function mod_permissions($mod_action_name = FALSE, $mod_gid = FALSE, $mod_action = "show_form") { global $prefix, $hlpdsk_prefix, $tts, $name; $mod_action_name = Security::sqlsecure($mod_action_name); $mod_action_id = get_cross_value("{$prefix}{$hlpdsk_prefix}_actions", "action_id", " where action_name='{$mod_action_name}'"); $mod_gid = Security::sqlsecure($mod_gid); switch ($mod_action) { case "insert": if ($mod_action_id and $mod_gid) { $query = "insert into {$prefix}{$hlpdsk_prefix}_permissions (action_id,gid) values ('{$mod_action_id}','{$mod_gid}')"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; case "delete": if ($mod_action_id and $mod_gid) { $query = "delete from {$prefix}{$hlpdsk_prefix}_permissions where gid='{$mod_gid}' and action_id='{$mod_action_id}'"; if ($tts->query($query, $tts)) { return TRUE; } } return FALSE; break; } // show_form $response = "<form action=\"modules.php?name={$name}&file=admin&func=mod_permissions\" method=POST>"; $response .= "<table border=1><tr>"; $response .= "<td><input name=mod_action_name type=text></td>"; $response .= "<td><input name=mod_gid type=text></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>"; $response .= "</tr></table>"; $response .= "<input type=submit name=\"submit\"></form>"; return $response; }
function change_issuer($Ticket_Number, $issuer) { global $GO_SECURITY, $hlpdsk_prefix, $prefix; $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'"); if (!$GO_SECURITY->user_in_acl($issuer, $acl_read)) { $GO_SECURITY->add_user_to_acl($issuer, $acl_read); } $last_issuer_uid = Ticket::get_ticket_issuer_uid($Ticket_Number); $new_issuer_uid = Security::sqlsecure($issuer); if ($last_issuer_uid != $new_issuer_uid) { $last_issuer = Security::get_uname($last_issuer_uid); $result = Ticket::change_issuer($Ticket_Number, $new_issuer_uid); $new_issuer = Security::get_uname($new_issuer_uid); $comment = "Ticket re-issued from \\'{$last_issuer}\\' to: \\'{$new_issuer}\\' "; add_task($Ticket_Number, $comment); notify_change($Ticket_Number, $comment); } }
function printdb($extra_condition = "") { global $agent, $t_showall, $search, $strtosearch, $orderby, $name, $tts, $prefix, $hlpdsk_prefix, $limit, $limit_rows, $search_status, $submit, $temptime, $hlpdsk_theme, $field, $filter, $shadow_dark, $shadow_light, $show_hidden, $filter_field, $filter_value, $show_hidden, $GO_LANGUAGE, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $_SESSION; require $GO_LANGUAGE->get_language_file('opentts'); if ($filter == 1) { $alert_note = "FILTER ON -- <a href='my_tickets.php?submit=clear_filters'>CLEAR FILTER</a><br>"; if (isset($filter_field)) { foreach ($filter_field as $key => $value) { $alert_note .= " {$value}='{$filter_value[$key]}'<br> "; } } } $response_raw = unserialize(Search::querydb($extra_condition)); # $response = "<BR><DIV align=center>"; if (!isset($alert_note)) { $alert_note = ''; } $response .= "<center><TABLE BORDER=1 CELLSPACING=1 CELLPADDING=1 bordercolor=Black><TR>" . "<TD valign=top>{$tts_lang_query}<br>{$alert_note}</TD>" . "<TD valign=top>"; $querytotal = $response_raw[0]['querytotal']; $querytext = $response_raw[0]['querytext']; if (Security::is_action_allowed('view_query')) { $response .= Security::htmlsecure($querytext) . "</TD>"; } else { $response .= Security::htmlsecure($strtosearch) . "</TD>"; } $color = "ffeeee"; $recordcount = $response_raw[0]['recordcount']; $row = 0; $prev = $limit - 10; $next = $limit + 10; if ($prev < 0) { $prev = 0; } $response .= "\n </TR>\n <TR>\n <TD>" . $tts_lang_total_records_found . "\n </TD>\n <TD>{$recordcount}/{$querytotal}\n </TD>\n </TR>\n\t\t</TABLE>"; $response .= "<br>"; if ($recordcount == 0) { return $response; } $response_row = ""; if (Security::is_action_allowed("view_priority")) { $file = "themes/{$hlpdsk_theme}/my_tickets.html"; $file = addslashes(implode("", file($file))); } else { $file = "themes/{$hlpdsk_theme}/my_tickets.html"; $file = addslashes(implode("", file($file))); } $color = "#FFFFFF"; #get format of row if (Security::is_action_allowed("view_priority")) { $tts_row = "themes/{$hlpdsk_theme}/my_tickets_row.html"; $tts_row = addslashes(implode("", file($tts_row))); } else { $tts_row = "themes/{$hlpdsk_theme}/my_tickets_row.html"; $tts_row = addslashes(implode("", file($tts_row))); } # // Building hashes $status_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name"); $stage_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name"); $category_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name"); $priority_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name"); $bck_clr_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_colors_tables", "clr_tbl_id", "bck_clr"); $fnt_clr_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_colors_tables", "clr_tbl_id", "fnt_clr"); $project_name_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name"); $start_eiler_date = time(); while (list($key, $value) = each($response_raw)) { if ($key == 0) { continue; } $ticket_number = Security::sqlsecure($response_raw[$key]['ticket_number']); $t_status = Security::sqlsecure($response_raw[$key]['t_status']); $t_priority = Security::sqlsecure($response_raw[$key]['t_priority']); $t_from = Security::sqlsecure($response_raw[$key]['t_from']); $t_subject = Security::htmlsecure($response_raw[$key]['t_subject']); $t_assigned = Security::sqlsecure($response_raw[$key]['t_assigned']); $t_stage = Security::sqlsecure($response_raw[$key]['t_stage']); $t_category = Security::sqlsecure($response_raw[$key]['t_category']); $post_date = Security::sqlsecure($response_raw[$key]['post_date']); $due_date = Security::sqlsecure($response_raw[$key]['due_date']); $end_date = Security::sqlsecure($response_raw[$key]['end_date']); $complete = Security::sqlsecure($response_raw[$key]['complete']); $change_date = Security::sqlsecure($response_raw[$key]['change_date']); $activity_id = Security::sqlsecure($response_raw[$key]['activity_id']); $project_id = Security::sqlsecure($response_raw[$key]['project_id']); $is_hidden = $t_stage; if (!$t_subject) { $t_subject = " "; } $print_complete = "{$complete}%"; $due_diff = $due_date - time(); $change_diff = $temptime - $change_date; if (date("Y/m/d", $due_date) == date("Y/m/d")) { $print_due_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $due_date); } else { $print_due_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $due_date); } $print_end_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $end_date); $print_change_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date); $print_last_visit = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $temptime); if ($due_diff < 0) { $due_color_start = "<font color=red>"; $due_color_stop = "</font>"; } else { $due_color_start = "<font color=black>"; $due_color_stop = "</font>"; } if ($change_diff < 0) { $change_color_start = "<font color=red><img src='icons/red_folder.gif' alt='Changed'>"; $change_color_stop = "</font>"; } else { $change_color_start = "<font color=black><img src='icons/folder.gif' alt=''>"; $change_color_stop = "</font>"; } $status_name = Security::htmlsecure($status_hash[$t_status]); $bck_clr = $bck_clr_hash[0]; $fnt_clr = $fnt_clr_hash[0]; $priority_name = Security::htmlsecure($priority_hash[$t_priority]); $project_name = Security::htmlsecure($project_name_hash[$project_id]); $fullname = get_cross_value("{$nuke_user_table}", "{$nuke_user_last_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_assigned}'"); $fullname .= ", " . get_cross_value("{$nuke_user_table}", "{$nuke_user_first_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_assigned}'"); $t_assigned_name = $fullname; $category_name = Security::htmlsecure($category_hash[$t_category]); $stage_name = Security::htmlsecure($stage_hash[$t_stage]); $fullname = get_cross_value("{$nuke_user_table}", "{$nuke_user_last_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_from}'"); $fullname .= ", " . get_cross_value("{$nuke_user_table}", "{$nuke_user_first_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_from}'"); $issuer_name = Security::htmlsecure($fullname); if ($is_hidden == 2) { $color = $shadow_hidden; } elseif (!strcmp($color, $shadow_dark)) { $color = $shadow_light; } else { $color = $shadow_dark; } if ($activity_id == 1) { $color = "00ff00"; } eval("\$content_row=\"{$tts_row}\";"); $response_row .= $content_row; #$response_row.= "</tr> "; $row++; } $start_project_date = date("Ymd", $start_eiler_date) . "T000000Z"; eval("\$content_total=stripslashes(\"{$file}\");"); return $response . $content_total; }
function get_activity_name($activity_id) { global $prefix, $hlpdsk_prefix; $activity = Security::sqlsecure($activity_id); return get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", " where activity_id='{$activity_id}' "); }
function showrecords() { global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE; require $GO_LANGUAGE->get_language_file('opentts'); $acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'"); $acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'"); if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) { $query_condition = " "; } else { $query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')"; } $querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} "; $tts->query($querytext); $recordcount = $tts->num_rows(); $row = 0; if ($recordcount = 0) { return 'missing'; } while ($tts->next_record()) { $post_date = $tts->f('post_date'); $due_date = $tts->f('due_date'); $end_date = $tts->f('end_date'); $complete = $tts->f('complete'); $t_from = $tts->f('t_from'); $t_stage = $tts->f('t_stage'); $t_category = $tts->f('t_category'); $t_priority = $tts->f('t_priority'); $t_subject = htmlspecialchars($tts->f('t_subject')); $t_description = htmlspecialchars($tts->f('t_description')); #$t_description=str_replace("\n"," <br> ",$t_description); $t_assigned = $tts->f('t_assigned'); $t_email = $tts->f('t_email'); $t_sms = $tts->f('t_sms'); $t_status = $tts->f('t_status'); $change_date = htmlspecialchars($tts->f('change_date')); $activity_id = $tts->f('activity_id'); $project_id = $tts->f('project_id'); $due_date = date("Y/m/d H:i", $due_date); $end_date = date("Y/m/d H:i", $end_date); $action_changes = $javascript; if ($t_sms == "on") { $t_sms = " CHECKED"; } if ($t_email == "on") { $t_email = " CHECKED"; } if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) { $button = new button(); $action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()"); $action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()"); } else { $action_changes .= ''; } $action_changes .= "</form></center>"; $tts_lang_ticket_number = "Ticket Number:"; $tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date); $fullname = opentts::get_fullname($t_from); if (Security::is_action_allowed("imperson", 0, $acl_write)) { $select = new select('user', 'change_status', 't_from', $t_from); $tts_lang_issuer = $select->get_link("{$tts_lang_issuer}"); $tts_lang_issuer_value = $select->get_field(); } else { $tts_lang_issuer_value = "{$fullname}"; } $stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'")); $category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'")); $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>"; $t_assigned_name = Security::whatsmyname($t_assigned); if (Security::is_action_allowed("change_subject", 0, $acl_write)) { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>"; } else { $tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>"; } $tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>"; $tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date); $tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>"; $post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">"; if (Security::is_action_allowed("change_project", 0, $acl_write)) { $project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id")); $tts_lang_project_value = "{$project_name}"; } else { $project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'")); $tts_lang_project_value = "{$project_name}"; } $fullname = opentts::get_fullname($t_assigned); if (Security::is_action_allowed("change_assigned", 0, $acl_write)) { $select = new select('user', 'change_status', 't_assigned', $t_assigned); $tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}"); $tts_lang_assign_to_value = $select->get_field(); } else { $tts_lang_assign_to_value = "{$fullname}"; } if (Security::is_action_allowed("change_end_date", 0, $acl_write)) { $time = strtotime($end_date); #$end_date_d_m_y=date("Y/m/d",$time); $end_date_h = date("H", $time); $end_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $end_date .= '<td>'; $end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i); if ($htmldirection == 'rtl') { $end_date .= "{$end_date_i_value}:{$end_date_h_value}"; } else { $end_date .= "{$end_date_h_value}:{$end_date_i_value}"; } $tts_lang_end_date_value = "{$end_date} "; } else { $tts_lang_end_date_value = "{$end_date}"; } if (Security::is_action_allowed("change_complete", 0, $acl_write)) { $_PERCENTAGE_COMPLETE_VALUE = select_option("{$complete}", "{$select_complete}"); } else { $_PERCENTAGE_COMPLETE_VALUE = "{$complete} %"; } if (Security::is_action_allowed("change_due_date", 0, $acl_write)) { $time = strtotime($due_date); $due_date_d_m_y = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date_h = date("H", $time); $due_date_i = date("i", $time); $today = date($_SESSION['GO_SESSION']['date_format'], $time); $due_date = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today, '', '', 'onchange="javascript:document.change_status.end_date_d_m_y.value=this.value;"'); $dropbox = new dropbox(); $dropbox->add_arrays($hours, $hours); $due_date .= '<td>'; $due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"'); $dropbox = new dropbox(); $dropbox->add_arrays($mins, $mins); $due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"'); if ($htmldirection == 'rtl') { $due_date .= "{$due_date_i_value}:{$due_date_h_value}"; } else { $due_date .= "{$due_date_h_value}:{$due_date_i_value}"; } $tts_lang_due_date_value = "{$due_date} "; } else { $tts_lang_due_date_value = "{$tts_lang_due_date}{$due_date}"; } if (Security::is_action_allowed("change_activity", 0, $acl_write)) { $activity = select_option("{$activity_id}", fill_select("activity_id", "{$prefix}{$hlpdsk_prefix}_activities", "activity_id", "activity_name", " ")); $tts_lang_activity_value = "<br>{$activity} "; } else { $tts_lang_activity_value = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", "where activity_id='{$activity_id}'")); } if (Security::is_action_allowed("change_status", 0, $acl_write)) { $t_status_sel = select_option("{$t_status}", fill_select("t_status", "{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name", " ")); $tts_lang_status_value = "<br>{$t_status_sel}"; } else { $status_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_status", "status_name", " where status_id='{$t_status}'")); $tts_lang_status_value = "{$status_name}"; } if (Security::is_action_allowed("change_priority", 0, $acl_write)) { $t_priorities = select_option("{$t_priority}", fill_select("t_priority", "{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name", " ")); $tts_lang_priority_value = "{$t_priorities}<br>"; } else { $t_priority_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_priorities", "priority_name", " where priority_id={$t_priority}")); $tts_lang_priority_value = "{$t_priority_name}"; } if (Security::is_action_allowed("change_category", 0, $acl_write)) { $t_category = select_option("{$t_category}", fill_select("t_category", "{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name", " ")); $tts_lang_category_value = "{$t_category}<br>"; } else { $tts_lang_category_value = "{$category_name}"; } if (Security::is_action_allowed("change_stage", 0, $acl_write)) { $t_stage = select_option("{$t_stage}", fill_select("t_stage", "{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name", " ")); $tts_lang_stage_value = "<br>{$t_stage}<br>"; } else { $tts_lang_stage_value = Security::htmlsecure("{$stage_name}"); } $mailto_subject = "?subject=" . addslashes("Ticket Task {$Ticket_Number}: ") . addslashes($t_subject); $mailto_body = "&body=" . addslashes("Ticket/Task: {$Ticket_Number} / ") . addslashes($t_description); $mailto = $mailto_subject . $mailto_body; $tts_lang_mail_this = "<a href=\"mailto:{$mailto}\">Send email</a>"; $tts_lang_estimated_time = $_MONEY = ''; $tts_lang_mail_this = ""; $file = "themes/{$hlpdsk_theme}/showline_ticket.html"; $file = addslashes(implode("", file($file))); eval("\$content=stripslashes(\" {$file}\");"); echo $content; $row++; } }
function get_default_agent_id() { global $tts, $prefix, $hlpdsk_prefix; $default_agent = get_cross_value("{$prefix}{$hlpdsk_prefix}_groups_members", 'uid', " where uid_default='1'"); return $default_agent; }
function get_task_assigned($ticket_number) { global $prefix, $hlpdsk_prefix; $ticket_number = Security::sqlsecure($ticket_number); return get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", "t_assigned", " where ticket_number='{$ticket_number}'"); }