<?php if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $do_report = dPgetParam($_POST, 'do_report', 0); $log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0); $log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0); $log_all = (int) dPgetParam($_POST['log_all'], 0); $group_by_unit = dPgetCleanParam($_POST['group_by_unit'], 'day'); // create Date objects from the datetime fields $start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate(); $end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate(); if (!$log_start_date) { $start_date->subtractSpan(new Date_Span('14,0,0,0')); } $end_date->setTime(23, 59, 59); ?> <script language="javascript"> var calendarField = ''; function popCalendar(field) { calendarField = field; idate = eval('document.editFrm.log_' + field + '.value'); window.open('index.php?m=public&a=calendar&dialog=1&callback=setCalendar&date=' + idate, 'calwin', 'width=250, height=220, scrollbars=no, status=no'); } /** * @param string Input date in the format YYYYMMDD * @param string Formatted date
$sort = dPgetCleanParam($_REQUEST, 'sort', 'asc'); $forum_id = (int) dPgetParam($_REQUEST, 'forum_id', 0); $message_id = (int) dPgetParam($_REQUEST, 'message_id', 0); if (!getPermission('forums', 'view', $message_id)) { $AppUI->redirect("m=public&a=access_denied"); } $q = new DBQuery(); $q->addTable('forums'); $q->addTable('forum_messages', 'msg'); $q->addQuery('msg.*, contact_first_name, contact_last_name, contact_email, user_username, forum_moderated, visit_user'); $q->addJoin('forum_visits', 'v', "visit_user = {$AppUI->user_id} AND visit_forum = {$forum_id} AND visit_message = msg.message_id"); $q->addJoin('users', 'u', 'message_author = u.user_id'); $q->addJoin('contacts', 'con', 'contact_id = user_contact'); $q->addWhere("forum_id = message_forum AND (message_id = {$message_id} OR message_parent = {$message_id})"); if (dPgetConfig('forum_descendent_order') || dPgetCleanParam($_REQUEST, 'sort', 0)) { $q->addOrder("message_date {$sort}"); } $messages = $q->loadList(); $x = false; $date = new CDate(); $pdfdata = array(); $pdfhead = array('Date', 'User', 'Message'); $new_messages = array(); foreach ($messages as $row) { // Find the parent message - the topic. if ($row['message_id'] == $message_id) { $topic = $row['message_title']; } $q = new DBQuery(); $q->addTable('forum_messages');
if ($canAuthor) { $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new ticket') . '">', '', '<form name="ticketform" action="?m=ticketsmith&a=post_ticket" method="post">', '</form>'); } $titleBlock->show(); require DP_BASE_DIR . '/modules/ticketsmith/config.inc.php'; require DP_BASE_DIR . '/modules/ticketsmith/common.inc.php'; $column = $CONFIG["order_by"]; $direction = $CONFIG["message_order"]; $offset = 0; $limit = $CONFIG["view_rows"]; $dbprefix = dPgetConfig('dbprefix', ''); $type = dPgetCleanParam($_GET, 'type', ''); $column = dPgetCleanParam($_GET, 'column', $column); $direction = dPgetCleanParam($_GET, 'direction', $direction); $offset = dPgetCleanParam($_GET, 'offset', $offset); $action = dPgetCleanParam($_REQUEST, 'action', null); if ($type == '') { if ($AppUI->getState("ticket_type")) { $type = $AppUI->getState("ticket_type"); } else { $type = "Open"; } } else { $AppUI->setState("ticket_type", $type); } /* expunge deleted tickets */ if (@$action == "expunge") { $deleted_parents = column2array("SELECT ticket FROM {$dbprefix}tickets WHERE type = 'Deleted'"); for ($loop = 0; $loop < count($deleted_parents); $loop++) { do_query("DELETE FROM " . $dbprefix . "tickets WHERE ticket = '{$deleted_parents[$loop]}'"); do_query("DELETE FROM " . $dbprefix . "tickets WHERE parent = '{$deleted_parents[$loop]}'");
<?php if (!defined('DP_BASE_DIR')) { die('You should not call this file directly.'); } require_once $AppUI->getSystemClass('ui'); require_once $AppUI->getSystemClass('date'); $df = $AppUI->getPref('SHDATEFORMAT'); $date = dPgetCleanParam($_GET, 'date'); $field = dPgetCleanParam($_GET, 'field'); $this_day = new CDate($date); $formatted_date = $this_day->format($df); ?> <script language="JavaScript" type="text/javascript"> <!-- window.parent.document.<?php echo $field; ?> .value = '<?php echo $formatted_date; ?> '; //--> </script>
<?php /* PUBLIC $Id: chpwd.php 6149 2012-01-09 11:58:40Z ajdonnison $ */ if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } if (!($user_id = (int) dPgetParam($_REQUEST, 'user_id', 0))) { $user_id = @$AppUI->user_id; } // check for a non-zero user id if ($user_id) { $old_pwd = db_escape(trim(dPgetCleanParam($_POST, 'old_pwd', null))); $new_pwd1 = db_escape(trim(dPgetCleanParam($_POST, 'new_pwd1', null))); $new_pwd2 = db_escape(trim(dPgetCleanParam($_POST, 'new_pwd2', null))); // has the change form been posted if ($new_pwd1 && $new_pwd2 && $new_pwd1 == $new_pwd2) { // check that the old password matches $old_md5 = md5($old_pwd); $q = new DBQuery(); $q->addQuery('user_id'); $q->addTable('users'); $q->addWhere("user_password='******' AND user_id={$user_id}"); if ($AppUI->user_type == 1 || $q->loadResult() == $user_id) { require_once $AppUI->getModuleClass('admin'); $user = new CUser(); $user->user_id = $user_id; $user->user_password = $new_pwd1; if ($msg = $user->store()) { $AppUI->setMsg($msg, UI_MSG_ERROR); } else { echo $AppUI->_('chgpwUpdated');
} if (isset($locale_char_set)) { header('Content-type: text/html;charset=' . $locale_char_set); } require DP_BASE_DIR . '/style/' . $uistyle . '/login.php'; session_unset(); session_destroy(); exit; } } $AppUI =& $_SESSION['AppUI']; require_once DP_BASE_DIR . '/includes/permissions.php'; //require_once (DP_BASE_DIR . '/classes/kses.class.php'); // Required before main_functions if (isset($_GET['m'])) { // set the module from the url $m = $AppUI->checkFileName(dPgetCleanParam($_GET, 'm', getReadableModule())); } $perms =& $AppUI->acl(); $canRead = $perms->checkModule('files', 'view'); if (!$canRead) { $AppUI->redirect('m=public&a=access_denied'); } $file_id = isset($_GET['file_id']) ? (int) $_GET['file_id'] : 0; if ($file_id) { // projects tat are denied access require_once $AppUI->getModuleClass('projects'); require_once $AppUI->getModuleClass('files'); $project = new CProject(); $allowedProjects = $project->getAllowedRecords($AppUI->user_id, 'project_id, project_name'); $fileclass = new CFile(); $fileclass->load($file_id);
<?php //$Id: do_task_assign_aed.php 6149 2012-01-09 11:58:40Z ajdonnison $ if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $del = isset($_POST['del']) ? $_POST['del'] : 0; $rm = isset($_POST['rm']) ? $_POST['rm'] : 0; $hassign = @$_POST['hassign']; $htasks = @$_POST['htasks']; $store = (int) dPgetParam($_POST, 'store', 0); $chUTP = (int) dPgetParam($_POST, 'chUTP', 0); $percentage_assignment = dPgetCleanParam($_POST, 'percentage_assignment'); $user_task_priority = dPgetCleanParam($_POST, 'user_task_priority'); $user_id = @$_POST['user_id']; // prepare the percentage of assignment per user as required by CTask::updateAssigned() $hperc_assign_ar = array(); if (isset($hassign)) { $tarr = explode(',', $hassign); foreach ($tarr as $uid) { if (intval($uid) > 0) { $hperc_assign_ar[$uid] = $percentage_assignment; } } } // prepare a list of tasks to process $htasks_ar = array(); if (isset($htasks)) { $tarr = explode(',', $htasks); foreach ($tarr as $tid) { if (intval($tid) > 0) {
<?php /* SYSTEM $Id: translate_save.php 6149 2012-01-09 11:58:40Z ajdonnison $ */ /** * Processes the entries in the translation form. * @version $Revision: 6149 $ * @author Andrew Eddie <users.sourceforge.net> */ if (!defined('DP_BASE_DIR')) { die('You should not call this file directly.'); } $module = dPgetCleanParam($_POST, 'module', 0); $lang = dPgetCleanParam($_POST, 'lang', $AppUI->user_locale); $trans = dPgetCleanParam($_POST, 'trans', 0); //echo '<pre>';print_r($trans);echo '</pre>';die; // save to core locales if a translation exists there, otherwise save // into the module's local locale area if it exists. If not then // the core table is updated. $core_filename = DP_BASE_DIR . '/locales/' . $lang . '/' . $module . '.inc'; if (file_exists($core_filename)) { $filename = $core_filename; } else { $mod_locale = DP_BASE_DIR . '/modules/' . $module . '/locales'; if (is_dir($mod_locale)) { $filename = DP_BASE_DIR . '/modules/' . $module . '/locales/' . $lang . '.inc'; } else { $filename = $core_filename; } } $fp = fopen($filename, 'wt'); if (!$fp) {
$filter = "dept_company = " . $_GET["company_id"]; $additional_get_information = "company_id=" . $_GET["company_id"]; break; } $q = new DBQuery(); $q->addTable($table_name); $q->addQuery("{$id_field}, {$name_field}"); if ($filter != null) { $q->addWhere($filter); } $q->addOrder($name_field); $company_list = array("0" => "") + $q->loadHashList(); ?> <?php if (dPgetCleanParam($_POST, $id_field, 0) != 0) { $q = new DBQuery(); $q->addTable($table_name); $q->addQuery('*'); $q->addWhere("{$id_field}=" . $_POST[$id_field]); $sql = $q->prepare(); $q->clear(); db_loadHash($sql, $r_data); $data_update_script = ""; $update_address = isset($_POST["overwrite_address"]); if ($table_name == "companies") { $update_fields = array(); if ($update_address) { $update_fields = array("company_address1" => "contact_address1", "company_address2" => "contact_address2", "company_city" => "contact_city", "company_state" => "contact_state", "company_zip" => "contact_zip", "company_phone1" => "contact_phone", "company_phone2" => "contact_phone2", "company_fax" => "contact_fax"); } $data_update_script = "opener.setCompany('" . $_POST[$id_field] . "', '" . db_escape($r_data[$name_field]) . "');\n";
} if ($user_id && $m_orig == 'admin' && $a_orig == 'viewuser') { $q->addWhere('project_owner = ' . $user_id); } if ($showInactive != '1') { $q->addWhere('project_status != 7'); } $pjobj->setAllowedSQL($AppUI->user_id, $q, null, 'p'); $q->addGroup('p.project_id'); $q->addOrder('project_name, task_end_date DESC'); $projects = $q->loadList(); $q->clear(); // Don't push the width higher than about 1200 pixels, otherwise it may not display. $width = min((int) dPgetParam($_GET, 'width', 600), 1400); $start_date = dPgetCleanParam($_GET, 'start_date', 0); $end_date = dPgetCleanParam($_GET, 'end_date', 0); $showAllGantt = (int) dPgetParam($_REQUEST, 'showAllGantt', '0'); //$showTaskGantt = dPgetParam($_GET, 'showTaskGantt', '0'); $graph = new GanttGraph($width); $graph->ShowHeaders(GANTT_HYEAR | GANTT_HMONTH | GANTT_HDAY | GANTT_HWEEK); $graph->SetFrame(false); $graph->SetBox(true, array(0, 0, 0), 2); $graph->scale->week->SetStyle(WEEKSTYLE_FIRSTDAY); $pLocale = setlocale(LC_TIME, 0); // get current locale for LC_TIME $res = @setlocale(LC_TIME, $AppUI->user_lang[0]); if ($res) { // Setting locale doesn't fail $graph->scale->SetDateLocale($AppUI->user_lang[0]); } setlocale(LC_TIME, $pLocale);
} $AppUI->savePlace(); dPsetMicroTime(); require_once $AppUI->getModuleClass('companies'); require_once $AppUI->getModuleClass('tasks'); // retrieve any state parameters if (isset($_REQUEST['company_id'])) { $AppUI->setState('CalIdxCompany', intval($_REQUEST['company_id'])); } $company_id = $AppUI->getState('CalIdxCompany', 0); // Using simplified set/get semantics. Doesn't need as much code in the module. $event_filter = $AppUI->checkPrefState('CalIdxFilter', @$_REQUEST['event_filter'], 'EVENTFILTER', 'my'); // get the passed timestamp (today if none) $ctoday = new CDate(); $today = $ctoday->format(FMT_TIMESTAMP_DATE); $date = dPgetCleanParam($_GET, 'date', $today); // get the list of visible companies $company = new CCompany(); $companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name'); $companies = arrayMerge(array('0' => $AppUI->_('All')), $companies); #echo '<pre>';print_r($events);echo '</pre>'; // setup the title block $titleBlock = new CTitleBlock('Monthly Calendar', 'myevo-appointments.png', $m, "{$m}.{$a}"); $titleBlock->addCell($AppUI->_('Company') . ':'); $titleBlock->addCell(arraySelect($companies, 'company_id', 'onchange="javascript:document.pickCompany.submit()" class="text"', $company_id), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickCompany">', '</form>'); $titleBlock->addCell($AppUI->_('Event Filter') . ':'); $titleBlock->addCell(arraySelect($event_filter_list, 'event_filter', 'onchange="javascript:document.pickFilter.submit()" class="text"', $event_filter, true), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickFilter">', '</form>'); $titleBlock->show(); ?> <script language="javascript" type="text/javascript">
if ($obj->project_start_date) { $date = new CDate($obj->project_start_date); $obj->project_start_date = $date->format(FMT_DATETIME_MYSQL); } if ($obj->project_end_date) { $date = new CDate($obj->project_end_date); $date->setTime(23, 59, 59); $obj->project_end_date = $date->format(FMT_DATETIME_MYSQL); } if ($obj->project_actual_end_date) { $date = new CDate($obj->project_actual_end_date); $obj->project_actual_end_date = $date->format(FMT_DATETIME_MYSQL); } // let's check if there are some assigned departments to project if (!dPgetParam($_POST, "project_departments", 0)) { $obj->project_departments = implode(",", dPgetCleanParam($_POST, "dept_ids", array())); } $del = (int) dPgetParam($_POST, 'del', 0); // prepare (and translate) the module name ready for the suffix if ($del) { $project_id = (int) dPgetParam($_POST, 'project_id', 0); $canDelete = $obj->canDelete($msg, $project_id); if (!$canDelete) { $AppUI->setMsg($msg, UI_MSG_ERROR); $AppUI->redirect(); } if ($msg = $obj->delete()) { $AppUI->setMsg($msg, UI_MSG_ERROR); $AppUI->redirect(); } else { $AppUI->setMsg("Project deleted", UI_MSG_ALERT);
if (getPermission('admin', 'view')) { $titleBlock->addCell(); $titleBlock->addCell($AppUI->_('User') . ':'); $perms =& $AppUI->acl(); $user_list = $perms->getPermittedUsers('tasks'); $titleBlock->addCell(arraySelect($user_list, 'user_id', 'size="1" class="text"' . ' onchange="javascript:document.userIdForm.submit();"', $user_id, false), '', '<form action="?m=tasks" method="post" name="userIdForm">', '</form>'); } $titleBlock->addCell(); $titleBlock->addCell($AppUI->_('Company') . ':'); $titleBlock->addCell(arraySelect($filters2, 'f2', 'size=1 class=text onchange="javascript:document.companyFilter.submit();"', $f2, false), '', '<form action="?m=tasks" method="post" name="companyFilter">', '</form>'); $titleBlock->addCell(); if ($canEdit && $project_id) { $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new task') . '" />', '', '<form action="?m=tasks&a=addedit&task_project=' . $project_id . '" method="post">', '</form>'); } $titleBlock->show(); if (dPgetCleanParam($_GET, 'inactive', '') == 'toggle') { $AppUI->setState('inactive', $AppUI->getState('inactive') == -1 ? 0 : -1); } $in = $AppUI->getState('inactive') == -1 ? '' : 'in'; // use a new title block (a new row) to prevent from oversized sites $titleBlock = new CTitleBlock('', 'shim.gif'); $titleBlock->showhelp = false; $titleBlock->addCell(' ' . $AppUI->_('Task Filter') . ':'); $titleBlock->addCell(arraySelect($filters, 'f', 'size=1 class=text onchange="javascript:document.taskFilter.submit();"', $f, true), '', '<form action="?m=tasks" method="post" name="taskFilter">', '</form>'); $titleBlock->addCell(); $titleBlock->addCrumb('?m=tasks&a=todo&user_id=' . $user_id, 'my todo'); if ((int) dPgetParam($_GET, 'pinned') == 1) { $titleBlock->addCrumb('?m=tasks', 'all tasks'); } else { $titleBlock->addCrumb('?m=tasks&pinned=1', 'my pinned tasks'); }
die('You should not access this file directly.'); } function selPermWhere($obj, $idfld, $namefield, $prefix = '') { global $AppUI; $allowed = $obj->getAllowedRecords($AppUI->user_id, "{$idfld}, {$namefield}"); if (count($allowed)) { $prfx = $prefix ? "{$prefix}." : ""; return " {$prfx}{$idfld} IN (" . implode(",", array_keys($allowed)) . ") "; } else { return null; } } $debug = false; $callback = dPgetCleanParam($_GET, 'callback', 0); $table = dPgetCleanParam($_GET, 'table', 0); $user_id = (int) dPgetParam($_GET, 'user_id', 0); $ok = $callback & $table; $title = "Generic Selector"; $modclass = $AppUI->getModuleClass($table); if ($modclass && file_exists($modclass)) { require_once $modclass; } $q = new DBQuery(); $q->addTable($table, 'a'); $query_result = false; switch ($table) { case 'companies': $obj = new CCompany(); $title = 'Company'; $q->addQuery('company_id, company_name');
$m = $dPconfig['default_view_m']; $def_a = !empty($dPconfig['default_view_a']) ? $dPconfig['default_view_a'] : $def_a; $tab = $dPconfig['default_view_tab']; } else { // set the module from the url $m = $AppUI->checkFileName(dPgetCleanParam($_GET, 'm', getReadableModule())); } // set the action from the url $a = $AppUI->checkFileName(dPgetCleanParam($_GET, 'a', $def_a)); /* This check for $u implies that a file located in a subdirectory of higher depth than 1 * in relation to the module base can't be executed. So it would'nt be possible to * run for example the file module/directory1/directory2/file.php * Also it won't be possible to run modules/module/abc.zyz.class.php for that dots are * not allowed in the request parameters. */ $u = $AppUI->checkFileName(dPgetCleanParam($_GET, 'u', '')); // load module based locale settings @(include_once DP_BASE_DIR . '/locales/' . $AppUI->user_locale . '/locales.php'); @(include_once DP_BASE_DIR . '/locales/core.php'); setlocale(LC_TIME, $AppUI->user_lang); $m_config = dPgetConfig($m); @(include_once DP_BASE_DIR . '/functions/' . $m . '_func.php'); // TODO: canRead/Edit assignements should be moved into each file // check overall module permissions // these can be further modified by the included action files $perms =& $AppUI->acl(); $canAccess = $perms->checkModule($m, 'access'); $canRead = $perms->checkModule($m, 'view'); $canEdit = $perms->checkModule($m, 'edit'); $canAuthor = $perms->checkModule($m, 'add'); $canDelete = $perms->checkModule($m, 'delete');
<?php /* PUBLIC $Id: color_selector.php 6182 2012-11-02 09:17:02Z ajdonnison $ */ if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $callback = dPgetCleanParam($_GET, 'callback', ''); ?> <script language="javascript"> function setClose(color) { window.opener.<?php echo $callback; ?> (color); window.close(); } </script> <?php $colors = dPgetSysVal('ProjectColors'); if ($dPconfig['restrict_color_selection']) { ?> <table border="0" cellpadding="1" cellspacing="2" width="292" align="center"> <tr> <td valign="top" colspan="2"> <strong><?php echo $AppUI->_('Color Selector'); ?> </strong> </td> </tr> <?php
$title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}"; $fields = array("headings" => array("From", "To", "Subject", "Date", "Cc", "<br />"), "columns" => array("author", "recipient", "subject", "timestamp", "cc", "body"), "types" => array("email", "original_author", "normal", "elapsed_date", "email", "body")); } else { if ($ticket_type == "Staff Comment") { $title = $AppUI->_($ticket_type) . " " . $AppUI->_('to Ticket') . " #{$ticket_parent}"; $fields = array("headings" => array("From", "Date", "<br />"), "columns" => array("author", "timestamp", "body"), "types" => array("email", "elapsed_date", "body")); } else { $title = $AppUI->_('Ticket') . " #{$ticket}"; $fields = array('headings' => array('From', 'Subject', 'Date', 'Cc', 'Status', 'Priority', 'Owner', 'Company', 'Project', '<br />'), 'columns' => array('author', 'subject', 'timestamp', 'cc', 'type', 'priority', 'assignment', 'ticket_company', 'ticket_project', 'body'), 'types' => array('email', 'normal', 'elapsed_date', 'email', 'status', 'priority_select', 'assignment', 'ticket_company', 'ticket_project', 'body')); } } /* perform updates */ $orig_assignment = dPgetCleanParam($_POST, 'orig_assignment', ''); $author = dPgetCleanParam($_POST, 'author', ''); $priority = dPgetCleanParam($_POST, 'priority', ''); $subject = dPgetCleanParam($_POST, 'subject', ''); if (@$type_toggle || @$priority_toggle || @$assignment_toggle) { do_query("UPDATE {$dbprefix}tickets SET type = '{$type_toggle}', priority = '{$priority_toggle}', assignment = '{$assignment_toggle}' WHERE ticket = '{$ticket}'"); //Emailing notifications. $change = ' '; if ($type_toggle) { $change .= $AppUI->_('Status changed') . ' '; } if ($priority_toggle) { $change .= $AppUI->_('Priority changed') . ' '; } if ($assignment_toggle) { $change .= $AppUI->_('Assignment changed') . ' '; } $boundary = "_lkqwkASDHASK89271893712893"; $message = "--{$boundary}\n";
<?php /* CALENDAR $Id: addedit.php 6149 2012-01-09 11:58:40Z ajdonnison $ */ if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $event_id = intval(dPgetParam($_GET, 'event_id', 0)); $is_clash = isset($_SESSION['event_is_clash']) ? $_SESSION['event_is_clash'] : false; // check permissions $canAuthor = getPermission('events', 'add', $event_id); $canEdit = getPermission('events', 'edit', $event_id); if (!($canEdit && $event_id || $canAuthor && !$event_id)) { $AppUI->redirect('m=public&a=access_denied'); } // get the passed timestamp (today if none) $date = dPgetCleanParam($_GET, 'date', null); // load the record data $obj = new CEvent(); if ($is_clash) { $obj->bind($_SESSION['add_event_post']); } else { if (!$obj->load($event_id) && $event_id) { $AppUI->setMsg('Event'); $AppUI->setMsg('invalidID', UI_MSG_ERROR, true); $AppUI->redirect(); } } // load the event types $types = dPgetSysVal('EventType'); // Load the users $perms =& $AppUI->acl();
<?php if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } if (!$AppUI->acl()->checkModule($m, 'edit')) { $AppUI->redirect('m=public&a=access_denied'); } $user_id = (int) dPgetParam($_POST, 'user'); $projects = dPgetCleanParam($_POST, 'project'); $from_user = (int) dPgetParam($_POST, 'from_user'); if (count($projects) > 1) { $project_where = 'IN ('; $first = true; foreach ($projects as $prj) { if ($first) { $first = false; } else { $project_where .= ','; } $project_where .= (int) $prj; } $project_where .= ')'; } else { $project_where = '= ' . (int) $projects[0]; } // Need to figure out which items to update. Easiest to do this // as separate queries. // Projects: $q = new DBQuery(); $q->addUpdate('project_owner', $user_id);
$tasks_opened[] = $_GET['open_task_id']; } // Closing tasks needs also to be within tasks iteration in order to // close down all child tasks if (($close_task_id = dPGetParam($_GET, 'close_task_id', 0)) > 0) { closeOpenedTask($close_task_id); } // We need to save tasks_opened until the end because some tasks are closed within tasks iteration /// End of tasks_opened routine $durnTypes = dPgetSysVal('TaskDurationType'); $taskPriority = dPgetSysVal('TaskPriority'); $task_project = $project_id; $task_sort_item1 = dPgetCleanParam($_GET, 'task_sort_item1', ''); $task_sort_type1 = dPgetCleanParam($_GET, 'task_sort_type1', ''); $task_sort_item2 = dPgetCleanParam($_GET, 'task_sort_item2', ''); $task_sort_type2 = dPgetCleanParam($_GET, 'task_sort_type2', ''); $task_sort_order1 = intval(dPgetParam($_GET, 'task_sort_order1', 0)); $task_sort_order2 = intval(dPgetParam($_GET, 'task_sort_order2', 0)); if (isset($_POST['show_task_options'])) { $AppUI->setState('TaskListShowIncomplete', (int) dPgetParam($_POST, 'show_incomplete', 0)); } $showIncomplete = $AppUI->getState('TaskListShowIncomplete', 0); $project =& new CProject(); // $allowedProjects = $project->getAllowedRecords($AppUI->user_id, 'project_id, project_name'); $allowedProjects = $project->getAllowedSQL($AppUI->user_id); $working_hours = $dPconfig['daily_working_hours'] ? $dPconfig['daily_working_hours'] : 8; $q->addQuery('project_id, project_color_identifier, project_name'); $q->addQuery('SUM(task_duration * task_percent_complete * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) / SUM(task_duration * IF(task_duration_type = 24, ' . $working_hours . ', task_duration_type)) AS project_percent_complete'); $q->addQuery('company_name'); $q->addTable('projects', 'pr'); $q->leftJoin('tasks', 't1', 'pr.project_id = t1.task_project');
$AppUI->redirect("m=public&a=access_denied"); } // setup the title block $titleBlock = new CTitleBlock('Trouble Ticket Management', 'gconf-app-icon.png', $m, "{$m}.{$a}"); if ($canAuthor) { $titleBlock->addCell('<input type="submit" class="button" value="' . $AppUI->_('new ticket') . '">', '', '<form name="ticketform" action="?m=ticketsmith&a=post_ticket" method="post">', '</form>'); } $titleBlock->show(); require DP_BASE_DIR . '/modules/ticketsmith/config.inc.php'; require DP_BASE_DIR . '/modules/ticketsmith/common.inc.php'; $column = $CONFIG["order_by"]; $direction = $CONFIG["message_order"]; $offset = 0; $limit = $CONFIG["view_rows"]; $dbprefix = dPgetConfig('dbprefix', ''); $type = dPgetCleanParam($_GET, 'type', ''); $column = dPgetParam($_GET, 'column', $column); $direction = dPgetParam($_GET, 'direction', $direction); $offset = dPgetParam($_GET, 'offset', $offset); $action = dPgetParam($_REQUEST, 'action', null); if ($type == '') { if ($AppUI->getState("ticket_type")) { $type = $AppUI->getState("ticket_type"); } else { $type = "Open"; } } else { $AppUI->setState("ticket_type", $type); } /* expunge deleted tickets */ if (@$action == "expunge") {
if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } /** * Generates a report of the task logs for given dates */ if (!getPermission('task_log', 'view')) { redirect('m=public&a=access_denied'); } $do_report = dPgetParam($_GET, "do_report", ''); $log_all = (int) dPgetParam($_GET, 'log_all', 0); $log_pdf = (int) dPgetParam($_GET, 'log_pdf', 0); $log_ignore = (int) dPgetParam($_GET, 'log_ignore', 0); $log_userfilter = (int) dPgetParam($_GET, 'log_userfilter', '0'); $log_start_date = dPgetCleanParam($_GET, "log_start_date", 0); $log_end_date = dPgetCleanParam($_GET, "log_end_date", 0); // create Date objects from the datetime fields $start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate(); $end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate(); if (!$log_start_date) { $start_date->subtractSpan(new Date_Span("14,0,0,0")); } $end_date->setTime(23, 59, 59); ?> <script language="javascript"> var calendarField = ''; function popCalendar(field) { calendarField = field; idate = eval('document.editFrm.log_' + field + '.value'); window.open('index.php?m=public&a=calendar&dialog=1&callback=setCalendar&date=' + idate, 'calwin', 'width=250, height=220, scrollbars=no, status=no');
function notifyOwner() { $q = new DBQuery(); global $AppUI, $locale_char_set; $q->addTable('projects'); $q->addQuery('project_name'); $q->addWhere('project_id=' . $this->task_project); $sql = $q->prepare(); $q->clear(); $projname = htmlspecialchars_decode(db_loadResult($sql)); $mail = new Mail(); $mail->Subject($projname . '::' . $this->task_name . ' ' . $AppUI->_($this->_action, UI_OUTPUT_RAW), $locale_char_set); // c = creator // a = assignee // o = owner $q->addTable('tasks', 't'); $q->leftJoin('user_tasks', 'u', 'u.task_id = t.task_id'); $q->leftJoin('users', 'o', 'o.user_id = t.task_owner'); $q->leftJoin('contacts', 'oc', 'oc.contact_id = o.user_contact'); $q->leftJoin('users', 'c', 'c.user_id = t.task_creator'); $q->leftJoin('contacts', 'cc', 'cc.contact_id = c.user_contact'); $q->leftJoin('users', 'a', 'a.user_id = u.user_id'); $q->leftJoin('contacts', 'ac', 'ac.contact_id = a.user_contact'); $q->addQuery('t.task_id, cc.contact_email as creator_email' . ', cc.contact_first_name as creator_first_name' . ', cc.contact_last_name as creator_last_name' . ', oc.contact_email as owner_email' . ', oc.contact_first_name as owner_first_name' . ', oc.contact_last_name as owner_last_name' . ', a.user_id as assignee_id, ac.contact_email as assignee_email' . ', ac.contact_first_name as assignee_first_name' . ', ac.contact_last_name as assignee_last_name'); $q->addWhere(' t.task_id = ' . $this->task_id); $sql = $q->prepare(); $q->clear(); $users = db_loadList($sql); if (count($users)) { $body = $AppUI->_('Project', UI_OUTPUT_RAW) . ': ' . $projname . "\n" . $AppUI->_('Task', UI_OUTPUT_RAW) . ': ' . $this->task_name . "\n" . $AppUI->_('URL', UI_OUTPUT_RAW) . ': ' . DP_BASE_URL . '/index.php?m=tasks&a=view&task_id=' . $this->task_id . "\n\n" . $AppUI->_('Description', UI_OUTPUT_RAW) . ': ' . "\n" . $this->task_description . "\n\n" . $AppUI->_('Creator', UI_OUTPUT_RAW) . ': ' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . "\n\n" . $AppUI->_('Progress', UI_OUTPUT_RAW) . ': ' . $this->task_percent_complete . '%' . "\n\n" . dPgetCleanParam($_POST, 'task_log_description'); $mail->Body($body, isset($GLOBALS['locale_char_set']) ? $GLOBALS['locale_char_set'] : ''); $mail->From('"' . $AppUI->user_first_name . ' ' . $AppUI->user_last_name . '" <' . $AppUI->user_email . '>'); } if ($mail->ValidEmail($users[0]['owner_email'])) { $mail->To($users[0]['owner_email'], true); $mail->Send(); } return ''; }
// Let's update project status! if (isset($_GET['update_project_status']) && isset($_GET['project_status']) && isset($_GET['project_id'])) { $projects_id = $_GET['project_id']; // This must be an array foreach ($projects_id as $project_id) { $q->addTable('projects'); $q->addUpdate('project_status', $_GET['project_status']); $q->addWhere('project_id = ' . $project_id); $q->exec(); $q->clear(); } } // End of project status update // retrieve any state parameters if (isset($_GET['tab'])) { $AppUI->setState('ProjIdxTab', intval(dPgetCleanParam($_GET, 'tab'))); } $std_tab = 500; if (is_array(dPgetSysVal('StandardProjectTab')) && count(dPgetSysVal('StandardProjectTab') > 0)) { $std_tab_value = array_values(dPgetSysVal('StandardProjectTab')); $std_tab = $std_tab_value[0]; } $tab = $AppUI->getState('ProjIdxTab') !== NULL ? $AppUI->getState('ProjIdxTab') : $std_tab; $currentTabId = $tab; $active = intval(!$AppUI->getState('ProjIdxTab')); if (isset($_POST['company_id'])) { $AppUI->setState('ProjIdxCompany', intval($_POST['company_id'])); } $company_id = $AppUI->getState('ProjIdxCompany') !== NULL ? $AppUI->getState('ProjIdxCompany') : $AppUI->user_company; $company_prefix = 'company_'; if (isset($_POST['department'])) {
<?php if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $show_all = (int) dPgetParam($_REQUEST, 'show_all', 0); $company_id = (int) dPgetParam($_REQUEST, 'company_id', 0); $contact_id = (int) dPgetParam($_POST, 'contact_id', 0); $call_back = dPgetCleanParam($_GET, 'call_back', null); $contacts_submited = (int) dPgetParam($_POST, 'contacts_submited', 0); $selected_contacts_id = dPgetCleanParam($_GET, 'selected_contacts_id', ''); if (dPgetParam($_POST, 'selected_contacts_id')) { $selected_contacts_id = dPgetCleanParam($_POST, 'selected_contacts_id'); } ?> <script language="javascript"> function setContactIDs (method,querystring) { var URL = 'index.php?m=public&a=contact_selector'; var field = document.getElementsByName('contact_id[]'); var selected_contacts_id = document.frmContactSelect.selected_contacts_id; var currentIDstring = selected_contacts_id.value.toString(); var currentIDs = currentIDstring.split(','); var addkeepIDs = new Array(); var dropIDs = new Array(); var resultIDs = new Array(); var i = 0; var j = 0; var flag = 0;
$showPinned = $AppUI->getState('TaskDayShowPin', 0); } else { $showPinned = (int) dPgetParam($_POST, 'showPinned', '0'); $showPinned = $showPinned != '0' ? '1' : $showPinned; $showArcProjs = (int) dPgetParam($_POST, 'showArcProjs', '0'); $showArcProjs = $showArcProjs != '0' ? '1' : $showArcProjs; $showHoldProjs = (int) dPgetParam($_POST, 'showHoldProjs', '0'); $showHoldProjs = $showHoldProjs != '0' ? '1' : $showHoldProjs; $showDynTasks = (int) dPgetParam($_POST, 'showDynTasks', '0'); $showDynTasks = $showDynTasks != '0' ? '1' : $showDynTasks; $showLowTasks = (int) dPgetParam($_POST, 'showLowTasks', '0'); $showLowTasks = $showLowTasks != '0' ? '1' : $showLowTasks; } // months to scroll $scroll_date = 1; $display_option = dPgetCleanParam($_POST, 'display_option', 'this_month'); // format dates $df = $AppUI->getPref('SHDATEFORMAT'); if ($display_option == 'custom') { // custom dates $start_date = intval($sdate) ? new CDate($sdate) : new CDate(); $end_date = intval($edate) ? new CDate($edate) : new CDate(); } else { // month $start_date = new CDate(); $start_date->day = 1; $end_date = new CDate($start_date); $end_date->addMonths($scroll_date); } // setup the title block if (!@$min_view) {
if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $AppUI->savePlace(); $do_report = (bool) dPgetParam($_POST, 'do_report', true); $log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0); $log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0); $log_all = (bool) dPgetParam($_POST, 'log_all', true); $use_period = (int) dPgetParam($_POST, 'use_period', 0); $show_orphaned = (int) dPgetParam($_POST, 'show_orphaned', 0); $display_week_hours = (int) dPgetParam($_POST, 'display_week_hours', 0); $max_levels = dPgetCleanParam($_POST, 'max_levels', ''); $log_userfilter = (int) dPgetParam($_POST, 'log_userfilter', 0); $company_id = dPgetCleanParam($_POST, 'company_id', 'all'); $project_id = dPgetCleanParam($_POST, 'project_id', 'all'); require_once $AppUI->getModuleClass('projects'); require_once $AppUI->getModuleClass('tasks'); $proj = new CProject(); // filtering by companies $projects = $proj->getAllowedRecords($AppUI->user_id, 'project_id,project_name', 'project_name'); $projFilter = arrayMerge(array('all' => $AppUI->_('All Projects')), $projects); $durnTypes = dPgetSysVal('TaskDurationType'); $taskPriority = dPgetSysVal('TaskPriority'); // create Date objects from the datetime fields $start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate(); $end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate(); $now = new CDate(); if (!$log_start_date) { $start_date->subtractSpan(new Date_Span('14,0,0,0')); }
<?php if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $do_report = dPgetParam($_POST, 'do_report', 0); $log_start_date = dPgetCleanParam($_POST, 'log_start_date', 0); $log_end_date = dPgetCleanParam($_POST, 'log_end_date', 0); $log_all = (int) dPgetParam($_POST['log_all'], 0); $use_period = (int) dPgetParam($_POST, 'use_period', 0); $display_week_hours = (int) dPgetParam($_POST, 'display_week_hours', 0); $max_levels = dPgetCleanParam($_POST, 'max_levels', ''); $log_userfilter = dPgetCleanParam($_POST, 'log_userfilter', ''); $log_open = (int) dPgetParam($_POST, 'log_open', 0); $pdf_output = (int) dPgetParam($_POST, 'pdf_output', 0); $table_header = ''; $table_rows = ''; // create Date objects from the datetime fields $start_date = intval($log_start_date) ? new CDate($log_start_date) : new CDate(); $end_date = intval($log_end_date) ? new CDate($log_end_date) : new CDate(); if (!$log_start_date) { $start_date->subtractSpan(new Date_Span('14,0,0,0')); } $end_date->setTime(23, 59, 59); ?> <script language="javascript"> var calendarField = ''; function popCalendar(field) { calendarField = field;
// check if session has previously been initialised // if no ask for logging and do redirect if (!isset($_SESSION['AppUI']) || isset($_GET['logout'])) { $_SESSION['AppUI'] = new CAppUI(); $AppUI =& $_SESSION['AppUI']; $AppUI->checkStyle(); require_once $AppUI->getSystemClass('dp'); require_once DP_BASE_DIR . '/misc/debug.php'; if ($AppUI->doLogin()) { $AppUI->loadPrefs(0); } // check if the user is trying to log in if (isset($_REQUEST['login'])) { $username = dPgetCleanParam($_POST, 'username', ''); $password = dPgetCleanParam($_POST, 'password', ''); $redirect = dPgetCleanParam($_REQUEST, 'redirect', ''); $ok = $AppUI->login($username, $password); if (!$ok) { //display login failed message $uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $dPconfig['host_style']; $AppUI->setMsg('Login Failed'); require DP_BASE_DIR . '/style/' . $uistyle . '/login.php'; session_unset(); exit; } header('Location: fileviewer.php?' . $redirect); exit; } $uistyle = $AppUI->getPref('UISTYLE') ? $AppUI->getPref('UISTYLE') : $dPconfig['host_style']; // check if we are logged in if ($AppUI->doLogin()) {
if (!defined('DP_BASE_DIR')) { die('You should not access this file directly.'); } $del = dPgetParam($_POST, 'del'); $edit = dPgetCleanParam($_POST, 'edit'); $obj = new bcode(); $obj->_billingcode_id = (int) dPgetParam($_POST, 'billingcode_id', 0); $company_id = (int) dPgetParam($_REQUEST, 'company_id', 0); // prepare (and translate) the module name ready for the suffix $AppUI->setMsg('Billing Codes'); if ($del) { if ($msg = $obj->delete()) { $AppUI->setMsg($msg, UI_MSG_ERROR); } else { $AppUI->setMsg('deleted', UI_MSG_ALERT, true); } } else { if ($edit) { $obj->_billingcode_id = $edit; } $obj->billingcode_value = dPgetCleanParam($_REQUEST, 'billingcode_value'); $obj->billingcode_name = dPgetCleanParam($_REQUEST, 'billingcode_name'); $obj->billingcode_desc = dPgetCleanParam($_REQUEST, 'billingcode_desc'); $obj->company_id = $company_id; if ($msg = $obj->store()) { $AppUI->setMsg($msg, UI_MSG_ERROR); } else { $AppUI->setMsg('updated', UI_MSG_OK, true); } } $AppUI->redirect('m=system&a=billingcode&company_id=' . $company_id);