function guess_mime_type($type_code) { $sql = "SELECT mime_type FROM attachment_type WHERE type_code = ?; "; $qry = new PgQuery($sql, $type_code); if ($qry->Exec("guess-mime-type") && $qry->rows > 0) { $row = $qry->Fetch(); return $row->mime_type; } return "application/octet-stream"; }
function add_system_data($sql, $column) { global $systems; $qry = new PgQuery($sql); if (!$qry->Exec("rqchange") || $qry->rows == 0) { return; } while ($row = $qry->Fetch()) { $systems[$row->key]->{$column} = $row->data; if (isset($row->system_desc)) { $systems[$row->key]->{'system_desc'} = $row->system_desc; } } }
function send_newnodes_block() { global $theme; $qry = new PgQuery("SELECT * FROM wu JOIN infonode USING(node_id) JOIN usr ON ( wu_by = user_no ) ORDER BY wu_on DESC LIMIT 20;"); if (!$qry->Exec("newnodes") || $qry->rows == 0) { return; } $theme->BlockOpen(); $theme->BlockTitle("New Nodes"); $i = 0; while ($wu = $qry->Fetch()) { if ($i++ > 0) { echo "<br>\n"; } echo "<a class=blockhead href=\"/wu.php?node_id={$wu->node_id}\" class=block>{$wu->nodename}</a> by {$wu->username}\n"; } echo "<img src=\"/images/clear.gif\" width=\"155\" height=\"50\" hspace=\"0\" vspace=\"2\" border=\"0\">\n"; $theme->BlockClose(); }
<?php switch ($action) { case "edit": case "delete": // Read the record first and set the screen values so the user can edit it and re-add it. $sql = "SELECT * FROM lookup_code WHERE source_table=? AND source_field=? AND lookup_code=?;"; $q = new PgQuery($sql, $table, $field, $lookup_code); if ($q->Exec("lookwrite") && $q->rows > 0 && ($old = $q->Fetch())) { $lookup_seq = $old->lookup_seq; $lookup_desc = $old->lookup_desc; $lookup_misc = $old->lookup_misc; } if ("{$action}" == "delete") { $sql = "DELETE FROM lookup_code WHERE source_table=? AND source_field=? AND lookup_code=?;"; $q = new PgQuery($sql, $table, $field, $lookup_code); if ($q->Exec("lookwrite")) { $client_messages[] = "Lookup Code deleted."; } } break; case "insert": $sql = "INSERT INTO lookup_code (source_table, source_field, lookup_code, "; $sql .= " lookup_seq, lookup_desc, lookup_misc) VALUES(?, ?, ?, ?, ?, ?);"; $q = new PgQuery($sql, $table, $field, $lookup_code, $lookup_seq, $lookup_desc, $lookup_misc); if ($q->Exec("lookwrite")) { $client_messages[] = "Lookup Code added."; } break; case "update": $sql = "UPDATE lookup_code SET lookup_code=?, lookup_seq=?, lookup_desc=?, lookup_misc=? ";
/** * Do what must be done with time zones from on file. Attempt to turn * them into something that PostgreSQL can understand... * * @deprecated This function is deprecated and will be removed eventually. * @todo Remove this function. */ function DealWithTimeZones() { global $c; dbg_error_log("LOG", " iCalendar: Call to deprecated method '%s'", 'DealWithTimeZones'); $tzid = $this->Get('TZID'); if (isset($c->save_time_zone_defs) && $c->save_time_zone_defs) { $qry = new PgQuery("SELECT tz_locn FROM time_zone WHERE tz_id = ?;", $tzid); if ($qry->Exec('iCalendar') && $qry->rows == 1) { $row = $qry->Fetch(); $this->tz_locn = $row->tz_locn; } dbg_error_log("icalendar", " TZCrap2: TZID '%s', DB Rows=%d, Location '%s'", $tzid, $qry->rows, $this->tz_locn); } if ((!isset($this->tz_locn) || $this->tz_locn == '') && $tzid != '') { /** * In case there was no X-LIC-LOCATION defined, let's hope there is something in the TZID * that we can use. We are looking for a string like "Pacific/Auckland" if possible. */ $tzname = preg_replace('#^(.*[^a-z])?([a-z]+/[a-z]+)$#i', '$1', $tzid); /** * Unfortunately this kind of thing will never work well :-( * if ( strstr( $tzname, ' ' ) ) { $words = preg_split('/\s/', $tzname ); $tzabbr = ''; foreach( $words AS $i => $word ) { $tzabbr .= substr( $word, 0, 1); } $this->tz_locn = $tzabbr; } */ if (preg_match('#\\S+/\\S+#', $tzname)) { $this->tz_locn = $tzname; } dbg_error_log("icalendar", " TZCrap3: TZID '%s', Location '%s', Perhaps: %s", $tzid, $this->tz_locn, $tzname); } if ($tzid != '' && isset($c->save_time_zone_defs) && $c->save_time_zone_defs && $qry->rows != 1 && isset($this->vtimezone) && $this->vtimezone != "") { $qry2 = new PgQuery("INSERT INTO time_zone (tz_id, tz_locn, tz_spec) VALUES( ?, ?, ? );", $tzid, $this->tz_locn, $this->vtimezone); $qry2->Exec("iCalendar"); } if ((!isset($this->tz_locn) || $this->tz_locn == "") && isset($c->local_tzid)) { $this->tz_locn = $c->local_tzid; } }
$qry = new PgQuery($sql); if ($qry->Exec("indexsupport") && $qry->rows > 0) { // Can't just let anyone type in a where clause on the command line! if (!is_member_of('Admin')) { $where_clause = ""; } // Internal column names (some have 'nice' alternatives defined in header_row() ) // The order of these defines the ordering when columns are chosen $available_columns = array("request_id" => "WR #", "lby_fullname" => "Created By", "lfull" => "Request For", "request_on" => "Request On", "lbrief" => "Description", "request_type_desc" => "Type", "request_tags" => "Tags", "status_desc" => "Status", "system_code" => "System Code", "system_desc" => "System Name", "request.last_activity" => "Last Chng", "urgency" => "Urgency", "importance" => "Importance", "active" => "Active"); /** * The hours column is not visible to clients. */ if ($session->AllowedTo("Support") || $session->AllowedTo("Admin")) { $available_columns["request_hours"] = "Hours"; } $saved_qry_row = $qry->Fetch(); $search_query = $saved_qry_row->query_sql; // $style = 'stripped'; $query_params = unserialize($saved_qry_row->query_params); $columns = $query_params["columns"]; if (!isset($columns) || !is_array($columns)) { if ($format == "edit") { $columns = array("request_id", "lfull", "request_on", "lbrief", "status_desc", "active", "request_type_desc", "request.last_activity"); } else { $columns = array("request_id", "lfull", "request_on", "lbrief", "status_desc", "request_type_desc", "request.last_activity"); } } // If the maxresults they saved was non-default, use that, otherwise we // increase the default anyway, because saved queries are more carefully // crafted, and less likely to list the whole database $mr = 1000;
$ts_id = $row->ts_id; $sql = <<<EOSQL {$tzset} INSERT INTO request_timesheet ( timesheet_id, request_id, work_on, work_duration, work_by_id, work_description, work_units ) VALUES( {$ts_id}, ?, ?::timestamp, (?::timestamp - ?::timestamp), {$session->user_no}, ?, 'hours' ); UPDATE request_timesheet SET work_quantity = (extract( 'hours' from work_duration)::numeric + extract( 'minutes' from work_duration )::numeric / 60::numeric), dav_etag = md5(timesheet_id||request_id||work_on||work_duration||work_by_id||COALESCE(charged_details,'')||work_description) WHERE timesheet_id={$ts_id}; EOSQL; $qry = new PgQuery($sql, $request_id, $ev->Get('dtstart'), $ev->Get('dtend'), $ev->Get('dtstart'), $ev->Get('summary')); $qry->Exec("PUT"); } $qry = new PgQuery("SELECT dav_etag FROM request_timesheet WHERE timesheet_id = {$ts_id};"); $qry->Exec("PUT"); $row = $qry->Fetch(); $etag = $row->dav_etag; $qry = new PgQuery("COMMIT;"); $qry->Exec("PUT"); header("HTTP/1.1 201 {$action}"); /** * From draft 13, 5.3.4 we find: * "In the case where the data stored by a server as a result of a PUT * request is not equivalent by octet equality to the submitted calendar * object resource, the behavior of the ETag response header is not * specified here, with the exception that a strong entity tag MUST NOT be * returned in the response. As a result, clients may need to retrieve the * modified calendar object resource (and ETag) as a basis for further * changes, rather than use the calendar object resource it had sent with * the PUT request." *
header("Content-type: text/plain"); dbg_error_log("DELETE", "Access denied: User: %d, Path: %s", $qry->rows, $session->user_no, $delete_path); echo "Access Denied"; exit(0); } } if ((!isset($etag_match) || $etag_match == '*' || $etag_match == '') && ("/" . $session->username . "/{$ts_id}" . ".ics" == "{$delete_path}" || "/" . $session->username . "/{$ts_id}@" . $_SERVER['SERVER_NAME'] . ".ics" == "{$delete_path}")) { // It really looks like we are deleting an existing timesheet $qry = new PgQuery("SELECT dav_etag FROM request_timesheet WHERE timesheet_id={$ts_id};"); $qry->Exec("PUT"); if ($qry->rows != 1) { header("HTTP/1.1 500 Infernal Server Error"); dbg_error_log("ERROR", "Found %d rows matching request %d, timesheet %d for user %s(%d)", $request_id, $ts_id, $delete_user_name, $delete_user_no); exit(0); } elseif ($qry->rows == 1) { $dav_event = $qry->Fetch(); $etag_match = $dav_event->dav_etag; } } if (isset($etag_match) && $etag_match != '*' && $etag_match != '' && ("/" . $session->username . "/{$ts_id}" . ".ics" == "{$delete_path}" || "/" . $session->username . "/{$ts_id}@" . $_SERVER['SERVER_NAME'] . ".ics" == "{$delete_path}")) { $qry = new PgQuery("SELECT * FROM request_timesheet WHERE work_by_id=? AND dav_etag=? AND timesheet_id=?", $session->user_no, $etag_match, $ts_id); if ($qry->Exec("DELETE") && $qry->rows == 1) { $qry = new PgQuery("DELETE FROM request_timesheet WHERE work_by_id=? AND dav_etag=? AND timesheet_id=?", $session->user_no, $etag_match, $ts_id); if ($qry->Exec("DELETE")) { header("HTTP/1.1 200 OK"); dbg_error_log("DELETE", "DELETE: User: %d, ETag: %s, Path: %s", $session->user_no, $etag_none_match, $delete_path); } else { header("HTTP/1.1 500 Infernal Server Error"); dbg_error_log("DELETE", "DELETE failed: User: %d, ETag: %s, Path: %s, SQL: %s", $session->user_no, $etag_none_match, $delete_path, $qry->querystring); } } else {
/** * Returns the locked row, either from the cache or from the database * * @param string $dav_name The resource which we want to know the lock status for */ function GetLockRow($lock_token) { if (isset($this->_locks_found) && isset($this->_locks_found[$lock_token])) { return $this->_locks_found[$lock_token]; } $sql = "SELECT * FROM locks WHERE opaquelocktoken = ?;"; $qry = new PgQuery($sql, $lock_token); if ($qry->Exec("caldav", __LINE__, __FILE__)) { $lock_row = $qry->Fetch(); $this->_locks_found = array($lock_token => $lock_row); return $this->_locks_found[$lock_token]; } else { $request->DoResponse(500, translate("Database Error")); } return false; // Nothing matched }
/** Save the request to the database. This is a QAMS-specific DB save * method, just catering for the data we need to setup up the basic * WRMS records. */ function save_request() { $saved = false; // We do this thing with the _POST array so that our class // vars get saved. This is to cater to WRMS Write() logic.. foreach ($this->post_fields as $posted_name) { $_POST["{$posted_name}"] = $this->{$posted_name}; } // Whether to let WRMS do its e-mail thing. Normally we do // emails directly from QAMS.. if ($this->send_no_email) { $_POST["send_no_email"] = "on"; } if ($this->Validate(true)) { $saved = $this->Write(true); if ($saved && $this->new_request) { // Fetch the request_id for this record. $q = "SELECT currval('request_request_id_seq');"; $qry = new PgQuery($q); $qry->Exec("WR::Write"); $row = $qry->Fetch(true); // Fetch results as array $this->request_id = $row[0]; // Not new anymore.. $this->new_request = false; } } return $saved; }
/** * Get XML response for a single item. Depth is irrelevant for this. */ function get_item($item_path) { global $session; $responses = array(); dbg_error_log("PROPFIND", "Getting item: Path: %s", $item_path); $sql = "SELECT caldav_data.dav_name, caldav_data, caldav_data.dav_etag "; $sql .= "FROM caldav_data WHERE dav_name = ?"; $qry = new PgQuery($sql, PgQuery::Plain(iCalendar::HttpDateFormat()), PgQuery::Plain(iCalendar::HttpDateFormat()), $item_path); if ($qry->Exec("PROPFIND", __LINE__, __FILE__) && $qry->rows > 0) { while ($item = $qry->Fetch()) { $responses[] = item_to_xml($item); } } return $responses; }
<?php /** * * Now we build the statement that will find those requests... */ $search_query = ""; if (!isset($_POST['submit']) && isset($_GET['saved_query'])) { $sql = "SELECT * FROM saved_queries "; $sql .= "WHERE (user_no = '{$session->user_no}' OR public ) "; $sql .= "AND query_name = ?;"; $qry = new PgQuery($sql, $saved_query); $qry->Exec("WRSearch::Build"); $thisquery = $qry->Fetch(); $search_query = $thisquery->query_sql; $saved_columns = unserialize($thisquery->query_params); $saved_columns = $saved_columns["columns"]; if (isset($saved_columns) && is_array($saved_columns)) { $columns = $saved_columns; } // If the maxresults they saved was non-default, use that, otherwise we // increase the default anyway, because saved queries are more carefully // crafted, and less likely to list the whole database $mr = 1000; if ((!isset($maxresults) || intval($maxresults) == 0 || $maxresults == 100) && intval($thisquery->maxresults) != 100 && intval($thisquery->maxresults) != 100) { $mr = $thisquery->maxresults; } $maxresults = $mr; if ($thisquery->rlsort && !isset($_GET['rlsort'])) { $rlsort = $thisquery->rlsort; $rlseq = $thisquery->rlseq;
function RenderSearchForm($target_url) { global $session, $theme, $search_record; $html = ""; $search_record = (object) array(); $org_code = intval($GLOBALS['org_code']); if ($org_code > 0) { $search_record->org_code = $org_code; } // $session->Log( 'DBG: isset($_POST[submit])=%s isset($_GET[saved_query])=%s', isset($_POST[submit]), isset($_GET['saved_query'] ) ); if (!isset($_POST['submit']) && isset($_GET['saved_query'])) { $qry = new PgQuery("SELECT query_params FROM saved_queries WHERE (user_no = ? OR public ) AND lower(query_name) = lower(?);", $session->user_no, $_GET['saved_query']); if ($qry->Exec('RenderSearchForm') && $qry->rows == 1 && ($row = $qry->Fetch())) { $_POST = unserialize($row->query_params); } } $ef = new EntryForm($REQUEST_URI, $search_record, true); // We do the formatting fairly carefully here... $ef->SimpleForm('<span style="white-space: nowrap"><span class="srchp">%s:</span><span class="srchf">%s</span></span> '); $html .= $ef->StartForm(array("autocomplete" => "off", "onsubmit" => "return CheckSearchForm();")); $html .= "<table border=0 cellspacing=2 cellpadding=0 align=center class=row0 width=100% style=\"border: 1px dashed #aaaaaa;\">\n"; $html .= "<tr><td width=100%><table border=0 cellspacing=0 cellpadding=0 width=100%><tr valign=middle><td width=100%>\n"; if (isset($_GET['search_for']) && !isset($_POST['search_for'])) { $_POST['search_for'] = $_GET['search_for']; } $html .= $ef->DataEntryLine("Find", "%s", "text", "search_for", array("size" => 10, "class" => "srchf", "title" => "Search for free text in the request or notes. Regular expressions are OK too.")); // Organisation drop-down if ($session->AllowedTo("Admin") || $session->AllowedTo("Support") || $session->AllowedTo("Contractor")) { $html .= $ef->DataEntryLine("Organisation", "", "lookup", "org_code", array("_sql" => SqlSelectOrganisations($org_code), "_null" => "-- All Organisations --", "onchange" => "OrganisationChanged();", "title" => "The organisation that this work will be done for.", "class" => "srchf", "style" => "width: 18em")); } // System (within Organisation) drop-down $html .= $ef->DataEntryLine("System", "", "lookup", "system_id", array("_sql" => SqlSelectSystems($org_code), "_null" => "-- All Systems --", "onchange" => "SystemChanged();", "title" => "The business system that this request applies to.", "class" => "srchf", "style" => "width: 18em")); $html .= $ef->DataEntryLine("Requester", "", "lookup", "requested_by", array("_sql" => SqlSelectRequesters($org_code), "_null" => "-- Any Requester --", "onchange" => "PersonChanged();", "title" => "The client who is requesting this, or who is in charge of ensuring it happens.", "class" => "srchf", "style" => "width: 12em")); $html .= $ef->DataEntryLine("Watching", "", "lookup", "interested_in", array("_sql" => SqlSelectSubscribers($org_code), "_null" => "-- Any Interested User --", "title" => "The client who is requesting this, or who is in charge of ensuring it happens.", "class" => "srchf", "style" => "width: 12em")); // Person Assigned to W/R $html .= $ef->DataEntryLine("ToDo", "", "lookup", "allocated_to", array("_sql" => SqlSelectSubscribers($org_code), "_null" => "-- Any Assigned User --", "_nobody" => "-- Not Yet Allocated --", "class" => "srchf", "title" => "A person who has been assigned to work on requests.", "style" => "width: 12em")); // Date range $html .= $ef->DataEntryLine("Last Action", "%s", "date", "from_date", array("size" => 10, "class" => "srchf", "title" => "Only show requests with action after this date.")); $html .= "<a href=\"javascript:show_calendar('forms.form.from_date');\" onmouseover=\"window.status='Date Picker';return true;\" onmouseout=\"window.status='';return true;\">" . $theme->Image("date-picker.gif") . "</a> \n"; $html .= $ef->DataEntryLine("To", "%s", "date", "to_date", array("size" => 10, "class" => "srchf", "title" => "Only show requests with action before this date.")); $html .= "<a href=\"javascript:show_calendar('forms.form.to_date');\" onmouseover=\"window.status='Date Picker';return true;\" onmouseout=\"window.status='';return true;\">" . $theme->Image("date-picker.gif") . "</a> \n"; // Type of Request $html .= $ef->DataEntryLine("Type", "%s", "lookup", "type_code", array("_type" => "request|request_type", "_null" => "-- All Types --", "class" => "srchf", "style" => "width: 8em", "title" => "Only show this type of request")); if ($session->AllowedTo("Admin")) { // $html .= "<div id=\"whereclause\">"; $html .= $ef->DataEntryLine("Where", "%s", "text", "where_clause", array("size" => 60, "class" => "srchf", "title" => "Add an SQL 'WHERE' clause to further refine the search - you will need to know what you are doing...")); // $html .= "</div>"; } $html .= "<table border='0' cellspacing='0' cellpadding='0' width='100%'><tr>"; $html .= "<td style=\"vertical-align: top; padding-top: 0.3em; white-space:wrap;\"><span class=\"srchp\">Status:</span></td><td valign='top'>\n"; $sql = "SELECT * FROM lookup_code WHERE source_table='request' "; $sql .= " AND source_field='status_code' "; $sql .= " ORDER BY source_table, source_field, lookup_seq, lookup_code "; $qry = new PgQuery($sql); if ($qry->Exec("RenderSearchForm") && $qry->rows > 0) { $i = 0; while ($status = $qry->Fetch()) { $ef->record->incstat[$status->lookup_code] = strpos($GLOBALS['default_search_statuses'], $status->lookup_code) != false ? 1 : ''; if ($i++ > 0) { $html .= " "; } $html .= $ef->DataEntryField("%s", "checkbox", "incstat[{$status->lookup_code}]", array("_label" => $status->lookup_desc, "class" => "srchf", "value" => 1)); // if ( $i++ == round($qry->rows / 2) ) $html .= "<br />"; } $html .= $ef->DataEntryField("%s", "checkbox", "inactive", array("_label" => "inactive", "class" => "srchf", "value" => 1)); $html .= "</td>\n"; } $html .= "</tr></table>\n"; $html .= RenderTagsPanel($ef); $html .= RenderColumnSelections($ef); // style="display: block; float:right; clear: left;" $html .= '<div id="savesearch">'; $html .= $ef->DataEntryLine("Save as", "%s", "text", "savelist", array("size" => 20, "class" => "srchf", "title" => "A name to use to refer to this query in the future.")); $html .= $ef->DataEntryField("%s", "checkbox", "save_query_order", array("_label" => "With Order?", "class" => "srchf", "value" => 1)); $html .= $ef->DataEntryField("%s", "checkbox", "save_public", array("_label" => "Public?", "class" => "srchf", "value" => 1)); $search_record->save_hotlist = 't'; $html .= $ef->DataEntryField("%s", "checkbox", "save_hotlist", array("_label" => "In my menu?", "class" => "srchf", "value" => 1)); $html .= $ef->SubmitButton("submit", "Save Query", array("title" => "Save this query so you can run it again.")); $html .= "</div>"; $html .= $ef->DataEntryLine("Max results", "%s", "text", "maxresults", array("size" => 6, "class" => "srchf", "title" => "The maximum number of rows to show in the listing")); $html .= $ef->SubmitButton("submit", "Run Query", array("title" => "Run a query with these settings")); $html .= "</td></tr></table>\n"; $html .= "</td></tr></table>\n"; $html .= $ef->EndForm(); return $html; }
if ($qry->Exec("UsrSearch")) { // Build table of usrs found echo "<p> " . $qry->rows . " users found</p>"; echo "<table border=\"0\" cellpadding=2 cellspacing=1 align=center width=100%>\n<tr>\n"; echo "<th class=cols>User ID</th><th class=cols>Full Name</th>\n"; if (!isset($org_code) || $org_code == 0) { echo "<th class=cols>Organisation</th>\n"; } echo "<th class=cols>Email</th>\n"; if (isset($system_id) && $system_id > 0) { echo "<th class=cols>User Role</th>\n"; } echo "<th class=cols>Accessed</th>\n"; echo "<th class=cols>Actions</th>\n"; echo "</tr>\n"; while ($thisusr = $qry->Fetch()) { printf("<tr class=row%1d>\n", $qry->rownum % 2); echo "<td class=sml><a href=\"user.php?user_no={$thisusr->user_no}\">{$thisusr->username}</a></td>\n"; echo "<td class=sml><a href=\"user.php?user_no={$thisusr->user_no}\">{$thisusr->fullname}</a></td>\n"; if (!isset($org_code) || $org_code == 0) { echo "<td class=sml><a href=\"org.php?org_code={$thisusr->org_code}\">{$thisusr->org_name}</a></td>\n"; } echo "<td class=sml><a href=\"mailto:{$thisusr->email}\">{$thisusr->email}</a> </td>\n"; if (isset($system_id) && $system_id > 0) { echo "<td class=sml>{$thisusr->lookup_desc} ({$thisusr->role}) </td>\n"; } echo "<td class=sml>{$thisusr->last_used} </td>\n"; echo "<td class=sml><a class=submit href=\"requestlist.php?user_no={$thisusr->user_no}\">Requested</a>\n"; if (is_member_of('Admin', 'Support')) { echo "<a class=submit href=\"requestlist.php?allocated_to={$thisusr->user_no}\">Allocated</a>\n"; echo "<a class=submit href=\"form.php?user_no={$thisusr->user_no}&form=timelist&uncharged=1\">Work</a>\n";
$ef->TempLineFormat('<span class="srchf" style="white-space: nowrap">%s%s</span>'); $btn_clients = $ef->DataEntryLine("", "", "button", "apply_clients", array("value" => "Client", "onclick" => "ApplyToRoles('client');", "title" => "Click to apply the default to unassigned users for this system.", "class" => "fsubmit")); $btn_contractors = $ef->DataEntryLine("", "", "button", "apply_contractors", array("value" => "Contractor", "onclick" => "ApplyToRoles('ext');", "title" => "Click to apply the default to unassigned users for this system.", "class" => "fsubmit")); $btn_internal = $ef->DataEntryLine("", "", "button", "apply_internal", array("value" => "Internal", "onclick" => "ApplyToRoles('int');", "title" => "Click to apply the default to unassigned users for this system.", "class" => "fsubmit")); $ef->RevertLineFormat(); $html .= "Choose a default and apply to unassigned {$btn_clients} / {$btn_contractors} / {$btn_internal} users</th>"; $html .= '<td class="entry" align="center">'; $options = array_merge($roles, array("title" => "Select the default role people have in relation to this system")); $html .= $ef->DataEntryField("", "select", "default_role", $options); $html .= "</td></tr>"; echo $html; } $options = array_merge($roles, array("title" => "Select the role this person has in relation to this system")); $fld_format = '<span style="background-color: %s;"> %s </span>'; $i = 0; while ($row = $q->Fetch()) { $search_record->role[$row->user_no] = $row->role; $colour = '#e8ffe0'; $type = "This is a client"; $id = "client_{$i}"; if ($row->internal_role == 't') { $id = "int_{$i}"; $colour = '#ffe8e0'; $type = "This is an internal person"; } else { if ($row->contractor_role == 't') { $id = "ext_{$i}"; $colour = '#e0e8ff'; $type = "This is an external support person"; } }
if (isset($report[$i]['properties']['GETETAG'])) { $prop->NewElement("getetag", '"' . $ts->dav_etag . '"'); } $status = new XMLElement("status", "HTTP/1.1 200 OK"); $response->NewElement("propstat", array($prop, $status)); $responses[] = $response; dbg_error_log("REPORT", "TS Response: ETag >>%s<< >>%s<<", $ts->dav_etag, $url); } } /** * We also include _all_ caldav_data entries in there, since these * are events which failed to parse into timesheets. */ $qry = new PgQuery("SELECT * FROM caldav_data WHERE user_no = ?", $report_user_no); if ($qry->Exec() && $qry->rows > 0) { while ($dav = $qry->Fetch()) { $response = new XMLElement("response"); $prop = new XMLElement("prop"); $url = sprintf("http://%s:%d%s%s", $_SERVER['SERVER_NAME'], $_SERVER['SERVER_PORT'], $_SERVER['SCRIPT_NAME'], $dav->dav_name); if (isset($report[$i]['include_href']) && $report[$i]['include_href'] > 0) { $response->NewElement("href", $url); } if (isset($report[$i]['include_data']) && $report[$i]['include_data'] > 0) { $prop->NewElement("calendar-data", $dav->caldav_data, array("xmlns" => "urn:ietf:params:xml:ns:caldav")); } if (isset($report[$i]['properties']['GETETAG'])) { $prop->NewElement("getetag", '"' . $dav->dav_etag . '"'); } $status = new XMLElement("status", "HTTP/1.1 200 OK"); $response->NewElement("propstat", array($prop, $status)); $responses[] = $response;
if ("{$style}" != "stripped") { echo "<p><small> " . pg_NumRows($result) . " timesheets found\n"; if (pg_NumRows($result) == $maxresults) { echo " (limit reached)"; } if ("{$uncharged}" != "") { printf("<form enctype=\"multipart/form-data\" method=post action=\"%s%s\">\n", $REQUEST_URI, !strpos($REQUEST_URI, "uncharged") ? "&uncharged=1" : ""); } } echo "<table border=\"0\" cellspacing=1 align=center>\n"; header_row(); $grand_total = 0.0; $total_hours = 0.0; $requests = array(); // Build table of organisations found while ($timesheet = $qry->Fetch()) { $grand_total += doubleval($timesheet->work_quantity * $timesheet->work_rate); switch ($timesheet->work_units) { case 'hours': $total_hours += doubleval($timesheet->work_quantity); $requests[$timesheet->request_id]['hours'] += $timesheet->work_quantity; break; case 'days': $total_hours += doubleval($timesheet->work_quantity * 8); $requests[$timesheet->request_id]['hours'] += $timesheet->work_quantity * 8; break; } $requests[$timesheet->request_id]['name'] = $timesheet->brief; printf("<tr class=row%1d>\n", $qry->row % 2); echo "<td class=sml nowrap>{$timesheet->requester_name}</td>\n"; if ("{$GLOBALS['org_code']}" == "") {
$sql .= "AND last_org_request(org_code) IS NOT NULL "; $sql .= "AND ( EXISTS( SELECT 1 FROM org_system os JOIN system_usr su USING(system_id) WHERE os.org_code=organisation.org_code AND su.user_no={$session->user_no} AND su.role IN ('A','S')) "; $sql .= "OR EXISTS( SELECT 1 FROM request_interested ri JOIN request r USING(request_id) JOIN usr u ON (r.requester_id=u.user_no) WHERE r.active AND r.last_activity > (current_timestamp - '8 months'::interval) AND u.org_code=organisation.org_code AND ri.user_no={$session->user_no} ) "; $sql .= "OR EXISTS( SELECT 1 FROM request_allocated ra JOIN request r USING(request_id) JOIN usr u ON (r.requester_id=u.user_no) WHERE r.active AND r.last_activity > (current_timestamp - '14 months'::interval) AND u.org_code=organisation.org_code AND ra.allocated_to_id={$session->user_no} ) ) "; $sql .= "AND active_org_requests(org_code) > 0 "; $sql .= "ORDER BY LOWER(organisation.org_name) "; $sql .= "LIMIT 100 "; $qry = new PgQuery($sql); if ($qry->Exec("indexsupport") && $qry->rows > 0) { echo "<table border=\"0\" align=\"center\" width=\"100%\"><tr>\n"; echo "<th class=\"cols\" align=\"left\">Organisation Name</th>"; echo "<th class=\"cols\" align=\"center\">Requests</th>"; echo "<th class=\"cols\" align=\"center\">Last Request</th>"; echo "<th class=\"cols\" align=\"center\">Show:</th></tr>"; // Build table of rows while ($thisorganisation = $qry->Fetch()) { $i = !isset($i) || $i == 0 ? 1 : 0; printf("<tr class=\"row%1d\">", $i); echo "<td class=\"sml\"> <a href=\"requestlist.php?org_code={$thisorganisation->org_code}\">{$thisorganisation->org_name}"; if ("{$thisorganisation->org_name}" == "") { echo "-- no description --"; } echo "</a> </td>\n"; echo "<td class=\"sml\" align=\"right\"> {$thisorganisation->active_org_requests}</td>\n"; echo "<td class=\"sml\" align=\"center\"> {$thisorganisation->last_request_date}</td>\n"; echo "<td class=\"sml\" align=\"center\"><a class=\"submit\" href=\"org.php?org_code={$thisorganisation->org_code}\">Organisation</a>"; echo " <a class=\"submit\" href=\"usrsearch.php?org_code={$thisorganisation->org_code}\">Users</a>"; echo " <a class=\"submit\" href=\"form.php?org_code={$thisorganisation->org_code}&form=timelist&uncharged=1\">Work</a>"; echo "</td></tr>\n"; } echo "</table>\n";
include_once "qams-project-defs.php"; // ----------------------------------------------------------------------------------------------- // MAIN CONTENT $s = ""; // DOCUMENTS ASSOCIATED WITH QA STEPS // Let's see if we can do this bit with a single query.. $q = "SELECT p.*, s.*, d.*, m.*, md.path_to_template, md.path_to_example"; $q .= " FROM qa_phase p, qa_step s, qa_document d, qa_model m, qa_model_documents md"; $q .= " WHERE s.qa_phase=p.qa_phase"; $q .= " AND md.qa_model_id=m.qa_model_id"; $q .= " AND md.qa_document_id=s.qa_document_id"; $q .= " AND d.qa_document_id=s.qa_document_id"; $q .= " ORDER BY p.qa_phase_order, s.qa_step_order, m.qa_model_order"; $qry = new PgQuery($q); if ($qry->Exec("qams-refdoc-index.php:get documents") && $qry->rows > 0) { while ($row = $qry->Fetch(true)) { $phase = $row["qa_phase_desc"]; $qa_model_name = $row["qa_model_name"]; $qa_document_id = $row["qa_document_id"]; $qa_document_title = $row["qa_document_title"]; $qa_document_desc = $row["qa_document_desc"]; $template = $row["path_to_template"]; $example = $row["path_to_example"]; // Only interested if we actually have a URL.. if ($template != "" || $example != "") { $id = "{$phase}|{$qa_document_id}"; $doc[$id] = $qa_document_title; $docdesc[$id] = $qa_document_desc; if ($template != "") { $doc_template[$id][$qa_model_name] = $template; }
/** * Save this approval record into the approval history set. If the ID * is still zero then we assume a new record needs to be inserted, else * we update the existing one. * @return boolean True if the approval was safely saved. */ function save() { $ok = false; // Fields which we want to NULL if not set, or nullstring.. $assigned_to_usr = isset($this->assigned_to_usr) && $this->assigned_to_usr != "" ? $this->assigned_to_usr : "******"; $approval_by_usr = isset($this->approval_by_usr) && $this->approval_by_usr != "" ? $this->approval_by_usr : "******"; $assigned_datetime = isset($this->assigned_datetime) && $this->assigned_datetime != "" ? "'{$this->assigned_datetime}'" : "NULL"; $approval_datetime = isset($this->approval_datetime) && $this->approval_datetime != "" ? "'{$this->approval_datetime}'" : "NULL"; $approval_status = isset($this->approval_status) && $this->approval_status != "" ? "'{$this->approval_status}'" : "NULL"; if ($this->qa_approval_id == 0) { // New record - grab next sequence value.. $qry = new PgQuery("SELECT NEXTVAL('qa_project_approval_qa_approval_id_seq')"); if ($qry->Exec()) { $row = $qry->Fetch(true); $this->qa_approval_id = $row[0]; } // Create new approval.. $q = "INSERT INTO qa_project_approval ("; $q .= " qa_approval_id, project_id, qa_step_id, qa_approval_type_id,"; $q .= " approval_status, assigned_to_usr, approval_by_usr, comment,"; $q .= " approval_datetime, assigned_datetime"; $q .= ") "; $q .= "VALUES("; $q .= "{$this->qa_approval_id},"; $q .= "{$this->project_id},"; $q .= "{$this->qa_step_id},"; $q .= "{$this->qa_approval_type_id},"; $q .= "{$approval_status},"; $q .= "{$assigned_to_usr},"; $q .= "{$approval_by_usr},"; $q .= "'" . addslashes($this->comment) . "',"; $q .= "{$approval_datetime},"; $q .= "{$assigned_datetime}"; $q .= ")"; $qry = new PgQuery($q); $ok = $qry->Exec("qa_project_approval::save"); } else { // Existing record update.. $q = "UPDATE qa_project_approval SET "; $q .= " project_id={$this->project_id},"; $q .= " qa_step_id={$this->qa_step_id},"; $q .= " qa_approval_type_id={$this->qa_approval_type_id},"; $q .= " approval_status={$approval_status},"; $q .= " assigned_to_usr={$assigned_to_usr},"; $q .= " approval_by_usr={$approval_by_usr},"; $q .= " comment='" . addslashes($this->comment) . "',"; $q .= " approval_datetime={$approval_datetime},"; $q .= " assigned_datetime={$assigned_datetime}"; $q .= " WHERE qa_approval_id={$this->qa_approval_id}"; $qry = new PgQuery($q); $ok = $qry->Exec("qa_project_approval::save"); } return $ok; }
/** * Internal function used to get the user's system roles from the database. */ function GetSystemRoles() { $this->system_roles = array(); $this->system_codes = array(); $qry = new PgQuery('SELECT system_usr.system_id, role, system_code FROM system_usr JOIN work_system USING (system_id) WHERE user_no = ? ', $this->user_no); if ($qry->Exec('Session::GetRoles') && $qry->rows > 0) { while ($role = $qry->Fetch()) { $this->system_roles[$role->system_id] = $role->role; $this->system_codes[$role->system_id] = $role->system_code; } } }
echo "</tr></table>\n"; } echo "<table border=\"0\" width=\"100%\">\n"; $show_notes = $format == "ultimate" || $format == "detailed"; $show_details = $format == "ultimate" || $format == "detailed" || "{$format}" == "activity" || "{$format}" == "quotes"; $show_quotes = $format == "ultimate" || "{$format}" == "activity" || "{$format}" == "quotes"; $show_work = ($format == "ultimate" || "{$format}" == "activity") && is_member_of('Admin', 'Support'); if (!$show_details) { header_row(); } if ($result) { $grand_total = 0.0; $grand_qty_total = 0.0; // Build table of requests found $i = 0; while ($thisrequest = $qry->Fetch()) { if ("{$format}" == "edit") { $thisrequest->editable = $session->AllowedTo("Support") || $session->AllowedTo("Admin") || $this->org_code == $session->org_code && strpos("`SACEO", $session->system_roles[$this->system_id]) || $session->AllowedTo("Contractor") && strpos("`SA", $session->system_roles[$this->system_id]); } if ($show_details) { header_row(); } data_row($thisrequest, $i); if ($show_details) { printf("<tr class=row%1d>\n", $i % 2); echo "<td colspan=7>" . html_format($thisrequest->detailed) . "</td>\n"; echo "</tr>\n"; } if ($show_quotes) { $subquery = "SELECT *, to_char( quoted_on, 'DD/MM/YYYY') AS nice_date "; $subquery .= "FROM request_quote, usr ";
list($number, $description) = split('/', $v, 2); $number = intval($number); if ($number > 0) { $request_ids[$number] = $number; } } } } // Select the user's system_role for each such system $sql = "SELECT request.request_id, system_usr.role "; $sql .= "FROM request LEFT OUTER JOIN system_usr ON request.system_id = system_usr.system_id AND system_usr.user_no=? "; $sql .= "WHERE request_id IN (" . implode(",", $request_ids) . ");"; $qry = new PgQuery($sql, $session->user_no); if ($qry->Exec("TimeSheet")) { if ($qry->rows > 0) { while ($row = $qry->Fetch()) { $request_ids[$row->request_id] = $row->role; } foreach ($request_ids as $r_id => $role) { if ($role == $r_id) { $client_messages[] = "W/R {$r_id} does not exist."; $invalid = true; } else { if ($role == "") { $client_messages[] = "You may not assign time to W/R {$r_id}."; $invalid = true; } } } } }
if (isset($debug)) { header("Content-Type: text/plain"); } else { header("Content-Type: text/calendar"); } if ($ts->invoiced != "") { $ts->description .= "\n" . $ts->invoiced; } $vevent = new vEvent(array('uid' => $ts_id . "@" . $_SERVER['SERVER_NAME'], 'dtstart' => $ts->dtstart, 'duration' => $ts->duration, 'summary' => $ts->summary, 'location' => $ts->location, 'description' => $ts->description)); print $vevent->Render(); dbg_error_log("GET", "User: %d, ETag: %s, Path: /%s/%d.ics", $get_user_no, $ts->dav_etag, $get_user_name, $ts_id); } else { $qry = new PgQuery("SELECT * FROM caldav_data WHERE user_no = ? AND dav_name = ? ;", $get_user_no, $get_path); dbg_error_log("get", "%s", $qry->querystring); if ($qry->Exec("GET") && $qry->rows == 1) { $event = $qry->Fetch(); header("HTTP/1.1 200 OK"); header("ETag: {$event->dav_etag}"); if (isset($debug)) { header("Content-Type: text/plain"); } else { header("Content-Type: text/calendar"); } print $event->caldav_data; dbg_error_log("GET", "User: %d, ETag: %s, Path: %s", $get_user_no, $event->dav_etag, $get_path); } else { if ($qry->rows != 1) { header("HTTP/1.1 500 Internal Server Error"); dbg_error_log("ERROR", "Multiple rows match for User: %d, ETag: %s, Path: %s", $get_user_no, $event->dav_etag, $get_path); } else { header("HTTP/1.1 500 Infernal Server Error");
/** * Get the names of the fields for a particular table * @param string $tablename The name of the table. * @return array of string The public fields in the table. */ function get_fields($tablename) { global $_AWL_field_cache; if (!isset($_AWL_field_cache[$tablename])) { dbg_error_log("DataUpdate", ":get_fields: Loaded fields for table '{$tablename}'"); $sql = "SELECT f.attname, t.typname FROM pg_attribute f "; $sql .= "JOIN pg_class c ON ( f.attrelid = c.oid ) "; $sql .= "JOIN pg_type t ON ( f.atttypid = t.oid ) "; $sql .= "WHERE relname = ? AND attnum >= 0 order by f.attnum;"; $qry = new PgQuery($sql, $tablename); $qry->Exec("DataUpdate"); $fields = array(); while ($row = $qry->Fetch()) { $fields["{$row->attname}"] = $row->typname; } $_AWL_field_cache[$tablename] = $fields; } return $_AWL_field_cache[$tablename]; }
/** * Internal function used to get the user's roles from the database. */ function GetRoles() { $this->roles = array(); $qry = new PgQuery('SELECT role_name FROM role_member m join roles r ON r.role_no = m.role_no WHERE user_no = ? ', $this->user_no); if ($qry->Exec('BasicAuthSession') && $qry->rows > 0) { while ($role = $qry->Fetch()) { $this->roles[$role->role_name] = true; } } }
function show_sidebar_menu() { global $PHP_SELF, $session, $c, $theme, $hurl, $lsid, $help_url, $qams_enabled; if ($qams_enabled && strstr($PHP_SELF, "qams")) { menu_break_line(); menu_url_line("/", "Go to the WRMS Work Request Management System", "WRMS", "head"); menu_break_line(); // QAMS MENU ITEMS.. menu_url_line("/qams-project.php?edit=1", "Create a new project", "New Project", "head"); // Not yet implemented.. //menu_url_line("/qams-project-search.php", "Search for projects", "Search Projects", "head"); if (isset($lsid)) { menu_url_line("/?logout=1&forget=1{$hurl}", "Log me out and stop logging me in automatically", "Forget Me", "head"); } else { menu_url_line("/?logout=1{$hurl}", "Au revoir!", "Log Off", "head"); } menu_break_line(); echo '<form method="get" action="/qams-project.php" name="quickwr" id="quickwr" style="display:inline">'; printf(' <b>PROJ:</b><input type="text" size="7" title="%s" value="%d" name="request_id">', 'Enter a Project Number and press [Enter] to go to it directly.', $GLOBALS['request_id']); echo "</form><br >"; menu_break_line(); menu_url_line("/qams.php?filter=my", "Show projects I am involved in", "My Projects"); menu_url_line("/qams.php?filter=recent", "Show the most recent projects", "Recent Projects"); menu_break_line(); menu_url_line("/qams-refdoc-index.php", "Quality Assurance Documents Index", "Documents"); } else { // WRMS MENU ITEMS.. menu_url_line("/wr.php", "Enter a new work request into the system.", "New Request", "head"); $tooltip = "A comprehensive search facility for reporting on work requests."; menu_url_line("/wrsearch.php", $tooltip, "Search Requests", "head"); if (is_member_of('Admin', 'Support', 'Contractor')) { menu_url_line("/timesheet.php", "", "Timesheet Entry", "head"); } if ($qams_enabled) { menu_url_line("/qams.php", "Go to the QAMS Quality Assurance Management System", "Quality System", "head"); } if (isset($lsid)) { menu_url_line("/?logout=1&forget=1{$hurl}", "Log me out and stop logging me in automatically", "Forget Me", "head"); } else { menu_url_line("/?logout=1{$hurl}", "Au revoir!", "Log Off", "head"); } menu_break_line(); printf(<<<EOFORM <form method="get" action="/wr.php" name="quickwr" id="quickwr" style="display:inline"> <b>W/R:</b><input type="text" size="7" title="%s" value="%d" name="request_id"> </form><br > EOFORM , 'Enter a W/R number and press [Enter] to go to it directly.', $GLOBALS['request_id']); $tooltip = "Run this saved search"; $tooltip2 = "Edit this saved search"; $qry = new PgQuery("SELECT * FROM saved_queries WHERE user_no = '{$session->user_no}' AND in_menu ORDER BY query_name"); if ($qry->Exec("block-menu") && $qry->rows > 0) { menu_break_line(); while ($thisquery = $qry->Fetch()) { echo " <a href=\"/wrsearch.php?style=plain&saved_query=" . urlencode($thisquery->query_name) . "\" class=\"block\" title=\"{$tooltip}\" alt=\"{$tooltip}\"><b>»</b>{$thisquery->query_name}</a>"; if ($thisquery->query_params != "") { echo " <a href=\"/wrsearch.php?saved_query=" . urlencode($thisquery->query_name) . "\" class=\"block\" title=\"{$tooltip2}\"><b>«e»</b></a>"; } echo "<br >\n"; } echo " <a href=\"/saved_searches.php\">...more</a><br >\n"; } else { menu_break_line(); $tooltip = "List, run and edit all of your saved searches."; menu_url_line("/saved_searches.php", $tooltip, "Saved Searches"); } menu_break_line(); menu_url_line($help_url, "Help on this screen", "Help"); $tooltip = "Maintain your name, phone and e-mail details, or change your password"; menu_url_line("user.php?edit=1&user_no={$session->user_no}", $tooltip, "Edit My Info"); if (is_member_of('Admin', 'Support', 'OrgMgr')) { // menu_break_line(); $tooltip = "Review and update details about your organisation."; menu_url_line("/org.php?org_code={$session->org_code}", $tooltip, "My Organisation"); $tooltip = "List the WRMS users for your organisation."; menu_url_line("/usrsearch.php?org_code={$session->org_code}", $tooltip, "Our Users"); $tooltip = "Create a new WRMS user for your organisation."; menu_url_line("/user.php?org_code={$session->org_code}", $tooltip, "New User"); $tooltip = "List the 'Systems' your organisation may create Work Requests for."; menu_url_line("/form.php?form=syslist&org_code={$session->org_code}", $tooltip, "Our Systems"); if (is_member_of('Admin')) { menu_url_line("/lookups.php", "", "Lookup Codes"); menu_url_line("/form.php?form=attachment_type", "", "Attachment Types"); menu_url_line("/form.php?form=sessionlist", "", "Sessions"); } } if (is_member_of('Admin', 'Support')) { menu_break_line(); menu_url_line("/form.php?f=orglist", "", "All Organisations"); menu_url_line("/form.php?f=syslist", "", "General Systems"); menu_url_line("/new_organisation.php", "Add a new organisation, with a general system and primary user", "New Organisation"); menu_url_line("/form.php?user_no={$session->user_no}&form=timelist&uncharged=1", "", "My Uncharged Work"); menu_url_line("/form.php?f=timelist&uncharged=1", "", "All Work"); menu_url_line("/form.php?f=simpletimelist", "", "Work by Person"); menu_url_line("/form.php?f=timelist&uncharged=1&charge=1", "", "Work To Charge"); $tooltip = "A report showing the activity in the WRMS."; menu_url_line("/requestchange.php", $tooltip, "WRMS Activity"); } if (is_member_of('Admin', 'Support') || $GLOBALS['rank_report_anyone']) { $tooltip = "A ranked list of work requests, most important and urgent at the top"; menu_url_line("/requestrank.php?qs=complex", $tooltip, "Request Ranking"); } } if (is_member_of('Admin', 'Support')) { menu_url_line("/statuspie.php", 'A pie chart of request statuses for a period / system / organisation', "Status Pie"); } if (is_member_of('Admin', 'Accounts')) { menu_url_line("/work_summary.php", 'Show work summary for an Organisation / System / Person etc.', "Work Summary"); } $theme->BlockClose(); }
$sql = "SELECT * FROM request_attachment, lookup_code "; $sql .= "WHERE attachment_id = {$id} "; $sql .= "AND source_table='request' "; $sql .= "AND source_field='attach_type' "; $sql .= "AND lookup_code = att_type ; "; $qry = new PgQuery($sql); if ($qry->Exec("attachment") && $qry->rows > 0) { $attachment = $qry->Fetch(); } else { $qry = new PgQuery("SELECT * FROM request_attachment WHERE attachment_id = {$id};"); if (!$qry->Exec("attachment") || $qry->rows == 0) { error_log("{$sysabbr} attachment: DBG: id [{$id}] not found", 0); echo "<html><head><title>Error - invalid attachment ID [{$id}]</title><body><h1>Invalid attachment ID [{$id}]</h1></body></html>"; exit; } $attachment = $qry->Fetch(); include_once "guess-file-type.php"; $attachment->lookup_code = guess_file_type($attachment->att_filename, "{$attachment_dir}/{$id}"); $attachment->lookup_misc = guess_mime_type($attachment->lookup_code); } if (!isset($attachment_dir)) { $attachment_dir = "attachments"; } header("Content-type: {$attachment->lookup_misc}"); header("Content-Disposition: filename={$attachment->att_filename}"); $bytes = filesize("{$attachment_dir}/{$id}"); header("Content-length: {$bytes}"); // dump the file $fp = fopen("{$attachment_dir}/{$id}", 'rb'); fpassthru($fp); error_log("{$sysabbr} attachment: DBG: Served '{$attachment->att_filename}' as '{$attachment->lookup_misc}' ({$attachment->lookup_code}), {$bytes} bytes");
/** * */ function Write() { global $c, $session; if (parent::Write()) { if ($this->new_record) { $qry = new PgQuery("SELECT currval('organisation_org_code_seq');"); $qry->Exec("OrganisationPlus::Write: Retrieve org_code"); $sequence_value = $qry->Fetch(true); // Fetch as an array $org_code = $sequence_value[0]; $GLOBALS['id'] = $org_code; $c->messages[] = "Organisation, System and User records created."; if (isset($_POST['invite']) && $_POST['invite'] == 'on') { $username = $this->Get('username'); $fullname = $this->Get('fullname'); $invitation_template = <<<EOINVITE Hi {$fullname}, Welcome to @@system_name@@! Your access has now been configured by {$session->fullname} with the following details: Username: {$username} Password: @@password@@ This is a temporary password which will be valid for 24 hours. To log on, please visit: {$c->base_dns}/ Once you have logged on, you will need to use the "Edit My Info" option to set a permanent password. If you have any problems, please contact {$session->fullname} or the system administrator. Thanks. EOINVITE; $session->Dbg("OrganisationPlus", "Inviting '%s' to join.", $username); $session->EmailTemporaryPassword($username, null, $invitation_template); $c->messages[] = "Invitation and password sent to " . $username; } else { $session->Dbg("OrganisationPlus", "Invite is >>%s<<", $_POST['invite']); } } else { $c->messages[] = "Organisation, System and User details updated."; } return true; } return false; // Looks like we screwed up somewhere }
$ts_until = date('Y-M-d', $sow + 14 * 86400); $sql = <<<EOQRY SELECT rt.request_id, abbreviation, system_desc, brief, sum(work_quantity) AS work_quantity FROM request_timesheet rt JOIN request ON (request.request_id = rt.request_id) JOIN usr ON (request.requester_id = usr.user_no) JOIN organisation USING (org_code) JOIN work_system USING (system_id) WHERE rt.work_by_id = ? AND work_on >= ? AND work_on < ? GROUP BY rt.request_id, abbreviation, system_desc, brief ORDER BY rt.request_id ASC; EOQRY; $qry = new PgQuery($sql, $ts_user, $ts_from, $ts_until); if ($qry->Exec("TimeSheet") && $qry->rows > 0) { echo "<h3>Recent Requests You Have Worked On</h3>\n"; echo '<table width="100%" border="0" cellpadding="1" cellspacing="2">'; echo "<tr class=\"row1\"><th class=\"cols\">WR #</th><th class=\"cols\" align=\"left\">For</th><th class=\"cols\" align=\"left\">System</th><th class=\"cols\" align=\"left\">Request</th></tr>\n"; while ($wr = $qry->Fetch()) { echo "<tr class=\"row" . $i % 2 . "\">"; echo "<th><a href=\"wr.php?request_id={$wr->request_id}\">{$wr->request_id}</a></th>"; echo "<td>{$wr->abbreviation}</td>"; echo "<td>{$wr->system_desc}</td>"; echo "<td>{$wr->brief}</td>"; echo "</tr>\n"; } echo "</table>\n"; } // Close off page and write the $settings out include "page-footer.php";