return; } $file = (string) clean_output(get_parameter("file")); if ($file) { $file_path = $config["homedir"] . "/" . "attachment/downloads/" . $file; $result["status"] = unlink($file_path); } echo json_encode($result); return; } } $delete_btn = get_parameter("delete_btn", 0); // File deletion // ================== if ($delete_btn) { $location = clean_output(get_parameter("location", "")); $file_path = $config["homedir"] . "/" . "attachment/downloads/" . $location; unlink($file_path); $_GET["create"] = 1; } // Database UPDATE // ================== if (isset($_GET["update2"])) { // if modified any parameter if (give_acl($config["id_user"], 0, "FRW") != 1) { audit_db($config["id_user"], $config["REMOTE_ADDR"], "ACL Violation", "Trying to update a download without privileges"); require "general/noaccess.php"; exit; } $id = get_parameter("id", ""); if ($id != "" && !check_fr_item_accessibility($config["id_user"], $id)) {
/** * Returns a single string with HTML characters decoded * * $input string Input string */ function ascii_output($string) { return clean_output($string); }
$report = get_db_row ('tinventory_reports', 'id', $id); if ($report === false) return; ini_set ("memory_limit", "3072M"); ini_set ("max_execution_time", 600); echo "<h2>".__('Custom report')."</h2>"; echo "<h4>".$report['name']; echo "<div id='button-bar-title'><ul>"; echo "<li><a href='index.php?sec=projects&sec2=operation/inventories/inventory_reports'>".print_image ("images/flecha_volver.png", true, array("title" => __("Back to Report")))."</a></li>"; echo "</ul></div>"; echo "</h4>"; $config['mysql_result_type'] = MYSQL_ASSOC; $rows = get_db_all_rows_sql (clean_output ($report['sql'])); if ($rows === false) return; //count $row chunk $row_chunk_cont = count(array_chunk($rows[0], 10)); //keys $row chunk $row_chunk_keys = array_chunk(array_keys($rows[0]), 10); $table = array(); for($i=0; $i < $row_chunk_cont; $i++){ $table[$i][] = $row_chunk_keys[$i]; foreach ($rows as $row) { $row_chunk = array_chunk($row, 10); $table[$i][] = $row_chunk[$i];
function printEdit() { $id_comment = $this->getDataInt('id_comment', 0); echo '<input type="hidden" name="edit_comment" value="1" />' . "\n"; echo '<input type="hidden" name="id_expense" value="' . $this->getDataInt('id_expense') . '" />' . "\n"; if ($id_comment) { echo "<!-- id_comment = {$id_comment} -->\n"; echo '<input type="hidden" name="id_comment" value="' . $id_comment . '" />' . "\n"; } echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n"; echo '<tr>'; echo "<td>" . f_err_star('comment') . _Ti('expense_input_comment') . "</td>\n"; echo '<td><textarea name="comment" id="input_expense_comment" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('comment')) . "</textarea>\n" . "</td>\n"; echo "</tr>\n"; echo "</table>\n"; }
die("Error seeking position {$list_pos} in the result"); } } $headers = array(); $headers[0]['title'] = _Th('person_input_name'); $headers[0]['order'] = 'order_title'; $headers[0]['default'] = 'ASC'; show_list_start($headers); // Process the output of the query for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) { // Show report title echo "<tr><td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>"; if (true) { echo '<a href="rep_det.php?rep=' . $row['id_report'] . '" class="content_link">'; } echo highlight_matches(clean_output(remove_number_prefix($row['title'])), $find_rep_string); if (true) { echo '</a>'; } echo "</td>\n"; echo "</tr>\n"; } show_list_end($list_pos, $number_of_rows); echo '<p><a href="edit_rep.php?rep=0" class="create_new_lnk">' . _T('rep_button_new') . "</a></p>\n"; // // Custom reports (plugins) // $custom_reports = array(); $handle = opendir("inc/config/custom/reports"); while (($f = readdir($handle)) != '') { if (is_file("inc/config/custom/reports/" . $f)) {
function printEdit() { global $prefs; $admin = allowed($this->getDataInt('id_case'), 'a'); // FIXME $edit = allowed($this->getDataInt('id_case'), 'e'); // FIXME $write = allowed($this->getDataInt('id_case'), 'w'); // FIXME (put in constructor) // FIXME: not sure whether this works as previously $dis = isDisabled(!($admin || $edit)); echo '<table class="tbl_usr_dtl" width="99%">' . "\n"; echo '<tr><td>'; echo f_err_star('date_start') . _T('fu_input_date_start'); echo "</td>\n"; echo "<td>"; $name = $admin || $edit ? 'start' : ''; echo get_date_inputs($name, $this->data['date_start'], false); echo ' ' . _T('time_input_time_at') . ' '; echo get_time_inputs($name, $this->data['date_start']); echo "</td>\n"; echo "</tr>\n"; echo "<tr><td>"; echo f_err_star('date_end') . ($prefs['time_intervals'] == 'absolute' ? _T('fu_input_date_end') : _T('fu_input_time_length')); echo "</td>\n"; echo '<td>'; if ($prefs['time_intervals'] == 'absolute') { // Buggy code, so isolated most important cases if ($this->data['id_followup'] == 0) { $name = 'end'; } elseif ($edit) { $name = 'end'; } else { // user can 'finish' entering data $name = $admin || $edit && $this->data['date_end'] == '0000-00-00 00:00:00' ? 'end' : ''; } echo get_date_inputs($name, $this->data['date_end']); echo ' '; echo _T('time_input_time_at') . ' '; echo get_time_inputs($name, $this->data['date_end']); } else { $name = ''; // Buggy code, so isolated most important cases if ($this->getDataInt('id_followup') == 0) { $name = 'delta'; } elseif ($edit) { $name = 'delta'; } else { // user can 'finish' entering data $name = $admin || $edit && $this->getDataString('date_end') == '0000-00-00 00:00:00' ? 'delta' : ''; } if (empty($_SESSION['errors'])) { $interval = $this->getDataString('date_end') != '0000-00-00 00:00:00' ? strtotime($this->getDataString('date_end')) - strtotime($this->getDataString('date_start')) : 0; echo get_time_interval_inputs($name, $interval); } else { echo get_time_interval_inputs_from_array($name, $this->data); } } echo "</td>\n"; echo "</tr>\n"; // Show 'conclusion' options if ($this->show_conclusion) { $kws_conclusion = get_keywords_in_group_name('conclusion'); $kws_result = get_keywords_in_group_name('_crimresults'); echo "<tr>\n"; echo "<td>" . _Ti('fu_input_conclusion') . "</td>\n"; echo '<td>'; // Result if (read_meta('case_result') == 'yes') { echo '<select ' . $dis . ' name="result" size="1" class="sel_frm">' . "\n"; $default = ''; if ($this->data['result']) { $default = $this->data['result']; } foreach ($kws_result as $kw) { $sel = isSelected($kw['name'] == $default); echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } echo "</select><br/>\n"; } // Conclusion echo '<select ' . $dis . ' name="conclusion" size="1" class="sel_frm">' . "\n"; $default = ''; if ($this->data['conclusion']) { $default = $this->data['conclusion']; } foreach ($kws_conclusion as $kw) { $sel = isSelected($kw['name'] == $default); echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } echo "</select>\n"; echo "</td>\n"; echo "</tr>\n"; // If guilty, what sentence? $kws_sentence = get_keywords_in_group_name('sentence'); echo "<tr>\n"; echo "<td>" . _Ti('fu_input_sentence') . "</td>\n"; echo '<td>'; echo '<select ' . $dis . ' name="sentence" size="1" class="sel_frm">' . "\n"; $default = ''; if ($this->data['sentence']) { $default = $this->data['sentence']; } echo "<!-- " . $default . " -->\n"; foreach ($kws_sentence as $kw) { $sel = $kw['name'] == $default ? ' selected="selected"' : ''; echo '<option ' . $sel . ' value="' . $kw['name'] . '">' . _T(remove_number_prefix($kw['title']), array('currency' => read_meta('currency'))) . "</option>\n"; } echo "</select>\n"; // If sentence, for how much? echo '<input type="text" name="sentence_val" size="10" value="' . $this->data['sentence_val'] . '" />'; echo "</td>\n"; echo "</tr>\n"; } if (_request('submit') == 'set_status' || is_status_change($this->getDataString('type'))) { // Change status echo "<tr>\n"; echo "<td>" . _T('case_input_status') . "</td>\n"; echo "<td>"; echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n"; echo _T('kw_followups_' . $this->data['type'] . '_title'); echo "</td>\n"; echo "</tr>\n"; } elseif (_request('submit') == 'set_stage' || $this->getDataString('type') == 'stage_change') { // Change stage echo "<tr>\n"; echo "<td>" . _T('fu_input_next_stage') . "</td>\n"; echo "<td>"; echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n"; // This is to compensate an old bug, when 'case stage' was not stored in fu.description // and therefore editing a follow-up would not give correct information. // Bug was in CVS of 0.4.3 between 19-20 April 2005. Should not affect many people. if ($s = $this->getDataString('new_stage')) { echo '<input type="hidden" name="new_stage" value="' . $s . '" />' . "\n"; echo _Tkw('stage', $s); } else { echo "New stage information not available"; } echo "</td>\n"; echo "</tr>\n"; if ($s = $this->getDataString('new_stage')) { // Update stage keywords (if any) $stage = get_kw_from_name('stage', $s); $id_stage = $stage['id_keyword']; show_edit_keywords_form('stage', $this->data['id_case'], $id_stage); } } elseif ($this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment') { // Do not allow assignment/un-assignment follow-ups to be changed echo "<tr>\n"; echo "<td>" . _T('fu_input_next_stage') . "</td>\n"; echo "<td>"; echo '<input type="hidden" name="type" value="' . $this->getDataString('type') . '" />' . "\n"; echo _Tkw('followups', $this->getDataString('type')); echo "</td>\n"; echo "</tr>\n"; } else { // The usual follow-up echo "<tr>\n"; echo "<td>" . _T('fu_input_type') . "</td>\n"; echo "<td>"; echo '<select ' . $dis . ' name="type" size="1" class="sel_frm">' . "\n"; $default_fu = get_suggest_in_group_name('followups'); $futype_kws = get_keywords_in_group_name('followups'); $kw_found = false; foreach ($futype_kws as $kw) { $sel = isSelected($kw['name'] == $default_fu); if ($sel) { $kw_found = true; } echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } // Exotic case where the FU keyword was hidden by the administrator, // but an old follow-up using that keyword is being edited. if (!$kw_found) { echo '<option selected="selected" value="' . $default_fu . '">' . _Tkw('followups', $default_fu) . "</option>\n"; } echo "</select>\n"; echo "</td>\n"; echo "</tr>\n"; } // Keywords (if any) show_edit_keywords_form('followup', $this->getDataInt('id_followup')); // Description echo "<tr>\n"; echo '<td valign="top">' . f_err_star('description') . _T('fu_input_description') . "</td>\n"; echo '<td>'; if ($this->getDataString('type') == 'assignment' || $this->getDataString('type') == 'unassignment') { // Do not allow edit of assignment echo '<input type="hidden" name="description" value="' . $this->getDataString('description') . '" />' . "\n"; echo get_fu_description($this->data); } else { echo '<textarea ' . $dis . ' name="description" rows="15" cols="60" class="frm_tarea">'; echo clean_output($this->getDataString('description')); echo "</textarea>"; } echo "</td></tr>\n"; // Sum billed field if ($this->show_sum_billed == "yes") { echo '<tr>'; echo '<td>' . _T('fu_input_sum_billed') . "</td>\n"; echo '<td>'; echo '<input ' . $dis . ' name="sumbilled" ' . 'value="' . clean_output($this->getDataString('sumbilled')) . '" ' . 'class="search_form_txt" size="10" />'; // [ML] If we do this we may as well make a function // out of it, but not sure where to place it :-) // This code is also in config_site.php $currency = read_meta('currency'); if (empty($currency)) { $current_lang = $GLOBALS['lang']; $GLOBALS['lang'] = read_meta('default_language'); $currency = _T('currency_default_format'); $GLOBALS['lang'] = $current_lang; } echo htmlspecialchars($currency); echo "</td></tr>\n"; } echo "</table>\n\n"; // XXX FIXME: Should probably be in some function "is_system_fu" // or even "is_deletable" if ($this->getDataInt('id_followup') && allowed($this->data['id_case'], 'a') && !(is_status_change($this->data['type']) || $this->data['type'] == 'assignment' || $this->data['type'] == 'unassignment')) { $checked = $this->getDataString('hidden') == 'Y' ? ' checked="checked" ' : ''; echo '<p class="normal_text">'; echo '<input type="checkbox"' . $checked . ' name="delete" id="box_delete" />'; echo '<label for="box_delete">' . _T('fu_info_delete') . '</label>'; echo "</p>\n"; } // Add followup appointment if (!_request('followup')) { echo "<!-- Add appointment? -->\n"; echo '<p class="normal_text">'; echo '<input type="checkbox" name="add_appointment" id="box_new_app" onclick="display_block(\'new_app\', \'flip\')" />'; echo '<label for="box_new_app">' . _T('fu_info_add_future_activity') . '</label>'; echo "</p>\n"; echo '<div id="new_app" style="display: none;">'; echo '<table class="tbl_usr_dtl" width="99%">' . "\n"; echo "<!-- Start time -->\n\t\t<tr><td>"; echo _T('time_input_date_start'); echo "</td><td>"; echo get_date_inputs('app_start', $this->data['app_start_time'], false); echo ' ' . _T('time_input_time_at') . ' '; echo get_time_inputs('app_start', $this->data['app_start_time']); echo f_err_star('app_start_time'); echo "</td></tr>\n"; echo "<!-- End time -->\n\t\t<tr><td>"; echo $prefs['time_intervals'] == 'absolute' ? _T('time_input_date_end') : _T('app_input_time_length'); echo "</td><td>"; if ($prefs['time_intervals'] == 'absolute') { echo get_date_inputs('app_end', $this->data['app_end_time']); echo ' ' . _T('time_input_time_at') . ' '; echo get_time_inputs('app_end', $this->data['app_end_time']); echo f_err_star('app_end_time'); } else { $interval = $this->data['app_end_time'] != '0000-00-00 00:00:00' ? strtotime($this->data['app_end_time']) - strtotime($this->data['app_start_time']) : 0; // echo _T('calendar_info_time') . ' '; echo get_time_interval_inputs('app_delta', $interval); echo f_err_star('app_end_time'); } echo "</td></tr>\n"; /* [ML] Removing, not useful for now echo "<!-- Reminder -->\n\t\t<tr><td>"; echo (($prefs['time_intervals'] == 'absolute') ? _T('app_input_reminder_time') : _T('app_input_reminder_offset')); echo "</td><td>"; if ($prefs['time_intervals'] == 'absolute') { echo get_date_inputs('app_reminder', $this->data['app_reminder']); echo ' ' . _T('time_input_time_at') . ' '; echo get_time_inputs('app_reminder', $this->data['app_reminder']); echo f_err_star('app_reminder'); } else { $interval = ( ($this->data['app_end_time']!='0000-00-00 00:00:00') ? strtotime($this->data['app_start_time']) - strtotime($this->data['app_reminder']) : 0); // echo _T('calendar_info_time') . ' '; echo get_time_interval_inputs('app_rem_offset', $interval); echo " " . _T('time_info_before_start'); echo f_err_star('app_reminder'); } echo "</td></tr>\n"; */ // TODO: [ML] a bit of testing to see if this survives an error on new case // I suspect it doesn't.. echo "<!-- Appointment title -->\n\t\t<tr><td>"; echo f_err_star('app_title') . _T('app_input_title'); echo "</td><td>"; echo '<input type="text" ' . $dis . ' name="app_title" size="50" value="'; echo clean_output($this->getDataString('app_title')) . '" class="search_form_txt" />'; echo "</td></tr>\n"; echo "<!-- Appointment type -->\n\t\t<tr><td>"; echo _T('app_input_type'); echo "</td><td>"; echo '<select ' . $dis . ' name="app_type" size="1" class="sel_frm">'; global $system_kwg; if ($_SESSION['fu_app_data']['type']) { $default_app = $_SESSION['fu_app_data']['type']; } else { $app_kwg = get_kwg_from_name('appointments'); $default_app = $app_kwg['suggest']; } $opts = array(); foreach ($system_kwg['appointments']['keywords'] as $kw) { $opts[$kw['name']] = _T(remove_number_prefix($kw['title'])); } asort($opts); foreach ($opts as $k => $opt) { $sel = isSelected($k == $default_app); echo "<option value='{$k}'{$sel}>{$opt}</option>\n"; } echo '</select>'; echo "</td></tr>\n"; echo "<!-- Appointment description -->\n"; echo "<tr><td valign=\"top\">"; echo _T('app_input_description'); echo "</td><td>"; echo '<textarea ' . $dis . ' name="app_description" rows="5" cols="60" class="frm_tarea">'; echo clean_output($this->getDataString('app_description')); echo '</textarea>'; echo "</td></tr>\n"; echo "</table>\n"; echo "</div>\n"; } }
ui_print_error_message(__('Ticket not found')); exit; } // GET ACTION PARAMETERS $upload_file = get_parameter('upload_file'); $add_workunit = get_parameter('add_workunit'); // ACTIONS if($upload_file) { $filename = get_parameter('upfile'); $file_description = get_parameter('description',__('No description available')); $file_temp = sys_get_temp_dir()."/$filename"; $result = attach_incident_file ($incident_id, clean_output($file_temp), $file_description); echo $result; $active_tab = 'files'; } if($add_workunit) { $note = get_parameter('note'); $public = 1; $timeused = "0.05"; $result = create_workunit ($incident_id, $note, $config["id_user"], $timeused, 0, "", $public, 0); if($result) { ui_print_success_message(__('Workunit added'));
} // TRAD echo ": " . $rep_specs->getDescription() . "</p>\n"; } echo "<fieldset class=\"info_box\">\n"; echo "<form action='upd_rep.php' method='post'>\n"; if ($_SESSION['form_data']['filecustom']) { echo '<input type="hidden" name="filecustom" value="' . $_SESSION['form_data']['filecustom'] . '" />' . "\n"; } if ($_SESSION['form_data']['id_report']) { echo "<strong>" . _Ti('rep_input_id') . "</strong> " . $_SESSION['form_data']['id_report'] . "\n\t\t<input type=\"hidden\" name=\"id_report\" value=\"" . $_SESSION['form_data']['id_report'] . "\">\n"; // [ML] echo " | \n"; } // Title of report echo "<p>" . f_err_star('title') . "<strong>" . _Ti('rep_input_title') . "</strong><br />"; echo '<input name="title" value="' . clean_output($_SESSION['form_data']['title']) . '" class="search_form_txt"></p>' . "\n"; // Description echo '<p>' . "<strong>" . _Ti('rep_input_description') . "</strong><br />\n"; echo '<textarea name="description" rows="5" cols="40" class="frm_tarea">'; echo $_SESSION['form_data']['description']; echo "</textarea></p>\n"; // Notes echo '<p>' . "<strong>" . _Ti('rep_input_notes') . "</strong><br />\n"; echo '<textarea name="notes" rows="5" cols="40" class="frm_tarea">'; echo $_SESSION['form_data']['notes']; echo "</textarea></p>\n"; // if ($admin || !read_meta('case_read_always') || !read_meta('case_write_always')) { // echo "\t<tr><td>" . _T('public') . "</td> // <td> // <table> // <tr>\n";
} else { /* Print main link */ print "<a href='"; clean_output($bookmarkurl); print "'>"; clean_output($title); print "</a>\n"; print "<form method='post' action='#edit'>\n"; /* Print tag links */ $taglist = split(" ", $bookmarktags); foreach ($taglist as $tag) { if (strlen($tag) > 0) { print " <a class='tag' href='" . $deliciousroot . "admin?tags="; clean_output($tag); print "'>"; clean_output($tag); print "</a>\n"; } } /* Print edit link */ print " <input name='url' type='hidden' value='"; clean_output($bookmarkurl); print "' />\n"; print " <input type='submit' value='edit' name='edit' />\n"; print "</form>\n"; } } } fclose($datafilehandle); footer($deliciousroot, $tags); print "</body></html>";
function show_login($cible, $prive = 'prive', $message_login = '') { $error = ''; $login = _request('var_login'); $logout = _request('var_logout'); // If the cookie fails, inc_auth tried to redirect to lcm_cookie who // then tried to put a cookie. If it is not there, it is "cookie failed" // who is there, and it's probably a bookmark on privet=yes and not // a cookie failure. $cookie_failed = ""; if (_request('var_cookie_failed')) { $cookie_failed = $_COOKIE['lcm_session'] != 'cookie_test_failed'; } global $author_session; global $lcm_session; global $clean_link; if (!$cible) { // cible = destination $cible = new Link(_request('var_url', 'index.php')); } $cible->delVar('var_erreur'); $cible->delVar('var_url'); $cible->delVar('var_cookie_failed'); $clean_link->delVar('var_erreur'); $clean_link->delVar('var_login'); $clean_link->delVar('var_cookie_failed'); $url = $cible->getUrl(); // This populates the $author_session variable include_lcm('inc_session'); verifier_visiteur(); if ($author_session and !$logout and ($author_session['status'] == 'admin' or $author_session['status'] == 'normal')) { if ($url != $GLOBALS['clean_link']->getUrl()) { lcm_header("Location: " . $cible->getUrlForHeader()); } // [ML] This is making problems for no reason, we use login only // for one mecanism (entering the system). // echo "<a href='$url'>"._T('login_this_way')."</a>\n"; echo "<a class='content_link' href='index.php'>" . _T('login_this_way') . "</a>\n"; return; } if (_request('var_erreur') == 'pass') { $error = _T('login_password_incorrect'); } // The login is memorized in the cookie for a possible future admin login if (!$login && isset($_COOKIE['lcm_admin'])) { if (preg_match("/^@(.*)\$/", $_COOKIE['lcm_admin'], $regs)) { $login = $regs[1]; } } else { if ($login == '-1') { $login = ''; } } // other sources for authentication $flag_autres_sources = isset($GLOBALS['ldap_present']) ? $GLOBALS['ldap_present'] : ''; // What informations to pass? if ($login) { $status_login = 0; // unknown status $login = clean_input($login); $query = "SELECT id_author, status, password, prefs, alea_actuel, alea_futur \n\t\t\t\t\tFROM lcm_author \n\t\t\t\t\tWHERE username='******'"; $result = lcm_query($query); if ($row = lcm_fetch_array($result)) { if ($row['status'] == 'trash' or $row['password'] == '') { $status_login = -1; // deny } else { $status_login = 1; // known login // Which infos to pass for the javascript ? $id_author = $row['id_author']; $alea_actuel = $row['alea_actuel']; // for MD5 $alea_futur = $row['alea_futur']; // Button for lenght of connection if ($row['prefs']) { $prefs = unserialize($row['prefs']); $rester_checked = $prefs['cnx'] == 'perma' ? ' checked=\'checked\'' : ''; } } } // Unknown login (except LDAP) or refused if ($status_login == -1 or $status_login == 0 and !$flag_autres_sources) { $error = _T('login_identifier_unknown', array('login' => htmlspecialchars(clean_output($login)))); $login = ''; // [ML] Not sure why this was here, but headers are already sent // therefore it causes an error message (which is not shown, but // might make a mess, knowing how PHP runs differently everywhere..) // @lcm_setcookie('lcm_admin', '', time() - 3600); } } // Javascript for the focus if ($login) { $js_focus = 'document.form_login.session_password.focus();'; } else { $js_focus = 'document.form_login.var_login.focus();'; } // [ML] we should probably add a help link here, since tech, but let's see // how many users complain first, since this should affect only tech users if ($cookie_failed == "yes") { $error = _T('login_warning_cookie'); } echo open_login(); // [ML] Looks like there is no reason why to use $clean_link (defined in inc_version.php) // It would cause very strange bugs when the "feed_globals()" were removed from inc_version // and in the end, well, it looks rather useless. // // Strange bugs were caused because $action would be "./" and therefore it // would call index.php -> listcases.php -> includes inc_auth.php who then // calls auth(), who redirects to the login page. $action = $clean_link->getUrl(); // $action = "lcm_login.php"; if ($login) { // Shows the login form, including the MD5 javascript $flag_challenge_md5 = true; if ($flag_challenge_md5) { echo '<script type="text/javascript" src="inc/md5.js"></script>'; } echo "\n"; echo '<form name="form_login" action="lcm_cookie.php" method="post"'; if ($flag_challenge_md5) { echo " onsubmit='if (this.session_password.value) {\n\t\t\t\tthis.session_password_md5.value = calcMD5(\"{$alea_actuel}\" + this.session_password.value);\n\t\t\t\tthis.next_session_password_md5.value = calcMD5(\"{$alea_futur}\" + this.session_password.value);\n\t\t\t\tthis.session_password.value = \"\"; }'"; } echo ">\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>\n"; if ($error) { echo "<div style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></div><br />\n"; } if ($flag_challenge_md5) { // This is printed with javascript so that it is hidden from navigators not // using JS, since they will see the username field anyway. echo "<script type=\"text/javascript\"><!--\n" . "document.write('" . addslashes(_T('login_login')) . " <b>{$login}</b><br/>" . "<font size=\\'2\\'><a href=\\'lcm_cookie.php?cookie_admin=no&url=" . rawurlencode($action) . "\\' class=\\'link_btn\\'>" . _T('login_other_identifier') . "</a></font>');\n" . "//--></script>\n"; // If javascript is active, we pass the login in the hidden field echo "<input type='hidden' name='session_login_hidden' value='{$login}' />"; // If javascript is not active, the login is still modifiable // (since the challenge is not used) echo "<noscript>"; } echo "\t<label for='session_login'><b>" . _T('login_login') . "</b> (" . _T('login_info_login') . ")<br /></label>"; echo "\t<input type='text' name='session_login' id='session_login' class='forml' value=\"{$login}\" size='40' />\n"; if ($flag_challenge_md5) { echo "</noscript>\n"; } echo "\t<p />\n"; echo "\t<label for='session_password'><b>" . _T('login_password') . "</b><br /></label>"; echo "\t<input type='password' name='session_password' id='session_password' class='forml' value=\"\" size='40' />\n"; echo "\t<input type='hidden' name='essai_login' value='oui' />\n"; echo "\t<br /> <input type='checkbox' name='session_remember' value='yes' id='session_remember'{$rester_checked} /> "; echo "\t<label for='session_remember'>" . _T('login_remain_logged_on') . "</label>"; echo "\t<input type='hidden' name='url' value='{$url}' />\n"; echo "\t<input type='hidden' name='session_password_md5' value='' />\n"; echo "\t<input type='hidden' name='next_session_password_md5' value='' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } else { // Ask only for the login/username $action = quote_amp($action); echo "<form name='form_login' action='{$action}' method='post'>\n"; echo "<div class='main_login_box' style='text-align:" . $GLOBALS["lcm_lang_left"] . ";'>"; if ($error) { echo "<span style='color:red;'><b>" . _T('login_access_denied') . " {$error}</b></span><p />"; } echo "<label><b>" . _T('login_login') . '</b> (' . _T('login_info_login') . ')' . "<br /></label>"; echo "<input type='text' name='var_login' class='forml' value=\"\" size='40' />\n"; echo "<input type='hidden' name='var_url' value='{$url}' />\n"; echo "<div align='right'><input class='button_login' type='submit' value='" . _T('button_validate') . "' /></div>\n"; echo "</div>"; echo "</form>"; } // Focus management echo "<script type=\"text/javascript\"><!--\n" . $js_focus . "\n//--></script>\n"; // Start the login footer echo "<div align='left' style='font-size: 12px;' >"; echo "<div class='lang_combo_box'>" . menu_languages() . "</div>\n"; // button for "forgotten password" include_lcm('inc_mail'); if (server_can_send_email()) { echo '<a href="lcm_pass.php?pass_forgotten=yes" target="lcm_pass" onclick="' . "javascript:window.open(this.href, 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=280'); return false;\" class=\"link_btn\">" . _T('login_password_forgotten') . '</a>'; } $register_popup = 'href="lcm_pass.php?register=yes" target="lcm_pass" ' . ' onclick="' . "javascript:window.open('lcm_pass.php?register=yes', 'lcm_pass', 'scrollbars=yes, resizable=yes, width=640, height=500'); return false;\""; $open_subscription = read_meta("site_open_subscription"); if ($open_subscription == 'yes' || $open_subscription == 'moderated') { echo " <a {$register_popup} class=\"link_btn\">" . _T('login_register') . '</a>'; } echo "</div>\n"; echo close_login(); }
if ($list_pos >= $number_of_rows) { $list_pos = 0; } // Position to the page info start if ($list_pos > 0) { if (!lcm_data_seek($result, $list_pos)) { lcm_panic("Error seeking position {$list_pos} in the result"); } } // Output table tags show_listclient_start(); for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) { echo "<tr>\n"; echo '<td class="tbl_cont_' . ($i % 2 ? "dark" : "light") . '">' . $row['id_client'] . "</td>\n"; echo '<td class="tbl_cont_' . ($i % 2 ? "dark" : "light") . '">'; echo '<a href="client_det.php?client=' . $row['id_client'] . '" class="content_link">'; $fullname = clean_output(get_person_name($row)); echo highlight_matches($fullname, $find_client_string); echo "</a>\n"; echo "</td>\n"; echo "</tr>\n"; } show_listclient_end($list_pos, $number_of_rows); ?> <p><a href="edit_client.php" class="create_new_lnk"><?php echo _T('client_button_new'); ?> </a></p> <br /><br /> <?php lcm_page_end();
function incidents_get_filter_tickets_tree($filters, $mode = false, $id_task = false) { global $config; // TODO: Refactor to use the function 'filter_incidents' /* Set default values if none is set */ $filters['inverse_filter'] = isset($filters['inverse_filter']) ? $filters['inverse_filter'] : false; $filters['string'] = isset($filters['string']) ? $filters['string'] : ''; $filters['status'] = isset($filters['status']) ? $filters['status'] : 0; $filters['priority'] = isset($filters['priority']) ? $filters['priority'] : -1; $filters['id_group'] = isset($filters['id_group']) ? $filters['id_group'] : -1; $filters['id_company'] = isset($filters['id_company']) ? $filters['id_company'] : 0; $filters['id_inventory'] = isset($filters['id_inventory']) ? $filters['id_inventory'] : 0; $filters['id_incident_type'] = isset($filters['id_incident_type']) ? $filters['id_incident_type'] : 0; $filters['id_user'] = isset($filters['id_user']) ? $filters['id_user'] : ''; $filters['id_user_or_creator'] = isset($filters['id_user_or_creator']) ? $filters['id_user_or_creator'] : ''; $filters['from_date'] = isset($filters['from_date']) ? $filters['from_date'] : 0; $filters['first_date'] = isset($filters['first_date']) ? $filters['first_date'] : ''; $filters['last_date'] = isset($filters['last_date']) ? $filters['last_date'] : ''; $filters['id_creator'] = isset($filters['id_creator']) ? $filters['id_creator'] : ''; $filters['editor'] = isset($filters['editor']) ? $filters['editor'] : ''; $filters['closed_by'] = isset($filters['closed_by']) ? $filters['closed_by'] : ''; $filters['resolution'] = isset($filters['resolution']) ? $filters['resolution'] : ''; $filters["offset"] = isset($filters['offset']) ? $filters['offset'] : 0; $filters["group_by_project"] = isset($filters['group_by_project']) ? $filters['group_by_project'] : 0; $filters["id_task"] = isset($filters['id_task']) ? $filters['id_task'] : -1; $filters["sla_state"] = isset($filters['sla_state']) ? $filters['sla_state'] : 0; $filters["left_sla"] = isset($filters['left_sla']) ? $filters['left_sla'] : 0; $filters["right_sla"] = isset($filters['right_sla']) ? $filters['right_sla'] : 0; $filters["show_hierarchy"] = isset($filters['show_hierarchy']) ? $filters['show_hierarchy'] : 0; $filters["medals"] = isset($filters['medals']) ? $filters['medals'] : 0; $filters["parent_name"] = isset($filters['parent_name']) ? $filters['parent_name'] : ''; ///// IMPORTANT: Write an inverse filter for every new filter ///// $is_inverse = $filters['inverse_filter']; $sql_clause = ''; // Status if (!empty($filters['status'])) { // Not closed if ($filters['status'] == -10) { if (!$is_inverse) { $sql_clause .= sprintf(' AND estado <> %d', STATUS_CLOSED); } else { $sql_clause .= sprintf(' AND estado = %d', STATUS_CLOSED); } } else { if (!$is_inverse) { $sql_clause .= sprintf(' AND estado = %d', $filters['status']); } else { $sql_clause .= sprintf(' AND estado <> %d', $filters['status']); } } } // Priority if ($filters['priority'] != -1) { if (!$is_inverse) { $sql_clause .= sprintf(' AND prioridad = %d', $filters['priority']); } else { $sql_clause .= sprintf(' AND prioridad <> %d', $filters['priority']); } } // Group if ($filters['id_group'] != 1) { if ($filters['show_hierarchy']) { $children = groups_get_childrens($filters['id_group']); $ids = $filters['id_group']; foreach ($children as $child) { $ids .= "," . $child['id_grupo']; } if (!$is_inverse) { $sql_clause .= sprintf(' AND id_grupo IN (%s)', $ids); } else { $sql_clause .= sprintf(' AND id_grupo NOT IN (%s)', $ids); } } else { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_grupo = %d', $filters['id_group']); } else { $sql_clause .= sprintf(' AND id_grupo <> %d', $filters['id_group']); } } } // User if (!empty($filters['id_user'])) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_usuario = "%s"', $filters['id_user']); } else { $sql_clause .= sprintf(' AND id_usuario <> "%s"', $filters['id_user']); } } // User or creator if (!empty($filters['id_user_or_creator'])) { if (!$is_inverse) { $sql_clause .= sprintf(' AND (id_usuario = "%s" OR id_creator = "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']); } else { $sql_clause .= sprintf(' AND (id_usuario <> "%s" AND id_creator <> "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']); } } // Resolution if (!empty($filters['resolution']) && $filters['resolution'] > -1) { if (!$is_inverse) { $sql_clause .= sprintf(' AND resolution = %d', $filters['resolution']); } else { $sql_clause .= sprintf(' AND resolution <> %d', $filters['resolution']); } } // Task if ($id_task !== false) { // Don't apply the task inverse filter $sql_clause .= sprintf(' AND id_task = %d', $id_task); } else { if ($filters['id_task'] > 0) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_task = %d', $filters['id_task']); } else { $sql_clause .= sprintf(' AND id_task <> %d', $filters['id_task']); } } } // Incidents if (!empty($filters['id_incident_type']) && $filters['id_incident_type'] != -1) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_incident_type = %d', $filters['id_incident_type']); } else { $sql_clause .= sprintf(' AND id_incident_type <> %d', $filters['id_incident_type']); } // Incident fields $incident_fields = array(); foreach ($filters as $key => $value) { // If matchs an incident field, ad an element to the array with their real id and its data if (preg_match('/^type_field_/', $key)) { $incident_fields[preg_replace('/^type_field_/', '', $key)] = $value; } } foreach ($incident_fields as $id => $data) { if (!empty($data)) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE id_incident_field = "%s" AND data LIKE "%%%s%%")', $id, $data); } else { $sql_clause .= sprintf(' AND id_incidencia NOT IN (SELECT id_incident FROM tincident_field_data WHERE id_incident_field = "%s" AND data LIKE "%%%s%%")', $id, $data); } } } } // Date if (!empty($filters['from_date']) && $filters['from_date'] > 0) { $last_date_seconds = $filters['from_date'] * 24 * 60 * 60; $filters['first_date'] = date('Y-m-d H:i:s', time() - $last_date_seconds); if (!$is_inverse) { $sql_clause .= sprintf(' AND inicio >= "%s"', $filters['first_date']); } else { $sql_clause .= sprintf(' AND inicio < "%s"', $filters['first_date']); } } else { if (!empty($filters['first_date']) && !empty($filters['last_date'])) { // 00:00:00 to set date at the beginig of the day $start_time = strtotime($filters['first_date']); $start_date = date('Y-m-d 00:00:00', $start_time); // 23:59:59 to set date at the end of day $end_time = strtotime($filters['last_date']); $end_date = date('Y-m-d 23:59:59', $end_time); if (!$is_inverse) { $sql_clause .= sprintf(' AND inicio >= "%s"', $start_date); $sql_clause .= sprintf(' AND inicio <= "%s"', $end_date); } else { $sql_clause .= sprintf(' AND (inicio < "%s" OR inicio > "%s")', $start_date, $end_date); } } else { if (!empty($filters['first_date'])) { // 00:00:00 to set date at the beginig of the day $start_time = strtotime($filters['first_date']); $start_date = date('Y-m-d 00:00:00', $start_time); if (!$is_inverse) { $sql_clause .= sprintf(' AND inicio >= "%s"', $start_date); } else { $sql_clause .= sprintf(' AND inicio < "%s"', $start_date); } } else { if (!empty($filters['last_date'])) { // 23:59:59 to set date at the end of day $end_time = strtotime($filters['last_date']); $end_date = date('Y-m-d 23:59:59', $end_time); if (!$is_inverse) { $sql_clause .= sprintf(' AND inicio <= "%s"', $end_date); } else { $sql_clause .= sprintf(' AND inicio > "%s"', $end_date); } } } } } // Creator if (!empty($filters['id_creator'])) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_creator = "%s"', $filters['id_creator']); } else { $sql_clause .= sprintf(' AND id_creator <> "%s"', $filters['id_creator']); } } // Editor if (!empty($filters['editor'])) { if (!$is_inverse) { $sql_clause .= sprintf(' AND editor = "%s"', $filters['editor']); } else { $sql_clause .= sprintf(' AND editor <> "%s"', $filters['editor']); } } // Closed by if (!empty($filters['closed_by'])) { if (!$is_inverse) { $sql_clause .= sprintf(' AND closed_by = "%s"', $filters['closed_by']); } else { $sql_clause .= sprintf(' AND closed_by <> "%s"', $filters['closed_by']); } } // SLA $sla_filter = ''; if (!empty($filters['sla_state'])) { $sla_fired_filter = 'AND (sla_disabled = 0 AND affected_sla_id <> 0)'; $sla_not_fired_filter = 'AND (sla_disabled = 0 AND affected_sla_id = 0)'; if ($filters['sla_state'] == 1) { $sla_filter = !$is_inverse ? $sla_fired_filter : $sla_not_fired_filter; } else { if ($filters['sla_state'] == 2) { $sla_filter = !$is_inverse ? $sla_not_fired_filter : $sla_fired_filter; } } } // Medals $medals_filter = ''; if ($filters['medals']) { if ($filters['medals'] == 1) { if (!$is_inverse) { $medals_filter = 'AND gold_medals <> 0'; } else { $medals_filter = 'AND gold_medals = 0'; } } else { if ($filters['medals'] == 2) { if (!$is_inverse) { $medals_filter = 'AND black_medals <> 0'; } else { $medals_filter = 'AND black_medals = 0'; } } } } if (!empty($filters['parent_name'])) { $inventory_id = get_db_value('id', 'tinventory', 'name', $filters['parent_name']); if ($inventory_id) { if (!$is_inverse) { $sql_clause .= sprintf(' AND id_incidencia IN (SELECT id_incident FROM tincident_inventory WHERE id_inventory = %d)', $inventory_id); } else { $sql_clause .= sprintf(' AND id_incidencia NOT IN (SELECT id_incident FROM tincident_inventory WHERE id_inventory = %d)', $inventory_id); } } } if ($no_parents) { $sql_clause .= ' AND id_incidencia NOT IN (SELECT id_incidencia FROM tincidencia WHERE id_parent <> 0)'; } // Order if ($filters['order_by'] && !is_array($filters['order_by'])) { $order_by_array = json_decode(clean_output($filters['order_by']), true); } else { $order_by_array = $filters['order_by']; } $order_by = ''; if ($order_by_array) { foreach ($order_by_array as $key => $value) { if ($value) { $order_by .= " {$key} {$value}, "; } } } // Use config block size if no other was given if ($limit && !isset($filters['limit'])) { $filters['limit'] = $config['block_size']; } // Text filter $text_filter = ''; if (!empty($filters['string'])) { if (!$is_inverse) { $text_filter = sprintf('AND ( titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%" OR id_incidencia = %d OR id_incidencia IN ( SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))', $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string']); } else { $text_filter = sprintf('AND ( titulo NOT LIKE "%%%s%%" AND descripcion NOT LIKE "%%%s%%" AND id_creator NOT LIKE "%%%s%%" AND id_usuario NOT LIKE "%%%s%%" AND id_incidencia <> %d AND id_incidencia NOT IN ( SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%"))', $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string']); } } switch ($mode) { case 'count': //Just count items $sql = sprintf('SELECT COUNT(id_incidencia) FROM tincidencia FD WHERE 1=1 %s %s %s %s', $sql_clause, $text_filter, $sla_filter, $medals_filter); return (int) get_db_value_sql($sql); break; case 'tasks': $sql = sprintf('SELECT id_task FROM tincidencia FD WHERE 1=1 %s %s %s %s GROUP BY id_task', $sql_clause, $text_filter, $sla_filter, $medals_filter); return get_db_all_rows_sql($sql); break; case 'tickets': default: //Select all items and return all information $sql = sprintf('SELECT * FROM tincidencia FD WHERE 1=1 %s %s %s %s ORDER BY %s actualizacion DESC', $sql_clause, $text_filter, $sla_filter, $medals_filter, $order_by); $incidents = get_db_all_rows_sql($sql); if ($incidents === false) { return false; } $result = array(); foreach ($incidents as $incident) { //Check external users ACLs $standalone_check = enterprise_hook('manage_standalone', array($incident, 'read')); if ($standalone_check !== ENTERPRISE_NOT_HOOK && !$standalone_check) { continue; } else { // Normal ACL pass if IR for this group or if the user is the incident creator // or if the user is the owner or if the user has workunits $check_acl = enterprise_hook('incidents_check_incident_acl', array($incident)); if (!$check_acl) { continue; } } $inventories = get_inventories_in_incident($incident['id_incidencia'], false); // Inventory if ($filters['id_inventory']) { $found = false; foreach ($inventories as $inventory) { if ($inventory['id'] == $filters['id_inventory']) { $found = true; break; } } if (!$is_inverse && !$found) { continue; } else { if ($is_inverse && $found) { continue; } } } // Company if ($filters['id_company']) { $found = false; $user_creator = $incident['id_creator']; $user_company = get_db_value('id_company', 'tusuario', 'id_usuario', $user_creator); // Don't match, dismiss incident if (!$is_inverse && $filters['id_company'] != $user_company) { continue; } // Match, dismiss incident if ($is_inverse && $filters['id_company'] == $user_company) { continue; } } // SLA if ($filters['left_sla']) { $percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia'])); // Don't match, dismiss incident if (!$is_inverse && $filters['left_sla'] > $percent_sla_incident) { continue; } // Match, dismiss incident if ($is_inverse && $filters['left_sla'] <= $percent_sla_incident) { continue; } } if ($filters['right_sla']) { $percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia'])); // Don't match, dismiss incident if (!$is_inverse && $filters['right_sla'] < $percent_sla_incident) { continue; } // Match, dismiss incident if ($is_inverse && $filters['right_sla'] >= $percent_sla_incident) { continue; } } array_push($result, $incident); } return $result; break; } }
function printEdit() { echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n"; // Organisation ID if ($this->getDataInt('id_org')) { echo "<tr>\n"; echo "<td>" . _Ti('org_input_id') . "</td>\n"; echo "<td>" . $this->getDataInt('id_org') . '<input type="hidden" name="id_org" value="' . $this->getDataInt('id_org') . '" />' . "</td>\n"; echo "</tr>\n"; } // Organisation name echo "<tr>\n"; echo "<td>" . f_err_star('name') . _Ti('org_input_name') . "</td>\n"; echo '<td><input name="name" value="' . clean_output($this->getDataString('name')) . '" class="search_form_txt" />' . "</td>\n"; echo "</tr>\n"; // Court registration number echo "<tr>\n"; echo "<td>" . f_err_star('court_reg') . _Ti('org_input_court_reg') . "</td>\n"; echo '<td><input name="court_reg" value="' . clean_output($this->getDataString('court_reg')) . '" class="search_form_txt" />' . "</td>\n"; echo "</tr>\n"; // Tax number echo "<tr>\n"; echo "<td>" . f_err_star('tax_number') . _Ti('org_input_tax_number') . "</td>\n"; echo '<td><input name="tax_number" value="' . clean_output($this->getDataString('tax_number')) . '" class="search_form_txt" />' . "</td>\n"; echo "</tr>\n"; // Statistical number echo "<tr>\n"; echo "<td>" . f_err_star('stat_number') . _Ti('org_input_stat_number') . "</td>\n"; echo '<td><input name="stat_number" value="' . clean_output($this->getDataString('stat_number')) . '" class="search_form_txt" />' . "</td>\n"; echo "</tr>\n"; // Creation date if ($this->getDataInt('id_org')) { echo "<tr>\n"; echo '<td>' . _Ti('time_input_date_creation') . '</td>'; echo '<td>' . format_date($this->getDataString('date_creation'), 'full') . '</td>'; echo "</tr>\n"; } // // Keywords, if any // show_edit_keywords_form('org', $this->getDataInt('id_org')); // Notes echo "<tr>\n"; echo "<td>" . f_err_star('notes') . _Ti('org_input_notes') . "</td>\n"; echo '<td><textarea name="notes" id="input_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n"; echo "</tr>\n"; // // Contacts (e-mail, phones, etc.) // echo "<tr>\n"; echo '<td colspan="2" align="center" valign="middle">'; show_page_subtitle(_T('client_subtitle_contacts')); echo '</td>'; echo "</tr>\n"; show_edit_contacts_form('org', $this->getDataInt('id_org')); echo "</table>\n"; }
function printEdit() { // Read site configuration preferences $case_assignment_date = read_meta('case_assignment_date'); $case_alledged_crime = read_meta('case_alledged_crime'); $case_legal_reason = read_meta('case_legal_reason'); $case_allow_modif = read_meta('case_allow_modif'); echo '<table class="tbl_usr_dtl">' . "\n"; // Case ID (if editing existing case) if ($this->getDataInt('id_case')) { echo "<tr>" . "<td>" . _T('case_input_id') . "</td>" . "<td>" . $this->getDataInt('id_case') . '<input type="hidden" name="id_case" value="' . $this->getDataInt('id_case') . '" />' . "</td></tr>\n"; } echo '<tr><td><label for="input_case_title">' . f_err_star('title') . _T('case_input_title') . "</label></td>\n"; echo '<td><input size="35" name="title" id="input_case_title" value="' . clean_output($this->getDataString('title')) . '" class="search_form_txt" />'; echo "</td></tr>\n"; // Date of earlier assignment if ($case_assignment_date == 'yes') { echo "<tr>\n"; echo "<td>" . f_err_star('date_assignment') . _Ti('case_input_date_assigned') . "</td>\n"; echo "<td>" . get_date_inputs('assignment', $this->getDataString('date_assignment'), false) . "</td>\n"; echo "</tr>\n"; } // Legal reason if (substr($case_legal_reason, 0, 3) == 'yes') { echo '<tr><td><label for="input_legal_reason">' . f_err_star('legal_reason') . _T('case_input_legal_reason') . "</label>" . ($case_legal_reason == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n"; echo '<td>'; echo '<textarea name="legal_reason" id="input_legal_reason" class="frm_tarea" rows="2" cols="60">'; echo clean_output($this->getDataString('legal_reason')); echo "</textarea>"; echo "</td>\n"; echo "</tr>\n"; } // Alledged crime if (substr($case_alledged_crime, 0, 3) == 'yes') { echo '<tr><td><label for="input_alledged_crime">' . f_err_star('alledged_crime') . _T('case_input_alledged_crime') . "</label>" . ($case_alledged_crime == 'yes_mandatory' ? '<br/>(' . _T('keywords_input_policy_mandatory') . ')' : '') . "</td>\n"; echo '<td>'; echo '<textarea name="alledged_crime" id="input_alledged_crime" class="frm_tarea" rows="2" cols="60">'; echo clean_output($this->getDataString('alledged_crime')); echo '</textarea>'; echo "</td>\n"; echo "</tr>\n"; } // Keywords (if any) show_edit_keywords_form('case', $this->getDataInt('id_case')); $id_stage = 0; // new case, stage not yet known if ($this->getDataString('stage')) { $stage = get_kw_from_name('stage', $this->getDataString('stage', '__ASSERT__')); $id_stage = $stage['id_keyword']; } show_edit_keywords_form('stage', $this->getDataInt('id_case'), $id_stage); // Notes echo "<tr>\n"; echo "<td><label for='input_case_notes'>" . f_err_star('case_notes') . _Ti('case_input_notes') . "</label></td>\n"; echo '<td><textarea name="case_notes" id="input_case_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n"; echo "</tr>\n"; // Case status echo '<tr><td><label for="input_status">' . f_err_star('status') . _Ti('case_input_status') . "</label></td>\n"; echo '<td>'; echo '<select name="status" id="input_status" class="sel_frm">' . "\n"; $statuses = $this->getDataInt('id_case') ? array('draft', 'open', 'suspended', 'closed', 'merged') : array('draft', 'open'); foreach ($statuses as $s) { $sel = $s == $this->getDataString('status') ? ' selected="selected"' : ''; echo '<option value="' . $s . '"' . $sel . ">" . _T('case_status_option_' . $s) . "</option>\n"; } echo "</select></td>\n"; echo "</tr>\n"; // Case stage if (!$this->getDataString('stage')) { $this->data['stage'] = get_suggest_in_group_name('stage'); } $kws = get_keywords_in_group_name('stage'); echo '<tr><td><label for="input_stage">' . f_err_star('stage') . _T('case_input_stage') . "</label></td>\n"; echo '<td><select name="stage" id="input_stage" class="sel_frm">' . "\n"; foreach ($kws as $kw) { $sel = $kw['name'] == $this->data['stage'] ? ' selected="selected"' : ''; echo "\t\t\t\t<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } echo "</select></td>\n"; echo "</tr>\n"; // Public access rights // FIXME FIXME FIXME if ($this->data['admin'] || read_meta('case_read_always') != 'yes' || read_meta('case_write_always') != 'yes') { $dis = isDisabled(!allowed($this->getDataInt('id_case'), 'a')); echo '<tr><td colspan="2">' . _T('case_input_collaboration') . ' <br /><ul>'; if (read_meta('case_read_always') != 'yes' || $GLOBALS['author_session']['status'] == 'admin') { echo '<li style="list-style-type: none;">'; echo '<input type="checkbox" name="public" id="case_public_read" value="yes"'; if ($_SESSION['form_data']['public']) { echo ' checked="checked"'; } echo "{$dis} />"; echo '<label for="case_public_read">' . _T('case_input_collaboration_read') . "</label></li>\n"; } if (read_meta('case_write_always') != 'yes' || _session('admin')) { echo '<li style="list-style-type: none;">'; echo '<input type="checkbox" name="pub_write" id="case_public_write" value="yes"'; if (_session('pub_write')) { echo ' checked="checked"'; } echo "{$dis} />"; echo '<label for="case_public_write">' . _T('case_input_collaboration_write') . "</label></li>\n"; } echo "</ul>\n"; echo "</td>\n"; echo "</tr>\n"; } echo "</table>\n"; }
function printEdit() { // Get site preferences $client_name_middle = read_meta('client_name_middle'); $client_citizen_number = read_meta('client_citizen_number'); $client_civil_status = read_meta('client_civil_status'); $client_income = read_meta('client_income'); $meta_date_birth = read_meta('client_date_birth'); echo '<table width="99%" border="0" align="center" cellpadding="5" cellspacing="0" class="tbl_usr_dtl">' . "\n"; if ($this->getDataInt('id_client')) { echo "<tr><td>" . _T('client_input_id') . "</td>\n"; echo "<td>" . $this->getDataInt('id_client') . '<input type="hidden" name="id_client" value="' . $this->getDataInt('id_client') . '" /></td></tr>' . "\n"; } // Client name echo '<tr><td>' . f_err_star('name_first') . _T('person_input_name_first') . '</td>' . "\n"; echo '<td><input name="name_first" value="' . clean_output($this->getDataString('name_first')) . '" class="search_form_txt" /></td></tr>' . "\n"; // [ML] always show middle name, if any, no matter the configuration if ($this->getDataString('name_middle') || substr($client_name_middle, 0, 3) == 'yes') { echo '<tr><td>' . f_err_star('name_middle') . _T('person_input_name_middle') . '</td>' . "\n"; echo '<td><input name="name_middle" value="' . clean_output($this->getDataString('name_middle')) . '" class="search_form_txt" /></td></tr>' . "\n"; } echo '<tr><td>' . f_err_star('name_last') . _T('person_input_name_last') . '</td>' . "\n"; echo '<td><input name="name_last" value="' . clean_output($this->getDataString('name_last')) . '" class="search_form_txt" /></td></tr>' . "\n"; if (substr($meta_date_birth, 0, 3) == 'yes') { echo "<tr>\n"; echo "<td>" . f_err_star('date_birth') . _Ti('person_input_date_birth') . "</td>\n"; echo "<td>" . get_date_inputs('date_birth', $this->getDataString('date_birth'), true) . "</td>\n"; echo "</tr>\n"; } echo '<tr><td>' . f_err_star('gender') . _T('person_input_gender') . '</td>' . "\n"; echo '<td><select name="gender" class="sel_frm">' . "\n"; $opt_sel_male = $opt_sel_female = $opt_sel_unknown = ''; if ($this->getDataString('gender') == 'male') { $opt_sel_male = 'selected="selected" '; } else { if ($this->getDataString('gender') == 'female') { $opt_sel_female = 'selected="selected" '; } else { $opt_sel_unknown = 'selected="selected" '; } } echo '<option ' . $opt_sel_unknown . 'value="unknown">' . _T('info_not_available') . "</option>\n"; echo '<option ' . $opt_sel_male . 'value="male">' . _T('person_input_gender_male') . "</option>\n"; echo '<option ' . $opt_sel_female . 'value="female">' . _T('person_input_gender_female') . "</option>\n"; echo "</select>\n"; echo "</td></tr>\n"; if ($this->getDataString('id_client')) { echo "<tr>\n"; echo '<td>' . _Ti('time_input_date_creation') . '</td>'; echo '<td>' . format_date($this->getDataString('date_creation'), 'full') . '</td>'; echo "</tr>\n"; } if (substr($client_citizen_number, 0, 3) == 'yes') { echo "<tr>\n"; echo '<td>' . f_err_star('citizen_number') . _T('person_input_citizen_number') . '</td>'; echo '<td><input name="citizen_number" value="' . clean_output($this->getDataString('citizen_number')) . '" class="search_form_txt" /></td>'; echo "</tr>\n"; } if (substr($client_civil_status, 0, 3) == 'yes') { echo "<tr>\n"; echo '<td>' . f_err_star('civil_status') . _Ti('person_input_civil_status') . '</td>'; echo '<td>'; echo '<select name="civil_status">'; if (!$this->getDataInt('id_client')) { echo '<option value=""></option>'; } $kwg = get_kwg_from_name('civilstatus'); $all_kw = get_keywords_in_group_name('civilstatus'); // A bit overkill, but if the user made the error of not entering // a valid civil_status, make sure that the field stays empty if (!$this->getDataString('civil_status') || !count($_SESSION['errors'])) { if ($this->getDataInt('id_client')) { $this->data['civil_status'] = $all_kw['unknown']['name']; } else { $this->data['civil_status'] = $kwg['suggest']; } } foreach ($all_kw as $kw) { $sel = $this->getDataString('civil_status') == $kw['name'] ? ' selected="selected"' : ''; echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T($kw['title']) . '</option>'; } echo '</select>'; echo '</td>'; echo "</tr>\n"; } if (substr($client_income, 0, 3) == 'yes') { echo "<tr>\n"; echo '<td>' . f_err_star('income') . _Ti('person_input_income') . '</td>'; echo '<td>'; echo '<select name="income">'; if (!$this->getDataInt('id_client')) { echo '<option value=""></option>'; } $kwg = get_kwg_from_name('income'); $all_kw = get_keywords_in_group_name('income'); if (!$this->getDataString('income') && !count($_SESSION['errors'])) { if ($this->getDataInt('id_client')) { $this->data['income'] = $all_kw['unknown']['name']; } else { $this->data['income'] = $kwg['suggest']; } } foreach ($all_kw as $kw) { $sel = $this->getDataString('income') == $kw['name'] ? ' selected="selected"' : ''; echo '<option value="' . $kw['name'] . '"' . $sel . '>' . _T($kw['title']) . '</option>'; } echo '</select>'; echo '</td>'; echo "</tr>\n"; } // // Keywords, if any // show_edit_keywords_form('client', $this->getDataInt('id_client')); // Notes echo "<tr>\n"; echo "<td>" . f_err_star('client_notes') . _Ti('client_input_notes') . "</td>\n"; echo '<td><textarea name="client_notes" id="input_client_notes" class="frm_tarea" rows="3" cols="60">' . clean_output($this->getDataString('notes')) . "</textarea>\n" . "</td>\n"; echo "</tr>\n"; // // Contacts (e-mail, phones, etc.) // echo "<tr>\n"; echo '<td colspan="2" align="center" valign="middle">'; show_page_subtitle(_T('client_subtitle_contacts')); echo '</td>'; echo "</tr>\n"; show_edit_contacts_form('client', $this->getDataInt('id_client')); echo "</table>\n"; }
$replacement = ""; $package_aux = preg_replace($pattern, $replacement, $package); // Remove extension .oum //$pattern = "/^[\w*\/*]*package_/"; $pattern = "/^.*package_/"; $package_num = preg_replace($pattern, $replacement, $package_aux); // Get the number of the package if ($current_package >= $package_num) { fclose($files_h); $return["status"] = "error"; $return["message"] = __("Package ") . $package_num . __(" is already installed."); echo json_encode($return); return; } } $package = clean_output($package); // All files extracted $files_total = $package . "/files.txt"; // Files copied $files_copied = $package . "/files.copied.txt"; $return = array(); if (file_exists($files_copied)) { unlink($files_copied); } if (file_exists($package)) { if ($files_h = fopen($files_total, "r")) { while ($line = stream_get_line($files_h, 65535, "\n")) { $line = trim($line); // Tries to move the old file to the directory backup inside the extracted package if (file_exists($config["homedir"] . "/" . $line)) { rename($config["homedir"] . "/" . $line, $package . "/backup/" . $line);
echo __('Yes'); } else { echo __('No'); } echo "<td>"; if ($todo["expire_timestamp"] == "0000-00-00 00:00:00") { echo __('No expiration date'); } else { echo $todo["expire_timestamp"]; } echo '<td>'; echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=update&id=' . $todo["id"] . '"><img src="images/editor.png"></a>'; echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=delete&id=' . $todo["id"] . '" onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;"> <img border=0 src="images/cross.png"></a>'; echo "<tr><td colspan=4 style=''>"; echo print_container_div('news_' . $todo["id"], __("Content"), clean_output($todo["content"]), 'closed', true, false, '', '', 1, '', "margin:0px"); } echo "</table>"; echo '<form method="post" action="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=create">'; echo '<div class="button-form">'; print_submit_button(__('Create'), 'crt', false, 'class="sub create'); echo '</div></form>'; } // Fin bloque else ?> <script type="text/javascript" src="include/js/jquery.ui.slider.js"></script> <script type="text/javascript" src="include/js/jquery.ui.datepicker.js"></script> <script type="text/javascript" src="include/languages/date_<?php echo $config['language_code']; ?> .js"></script>
// Show case organization(s) // $q = "SELECT o.id_org,name\n\t\t\t\t\tFROM lcm_case_client_org as cco, lcm_org as o\n\t\t\t\t\tWHERE id_case = {$case} AND cco.id_org = o.id_org"; $result = lcm_query($q); if (lcm_num_rows($result)) { if (!$header_shown) { echo '<table border="0" width="99%" class="tbl_usr_dtl">' . "\n"; $header_shown = true; } while ($row = lcm_fetch_array($result)) { echo "<tr>\n"; // icon echo '<td width="25" align="center"><img src="images/jimmac/stock_people.png" alt="" height="16" width="16" /></td>' . "\n"; // name echo '<td><a style="display: block;" href="org_det.php?org=' . $row['id_org'] . '" class="content_link">'; echo clean_output($row['name']); echo "</a></td>\n"; // delete icon (if admin rights) if ($admin) { echo '<td width="1%" nowrap="nowrap">'; echo '<label for="id_del_org' . $row['id_org'] . '">'; echo '<img src="images/jimmac/stock_trash-16.png" width="16" height="16" ' . 'alt="' . _T('case_info_delete_org') . '" title="' . _T('case_info_delete_org') . '" />'; echo '</label> '; echo '<input type="checkbox" onclick="lcm_show(\'btn_delete\')" ' . 'id="id_del_org' . $row['id_org'] . '" name="id_del_org[]" ' . 'value="' . $row['id_org'] . '" />'; echo "</td>\n"; } echo "</tr>\n"; } } if ($header_shown) { echo "</table>\n\n";
$datafilehandle = fopen($datafile, "w"); fwrite($datafilehandle, unescape_quotes($_POST['text'])); fclose($datafilehandle); header('Location: ' . $deliciousroot . "admin"); } } print "<html><head>"; print "<title>Edit Bookmarks</title>"; print "<style>textarea { width:100%; height:75%; }</style>"; print "</head><body>"; print "<h1>Edit Bookmarks</h1>"; print "<form method='post'>"; print "<textarea name='text' cols='100' rows='40'>"; $datafilehandle = fopen($datafile, "r"); while (true) { $line = fgets($datafilehandle); if (strlen($line) == 0) { break; } clean_output($line); } fclose($datafilehandle); print "</textarea>"; print "<input type='submit' value='Save' />"; print "<input type='hidden' name='action' value='save'>"; print "Remember to leave a blank line at the end of the text."; print "<input name='time' type='hidden' value='" . $time . "' />"; print "<input name='key' type='hidden' value='" . securitycode($time) . "' />"; print "</form>"; footer($deliciousroot, ""); print "</body></html>";
function show_existing_contact($c, $num) { // FIXME: This has a minor bug: if there was an error in (ex:) the title // of the user/client/org, and the value of a contact was changed, then // the modification will be lost, because we didn't use the $_SESSION value. echo '<tr><td align="left" valign="top">' . f_err_star('upd_contact_' . $num) . f_err_star('contact_' . $c['name']) . _Ti($c['title']) . ($c['policy'] != 'optional' ? '<br/>(' . _T('keywords_input_policy_' . $c['policy']) . ')' : '') . "</td>\n"; echo '<td align="left" valign="top">'; echo '<input name="contact_id[]" id="contact_id_' . $num . '" ' . 'type="hidden" value="' . $c['id_contact'] . '" />' . ""; echo '<input name="contact_type[]" id="contact_type_' . $num . '" ' . 'type="hidden" value="' . $c['type_contact'] . '" />' . ""; // [ML] Removed spaces (nbsp) between elements, or it causes the layout // to show on two lines when using a large font. echo '<input name="contact_value[]" id="contact_value_' . $num . '" type="text" ' . 'class="search_form_txt" size="35" value="' . (isset($_SESSION['form_data']['contact_value'][$num]) ? $_SESSION['form_data']['contact_value'][$num] : clean_output($c['value'])) . '"/>'; echo f_err_star('email') . ""; if ($c['policy'] != 'mandatory') { echo '<label for="id_del_contact' . $num . '">'; echo '<img src="images/jimmac/stock_trash-16.png" width="16" height="16" alt="' . _T('generic_info_delete_contact') . '" title="' . _T('generic_info_delete_contact') . '" />'; echo '</label>'; echo ' <input type="checkbox" id="id_del_contact' . $num . '" name="del_contact_' . $c['id_contact'] . '"/>'; } echo "</td>\n</tr>\n\n"; }
$sel = $kw['name'] == $default_app ? ' selected="selected"' : ''; echo "<option value='" . $kw['name'] . "'" . "{$sel}>" . _T(remove_number_prefix($kw['title'])) . "</option>\n"; } ?> </select></td></tr> <!-- Appointment description --> <tr><td valign="top"><?php echo _T('app_input_description'); ?> </td> <td><textarea <?php echo $dis; ?> name="description" rows="5" cols="40" class="frm_tarea"><?php echo clean_output(_session('description')) . "</textarea></td></tr>\n"; // Appointment participants - authors echo "\t\t<tr><td valign=\"top\">"; echo _T('app_input_authors'); echo "</td><td>"; if (count($_SESSION['authors']) > 0) { $q = ''; $author_ids = array(); foreach ($_SESSION['authors'] as $author) { // $q .= ($q ? ', ' : ''); $author_ids[] = $author['id_author']; $q .= get_person_name($author); if ($author['id_author'] != $author_session['id_author']) { $q .= ' (<label for="id_rem_author' . $author['id_author'] . '"><img src="images/jimmac/stock_trash-16.png" width="16" height="16" alt="Remove?" title="Remove?" /></label> <input type="checkbox" id="id_rem_author' . $author['id_author'] . '" name="rem_author[]" value="' . $author['id_author'] . '" />)'; } // TRAD
} $where_clause = "WHERE tcompany_contact.id_company = tcompany.id {$where_group} " . "AND tcompany_contact.id_company " . get_filter_by_company_accessibility($config["id_user"]); if ($search_text != "") { $where_clause .= sprintf(' AND fullname LIKE "%%%s%%"', $search_text); } if ($id_company) { $where_clause .= sprintf(' AND id_company = %d', $id_company); } $sql = "SELECT tcompany_contact.fullname, tcompany.name as company_name, \ntcompany_contact.email, tcompany_contact.phone, tcompany_contact.mobile, \ntcompany_contact.position, tcompany_contact.description FROM tcompany_contact, \ntcompany {$where_clause} ORDER BY id_company, fullname"; $filename = clean_output('contacts_export') . '-' . date("YmdHi"); ob_end_clean(); // CSV Output header('Content-Disposition: attachment; filename="' . $filename . '.csv"'); header('Content-Type: text/css; charset=utf-8'); $config['mysql_result_type'] = MYSQL_ASSOC; $rows = get_db_all_rows_sql(clean_output($sql)); if ($rows === false) { return; } // Header echo safe_output(implode(',', array_keys($rows[0]))) . "\n"; // Item / data foreach ($rows as $row) { // Delete \r !!! $row = str_replace("
", " ", $row); // Delete \n !! $row = str_replace("
", " ", $row); // Delete , !! $row = str_replace(",", " ", $row); $buffer = safe_output(implode(',', $row)) . "\n"; // Delete " !!!
function create_custom_search($name, $section, $search_values) { global $config; // It is needed to remove the html entities before serialize the array because // the different string lenght can cause an error when unserialize foreach ($search_values as $key => $search_value) { $search_value = clean_output($search_value); } $sql = sprintf('INSERT INTO tcustom_search (section, name, id_user, form_values) VALUES ("%s", "%s", "%s", \'%s\')', $section, $name, $config['id_user'], serialize($search_values)); return process_sql($sql, 'insert-id'); }
function get_fu_description($item, $make_short = true) { if (!is_array($item)) { lcm_debug("get_fu_description: parameter is not an array."); return ''; } global $prefs; global $fu_desc_len; // configure via my_options.php with $GLOBALS['fu_desc_len'] = NNN; $short_description = ''; // Set the length of short followup title (was: wide = 48, narrow = 115) $title_length = isset($fu_desc_len) && $fu_desc_len > 0 ? $fu_desc_len : 256; if ($item['type'] == 'assignment' && is_numeric($item['description'])) { $res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']); $author1 = lcm_fetch_array($res1); $short_description = _T('case_info_author_assigned', array('name' => get_person_name($author1))); } elseif ($item['type'] == 'unassignment' && is_numeric($item['description'])) { $res1 = lcm_query("SELECT * FROM lcm_author WHERE id_author = " . $item['description']); $author1 = lcm_fetch_array($res1); $short_description = _T('case_info_author_unassigned', array('name' => get_person_name($author1))); } elseif ($item['type'] == 'stage_change' || is_status_change($item['type'])) { $tmp = lcm_unserialize($item['description']); // for backward compatibility, make it optional if ($item['case_stage']) { $short_description = _Tkw('stage', $item['case_stage']); } if ($tmp['description']) { $short_description .= " / " . $tmp['description']; } if ($tmp['result'] || $tmp['conclusion']) { $short_description .= "\n" . _Ti('fu_input_conclusion'); } if ($tmp['result']) { $short_description .= _Tkw('_crimresults', $tmp['result']) . "/"; } if ($tmp['conclusion']) { $short_description .= _Tkw('conclusion', $tmp['conclusion']); } if ($tmp['sentence']) { $short_description .= "\n" . _Ti('fu_input_sentence') . _Tkw('sentence', $tmp['sentence'], array('currency' => read_meta('currency'))); } if ($tmp['sentence_val']) { $short_description .= ": " . $tmp['sentence_val']; } } else { if ($item['description']) { if (!$make_short || strlen(lcm_utf8_decode($item['description'])) < $title_length) { $short_description = $item['description']; } else { $short_description = substr($item['description'], 0, $title_length) . '...'; } $short_description = clean_output($short_description); } else { $short_description = _T('fu_info_emptydesc'); } } $short_description = nl2br($short_description); if (empty($short_description)) { $short_description = _T('info_not_available'); } return $short_description; }
$where_clause = clean_output(get_parameter('where_clause')); $date = get_parameter('date'); $filename = clean_output('audit_export') . '-' . date("YmdHi"); $sql = sprintf('SELECT * FROM tsesion %s ORDER by utimestamp DESC', $where_clause); $rows = get_db_all_rows_sql($sql); if ($rows === false) { return; } } if ($export_csv_tickets) { $filter = unserialize_in_temp($config["id_user"]); $rows = incidents_search_result($filter, false, true, false, false, true, false, true); if ($rows === false) { return; } $filename = clean_output('tickets_export') . '-' . date("YmdHi"); } if (empty($rows)) { die(__('Empty data')); } $csv_lines = array(); $search = array(); // Delete \r !!! $search[] = "
"; $search[] = "\r"; // Delete \n !!! $search[] = "
"; $search[] = "\n"; // Delete " !!! $search[] = '"'; // Delete ' !!!
function incidents_get_filter_tickets_tree($filters, $mode = false, $limit = false) { global $config; /* Set default values if none is set */ $filters['string'] = isset($filters['string']) ? $filters['string'] : ''; $filters['status'] = isset($filters['status']) ? $filters['status'] : -10; $filters['priority'] = isset($filters['priority']) ? $filters['priority'] : -1; $filters['id_group'] = isset($filters['id_group']) ? $filters['id_group'] : -1; $filters['id_company'] = isset($filters['id_company']) ? $filters['id_company'] : 0; $filters['id_inventory'] = isset($filters['id_inventory']) ? $filters['id_inventory'] : 0; $filters['id_incident_type'] = isset($filters['id_incident_type']) ? $filters['id_incident_type'] : 0; $filters['id_user'] = isset($filters['id_user']) ? $filters['id_user'] : ''; $filters['id_user_or_creator'] = isset($filters['id_user_or_creator']) ? $filters['id_user_or_creator'] : ''; $filters['from_date'] = isset($filters['from_date']) ? $filters['from_date'] : 0; $filters['first_date'] = isset($filters['first_date']) ? $filters['first_date'] : ''; $filters['last_date'] = isset($filters['last_date']) ? $filters['last_date'] : ''; $filters['id_creator'] = isset($filters['id_creator']) ? $filters['id_creator'] : ''; $filters['editor'] = isset($filters['editor']) ? $filters['editor'] : ''; $filters['closed_by'] = isset($filters['closed_by']) ? $filters['closed_by'] : ''; $filters['resolution'] = isset($filters['resolution']) ? $filters['resolution'] : ''; $filters["offset"] = isset($filters['offset']) ? $filters['offset'] : 0; $filters["group_by_project"] = isset($filters['group_by_project']) ? $filters['group_by_project'] : 0; $filters["id_task"] = isset($filters['id_task']) ? $filters['id_task'] : -1; $filters["sla_state"] = isset($filters['sla_state']) ? $filters['sla_state'] : 0; $filters["left_sla"] = isset($filters['left_sla']) ? $filters['left_sla'] : 0; $filters["right_sla"] = isset($filters['right_sla']) ? $filters['right_sla'] : 0; $filters["show_hierarchy"] = isset($filters['show_hierarchy']) ? $filters['show_hierarchy'] : 0; if (empty($filters['status'])) { $filters['status'] = implode(',', array_keys(get_indicent_status())); } // Not closed if ($filters["status"] == -10) { $filters['status'] = "1,2,3,4,5,6"; } $resolutions = get_incident_resolutions(); $sql_clause = ''; if ($filters['priority'] != -1) { $sql_clause .= sprintf(' AND prioridad = %d', $filters['priority']); } if ($filters['id_group'] != 1) { if ($filters["show_hierarchy"]) { $children = groups_get_childrens($filters['id_group']); $ids = $filters['id_group']; foreach ($children as $child) { $ids .= "," . $child['id_grupo']; } $sql_clause .= " AND id_grupo IN (" . $ids . ")"; } else { $sql_clause .= sprintf(' AND id_grupo = %d', $filters['id_group']); } } if (!empty($filters['id_user'])) { $sql_clause .= sprintf(' AND id_usuario = "%s"', $filters['id_user']); } if (!empty($filters['id_user_or_creator'])) { $sql_clause .= sprintf(' AND (id_usuario = "%s" OR id_creator = "%s")', $filters['id_user_or_creator'], $filters['id_user_or_creator']); } if (!empty($filters['resolution']) && $filters['resolution'] > -1) { $sql_clause .= sprintf(' AND resolution = %d', $filters['resolution']); } if ($filters['id_task'] == 0) { $sql_clause .= sprintf(' AND id_task = 0'); } else { if ($filters['id_task'] != -1) { $sql_clause .= sprintf(' AND id_task = %d', $filters['id_task']); } } //Incident type 0 means all and incident type -1 means without type if ($filters["id_incident_type"] != -1) { if ($filters["id_incident_type"]) { $sql_clause .= sprintf(' AND id_incident_type = %d', $filters['id_incident_type']); } $incident_fields = array(); foreach ($filters as $key => $value) { // If matchs an incident field, ad an element to the array with their real id and its data if (preg_match("/^type_field_/", $key)) { $incident_fields[preg_replace("/^type_field_/", "", $key)] = $value; } } foreach ($incident_fields as $id => $data) { if ($data !== "") { $sql_clause .= sprintf(' AND id_incidencia = ANY (SELECT id_incident FROM tincident_field_data WHERE id_incident_field = "%s" AND data LIKE "%%%s%%")', $id, $data); } } } if (!empty($filters['from_date']) && $filters['from_date'] > 0) { $last_date_seconds = $filters['from_date'] * 24 * 60 * 60; $filters['first_date'] = date('Y-m-d H:i:s', time() - $last_date_seconds); $sql_clause .= sprintf(' AND inicio >= "%s"', $filters['first_date']); $filters['last_date'] = ""; } else { if (!empty($filters['first_date'])) { $time = strtotime($filters['first_date']); //00:00:00 to set date at the beginig of the day $sql_clause .= sprintf(' AND inicio >= "%s"', date("Y-m-d 00:00:00", $time)); } if (!empty($filters['last_date'])) { $time = strtotime($filters['last_date']); if (!empty($filters['first_date'])) { //23:59:59 to set date at the end of day $sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d 23:59:59", $time)); } else { $time_from = strtotime($filters['first_date']); if ($time_from < $time) { $sql_clause .= sprintf(' AND inicio <= "%s"', date("Y-m-d", $time)); } } } } if (!empty($filters['id_creator'])) { $sql_clause .= sprintf(' AND id_creator = "%s"', $filters['id_creator']); } if (!empty($filters['editor'])) { $sql_clause .= sprintf(' AND editor = "%s"', $filters['editor']); } if (!empty($filters['closed_by'])) { $sql_clause .= sprintf(' AND closed_by = "%s"', $filters['closed_by']); } if (!empty($filters['sla_state'])) { switch ($filters['sla_state']) { case 0: $sla_filter = ' '; break; case 1: $sla_filter = "AND (sla_disabled = 0 AND affected_sla_id <> 0)"; break; case 2: $sla_filter = "AND (sla_disabled = 0 AND affected_sla_id = 0)"; break; } } if ($filters['order_by'] && !is_array($filters['order_by'])) { $order_by_array = json_decode(clean_output($filters["order_by"]), true); } else { $order_by_array = $filters['order_by']; } //Use config block size if no other was given if ($limit) { if (!isset($filters["limit"])) { $filters["limit"] = $config["block_size"]; } } $order_by = ""; if ($order_by_array) { foreach ($order_by_array as $key => $value) { if ($value) { $order_by .= " {$key} {$value}, "; } } } switch ($mode) { case 'count': //Just count items $sql = sprintf('SELECT COUNT(id_incidencia) FROM tincidencia FD WHERE estado IN (%s) %s AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%" OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%")) %s', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter); $count = get_db_value_sql($sql); if ($count === false) { return 0; } return $count; break; case 'tasks': $sql = sprintf('SELECT id_task FROM tincidencia FD WHERE estado IN (%s) %s AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%" OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%")) %s GROUP BY id_task', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter); $tasks = get_db_all_rows_sql($sql); if ($tasks === false) { return false; } return $tasks; break; case 'tickets': default: //Select all items and return all information $sql = sprintf('SELECT * FROM tincidencia FD WHERE estado IN (%s) %s AND (titulo LIKE "%%%s%%" OR descripcion LIKE "%%%s%%" OR id_creator LIKE "%%%s%%" OR id_usuario LIKE "%%%s%%" OR id_incidencia IN (SELECT id_incident FROM tincident_field_data WHERE data LIKE "%%%s%%")) %s ORDER BY %s actualizacion DESC', $filters['status'], $sql_clause, $filters['string'], $filters['string'], $filters['string'], $filters['string'], $filters['string'], $sla_filter, $order_by); $incidents = get_db_all_rows_sql($sql); if ($incidents === false) { return false; } $result = array(); foreach ($incidents as $incident) { //Check external users ACLs $external_check = enterprise_hook("manage_external", array($incident)); if ($external_check !== ENTERPRISE_NOT_HOOK && !$external_check) { continue; } else { //Normal ACL pass if IR for this group or if the user is the incident creator //or if the user is the owner or if the user has workunits $check_acl = enterprise_hook("incidents_check_incident_acl", array($incident)); if (!$check_acl) { continue; } } $inventories = get_inventories_in_incident($incident['id_incidencia'], false); if ($filters['id_inventory']) { $found = false; foreach ($inventories as $inventory) { if ($inventory['id'] == $filters['id_inventory']) { $found = true; break; } } if (!$found) { continue; } } if ($filters['id_company']) { $found = false; $user_creator = $incident['id_creator']; $user_company = get_db_value('id_company', 'tusuario', 'id_usuario', $user_creator); //If company do no match, dismiss incident if ($filters['id_company'] != $user_company) { continue; } } if ($filters['left_sla']) { $percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia'])); //If sla do not match, dismiss incident if ($filters['left_sla'] > $percent_sla_incident) { continue; } } if ($filters['right_sla']) { $percent_sla_incident = format_numeric(get_sla_compliance_single_id($incident['id_incidencia'])); //If sla do not match, dismiss incident if ($filters['right_sla'] < $percent_sla_incident) { continue; } } array_push($result, $incident); } return $result; break; } }
$headers[0]['order'] = 'no_order'; $headers[1]['title'] = _Th('person_input_name'); $headers[1]['order'] = 'order_name'; $headers[1]['default'] = 'ASC'; show_list_start($headers); // Process the output of the query for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) { echo "<tr>"; // Show checkbox echo "<td width='1%' class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>"; echo "<input type='checkbox' name='clients[]' value='" . $row['id_client'] . "'>"; echo "</td>\n"; // Show client name echo "<td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>"; echo '<a href="client_det.php?client=' . $row['id_client'] . '" class="content_link">'; echo highlight_matches(clean_output($row['name_first'] . ' ' . $row['name_middle'] . ' ' . $row['name_last']), $find_client_string); echo "</a>"; echo "</td>\n"; echo "</tr>\n"; } echo "<tr>\n"; echo '<td colspan="2"><p><a href="edit_client.php?attach_case=' . $case . '" class="create_new_lnk">' . _T('client_button_new_for_case') . '</a></p></td>' . "\n"; echo "</tr>\n"; show_list_end($list_pos, $number_of_rows); ?> <input type="hidden" name="case" value="<?php echo $case; ?> "> <input type="hidden" name="ref_sel_client" value="<?php
<?php include '../include/header.php'; $title = clean_input($_REQUEST['title']); $url = clean_input($_REQUEST['url']); $url = str_replace("chrome://ietab/content/reloaded.html?url=", "", $url); print "<html><head>"; print "<title>Add a bookmark</title>"; print "<style>.textinput {width: 100%;}</style>"; print "</head><body>"; print "<form action='add2.php' method='post' name='add'>"; print "<table>"; print "<tr><td>Title:</td>"; print "<td class='textinput'><input name='title' type='text' class='textinput' value='"; clean_output($title); print "' /></td></tr>"; print "<tr><td>URL:</td><td><input name='url' type='text' class='textinput' value='"; clean_output($url); print "' /></td></tr>"; print "<tr><td>Tags:</td><td><input name='tags' type='text' class='textinput' /></td></tr>"; print "<tr><td colspan='2'><input type='submit' value='OK' /></td></tr></table>"; print "<input name='time' type='hidden' value='" . $time . "' />"; print "<input name='key' type='hidden' value='" . securitycode($time) . "' />"; print "</form>"; print "<script type='text/javascript'>document.forms['add'].elements['tags'].focus();</script>"; footer($deliciousroot, ""); print "</body></html>";
$headers[0]['title'] = ""; $headers[0]['order'] = 'no_order'; $headers[1]['title'] = _Th('org_input_name'); $headers[1]['order'] = 'order_name'; $headers[1]['default'] = 'ASC'; show_list_start($headers); for ($i = 0; $i < $prefs['page_rows'] && ($row = lcm_fetch_array($result)); $i++) { echo "<tr>\n"; // Show checkbox echo "<td width='1%' class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>"; echo "<input type='checkbox' name='orgs[]' value='" . $row['id_org'] . "'>"; echo "</td>\n"; // Show org name echo "<td class='tbl_cont_" . ($i % 2 ? "dark" : "light") . "'>"; echo '<a href="org_det.php?org=' . $row['id_org'] . '" class="content_link">'; echo highlight_matches(clean_output($row['name']), $find_org_string); echo "</a>"; echo "</td>\n"; echo "</tr>\n"; } echo "<tr>\n"; echo '<td colspan="2"><p><a href="edit_org.php?attach_case=' . $case . '" class="create_new_lnk">' . _T('org_button_new_for_case') . '</a></p></td>' . "\n"; echo "</tr>\n"; show_list_end($list_pos, $number_of_rows); ?> <input type="hidden" name="case" value="<?php echo $case; ?> "> <input type="hidden" name="ref_sel_org" value="<?php
echo "<td valign=top>"; if ($todo['expire']) { echo __('Yes'); } else { echo __('No'); } echo "<td valign=top>"; if ($todo["expire_timestamp"] == "0000-00-00 00:00:00") { echo __('No expiration date'); } else { echo $todo["expire_timestamp"]; } echo '<td align="center" valign=top>'; echo '<a href="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=delete&id=' . $todo["id"] . '" onClick="if (!confirm(\' ' . __('Are you sure?') . '\')) return false;"><img border=0 src="images/cross.png"></a>'; echo "<tr><td colspan=3 style='border-bottom: 1px solid #acacac'>"; echo clean_output($todo["content"]); } echo "</table>"; echo '<form method="post" action="index.php?sec=godmode&sec2=godmode/setup/newsboard&operation=create">'; echo '<div style="width: 99%; text-align: right;">'; print_submit_button(__('Create'), 'crt', false, 'class="sub create'); echo '</form></div>'; } // Fin bloque else ?> <script type="text/javascript" src="include/js/jquery.ui.slider.js"></script> <script type="text/javascript" src="include/js/jquery.ui.datepicker.js"></script> <script type="text/javascript" src="include/languages/date_<?php echo $config['language_code']; ?> .js"></script>