Пример #1
0
if (!defined('GLPI_ROOT')) {
    die("Can not acces directly to this file");
}
Session::checkCentralAccess();
// Make a select box with all glpi users
$where = " WHERE `glpi_contacts_suppliers`.`contacts_id` = `glpi_contacts`.`id` " . " AND (`glpi_contacts_suppliers`.`suppliers_id` = '" . $_POST['suppliers_id'] . "' " . " AND `glpi_contacts`.`is_deleted` = '0' ) ";
if (isset($_POST["entity_restrict"])) {
    if (!is_numeric($_POST["entity_restrict"]) && !is_array($_POST["entity_restrict"])) {
        $_POST["entity_restrict"] = unserialize(Toolbox::stripslashes_deep($_POST["entity_restrict"]));
    }
    $where .= getEntitiesRestrictRequest("AND", "glpi_contacts", '', $_POST["entity_restrict"], true);
} else {
    $where .= getEntitiesRestrictRequest("AND", "glpi_contacts", '', '', true);
}
if ($_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
    $where .= " AND `glpi_contacts`.`name` " . makeTextSearch($_POST['searchText']);
}
$NBMAX = $CFG_GLPI["dropdown_max"];
$LIMIT = "LIMIT 0,{$NBMAX}";
if ($_POST['searchText'] == $CFG_GLPI["ajax_wildcard"]) {
    $LIMIT = "";
}
$query = "SELECT `glpi_contacts`.*\n   FROM `glpi_contacts`,`glpi_contacts_suppliers`\n   {$where}\n   ORDER BY `entities_id`, `name` {$LIMIT}";
//error_log($query);
$result = $DB->query($query);
echo "<select name=\"contacts_id\">";
echo "<option value=\"0\">" . Dropdown::EMPTY_VALUE . "</option>";
if ($DB->numrows($result)) {
    $prev = -1;
    while ($data = $DB->fetch_array($result)) {
        if ($data["entities_id"] != $prev) {
// Original Author of file: Julien Dombre
// Purpose of file:
// ----------------------------------------------------------------------
if (strpos($_SERVER['PHP_SELF'], "dropdownSelectSoftware.php")) {
    $AJAX_INCLUDE = 1;
    define('GLPI_ROOT', '..');
    include GLPI_ROOT . "/inc/includes.php";
    header("Content-Type: text/html; charset=UTF-8");
    header_nocache();
}
checkRight("software", "w");
// Make a select box
$rand = mt_rand();
$where = "";
if (strlen($_POST['searchText']) > 0 && $_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
    $where .= " AND `name` " . makeTextSearch($_POST['searchText']) . " ";
}
$where .= getEntitiesRestrictRequest(' AND', 'glpi_softwares', 'entities_id', $_POST["entity_restrict"], true);
$query = "SELECT DISTINCT `glpi_softwares`.`id`,\n                          `glpi_softwares`.`name`\n          FROM `glpi_softwares`\n          WHERE `glpi_softwares`.`is_deleted` = '0'\n                AND `glpi_softwares`.`is_template` = '0'\n                {$where}\n          ORDER BY `glpi_softwares`.`name`";
$result = $DB->query($query);
echo "<select name='softwares_id' id='item_type{$rand}'>\n";
echo "<option value='0'>" . DROPDOWN_EMPTY_VALUE . "</option>\n";
if ($DB->numrows($result)) {
    while ($data = $DB->fetch_array($result)) {
        $softwares_id = $data["id"];
        $output = $data["name"];
        echo "<option value='{$softwares_id}' title=\"" . cleanInputText($output) . "\">" . utf8_substr($output, 0, $_SESSION["glpidropdown_chars_limit"]) . "</option>";
    }
}
echo "</select>\n";
$paramsselsoft = array('softwares_id' => '__VALUE__', 'myname' => $_POST["myname"]);
Пример #3
0
    if (is_array($_POST['used'])) {
        $used = $_POST['used'];
    } else {
        $used = unserialize(stripslashes($_POST['used']));
    }
    if (count($used)) {
        $where .= ",'" . implode("','", $used) . "'";
    }
}
$where .= ") ";
if (isset($_POST['condition']) && $_POST['condition'] != '') {
    $where .= " AND " . $_POST['condition'] . " ";
}
if ($item instanceof CommonTreeDropdown) {
    if ($_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
        $where .= " AND `completename` " . makeTextSearch($_POST['searchText']);
    }
    $multi = false;
    // Manage multiple Entities dropdowns
    $add_order = "";
    if ($item->isEntityAssign()) {
        $recur = $item->maybeRecursive();
        // Entities are not really recursive : do not display parents
        if ($_POST['itemtype'] == 'Entity') {
            $recur = false;
        }
        if (isset($_POST["entity_restrict"]) && !($_POST["entity_restrict"] < 0)) {
            $where .= getEntitiesRestrictRequest(" AND ", $table, '', $_POST["entity_restrict"], $recur);
            if (is_array($_POST["entity_restrict"]) && count($_POST["entity_restrict"]) > 1) {
                $multi = true;
            }
Пример #4
0
/**
 * Create SQL search condition
 *
 * @param $field name (should be ` protected)
 * @param $val string: value to search
 * @param $not boolean: is a negative search ?
 * @param $link with previous criteria
 *
 * @return search SQL string
**/
function makeTextCriteria($field, $val, $not = false, $link = 'AND')
{
    $sql = $field . makeTextSearch($val, $not);
    if ($not && $val != 'NULL' && $val != 'null' && $val != '^$' || !$not && $val == '^$') {
        // Empty
        $sql = "({$sql} OR {$field} IS NULL)";
    }
    return " {$link} {$sql} ";
}
// Original Author of file: Julien Dombre
// Purpose of file:
// ----------------------------------------------------------------------
if (strpos($_SERVER['PHP_SELF'], "dropdownSelectSoftwareLicense.php")) {
    $AJAX_INCLUDE = 1;
    define('GLPI_ROOT', '..');
    include GLPI_ROOT . "/inc/includes.php";
    header("Content-Type: text/html; charset=UTF-8");
    header_nocache();
}
checkRight("software", "w");
// Make a select box
$rand = mt_rand();
$where = "";
if (strlen($_POST['searchText']) > 0 && $_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
    $where .= " AND `glpi_softwares`.`name` " . makeTextSearch($_POST['searchText']) . " ";
}
$where .= getEntitiesRestrictRequest(' AND', 'glpi_softwares', 'entities_id', $_POST["entity_restrict"]);
$query = "SELECT DISTINCT `glpi_softwares`.`id`,\n                          `glpi_softwares`.`name`\n          FROM `glpi_softwares`\n          INNER JOIN `glpi_softwarelicenses`\n               ON (`glpi_softwares`.`id` = `glpi_softwarelicenses`.`softwares_id`)\n          WHERE `glpi_softwares`.`is_deleted` = '0'\n                AND `glpi_softwares`.`is_template` = '0'\n                {$where}\n          ORDER BY `glpi_softwares`.`name`";
$result = $DB->query($query);
echo "<select name='softwares_id' id='item_type{$rand}'>\n";
echo "<option value='0'>" . DROPDOWN_EMPTY_VALUE . "</option>\n";
if ($DB->numrows($result)) {
    while ($data = $DB->fetch_array($result)) {
        $softwares_id = $data["id"];
        $output = $data["name"];
        echo "<option value='{$softwares_id}' title=\"" . cleanInputText($output) . "\">" . utf8_substr($output, 0, $_SESSION["glpidropdown_chars_limit"]) . "</option>";
    }
}
echo "</select>\n";
$paramsselsoft = array('softwares_id' => '__VALUE__', 'myname' => $_POST["myname"]);
Пример #6
0
 /**
  * Generic Function to add where to a request
  *
  * @param $link link string
  * @param $nott is it a negative search ?
  * @param $itemtype item type
  * @param $ID ID of the item to search
  * @param $searchtype searchtype used (equals or contains)
  * @param $val item num in the request
  * @param $meta is a meta search (meta=2 in search.class.php)
  *
  * @return select string
  **/
 static function addWhere($link, $nott, $itemtype, $ID, $searchtype, $val, $meta = 0)
 {
     global $LANG;
     $searchopt =& self::getOptions($itemtype);
     $table = $searchopt[$ID]["table"];
     $field = $searchopt[$ID]["field"];
     $inittable = $table;
     $addtable = '';
     if ($table != getTableForItemType($itemtype) && $searchopt[$ID]["linkfield"] != getForeignKeyFieldForTable($table)) {
         $addtable = "_" . $searchopt[$ID]["linkfield"];
         $table .= $addtable;
     }
     if (isset($searchopt[$ID]['joinparams'])) {
         $complexjoin = self::computeComplexJoinID($searchopt[$ID]['joinparams']);
         if (!empty($complexjoin)) {
             $table .= "_" . $complexjoin;
         }
     }
     if ($meta && getTableForItemType($itemtype) != $table) {
         $table .= "_" . $itemtype;
     }
     // Hack to allow search by ID on every sub-table
     if (preg_match('/^\\$\\$\\$\\$([0-9]+)$/', $val, $regs)) {
         return $link . " (`{$table}`.`id` " . ($nott ? "<>" : "=") . $regs[1] . " " . ($regs[1] == 0 ? " OR `{$table}`.`id` IS NULL" : '') . ") ";
     }
     // Preparse value
     if (isset($searchopt[$ID]["datatype"])) {
         switch ($searchopt[$ID]["datatype"]) {
             case "datetime":
             case "date":
             case "date_delay":
                 $format_use = "Y-m-d";
                 if ($searchopt[$ID]["datatype"] == 'datetime') {
                     $format_use = "Y-m-d H:i:s";
                 }
                 // Parsing relative date
                 if ($val == 'NOW') {
                     $val = date($format_use);
                 }
                 if (preg_match("/^(-?)(\\d+)(\\w+)\$/", $val, $matches)) {
                     if (in_array($matches[3], array('YEAR', 'MONTH', 'WEEK', 'DAY', 'HOUR'))) {
                         $nb = intval($matches[2]);
                         if ($matches[1] == '-') {
                             $nb = -$nb;
                         }
                         // Use it to have a clean delay computation (MONTH / YEAR have not always the same duration)
                         $hour = date("H");
                         $minute = date("i");
                         $second = 0;
                         $month = date("n");
                         $day = date("j");
                         $year = date("Y");
                         switch ($matches[3]) {
                             case "YEAR":
                                 $year += $nb;
                                 break;
                             case "MONTH":
                                 $month += $nb;
                                 break;
                             case "WEEK":
                                 $day += 7 * $nb;
                                 break;
                             case "DAY":
                                 $day += $nb;
                                 break;
                             case "HOUR":
                                 $hour += $nb;
                                 break;
                         }
                         $val = date($format_use, mktime($hour, $minute, $second, $month, $day, $year));
                     }
                 }
                 break;
         }
     }
     switch ($searchtype) {
         case "contains":
             $SEARCH = makeTextSearch($val, $nott);
             break;
         case "equals":
             if ($nott) {
                 $SEARCH = " <> '{$val}'";
             } else {
                 $SEARCH = " = '{$val}'";
             }
             break;
         case "notequals":
             if ($nott) {
                 $SEARCH = " = '{$val}'";
             } else {
                 $SEARCH = " <> '{$val}'";
             }
             break;
     }
     // Plugin can override core definition for its type
     if ($plug = isPluginItemType($itemtype)) {
         $function = 'plugin_' . $plug['plugin'] . '_addWhere';
         if (function_exists($function)) {
             $out = $function($link, $nott, $itemtype, $ID, $val);
             if (!empty($out)) {
                 return $out;
             }
         }
     }
     switch ($inittable . "." . $field) {
         //          case "glpi_users_validation.name" :
         case "glpi_users.name":
             if ($itemtype == 'User') {
                 // glpi_users case / not link table
                 if (in_array($searchtype, array('equals', 'notequals'))) {
                     return " {$link} `{$table}`.`id`" . $SEARCH;
                 }
                 return makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, $link);
             }
             if ($_SESSION["glpinames_format"] == FIRSTNAME_BEFORE) {
                 $name1 = 'firstname';
                 $name2 = 'realname';
             } else {
                 $name1 = 'realname';
                 $name2 = 'firstname';
             }
             if (in_array($searchtype, array('equals', 'notequals'))) {
                 return " {$link} (`{$table}`.`id`" . $SEARCH . ($val == 0 ? " OR `{$table}`.`id` IS NULL" : '') . ') ';
             }
             return $link . " (`{$table}`.`{$name1}` {$SEARCH}\n                            OR `{$table}`.`{$name2}` {$SEARCH}\n                            OR CONCAT(`{$table}`.`{$name1}`, ' ',\n                                      `{$table}`.`{$name2}`) {$SEARCH}" . makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, 'OR') . ") ";
         case "glpi_groups.name":
             $linkfield = "";
             if (in_array($searchtype, array('equals', 'notequals'))) {
                 return " {$link} (`{$table}`.`id`" . $SEARCH . ($val == 0 ? " OR `{$table}`.`id` IS NULL" : '') . ') ';
             }
             return makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, $link);
         case "glpi_networkports.mac":
             if ($itemtype == 'Computer') {
                 return "{$link} (" . makeTextCriteria("`glpi_computers_devicenetworkcards`.`specificity`", $val, $nott, '') . makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, 'OR') . ")";
             }
             return makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, $link);
         case "glpi_infocoms.sink_time":
         case "glpi_infocoms.warranty_duration":
             $ADD = "";
             if ($nott && $val != 'NULL' && $val != 'null') {
                 $ADD = " OR `{$table}`.`{$field}` IS NULL";
             }
             if (is_numeric($val)) {
                 if ($nott) {
                     return $link . " (`{$table}`.`{$field}` <> " . intval($val) . " " . $ADD . " ) ";
                 }
                 return $link . " (`{$table}`.`{$field}` = " . intval($val) . "  " . $ADD . " ) ";
             }
             break;
         case "glpi_infocoms.sink_type":
             $ADD = "";
             if ($nott && $val != 'NULL' && $val != 'null') {
                 $ADD = " OR `{$table}`.`{$field}` IS NULL";
             }
             if (stristr($val, Infocom::getAmortTypeName(1))) {
                 $val = 1;
             } else {
                 if (stristr($val, Infocom::getAmortTypeName(2))) {
                     $val = 2;
                 }
             }
             if (is_int($val) && $val > 0) {
                 if ($nott) {
                     return $link . " (`{$table}`.`{$field}` <> '{$val}' " . $ADD . " ) ";
                 }
                 return $link . " (`{$table}`.`{$field}` = '{$val}' " . $ADD . " ) ";
             }
             break;
         case "glpi_contacts.completename":
             if (in_array($searchtype, array('equals', 'notequals'))) {
                 return " {$link} `{$table}`.`id`" . $SEARCH;
             }
             if ($_SESSION["glpinames_format"] == FIRSTNAME_BEFORE) {
                 $name1 = 'firstname';
                 $name2 = 'name';
             } else {
                 $name1 = 'name';
                 $name2 = 'firstname';
             }
             return $link . " (`{$table}`.`{$name1}` {$SEARCH}\n                            OR `{$table}`.`{$name2}` {$SEARCH}\n                            OR CONCAT(`{$table}`.`{$name1}`,' ',`{$table}`.`{$name2}`) {$SEARCH}) ";
         case "glpi_auth_tables.name":
             $user_searchopt = self::getOptions('User');
             return $link . " (`glpi_authmails" . $addtable . "_" . self::computeComplexJoinID($user_searchopt[31]['joinparams']) . "`.`name` {$SEARCH}\n                            OR `glpi_authldaps" . $addtable . "_" . self::computeComplexJoinID($user_searchopt[30]['joinparams']) . "`.`name` {$SEARCH} ) ";
         case "glpi_contracts.renewal":
             $valid = Contract::getContractRenewalIDByName($val);
             if ($valid > 0) {
                 return $link . " `{$table}`.`{$field}`" . "=" . "'{$valid}'";
             }
             return "";
         case "glpi_profiles.interface":
             if (stristr(Profile::getInterfaceName('central'), $val)) {
                 return $link . " `{$table}`.`{$field}`='central'";
             }
             if (stristr(Profile::getInterfaceName('helpdesk'), $val)) {
                 return $link . " `{$table}`.`{$field}`='helpdesk'";
             }
             return "";
         case "glpi_networkports.ip":
             $search = array("/\\&lt;/", "/\\&gt;/");
             $replace = array("<", ">");
             $val = preg_replace($search, $replace, $val);
             if (preg_match("/^\\s*([<>])([=]*)[[:space:]]*([0-9\\.]+)/", $val, $regs)) {
                 if ($nott) {
                     if ($regs[1] == '<') {
                         $regs[1] = '>';
                     } else {
                         $regs[1] = '<';
                     }
                 }
                 $regs[1] .= $regs[2];
                 return $link . " (INET_ATON(`{$table}`.`{$field}`) " . $regs[1] . " " . ip2long($regs[3]) . ") ";
             }
             return makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, $link);
         case "glpi_tickets.status":
             $tocheck = array('new' => array('new'), 'notold' => array('new', 'plan', 'assign', 'waiting'), 'notclosed' => array('new', 'plan', 'assign', 'waiting', 'solved'), 'old' => array('solved', 'closed'), 'process' => array('plan', 'assign'), 'waiting' => array('waiting'), 'solved' => array('solved'), 'closed' => array('closed'), 'assign' => array('assign'), 'plan' => array('plan'));
             if (isset($tocheck[$val])) {
                 foreach ($tocheck[$val] as $key => $nval) {
                     if ($nott) {
                         $tocheck[$val][$key] = " `{$table}`.`{$field}` <> '{$nval}' ";
                     } else {
                         $tocheck[$val][$key] = " `{$table}`.`{$field}` = '{$nval}' ";
                     }
                 }
                 if ($nott) {
                     return $link . '(' . implode(' AND ', $tocheck[$val]) . ')';
                 }
                 return $link . '(' . implode(' OR ', $tocheck[$val]) . ')';
             }
             if ($val == 'all') {
                 return "";
             }
             break;
         case "glpi_tickets_tickets.tickets_id_1":
             return $link . " (`{$table}`.`tickets_id_1` = '{$val}'\n                            OR `{$table}`.`tickets_id_2` = '{$val}')";
         case "glpi_tickets.priority":
         case "glpi_tickets.impact":
         case "glpi_tickets.urgency":
             if (is_numeric($val)) {
                 if ($val > 0) {
                     return $link . " `{$table}`.`{$field}` = '{$val}'";
                 }
                 if ($val < 0) {
                     return $link . " `{$table}`.`{$field}` >= '" . abs($val) . "'";
                 }
                 // Show all
                 return $link . " `{$table}`.`{$field}` >= '0' ";
             }
             return "";
         case "glpi_tickets.global_validation":
         case "glpi_ticketvalidations.status":
             $tocheck = array('none' => array('none'), 'waiting' => array('waiting'), 'rejected' => array('rejected'), 'accepted' => array('accepted'), 'can' => array('none', 'accepted'), 'all' => array('none', 'waiting', 'rejected', 'accepted'));
             if (isset($tocheck[$val])) {
                 foreach ($tocheck[$val] as $key => $nval) {
                     $tocheck[$val][$key] = " `{$table}`.`{$field}` = '{$nval}' ";
                 }
                 return $link . '(' . implode(' OR ', $tocheck[$val]) . ')';
             }
             if ($val == 'all') {
                 return "";
             }
             break;
         case "glpi_ticketsatisfactions.type":
             return $link . " `{$table}`.`{$field}` = '{$val}' ";
     }
     //// Default cases
     // Link with plugin tables
     if (preg_match("/^glpi_plugin_([a-z0-9]+)/", $inittable, $matches)) {
         if (count($matches) == 2) {
             $plug = $matches[1];
             $function = 'plugin_' . $plug . '_addWhere';
             if (function_exists($function)) {
                 $out = $function($link, $nott, $itemtype, $ID, $val);
                 if (!empty($out)) {
                     return $out;
                 }
             }
         }
     }
     $tocompute = "`{$table}`.`{$field}`";
     if (isset($searchopt[$ID]["computation"])) {
         $tocompute = $searchopt[$ID]["computation"];
         $tocompute = str_replace("TABLE", "`{$table}`", $tocompute);
     }
     // Preformat items
     if (isset($searchopt[$ID]["datatype"])) {
         switch ($searchopt[$ID]["datatype"]) {
             case "itemtypename":
                 if (in_array($searchtype, array('equals', 'notequals'))) {
                     return " {$link} (`{$table}`.`{$field}`" . $SEARCH . ') ';
                 }
             case "datetime":
             case "date":
             case "date_delay":
                 if ($searchopt[$ID]["datatype"] == 'datetime') {
                     // Specific search for datetime
                     if (in_array($searchtype, array('equals', 'notequals'))) {
                         $val = preg_replace("/:00\$/", '', $val);
                         $val = '^' . $val;
                         if ($searchtype == 'notequals') {
                             $nott = !$nott;
                         }
                         return makeTextCriteria("`{$table}`.`{$field}`", $val, $nott, $link);
                     }
                 }
                 if ($searchtype == 'lessthan') {
                     $val = '<' . $val;
                 }
                 if ($searchtype == 'morethan') {
                     $val = '>' . $val;
                 }
                 if ($searchtype) {
                     $date_computation = $tocompute;
                 }
                 $search_unit = ' MONTH ';
                 if (isset($searchopt[$ID]['searchunit'])) {
                     $search_unit = $searchopt[$ID]['searchunit'];
                 }
                 if ($searchopt[$ID]["datatype"] == "date_delay") {
                     $delay_unit = ' MONTH ';
                     if (isset($searchopt[$ID]['delayunit'])) {
                         $delay_unit = $searchopt[$ID]['delayunit'];
                     }
                     $date_computation = "ADDDATE(`{$table}`." . $searchopt[$ID]["datafields"][1] . ",\n                                               INTERVAL `{$table}`." . $searchopt[$ID]["datafields"][2] . "\n                                               {$delay_unit})";
                 }
                 if (in_array($searchtype, array('equals', 'notequals'))) {
                     return " {$link} ({$date_computation} " . $SEARCH . ') ';
                 }
                 $search = array("/\\&lt;/", "/\\&gt;/");
                 $replace = array("<", ">");
                 $val = preg_replace($search, $replace, $val);
                 if (preg_match("/^\\s*([<>=]+)(.*)/", $val, $regs)) {
                     if (is_numeric($regs[2])) {
                         return $link . " {$date_computation} " . $regs[1] . "\n                            ADDDATE(NOW(), INTERVAL " . $regs[2] . " {$search_unit}) ";
                     }
                     // ELSE Reformat date if needed
                     $regs[2] = preg_replace('@(\\d{1,2})(-|/)(\\d{1,2})(-|/)(\\d{4})@', '\\5-\\3-\\1', $regs[2]);
                     if (preg_match('/[0-9]{2,4}-[0-9]{1,2}-[0-9]{1,2}/', $regs[2])) {
                         return $link . " {$date_computation} " . $regs[1] . " '" . $regs[2] . "'";
                     }
                     return "";
                 }
                 // ELSE standard search
                 // Date format modification if needed
                 $val = preg_replace('@(\\d{1,2})(-|/)(\\d{1,2})(-|/)(\\d{4})@', '\\5-\\3-\\1', $val);
                 return makeTextCriteria($date_computation, $val, $nott, $link);
             case "right":
                 if ($val == 'NULL' || $val == 'null') {
                     return $link . " {$tocompute} IS " . ($nott ? 'NOT' : '') . " NULL ";
                 }
                 return $link . " {$tocompute} = '{$val}' ";
             case "bool":
                 if (!is_numeric($val)) {
                     if (strcasecmp($val, $LANG['choice'][0]) == 0) {
                         $val = 0;
                     } else {
                         if (strcasecmp($val, $LANG['choice'][1]) == 0) {
                             $val = 1;
                         }
                     }
                 }
                 // No break here : use number comparaison case
             // No break here : use number comparaison case
             case "number":
             case "decimal":
             case "timestamp":
                 $search = array("/\\&lt;/", "/\\&gt;/");
                 $replace = array("<", ">");
                 $val = preg_replace($search, $replace, $val);
                 if (preg_match("/([<>])([=]*)[[:space:]]*([0-9]+)/", $val, $regs)) {
                     if ($nott) {
                         if ($regs[1] == '<') {
                             $regs[1] = '>';
                         } else {
                             $regs[1] = '<';
                         }
                     }
                     $regs[1] .= $regs[2];
                     return $link . " ({$tocompute} " . $regs[1] . " " . $regs[3] . ") ";
                 }
                 if (is_numeric($val)) {
                     if (isset($searchopt[$ID]["width"])) {
                         $ADD = "";
                         if ($nott && $val != 'NULL' && $val != 'null') {
                             $ADD = " OR {$tocompute} IS NULL";
                         }
                         if ($nott) {
                             return $link . " ({$tocompute} < " . (intval($val) - $searchopt[$ID]["width"]) . "\n                                        OR {$tocompute} > " . (intval($val) + $searchopt[$ID]["width"]) . "\n                                        {$ADD}) ";
                         }
                         return $link . " (({$tocompute} >= " . (intval($val) - $searchopt[$ID]["width"]) . "\n                                      AND {$tocompute} <= " . (intval($val) + $searchopt[$ID]["width"]) . ")\n                                     {$ADD}) ";
                     }
                     if (!$nott) {
                         return " {$link} ({$tocompute} = " . intval($val) . ") ";
                     }
                     return " {$link} ({$tocompute} <> " . intval($val) . ") ";
                 }
                 break;
         }
     }
     // Default case
     if (in_array($searchtype, array('equals', 'notequals'))) {
         if ($table != getTableForItemType($itemtype) || $itemtype == 'States') {
             $out = " {$link} (`{$table}`.`id`" . $SEARCH;
         } else {
             $out = " {$link} (`{$table}`.`{$field}`" . $SEARCH;
         }
         if ($searchtype == 'notequals') {
             $nott = !$nott;
         }
         // Add NULL if $val = 0 and not negative search
         if (!$nott && $val == 0) {
             $out .= " OR `{$table}`.`id` IS NULL";
         }
         $out .= ')';
         return $out;
     }
     return makeTextCriteria($tocompute, $val, $nott, $link);
 }
Пример #7
0
         if (is_array($_POST["entity_restrict"]) && count($_POST["entity_restrict"]) > 1) {
             $multi = true;
         }
     } else {
         $where .= getEntitiesRestrictRequest("AND", $table, '', '', $multi);
         if (count($_SESSION['glpiactiveentities']) > 1) {
             $multi = true;
         }
     }
 }
 $field = "name";
 if ($item instanceof CommonDevice) {
     $field = "designation";
 }
 if ($_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
     $search = makeTextSearch($_POST['searchText']);
     $where .= " AND  (`{$table}`.`{$field}` " . $search;
     if ($_POST['itemtype'] == "SoftwareLicense") {
         $where .= " OR `glpi_softwares`.`name` " . $search;
     }
     $where .= ')';
 }
 switch ($_POST['itemtype']) {
     case "Contact":
         $query = "SELECT `{$table}`.`entities_id`,\n                          CONCAT(`name`,' ',`firstname`) AS {$field},\n                          `{$table}`.`comment`, `{$table}`.`id`\n                   FROM `{$table}`\n                   {$where}";
         break;
     case "SoftwareLicense":
         $query = "SELECT `{$table}`.*,\n                          CONCAT(`glpi_softwares`.`name`,' - ',`glpi_softwarelicenses`.`name`)\n                              AS {$field}\n                   FROM `{$table}`\n                   LEFT JOIN `glpi_softwares`\n                        ON (`glpi_softwarelicenses`.`softwares_id` = `glpi_softwares`.`id`)\n                   {$where}";
         break;
     default:
         $query = "SELECT *\n                   FROM `{$table}`\n                   {$where}";
Пример #8
0
}
if (!defined('GLPI_ROOT')) {
    die("Can not acces directly to this file");
}
checkLoginUser();
// Make a select box with preselected values
if (!isset($_POST["limit"])) {
    $_POST["limit"] = $_SESSION["glpidropdown_chars_limit"];
}
$NBMAX = $CFG_GLPI["dropdown_max"];
$LIMIT = "LIMIT 0,{$NBMAX}";
$sql = "SELECT `id`, `name`, `ranking`\n        FROM `glpi_rules`\n        WHERE `sub_type` = '" . $_POST["type"] . "'";
if ($_POST['searchText'] == $CFG_GLPI["ajax_wildcard"]) {
    $LIMIT = "";
} else {
    $sql .= " AND `name` " . makeTextSearch($_POST['searchText']);
}
if (isset($_POST['entity_restrict']) && $_POST['entity_restrict'] != '') {
    $sql .= " AND `glpi_rules`.`entities_id` = '" . $_POST['entity_restrict'] . "'";
}
$sql .= " ORDER BY `ranking` ASC " . $LIMIT;
$result = $DB->query($sql);
echo "<select id='dropdown_" . $_POST["myname"] . $_POST["rand"] . "' name='" . $_POST['myname'] . "' size='1'>";
if ($_POST['searchText'] != $CFG_GLPI["ajax_wildcard"] && $DB->numrows($result) == $NBMAX) {
    echo "<option value='0'>--" . $LANG['common'][11] . "--</option>";
} else {
    echo "<option value='0'>" . DROPDOWN_EMPTY_VALUE . "</option>";
}
if ($DB->numrows($result)) {
    while ($data = $DB->fetch_array($result)) {
        $ID = $data['id'];
Пример #9
0
    $AJAX_INCLUDE = 1;
    define('GLPI_ROOT', '..');
    include GLPI_ROOT . "/inc/includes.php";
    header("Content-Type: text/html; charset=UTF-8");
    header_nocache();
}
if (!defined('GLPI_ROOT')) {
    die("Can not acces directly to this file");
}
checkLoginUser();
// Make a select box with preselected values
if (!isset($_POST["limit"])) {
    $_POST["limit"] = $_SESSION["glpidropdown_chars_limit"];
}
if (strlen($_POST['searchText']) > 0 && $_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
    $where = " WHERE (`glpi_netpoints`.`name` " . makeTextSearch($_POST['searchText']) . "\n                     OR `glpi_locations`.`completename` " . makeTextSearch($_POST['searchText']) . ")";
} else {
    $where = " WHERE 1 ";
}
$NBMAX = $CFG_GLPI["dropdown_max"];
$LIMIT = "LIMIT 0,{$NBMAX}";
if ($_POST['searchText'] == $CFG_GLPI["ajax_wildcard"]) {
    $LIMIT = "";
}
$location_restrict = false;
if (!(isset($_POST["devtype"]) && $_POST["devtype"] != 'NetworkEquipment' && isset($_POST["locations_id"]) && $_POST["locations_id"] > 0)) {
    if (isset($_POST["entity_restrict"]) && $_POST["entity_restrict"] >= 0) {
        $where .= " AND `glpi_netpoints`.`entities_id` = '" . $_POST["entity_restrict"] . "'";
    } else {
        $where .= getEntitiesRestrictRequest(" AND ", "glpi_locations");
    }
Пример #10
0
function plugin_fusioninventory_addWhere($link, $nott, $type, $ID, $val)
{
    global $SEARCH_OPTION;
    $table = $SEARCH_OPTION[$type][$ID]["table"];
    $field = $SEARCH_OPTION[$type][$ID]["field"];
    //	echo "add where : ".$table.".".$field."<br/>";
    $SEARCH = makeTextSearch($val, $nott);
    switch ($type) {
        // * Computer List (front/computer.php)
        case COMPUTER_TYPE:
            switch ($table . "." . $field) {
                // ** FusionInventory - switch
                case "glpi_plugin_fusioninventory_networking.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_12.on_device IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_12.on_device IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_13.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - switch port
                // ** FusionInventory - switch port
                case "glpi_plugin_fusioninventory_networking_ports.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_22.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_22.name IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_22.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
            }
            break;
            // * Networking List (front/networking.php)
        // * Networking List (front/networking.php)
        case NETWORKING_TYPE:
            switch ($table . "." . $field) {
                // ** FusionInventory - last inventory
                case "glpi_plugin_fusioninventory_networking.FK_networking":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.last_fusioninventory_update IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.last_fusioninventory_update IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.last_fusioninventory_update  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - SNMP models
                // ** FusionInventory - SNMP models
                case "glpi_plugin_fusioninventory_model_infos.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.name IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - SNMP authentification
                // ** FusionInventory - SNMP authentification
                case "glpi_plugin_fusioninventory_networking.FK_snmp_connection":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR glpi_plugin_fusioninventory_snmpauths.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR glpi_plugin_fusioninventory_snmpauths.name IS NOT NULL";
                        }
                    }
                    return $link . " (glpi_plugin_fusioninventory_snmpauths.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - CPU
                // ** FusionInventory - CPU
                case "glpi_plugin_fusioninventory_networking.cpu":
                    break;
            }
            break;
            // * Printer List (front/printer.php)
        // * Printer List (front/printer.php)
        case PRINTER_TYPE:
            switch ($table . "." . $field) {
                // ** FusionInventory - last inventory
                case "glpi_plugin_fusioninventory_printers.FK_printers":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.last_fusioninventory_update IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.last_fusioninventory_update IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.last_fusioninventory_update  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - SNMP models
                // ** FusionInventory - SNMP models
                case "glpi_plugin_fusioninventory_model_infos.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.name IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - SNMP authentification
                // ** FusionInventory - SNMP authentification
                case "glpi_plugin_fusioninventory_snmpauths.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.name IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - switch
                // ** FusionInventory - switch
                case "glpi_plugin_fusioninventory_networking.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_12.on_device IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_12.on_device IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_13.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - switch port
                // ** FusionInventory - switch port
                case "glpi_plugin_fusioninventory_networking_ports.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_22.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_22.name IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_22.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
            }
            break;
            // * Unknown mac addresses connectd on switch - report (plugins/fusioninventory/report/unknown_mac.php)
        // * Unknown mac addresses connectd on switch - report (plugins/fusioninventory/report/unknown_mac.php)
        case PLUGIN_FUSIONINVENTORY_MAC_UNKNOWN:
            switch ($table . "." . $field) {
                // ** FusionInventory - switch
                case "glpi_plugin_fusioninventory_networking.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_12.on_device IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_12.on_device IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_13.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
                    // ** FusionInventory - switch port
                // ** FusionInventory - switch port
                case "glpi_plugin_fusioninventory_networking_ports.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR FUSIONINVENTORY_22.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR FUSIONINVENTORY_22.name IS NOT NULL";
                        }
                    }
                    return $link . " (FUSIONINVENTORY_22.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
            }
            break;
            // * Ports date connection - report (plugins/fusioninventory/report/ports_date_connections.php)
        // * Ports date connection - report (plugins/fusioninventory/report/ports_date_connections.php)
        case PLUGIN_FUSIONINVENTORY_SNMP_NETWORKING_PORTS2:
            switch ($table . "." . $field) {
                // ** Name and link of networking device (switch)
                case "glpi_plugin_fusioninventory_networking_ports.ID":
                    break;
                    // ** Name and link of port of networking device (port of switch)
                // ** Name and link of port of networking device (port of switch)
                case "glpi_plugin_fusioninventory_networking_ports.FK_networking_ports":
                    break;
                    // ** Location of switch
                // ** Location of switch
                case "glpi_dropdown_locations.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR glpi_networking.location IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR glpi_networking.location IS NOT NULL";
                        }
                    }
                    if ($val == "0") {
                        return $link . " (glpi_networking.location >= -1 ) ";
                    }
                    return $link . " (glpi_networking.location = '" . $val . "' {$ADD} ) ";
                    break;
                case "glpi_plugin_fusioninventory_networking_ports.lastup":
                    $ADD = "";
                    //$val = str_replace("&lt;",">",$val);
                    //$val = str_replace("\\","",$val);
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.{$field} IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.{$field} IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.{$field} {$val} {$ADD} ) ";
                    break;
            }
            break;
            // * range IP list (plugins/fusioninventory/front/rangeip.php)
        // * range IP list (plugins/fusioninventory/front/rangeip.php)
        case PLUGIN_FUSIONINVENTORY_SNMP_RANGEIP:
            switch ($table . "." . $field) {
                // ** Name of range IP and link to form
                case "glpi_plugin_fusioninventory_rangeip.name":
                    break;
                    // ** Agent name associed to IP range and link to agent form
                // ** Agent name associed to IP range and link to agent form
                case "glpi_plugin_fusioninventory_agents.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.name IS NOT NULL";
                        }
                    }
                    return $link . " ({$table}.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
            }
            switch ($table . "." . $SEARCH_OPTION[$type][$ID]["linkfield"]) {
                case "glpi_plugin_fusioninventory_agents.FK_fusioninventory_agents_query":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.name IS NULL";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.name IS NOT NULL";
                        }
                    }
                    return $link . " (gpta.name  LIKE '%" . $val . "%' {$ADD} ) ";
                    break;
            }
            break;
            // * Detail of ports history (plugins/fusioninventory/report/switch_ports.history.php)
        // * Detail of ports history (plugins/fusioninventory/report/switch_ports.history.php)
        case PLUGIN_FUSIONINVENTORY_SNMP_HISTORY:
            switch ($table . "." . $field) {
                // ** Display switch and Port
                case "glpi_networking_ports.ID":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.ID IS NULL ";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.ID IS NOT NULL ";
                        }
                    }
                    return $link . " ({$table}.ID = '" . $val . "' {$ADD} ) ";
                    break;
                    // ** Display GLPI field of device
                // ** Display GLPI field of device
                case "glpi_plugin_fusioninventory_snmphistories.Field":
                    $ADD = "";
                    if ($nott == "0" && $val == "NULL") {
                        $ADD = " OR {$table}.{$field} IS NULL ";
                    } else {
                        if ($nott == "1" && $val == "NULL") {
                            $ADD = " OR {$table}.{$field} IS NOT NULL ";
                        }
                    }
                    if (!empty($val)) {
                        include GLPI_ROOT . "/plugins/fusioninventory/inc_constants/snmp.mapping.constant.php";
                        $val = $FUSIONINVENTORY_MAPPING[NETWORKING_TYPE][$val]['field'];
                    }
                    return $link . " ({$table}.{$field} = '" . addslashes($val) . "' {$ADD} ) ";
                    break;
            }
    }
    return "";
}
Пример #11
0
}
if (isset($_POST["entity_restrict"]) && !is_numeric($_POST["entity_restrict"]) && !is_array($_POST["entity_restrict"])) {
    $_POST["entity_restrict"] = unserialize(stripslashes($_POST["entity_restrict"]));
}
// Make a select box
$table = getTableForItemType($_POST["idtable"]);
$item = new $_POST["idtable"]();
$where = "";
if ($item->maybeDeleted()) {
    $where .= " AND `{$table}`.`is_deleted` = '0' ";
}
if ($item->maybeTemplate()) {
    $where .= " AND `{$table}`.`is_template` = '0' ";
}
if (strlen($_POST['searchText']) > 0 && $_POST['searchText'] != $CFG_GLPI["ajax_wildcard"]) {
    $where .= " AND (`{$table}`.`name` " . makeTextSearch($_POST['searchText']) . "\n                    OR `{$table}`.`otherserial` " . makeTextSearch($_POST['searchText']) . "\n                    OR `{$table}`.`serial` " . makeTextSearch($_POST['searchText']) . " )";
}
$multi = $item->maybeRecursive();
if (isset($_POST["entity_restrict"]) && !($_POST["entity_restrict"] < 0)) {
    $where .= getEntitiesRestrictRequest(" AND ", $table, '', $_POST["entity_restrict"], $multi);
    if (is_array($_POST["entity_restrict"]) && count($_POST["entity_restrict"]) > 1) {
        $multi = true;
    }
} else {
    $where .= getEntitiesRestrictRequest(" AND ", $table, '', $_SESSION['glpiactiveentities'], $multi);
    if (count($_SESSION['glpiactiveentities']) > 1) {
        $multi = true;
    }
}
$NBMAX = $CFG_GLPI["dropdown_max"];
$LIMIT = "LIMIT 0,{$NBMAX}";
Пример #12
0
 /**
  *Print out list kb item
  *
  * @param $options : $_GET
  * @param $faq display on faq ?
  **/
 static function showList($options, $faq = 0)
 {
     global $DB, $LANG, $CFG_GLPI;
     // Default values of parameters
     $params["start"] = "0";
     $params["knowbaseitemcategories_id"] = "0";
     $params["contains"] = "";
     $params["target"] = $_SERVER['PHP_SELF'];
     if (is_array($options) && count($options)) {
         foreach ($options as $key => $val) {
             $params[$key] = $val;
         }
     }
     // Lists kb Items
     $where = "";
     $order = "";
     $score = "";
     // Build query
     if (getLoginUserID()) {
         $where = getEntitiesRestrictRequest("", "glpi_knowbaseitems", "", "", true) . " AND ";
     } else {
         // Anonymous access
         if (isMultiEntitiesMode()) {
             $where = " (`glpi_knowbaseitems`.`entities_id` = '0'\n                        AND `glpi_knowbaseitems`.`is_recursive` = '1')\n                        AND ";
         }
     }
     if ($faq) {
         // helpdesk
         $where .= " (`glpi_knowbaseitems`.`is_faq` = '1')\n                      AND ";
     }
     // a search with $contains
     if (strlen($params["contains"]) > 0) {
         $search = unclean_cross_side_scripting_deep($params["contains"]);
         $score = " ,MATCH(glpi_knowbaseitems.question, glpi_knowbaseitems.answer)\n                     AGAINST('{$search}' IN BOOLEAN MODE) AS SCORE ";
         $where_1 = $where . " MATCH(glpi_knowbaseitems.question, glpi_knowbaseitems.answer)\n                    AGAINST('{$search}' IN BOOLEAN MODE) ";
         $order = "ORDER BY `SCORE` DESC";
         // preliminar query to allow alternate search if no result with fulltext
         $query_1 = "SELECT COUNT(`id`)\n                     FROM `glpi_knowbaseitems`\n                     WHERE {$where_1}";
         $result_1 = $DB->query($query_1);
         $numrows_1 = $DB->result($result_1, 0, 0);
         if ($numrows_1 <= 0) {
             // not result this fulltext try with alternate search
             $search1 = array('/\\\\"/', "/\\+/", "/\\*/", "/~/", "/</", "/>/", "/\\(/", "/\\)/", "/\\-/");
             $contains = preg_replace($search1, "", $params["contains"]);
             $where .= " (`glpi_knowbaseitems`.`question` " . makeTextSearch($contains) . "\n                         OR `glpi_knowbaseitems`.`answer` " . makeTextSearch($contains) . ")";
         } else {
             $where = $where_1;
         }
     } else {
         // no search -> browse by category
         $where .= " (`glpi_knowbaseitems`.`knowbaseitemcategories_id`\n                        = '" . $params["knowbaseitemcategories_id"] . "')";
         $order = " ORDER BY `glpi_knowbaseitems`.`question` ASC";
     }
     if (!$params["start"]) {
         $params["start"] = 0;
     }
     $query = "SELECT `glpi_knowbaseitems`.*,\n                       `glpi_knowbaseitemcategories`.`completename` AS category\n                       {$score}\n                FROM `glpi_knowbaseitems`\n                LEFT JOIN `glpi_knowbaseitemcategories`\n                     ON (`glpi_knowbaseitemcategories`.`id`\n                           = `glpi_knowbaseitems`.`knowbaseitemcategories_id`)\n                WHERE {$where}\n                {$order}";
     // Get it from database
     if ($result = $DB->query($query)) {
         $KbCategory = new KnowbaseItemCategory();
         $title = "";
         if ($KbCategory->getFromDB($params["knowbaseitemcategories_id"])) {
             $title = $LANG['common'][36] . " = " . (empty($KbCategory->fields['name']) ? "(" . $params['knowbaseitemcategories_id'] . ")" : $KbCategory->fields['name']);
         }
         initNavigateListItems('KnowbaseItem', $title);
         $numrows = $DB->numrows($result);
         $list_limit = $_SESSION['glpilist_limit'];
         // Limit the result, if no limit applies, use prior result
         if ($numrows > $list_limit && !isset($_GET['export_all'])) {
             $query_limit = $query . " LIMIT " . intval($params["start"]) . ", " . intval($list_limit) . " ";
             $result_limit = $DB->query($query_limit);
             $numrows_limit = $DB->numrows($result_limit);
         } else {
             $numrows_limit = $numrows;
             $result_limit = $result;
         }
         if ($numrows_limit > 0) {
             // Set display type for export if define
             $output_type = HTML_OUTPUT;
             if (isset($_GET["display_type"])) {
                 $output_type = $_GET["display_type"];
             }
             // Pager
             $parameters = "start=" . $params["start"] . "&amp;knowbaseitemcategories_id=" . $params['knowbaseitemcategories_id'] . "&amp;contains=" . $params["contains"] . "&amp;is_faq={$faq}";
             if (isset($options['tickets_id'])) {
                 $parameters .= "&amp;tickets_id=" . $options['tickets_id'];
             }
             if ($output_type == HTML_OUTPUT) {
                 printPager($params['start'], $numrows, getItemTypeSearchURL('KnowbaseItem'), $parameters, 'KnowbaseItem');
             }
             $nbcols = 1;
             // Display List Header
             echo Search::showHeader($output_type, $numrows_limit + 1, $nbcols);
             $header_num = 1;
             echo Search::showHeaderItem($output_type, $LANG['knowbase'][14], $header_num);
             if ($output_type != HTML_OUTPUT) {
                 echo Search::showHeaderItem($output_type, $LANG['knowbase'][15], $header_num);
             }
             echo Search::showHeaderItem($output_type, $LANG['common'][36], $header_num);
             if (isset($options['tickets_id']) && $output_type == HTML_OUTPUT) {
                 echo Search::showHeaderItem($output_type, '&nbsp;', $header_num);
             }
             // Num of the row (1=header_line)
             $row_num = 1;
             for ($i = 0; $i < $numrows_limit; $i++) {
                 $data = $DB->fetch_array($result_limit);
                 addToNavigateListItems('KnowbaseItem', $data["id"]);
                 // Column num
                 $item_num = 1;
                 $row_num++;
                 echo Search::showNewLine($output_type, $i % 2);
                 if ($output_type == HTML_OUTPUT) {
                     if (isset($options['tickets_id'])) {
                         $href = " href='#' onClick=\"var w = window.open('" . $CFG_GLPI["root_doc"] . "/front/popup.php?popup=show_kb&amp;id=" . $data['id'] . "' ,'glpipopup', " . "'height=400, width=1000, top=100, left=100, scrollbars=yes' );w.focus();\"";
                     } else {
                         $href = " href=\"" . $params['target'] . "?id=" . $data["id"] . "\" ";
                     }
                     echo Search::showItem($output_type, "<div class='kb'><a " . ($data['is_faq'] ? " class='pubfaq' " : " class='knowbase' ") . " {$href}>" . resume_text($data["question"], 80) . "</a></div>\n                                          <div class='kb_resume'>" . resume_text(html_clean(unclean_cross_side_scripting_deep($data["answer"])), 600) . "</div>", $item_num, $row_num);
                 } else {
                     echo Search::showItem($output_type, $data["question"], $item_num, $row_num);
                     echo Search::showItem($output_type, html_clean(unclean_cross_side_scripting_deep(html_entity_decode($data["answer"], ENT_QUOTES, "UTF-8"))), $item_num, $row_num);
                 }
                 echo Search::showItem($output_type, $data["category"], $item_num, $row_num);
                 if (isset($options['tickets_id']) && $output_type == HTML_OUTPUT) {
                     $content = "<a href='" . $CFG_GLPI['root_doc'] . "/front/ticket.form.php?load_kb_sol=" . $data['id'] . "&amp;id=" . $options['tickets_id'] . "&amp;forcetab=4'>" . $LANG['job'][24] . "</a>";
                     echo Search::showItem($output_type, $content, $item_num, $row_num);
                 }
                 // End Line
                 echo Search::showEndLine($output_type);
             }
             // Display footer
             if ($output_type == PDF_OUTPUT_LANDSCAPE || $output_type == PDF_OUTPUT_PORTRAIT) {
                 echo Search::showFooter($output_type, Dropdown::getDropdownName("glpi_knowbaseitemcategories", $params['knowbaseitemcategories_id']));
             } else {
                 echo Search::showFooter($output_type);
             }
             echo "<br>";
             if ($output_type == HTML_OUTPUT) {
                 printPager($params['start'], $numrows, getItemTypeSearchURL('KnowbaseItem'), $parameters, 'KnowbaseItem');
             }
         } else {
             if ($params["knowbaseitemcategories_id"] != 0) {
                 echo "<div class='center b'>" . $LANG['search'][15] . "</div>";
             }
         }
     }
 }
Пример #13
0
 /**
  * Execute the query to select box with all glpi users where select key = name
  *
  * Internaly used by showGroup_Users, dropdownUsers and ajax/dropdownUsers.php
  *
  * @param $count true if execute an count(*),
  * @param $right limit user who have specific right
  * @param $entity_restrict Restrict to a defined entity
  * @param $value default value
  * @param $used Already used items ID: not to display in dropdown
  * @param $search pattern
  *
  * @return mysql result set.
  **/
 static function getSqlSearchResult($count = true, $right = "all", $entity_restrict = -1, $value = 0, $used = array(), $search = '')
 {
     global $DB, $CFG_GLPI;
     // No entity define : use active ones
     if ($entity_restrict < 0) {
         $entity_restrict = $_SESSION["glpiactiveentities"];
     }
     $joinprofile = false;
     switch ($right) {
         case "interface":
             $where = " `glpi_profiles`.`interface` = 'central' ";
             $joinprofile = true;
             $where .= getEntitiesRestrictRequest("AND", "glpi_profiles_users", '', $entity_restrict, 1);
             break;
         case "id":
             $where = " `glpi_users`.`id` = '" . getLoginUserID() . "' ";
             break;
         case "all":
             $where = " `glpi_users`.`id` > '1' " . getEntitiesRestrictRequest("AND", "glpi_profiles_users", '', $entity_restrict, 1);
             break;
         default:
             $joinprofile = true;
             $where = " (`glpi_profiles`.`" . $right . "`='1' " . getEntitiesRestrictRequest("AND", "glpi_profiles_users", '', $entity_restrict, 1) . " ";
             if (!in_array($right, Profile::$helpdesk_rights)) {
                 $where .= " AND `glpi_profiles`.`interface` = 'central' ";
             }
             $where .= ')';
     }
     $where .= " AND `glpi_users`.`is_deleted` = '0'\n                  AND `glpi_users`.`is_active` = '1' ";
     if (is_numeric($value) && $value || count($used)) {
         $where .= " AND `glpi_users`.`id` NOT IN (";
         if (is_numeric($value)) {
             $first = false;
             $where .= $value;
         } else {
             $first = true;
         }
         foreach ($used as $val) {
             if ($first) {
                 $first = false;
             } else {
                 $where .= ",";
             }
             $where .= $val;
         }
         $where .= ")";
     }
     if ($count) {
         $query = "SELECT COUNT(DISTINCT `glpi_users`.`id` ) AS cpt\n                   FROM `glpi_users` ";
     } else {
         $query = "SELECT DISTINCT `glpi_users`.*\n                   FROM `glpi_users` ";
     }
     $query .= " LEFT JOIN `glpi_profiles_users`\n                     ON (`glpi_users`.`id` = `glpi_profiles_users`.`users_id`)";
     if ($joinprofile) {
         $query .= " LEFT JOIN `glpi_profiles`\n                        ON (`glpi_profiles`.`id` = `glpi_profiles_users`.`profiles_id`) ";
     }
     if ($count) {
         $query .= " WHERE {$where} ";
     } else {
         if (strlen($search) > 0 && $search != $CFG_GLPI["ajax_wildcard"]) {
             $where .= " AND (`glpi_users`.`name` " . makeTextSearch($search) . "\n                             OR `glpi_users`.`realname` " . makeTextSearch($search) . "\n                             OR `glpi_users`.`firstname` " . makeTextSearch($search) . "\n                             OR `glpi_users`.`phone` " . makeTextSearch($search) . "\n                             OR `glpi_users`.`email` " . makeTextSearch($search) . "\n                             OR CONCAT(`glpi_users`.`realname`,' ',`glpi_users`.`firstname`) " . makeTextSearch($search) . ")";
         }
         $query .= " WHERE {$where} ";
         if ($_SESSION["glpinames_format"] == FIRSTNAME_BEFORE) {
             $query .= " ORDER BY `glpi_users`.`firstname`,\n                               `glpi_users`.`realname`,\n                               `glpi_users`.`name` ";
         } else {
             $query .= " ORDER BY `glpi_users`.`realname`,\n                               `glpi_users`.`firstname`,\n                               `glpi_users`.`name` ";
         }
         if ($search != $CFG_GLPI["ajax_wildcard"]) {
             $query .= " LIMIT 0," . $CFG_GLPI["dropdown_max"];
         }
     }
     return $DB->query($query);
 }