trigger_error(mysql_error(), E_USER_ERROR); $errors++; } } if ($errors == 0) { html_redirect('admin.php', TRUE); exit; } else { html_redirect('admin.php', FALSE); exit; } } echo "<h2>" . icon('settings', 32, $strAdmin) . " "; echo $strAdmin . "</h2>"; if ($CONFIG['portal_site_incidents']) { $contracts = admin_contact_contracts($_SESSION['contactid'], $_SESSION['siteid']); echo "<p align='center'>{$strAdminContactForContracts}</p>"; echo "<table align='center' width='60%'><tr>"; //echo colheader('id', $strID); echo colheader('product', $strContract); echo colheader('expiry', $strExpiryDate); echo colheader('visbility', $strVisibility); echo colheader('actions', $strActions); echo "<form action='{$_SERVER['PHP_SELF']}' method='post'>"; foreach ($contracts as $contract) { $sql = "SELECT *, m.id AS id "; $sql .= "FROM `{$dbMaintenance}` AS m, `{$dbProducts}` AS p "; $sql .= "WHERE m.id={$contract} "; $sql .= "AND (m.expirydate > UNIX_TIMESTAMP(NOW()) OR m.expirydate = -1) "; $sql .= "AND m.product=p.id "; $result = mysql_query($sql);
// Copyright (C) 2000-2009 Salford Software Ltd. and Contributors // // This software may be used and distributed according to the terms // of the GNU General Public License, incorporated herein by reference. // // Author Kieran Hogg <kieran[at]sitracker.org> require '..' . DIRECTORY_SEPARATOR . 'core.php'; require APPLICATION_LIBPATH . 'functions.inc.php'; $accesslevel = 'admin'; include APPLICATION_LIBPATH . 'portalauth.inc.php'; include APPLICATION_INCPATH . 'portalheader.inc.php'; $id = intval($_GET['id']); $contactid = intval($_GET['contactid']); $action = cleanvar($_GET['action']); if ($id != 0 and $contactid != 0 and $action == 'remove') { if (in_array($id, admin_contact_contracts($_SESSION['contactid'], $_SESSION['siteid']))) { $sql = "DELETE FROM `{$dbSupportContacts}`\n WHERE maintenanceid='{$id}'\n AND contactid='{$contactid}'\n LIMIT 1"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } else { html_redirect($_SERVER['PHP_SELF'] . "?id={$id}"); exit; } } else { echo "<p class='error'>{$strPermissionDenied}</p>"; } } elseif ($id != 0 and $action == 'add' and intval($_POST['contactid'] != 0)) { $contactid = intval($_POST['contactid']); $sql = "INSERT INTO `{$dbSupportContacts}`\n (maintenanceid, contactid)\n VALUES('{$id}', '{$contactid}')"; $result = mysql_query($sql);