// This Page Is Valid XHTML 1.0 Transitional! 24May2009 $permission = 39; // Add Maintenance Contract require 'core.php'; require APPLICATION_LIBPATH . 'functions.inc.php'; // This page requires authentication require APPLICATION_LIBPATH . 'auth.inc.php'; $title = $strAddContract; // External variables $action = $_REQUEST['action']; $siteid = cleanvar($_REQUEST['siteid']); // Show add maintenance form if ($action == "showform" or $action == '') { include APPLICATION_INCPATH . 'htmlheader.inc.php'; echo show_form_errors('add_contract'); clear_form_errors('add_contract'); echo "<h2>" . icon('contract', 32) . " "; echo "{$strAddContract}</h2>"; echo "<form id='add_contract' name='add_contract' action='{$_SERVER['PHP_SELF']}?action=add' method='post' onsubmit='return confirm_action(\"{$strAreYouSureAdd}\");'>"; echo "<table align='center' class='vertical'>"; echo "<thead>"; echo "<tr><th>{$strSite}</th><td>"; if ($_SESSION['formdata']['add_contract']['site'] != '') { echo site_drop_down("site", $_SESSION['formdata']['add_contract']['site'], TRUE); } else { echo site_drop_down("site", $siteid, TRUE); } echo " <span class='required'>{$strRequired}</span></td></tr>\n"; echo "<tr><th>{$strContacts}</th><td>"; echo "<input value='amount' type='radio' name='contacts' checked='checked' />"; echo "{$strLimitTo} <input size='2' name='numcontacts' ";
$_SESSION['formdata']['role_edit'] = $_REQUEST; if (empty($rolename)) { $errors++; $_SESSION['formerrors']['role_edit']['rolename'] = sprintf($strFieldMustNotBeBlank, $strName); } $sql = "SELECT * FROM `{$dbRoles}` WHERE rolename = '{$rolename}' AND id != {$roleid}"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (mysql_num_rows($result) > 0) { $errors++; $_SESSION['formerrors']['role_edit']['duplicaterole'] = "{$strADuplicateAlreadyExists}</p>\n"; } if ($errors == 0) { clear_form_data('role_add'); clear_form_errors('role_add'); $sql = "UPDATE `{$dbRoles}` SET rolename = '{$rolename}', description = '{$description}' WHERE id = {$roleid}"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (mysql_affected_rows() > 0) { html_redirect("role.php?roleid={$roleid}", TRUE); } else { html_redirect($_SESSION['PHP_SELF'], FALSE); } } else { html_redirect($_SESSION['PHP_SELF'], FALSE); } }
// Author: Ivan Lucas <ivanlucas[at]users.sourceforge.net> $permission = 22; // Administrate require 'core.php'; require APPLICATION_LIBPATH . 'functions.inc.php'; // This page requires authentication require APPLICATION_LIBPATH . 'auth.inc.php'; // External variables $tag = mysql_real_escape_string($_REQUEST['tag']); $priority = mysql_real_escape_string($_REQUEST['priority']); $action = $_REQUEST['action']; if (empty($action) or $action == "showform") { $title = $strAddServiceLevel; include APPLICATION_INCPATH . 'htmlheader.inc.php'; echo show_form_errors('add_servicelevel'); clear_form_errors('add_servicelevel'); if (empty($_SESSION['formdata']['add_servicelevel']['low_initial_response_mins'])) { $_SESSION['formdata']['add_servicelevel']['low_initial_response_mins'] = 320; } if (empty($_SESSION['formdata']['add_servicelevel']['low_prob_determ_mins'])) { $_SESSION['formdata']['add_servicelevel']['low_prob_determ_mins'] = 380; } if (empty($_SESSION['formdata']['add_servicelevel']['low_action_plan_mins'])) { $_SESSION['formdata']['add_servicelevel']['low_action_plan_mins'] = 960; } if (empty($_SESSION['formdata']['add_servicelevel']['low_resolution_days'])) { $_SESSION['formdata']['add_servicelevel']['low_resolution_days'] = 14; } if (empty($_SESSION['formdata']['add_servicelevel']['low_review_days'])) { $_SESSION['formdata']['add_servicelevel']['low_review_days'] = 28; }
/** * Update page */ function display_update_page($draftid = -1) { global $id; global $incidentid; global $action; global $CONFIG; global $iconset; global $now; global $dbDrafts; global $sit; if ($draftid != -1) { $draftsql = "SELECT * FROM `{$dbDrafts}` WHERE id = {$draftid}"; $draftresult = mysql_query($draftsql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_WARNING); } $draftobj = mysql_fetch_object($draftresult); $metadata = explode("|", $draftobj->meta); } // No update body text detected show update form ?> <script type="text/javascript"> <!-- function deleteOption(object) { var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } function notarget(object) { // remove last option var length = object.updatetype.length; if (length > 6) { object.updatetype.selectedIndex=6; var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } object.priority.value=object.storepriority.value; //object.priority.disabled=true; object.priority.disabled=false; object.updatetype.selectedIndex=0; object.updatetype.disabled=false; } function initialresponse(object) { // remove last option var length = object.updatetype.length; if (length > 6) { object.updatetype.selectedIndex=6; var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } object.priority.value=object.storepriority.value; object.priority.disabled=true; object.updatetype.selectedIndex=0; object.updatetype.disabled=false; } function actionplan(object) { // remove last option var length = object.updatetype.length; if (length > 6) { object.updatetype.selectedIndex=6; var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } var defaultSelected = true; var selected = true; var optionName = new Option('Action Plan', 'actionplan', defaultSelected, selected) var length = object.updatetype.length; object.updatetype.options[length] = optionName; object.priority.value=object.storepriority.value; object.priority.disabled=true; object.updatetype.disabled=true; } function reprioritise(object) { // remove last option var length = object.updatetype.length; if (length > 6) { object.updatetype.selectedIndex=6; var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } // add new option var defaultSelected = true; var selected = true; var optionName = new Option('Reprioritise', 'solution', defaultSelected, selected) var length = object.updatetype.length; object.updatetype.options[length] = optionName; object.priority.disabled=false; document.updateform.priority.disabled=false; object.updatetype.disabled=true; } function probdef(object) { // remove last option var length = object.updatetype.length; if (length > 6) { object.updatetype.selectedIndex=6; var Current = object.updatetype.selectedIndex; object.updatetype.options[Current] = null; } var defaultSelected = true; var selected = true; var optionName = new Option('Problem Definition', 'probdef', defaultSelected, selected) var length = object.updatetype.length; object.updatetype.options[length] = optionName; object.priority.value=object.storepriority.value; object.priority.disabled=true; object.updatetype.disabled=true; } function replaceOption(object) { var Current = object.updatetype.selectedIndex; object.updatetype.options[Current].text = object.currentText.value; object.updatetype.options[Current].value = object.currentText.value; } <?php echo "var draftid = {$draftid}"; ?> // Auto save function save_content(){ var xmlhttp=false; if (!xmlhttp && typeof XMLHttpRequest!='undefined') { try { xmlhttp = new XMLHttpRequest(); } catch (e) { xmlhttp=false; } } if (!xmlhttp && window.createRequest) { try { xmlhttp = window.createRequest(); } catch (e) { xmlhttp=false; } } var toPass = $('updatelog').value; //alert(toPass.value); var meta = $('target').value+"|"+$('updatetype').value+"|"+$('cust_vis').checked+"|"; meta += $('priority').value+"|"+$('newstatus').value+"|"+$('nextaction').value+"|"; if (toPass != '') { // xmlhttp.open("GET", "ajaxdata.php?action=auto_save&userid="+<?php echo $_SESSION['userid']; ?> +"&type=update&incidentid="+<?php echo $id; ?> +"&draftid="+draftid+"&meta="+meta+"&content="+escape(toPass), true); var url = "ajaxdata.php"; var params = "action=auto_save&userid="+<?php echo $_SESSION['userid']; ?> +"&type=update&incidentid="+<?php echo $id; ?> +"&draftid="+draftid+"&meta="+meta+"&content="+escape(toPass); xmlhttp.open("POST", url, true) xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded"); xmlhttp.setRequestHeader("Content-length", params.length); xmlhttp.setRequestHeader("Connection", "close"); xmlhttp.onreadystatechange=function() { //remove this in the future after testing if (xmlhttp.readyState==4) { if (xmlhttp.responseText != ''){ //alert(xmlhttp.responseText); if (draftid == -1) { draftid = xmlhttp.responseText; $('draftid').value = draftid; } var currentTime = new Date(); var hours = currentTime.getHours(); var minutes = currentTime.getMinutes(); if (minutes < 10) { minutes = "0"+minutes; } var seconds = currentTime.getSeconds(); if (seconds < 10) { seconds = "0"+seconds; } $('updatestr').innerHTML = '<?php echo "<a href=\"javascript:save_content();\">" . icon('save', 16, $GLOBALS['strSaveDraft']) . "</a> " . icon('info', 16, $GLOBALS['strDraftLastSaved']) . " "; ?> ' + hours + ':' + minutes + ':' + seconds; } } } xmlhttp.send(params); } } setInterval("save_content()", 10000); //every 10 seconds //--> </script> <?php echo show_form_errors('update'); clear_form_errors('update'); //echo "<form action='".$_SERVER['PHP_SELF']."?id={$id}&draftid={$draftid}' method='post' name='updateform' id='updateform' enctype='multipart/form-data'>"; echo "<form action='" . $_SERVER['PHP_SELF'] . "?id={$id}' method='post' name='updateform' id='updateform' enctype='multipart/form-data'>"; echo "<table class='vertical'>"; echo "<tr>"; echo "<th align='right' width='20%;'>{$GLOBALS['strSLATarget']}"; echo icon('sla', 16) . "</th>"; echo "<td class='shade2'>"; $target = incident_get_next_target($id); $targetNone = ''; $targetInitialresponse = ''; $targetProbdef = ''; $targetActionplan = ''; $targetSolution = ''; $typeResearch = ''; $typeEmailin = ''; $typeEmailout = ''; $typePhonecallin = ''; $typePhonecallout = ''; $typeExternalinfo = ''; $typeReviewmet = ''; if (!empty($metadata)) { switch ($metadata[0]) { case 'none': $targetNone = " SELECTED "; break; case 'initialresponse': $targetInitialresponse = " SELECTED "; break; case 'probdef': $targetProbdef = " SELECTED "; break; case 'actionplan': $targetActionplan = " SELECTED "; break; case 'solution': $targetSolution = " SELECTED "; break; } switch ($metadata[1]) { case 'research': $typeResearch = " SELECTED "; break; case 'emailin': $typeEmailin = " SELECTED "; break; case 'emailout': $typeEmailout = " SELECTED "; break; case 'phonecallin': $typePhonecallin = " SELECTED "; break; case 'phonecallout': $typePhonecallout = " SELECTED "; break; case 'externalinfo': $typeExternalinfo = " SELECTED "; break; case 'reviewmet': $typeReviewmet = " SELECTED "; break; } } echo "<select name='target' id='target' class='dropdown'>\n"; echo "<option value='none' {$targetNone} onclick='notarget(this.form)'>{$GLOBALS['strNone']}</option>\n"; switch ($target->type) { case 'initialresponse': echo "<option value='initialresponse' {$targetInitialresponse} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/initialresponse.png); background-repeat: no-repeat;' onclick='initialresponse(this.form)' >{$GLOBALS['strInitialResponse']}</option>\n"; echo "<option value='probdef' {$targetProbdef} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/probdef.png); background-repeat: no-repeat;' onclick='probdef(this.form)'>{$GLOBALS['strProblemDefinition']}</option>\n"; echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n"; echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n"; break; case 'probdef': echo "<option value='probdef' {$targetProbdef} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/probdef.png); background-repeat: no-repeat;' onclick='probdef(this.form)'>{$GLOBALS['strProblemDefinition']}</option>\n"; echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n"; echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n"; break; case 'actionplan': echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n"; echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n"; break; case 'solution': echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n"; break; } echo "</select>\n"; echo "</td></tr>\n"; echo "<tr><th align='right'>{$GLOBALS['strUpdateType']}</th>"; echo "<td class='shade1'>"; echo "<select name='updatetype' id='updatetype' class='dropdown'>"; /* if ($target->type!='actionplan' && $target->type!='solution') echo "<option value='probdef'>Problem Definition</option>\n"; if ($target->type!='solution') echo "<option value='actionplan'>Action Plan</option>\n"; */ echo "<option value='research' {$typeResearch} selected='selected' style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/research.png); background-repeat: no-repeat;'>{$GLOBALS['strResearchNotes']}</option>\n"; echo "<option value='emailin' {$typeEmailin} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/emailin.png); background-repeat: no-repeat;'>{$GLOBALS['strEmailFromCustomer']}</option>\n"; echo "<option value='emailout' {$typeEmailout} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/emailout.png); background-repeat: no-repeat;'>{$GLOBALS['strEmailToCustomer']}</option>\n"; echo "<option value='phonecallin' {$typePhonecallin} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/callin.png); background-repeat: no-repeat;'>{$GLOBALS['strCallFromCustomer']}</option>\n"; echo "<option value='phonecallout' {$typePhonecallout} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/callout.png); background-repeat: no-repeat;'>{$GLOBALS['strCallToCustomer']}</option>\n"; echo "<option value='externalinfo' {$typeExternalinfo} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/externalinfo.png); background-repeat: no-repeat;'>{$GLOBALS['strExternalInfo']}</option>\n"; echo "<option value='reviewmet' {$typeReviewmet} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/review.png); background-repeat: no-repeat;'>{$GLOBALS['strReview']}</option>\n"; echo "</select>"; echo "</td>"; echo "</tr>"; echo "<tr>"; echo "<th align='right'>{$GLOBALS['strUpdate']}<br />"; echo "<span class='required'>{$GLOBALS['strRequired']}</span></th>"; echo "<td class='shade1'>"; $checkbox = ''; if (!empty($metadata)) { if ($metadata[2] == "true") { $checkbox = "checked='checked'"; } } else { $checkbox = "checked='checked'"; } echo "<label><input type='checkbox' name='cust_vis' id='cust_vis' "; echo "{$checkbox} value='yes' /> {$GLOBALS['strMakeVisibleInPortal']}<label><br />"; echo bbcode_toolbar('updatelog'); echo "<textarea name='bodytext' id='updatelog' rows='13' cols='50'>"; if ($draftid != -1) { echo $draftobj->content; } echo "</textarea>"; echo "<div id='updatestr'><a href='javascript:save_content();'>" . icon('save', 16, $GLOBALS['strSaveDraft']) . "</a></div>"; echo "</td></tr>"; if ($target->type == 'initialresponse') { $disable_priority = TRUE; } else { $disable_priority = FALSE; } echo "<tr><th align='right'>{$GLOBALS['strNewPriority']}</th>"; echo "<td class='shade1'>"; // // FIXME fix maximum priority // $servicelevel=maintenance_servicelevel(incident_maintid($id)); // if ($servicelevel == 2 || $servicelevel == 5) $maxpriority = 4; // else $maxpriority = 3; $maxpriority = 4; $setPriorityTo = incident_priority($id); if (!empty($metadata)) { $setPriorityTo = $metadata[3]; } echo priority_drop_down("newpriority", $setPriorityTo, $maxpriority, $disable_priority); //id='priority echo "</td></tr>\n"; echo "<tr>"; echo "<th align='right'>{$GLOBALS['strNewStatus']}</th>"; $setStatusTo = incident_status($id); $disabled = FALSE; //we do this so if you update another user's incident, it defaults to active if ($sit[2] != incident_owner($incidentid)) { $setStatusTo = '0'; } elseif (!empty($metadata)) { $setStatusTo = $metadata[4]; } echo "<td class='shade1'>" . incidentstatus_drop_down("newstatus", $setStatusTo) . "</td>"; echo "</tr>"; echo "<tr>"; echo "<th align='right'>{$GLOBALS['strNextAction']}</th>"; $nextAction = ''; if (!empty($metadata)) { $nextAction = $metadata[5]; } echo "<td class='shade2'><input type='text' name='nextaction' "; echo "id='nextaction' maxlength='50' size='30' value='{$nextAction}' /></td></tr>"; echo "<tr>"; echo "<th align='right'>"; echo "<strong>{$GLOBALS['strTimeToNextAction']}</strong></th>"; echo "<td class='shade2'>"; echo show_next_action(); echo "</td></tr>"; echo "<tr>"; // calculate upload filesize $att_file_size = readable_file_size($CONFIG['upload_max_filesize']); echo "<th align='right'>{$GLOBALS['strAttachFile']}"; echo " (<{$att_file_size})</th>"; echo "<td class='shade1'><input type='hidden' name='MAX_FILE_SIZE' value='{$CONFIG['upload_max_filesize']}' />"; echo "<input type='file' name='attachment' size='40' maxfilesize='{$CONFIG['upload_max_filesize']}' /></td>"; echo "</tr>"; echo "</table>"; echo "<p class='center'>"; echo "<input type='hidden' name='action' value='update' />"; if ($draftid == -1) { $localdraft = ''; } else { $localdraft = $draftid; } echo "<input type='hidden' name='draftid' id='draftid' value='{$localdraft}' />"; echo "<input type='hidden' name='storepriority' value='" . incident_priority($id) . "' />"; echo "<input type='submit' name='submit' value='{$GLOBALS['strUpdateIncident']}' /></p>"; echo "</form>"; }
$errors = 0; // check for blank name if ($name == '') { $errors++; $_SESSION['formerrors']['add_product']['name'] = sprintf($strFieldMustNotBeBlank, $strProduct); } if ($vendor == '' or $vendor == "0") { $errors++; $_SESSION['formerrors']['add_product']['vendor'] = sprintf($strFieldMustNotBeBlank, $strVendor); } // add product if no errors if ($errors == 0) { $sql = "INSERT INTO `{$dbProducts}` (name, vendorid, description) VALUES ('{$name}', '{$vendor}', '{$description}')"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (!$result) { echo "<p class='error'>" . sprintf($strAddXfailed, $strProduct) . "\n"; } else { $id = mysql_insert_id(); journal(CFG_LOGGING_NORMAL, 'Product Added', "Product {$id} was added", CFG_JOURNAL_PRODUCTS, $id); html_redirect("products.php"); } clear_form_errors('add_product'); clear_form_data('add_product'); } else { include APPLICATION_INCPATH . 'htmlheader.inc.php'; html_redirect("product_add.php", FALSE); } }
if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } $newuserid = mysql_insert_id(); // Create permissions (set to none) $sql = "SELECT * FROM `{$dbPermissions}`"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } while ($perm = mysql_fetch_object($result)) { $psql = "INSERT INTO `{$dbUserPermissions}` (userid, permissionid, granted) "; $psql .= "VALUES ('{$newuserid}', '{$perm->id}', 'false')"; mysql_query($psql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } } if (!$result) { echo "<p class='error'>{$strAdditionFail}</p>\n"; } else { setup_user_triggers($newuserid); trigger('TRIGGER_NEW_USER', array('userid' => $newuserid)); html_redirect("manage_users.php#userid{$newuserid}"); } clear_form_data('add_user'); clear_form_errors('add_user'); } else { html_redirect($_SERVER['PHP_SELF'], FALSE); } }
} if ($email == '') { $errors++; $_SESSION['formerrors']['add_site']['email'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strEmail}'"), E_USER_ERROR); } // add site if no errors if ($errors == 0) { if ($owner == '') { $owner = 0; } $sql = "INSERT INTO `{$dbSites}` (name, department, address1, address2, city, county, country, postcode, telephone, fax, email, websiteurl, notes, typeid, owner) "; $sql .= "VALUES ('{$name}', '{$department}' ,'{$address1}', '{$address2}', '{$city}', '{$county}', '{$country}', '{$postcode}', "; $sql .= "'{$telephone}', '{$fax}', '{$email}', '{$websiteurl}', '{$notes}', '{$typeid}','{$owner}')"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } $id = mysql_insert_id(); // show error message if addition failed if (!$result) { echo "<p class='error'>{$strAddSiteFailed}</p>\n"; } else { clear_form_data('add_site'); clear_form_errors('add_site'); trigger('TRIGGER_NEW_SITE', array('siteid' => $id, 'userid' => $sit[2])); html_redirect("site_details.php?id={$id}"); } } else { html_redirect($_SERVER['PHP_SELF'], FALSE); } }
$result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } if (mysql_num_rows($result) > 0) { list($prev_enddate) = mysql_fetch_row($result); $suggested_startdate = mysql2date($prev_enddate) + 86400; // the next day } else { $suggested_startdate = $now; // Today } if (empty($submit) or !empty($_SESSION['formerrors']['add_service'])) { include APPLICATION_INCPATH . 'htmlheader.inc.php'; echo show_form_errors('add_service'); clear_form_errors('add_service'); echo "<h2>{$strNewService}</h2>\n"; $timed = is_contract_timed($contractid); echo "<form id='serviceform' name='serviceform' action='{$_SERVER['PHP_SELF']}' method='post' onsubmit='return confirm_submit(\"{$strAreYouSureMakeTheseChanges}\");'>"; echo "<table align='center' class='vertical'>"; if ($timed) { echo "<thead>\n"; } echo "<tr><th>{$strStartDate}</th>"; echo "<td><input class='required' type='text' name='startdate' id='startdate' size='10' "; if ($_SESSION['formdata']['add_service']['startdate'] != '') { echo "value='{$_SESSION['formdata']['add_service']['startdate']}'"; } else { echo "value='" . date('Y-m-d', $suggested_startdate) . "'"; } echo "/> ";
// External variables $name = cleanvar($_REQUEST['name']); $_SESSION['formdata'] = $_REQUEST; // Add new $errors = 0; // check for blank name if ($name == '') { $errors++; $_SESSION['formerrors']['name'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strVendorName}'"), E_USER_ERROR); } // add product if no errors if ($errors == 0) { $sql = "INSERT INTO `{$dbVendors}` (name) VALUES ('{$name}')"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (!$result) { echo "<p class='error'>{$strAdditionFail}</p>\n"; } else { $id = mysql_insert_id(); journal(CFG_LOGGING_DEBUG, 'Vendor Added', "Vendor {$id} was added", CFG_JOURNAL_DEBUG, $id); html_redirect("products.php"); } clear_form_data('add_vendor'); clear_form_errors('add_vendor'); } else { include APPLICATION_INCPATH . 'htmlheader.inc.php'; html_redirect($_SERVER['PHP_SELF'], FALSE); } }
// External variables $name = cleanvar($_REQUEST['name']); $type = cleanvar($_REQUEST['type']); $trackurl = cleanvar($_REQUEST['trackurl']); $homeurl = cleanvar($_REQUEST['homeurl']); $title = cleanvar($_REQUEST['title']); $emaildomain = cleanvar($_REQUEST['emaildomain']); $_SESSION['formdata']['add_escalation_path'] = $_REQUEST; $errors = 0; if (empty($name)) { $errors++; $_SESSION['formerrors']['add_escalation_path']['name'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strName}'"), E_USER_ERROR); } if ($errors == 0) { $sql = "INSERT INTO `{$dbEscalationPaths}` (name,track_url,home_url,url_title,email_domain) VALUES "; $sql .= " ('{$name}','{$trackurl}','{$homeurl}','{$title}','{$emaildomain}')"; $result = mysql_query($sql); if (mysql_error()) { trigger_error(mysql_error(), E_USER_ERROR); } if (!$result) { $_SESSION['formerrors']['add_escalation_path']['error'] = "{$strError}: {$strFailed}"; } else { html_redirect("escalation_paths.php"); } clear_form_errors('add_escalation_path'); clear_form_data('add_escalation_path'); } else { html_redirect("escalation_path_add.php", FALSE); } }
/** * Procceses a new contact * * @author Kieran Hogg */ function process_add_contact($mode = 'internal') { global $now, $CONFIG, $dbContacts, $sit; // Add new contact // External variables $siteid = mysql_real_escape_string($_REQUEST['siteid']); $email = strtolower(cleanvar($_REQUEST['email'])); $dataprotection_email = mysql_real_escape_string($_REQUEST['dataprotection_email']); $dataprotection_phone = mysql_real_escape_string($_REQUEST['dataprotection_phone']); $dataprotection_address = mysql_real_escape_string($_REQUEST['dataprotection_address']); $username = cleanvar($_REQUEST['username']); $courtesytitle = cleanvar($_REQUEST['courtesytitle']); $forenames = cleanvar($_REQUEST['forenames']); $surname = cleanvar($_REQUEST['surname']); $jobtitle = cleanvar($_REQUEST['jobtitle']); $address1 = cleanvar($_REQUEST['address1']); $address2 = cleanvar($_REQUEST['address2']); $city = cleanvar($_REQUEST['city']); $county = cleanvar($_REQUEST['county']); if (!empty($address1)) { $country = cleanvar($_REQUEST['country']); } else { $country = ''; } $postcode = cleanvar($_REQUEST['postcode']); $phone = cleanvar($_REQUEST['phone']); $mobile = cleanvar($_REQUEST['mobile']); $fax = cleanvar($_REQUEST['fax']); $department = cleanvar($_REQUEST['department']); $notes = cleanvar($_REQUEST['notes']); $returnpage = cleanvar($_REQUEST['return']); $_SESSION['formdata']['add_contact'] = $_REQUEST; $errors = 0; // check for blank name if ($surname == '') { $errors++; $_SESSION['formerrors']['add_contact']['surname'] = $GLOBALS['strMustEnterSurname']; } // check for blank site if ($siteid == '') { $errors++; $_SESSION['formerrors']['add_contact']['siteid'] = $GLOBALS['strMustSelectCustomerSite']; } // check for blank email if ($email == '' or $email == 'none' or $email == 'n/a') { $errors++; $_SESSION['formerrors']['add_contact']['email'] = $GLOBALS['strMustEnterEmail']; } if ($siteid == 0 or $siteid == '') { $errors++; $_SESSION['formerrors']['add_contact']['siteid'] = $GLOBALS['strMustSelectSite']; } // Check this is not a duplicate $sql = "SELECT id FROM `{$dbContacts}` WHERE email='{$email}' AND LCASE(surname)=LCASE('{$surname}') LIMIT 1"; $result = mysql_query($sql); if (mysql_num_rows($result) >= 1) { $errors++; $_SESSION['formerrors']['add_contact']['duplicate'] = $GLOBALS['strContactRecordExists']; } // add contact if no errors if ($errors == 0) { if (!empty($dataprotection_email)) { $dataprotection_email = 'Yes'; } else { $dataprotection_email = 'No'; } if (!empty($dataprotection_phone)) { $dataprotection_phone = 'Yes'; } else { $dataprotection_phone = 'No'; } if (!empty($dataprotection_address)) { $dataprotection_address = 'Yes'; } else { $dataprotection_address = 'No'; } // generate username and password $username = strtolower(substr($surname, 0, strcspn($surname, " "))); $prepassword = generate_password(); $password = md5($prepassword); $sql = "INSERT INTO `{$dbContacts}` (username, password, courtesytitle, forenames, surname, jobtitle, "; $sql .= "siteid, address1, address2, city, county, country, postcode, email, phone, mobile, fax, "; $sql .= "department, notes, dataprotection_email, dataprotection_phone, dataprotection_address, "; $sql .= "timestamp_added, timestamp_modified) "; $sql .= "VALUES ('{$username}', '{$password}', '{$courtesytitle}', '{$forenames}', '{$surname}', '{$jobtitle}', "; $sql .= "'{$siteid}', '{$address1}', '{$address2}', '{$city}', '{$county}', '{$country}', '{$postcode}', '{$email}', "; $sql .= "'{$phone}', '{$mobile}', '{$fax}', '{$department}', '{$notes}', '{$dataprotection_email}', "; $sql .= "'{$dataprotection_phone}', '{$dataprotection_address}', '{$now}', '{$now}')"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } // concatenate username with insert id to make unique $newid = mysql_insert_id(); $username = $username . $newid; $sql = "UPDATE `{$dbContacts}` SET username='******' WHERE id='{$newid}'"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR); } if (!$result) { if ($mode == 'internal') { html_redirect("contact_add.php", FALSE); } else { html_redirect("addcontact.php", FALSE); } } else { clear_form_data('add_contact'); clear_form_errors('add_contact'); $sql = "SELECT username, password FROM `{$dbContacts}` WHERE id={$newid}"; $result = mysql_query($sql); if (mysql_error()) { trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING); } else { if ($CONFIG['portal'] and $_POST['emaildetails'] == 'on') { trigger('TRIGGER_NEW_CONTACT', array('contactid' => $newid, 'prepassword' => $prepassword, 'userid' => $sit[2])); } if ($returnpage == 'addincident') { html_redirect("incident_add.php?action=findcontact&contactid={$newid}"); exit; } elseif ($mode == 'internal') { html_redirect("contact_details.php?id={$newid}"); exit; } else { html_redirect("contactdetails.php?id={$newid}"); exit; } } } } else { if ($mode == 'internal') { html_redirect('contact_add.php', FALSE); } else { html_redirect('addcontact.php', FALSE); } } }
} if ($addition_errors == 1) { // show addition error message include APPLICATION_INCPATH . 'htmlheader.inc.php'; echo $addition_errors_string; include APPLICATION_INCPATH . 'htmlfooter.inc.php'; } else { // show success message $id = mysql_insert_id(); journal(CFG_LOGGING_NORMAL, 'Reseller Added', "Reseller {$id} Added", CFG_JOURNAL_MAINTENANCE, $id); clear_form_errors('formerrors'); html_redirect("main.php"); } } break; default: $title = $strAddReseller; include APPLICATION_INCPATH . 'htmlheader.inc.php'; echo show_form_errors('add_reseller'); clear_form_errors('formerrors'); echo "<h2>{$strAddReseller}</h2>"; echo "<p align='center'>" . sprintf($strMandatoryMarked, "<sup class='red'>*</sup>") . "</p>"; echo "<form action='{$_SERVER['PHP_SELF']}?action=add' method='post' onsubmit=\"return confirm_action('{$strAreYouSureAdd}')\">"; echo "<table align='center' class='vertical'>"; echo "<tr><th>{$strName}: <sup class='red'>*</sup></th><td><input type='text' name='reseller_name' /></td></tr>"; echo "</table>"; echo "<p align='center'><input name='submit' type='submit' value='{$strAddReseller}' /></p>"; echo "</form>"; include APPLICATION_INCPATH . 'htmlfooter.inc.php'; break; }