM task WHERE projectID = %d AND taskName = '%s'", $cyberadmin, $taskname2);
if (config::for_cyber() && !$db->qr($q)) {
$task = new task();
$task->set_value("projectID", $cyberadmin);
// Cyber Admin Project
$task->set_value("taskName", $taskname2);
$task->set_value("managerID", 67);
// Cyber Support people (jane)
$task->set_value("personID", $this->get_value("personID"));
// salesperson
$task->set_value("priority", 3);
$task->set_value("taskTypeID", "Task");
$task->set_value("taskDescription", $taskDesc);
$task->set_value("dateTargetStart", date("Y-m-d"));
$task->set_value("dateTargetCompletion", date("Y-m-d", date("U") + 60 * 60 * 24 * 7));
$task->save();
$q = prepare("SELECT * FROM task WHERE projectID = %d AND taskName = '%s'", $cyberadmin, $taskname1);
$rai_row = $db->qr($q);
if ($rai_row) {
$task->add_pending_tasks($rai_row["taskID"]);
}
$order_the_hardware_taskID = $task->get_id();
$TPL["message_good"][] = "Task created: " . $task->get_id() . " " . $task->get_value("taskName");
$task->add_notification(3, 1, "Task " . $task->get_id() . " " . $taskname2, "Task status moved from pending to open.", array(array("field" => "metaPersonID", "who" => -2)));
}
// 3. from salesperson to admin
$q = prepare("SELECT * FROM task WHERE projectID = %d AND taskName = '%s'", $cyberadmin, $taskname3);
if (config::for_cyber() && !$db->qr($q)) {
$task = new task();
$task->set_value("projectID", $cyberadmin);
// Cyber Admin Project
$task->set_value("taskName", $taskname3);
$task->set_value("managerID", $this->get_value("personID"));
// salesperson
$task->set_value("personID", 67);
// Cyber Support people (jane)
$task->set_value("priority", 3);
$task->set_value("taskTypeID", "Task");
$task->set_value("taskDescription", $taskDesc);
$task->set_value("dateTargetStart", date("Y-m-d"));
$task->set_value("dateTargetCompletion", date("Y-m-d", date("U") + 60 * 60 * 24 * 7));
$task->save();
$task->add_pending_tasks($order_the_hardware_taskID);
$pay_the_supplier_taskID = $task->get_id();
$TPL["message_good"][] = "Task created: " . $task->get_id() . " " . $task->get_value("taskName");
$task->add_notification(3, 1, "Task " . $task->get_id() . " " . $taskname3, "Task status moved from pending to open.", array(array("field" => "metaPersonID", "who" => -2)));
}
// 4. from admin to salesperson
$q = prepare("SELECT * FROM task WHERE projectID = %d AND taskName = '%s'", $cyberadmin, $taskname4);
if (config::for_cyber() && !$db->qr($q)) {
$task = new task();
$task->set_value("projectID", $cyberadmin);
// Cyber Admin Project
$task->set_value("taskName", $taskname4);
$task->set_value("managerID", 67);
// Cyber Support people
$task->set_value("personID", $this->get_value("personID"));
// salesperson
$task->set_value("priority", 3);
$task->set_value("taskTypeID", "Task");
$task->set_value("taskDescription", $taskDesc);
$task->set_value("dateTargetStart", date("Y-m-d"));
$task->set_value("dateTargetCompletion", date("Y-m-d", date("U") + 60 * 60 * 24 * 7));
$task->save();
$task->add_pending_tasks($pay_the_supplier_taskID);
$TPL["message_good"][] = "Task created: " . $task->get_id() . " " . $task->get_value("taskName");
$task->add_notification(3, 1, "Task " . $task->get_id() . " " . $taskname4, "Task status moved from pending to open.", array(array("field" => "metaPersonID", "who" => -2)));
}
}
}
}
}
if (stripos("tfID", $field) !== FALSE) {
$result = tf::get_name($db->f($field));
} else {
$result = $db->f($field);
}
}
$TPL["result_row"] .= $start_field_separator;
$TPL["result_row"] .= $quotes . $result . $quotes;
if (isset($fields[$k + 1]) || !$_POST["generate_file"]) {
$TPL["result_row"] .= $end_field_separator;
}
}
$TPL["result_row"] .= $end_row_separator;
$counter++;
}
$TPL["counter"] = "Number of rows(s): " . $counter;
if ($_POST["generate_file"]) {
// write to file
header("Cache-Control: must-revalidate, post-check=0, pre-check=0");
header('Content-Type: application/octet-stream');
header('Content-Size: ' . strlen($TPL["result_row"]));
header('Content-Disposition: attachment; filename="csv_' . mktime() . '.csv"');
echo $TPL["result_row"];
exit;
}
} else {
alloc_error("Please select some Fields using the checkboxes.");
}
}
$TPL["main_alloc_title"] = "Reports - " . APPLICATION_NAME;
include_template("templates/reportM.tpl");
// Errors from previous iterations shouldn't affect processing of the next email
db_alloc::$stop_doing_queries = false;
$email_receive->set_msg($num);
$email_receive->get_msg_header();
$keys = $email_receive->get_hashes();
try {
// If no keys
if (!$keys) {
// If email sent from a known staff member
$from_staff = inbox::change_current_user($email_receive->mail_headers["from"]);
if ($from_staff) {
inbox::convert_email_to_new_task($email_receive, true);
} else {
$email_receive->mark_seen();
// mark it seen so we don't poll for it again
alloc_error("Could not create a task from this email. Email was not sent by a staff member. Email resides in INBOX.");
}
// Else if we have a key, append to comment
} else {
// Skip over emails that are from alloc. These emails are kept only for
// posterity and should not be parsed and downloaded and re-emailed etc.
if (same_email_address($email_receive->mail_headers["from"], ALLOC_DEFAULT_FROM_ADDRESS)) {
$email_receive->mark_seen();
$email_receive->archive();
} else {
inbox::process_one_email($email_receive);
}
}
} catch (Exception $e) {
// There may have been a database error, so let the database know it can run this next bit
db_alloc::$stop_doing_queries = false;
$reminder->set_value('reminderRecuringValue', $_POST["reminder_recuring_value"]);
}
$reminder->set_value('reminderAdvNoticeSent', '0');
if (!$_POST["reminder_advnotice_value"]) {
$reminder->set_value('reminderAdvNoticeInterval', 'No');
$reminder->set_value('reminderAdvNoticeValue', '0');
} else {
$reminder->set_value('reminderAdvNoticeInterval', $_POST["reminder_advnotice_interval"]);
$reminder->set_value('reminderAdvNoticeValue', $_POST["reminder_advnotice_value"]);
}
$reminder->set_value('reminderSubject', $_POST["reminder_subject"]);
$reminder->set_value('reminderContent', rtrim($_POST["reminder_content"]));
$reminder->set_value('reminderActive', sprintf("%d", $_POST["reminderActive"]));
$reminder->save();
$reminder->update_recipients($recipient_keys);
$returnToParent = "reminder";
$reminderID = $reminder->get_id();
$TPL["message_good"][] = "Reminder saved.";
} else {
if ($_POST["reminder_delete"] && $_POST["reminder_id"]) {
$reminder = new reminder();
$reminder->set_id($_POST["reminder_id"]);
$reminder->delete();
}
}
$headers = array("client" => $TPL["url_alloc_client"] . "clientID=" . $parentID . "&sbs_link=reminders", "project" => $TPL["url_alloc_project"] . "projectID=" . $parentID . "&sbs_link=reminders", "task" => $TPL["url_alloc_task"] . "taskID=" . $parentID . "&sbs_link=reminders", "home" => $TPL["url_alloc_home"], "calendar" => $TPL["url_alloc_taskCalendar"] . "personID=" . $_POST["personID"], "list" => $TPL["url_alloc_reminderList"], "reminder" => $TPL["url_alloc_reminder"] . "reminderID=" . $reminderID . "&step=3", "" => $TPL["url_alloc_reminderList"]);
alloc_redirect($headers[$returnToParent]);
break;
default:
alloc_error("Unrecognized state");
}
* License for more details.
*
* You should have received a copy of the GNU Affero General Public License
* along with allocPSA. If not, see <http://www.gnu.org/licenses/>.
*/
require_once "../alloc.php";
singleton("errors_thrown", true);
if (!have_entity_perm("inbox", PERM_READ, $current_user)) {
alloc_error("Permission denied.", true);
}
$info = inbox::get_mail_info();
if (!$info["host"]) {
alloc_error("Email mailbox host not defined, assuming email function is inactive.", true);
}
if ($_REQUEST["id"] && $_REQUEST["hash"] && !inbox::verify_hash($_REQUEST["id"], $_REQUEST["hash"])) {
alloc_error("The IMAP ID for that email is no longer valid. Refresh the list and try again.");
} else {
if ($_REQUEST["id"] && $_REQUEST["hash"]) {
$_REQUEST["archive"] && inbox::archive_email($_REQUEST);
// archive the email by moving it to another folder
$_REQUEST["download"] && inbox::download_email($_REQUEST);
// download it to a mbox file
$_REQUEST["process"] && inbox::process_email($_REQUEST);
// attach it to a task etc
$_REQUEST["readmail"] && inbox::read_email($_REQUEST);
// mark the email as read
$_REQUEST["unreadmail"] && inbox::unread_email($_REQUEST);
// mark the email as unread
$_REQUEST["newtask"] && inbox::process_email_to_task($_REQUEST);
// use this email to create a new task
$_REQUEST["taskID"] && inbox::attach_email_to_existing_task($_REQUEST);
}
}
}
}
alloc_redirect($url . $msg);
exit;
}
// If deleting a record
} else {
if ($_POST["delete"]) {
if ($task->can_be_deleted()) {
$task->read_globals();
$task->delete();
alloc_redirect($TPL["url_alloc_taskList"]);
} else {
alloc_error("This task cannot be deleted. You either don't have permission, or this task has history items.");
}
}
}
// Start stuff here
$task->set_values("task_");
$person = new person();
$person->set_id($task->get_value("creatorID"));
$person->select();
$TPL["task_createdBy"] = $person->get_name();
$TPL["task_createdBy_personID"] = $person->get_id();
if ($task->get_value("closerID") && $task->get_value("dateClosed")) {
$TPL["task_closed_by"] = person::get_fullname($task->get_value("closerID"));
$TPL["task_closed_when"] = $task->get_value("dateClosed");
}
$person = new person();
$_FORM["showInvoiceAmountPaid"] = true;
$_FORM["showInvoiceDate"] = true;
$_FORM["showInvoiceStatus"] = true;
$_FORM["clientID"] = $clientID;
// Restrict non-admin users records
if (!$current_user->have_role("admin")) {
$_FORM["personID"] = $current_user->get_id();
}
$rows = invoice::get_list($_FORM);
echo invoice::get_list_html($rows, $_FORM);
}
$client = new client();
$clientID = $_POST["clientID"] or $clientID = $_GET["clientID"];
if ($_POST["save"]) {
if (!$_POST["clientName"]) {
alloc_error("Please enter a Client Name.");
}
$client->read_globals();
$client->set_value("clientModifiedTime", date("Y-m-d"));
$clientID = $client->get_id();
$client->set_values("client_");
if (!$client->get_id()) {
// New client.
$client->set_value("clientCreatedTime", date("Y-m-d"));
$new_client = true;
}
if (!$TPL["message"]) {
$client->save();
$clientID = $client->get_id();
$client->set_values("client_");
}
function save_invoice_timeSheet($invoiceID, $timeSheetID)
{
global $TPL;
$invoice = new invoice($invoiceID);
if ($invoice->get_value("invoiceStatus") != "finished") {
$timeSheet = new timeSheet();
$timeSheet->set_id($timeSheetID);
$timeSheet->select();
$timeSheet->load_pay_info();
$project = $timeSheet->get_foreign_object("project");
$date = $timeSheet->get_value("dateFrom") or $date = date("Y-m-d");
// customerBilledDollars will not be set if the actual field is blank,
// and thus there won't be a usable total_customerBilledDollars.
if (isset($timeSheet->pay_info["customerBilledDollars"])) {
$amount = $timeSheet->pay_info["total_customerBilledDollars"];
$iiUnitPrice = $timeSheet->pay_info["customerBilledDollars"];
$iiQuantity = $timeSheet->pay_info["total_duration"];
} else {
$amount = $timeSheet->pay_info["total_dollars"];
$iiUnitPrice = $amount;
$iiQuantity = 1;
}
$q = prepare("SELECT * FROM invoiceItem WHERE invoiceID = %d AND timeSheetID = %d AND timeSheetItemID IS NULL\n ", $invoiceID, $timeSheetID);
$db = new db_alloc();
$db->query($q);
$row = $db->row();
$ii = new invoiceItem();
if ($row) {
$ii->set_id($row["invoiceItemID"]);
}
$ii->set_value("invoiceID", $invoiceID);
$ii->set_value("timeSheetID", $timeSheet->get_id());
$ii->set_value("iiMemo", "Time Sheet #" . $timeSheet->get_id() . " for " . person::get_fullname($timeSheet->get_value("personID")) . ", Project: " . $project->get_value("projectName"));
$ii->set_value("iiQuantity", $iiQuantity);
$ii->set_value("iiUnitPrice", $iiUnitPrice);
$ii->set_value("iiAmount", $amount);
$ii->set_value("iiDate", $date);
$ii->set_value("iiTax", config::get_config_item("taxPercent"));
$ii->currency = $timeSheet->get_value("currencyTypeID");
$ii->save();
} else {
alloc_error("Unable to update related Invoice (ID:" . $invoiceID . ").");
}
}
$c->set_id(config::get_config_item_id('rssShowProject'));
$c->select();
$c->set_value("value", '0');
$c->save();
}
$TPL["message"] or $TPL["message_good"] = "Saved configuration.";
} else {
if ($_POST["delete_logo"]) {
foreach (array(ALLOC_LOGO, ALLOC_LOGO_SMALL) as $logo) {
if (file_exists($logo)) {
if (unlink($logo)) {
$TPL["message_good"][] = "Deleted " . $logo;
}
}
if (file_exists($logo)) {
alloc_error("Unable to delete " . $logo);
}
}
}
}
get_cached_table("config", true);
// flush cache
if (has("finance")) {
$tf = new tf();
$options = $tf->get_assoc_array("tfID", "tfName");
}
$TPL["mainTfOptions"] = page::select_options($options, config::get_config_item("mainTfID"));
$TPL["outTfOptions"] = page::select_options($options, config::get_config_item("outTfID"));
$TPL["inTfOptions"] = page::select_options($options, config::get_config_item("inTfID"));
$TPL["taxTfOptions"] = page::select_options($options, config::get_config_item("taxTfID"));
$TPL["expenseFormTfOptions"] = page::select_options($options, config::get_config_item("expenseFormTfID"));
function prepare()
{
$args = func_get_args();
if (count($args) == 1) {
return $args[0];
}
// First element of $args get assigned to zero index of $clean_args
// Array_shift removes the first value and returns it..
$clean_args[] = array_shift($args);
// The rest of $args are escaped and then assigned to $clean_args
foreach ($args as $arg) {
if (is_array($arg)) {
foreach ((array) $arg as $v) {
$str .= $comma . "'" . db_esc($v) . "'";
$comma = ",";
}
$clean_args[] = $str;
} else {
$clean_args[] = db_esc($arg);
}
}
// Have to use this coz we don't know how many args we're gonna pass to sprintf..
$query = @call_user_func_array("sprintf", $clean_args);
// Trackdown poorly formulated queries
$err = error_get_last();
if ($err["type"] == 2 && in_str("sprintf", $err["message"])) {
$e = new Exception();
alloc_error("Error in prepared query: \n" . $e->getTraceAsString() . "\n" . print_r($err, 1) . "\n" . print_r($clean_args, 1));
}
return $query;
}
