function load($oid)
{
$q = new DBQuery();
$q->addQuery('*');
$q->addTable('risks');
$q->addWhere('risk_id = ' . $oid);
return db_loadObject($q->prepare(), $this);
}
function checkCompanyId($company_id)
{
$q = new DBQuery();
$q->addTable('companies');
$q->addQuery('count(*)');
$q->addWhere("company_id = '{$company_id}'");
return db_loadResult($q->prepare());
}
function load($oid)
{
$q = new DBQuery();
$q->addTable('departments', 'dep');
$q->addQuery('dep.*');
$q->addWhere('dep.dept_id = ' . $oid);
$sql = $q->prepare();
$q->clear();
return db_loadObject($sql, $this);
}
function _buildQuery()
{
$q = new DBQuery();
$q->addTable($this->table);
$q->addQuery('*');
$sql = '';
foreach ($this->search_fields as $field) {
$sql .= " {$field} LIKE '%{$this->keyword}%' or ";
}
$sql = substr($sql, 0, -4);
$q->addWhere($sql);
return $q->prepare(true);
}
function getFolderSelectList()
{
global $AppUI;
$folders = array(0 => '');
$q = new DBQuery();
$q->addTable('file_folders');
$q->addQuery('file_folder_id, file_folder_name, file_folder_parent');
$q->addOrder('file_folder_name');
$sql = $q->prepare();
// $sql = "SELECT file_folder_id, file_folder_name, file_folder_parent FROM file_folders";
$vfolders = arrayMerge(array('0' => array(0, $AppUI->_('Root'), -1)), db_loadHashList($sql, 'file_folder_id'));
$folders = array_filter($vfolders, "check_perm");
return $folders;
}
function _buildQuery()
{
$q = new DBQuery();
$q->addTable($this->table);
$q->addTable('files');
$q->addQuery('*');
$q->addWhere("files.file_id = {$this->table}.file_id");
$sql = '';
foreach ($this->search_fields as $field) {
$sql .= " {$field} LIKE '%{$this->keyword}%' or ";
}
$sql = substr($sql, 0, -4);
$q->addWhere("({$sql})");
$q->addGroup('files.file_id');
return $q->prepare(true);
}
function _buildQuery()
{
$q = new DBQuery();
$q->addTable($this->table);
$q->addQuery('company_id');
$q->addQuery('company_name');
$sql = array();
foreach ($this->search_fields as $field) {
$sql[] = "{$field} LIKE '%{$this->keyword}%'";
}
if (count($sql)) {
$q->addWhere(implode(' OR ', $sql));
}
$result = $q->prepare();
$q->clear();
return $result;
}
function getDepartmentArrayList($company_id, $checked_array = array(), $dept_parent = 0, $spaces = 0)
{
global $AppUI;
$q = new DBQuery();
$deptsArray = array();
$coArray = array();
$distinctCompanyName = "";
$q->addTable('departments');
$q->addQuery('dept_id, dept_name, co.company_name');
$q->addJoin('companies', 'co', 'departments.dept_company = co.company_id');
$q->addWhere('dept_parent = ' . $dept_parent);
$q->addOrder('co.company_name');
//$q->addWhere('dept_company = ' . $company_id);
require_once $AppUI->getModuleClass('companies');
$obj = new CCompany();
$sql = $q->prepare();
$depts_list = db_loadHashList($sql, 'dept_id');
$q->clear();
foreach ($depts_list as $dept_id => $dept_info) {
if (mb_strlen($dept_info['dept_name']) > 30) {
$dept_info['dept_name'] = mb_substr($dept_info['dept_name'], 0, 28) . '...';
}
$dept_name = str_repeat(' ', $spaces) . $dept_info['dept_name'];
$deptsArray[$dept_id] = $dept_name;
if ($distinctCompanyName != $dept_info['company_name']) {
$coArray[$dept_id] = $dept_info['company_name'];
$distinctCompanyName = $dept_info['company_name'];
}
$childDeptsNCo = getDepartmentArrayList($company_id, $checked_array, $dept_id, $spaces + 5);
$childDepts = $childDeptsNCo[0];
if (!empty($childDepts)) {
foreach ($childDepts as $childDeptId => $childDeptName) {
$deptsArray[$childDeptId] = $childDeptName;
}
}
}
$deptsNCoArray = array();
array_push($deptsNCoArray, $deptsArray, $coArray);
return $deptsNCoArray;
}
/**
* Overload of the dpObject::getDeniedRecords
* to ensure that the projects owned by denied companies are denied.
*
* @author handco <*****@*****.**>
* @see dpObject::getAllowedRecords
*/
function getDeniedRecords($uid)
{
$aBuf1 = parent::getDeniedRecords($uid);
$oCpy = new CCompany();
// Retrieve which projects are allowed due to the company rules
$aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name');
$q = new DBQuery();
$q->addTable('projects');
$q->addQuery('project_id');
if (count($aCpiesAllowed)) {
$q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))');
}
$sql = $q->prepare();
$q->clear();
$aBuf2 = db_loadColumn($sql);
return array_merge($aBuf1, $aBuf2);
}
}
$q->clear();
// Tasks:
$q->addUpdate('task_owner', $user_id);
$q->addTable('tasks');
$q->addWhere('task_owner = ' . $from_user);
$q->addWhere('task_project' . $project_where);
if (!$q->exec()) {
$AppUI->setMsg('failed to update task owner', UI_MSG_ERROR);
return;
}
$q->clear();
$q->addQuery('task_id');
$q->addTable('tasks');
$q->addWhere('task_project' . $project_where);
$task_sql = $q->prepare();
$q->clear();
$q->addUpdate('contact_id', $user_id);
$q->addTable('task_contacts');
$q->addWhere('contact_id = ' . $from_user);
$q->addWhere('task_id IN (' . $task_sql . ')');
if (!$q->exec()) {
$AppUI->setMsg('failed to update task contacts', UI_MSG_ERROR);
return;
}
$q->clear();
$q->addUpdate('user_id', $user_id);
$q->addTable('user_tasks');
$q->addWhere('user_id = ' . $from_user);
$q->addWhere('task_id IN (' . $task_sql . ')');
if (!$q->exec()) {
function getDepartmentDetails()
{
$result = array('dept_id' => 0, 'dept_name' => '');
if (!$this->contact_department) {
return $result;
}
$sql = "select dept_id, dept_name from departments";
$q = new DBQuery();
$q->addTable('departments');
$q->addQuery('dept_id, dept_name');
if ($this->is_alpha($this->contact_department)) {
$q->addWhere("dept_name = '" . $this->contact_department . "'");
} else {
$q->addWhere("dept_id = '" . $this->contact_department . "'");
}
$sql = $q->prepare();
$q->clear();
db_loadHash($sql, $result);
return $result;
}
$q->addQuery("COUNT(distinct tasks.task_id) AS total_tasks");
$q->addWhere('task_project = ' . $project_id);
$hasTasks = $q->loadResult();
$q->clear();
// load the record data
// GJB: Note that we have to special case duration type 24 and this refers to the hours in a day, NOT 24 hours
if ($hasTasks) {
$q->addTable('projects');
$q->addQuery("company_name, CONCAT_WS(', ',contact_last_name,contact_first_name) user_name, projects.*," . " SUM(t1.task_duration * t1.task_percent_complete" . " * IF(t1.task_duration_type = 24, {$working_hours}, t1.task_duration_type))" . " / SUM(t1.task_duration * IF(t1.task_duration_type = 24, {$working_hours}, t1.task_duration_type))" . " AS project_percent_complete");
$q->addJoin('companies', 'com', 'company_id = project_company');
$q->addJoin('users', 'u', 'user_id = project_owner');
$q->addJoin('contacts', 'con', 'contact_id = user_contact');
$q->addJoin('tasks', 't1', 'projects.project_id = t1.task_project');
$q->addWhere('project_id = ' . $project_id . ' AND t1.task_id = t1.task_parent');
$q->addGroup('project_id');
$sql = $q->prepare();
} else {
$q->addTable('projects');
$q->addQuery("company_name, CONCAT_WS(' ',contact_first_name,contact_last_name) user_name, projects.*, " . "(0.0) AS project_percent_complete");
$q->addJoin('companies', 'com', 'company_id = project_company');
$q->addJoin('users', 'u', 'user_id = project_owner');
$q->addJoin('contacts', 'con', 'contact_id = user_contact');
$q->addWhere('project_id = ' . $project_id);
$q->addGroup('project_id');
$sql = $q->prepare();
}
$q->clear();
$obj = null;
if (!db_loadObject($sql, $obj)) {
$AppUI->setMsg('Project');
$AppUI->setMsg("invalidID", UI_MSG_ERROR, true);
$allowedProjects = $project->getAllowedSQL($AppUI->user_id);
$working_hours = $dPconfig['daily_working_hours'] ? $dPconfig['daily_working_hours'] : 8;
$q->addQuery('project_id, project_color_identifier, project_name');
$q->addQuery('SUM(task_duration * task_percent_complete * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) / SUM(task_duration * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) AS project_percent_complete');
$q->addQuery('company_name');
$q->addTable('projects', 'pr');
$q->leftJoin('tasks', 't1', 'pr.project_id = t1.task_project');
$q->leftJoin('companies', 'c', 'company_id = project_company');
$q->addWhere('t1.task_id = t1.task_parent');
$q->addWhere('project_id=' . $project_id);
if (count($allowedProjects)) {
$q->addWhere($allowedProjects);
}
$q->addGroup('project_id');
$q->addOrder('project_name');
$psql = $q->prepare();
$q->addQuery('project_id, COUNT(t1.task_id) as total_tasks');
$psql2 = $q->prepare();
$q->clear();
$perms =& $AppUI->acl();
$projects = array();
if ($canViewTasks) {
$prc = db_exec($psql);
echo db_error();
while ($row = db_fetch_assoc($prc)) {
$projects[$row['project_id']] = $row;
}
$prc2 = db_exec($psql2);
echo db_error();
while ($row2 = db_fetch_assoc($prc2)) {
$projects[$row2["project_id"]] = !$projects[$row2["project_id"]] ? array() : $projects[$row2["project_id"]];
/**
* Login function
*
* A number of things are done in this method to prevent illegal entry:
* <ul>
* <li>The username and password are trimmed and escaped to prevent malicious
* SQL being executed
* </ul>
* The schema previously used the MySQL PASSWORD function for encryption. This
* Method has been deprecated in favour of PHP's MD5() function for database independance.
* The check_legacy_password option is no longer valid
*
* Upon a successful username and password match, several fields from the user
* table are loaded in this object for convenient reference. The style, locales
* and preferences are also loaded at this time.
*
* @param string The user login name
* @param string The user password
* @return boolean True if successful, false if not
*/
public function login($username, $password)
{
require_once W2P_BASE_DIR . '/classes/authenticator.class.php';
$auth_method = w2PgetConfig('auth_method', 'sql');
if ($_POST['login'] != 'login' && $_POST['login'] != $this->_('login', UI_OUTPUT_RAW) && $_REQUEST['login'] != $auth_method) {
die('You have chosen to log in using an unsupported or disabled login method');
}
$auth =& getauth($auth_method);
$username = trim(db_escape($username));
$password = trim($password);
if (!$auth->authenticate($username, $password)) {
return false;
}
$user_id = $auth->userId($username);
$username = $auth->username;
// Some authentication schemes may collect username in various ways.
// Now that the password has been checked, see if they are allowed to
// access the system
if (!isset($GLOBALS['acl'])) {
$GLOBALS['acl'] = new w2Pacl();
}
if (!$GLOBALS['acl']->checkLogin($user_id)) {
dprint(__FILE__, __LINE__, 1, 'Permission check failed');
return false;
}
$q = new DBQuery();
$q->addTable('users');
$q->addQuery('user_id, contact_first_name as user_first_name, contact_last_name as user_last_name, contact_company as user_company, contact_department as user_department, contact_email as user_email, user_type');
$q->addJoin('contacts', 'con', 'contact_id = user_contact', 'inner');
$q->addWhere('user_id = ' . (int) $user_id . ' AND user_username = \'' . $username . '\'');
$sql = $q->prepare();
$q->loadObject($this);
$q->clear();
dprint(__FILE__, __LINE__, 7, 'Login SQL: ' . $sql);
if (!$this) {
dprint(__FILE__, __LINE__, 1, 'Failed to load user information');
return false;
}
// load the user preferences
$this->loadPrefs($this->user_id);
$this->setUserLocale();
$this->checkStyle();
// Let's see if this user has admin privileges
if (!getDenyRead('admin')) {
$this->user_is_admin = 1;
}
return true;
}
public function notifyContacts($notifyContacts)
{
global $AppUI, $w2Pconfig, $locale_char_set;
if ($notifyContacts == '1') {
//if no project specified than we will not do anything
if ($this->file_project != 0) {
$this->_project = new CProject();
$this->_project->load($this->file_project);
$mail = new Mail();
if ($this->file_task == 0) {
//notify all developers
$mail->Subject($AppUI->_('Project') . ': ' . $this->_project->project_name . '::' . $this->file_name, $locale_char_set);
} else {
//notify all assigned users
$this->_task = new CTask();
$this->_task->load($this->file_task);
$mail->Subject($AppUI->_('Project') . ': ' . $this->_project->project_name . '::' . $this->_task->task_name . '::' . $this->file_name, $locale_char_set);
}
$body = $AppUI->_('Project') . ': ' . $this->_project->project_name;
$body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/index.php?m=projects&a=view&project_id=' . $this->_project->project_id;
if (intval($this->_task->task_id) != 0) {
$body .= "\n\n" . $AppUI->_('Task') . ': ' . $this->_task->task_name;
$body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/index.php?m=tasks&a=view&task_id=' . $this->_task->task_id;
$body .= "\n" . $AppUI->_('Description') . ":\n" . $this->_task->task_description;
$q = new DBQuery();
$q->addTable('project_contacts', 'pc');
$q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name');
$q->addJoin('contacts', 'c', 'c.contact_id = pc.contact_id');
$q->addWhere('pc.project_id = ' . (int) $this->_project->project_id);
$sql = '(' . $q->prepare() . ')';
$q->clear();
$sql .= ' UNION ';
$q->addTable('task_contacts', 'tc');
$q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name');
$q->addJoin('contacts', 'c', 'c.contact_id = tc.contact_id');
$q->addWhere('tc.task_id = ' . (int) $this->_task->task_id);
$sql .= '(' . $q->prepare() . ')';
$q->clear();
$this->_users = $q->loadList();
} else {
$q = new DBQuery();
$q->addTable('project_contacts', 'pc');
$q->addQuery('pc.project_id, pc.contact_id');
$q->addQuery('c.contact_email as contact_email, c.contact_first_name as contact_first_name, c.contact_last_name as contact_last_name');
$q->addJoin('contacts', 'c', 'c.contact_id = pc.contact_id');
$q->addWhere('pc.project_id = ' . (int) $this->file_project);
$this->_users = $q->loadList();
$q->clear();
}
$body .= "\n\nFile " . $this->file_name . ' was ' . $this->_message . ' by ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name;
if ($this->_message != 'deleted') {
$body .= "\n" . $AppUI->_('URL') . ': ' . W2P_BASE_URL . '/fileviewer.php?file_id=' . $this->file_id;
$body .= "\n" . $AppUI->_('Description') . ":\n" . $this->file_description;
}
//send mail
$mail->Body($body, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : '');
foreach ($this->_users as $row) {
if ($mail->ValidEmail($row['contact_email'])) {
$mail->To($row['contact_email'], true);
$mail->Send();
}
}
return '';
}
}
}
function _buildQuery()
{
$q = new DBQuery();
if ($this->table_alias) {
$q->addTable($this->table, $this->table_alias);
} else {
$q->addTable($this->table);
}
$q->addQuery($this->table_key);
if (isset($this->table_key2)) {
$q->addQuery($this->table_key2);
}
//--MSy--
foreach ($this->table_joins as $join) {
$q->addJoin($join['table'], $join['alias'], $join['join']);
}
foreach ($this->display_fields as $fld) {
$q->addQuery($fld);
}
$q->addOrder($this->table_orderby);
if ($this->table_extra) {
$q->addWhere($this->table_extra);
}
$sql = '';
foreach (array_keys($this->keywords) as $keyword) {
$sql .= '(';
foreach ($this->search_fields as $field) {
//OR treatment to each keyword
// Search for semi-colons, commas or spaces and allow any to be separators
$or_keywords = preg_split('/[\\s,;]+/', $keyword);
foreach ($or_keywords as $or_keyword) {
if ($this->search_options['ignore_specchar'] == "on") {
$tmppattern = recode2regexp_utf8($or_keyword);
if ($this->search_options['ignore_case'] == "on") {
$sql .= " {$field} REGEXP '{$tmppattern}' or ";
} else {
$sql .= " {$field} REGEXP BINARY '{$tmppattern}' or ";
}
} else {
if ($this->search_options['ignore_case'] == "on") {
$sql .= " {$field} LIKE '%{$or_keyword}%' or ";
} else {
$sql .= " {$field} LIKE BINARY '%{$or_keyword}%' or ";
}
}
}
}
// foreach $field
$sql = substr($sql, 0, -4);
if ($this->search_options['all_words'] == "on") {
$sql .= ') and ';
} else {
$sql .= ') or ';
}
}
// foreach $keyword
//--MSy--
$sql = substr($sql, 0, -4);
if ($sql) {
$q->addWhere($sql);
return $q->prepare(true);
} else {
return '/* */';
}
}
$actions['m'] = $AppUI->_('Move', UI_OUTPUT_JS);
$actions['d'] = $AppUI->_('Delete', UI_OUTPUT_JS);
$actions['f'] = $AppUI->_('Mark as Finished', UI_OUTPUT_JS);
foreach ($priorities as $k => $v) {
$actions[$k] = $AppUI->_('set priority to ' . $v, UI_OUTPUT_JS);
}
}
$deny = $proj->getDeniedRecords($AppUI->user_id);
$q = new DBQuery();
$q->addTable('projects', 'p');
$q->addQuery('p.project_id, p.project_name');
if ($deny) {
$q->addWhere('p.project_id NOT IN (' . implode(',', $deny) . ')');
}
$q->addOrder('p.project_name');
$projects = db_loadHashList($q->prepare(true), 'project_id');
$p[0] = $AppUI->_('[none]');
foreach ($projects as $proj) {
$p[$proj[0]] = $proj[1];
}
if ($project_id) {
$p[$project_id] = $AppUI->_('[same project]');
}
natsort($p);
$projects = $p;
$ts[0] = $AppUI->_('[top task]');
foreach ($tasks as $t) {
$ts[$t['task_id']] = $t['task_name'];
}
?>
?>
<form name="form_buttons" method="post" action="index.php?<?php
echo "m={$m}&a={$a}&date={$date}";
?>
">
<input type="hidden" name="show_form" value="1" />
<table width="100%" border="0" cellpadding="1" cellspacing="0">
<tr>
<td width="50%">
<?php
if ($other_users) {
$q->addTable('users', 'u');
$q->innerJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addQuery('u.user_id, u.user_username, c.contact_first_name, c.contact_last_name');
$q->addOrder('contact_last_name');
$usersql = $q->prepare();
$q->clear();
echo $AppUI->_('Show Todo for:');
?>
<select name="show_user_todo" onchange="javascript:document.form_buttons.submit();">
<?php
if ($rows = db_loadList($usersql, NULL)) {
foreach ($rows as $row) {
$selected = $user_id == $row['user_id'] ? ' selected="selected"' : '';
echo '<option value="' . $row['user_id'] . '"' . $selected . '>' . $row['contact_last_name'] . ', ' . $row['contact_first_name'] . '</option>' . "\n";
}
}
}
?>
</select>
</td>
function format_field($value, $type, $ticket = NULL)
{
global $CONFIG;
global $AppUI;
global $canEdit;
switch ($type) {
case "user":
if ($value) {
$output = query2result("SELECT CONCAT_WS(' ',contact_first_name,contact_last_name) as name FROM users u LEFT JOIN contacts ON u.user_contact = contact_id WHERE user_id = '{$value}'");
} else {
$output = "-";
}
break;
case "status":
if ($canEdit) {
$output = create_selectbox("type_toggle", array("Open" => $AppUI->_("Open"), "Processing" => $AppUI->_("Processing"), "Closed" => $AppUI->_("Closed"), "Deleted" => $AppUI->_("Deleted")), $value);
} else {
$output = chooseSelectedValue("type_toggle", array("Open" => $AppUI->_("Open"), "Processing" => $AppUI->_("Processing"), "Closed" => $AppUI->_("Closed"), "Deleted" => $AppUI->_("Deleted")), $value);
}
break;
case "priority_view":
$priority = $CONFIG["priority_names"][$value];
$color = $CONFIG["priority_colors"][$value];
if ($value == 3) {
$priority = "<strong>{$priority}</strong>";
}
if ($value == 4) {
$priority = "<blink><strong>{$priority}</strong></blink>";
}
$output = "<font color=\"{$color}\">{$priority}</font>";
break;
case "priority_select":
if ($canEdit) {
$output = create_selectbox("priority_toggle", $CONFIG["priority_names"], $value);
} else {
$output = chooseSelectedValue("priority_toggle", $CONFIG["priority_names"], $value);
}
break;
case "assignment":
$options[0] = "-";
$query = "SELECT user_id as id, CONCAT_WS(' ',contact_first_name,contact_last_name) as name FROM users u LEFT JOIN contacts ON u.user_contact = contact_id ORDER BY name";
$result = do_query($query);
while ($row = result2hash($result)) {
$options[$row["id"]] = $row["name"];
}
if ($canEdit) {
$output = create_selectbox("assignment_toggle", $options, $value);
} else {
$output = chooseSelectedValue("assignment_toggle", $options, $value);
}
break;
case "view":
if ($CONFIG["index_link"] == "latest") {
$latest_value = query2result("SELECT ticket FROM tickets WHERE parent = '{$value}' ORDER BY ticket DESC LIMIT 1");
if ($latest_value) {
$value = $latest_value;
}
}
$output = "<a href=index.php?m=ticketsmith&a=view&ticket={$value}>{$value} ";
$output .= "<img src=images/icons/pencil.gif border=0></a>";
break;
case "attach":
$output = "<A href=index.php?m=ticketsmith&a=attach&ticket={$value}>";
$output .= "Link</a>";
break;
case "doattach":
$output = "<A href=index.php?m=ticketsmith&a=attach&newparent={$value}&dosql=reattachticket&ticket={$ticket}>";
$output .= "Link</a>";
break;
case "open_date":
$output = get_time_ago($value);
if ($CONFIG["warning_active"]) {
if (time() - $value > $CONFIG["warning_age"] * 3600) {
$output = "<font color=\"" . $CONFIG["warning_color"] . "\"><xb>" . $output . "</strong></font>";
}
}
break;
case "activity_date":
if (!$value) {
$output = "<em>" . $AppUI->_('none') . "</em>";
} else {
$output = get_time_ago($value);
}
$latest_followup_type = query2result("SELECT type FROM tickets WHERE parent = '{$ticket}' ORDER BY timestamp DESC LIMIT 1");
if ($latest_followup_type) {
$latest_followup_type = preg_replace("/(\\w+)\\s.*/", "\\1", $latest_followup_type);
$output .= " [{$latest_followup_type}]";
}
break;
case "elapsed_date":
$output = date($CONFIG["date_format"], $value);
$time_ago = get_time_ago($value);
$output .= " <em>({$time_ago})</em>";
break;
case "body":
if ($CONFIG["wordwrap"]) {
$value = word_wrap($value, 78);
}
$value = htmlspecialchars($value);
$output = "<table width=\"100%\" border=\"1\" cellspacing=\"0\" cellpadding=\"10\">\n";
$output .= "<tr><td bgcolor=\"" . $CONFIG["ticket_color"] . "\">\n<tt><pre>\n";
$url_find = "/(http|https|ftp|news|telnet|finger)(:\\/\\/[^ \">\\t\\r\\n]*)/";
$url_replace = "<a href=\"\\1\\2\" target=\"new\">";
$url_replace .= "<span style=\"font-size: 10pt;\">\\1\\2</span></a>";
$value = preg_replace($url_find, $url_replace, $value);
$output .= stripslashes($value);
$output .= "\n</pre></tt>\n</td></tr>\n</table>\n";
break;
case "followup":
$output = "\n<tt>\n";
$output .= "<textarea style='font-family: monospace;' name=\"followup\" wrap=\"hard\" cols=\"72\" rows=\"20\">\n";
$signature = query2result("SELECT user_signature FROM users WHERE user_id = '{$AppUI->user_id}'");
if ($signature) {
$output .= "\n";
$output .= "-- \n";
$output .= $signature;
}
$output .= "\n\n";
$output .= "---- " . $AppUI->_('Original message') . " ----\n\n";
if ($CONFIG["wordwrap"]) {
$value = word_wrap($value, 70, true);
}
$value = htmlspecialchars($value);
$output .= $value;
$output .= "\n</textarea>\n";
$output .= "</tt>\n";
break;
case "subject":
$value = preg_replace("/\\s*Re:\\s*/i", "", $value);
$value = preg_replace("/(\\[\\#\\d+\\])(\\w+)/", "\\2", $value);
$value = "Re: " . $value;
$value = htmlspecialchars($value);
@($output .= "<input type=\"text\" name=\"subject\" value=\"{$value}\" size=\"70\">\n");
break;
case "cc":
$value = htmlspecialchars($value);
$output = "<input type=\"text\" name=\"cc\" value=\"{$value}\" size=\"70\">";
break;
case "recipient":
$value = htmlspecialchars($value);
$output = "<input type=\"text\" name=\"recipient\" value=\"{$value}\" size=\"70\">";
break;
case "original_author":
if ($value) {
$value = preg_replace('/\\"/', '', $value);
$output = htmlspecialchars($value);
} else {
$output = "<em>(" . $AppUI->_('original ticket author') . ")</em>";
}
break;
case "email":
if ($value) {
$value = preg_replace('/\\"/', '', $value);
$output = htmlspecialchars($value);
} else {
$output = "<em>" . $AppUI->_('none') . "</em>";
}
break;
case 'ticket_company':
$q = new DBQuery();
$q->addTable('companies');
$q->addQuery('companies.*');
$q->addWhere('companies.company_id = ' . $value);
$sql = $q->prepare();
if (!db_loadObject($sql, $obj)) {
// it all dies!
}
$output = '<a href="index.php?m=companies&a=view&company_id=' . $value . '">' . $obj->company_name . '</a>';
break;
case 'ticket_project':
$q = new DBQuery();
$q->addTable('projects');
$q->addQuery('projects.*');
$q->addWhere('projects.project_id = ' . $value);
$sql = $q->prepare();
if (!db_loadObject($sql, $obj)) {
// it all dies!
}
$output = '<a href="index.php?m=projects&a=view&project_id=' . $value . '">' . $obj->project_name . '</a>';
break;
default:
$output = $value ? htmlspecialchars($value) : "<em>" . $AppUI->_('none') . "</em>";
}
return $output;
}
function displayFiles($folder_id)
{
global $AppUI, $m, $a, $tab, $page;
global $current_uri;
global $canAccess, $canRead, $canEdit, $canAuthor, $canDelete;
global $canAccess_folders, $canRead_folders, $canEdit_folders;
global $canAuthor_folders, $canDelete_folders;
global $company_id, $project_id, $task_id;
global $allowedCompanies, $allowedProjects, $allowedTasks, $allowedFolders;
global $showProject, $cfObj, $dPconfig;
$df = $AppUI->getPref('SHDATEFORMAT');
$tf = $AppUI->getPref('TIMEFORMAT');
$file_types = dPgetSysVal('FileType');
$xpg_pagesize = 30;
//TODO?: Set by System Config Value ...
$xpg_totalrecs = countFiles($folder_id);
//get file count for folder
$xpg_total_pages = $xpg_totalrecs > $xpg_pagesize ? ceil($xpg_totalrecs / $xpg_pagesize) : 1;
$xpg_min = $xpg_pagesize * ($page - 1);
// This is where we start our record set from
$q = new DBQuery();
// most recent version info per file_project and file_version_id
$q->createTemp('files_count_max' . $folder_id);
$q->addTable('files', 'f');
$q->addQuery('DISTINCT count(f.file_id) as file_versions' . ', max(f.file_version) as file_lastversion' . ', file_version_id, f.file_project');
$q->addJoin('projects', 'p', 'p.project_id = f.file_project');
$q->addJoin('tasks', 't', 't.task_id = f.file_task');
$q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder');
$q->addWhere('f.file_folder = ' . $folder_id);
if (count($allowedProjects)) {
$q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)');
}
if (count($allowedTasks)) {
$q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)');
}
if (count($allowedFolders)) {
$q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)');
}
if ($company_id) {
$q->innerJoin('companies', 'co', 'co.company_id = p.project_company');
$q->addWhere('co.company_id = ' . $company_id);
if (count($allowedCompanies)) {
$q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')');
}
}
$q->addGroup('f.file_version_id');
$q->addGroup('f.file_project');
$file_version_max_counts = $q->exec();
$q->clear();
// most recent version
$q->addTable('files', 'f');
$q->addQuery('f.*, fmc.file_versions, round(fmc.file_lastversion, 2) as file_lastversion' . ', u.user_username as file_owner, ff.file_folder_name' . ', ff.file_folder_id, ff.file_folder_name, p.project_name' . ', p.project_color_identifier, p.project_owner, c.contact_first_name' . ', c.contact_last_name, t.task_name, u.user_username as file_owner' . ', cc.contact_first_name as checkout_first_name' . ', cc.contact_last_name as checkout_last_name');
$q->addJoin('files_count_max' . $folder_id, 'fmc', '(fmc.file_lastversion=f.file_version AND fmc.file_version_id=f.file_version_id' . ' AND fmc.file_project=f.file_project)', 'inner');
$q->addJoin('projects', 'p', 'p.project_id = f.file_project');
$q->addJoin('users', 'u', 'u.user_id = f.file_owner');
$q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addJoin('tasks', 't', 't.task_id = f.file_task');
$q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder');
$q->leftJoin('users', 'cu', 'cu.user_id = f.file_checkout');
$q->leftJoin('contacts', 'cc', 'cc.contact_id = cu.user_contact');
$q->addWhere('f.file_folder = ' . $folder_id);
if (count($allowedProjects)) {
$q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)');
}
if (count($allowedTasks)) {
$q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)');
}
if (count($allowedFolders)) {
$q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)');
}
if ($project_id) {
$q->addWhere('f.file_project = ' . $project_id);
}
if ($task_id) {
$q->addWhere('f.file_task = ' . $task_id);
}
if ($company_id) {
$q->innerJoin('companies', 'co', 'co.company_id = p.project_company');
$q->addWhere('co.company_id = ' . $company_id);
if (count($allowedCompanies)) {
$q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')');
}
}
$q->addOrder('p.project_name');
$q->setLimit($xpg_pagesize, $xpg_min);
$files_sql = $q->prepare();
$q->clear();
// all versions
$q->addTable('files', 'f');
$q->addQuery('f.*, ff.file_folder_id, ff.file_folder_name, p.project_name' . ', p.project_color_identifier, p.project_owner, c.contact_first_name' . ', c.contact_last_name, t.task_name, u.user_username as file_owner');
$q->addJoin('projects', 'p', 'p.project_id = f.file_project');
$q->addJoin('users', 'u', 'u.user_id = f.file_owner');
$q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addJoin('tasks', 't', 't.task_id = f.file_task');
$q->addJoin('file_folders', 'ff', 'ff.file_folder_id = f.file_folder');
$q->addWhere('f.file_folder = ' . $folder_id);
if (count($allowedProjects)) {
$q->addWhere('((' . implode(' AND ', $allowedProjects) . ') OR f.file_project = 0)');
}
if (count($allowedTasks)) {
$q->addWhere('((' . implode(' AND ', $allowedTasks) . ') OR f.file_task = 0)');
}
if (count($allowedFolders)) {
$q->addWhere('((' . implode(' AND ', $allowedFolders) . ') OR f.file_folder = 0)');
}
if ($project_id) {
$q->addWhere('f.file_project = ' . $project_id);
}
if ($task_id) {
$q->addWhere('f.file_task = ' . $task_id);
}
if ($company_id) {
$q->innerJoin('companies', 'co', 'co.company_id = p.project_company');
$q->addWhere('co.company_id = ' . $company_id);
if (count($allowedCompanies)) {
$q->addWhere('(' . implode(' AND ', $allowedCompanies) . ')');
}
}
$file_versions_sql = $q->prepare();
$q->clear();
//file arrays
$files = array();
$file_versions = array();
if ($canRead) {
$files = db_loadList($files_sql);
$file_versions = db_loadHashList($file_versions_sql, 'file_id');
}
$q->dropTemp('files_count_max' . $folder_id);
$q->exec();
if ($files == array()) {
return;
}
?>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
<tr>
<th nowrap="nowrap"><?php
echo $AppUI->_('File Name');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Description');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Versions');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Category');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Task Name');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Owner');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Size');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Date');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('co Reason');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('co');
?>
</th>
<th nowrap width="1"></th>
<th nowrap width="1"></th>
</tr>
<?php
$fp = -1;
$file_date = new CDate();
$id = 0;
foreach ($files as $row) {
$file_date = new CDate($row['file_date']);
$canEdit_file = getPermission('files', 'edit', $row['file_id']);
//single file
if ($fp != $row['file_project']) {
if (!$row['file_project']) {
$row['project_name'] = $AppUI->_('Not associated to projects');
$row['project_color_identifier'] = 'f4efe3';
}
if ($showProject) {
$style = 'background-color:#' . $row['project_color_identifier'] . ';color:' . bestColor($row['project_color_identifier']);
?>
<tr>
<td colspan="20" style="border: outset 2px #eeeeee;<?php
echo $style;
?>
">
<a href="?m=projects&a=view&project_id=<?php
echo $row['file_project'];
?>
">
<span style="<?php
echo $style;
?>
"><?php
echo $row['project_name'];
?>
</span></a>
</td>
</tr>
<?php
}
}
$fp = $row['file_project'];
?>
<form name="frm_remove_file_<?php
echo $row['file_id'];
?>
" action="?m=files"
method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="del" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $row['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<form name="frm_duplicate_file_<?php
echo $row['file_id'];
?>
" action="?m=files"
method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="duplicate" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $row['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<tr>
<td nowrap="8%">
<?php
$file_icon = getIcon($row['file_type']);
?>
<a href="./fileviewer.php?file_id=<?php
echo $row['file_id'];
?>
"
title="<?php
echo $row['file_description'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/' . $file_icon, '16', '16');
?>
<?php
echo $row['file_name'];
?>
</a>
</td>
<td width="20%"><?php
echo $row['file_description'];
?>
</td>
<td width="5%" nowrap="nowrap" align="center">
<?php
$hidden_table = '';
echo $row['file_lastversion'];
if ($row['file_versions'] > 1) {
?>
<a href="#" onClick="expand('versions_<?php
echo $row['file_id'];
?>
');">
(<?php
echo $row['file_versions'];
?>
)
</a>
<?php
}
?>
</td>
<td width="10%" nowrap="nowrap" align="center">
<?php
echo $file_types[$row['file_category']];
?>
</td>
<td width="5%" align="center">
<a href="./index.php?m=tasks&a=view&task_id=<?php
echo $row['file_task'];
?>
">
<?php
echo $row['task_name'];
?>
</a>
</td>
<td width="15%" nowrap="nowrap">
<?php
echo $row["contact_first_name"] . ' ' . $row["contact_last_name"];
?>
</td>
<td width="5%" nowrap="nowrap" align="right">
<?php
echo file_size(intval($row['file_size']));
?>
</td>
<td width="15%" nowrap="nowrap" align="right">
<?php
echo $file_date->format($df . ' ' . $tf);
?>
</td>
<td width="10%"><?php
echo $row['file_co_reason'];
?>
</td>
<td nowrap="nowrap" align="center">
<?php
if ($canEdit && empty($row['file_checkout'])) {
?>
<a href="?m=files&a=co&file_id=<?php
echo $row['file_id'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/up.png', '16', '16', 'checkout', 'checkout file');
?>
</a>
<?php
} else {
if ($row['file_checkout'] == $AppUI->user_id) {
?>
<a href="?m=files&a=addedit&ci=1&file_id=<?php
echo $row['file_id'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/down.png', '16', '16', 'checkin', 'checkin file');
?>
</a>
<?php
} else {
if ($file['file_checkout'] == 'final') {
echo ' ' . $AppUI->_('final');
} else {
echo ' ' . $row['checkout_first_name'] . ' ' . $row['checkout_last_name'] . '<br />(' . $row['co_user'] . ')';
}
}
}
?>
</td>
<td nowrap="nowrap" align="right" width="48">
<?php
if (empty($row['file_checkout']) || $row['file_checkout'] == 'final') {
// Edit File
if ($canEdit || $row['project_owner'] == $AppUI->user_id) {
?>
<a href="./index.php?m=files&a=addedit&file_id=<?php
echo $row['file_id'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file');
?>
</a>
<?php
}
// Duplicate File
if ($canAuthor || $row['project_owner'] == $AppUI->user_id) {
?>
<a href="#"
onclick="document.frm_duplicate_file_<?php
echo $row['file_id'];
?>
.submit()">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file');
?>
</a>
<?php
}
// Delete File
if ($canDelete || $row['project_owner'] == $AppUI->user_id) {
?>
<a href="#"
onclick="if (confirm('Are you sure you want to delete this file?')) {document.frm_remove_file_<?php
echo $row['file_id'];
?>
.submit()}">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/remove.png', '16', '16', 'delete file', 'delete file');
?>
</a>
<?php
}
}
?>
</td>
<td nowrap="nowrap" align="center" width="1">
<?php
if ((empty($row['file_checkout']) || $row['file_checkout'] == 'final') && ($canEdit || $row['project_owner'] == $AppUI->user_id)) {
$bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $row['file_id'] . ') : removeBulkComponent(' . $row['file_id'] . ')"';
?>
<input type="checkbox" <?php
echo $bulk_op;
?>
name="chk_sub_sel_file_<?php
echo $file_row['file_id'];
?>
" />
<?php
}
?>
</td>
</tr>
<?php
if ($row['file_versions'] > 1) {
?>
<tr><td colspan="20">
<table style="display: none" id="versions_<?php
echo $row['file_id'];
?>
"
width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
<tr>
<th nowrap="nowrap"><?php
echo $AppUI->_('File Name');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Description');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Versions');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Category');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Task Name');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Owner');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Size');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Type');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Date');
?>
</th>
<th nowrap="nowrap"width="1"> </th>
<th nowrap="nowrap"width="1"> </th>
</tr>
<?php
foreach ($file_versions as $file) {
if ($file['file_version_id'] == $row['file_version_id']) {
$file_icon = getIcon($file['file_type']);
$file_version_date = new Date($file['file_date']);
?>
<form name="frm_delete_sub_file_<?php
echo $file['file_id'];
?>
"
action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="del" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $file['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<form name="frm_duplicate_sub_file_<?php
echo $file['file_id'];
?>
"
action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="duplicate" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $file['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<tr>
<td nowrap="8%">
<a href="./fileviewer.php?file_id=<?php
echo $file['file_id'];
?>
"
title="<?php
echo $file['file_description'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/' . $file_icon, '16', '16');
?>
<?php
echo $file['file_name'];
?>
</a>
</td>
<td width="20%"><?php
echo $file['file_description'];
?>
</td>
<td width="5%" nowrap="nowrap" align="center"><?php
echo $file['file_version'];
?>
</td>
<td width="10%" nowrap="nowrap" align="center">
<?php
echo $file_types[$file['file_category']];
?>
</td>
<td width="5%" align="center">
<a href="./index.php?m=tasks&a=view&task_id=<?php
echo $file['file_task'];
?>
">
<?php
echo $file['task_name'];
?>
</a>
</td>
<td width="15%" nowrap="nowrap">
<?php
echo $file["contact_first_name"] . ' ' . $file["contact_last_name"];
?>
</td>
<td width="5%" nowrap="nowrap" align="right">
<?php
echo file_size(intval($file['file_size']));
?>
</td>
<td nowrap="nowrap">
<?php
echo $row['file_type'];
?>
</td>
<td width="15%" nowrap="nowrap" align="right">
<?php
echo $file_version_date->format($df . ' ' . $tf);
?>
</td>
<td nowrap="nowrap" align="right" width="48">
<?php
if (empty($file['file_checkout']) || $file['file_checkout'] == 'final') {
// Edit File
if ($canEdit || $row['project_owner'] == $AppUI->user_id) {
?>
<a href="./index.php?m=files&a=addedit&file_id=<?php
echo $row['file_id'];
?>
">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file');
?>
</a>
<?php
}
// Duplicate File
if ($canAuthor) {
?>
<a href="#"
onclick="document.frm_duplicate_file_<?php
echo $row['file_id'];
?>
.submit()">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file');
?>
</a>
<?php
}
// Delete File
if ($canDelete) {
?>
<a href="#"
onclick="if (confirm('<?php
echo $AppUI->_('Are you sure you want to delete this file?');
?>
')) {document.frm_remove_file_<?php
echo $row['file_id'];
?>
.submit()}">
<?php
echo dPshowImage(DP_BASE_URL . '/modules/files/images/remove.png', '16', '16', 'delete file', $AppUI->_('delete file'));
?>
</a>
<?php
}
}
?>
</td>
<td nowrap="nowrap" align="center" width="1">
<?php
if ((empty($row['file_checkout']) || $row['file_checkout'] == 'final') && ($canEdit || $row['project_owner'] == $AppUI->user_id)) {
$bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $row['file_id'] . ') : removeBulkComponent(' . $row['file_id'] . ')"';
?>
<input type="checkbox" <?php
echo $bulk_op;
?>
name="chk_sub_sel_file_<?php
echo $file_row['file_id'];
?>
" />
<?php
}
?>
</td>
</tr>
<?php
}
}
?>
</table>
</td></tr>
<?php
}
}
?>
</table>
<?php
shownavbar($xpg_totalrecs, $xpg_pagesize, $xpg_total_pages, $page, $folder_id);
echo "<br />";
}
/**
* This function recursively updates all tasks project
* to the one passed as parameter
*/
function updateSubTasksProject($new_project, $task_id = null)
{
$q = new DBQuery();
if (is_null($task_id)) {
$task_id = $this->task_id;
}
$q->addTable('tasks');
$q->addQuery('task_id');
$q->addWhere("task_parent = '" . $task_id . "'");
$sql = $q->prepare();
$q->clear();
$tasks_id = db_loadColumn($sql);
if (count($tasks_id) == 0) {
return true;
}
// update project of children
$q->addTable('tasks');
$q->addUpdate('task_project', $new_project);
$q->addWhere("task_parent = '" . $task_id . "'");
$q->exec();
$q->clear();
foreach ($tasks_id as $id) {
if ($id != $task_id) {
$this->updateSubTasksProject($new_project, $id);
}
}
}
$q->addQuery('ROUND(SUM(task_duration),2)');
$q->addWhere('task_project = ' . (int) $project_id . ' AND task_duration_type = 24 AND task_dynamic <> 1');
$days = $q->loadResult();
$q->clear();
$q->addTable('tasks');
$q->addQuery('ROUND(SUM(task_duration),2)');
$q->addWhere('task_project = ' . (int) $project_id . ' AND task_duration_type = 1 AND task_dynamic <> 1');
$hours = $q->loadResult();
$q->clear();
$total_hours = $days * $w2Pconfig['daily_working_hours'] + $hours;
$total_project_hours = 0;
$q->addTable('tasks', 't');
$q->addQuery('ROUND(SUM(t.task_duration*u.perc_assignment/100),2)');
$q->addJoin('user_tasks', 'u', 't.task_id = u.task_id');
$q->addWhere('t.task_project = ' . (int) $project_id . ' AND t.task_duration_type = 24 AND t.task_dynamic <> 1');
$total_project_days_sql = $q->prepare();
$q2 = new DBQuery();
$q2->addTable('tasks', 't');
$q2->addQuery('ROUND(SUM(t.task_duration*u.perc_assignment/100),2)');
$q2->addJoin('user_tasks', 'u', 't.task_id = u.task_id');
$q2->addWhere('t.task_project = ' . (int) $project_id . ' AND t.task_duration_type = 1 AND t.task_dynamic <> 1');
$total_project_hours = $q->loadResult() * $w2Pconfig['daily_working_hours'] + $q2->loadResult();
$q->clear();
$q2->clear();
//due to the round above, we don't want to print decimals unless they really exist
//$total_project_hours = rtrim($total_project_hours, "0");
} else {
//no tasks in project so "fake" project data
$worked_hours = $total_hours = $total_project_hours = 0.0;
}
?>
}
$AppUI->savePlace();
$canEdit = getPermission($m, 'edit');
$canRead = getPermission($m, 'view');
if (!$canRead) {
$AppUI->redirect('m=public&a=access_denied');
}
$hidden_modules = array('public', 'install');
$q = new DBQuery();
$q->addQuery('*');
$q->addTable('modules');
foreach ($hidden_modules as $no_show) {
$q->addWhere('mod_directory != \'' . $no_show . '\'');
}
$q->addOrder('mod_ui_order');
$modules = db_loadList($q->prepare());
// get the modules actually installed on the file system
$modFiles = $AppUI->readDirs('modules');
$titleBlock = new CTitleBlock('Modules', 'power-management.png', $m, $m . "." . $a);
$titleBlock->addCrumb('?m=system', 'System Admin');
$titleBlock->show();
?>
<table border="0" cellpadding="2" cellspacing="1" width="98%" class="tbl">
<tr>
<th colspan="2"><?php
echo $AppUI->_('Module');
?>
</th>
<th><?php
echo $AppUI->_('Status');
function delete()
{
$q = new DBQuery();
$q->setDelete('forum_visits');
$q->addWhere('visit_message = ' . $this->message_id);
$q->exec();
// No error if this fails, it is not important.
$q->clear();
$q->addTable('forum_messages');
$q->addQuery('message_forum');
$q->addWhere('message_id = ' . $this->message_id);
$forumId = db_loadResult($q->prepare());
$q->clear();
$q->setDelete('forum_messages');
$q->addWhere('message_id = ' . $this->message_id);
if (!$q->exec()) {
$result = db_error();
} else {
$result = NULL;
}
$q->clear();
$q->addTable('forum_messages');
$q->addQuery('COUNT(*)');
$q->addWhere('message_forum = ' . $forumId);
$messageCount = db_loadResult($q->prepare());
$q->clear();
$q->addTable('forums');
$q->addUpdate('forum_message_count', $messageCount);
$q->addWhere('forum_id = ' . $forumId);
$q->exec();
$q->clear();
return $result;
}
function displayFiles($folder)
{
global $m, $a, $tab, $AppUI, $xpg_min, $xpg_pagesize;
global $deny1, $deny2, $project_id, $task_id, $showProject, $file_types, $cfObj;
global $xpg_totalrecs, $xpg_total_pages, $page;
global $company_id, $allowed_companies, $current_uri, $dPconfig;
$canEdit = !getDenyEdit($m, $folder);
$canRead = !getDenyRead($m, $folder);
$df = $AppUI->getPref('SHDATEFORMAT');
$tf = $AppUI->getPref('TIMEFORMAT');
// SETUP FOR FILE LIST
$q = new DBQuery();
$q->addTable('files');
$q->addQuery('files.*,count(file_version) as file_versions,round(max(file_version), 2) as file_lastversion,file_folder_id, file_folder_name,project_name, project_color_identifier,contact_first_name, contact_last_name,task_name,task_id');
$q->addJoin('projects', 'p', 'p.project_id = file_project');
$q->addJoin('users', 'u', 'u.user_id = file_owner');
$q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addJoin('tasks', 't', 't.task_id = file_task');
$q->addJoin('file_folders', 'ff', 'ff.file_folder_id = file_folder');
$q->addWhere('file_folder = ' . $folder);
if (count($deny1) > 0) {
$q->addWhere('file_project NOT IN (' . implode(',', $deny1) . ')');
}
if (count($deny2) > 0) {
$q->addWhere('file_task NOT IN (' . implode(',', $deny2) . ')');
}
if ($project_id) {
$q->addWhere('file_project = ' . $project_id);
}
if ($task_id) {
$q->addWhere('file_task = ' . $task_id);
}
if ($company_id) {
$q->innerJoin('companies', 'co', 'co.company_id = p.project_company');
$q->addWhere('company_id = ' . $company_id);
$q->addWhere('company_id IN (' . $allowed_companies . ')');
}
$q->addGroup('file_folder');
$q->addGroup('project_name');
$q->addGroup('file_name');
$q->addOrder('file_folder');
$q->addOrder('project_name');
$q->addOrder('file_name');
$q->setLimit($xpg_pagesize, $xpg_min);
$files_sql = $q->prepare();
$q->clear();
$q = new DBQuery();
$q->addTable('files');
$q->addQuery('files.file_id, file_version, file_project, file_name, file_task, file_description, user_username as file_owner, file_size, file_category, file_type, file_date, file_folder_name');
$q->addJoin('projects', 'p', 'p.project_id = file_project');
$q->addJoin('users', 'u', 'u.user_id = file_owner');
$q->addJoin('tasks', 't', 't.task_id = file_task');
$q->addJoin('file_folders', 'ff', 'ff.file_folder_id = file_folder');
$q->addWhere('file_folder = ' . $folder);
if ($project_id) {
$q->addWhere('file_project = ' . $project_id);
}
if ($task_id) {
$q->addWhere('file_task = ' . $task_id);
}
if ($company_id) {
$q->innerJoin('companies', 'co', 'co.company_id = p.project_company');
$q->addWhere('company_id = ' . $company_id);
$q->addWhere('company_id IN (' . $allowed_companies . ')');
}
$file_versions_sql = $q->prepare();
$q->clear();
$files = array();
$file_versions = array();
if ($canRead) {
$files = db_loadList($files_sql);
$file_versions = db_loadList($file_versions_sql);
}
if ($files === array()) {
return 0;
}
?>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
<tr>
<th nowrap="nowrap"><?php
echo $AppUI->_('File Name');
?>
</th>
<th><?php
echo $AppUI->_('Description');
?>
</th>
<th><?php
echo $AppUI->_('Versions');
?>
</th>
<th><?php
echo $AppUI->_('Category');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('Task Name');
?>
</th>
<th><?php
echo $AppUI->_('Owner');
?>
</th>
<th><?php
echo $AppUI->_('Size');
?>
</th>
<th><?php
echo $AppUI->_('Type');
?>
</a></th>
<th><?php
echo $AppUI->_('Date');
?>
</th>
<th nowrap="nowrap"><?php
echo $AppUI->_('co Reason');
?>
</th>
<th><?php
echo $AppUI->_('co');
?>
</th>
<th nowrap width="1"></th>
<th nowrap width="1"></th>
</tr>
<?php
$fp = -1;
$file_date = new CDate();
$id = 0;
foreach ($files as $row) {
$file_date = new CDate($row['file_date']);
if ($fp != $row["file_project"]) {
if (!$row["project_name"]) {
$row["project_name"] = $AppUI->_('All Projects');
$row["project_color_identifier"] = 'f4efe3';
}
if ($showProject) {
$s = '<tr>';
$s .= '<td colspan="20" style="background-color:#' . $row["project_color_identifier"] . '">';
$s .= '<font color="' . bestColor($row["project_color_identifier"]) . '">';
if ($row['file_project'] > 0) {
$href = './index.php?m=projects&a=view&project_id=' . $row['file_project'];
} else {
$href = './index.php?m=projects';
}
$s .= '<a href="' . $href . '">' . $row["project_name"] . '</a>';
$s .= '</font></td></tr>';
echo $s;
}
}
$fp = $row["file_project"];
if ($row['file_versions'] > 1) {
$file = last_file($file_versions, $row['file_name'], $row['file_project']);
} else {
$file = $row;
}
?>
<form name="frm_remove_file_<?php
echo $file['file_id'];
?>
" action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="del" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $file['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<form name="frm_duplicate_file_<?php
echo $file['file_id'];
?>
" action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="duplicate" value="1" />
<input type="hidden" name="file_id" value="<?php
echo $file['file_id'];
?>
" />
<input type="hidden" name="redirect" value="<?php
echo $current_uri;
?>
" />
</form>
<tr>
<td nowrap="8%">
<?php
$file_icon = getIcon($row['file_type']);
echo "<a href=\"./fileviewer.php?file_id={$file['file_id']}\" title=\"{$file['file_description']}\"><img border=\"0\" width=\"16\" heigth=\"16\" src=\"" . DP_BASE_URL . "/modules/files/images/{$file_icon}\" /> {$row['file_name']}</a>";
?>
</td>
<td width="20%"><?php
echo $file['file_description'];
?>
</td>
<td width="5%" nowrap="nowrap" align="center">
<?php
$hidden_table = '';
echo $row['file_lastversion'];
if ($row['file_versions'] > 1) {
echo ' <a href="#" onClick="expand(\'versions_' . $file['file_id'] . '\'); ">(' . $row['file_versions'] . ')</a>';
$hidden_table = '<tr><td colspan="20">
<table style="display: none" id="versions_' . $file['file_id'] . '" width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
<tr>
<th nowrap="nowrap">' . $AppUI->_('File Name') . '</th>
<th>' . $AppUI->_('Description') . '</th>
<th>' . $AppUI->_('Versions') . '</th>
<th>' . $AppUI->_('Category') . '</th>
<th nowrap="nowrap">' . $AppUI->_('Task Name') . '</th>
<th>' . $AppUI->_('Owner') . '</th>
<th>' . $AppUI->_('Size') . '</th>
<th>' . $AppUI->_('Type') . '</a></th>
<th>' . $AppUI->_('Date') . '</th>
<th nowrap="nowrap">' . $AppUI->_('co Reason') . '</th>
<th>' . $AppUI->_('co') . '</th>
<th nowrap width="1"></th>
<th nowrap width="1"></th>
</tr>
';
foreach ($file_versions as $file_row) {
if ($file_row['file_name'] == $row['file_name'] && $file_row['file_project'] == $row['file_project']) {
$file_icon = getIcon($file_row['file_type']);
$file_date = new CDate($file_row['file_date']);
$hidden_table .= '
<form name="frm_delete_sub_file_' . $file_row['file_id'] . '" action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="del" value="1" />
<input type="hidden" name="file_id" value="' . $file_row['file_id'] . '" />
<input type="hidden" name="redirect" value="' . $current_uri . '" />
</form>';
$hidden_table .= '
<form name="frm_duplicate_sub_file_' . $file_row['file_id'] . '" action="?m=files" method="post">
<input type="hidden" name="dosql" value="do_file_aed" />
<input type="hidden" name="duplicate" value="1" />
<input type="hidden" name="file_id" value="' . $file_row['file_id'] . '" />
<input type="hidden" name="redirect" value="' . $current_uri . '" />
</form>';
$hidden_table .= '
<tr>
<td nowrap="8%"><a href="./fileviewer.php?file_id=' . $file_row['file_id'] . '"
title="' . $file_row['file_description'] . '">' . "<img border=\"0\" width=\"16\" heigth=\"16\" src=\"" . DP_BASE_URL . "/modules/files/images/{$file_icon}\" /> " . $file_row['file_name'] . '
</a></td>
<td width="20%">' . $file_row['file_description'] . '</td>
<td width="5%" nowrap="nowrap" align="center">' . $file_row['file_version'] . '</td>
<td width="10%" nowrap="nowrap" align="center"><a href="./index.php?m=' . $m . '&a=' . $a . '&tab=' . ($file_row['file_category'] + 1) . '">' . $file_types[$file_row['file_category'] + 1] . '</a></td>
<td width="5%" align="center"><a href="./index.php?m=tasks&a=view&task_id=' . $file_row["file_task"] . '">' . $row["task_name"] . '</a></td>
<td width="15%" nowrap="nowrap">' . $row["contact_first_name"] . ' ' . $row["contact_last_name"] . '</td>
<td width="5%" nowrap="nowrap" align="right">' . intval($file_row['file_size'] / 1024) . 'kb </td>
<td width="15%" nowrap="nowrap">' . $file_row['file_type'] . '</td>
<td width="15%" nowrap="nowrap" align="right">' . $file_date->format("{$df} {$tf}") . '</td>
<td width="10%">' . $row['file_co_reason'] . '</td>
<td nowrap="nowrap" align="center">';
if ($canEdit && empty($file_row['file_checkout'])) {
$hidden_table .= '<a href="?m=files&a=co&file_id=' . $file_row['file_id'] . '">' . dPshowImage('./modules/files/images/up.png', '16', '16', 'checkout', 'checkout file') . '</a>';
} else {
if ($row['file_checkout'] == $AppUI->user_id) {
$hidden_table .= '<a href="?m=files&a=addedit&ci=1&file_id=' . $file_row['file_id'] . '">' . dPshowImage('./modules/files/images/down.png', '16', '16', 'checkin', 'checkin file') . '</a>';
} else {
if ($file_row['file_checkout'] == 'final') {
$hidden_table .= 'final';
} else {
$q4 = new DBQuery();
$q4->addQuery("file_id, file_checkout, user_username as co_user, contact_first_name, contact_last_name");
$q4->addTable('files');
$q4->leftJoin('users', 'cu', 'cu.user_id = file_checkout');
$q4->leftJoin('contacts', 'co', 'co.contact_id = cu.user_contact');
$q4->addWhere('file_id = ' . $file_row['file_id']);
$co_user = array();
$co_user = $q4->loadList();
$co_user = $co_user[0];
$q4->clear();
$hidden_table .= $co_user['contact_first_name'] . ' ' . $co_user['contact_last_name'] . '<br>(' . $co_user['co_user'] . ')';
}
}
}
$hidden_table .= '</td>';
$hidden_table .= '<td nowrap="nowrap" align="right" width="48">';
if ($canEdit && (empty($file_row['file_checkout']) || $file_row['file_checkout'] == 'final' && ($canEdit || $row['project_owner'] == $AppUI->user_id))) {
$hidden_table .= '<a href="./index.php?m=files&a=addedit&file_id=' . $file_row["file_id"] . '">' . dPshowImage('./modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file') . "</a>" . '<a href="#" onclick="document.frm_duplicate_sub_file_' . $file_row['file_id'] . '.submit()">' . dPshowImage('./modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file') . "</a>" . '<a href="#" onclick="if (confirm(\'Are you sure you want to delete this file?\')) {document.frm_delete_sub_file_' . $file_row['file_id'] . '.submit()}">' . dPshowImage('./modules/files/images/remove.png', '16', '16', 'delete file', 'delete file') . "</a>";
}
$hidden_table .= '</td>';
$hidden_table .= '<td nowrap="nowrap" align="right" width="1">';
if ($canEdit && (empty($row['file_checkout']) || $row['file_checkout'] == 'final' && ($canEdit || $row['project_owner'] == $AppUI->user_id))) {
$bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $file_row['file_id'] . ') : removeBulkComponent(' . $file_row['file_id'] . ')"';
$hidden_table .= '<input type="checkbox" ' . $bulk_op . ' name="chk_sub_sel_file_' . $file_row['file_id'] . '" />';
}
$hidden_table .= '</td>';
$hidden_table .= '</tr>';
}
}
$hidden_table .= '</table>';
//$hidden_table .= '</span>';
}
?>
</td>
<td width="10%" nowrap="nowrap" align="center"><a href="./index.php?m=<?php
echo $m;
?>
&a=<?php
echo $a;
?>
&view=categories&tab=<?php
echo $file['file_category'];
?>
"><?php
echo $file_types[$file["file_category"]];
?>
</a></td>
<td width="5%" align="center"><a href="./index.php?m=tasks&a=view&task_id=<?php
echo $file["task_id"];
?>
"><?php
echo $file["task_name"];
?>
</a></td>
<td width="15%" nowrap="nowrap"><?php
echo $file["contact_first_name"] . ' ' . $file["contact_last_name"];
?>
</td>
<td width="5%" nowrap="nowrap" align="right"><?php
echo intval($file["file_size"] / 1024);
?>
kb</td>
<td width="15%" nowrap="nowrap"><?php
echo $file["file_type"];
?>
</td>
<td width="15%" nowrap="nowrap" align="right"><?php
echo $file_date->format("{$df} {$tf}");
?>
</td>
<td width="10%"><?php
echo $file['file_co_reason'];
?>
</td>
<td nowrap="nowrap" align="center">
<?php
if ($canEdit && empty($row['file_checkout'])) {
?>
<a href="?m=files&a=co&file_id=<?php
echo $file['file_id'];
?>
"><?php
echo dPshowImage('./modules/files/images/up.png', '16', '16', 'checkout', 'checkout file');
?>
</a>
<?php
} else {
if ($row['file_checkout'] == $AppUI->user_id) {
?>
<a href="?m=files&a=addedit&ci=1&file_id=<?php
echo $file['file_id'];
?>
"><?php
echo dPshowImage('./modules/files/images/down.png', '16', '16', 'checkin', 'checkin file');
?>
</a>
<?php
} else {
if ($file['file_checkout'] == 'final') {
echo 'final';
} else {
$q4 = new DBQuery();
$q4->addQuery("file_id, file_checkout, user_username as co_user, contact_first_name, contact_last_name");
$q4->addTable('files');
$q4->leftJoin('users', 'cu', 'cu.user_id = file_checkout');
$q4->leftJoin('contacts', 'co', 'co.contact_id = cu.user_contact');
$q4->addWhere('file_id = ' . $file['file_id']);
$co_user = array();
$co_user = $q4->loadList();
$co_user = $co_user[0];
$q4->clear();
echo $co_user['contact_first_name'] . ' ' . $co_user['contact_last_name'] . '<br>(' . $co_user['co_user'] . ')';
}
}
}
?>
</td>
<td nowrap="nowrap" align="center" width="48">
<?php
if ($canEdit && (empty($file['file_checkout']) || $file['file_checkout'] == 'final' && ($canEdit || $file['project_owner'] == $AppUI->user_id))) {
echo '<a href="./index.php?m=files&a=addedit&file_id=' . $file["file_id"] . '">';
echo dPshowImage('./modules/files/images/kedit.png', '16', '16', 'edit file', 'edit file');
echo "</a>";
echo '<a href="#" onclick="document.frm_duplicate_file_' . $file['file_id'] . '.submit()">' . dPshowImage('./modules/files/images/duplicate.png', '16', '16', 'duplicate file', 'duplicate file') . '</a>';
echo '<a href="#" onclick="if (confirm(\'Are you sure you want to delete this file?\')) {document.frm_remove_file_' . $file['file_id'] . '.submit()}">' . dPshowImage('./modules/files/images/remove.png', '16', '16', 'delete file', 'delete file') . '</a>';
}
?>
<td nowrap="nowrap" align="center" width="1">
<?php
if ($canEdit && (empty($file['file_checkout']) || $file['file_checkout'] == 'final' && ($canEdit || $file['project_owner'] == $AppUI->user_id))) {
$bulk_op = 'onchange="(this.checked) ? addBulkComponent(' . $file['file_id'] . ') : removeBulkComponent(' . $file['file_id'] . ')"';
echo '<input type="checkbox" ' . $bulk_op . ' name="chk_sel_file_' . $file['file_id'] . '" />';
}
?>
</td>
</tr>
<?php
echo $hidden_table;
?>
<?php
$hidden_table = '';
}
?>
</table>
<?php
if ($xpg_totalrecs > $xpg_pagesize) {
showfnavbar($xpg_totalrecs, $xpg_pagesize, $xpg_total_pages, $page, $folder);
}
echo "<br />";
}
function isActiveModule($module)
{
$q = new DBQuery();
$q->addTable('modules');
$q->addQuery('mod_active');
$q->addWhere("mod_directory = '{$module}'");
$sql = $q->prepare();
$q->clear();
return db_loadResult($sql);
}
function notify($assignees, $update = false, $clash = false)
{
global $AppUI, $locale_char_set, $dPconfig;
$mail_owner = $AppUI->getPref('MAILALL');
$assignee_list = explode(",", $assignees);
$owner_is_assigned = in_array($this->event_owner, $assignee_list);
if ($mail_owner && !$owner_is_assigned && $this->event_owner) {
array_push($assignee_list, $this->event_owner);
}
// Remove any empty elements otherwise implode has a problem
foreach ($assignee_list as $key => $x) {
if (!$x) {
unset($assignee_list[$key]);
}
}
if (!count($assignee_list)) {
return;
}
$q = new DBQuery();
$q->addTable('users', 'u');
$q->addTable('contacts', 'con');
$q->addQuery('user_id, contact_first_name,contact_last_name, contact_email');
$q->addWhere('u.user_contact = con.contact_id');
$q->addWhere("user_id in (" . implode(',', $assignee_list) . ")");
$users = $q->loadHashList('user_id');
$date_format = $AppUI->getPref('SHDATEFORMAT');
$time_format = $AppUI->getPref('TIMEFORMAT');
$fmt = $date_format . ' ' . $time_format;
$start_date =& new CDate($this->event_start_date);
$end_date =& new CDate($this->event_end_date);
$mail =& new Mail();
$type = $update ? $AppUI->_('Updated') : $AppUI->_('New');
$subject_title = $clash ? $AppUI->_('Requested Event') : $type . " " . $AppUI->_('Event');
$mail->Subject($subject_title . ": " . $this->event_title, $locale_char_set);
$mail->From('"' . $AppUI->user_first_name . " " . $AppUI->user_last_name . '" <' . $AppUI->user_email . '>');
$body = '';
if ($clash) {
$body .= 'You have been invited to an event by ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . "\n";
$body .= 'However, either you or another intended invitee has a competing event' . "\n";
$body .= $AppUI->user_first_name . ' ' . $AppUI->user_last_name . ' has requested that you reply to this message' . "\n";
$body .= 'and confirm if you can or can not make the requested time.' . "\n\n";
}
$body .= $AppUI->_('Event') . ":\t" . $this->event_title . "\n";
if (!$clash) {
$body .= $AppUI->_('URL') . ":\t" . $dPconfig['base_url'] . "/index.php?m=calendar&a=view&event_id=" . $this->event_id . "\n";
}
$body .= $AppUI->_('Starts') . ":\t" . $start_date->format($fmt) . "\n";
$body .= $AppUI->_('Ends') . ":\t" . $end_date->format($fmt) . "\n";
// Find the project name.
if ($this->event_project) {
$prj = array();
$q = new DBQuery();
$q->addTable('projects', 'p');
$q->addQuery('project_name');
$q->addWhere('p.project_id =' . $this->event_project);
$sql = $q->prepare();
$q->clear();
if (db_loadHash($sql, $prj)) {
$body .= $AppUI->_('Project') . ":\t" . $prj['project_name'] . "\n";
}
}
$types = dPgetSysVal('EventType');
$body .= $AppUI->_('Type') . ":\t" . $AppUI->_($types[$this->event_type]) . "\n";
$body .= $AppUI->_('Attendees') . ":\t";
$body_attend = '';
foreach ($users as $user) {
$body_attend .= ($body_attend ? ', ' : '') . $user['contact_first_name'] . ' ' . $user['contact_last_name'];
}
$body .= $body_attend . "\n\n" . $this->event_description . "\n";
$mail->Body($body, $locale_char_set);
foreach ($users as $user) {
if (!$mail_owner && $user['user_id'] == $this->event_owner) {
continue;
}
$mail->To($user['contact_email'], true);
$mail->Send();
}
}
echo "m={$m}&a={$a}&date={$date}";
?>
">
<input type="hidden" name="show_form" value="1" />
<table width="100%" border="0" cellpadding="1" cellspacing="0">
<tr>
<td width="50%">
<?php
if ($other_users) {
echo $AppUI->_("Show Todo for:") . '<select name="show_user_todo" onchange="document.form_buttons.submit()">';
$q->addTable('users', 'u');
$q->innerJoin('contacts', 'c', 'c.contact_id = u.user_contact');
$q->addQuery('u.user_id, u.user_username, c.contact_first_name, c.contact_last_name');
$q->addOrder('c.contact_last_name');
$usersql = $q->prepare(true);
if ($rows = db_loadList($usersql)) {
foreach ($rows as $row) {
echo '<option value="' . $row['user_id'] . '"' . ($user_id == $row["user_id"] ? ' selected="selected"' : '') . '>' . $row['contact_last_name'] . ', ' . $row["contact_first_name"];
}
}
}
?>
</select>
</td>
<td align="right" width="50%"><?php
echo $AppUI->_('Show');
?>
:</td>
<td>
<input type="checkbox" name="show_pinned" id="show_pinned" onclick="document.form_buttons.submit()"<?php
}
if (!$canEdit) {
$AppUI->redirect("m=public&a=access_denied");
}
// load the company types
$types = dPgetSysVal('CompanyType');
// load the record data
$q = new DBQuery();
$q->addTable('companies');
$q->addQuery('companies.*');
$q->addQuery('con.contact_first_name');
$q->addQuery('con.contact_last_name');
$q->addJoin('users', 'u', 'u.user_id = companies.company_owner');
$q->addJoin('contacts', 'con', 'u.user_contact = con.contact_id');
$q->addWhere('companies.company_id = ' . $company_id);
$sql = $q->prepare();
$q->clear();
$obj = null;
if (!db_loadObject($sql, $obj) && $company_id > 0) {
// $AppUI->setMsg( ' $qid =& $q->exec(); Company' ); // What is this for?
$AppUI->setMsg("invalidID", UI_MSG_ERROR, true);
$AppUI->redirect();
}
// collect all the users for the company owner list
$q = new DBQuery();
$q->addTable('users', 'u');
$q->addTable('contacts', 'con');
$q->addQuery('user_id');
$q->addQuery('CONCAT_WS(", ",contact_last_name,contact_first_name)');
$q->addOrder('contact_last_name');
$q->addWhere('u.user_contact = con.contact_id');
function getDepartmentSelectionList($company_id, $checked_array = array(), $dept_parent = 0, $spaces = 0)
{
global $departments_count;
$q = new DBQuery();
$parsed = '';
if ($departments_count < 10) {
$departments_count++;
}
$q->addTable('departments');
$q->addQuery('dept_id, dept_name');
$q->addWhere('dept_parent = ' . $dept_parent);
$q->addWhere('dept_company = ' . $company_id);
$sql = $q->prepare();
$depts_list = db_loadHashList($sql, 'dept_id');
$q->clear();
foreach ($depts_list as $dept_id => $dept_info) {
if (mb_strlen($dept_info['dept_name']) > 30) {
$dept_info['dept_name'] = mb_substr($dept_info['dept_name'], 0, 28) . '...';
}
$selected = in_array($dept_id, $checked_array) ? ' selected="selected"' : '';
$parsed .= '<option value="' . $dept_id . '"' . $selected . '>' . str_repeat(' ', $spaces) . $dept_info['dept_name'] . '</option>';
$parsed .= getDepartmentSelectionList($company_id, $checked_array, $dept_id, $spaces + 5);
}
return $parsed;
}
