function mod_permissions($mod_action_name = FALSE, $mod_gid = FALSE, $mod_action = "show_form")
{
global $prefix, $hlpdsk_prefix, $tts, $name;
$mod_action_name = Security::sqlsecure($mod_action_name);
$mod_action_id = get_cross_value("{$prefix}{$hlpdsk_prefix}_actions", "action_id", " where action_name='{$mod_action_name}'");
$mod_gid = Security::sqlsecure($mod_gid);
switch ($mod_action) {
case "insert":
if ($mod_action_id and $mod_gid) {
$query = "insert into {$prefix}{$hlpdsk_prefix}_permissions (action_id,gid) values ('{$mod_action_id}','{$mod_gid}')";
if ($tts->query($query, $tts)) {
return TRUE;
}
}
return FALSE;
break;
case "delete":
if ($mod_action_id and $mod_gid) {
$query = "delete from {$prefix}{$hlpdsk_prefix}_permissions where gid='{$mod_gid}' and action_id='{$mod_action_id}'";
if ($tts->query($query, $tts)) {
return TRUE;
}
}
return FALSE;
break;
}
// show_form
$response = "<form action=\"modules.php?name={$name}&file=admin&func=mod_permissions\" method=POST>";
$response .= "<table border=1><tr>";
$response .= "<td><input name=mod_action_name type=text></td>";
$response .= "<td><input name=mod_gid type=text></td>" . "<td><font class=content>delete<input name=mod_action type=radio value=\"delete\"></td>" . "<td><font class=content>add<input name=mod_action type=radio value=\"insert\"></td>";
$response .= "</tr></table>";
$response .= "<input type=submit name=\"submit\"></form>";
return $response;
}
function change_issuer($Ticket_Number, $issuer)
{
global $GO_SECURITY, $hlpdsk_prefix, $prefix;
$acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
if (!$GO_SECURITY->user_in_acl($issuer, $acl_read)) {
$GO_SECURITY->add_user_to_acl($issuer, $acl_read);
}
$last_issuer_uid = Ticket::get_ticket_issuer_uid($Ticket_Number);
$new_issuer_uid = Security::sqlsecure($issuer);
if ($last_issuer_uid != $new_issuer_uid) {
$last_issuer = Security::get_uname($last_issuer_uid);
$result = Ticket::change_issuer($Ticket_Number, $new_issuer_uid);
$new_issuer = Security::get_uname($new_issuer_uid);
$comment = "Ticket re-issued from \\'{$last_issuer}\\' to: \\'{$new_issuer}\\' ";
add_task($Ticket_Number, $comment);
notify_change($Ticket_Number, $comment);
}
}
function printdb($extra_condition = "")
{
global $agent, $t_showall, $search, $strtosearch, $orderby, $name, $tts, $prefix, $hlpdsk_prefix, $limit, $limit_rows, $search_status, $submit, $temptime, $hlpdsk_theme, $field, $filter, $shadow_dark, $shadow_light, $show_hidden, $filter_field, $filter_value, $show_hidden, $GO_LANGUAGE, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $_SESSION;
require $GO_LANGUAGE->get_language_file('opentts');
if ($filter == 1) {
$alert_note = "FILTER ON -- <a href='my_tickets.php?submit=clear_filters'>CLEAR FILTER</a><br>";
if (isset($filter_field)) {
foreach ($filter_field as $key => $value) {
$alert_note .= " {$value}='{$filter_value[$key]}'<br> ";
}
}
}
$response_raw = unserialize(Search::querydb($extra_condition));
#
$response = "<BR><DIV align=center>";
if (!isset($alert_note)) {
$alert_note = '';
}
$response .= "<center><TABLE BORDER=1 CELLSPACING=1 CELLPADDING=1 bordercolor=Black><TR>" . "<TD valign=top>{$tts_lang_query}<br>{$alert_note}</TD>" . "<TD valign=top>";
$querytotal = $response_raw[0]['querytotal'];
$querytext = $response_raw[0]['querytext'];
if (Security::is_action_allowed('view_query')) {
$response .= Security::htmlsecure($querytext) . "</TD>";
} else {
$response .= Security::htmlsecure($strtosearch) . "</TD>";
}
$color = "ffeeee";
$recordcount = $response_raw[0]['recordcount'];
$row = 0;
$prev = $limit - 10;
$next = $limit + 10;
if ($prev < 0) {
$prev = 0;
}
$response .= "\n </TR>\n <TR>\n <TD>" . $tts_lang_total_records_found . "\n </TD>\n <TD>{$recordcount}/{$querytotal}\n </TD>\n </TR>\n\t\t</TABLE>";
$response .= "<br>";
if ($recordcount == 0) {
return $response;
}
$response_row = "";
if (Security::is_action_allowed("view_priority")) {
$file = "themes/{$hlpdsk_theme}/my_tickets.html";
$file = addslashes(implode("", file($file)));
} else {
$file = "themes/{$hlpdsk_theme}/my_tickets.html";
$file = addslashes(implode("", file($file)));
}
$color = "#FFFFFF";
#get format of row
if (Security::is_action_allowed("view_priority")) {
$tts_row = "themes/{$hlpdsk_theme}/my_tickets_row.html";
$tts_row = addslashes(implode("", file($tts_row)));
} else {
$tts_row = "themes/{$hlpdsk_theme}/my_tickets_row.html";
$tts_row = addslashes(implode("", file($tts_row)));
}
#
// Building hashes
$status_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name");
$stage_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name");
$category_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name");
$priority_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name");
$bck_clr_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_colors_tables", "clr_tbl_id", "bck_clr");
$fnt_clr_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_colors_tables", "clr_tbl_id", "fnt_clr");
$project_name_hash = SQL::build_hash("{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name");
$start_eiler_date = time();
while (list($key, $value) = each($response_raw)) {
if ($key == 0) {
continue;
}
$ticket_number = Security::sqlsecure($response_raw[$key]['ticket_number']);
$t_status = Security::sqlsecure($response_raw[$key]['t_status']);
$t_priority = Security::sqlsecure($response_raw[$key]['t_priority']);
$t_from = Security::sqlsecure($response_raw[$key]['t_from']);
$t_subject = Security::htmlsecure($response_raw[$key]['t_subject']);
$t_assigned = Security::sqlsecure($response_raw[$key]['t_assigned']);
$t_stage = Security::sqlsecure($response_raw[$key]['t_stage']);
$t_category = Security::sqlsecure($response_raw[$key]['t_category']);
$post_date = Security::sqlsecure($response_raw[$key]['post_date']);
$due_date = Security::sqlsecure($response_raw[$key]['due_date']);
$end_date = Security::sqlsecure($response_raw[$key]['end_date']);
$complete = Security::sqlsecure($response_raw[$key]['complete']);
$change_date = Security::sqlsecure($response_raw[$key]['change_date']);
$activity_id = Security::sqlsecure($response_raw[$key]['activity_id']);
$project_id = Security::sqlsecure($response_raw[$key]['project_id']);
$is_hidden = $t_stage;
if (!$t_subject) {
$t_subject = " ";
}
$print_complete = "{$complete}%";
$due_diff = $due_date - time();
$change_diff = $temptime - $change_date;
if (date("Y/m/d", $due_date) == date("Y/m/d")) {
$print_due_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $due_date);
} else {
$print_due_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $due_date);
}
$print_end_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $end_date);
$print_change_date = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date);
$print_last_visit = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $temptime);
if ($due_diff < 0) {
$due_color_start = "<font color=red>";
$due_color_stop = "</font>";
} else {
$due_color_start = "<font color=black>";
$due_color_stop = "</font>";
}
if ($change_diff < 0) {
$change_color_start = "<font color=red><img src='icons/red_folder.gif' alt='Changed'>";
$change_color_stop = "</font>";
} else {
$change_color_start = "<font color=black><img src='icons/folder.gif' alt=''>";
$change_color_stop = "</font>";
}
$status_name = Security::htmlsecure($status_hash[$t_status]);
$bck_clr = $bck_clr_hash[0];
$fnt_clr = $fnt_clr_hash[0];
$priority_name = Security::htmlsecure($priority_hash[$t_priority]);
$project_name = Security::htmlsecure($project_name_hash[$project_id]);
$fullname = get_cross_value("{$nuke_user_table}", "{$nuke_user_last_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_assigned}'");
$fullname .= ", " . get_cross_value("{$nuke_user_table}", "{$nuke_user_first_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_assigned}'");
$t_assigned_name = $fullname;
$category_name = Security::htmlsecure($category_hash[$t_category]);
$stage_name = Security::htmlsecure($stage_hash[$t_stage]);
$fullname = get_cross_value("{$nuke_user_table}", "{$nuke_user_last_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_from}'");
$fullname .= ", " . get_cross_value("{$nuke_user_table}", "{$nuke_user_first_name_fieldname}", " where {$nuke_user_id_fieldname}='{$t_from}'");
$issuer_name = Security::htmlsecure($fullname);
if ($is_hidden == 2) {
$color = $shadow_hidden;
} elseif (!strcmp($color, $shadow_dark)) {
$color = $shadow_light;
} else {
$color = $shadow_dark;
}
if ($activity_id == 1) {
$color = "00ff00";
}
eval("\$content_row=\"{$tts_row}\";");
$response_row .= $content_row;
#$response_row.= "</tr> ";
$row++;
}
$start_project_date = date("Ymd", $start_eiler_date) . "T000000Z";
eval("\$content_total=stripslashes(\"{$file}\");");
return $response . $content_total;
}
function get_activity_name($activity_id)
{
global $prefix, $hlpdsk_prefix;
$activity = Security::sqlsecure($activity_id);
return get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", " where activity_id='{$activity_id}' ");
}
function showrecords()
{
global $Ticket_Number, $name, $tts, $prefix, $hlpdsk_prefix, $hlpdsk_theme, $nuke_user_table, $nuke_user_last_name_fieldname, $nuke_username_fieldname, $hours, $mins, $javascript, $nuke_user_id_fieldname, $nuke_user_first_name_fieldname, $datepicker, $cmdOk, $cmdReset, $GO_SECURITY, $acl_read, $acl_write, $GO_LANGUAGE;
require $GO_LANGUAGE->get_language_file('opentts');
$acl_read = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_read', "where ticket_number='{$Ticket_Number}'");
$acl_write = get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", 'acl_write', "where ticket_number='{$Ticket_Number}'");
if ($GO_SECURITY->user_in_acl(whoami(), $acl_read) or $GO_SECURITY->user_in_acl(whoami(), $acl_write) or Security::is_action_allowed("view_all_tickets")) {
$query_condition = " ";
} else {
$query_condition = " and (t_from='" . whoami() . "' or t_assigned='" . whoami() . "')";
}
$querytext = "select * from {$prefix}{$hlpdsk_prefix}_tickets where Ticket_Number='{$Ticket_Number}' {$query_condition} ";
$tts->query($querytext);
$recordcount = $tts->num_rows();
$row = 0;
if ($recordcount = 0) {
return 'missing';
}
while ($tts->next_record()) {
$post_date = $tts->f('post_date');
$due_date = $tts->f('due_date');
$end_date = $tts->f('end_date');
$complete = $tts->f('complete');
$t_from = $tts->f('t_from');
$t_stage = $tts->f('t_stage');
$t_category = $tts->f('t_category');
$t_priority = $tts->f('t_priority');
$t_subject = htmlspecialchars($tts->f('t_subject'));
$t_description = htmlspecialchars($tts->f('t_description'));
#$t_description=str_replace("\n"," <br> ",$t_description);
$t_assigned = $tts->f('t_assigned');
$t_email = $tts->f('t_email');
$t_sms = $tts->f('t_sms');
$t_status = $tts->f('t_status');
$change_date = htmlspecialchars($tts->f('change_date'));
$activity_id = $tts->f('activity_id');
$project_id = $tts->f('project_id');
$due_date = date("Y/m/d H:i", $due_date);
$end_date = date("Y/m/d H:i", $end_date);
$action_changes = $javascript;
if ($t_sms == "on") {
$t_sms = " CHECKED";
}
if ($t_email == "on") {
$t_email = " CHECKED";
}
if ($GO_SECURITY->user_in_acl(whoami(), $acl_write)) {
$button = new button();
$action_changes .= $button->get_button($cmdOk, "javascript:document.change_status.submit()");
$action_changes .= $button->get_button($cmdReset, "javascript:document.change_status.reset()");
} else {
$action_changes .= '';
}
$action_changes .= "</form></center>";
$tts_lang_ticket_number = "Ticket Number:";
$tts_lang_post_date_value = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $post_date);
$fullname = opentts::get_fullname($t_from);
if (Security::is_action_allowed("imperson", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_from', $t_from);
$tts_lang_issuer = $select->get_link("{$tts_lang_issuer}");
$tts_lang_issuer_value = $select->get_field();
} else {
$tts_lang_issuer_value = "{$fullname}";
}
$stage_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_stages", "stage_name", " where stage_id='{$t_stage}'"));
$category_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_categories", "category_name", " where category_id='{$t_category}'"));
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$select_complete = "<select name='complete' class=textbox>" . "<option value='0' >0%</option>" . "<option value='10'>10%</option>" . "<option value='20'>20%</option>" . "<option value='30'>30%</option>" . "<option value='40'>40%</option>" . "<option value='50'>50%</option>" . "<option value='60'>60%</option>" . "<option value='70'>70%</option>" . "<option value='80'>80%</option>" . "<option value='90'>90%</option>" . "<option value='100'>100%</option>" . "</select>";
$t_assigned_name = Security::whatsmyname($t_assigned);
if (Security::is_action_allowed("change_subject", 0, $acl_write)) {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80>";
} else {
$tts_lang_subject_value = "<input name=t_subject value=\"" . Security::sqlsecure($t_subject) . "\" class=textbox max=80 size=80 readonly>";
}
$tts_lang_description_value = "<textarea name=t_description cols=80 rows=12 class=textbox readonly>" . Security::sqlsecure($t_description) . "</textarea>";
$tts_lang_change_date_VALUE = date("{$_SESSION['GO_SESSION']['date_format']} H:i", $change_date);
$tts_lang_email = "Email {$tts_lang_issuer}: <input type=checkbox name=t_email_issuer value=1><br>Email {$tts_lang_assigned} <input type=checkbox name=t_email_agent value=1>";
$post_changes = "<form name=\"change_status\" method=\"POST\" action=\"change_ticket.php?Ticket_Number={$Ticket_Number}&func=change_status\">";
if (Security::is_action_allowed("change_project", 0, $acl_write)) {
$project_name = select_option("{$project_id}", fill_select("project_id", "{$prefix}{$hlpdsk_prefix}_projects", "project_id", "project_name", " order by project_id"));
$tts_lang_project_value = "{$project_name}";
} else {
$project_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_projects", "project_name", " where project_id='{$project_id}'"));
$tts_lang_project_value = "{$project_name}";
}
$fullname = opentts::get_fullname($t_assigned);
if (Security::is_action_allowed("change_assigned", 0, $acl_write)) {
$select = new select('user', 'change_status', 't_assigned', $t_assigned);
$tts_lang_assign_to = $select->get_link("{$tts_lang_assign_to}");
$tts_lang_assign_to_value = $select->get_field();
} else {
$tts_lang_assign_to_value = "{$fullname}";
}
if (Security::is_action_allowed("change_end_date", 0, $acl_write)) {
$time = strtotime($end_date);
#$end_date_d_m_y=date("Y/m/d",$time);
$end_date_h = date("H", $time);
$end_date_i = date("i", $time);
$today = date($_SESSION['GO_SESSION']['date_format'], $time);
$end_date = $datepicker->get_date_picker('end_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today);
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$end_date .= '<td>';
$end_date_h_value = $dropbox->get_dropbox("end_date_h", $end_date_h);
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$end_date_i_value = $dropbox->get_dropbox("end_date_i", $end_date_i);
if ($htmldirection == 'rtl') {
$end_date .= "{$end_date_i_value}:{$end_date_h_value}";
} else {
$end_date .= "{$end_date_h_value}:{$end_date_i_value}";
}
$tts_lang_end_date_value = "{$end_date} ";
} else {
$tts_lang_end_date_value = "{$end_date}";
}
if (Security::is_action_allowed("change_complete", 0, $acl_write)) {
$_PERCENTAGE_COMPLETE_VALUE = select_option("{$complete}", "{$select_complete}");
} else {
$_PERCENTAGE_COMPLETE_VALUE = "{$complete} %";
}
if (Security::is_action_allowed("change_due_date", 0, $acl_write)) {
$time = strtotime($due_date);
$due_date_d_m_y = date($_SESSION['GO_SESSION']['date_format'], $time);
$due_date_h = date("H", $time);
$due_date_i = date("i", $time);
$today = date($_SESSION['GO_SESSION']['date_format'], $time);
$due_date = $datepicker->get_date_picker('due_date_d_m_y', $_SESSION['GO_SESSION']['date_format'], $today, '', '', 'onchange="javascript:document.change_status.end_date_d_m_y.value=this.value;"');
$dropbox = new dropbox();
$dropbox->add_arrays($hours, $hours);
$due_date .= '<td>';
$due_date_h_value = $dropbox->get_dropbox("due_date_h", $due_date_h, 'onchange="javascript:update_end_hour(this.value);"');
$dropbox = new dropbox();
$dropbox->add_arrays($mins, $mins);
$due_date_i_value = $dropbox->get_dropbox("due_date_i", $due_date_i, 'onchange="javascript:update_end_min(this.value);"');
if ($htmldirection == 'rtl') {
$due_date .= "{$due_date_i_value}:{$due_date_h_value}";
} else {
$due_date .= "{$due_date_h_value}:{$due_date_i_value}";
}
$tts_lang_due_date_value = "{$due_date} ";
} else {
$tts_lang_due_date_value = "{$tts_lang_due_date}{$due_date}";
}
if (Security::is_action_allowed("change_activity", 0, $acl_write)) {
$activity = select_option("{$activity_id}", fill_select("activity_id", "{$prefix}{$hlpdsk_prefix}_activities", "activity_id", "activity_name", " "));
$tts_lang_activity_value = "<br>{$activity} ";
} else {
$tts_lang_activity_value = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_activities", "activity_name", "where activity_id='{$activity_id}'"));
}
if (Security::is_action_allowed("change_status", 0, $acl_write)) {
$t_status_sel = select_option("{$t_status}", fill_select("t_status", "{$prefix}{$hlpdsk_prefix}_status", "status_id", "status_name", " "));
$tts_lang_status_value = "<br>{$t_status_sel}";
} else {
$status_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_status", "status_name", " where status_id='{$t_status}'"));
$tts_lang_status_value = "{$status_name}";
}
if (Security::is_action_allowed("change_priority", 0, $acl_write)) {
$t_priorities = select_option("{$t_priority}", fill_select("t_priority", "{$prefix}{$hlpdsk_prefix}_priorities", "priority_id", "priority_name", " "));
$tts_lang_priority_value = "{$t_priorities}<br>";
} else {
$t_priority_name = Security::htmlsecure(get_cross_value("{$prefix}{$hlpdsk_prefix}_priorities", "priority_name", " where priority_id={$t_priority}"));
$tts_lang_priority_value = "{$t_priority_name}";
}
if (Security::is_action_allowed("change_category", 0, $acl_write)) {
$t_category = select_option("{$t_category}", fill_select("t_category", "{$prefix}{$hlpdsk_prefix}_categories", "category_id", "category_name", " "));
$tts_lang_category_value = "{$t_category}<br>";
} else {
$tts_lang_category_value = "{$category_name}";
}
if (Security::is_action_allowed("change_stage", 0, $acl_write)) {
$t_stage = select_option("{$t_stage}", fill_select("t_stage", "{$prefix}{$hlpdsk_prefix}_stages", "stage_id", "stage_name", " "));
$tts_lang_stage_value = "<br>{$t_stage}<br>";
} else {
$tts_lang_stage_value = Security::htmlsecure("{$stage_name}");
}
$mailto_subject = "?subject=" . addslashes("Ticket Task {$Ticket_Number}: ") . addslashes($t_subject);
$mailto_body = "&body=" . addslashes("Ticket/Task: {$Ticket_Number} / ") . addslashes($t_description);
$mailto = $mailto_subject . $mailto_body;
$tts_lang_mail_this = "<a href=\"mailto:{$mailto}\">Send email</a>";
$tts_lang_estimated_time = $_MONEY = '';
$tts_lang_mail_this = "";
$file = "themes/{$hlpdsk_theme}/showline_ticket.html";
$file = addslashes(implode("", file($file)));
eval("\$content=stripslashes(\" {$file}\");");
echo $content;
$row++;
}
}
function get_default_agent_id()
{
global $tts, $prefix, $hlpdsk_prefix;
$default_agent = get_cross_value("{$prefix}{$hlpdsk_prefix}_groups_members", 'uid', " where uid_default='1'");
return $default_agent;
}
function get_task_assigned($ticket_number)
{
global $prefix, $hlpdsk_prefix;
$ticket_number = Security::sqlsecure($ticket_number);
return get_cross_value("{$prefix}{$hlpdsk_prefix}_tickets", "t_assigned", " where ticket_number='{$ticket_number}'");
}