public function getFilteredDepartmentList($AppUI = null, $deptType = -1, $searchString = '', $ownerId = 0, $orderby = 'dept_name', $orderdir = 'ASC')
{
$orderby = in_array($orderby, array('dept_name', 'dept_type', 'countp', 'inactive')) ? $orderby : 'dept_name';
$q = $this->_getQuery();
$q->addTable('departments');
$q->addQuery('departments.*, COUNT(ct.contact_department) dept_users, count(distinct p.project_id) as countp, count(distinct p2.project_id) as inactive, con.contact_first_name, con.contact_last_name');
$q->addJoin('companies', 'c', 'c.company_id = departments.dept_company');
$q->addJoin('project_departments', 'pd', 'pd.department_id = dept_id');
$q->addJoin('projects', 'p', 'pd.project_id = p.project_id AND p.project_active = 1');
$q->leftJoin('users', 'u', 'dept_owner = u.user_id');
$q->leftJoin('contacts', 'con', 'u.user_contact = con.contact_id');
$q->addJoin('projects', 'p2', 'pd.project_id = p2.project_id AND p2.project_active = 0');
$q->addJoin('contacts', 'ct', 'ct.contact_department = dept_id');
$q->addGroup('dept_id');
$q->addOrder('dept_parent, dept_name');
$oCpy = new CCompany();
$oCpy->overrideDatabase($this->_query);
$where = $oCpy->getAllowedSQL($this->_AppUI->user_id, 'c.company_id');
$q->addWhere($where);
if ($deptType > -1) {
$q->addWhere('dept_type = ' . (int) $deptType);
}
if ($searchString != '') {
$q->addWhere("dept_name LIKE '%{$searchString}%'");
}
if ($ownerId > 0) {
$q->addWhere('dept_owner = ' . $ownerId);
}
$q->addGroup('dept_id');
$q->addOrder($orderby . ' ' . $orderdir);
return $q->loadList();
}
function getAllowedCompanies()
{
global $AppUI;
require_once $AppUI->getModuleClass('companies');
$company = new CCompany();
$allowedCompanies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
//$allowedCompanies = arrayMerge( array( '0'=>'' ), $allowedCompanies );
return $allowedCompanies;
}
protected function _createCompanySelection($AppUI, $companyInput)
{
$company = new CCompany();
$companyMatches = $company->getCompanyList($AppUI, -1, $companyInput);
$company_id = count($companyMatches) == 1 ? $companyMatches[0]['company_id'] : $AppUI->user_company;
$companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => ''), $companies);
$output .= '<td>' . arraySelect($companies, 'company_id', ' onChange=this.form.new_company.value=\'\'', $company_id) . '<input type="text" name="new_company" value="' . ($company_id > 0 ? '' : $companyInput) . '" />';
if ($company_id == 0) {
$output .= '<br /><em>' . $AppUI->_('compinfo') . '</em>';
}
$output .= '</td></tr>';
return $output;
}
public function getContactUpdateNotify(w2p_Core_CAppUI $AppUI = null, CContact $contact)
{
$this->_AppUI = !is_null($AppUI) ? $AppUI : $this->_AppUI;
$company = new CCompany();
$company->load($contact->contact_company);
$contact->company_name = $company->company_name;
$contact->user_display_name = $this->_AppUI->user_display_name;
$body = "Dear contact_title contact_display_name,";
$body .= "\n\nIt was very nice to visit you";
$body .= $contact->contact_company ? " and company_name." : ".";
$body .= " Thank you for all the time that you spent with me.";
$body .= "\n\nI have entered the data from your business card into my contact database so that we may keep in touch.";
$body .= " We have implemented a system which allows you to view the information that I've recorded and give you the opportunity to correct it or add information as you see fit. Please click on this link to view what I've recorded:";
$body .= "\n\n" . W2P_BASE_URL . "/updatecontact.php?updatekey=contact_updatekey";
$body .= "\n\nI assure you that the information will be held in strict confidence and will not be available to anyone other than me. I realize that you may not feel comfortable filling out the entire form so please supply only what you're comfortable with.";
$body .= "\n\nThank you. I look forward to seeing you again, soon.";
$body .= "\n\nBest Regards,\nuser_display_name";
return $this->templater->render($body, $contact);
}
}
$AppUI->savePlace();
w2PsetMicroTime();
// retrieve any state parameters
if (isset($_REQUEST['company_id'])) {
$AppUI->setState('CalIdxCompany', intval(w2PgetParam($_REQUEST, 'company_id', 0)));
}
$company_id = $AppUI->getState('CalIdxCompany', 0);
// Using simplified set/get semantics. Doesn't need as much code in the module.
$event_filter = $AppUI->checkPrefState('CalIdxFilter', w2PgetParam($_REQUEST, 'event_filter', 'my'), 'EVENTFILTER', 'my');
// get the passed timestamp (today if none)
$ctoday = new w2p_Utilities_Date();
$today = $ctoday->format(FMT_TIMESTAMP_DATE);
$date = w2PgetParam($_GET, 'date', $today);
// get the list of visible companies
$company = new CCompany();
$companies = $company->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => $AppUI->_('All')), $companies);
// setup the title block
$titleBlock = new CTitleBlock('Monthly Calendar', 'myevo-appointments.png', $m, $m . '.' . $a);
$titleBlock->addCrumb('?m=calendar&a=year_view&date=' . $date, 'year view');
$titleBlock->addCrumb('?m=calendar&date=' . $date, 'month view');
$titleBlock->addCrumb('?m=calendar&a=week_view&date=' . $date, 'week view');
$titleBlock->addCrumb('?m=calendar&a=day_view&date=' . $date, 'day view');
$titleBlock->addCell($AppUI->_('Company') . ':');
$titleBlock->addCell(arraySelect($companies, 'company_id', 'onChange="document.pickCompany.submit()" class="text"', $company_id), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickCompany" accept-charset="utf-8">', '</form>');
$titleBlock->addCell($AppUI->_('Event Filter') . ':');
$titleBlock->addCell(arraySelect($event_filter_list, 'event_filter', 'onChange="document.pickFilter.submit()" class="text"', $event_filter, true), '', '<form action="' . $_SERVER['REQUEST_URI'] . '" method="post" name="pickFilter" accept-charset="utf-8">', '</form>');
$titleBlock->show();
?>
<?php
/* $Id: vw_contacts.php 1516 2010-12-05 07:18:58Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/trunk/modules/companies/vw_contacts.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
##
## Companies: View User sub-table
##
global $AppUI, $company;
$contacts = CCompany::getContacts($AppUI, $company->company_id);
?>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl"><?php
if (count($contacts) > 0) {
?>
<tr>
<th><?php
echo $AppUI->_('Name');
?>
</th>
<th><?php
echo $AppUI->_('Job Title');
?>
</th>
<th><?php
echo $AppUI->_('e-mail');
?>
</th>
<th><?php
echo $AppUI->_('Phone');
?>
/* COMPANIES $Id: vw_companies.php 4800 2007-03-06 00:34:46Z merlinyoda $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
global $search_string;
global $owner_filter_id;
global $currentTabId;
global $currentTabName;
global $tabbed;
global $type_filter;
global $orderby;
global $orderdir;
// load the company types
$types = dPgetSysVal('CompanyType');
// get any records denied from viewing
$obj = new CCompany();
$allowedCompanies = $obj->getAllowedRecords($AppUI->user_id, 'company_id, company_name');
$company_type_filter = $currentTabId;
//Not Defined
$companiesType = true;
if ($currentTabName == "All Companies") {
$companiesType = false;
}
if ($currentTabName == "Not Applicable") {
$company_type_filter = 0;
}
// retrieve list of records
$q = new DBQuery();
$q->addTable('companies', 'c');
$q->addQuery('c.company_id, c.company_name, c.company_type, c.company_description, count(distinct p.project_id) as countp, count(distinct p2.project_id) as inactive, con.contact_first_name, con.contact_last_name');
$q->addJoin('projects', 'p', 'c.company_id = p.project_company AND p.project_status <> 7');
// This should now work on company ID, but we need to be able to handle both
$q->addTable('contacts', 'a');
$q->leftJoin('companies', 'b', 'company_id = contact_company');
$q->leftJoin('departments', 'c', 'dept_id = contact_department');
$q->addQuery('contact_id, contact_first_name, contact_last_name, contact_company, contact_department');
$q->addQuery('company_name');
$q->addQuery('dept_name');
if ($where) {
// Don't assume where is set. Change needed to fix Mantis Bug 0002056
$q->addWhere($where);
}
if ($where_dept) {
// Don't assume where is set. Change needed to fix Mantis Bug 0002056
$q->addWhere($where_dept);
}
$oCpy = new CCompany();
$aCpies = $oCpy->getAllowedRecords($AppUI->user_id, 'company_id, company_name', 'company_name');
$where = $oCpy->getAllowedSQL($AppUI->user_id, 'contact_company');
$q->addWhere($where);
$oDpt = new CDepartment();
$where = $oDpt->getAllowedSQL($AppUI->user_id, 'contact_department');
$q->addWhere($where);
$q->addWhere('(contact_owner = ' . (int) $AppUI->user_id . ' OR contact_private = 0)');
$q->addOrder('company_name, contact_company, dept_name, contact_department, contact_last_name');
// May need to review this.
$contacts = $q->loadHashList('contact_id');
?>
<form action="index.php?m=public&a=contact_selector&dialog=1&<?php
if (!is_null($call_back)) {
echo 'call_back=' . $call_back . '&';
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$project_id = intval(dPgetParam($_GET, "project_id", 0));
$company_id = intval(dPgetParam($_GET, "company_id", 0));
$company_internal_id = intval(dPgetParam($_GET, "company_internal_id", 0));
$contact_id = intval(dPgetParam($_GET, "contact_id", 0));
// check permissions for this record
$canEdit = getPermission($m, 'edit', $project_id);
$canAuthor = getPermission($m, 'add', $project_id);
if (!($canEdit && $project_id || $canAuthor && !$project_id)) {
$AppUI->redirect('m=public&a=access_denied');
}
// get a list of permitted companies
require_once $AppUI->getModuleClass('companies');
$row = new CCompany();
$companies = $row->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$companies = arrayMerge(array('0' => ''), $companies);
// get internal companies
// 6 is standard value for internal companies
$companies_internal = $row->listCompaniesByType(array('6'));
$companies_internal = arrayMerge(array('0' => ''), $companies_internal);
// pull users
$q = new DBQuery();
$q->addTable('users', 'u');
$q->addTable('contacts', 'con');
$q->addQuery('user_id');
$q->addQuery('CONCAT_WS(", ",contact_last_name,contact_first_name)');
$q->addOrder('contact_last_name');
$q->addWhere('u.user_contact = con.contact_id');
$users = $q->loadHashList();
/**
* Overload of the dpObject::getDeniedRecords
* to ensure that the projects owned by denied companies are denied.
*
* @author handco <*****@*****.**>
* @see dpObject::getAllowedRecords
*/
function getDeniedRecords($uid)
{
$aBuf1 = parent::getDeniedRecords($uid);
$oCpy = new CCompany();
// Retrieve which projects are allowed due to the company rules
$aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name');
$q = new DBQuery();
$q->addTable('projects');
$q->addQuery('project_id');
if (count($aCpiesAllowed)) {
$q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))');
}
$sql = $q->prepare();
$q->clear();
$aBuf2 = db_loadColumn($sql);
return array_merge($aBuf1, $aBuf2);
}
//If a department is specified, we want to display projects from the department, and all departments under that, so we need to build that list of departments
$dept_ids = array();
$q->addTable('departments');
$q->addQuery('dept_id, dept_parent');
$q->addOrder('dept_parent,dept_name');
$rows = $q->loadList();
addDeptId($rows, $department);
$dept_ids[] = $department;
}
$q->clear();
// retrieve list of records
// modified for speed
// by Pablo Roca (pabloroca@mvps.org)
// 16 August 2003
// get the list of permitted companies
$obj = new CCompany();
$companies = $obj->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
if (count($companies) == 0) {
$companies = array(0);
}
$sql = "\nSELECT\n\tprojects.project_id, project_active, project_status,\n\tproject_color_identifier, project_name, project_description,\n\tproject_start_date, project_end_date, project_color_identifier,\n\tproject_company, company_name, project_status, project_priority, project_short_name,\n tasks_critical.critical_task, tasks_critical.project_actual_end_date,\n tasks_problems.task_log_problem,\n\ttasks_sum.total_tasks,\n\ttasks_summy.my_tasks,\n\ttasks_sum.project_percent_complete,\n\tuser_username\nFROM projects\nLEFT JOIN companies ON projects.project_company = company_id\nLEFT JOIN users ON projects.project_owner = users.user_id\nLEFT JOIN tasks_critical ON projects.project_id = tasks_critical.task_project\nLEFT JOIN tasks_problems ON projects.project_id = tasks_problems.task_project\nLEFT JOIN tasks_sum ON projects.project_id = tasks_sum.task_project\nLEFT JOIN tasks_summy ON projects.project_id = tasks_summy.task_project" . (isset($department) ? "\nLEFT JOIN project_departments ON project_departments.project_id = projects.project_id" : '') . "\nWHERE 1 = 1" . (count($deny) > 0 ? "\nAND projects.project_id NOT IN (" . implode(',', $deny) . ')' : '') . (!isset($department) && $company_id ? "\nAND projects.project_company = '{$company_id}'" : "\nAND projects.project_company IN (" . implode(',', array_keys($companies)) . ")") . (isset($department) ? "\nAND project_departments.department_id in ( " . implode(',', $dept_ids) . " )" : '') . ($alias_string != '' ? "\nAND projects.project_short_name LIKE '%" . $alias_string . "%'" : '') . "\n\nGROUP BY projects.project_id\nORDER BY {$orderby} {$orderdir}\t\n";
global $projects;
$q->addTable('projects');
$q->addQuery('projects.project_id, project_active, project_status, project_color_identifier, project_name, project_description,
project_start_date, project_end_date, project_color_identifier, project_company, company_name, project_status, project_short_name,
project_priority, tc.critical_task, tc.project_actual_end_date, tp.task_log_problem, ts.total_tasks, tsy.my_tasks,
ts.project_percent_complete, user_username');
$q->addJoin('companies', 'com', 'projects.project_company = company_id');
$q->addJoin('users', 'u', 'projects.project_owner = u.user_id');
$q->addJoin('tasks_critical', 'tc', 'projects.project_id = tc.task_project');
$q->addJoin('tasks_problems', 'tp', 'projects.project_id = tp.task_project');
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$tab = $AppUI->processIntState('CompanyIdxTab', $_GET, 'tab', 0);
if (isset($_GET['orderby'])) {
$orderdir = $AppUI->getState('CompIdxOrderDir') ? $AppUI->getState('CompIdxOrderDir') == 'asc' ? 'desc' : 'asc' : 'desc';
$AppUI->setState('CompIdxOrderBy', w2PgetParam($_GET, 'orderby', null));
$AppUI->setState('CompIdxOrderDir', $orderdir);
}
$orderby = $AppUI->getState('CompIdxOrderBy') ? $AppUI->getState('CompIdxOrderBy') : 'company_name';
$orderdir = $AppUI->getState('CompIdxOrderDir') ? $AppUI->getState('CompIdxOrderDir') : 'asc';
$owner_filter_id = $AppUI->processIntState('owner_filter_id', $_POST, 'owner_filter_id', 0);
$search_string = w2PgetParam($_POST, 'search_string', '');
$search_string = w2PformSafe($search_string, true);
$company = new CCompany();
$canCreate = $company->canCreate();
$perms =& $AppUI->acl();
$baseArray = array(0 => $AppUI->_('All', UI_OUTPUT_RAW));
$allowedArray = $perms->getPermittedUsers('companies');
$owner_list = is_array($allowedArray) ? $baseArray + $allowedArray : $baseArray;
// setup the title block
$titleBlock = new w2p_Theme_TitleBlock('Companies', 'icon.png', $m);
$titleBlock->addSearchCell($search_string);
$titleBlock->addFilterCell('Owner', 'owner_filter_id', $owner_list, $owner_filter_id);
if ($canCreate) {
$titleBlock->addButton('new company', '?m=companies&a=addedit');
}
$titleBlock->show();
// load the company types
$companyTypes = w2PgetSysVal('CompanyType');
<?php
/* COMPANIES $Id: do_company_aed.php 5872 2009-04-25 00:09:56Z merlinyoda $ */
if (!defined('DP_BASE_DIR')) {
die('You should not access this file directly.');
}
$del = dPgetParam($_POST, 'del', 0);
$obj = new CCompany();
$msg = '';
if (!$obj->bind($_POST)) {
$AppUI->setMsg($obj->getError(), UI_MSG_ERROR);
$AppUI->redirect();
}
require_once $AppUI->getSystemClass('CustomFields');
// prepare (and translate) the module name ready for the suffix
$AppUI->setMsg('Company');
if ($del) {
if (!$obj->canDelete($msg)) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
}
if ($msg = $obj->delete()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
$AppUI->redirect();
} else {
$AppUI->setMsg('deleted', UI_MSG_ALERT, true);
$AppUI->redirect('m=companies');
}
} else {
if ($msg = $obj->store()) {
$AppUI->setMsg($msg, UI_MSG_ERROR);
function w2PgetUsersHashList($stub = null, $where = null, $orderby = 'contact_first_name, contact_last_name')
{
global $AppUI;
$q = new DBQuery();
$q->addTable('users');
$q->addQuery('DISTINCT(user_id), user_username, contact_last_name, contact_first_name,
contact_email, company_name, contact_company, dept_id, dept_name, CONCAT(contact_first_name,\' \',contact_last_name) contact_name, user_type');
$q->addJoin('contacts', 'con', 'contact_id = user_contact', 'inner');
if ($stub) {
$q->addWhere('(UPPER(user_username) LIKE \'' . $stub . '%\' or UPPER(contact_first_name) LIKE \'' . $stub . '%\' OR UPPER(contact_last_name) LIKE \'' . $stub . '%\')');
} elseif ($where) {
$where = $q->quote('%' . $where . '%');
$q->addWhere('(UPPER(user_username) LIKE ' . $where . ' OR UPPER(contact_first_name) LIKE ' . $where . ' OR UPPER(contact_last_name) LIKE ' . $where . ')');
}
$q->addGroup('user_id');
$q->addOrder($orderby);
// get CCompany() to filter by company
$obj = new CCompany();
$companies = $obj->getAllowedSQL($AppUI->user_id, 'company_id');
$q->addJoin('companies', 'com', 'company_id = contact_company');
if ($companies) {
$q->addWhere('(' . implode(' OR ', $companies) . ' OR contact_company=\'\' OR contact_company IS NULL OR contact_company = 0)');
}
$dpt = new CDepartment();
$depts = $dpt->getAllowedSQL($AppUI->user_id, 'dept_id');
$q->addJoin('departments', 'dep', 'dept_id = contact_department');
if ($depts) {
$q->addWhere('(' . implode(' OR ', $depts) . ' OR contact_department=0)');
}
return $q->loadHashList('user_id');
}
if (!$department && $dept_id > 0) {
$titleBlock = new CTitleBlock('Invalid Department ID', 'departments.png', $m, $m . '.' . $a);
$titleBlock->addCrumb('?m=companies', 'companies list');
if ($company_id) {
$titleBlock->addCrumb('?m=companies&a=view&company_id=' . $company_id, 'view this company');
}
$titleBlock->show();
} else {
$company_id = $dept_id ? $department->dept_company : $company_id;
if (!$dept_id && $department->company_name === null) {
$AppUI->setMsg('badCompany', UI_MSG_ERROR);
$AppUI->redirect();
}
// collect all the departments in the company
if ($company_id) {
$company = new CCompany();
$company->loadFull($AppUI, $company_id);
$companyName = $company->company_name;
$depts = $department->loadOtherDepts($AppUI, $company_id, 0);
$depts = arrayMerge(array('0' => '- ' . $AppUI->_('Select Department') . ' -'), $depts);
}
// setup the title block
$ttl = $dept_id > 0 ? 'Edit Department' : 'Add Department';
$titleBlock = new CTitleBlock($ttl, 'departments.png', $m, $m . '.' . $a);
$titleBlock->addCrumb('?m=departments', 'department list');
$titleBlock->addCrumb('?m=companies', 'companies list');
$titleBlock->addCrumb('?m=companies&a=view&company_id=' . $company_id, 'view this company');
$titleBlock->addCrumb('?m=departments&a=view&dept_id=' . $dept_id, 'view this department');
$titleBlock->show();
?>
<script language="javascript" type="text/javascript">
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$company_id = (int) w2PgetParam($_GET, 'company_id', 0);
// check permissions for this record
$perms =& $AppUI->acl();
$canRead = $perms->checkModuleItem($m, 'view', $company_id);
if (!$canRead) {
$AppUI->redirect('m=public&a=access_denied');
}
$canAdd = $perms->checkModuleItem($m, 'add');
$canEdit = $perms->checkModuleItem($m, 'edit', $company_id);
$canDelete = $perms->checkModuleItem($m, 'delete', $company_id);
$tab = $AppUI->processIntState('CompVwTab', $_GET, 'tab', 0);
$company = new CCompany();
$company->loadFull($AppUI, $company_id);
// check if this record has dependencies to prevent deletion
$msg = '';
$deletable = $company->canDelete($msg, $company_id);
// load the record data
if (!$company) {
$AppUI->setMsg('Company');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect();
} else {
$AppUI->savePlace();
}
// setup the title block
$titleBlock = new CTitleBlock('View Company', 'handshake.png', $m, "{$m}.{$a}");
$titleBlock->addCell();
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$table_name = w2PgetParam($_GET, 'table_name', 'companies');
$company_id = (int) w2PgetParam($_GET, 'company_id', 0);
$dept_id = (int) w2PgetParam($_GET, 'dept_id', 0);
$select_list = array();
switch ($table_name) {
case 'companies':
$id_field = 'company_id';
$name_field = 'company_name';
$selection_string = 'Company';
$dataId = $company_id;
$company = new CCompany();
$companyList = $company->getCompanyList();
foreach ($companyList as $comp) {
$select_list[$comp['company_id']] = $comp['company_name'];
}
break;
case 'departments':
$id_field = 'dept_id';
$name_field = 'dept_name';
$selection_string = 'Department';
$dataId = $dept_id;
$deptList = CDepartment::getDepartmentList(null, $company_id, null);
foreach ($deptList as $dept) {
$select_list[$dept['dept_id']] = $dept['dept_name'];
}
break;
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
##
## Companies: View Projects sub-table
##
global $AppUI, $company_id, $pstatus, $w2Pconfig;
$sort = w2PgetParam($_GET, 'sort', 'project_name');
if ($sort == 'project_priority') {
$sort .= ' DESC';
}
$df = $AppUI->getPref('SHDATEFORMAT');
$projects = CCompany::getProjects($AppUI, $company_id, 1, $sort);
?>
<table cellpadding="2" cellspacing="1" border="0" width="100%" class="tbl"><?php
if (count($projects) > 0) {
?>
<tr>
<th><a href="index.php?m=companies&a=view&company_id=<?php
echo $company_id;
?>
&sort=project_priority"><?php
echo $AppUI->_('P');
?>
</a></th>
<th><a href="index.php?m=companies&a=view&company_id=<?php
echo $company_id;
?>
$canAccess_folders = getPermission('file_folders', 'access');
$canRead_folders = getPermission('file_folders', 'view');
$canEdit_folders = getPermission('file_folders', 'edit');
$canAuthor_folders = getPermission('file_folders', 'add');
$canDelete_folders = getPermission('file_folders', 'delete');
// load the following classes to retrieved denied records
include_once $AppUI->getModuleClass('projects');
include_once $AppUI->getModuleClass('tasks');
if (!isset($project_id)) {
$project_id = dPgetParam($_REQUEST, 'project_id', 0);
}
if (!$project_id) {
$showProject = true;
}
global $allowedCompanies, $allowedProjects, $allowedTasks, $allowedFolders;
$company = new CCompany();
$allowedCompanies = $company->getAllowedSQL($AppUI->user_id, 'co.company_id');
$project = new CProject();
$allowedProjects = $project->getAllowedSQL($AppUI->user_id, 'f.file_project');
$task = new CTask();
$allowedTasks = $task->getAllowedSQL($AppUI->user_id, 'f.file_task');
$cfObj = new CFileFolder();
$allowedFolderIDs = $cfObj->getAllowedSQL($AppUI->user_id, 'ff.file_folder_id');
$allowedFolders = $cfObj->getAllowedSQL($AppUI->user_id, 'f.file_folder');
// $parent_id is the parent of the children we want to see
// $level is increased when we go deeper into the tree, used to display a nice indented tree
function displayFolders($folder_id = 0, $level = 0)
{
global $AppUI, $m, $a, $tab;
global $current_uri;
global $canAccess_folders, $canRead_folders, $canEdit_folders;
</th>
<th><?php
echo $AppUI->_('Status');
?>
</th>
</tr>
<?php
//while ($line = mysql_fetch_array($res, MYSQL_ASSOC)) {
$s = '';
foreach ($st_projects_arr as $project) {
$line = $project[0];
$level = $project[1];
if ($line['project_id']) {
$s_project = new CProject();
$s_project->load($line['project_id']);
$s_company = new CCompany();
$s_company->load($s_project->project_company);
$start_date = intval($s_project->project_start_date) ? new CDate($s_project->project_start_date) : null;
$end_date = intval($s_project->project_end_date) ? new CDate($s_project->project_end_date) : null;
$actual_end_date = intval($s_project->project_actual_end_date) ? new CDate($s_project->project_actual_end_date) : null;
$style = $actual_end_date > $end_date && !empty($end_date) ? 'style="color:red; font-weight:bold"' : '';
$x++;
$row_class = $x % 2 ? 'style="background:#fff;"' : 'style="background:#f0f0f0;"';
$row_classr = $x % 2 ? 'style="background:#fff;text-align:right;"' : 'style="background:#f0f0f0;text-align:right;"';
$s .= '<tr><td ' . $row_class . ' align="center"><a href="./index.php?m=projects&a=addedit&project_id=' . $line['project_id'] . '"><img src="' . w2PfindImage('icons/' . ($project_id == $line['project_id'] ? 'pin' : 'pencil') . '.gif') . '" border=0 /></b></a></td>';
$s .= '<td ' . $row_classr . ' nowrap="nowrap">' . $line['project_id'] . '</td>';
if ($level) {
$sd = str_repeat(' ', $level - 1) . w2PshowImage('corner-dots.gif', 16, 12) . ' ' . '<a href="./index.php?m=projects&a=view&project_id=' . $line['project_id'] . '">' . $line['project_name'] . '</a>';
} else {
$sd = '<a href="./index.php?m=projects&a=view&project_id=' . $line['project_id'] . '">' . $line['project_name'] . '</a>';
}
/**
* Overload of the w2PObject::getDeniedRecords
* to ensure that the projects owned by denied companies are denied.
*
* @author handco <*****@*****.**>
* @see w2PObject::getAllowedRecords
*/
public function getDeniedRecords($uid)
{
$aBuf1 = parent::getDeniedRecords($uid);
$oCpy = new CCompany();
// Retrieve which projects are allowed due to the company rules
$aCpiesAllowed = $oCpy->getAllowedRecords($uid, 'company_id,company_name');
//Department permissions
$oDpt = new CDepartment();
$aDptsAllowed = $oDpt->getAllowedRecords($uid, 'dept_id,dept_name');
$q = $this->_query;
$q->addTable('projects');
$q->addQuery('projects.project_id');
$q->addJoin('project_departments', 'pd', 'pd.project_id = projects.project_id');
if (count($aCpiesAllowed)) {
if (array_search('0', $aCpiesAllowed) === false) {
//If 0 (All Items of a module) are not permited then just add the allowed items only
$q->addWhere('NOT (project_company IN (' . implode(',', array_keys($aCpiesAllowed)) . '))');
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
}
} else {
//if the user is not allowed any company then lets shut him off
$q->addWhere('0=1');
}
if (count($aDptsAllowed)) {
if (array_search('0', $aDptsAllowed) === false) {
//If 0 (All Items of a module) are not permited then just add the allowed items only
$q->addWhere('NOT (department_id IN (' . implode(',', array_keys($aDptsAllowed)) . '))');
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
$q->addWhere('NOT (department_id IS NULL)');
}
} else {
//If 0 (All Items of a module) are permited then don't add a where clause so the user is permitted to see all
$q->addWhere('NOT (department_id IS NULL)');
}
$aBuf2 = $q->loadColumn();
$q->clear();
return array_merge($aBuf1, $aBuf2);
}
function getStructuredProjects($original_project_id = 0, $project_status = -1, $active_only = false)
{
global $AppUI, $st_projects_arr;
$st_projects = array(0 => '');
$q = new w2p_Database_Query();
$q->addTable('projects');
$q->addJoin('companies', '', 'projects.project_company = company_id', 'inner');
$q->addQuery('DISTINCT(projects.project_id), project_name, project_parent');
if ($original_project_id) {
$q->addWhere('project_original_parent = ' . (int) $original_project_id);
}
if ($project_status >= 0) {
$q->addWhere('project_status = ' . (int) $project_status);
}
if ($active_only) {
$q->addWhere('project_active = 1');
}
$q->addOrder('project_start_date, project_end_date');
$obj = new CCompany();
$obj->setAllowedSQL($AppUI->user_id, $q);
$dpt = new CDepartment();
$dpt->setAllowedSQL($AppUI->user_id, $q);
$q->leftJoin('project_departments', 'pd', 'pd.project_id = projects.project_id');
$q->leftJoin('departments', 'd', 'd.dept_id = pd.department_id');
$st_projects = $q->loadList();
$tnums = count($st_projects);
for ($i = 0; $i < $tnums; $i++) {
$st_project = $st_projects[$i];
if ($st_project['project_parent'] == $st_project['project_id']) {
show_st_project($st_project);
find_proj_child($st_projects, $st_project['project_id']);
}
}
}
$page = dPgetParam($_GET, "page", 1);
if (!isset($project_id)) {
$project_id = dPgetParam($_REQUEST, 'project_id', 0);
}
if (!$project_id) {
$showProject = true;
}
// get company to filter files by
//if (isset( $_POST['company_id'] )) {
// $AppUI->setState( 'FileIdxCompany', intval( $_POST['company_id'] ) );
//}
//$company_id = $AppUI->getState( 'FileIdxCompany' ) !== NULL ? $AppUI->getState( 'FileIdxCompany' ) : $AppUI->user_company;
if (!isset($company_id)) {
$company_id = dPgetParam($_REQUEST, 'company_id', 0);
}
$obj = new CCompany();
$allowed_companies_ary = $obj->getAllowedRecords($AppUI->user_id, 'company_id,company_name', 'company_name');
$allowed_companies = implode(",", array_keys($allowed_companies_ary));
if (!isset($task_id)) {
$task_id = dPgetParam($_REQUEST, 'task_id', 0);
}
global $xpg_min, $xpg_pagesize;
$xpg_pagesize = 30;
$xpg_min = $xpg_pagesize * ($page - 1);
// This is where we start our record set from
// load the following classes to retrieved denied records
include_once $AppUI->getModuleClass('projects');
include_once $AppUI->getModuleClass('tasks');
$project = new CProject();
$deny1 = $project->getDeniedRecords($AppUI->user_id);
$task = new CTask();
<?php
/* $Id$ $URL$ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
##
## Companies: View User sub-table
##
global $AppUI, $company_id;
$userList = CCompany::getUsers($AppUI, $company_id);
if (count($userList) > 0) {
?>
<table width="100%" border="0" cellpadding="2" cellspacing="1" class="tbl">
<tr>
<th><?php
echo $AppUI->_('Username');
?>
</td>
<th><?php
echo $AppUI->_('Name');
?>
</td>
</tr>
<?php
$s = '';
foreach ($userList as $user) {
$s .= '<tr><td>';
$s .= '<a href="./index.php?m=admin&a=viewuser&user_id=' . $user['user_id'] . '">' . $user['user_username'] . '</a>';
$s .= '<td>' . $user['contact_first_name'] . ' ' . $user['contact_last_name'] . '</td>';
$s .= '</tr>';
/**
* Calculate the extent of utilization of user assignments
* @param string hash a hash for the returned hashList
* @param array users an array of user_ids calculating their assignment capacity
* @return array returns hashList of extent of utilization for assignment of the users
*/
public function getAllocation($hash = null, $users = null, $get_user_list = false)
{
/*
* TODO: The core of this function has been simplified to always return 100%
* free capacity available. The allocation checking (aka resource
* management) is a complex subject which is currently not even close to be
* handled properly.
*/
global $AppUI;
if (!w2PgetConfig('check_overallocation', false)) {
if ($get_user_list) {
$users_list = w2PgetUsersHashList();
foreach ($users_list as $key => $user) {
$users_list[$key]['userFC'] = $user['contact_name'];
}
$hash = $users_list;
} else {
$hash = array();
}
} else {
$q = new w2p_Database_Query();
// retrieve the systemwide default preference for the assignment maximum
$q->addTable('user_preferences');
$q->addQuery('pref_value');
$q->addWhere('pref_user = 0 AND pref_name = \'' . TASKASSIGNMAX . '\'');
$sysChargeMax = $q->loadHash();
$q->clear();
if (!$sysChargeMax) {
$scm = 0;
} else {
$scm = $sysChargeMax['pref_value'];
}
/*
* provide actual assignment charge, individual chargeMax
* and freeCapacity of users' assignments to tasks
*/
$q->addTable('users', 'u');
$q->addJoin('contacts', 'c', 'c.contact_id = u.user_contact', 'inner');
$q->leftJoin('user_tasks', 'ut', 'ut.user_id = u.user_id');
$q->leftJoin('user_preferences', 'up', 'up.pref_user = u.user_id');
$q->addWhere("up.pref_name = 'TASKASSIGNMAX'");
$q->addQuery('u.user_id, CONCAT(CONCAT_WS(\' [\', CONCAT_WS(\' \', contact_first_name, contact_last_name), IF(IFNULL((IFNULL(up.pref_value, ' . $scm . ') - SUM(ut.perc_assignment)), up.pref_value) > 0, IFNULL((IFNULL(up.pref_value, ' . $scm . ') - SUM(ut.perc_assignment)), up.pref_value), 0)), \'%]\') AS userFC, IFNULL(SUM(ut.perc_assignment), 0) AS charge');
$q->addQuery('u.user_username, IFNULL(up.pref_value,' . $scm . ') AS chargeMax');
$q->addQuery('IFNULL(up.pref_value, ' . $scm . ') AS freeCapacity');
if (!empty($users)) {
// use userlist if available otherwise pull data for all users
$q->addWhere('u.user_id IN (' . implode(',', $users) . ')');
}
$q->addGroup('u.user_id');
$q->addOrder('contact_first_name, contact_last_name');
// get CCompany() to filter by company
$obj = new CCompany();
$companies = $obj->getAllowedSQL($AppUI->user_id, 'company_id');
$q->addJoin('companies', 'com', 'company_id = contact_company');
if ($companies) {
$q->addWhere('(' . implode(' OR ', $companies) . ' OR contact_company=\'\' OR contact_company IS NULL OR contact_company = 0)');
}
$dpt = new CDepartment();
$depts = $dpt->getAllowedSQL($AppUI->user_id, 'dept_id');
$q->addJoin('departments', 'dep', 'dept_id = contact_department');
if ($depts) {
$q->addWhere('(' . implode(' OR ', $depts) . ' OR contact_department=0)');
}
$hash = $q->loadHashList($hash);
$q->clear();
}
return $hash;
}
$q->addTable('contacts', 'c');
$q->leftJoin('users', 'u', 'u.user_contact=c.contact_id');
$q->addQuery('DISTINCT UPPER(SUBSTRING(' . $search_name . ',1,1)) as L, user_id');
$q->addWhere('contact_private = 0 OR (contact_private = 1 AND contact_owner = ' . $AppUI->user_id . ') OR contact_owner IS NULL OR contact_owner = 0');
$arr = $q->loadList();
foreach ($arr as $L) {
if (!$L['user_id'] || $perms->checkLogin($L['user_id'])) {
$let .= $L['L'];
}
}
}
$q->clear();
// optional fields shown in the list (could be modified to allow breif and verbose, etc)
$showfields = array('contact_company' => 'contact_company', 'company_name' => 'company_name', 'contact_phone' => 'contact_phone', 'contact_email' => 'contact_email');
require_once $AppUI->getModuleClass('companies');
$company = new CCompany();
$allowedCompanies = $company->getAllowedSQL($AppUI->user_id);
// assemble the sql statement
$q->addTable('contacts', 'a');
$q->leftJoin('companies', 'b', 'a.contact_company = b.company_id');
$q->leftJoin('users', 'u', 'u.user_contact=a.contact_id');
$q->addQuery('contact_id, contact_order_by');
$q->addQuery('contact_first_name, contact_last_name, contact_phone, contact_owner');
$q->addQuery($showfields);
$q->addQuery('user_id');
foreach ($search_map as $search_name) {
$where_filter .= ' OR ' . $search_name . " LIKE '{$where}%'";
}
$where_filter = mb_substr($where_filter, 4);
$where_filter .= $additional_filter ? ' OR ' . $additional_filter : '';
$q->addWhere('(' . $where_filter . ')');
public static function searchContacts(CAppUI $AppUI = null, $where = '', $searchString = '')
{
global $AppUI;
$showfields = array('contact_address1' => 'contact_address1', 'contact_address2' => 'contact_address2', 'contact_city' => 'contact_city', 'contact_state' => 'contact_state', 'contact_zip' => 'contact_zip', 'contact_country' => 'contact_country', 'contact_company' => 'contact_company', 'company_name' => 'company_name', 'dept_name' => 'dept_name');
$additional_filter = '';
if ($searchString != '') {
$additional_filter = "OR contact_first_name like '%{$searchString}%'\n OR contact_last_name like '%{$searchString}%'\n\t\t\t OR CONCAT(contact_first_name, ' ', contact_last_name) like '%{$searchString}%'\n OR company_name like '%{$searchString}%'\n OR contact_notes like '%{$searchString}%'";
}
// assemble the sql statement
$q = new w2p_Database_Query();
$q->addQuery('contact_id, contact_order_by');
$q->addQuery($showfields);
$q->addQuery('contact_first_name, contact_last_name, contact_title');
$q->addQuery('contact_updatekey, contact_updateasked, contact_lastupdate');
$q->addQuery('contact_email, contact_phone');
$q->addQuery('user_id');
$q->addTable('contacts', 'a');
$q->leftJoin('companies', 'b', 'a.contact_company = b.company_id');
$q->leftJoin('departments', '', 'contact_department = dept_id');
$q->leftJoin('users', '', 'contact_id = user_contact');
$q->addWhere("(contact_first_name LIKE '{$where}%' OR contact_last_name LIKE '{$where}%' " . $additional_filter . ")");
$q->addWhere('
(contact_private=0
OR (contact_private=1 AND contact_owner=' . $AppUI->user_id . ')
OR contact_owner IS NULL OR contact_owner = 0
)');
$company = new CCompany();
$company->setAllowedSQL($AppUI->user_id, $q);
$department = new CDepartment();
$department->setAllowedSQL($AppUI->user_id, $q);
$q->addOrder('contact_first_name');
$q->addOrder('contact_last_name');
return $q->loadList();
}
/* $Id: select_contact_company.php 1858 2011-04-30 21:46:55Z caseydk $ $URL: https://web2project.svn.sourceforge.net/svnroot/web2project/tags/version2.4/modules/contacts/select_contact_company.php $ */
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$table_name = w2PgetParam($_GET, 'table_name', 'companies');
$company_id = (int) w2PgetParam($_GET, 'company_id', 0);
$dept_id = (int) w2PgetParam($_GET, 'dept_id', 0);
$select_list = array();
switch ($table_name) {
case 'companies':
$id_field = 'company_id';
$name_field = 'company_name';
$selection_string = 'Company';
$dataId = $company_id;
$company = new CCompany();
$companyList = $company->getCompanyList($AppUI);
foreach ($companyList as $comp) {
$select_list[$comp['company_id']] = $comp['company_name'];
}
break;
case 'departments':
$id_field = 'dept_id';
$name_field = 'dept_name';
$selection_string = 'Department';
$dataId = $dept_id;
$deptList = CDepartment::getDepartmentList($AppUI, $company_id, null);
foreach ($deptList as $dept) {
$select_list[$dept['dept_id']] = $dept['dept_name'];
}
break;
// check permissions for this record
$perms =& $AppUI->acl();
$canRead = $perms->checkModuleItem($m, 'view', $company_id);
$canEdit = $perms->checkModuleItem($m, 'edit', $company_id);
if (!$canRead) {
$AppUI->setMsg('Access denied', UI_MSG_ERROR);
$AppUI->redirect();
}
// retrieve any state parameters
if (isset($_GET['tab'])) {
$AppUI->setState('CompVwTab', $_GET['tab']);
}
$tab = $AppUI->getState('CompVwTab') !== NULL ? $AppUI->getState('CompVwTab') : 0;
// check if this record has dependencies to prevent deletion
$msg = '';
$obj = new CCompany();
$canDelete = $obj->canDelete($msg, $company_id);
// load the record data
$q = new DBQuery();
$q->addTable('companies', 'c');
$q->addQuery('c.*, u.user_id');
$q->addQuery('CONCAT(co.contact_first_name, " ", co.contact_last_name) AS contact_name');
$q->addJoin('users', 'u', 'u.user_id = c.company_owner');
$q->addJoin('contacts', 'co', 'u.user_contact = co.contact_id');
$q->addWhere('c.company_id = ' . $company_id);
$sql = $q->prepare();
$q->clear();
$obj = null;
if (!db_loadObject($sql, $obj)) {
$AppUI->setMsg('Company');
$AppUI->setMsg("invalidID", UI_MSG_ERROR, true);
<?php
if (!defined('W2P_BASE_DIR')) {
die('You should not access this file directly.');
}
$object_id = (int) w2PgetParam($_GET, 'company_id', 0);
$object = new CCompany();
$object->setId($object_id);
$canAddEdit = $object->canAddEdit();
$canAuthor = $object->canCreate();
$canEdit = $object->canEdit();
if (!$canAddEdit) {
$AppUI->redirect(ACCESS_DENIED);
}
// load the record data
$obj = $AppUI->restoreObject();
if ($obj) {
$object = $obj;
$object_id = $object->getId();
} else {
$object->load($object_id);
}
if (!$object && $object_id > 0) {
$AppUI->setMsg('Company');
$AppUI->setMsg('invalidID', UI_MSG_ERROR, true);
$AppUI->redirect('m=' . $m);
}
// setup the title block
$ttl = $object_id > 0 ? 'Edit Company' : 'Add Company';
$titleBlock = new w2p_Theme_TitleBlock($ttl, 'icon.png', $m);
$titleBlock->addCrumb('?m=' . $m, $m . ' list');
