// This Page Is Valid XHTML 1.0 Transitional! 24May2009
$permission = 39;
// Add Maintenance Contract
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
// This page requires authentication
require APPLICATION_LIBPATH . 'auth.inc.php';
$title = $strAddContract;
// External variables
$action = $_REQUEST['action'];
$siteid = cleanvar($_REQUEST['siteid']);
// Show add maintenance form
if ($action == "showform" or $action == '') {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo show_form_errors('add_contract');
clear_form_errors('add_contract');
echo "<h2>" . icon('contract', 32) . " ";
echo "{$strAddContract}</h2>";
echo "<form id='add_contract' name='add_contract' action='{$_SERVER['PHP_SELF']}?action=add' method='post' onsubmit='return confirm_action(\"{$strAreYouSureAdd}\");'>";
echo "<table align='center' class='vertical'>";
echo "<thead>";
echo "<tr><th>{$strSite}</th><td>";
if ($_SESSION['formdata']['add_contract']['site'] != '') {
echo site_drop_down("site", $_SESSION['formdata']['add_contract']['site'], TRUE);
} else {
echo site_drop_down("site", $siteid, TRUE);
}
echo " <span class='required'>{$strRequired}</span></td></tr>\n";
echo "<tr><th>{$strContacts}</th><td>";
echo "<input value='amount' type='radio' name='contacts' checked='checked' />";
echo "{$strLimitTo} <input size='2' name='numcontacts' ";
$_SESSION['formdata']['role_edit'] = $_REQUEST;
if (empty($rolename)) {
$errors++;
$_SESSION['formerrors']['role_edit']['rolename'] = sprintf($strFieldMustNotBeBlank, $strName);
}
$sql = "SELECT * FROM `{$dbRoles}` WHERE rolename = '{$rolename}' AND id != {$roleid}";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (mysql_num_rows($result) > 0) {
$errors++;
$_SESSION['formerrors']['role_edit']['duplicaterole'] = "{$strADuplicateAlreadyExists}</p>\n";
}
if ($errors == 0) {
clear_form_data('role_add');
clear_form_errors('role_add');
$sql = "UPDATE `{$dbRoles}` SET rolename = '{$rolename}', description = '{$description}' WHERE id = {$roleid}";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (mysql_affected_rows() > 0) {
html_redirect("role.php?roleid={$roleid}", TRUE);
} else {
html_redirect($_SESSION['PHP_SELF'], FALSE);
}
} else {
html_redirect($_SESSION['PHP_SELF'], FALSE);
}
}
// Author: Ivan Lucas <ivanlucas[at]users.sourceforge.net>
$permission = 22;
// Administrate
require 'core.php';
require APPLICATION_LIBPATH . 'functions.inc.php';
// This page requires authentication
require APPLICATION_LIBPATH . 'auth.inc.php';
// External variables
$tag = mysql_real_escape_string($_REQUEST['tag']);
$priority = mysql_real_escape_string($_REQUEST['priority']);
$action = $_REQUEST['action'];
if (empty($action) or $action == "showform") {
$title = $strAddServiceLevel;
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo show_form_errors('add_servicelevel');
clear_form_errors('add_servicelevel');
if (empty($_SESSION['formdata']['add_servicelevel']['low_initial_response_mins'])) {
$_SESSION['formdata']['add_servicelevel']['low_initial_response_mins'] = 320;
}
if (empty($_SESSION['formdata']['add_servicelevel']['low_prob_determ_mins'])) {
$_SESSION['formdata']['add_servicelevel']['low_prob_determ_mins'] = 380;
}
if (empty($_SESSION['formdata']['add_servicelevel']['low_action_plan_mins'])) {
$_SESSION['formdata']['add_servicelevel']['low_action_plan_mins'] = 960;
}
if (empty($_SESSION['formdata']['add_servicelevel']['low_resolution_days'])) {
$_SESSION['formdata']['add_servicelevel']['low_resolution_days'] = 14;
}
if (empty($_SESSION['formdata']['add_servicelevel']['low_review_days'])) {
$_SESSION['formdata']['add_servicelevel']['low_review_days'] = 28;
}
/**
* Update page
*/
function display_update_page($draftid = -1)
{
global $id;
global $incidentid;
global $action;
global $CONFIG;
global $iconset;
global $now;
global $dbDrafts;
global $sit;
if ($draftid != -1) {
$draftsql = "SELECT * FROM `{$dbDrafts}` WHERE id = {$draftid}";
$draftresult = mysql_query($draftsql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_WARNING);
}
$draftobj = mysql_fetch_object($draftresult);
$metadata = explode("|", $draftobj->meta);
}
// No update body text detected show update form
?>
<script type="text/javascript">
<!--
function deleteOption(object) {
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
function notarget(object)
{
// remove last option
var length = object.updatetype.length;
if (length > 6)
{
object.updatetype.selectedIndex=6;
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
object.priority.value=object.storepriority.value;
//object.priority.disabled=true;
object.priority.disabled=false;
object.updatetype.selectedIndex=0;
object.updatetype.disabled=false;
}
function initialresponse(object)
{
// remove last option
var length = object.updatetype.length;
if (length > 6)
{
object.updatetype.selectedIndex=6;
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
object.priority.value=object.storepriority.value;
object.priority.disabled=true;
object.updatetype.selectedIndex=0;
object.updatetype.disabled=false;
}
function actionplan(object)
{
// remove last option
var length = object.updatetype.length;
if (length > 6)
{
object.updatetype.selectedIndex=6;
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
var defaultSelected = true;
var selected = true;
var optionName = new Option('Action Plan', 'actionplan', defaultSelected, selected)
var length = object.updatetype.length;
object.updatetype.options[length] = optionName;
object.priority.value=object.storepriority.value;
object.priority.disabled=true;
object.updatetype.disabled=true;
}
function reprioritise(object)
{
// remove last option
var length = object.updatetype.length;
if (length > 6)
{
object.updatetype.selectedIndex=6;
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
// add new option
var defaultSelected = true;
var selected = true;
var optionName = new Option('Reprioritise', 'solution', defaultSelected, selected)
var length = object.updatetype.length;
object.updatetype.options[length] = optionName;
object.priority.disabled=false;
document.updateform.priority.disabled=false;
object.updatetype.disabled=true;
}
function probdef(object)
{
// remove last option
var length = object.updatetype.length;
if (length > 6)
{
object.updatetype.selectedIndex=6;
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current] = null;
}
var defaultSelected = true;
var selected = true;
var optionName = new Option('Problem Definition', 'probdef', defaultSelected, selected)
var length = object.updatetype.length;
object.updatetype.options[length] = optionName;
object.priority.value=object.storepriority.value;
object.priority.disabled=true;
object.updatetype.disabled=true;
}
function replaceOption(object) {
var Current = object.updatetype.selectedIndex;
object.updatetype.options[Current].text = object.currentText.value;
object.updatetype.options[Current].value = object.currentText.value;
}
<?php
echo "var draftid = {$draftid}";
?>
// Auto save
function save_content(){
var xmlhttp=false;
if (!xmlhttp && typeof XMLHttpRequest!='undefined') {
try {
xmlhttp = new XMLHttpRequest();
} catch (e) {
xmlhttp=false;
}
}
if (!xmlhttp && window.createRequest) {
try {
xmlhttp = window.createRequest();
} catch (e) {
xmlhttp=false;
}
}
var toPass = $('updatelog').value;
//alert(toPass.value);
var meta = $('target').value+"|"+$('updatetype').value+"|"+$('cust_vis').checked+"|";
meta += $('priority').value+"|"+$('newstatus').value+"|"+$('nextaction').value+"|";
if (toPass != '')
{
// xmlhttp.open("GET", "ajaxdata.php?action=auto_save&userid="+<?php
echo $_SESSION['userid'];
?>
+"&type=update&incidentid="+<?php
echo $id;
?>
+"&draftid="+draftid+"&meta="+meta+"&content="+escape(toPass), true);
var url = "ajaxdata.php";
var params = "action=auto_save&userid="+<?php
echo $_SESSION['userid'];
?>
+"&type=update&incidentid="+<?php
echo $id;
?>
+"&draftid="+draftid+"&meta="+meta+"&content="+escape(toPass);
xmlhttp.open("POST", url, true)
xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
xmlhttp.setRequestHeader("Content-length", params.length);
xmlhttp.setRequestHeader("Connection", "close");
xmlhttp.onreadystatechange=function() {
//remove this in the future after testing
if (xmlhttp.readyState==4) {
if (xmlhttp.responseText != ''){
//alert(xmlhttp.responseText);
if (draftid == -1)
{
draftid = xmlhttp.responseText;
$('draftid').value = draftid;
}
var currentTime = new Date();
var hours = currentTime.getHours();
var minutes = currentTime.getMinutes();
if (minutes < 10)
{
minutes = "0"+minutes;
}
var seconds = currentTime.getSeconds();
if (seconds < 10)
{
seconds = "0"+seconds;
}
$('updatestr').innerHTML = '<?php
echo "<a href=\"javascript:save_content();\">" . icon('save', 16, $GLOBALS['strSaveDraft']) . "</a> " . icon('info', 16, $GLOBALS['strDraftLastSaved']) . " ";
?>
' + hours + ':' + minutes + ':' + seconds;
}
}
}
xmlhttp.send(params);
}
}
setInterval("save_content()", 10000); //every 10 seconds
//-->
</script>
<?php
echo show_form_errors('update');
clear_form_errors('update');
//echo "<form action='".$_SERVER['PHP_SELF']."?id={$id}&draftid={$draftid}' method='post' name='updateform' id='updateform' enctype='multipart/form-data'>";
echo "<form action='" . $_SERVER['PHP_SELF'] . "?id={$id}' method='post' name='updateform' id='updateform' enctype='multipart/form-data'>";
echo "<table class='vertical'>";
echo "<tr>";
echo "<th align='right' width='20%;'>{$GLOBALS['strSLATarget']}";
echo icon('sla', 16) . "</th>";
echo "<td class='shade2'>";
$target = incident_get_next_target($id);
$targetNone = '';
$targetInitialresponse = '';
$targetProbdef = '';
$targetActionplan = '';
$targetSolution = '';
$typeResearch = '';
$typeEmailin = '';
$typeEmailout = '';
$typePhonecallin = '';
$typePhonecallout = '';
$typeExternalinfo = '';
$typeReviewmet = '';
if (!empty($metadata)) {
switch ($metadata[0]) {
case 'none':
$targetNone = " SELECTED ";
break;
case 'initialresponse':
$targetInitialresponse = " SELECTED ";
break;
case 'probdef':
$targetProbdef = " SELECTED ";
break;
case 'actionplan':
$targetActionplan = " SELECTED ";
break;
case 'solution':
$targetSolution = " SELECTED ";
break;
}
switch ($metadata[1]) {
case 'research':
$typeResearch = " SELECTED ";
break;
case 'emailin':
$typeEmailin = " SELECTED ";
break;
case 'emailout':
$typeEmailout = " SELECTED ";
break;
case 'phonecallin':
$typePhonecallin = " SELECTED ";
break;
case 'phonecallout':
$typePhonecallout = " SELECTED ";
break;
case 'externalinfo':
$typeExternalinfo = " SELECTED ";
break;
case 'reviewmet':
$typeReviewmet = " SELECTED ";
break;
}
}
echo "<select name='target' id='target' class='dropdown'>\n";
echo "<option value='none' {$targetNone} onclick='notarget(this.form)'>{$GLOBALS['strNone']}</option>\n";
switch ($target->type) {
case 'initialresponse':
echo "<option value='initialresponse' {$targetInitialresponse} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/initialresponse.png); background-repeat: no-repeat;' onclick='initialresponse(this.form)' >{$GLOBALS['strInitialResponse']}</option>\n";
echo "<option value='probdef' {$targetProbdef} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/probdef.png); background-repeat: no-repeat;' onclick='probdef(this.form)'>{$GLOBALS['strProblemDefinition']}</option>\n";
echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n";
echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n";
break;
case 'probdef':
echo "<option value='probdef' {$targetProbdef} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/probdef.png); background-repeat: no-repeat;' onclick='probdef(this.form)'>{$GLOBALS['strProblemDefinition']}</option>\n";
echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n";
echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n";
break;
case 'actionplan':
echo "<option value='actionplan' {$targetActionplan} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/actionplan.png); background-repeat: no-repeat;' onclick='actionplan(this.form)'>{$GLOBALS['strActionPlan']}</option>\n";
echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n";
break;
case 'solution':
echo "<option value='solution' {$targetSolution} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/solution.png); background-repeat: no-repeat;' onclick='reprioritise(this.form)'>{$GLOBALS['strResolutionReprioritisation']}</option>\n";
break;
}
echo "</select>\n";
echo "</td></tr>\n";
echo "<tr><th align='right'>{$GLOBALS['strUpdateType']}</th>";
echo "<td class='shade1'>";
echo "<select name='updatetype' id='updatetype' class='dropdown'>";
/*
if ($target->type!='actionplan' && $target->type!='solution')
echo "<option value='probdef'>Problem Definition</option>\n";
if ($target->type!='solution')
echo "<option value='actionplan'>Action Plan</option>\n";
*/
echo "<option value='research' {$typeResearch} selected='selected' style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/research.png); background-repeat: no-repeat;'>{$GLOBALS['strResearchNotes']}</option>\n";
echo "<option value='emailin' {$typeEmailin} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/emailin.png); background-repeat: no-repeat;'>{$GLOBALS['strEmailFromCustomer']}</option>\n";
echo "<option value='emailout' {$typeEmailout} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/emailout.png); background-repeat: no-repeat;'>{$GLOBALS['strEmailToCustomer']}</option>\n";
echo "<option value='phonecallin' {$typePhonecallin} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/callin.png); background-repeat: no-repeat;'>{$GLOBALS['strCallFromCustomer']}</option>\n";
echo "<option value='phonecallout' {$typePhonecallout} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/callout.png); background-repeat: no-repeat;'>{$GLOBALS['strCallToCustomer']}</option>\n";
echo "<option value='externalinfo' {$typeExternalinfo} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/externalinfo.png); background-repeat: no-repeat;'>{$GLOBALS['strExternalInfo']}</option>\n";
echo "<option value='reviewmet' {$typeReviewmet} style='text-indent: 15px; height: 17px; background-image: url({$CONFIG['application_webpath']}images/icons/{$iconset}/16x16/review.png); background-repeat: no-repeat;'>{$GLOBALS['strReview']}</option>\n";
echo "</select>";
echo "</td>";
echo "</tr>";
echo "<tr>";
echo "<th align='right'>{$GLOBALS['strUpdate']}<br />";
echo "<span class='required'>{$GLOBALS['strRequired']}</span></th>";
echo "<td class='shade1'>";
$checkbox = '';
if (!empty($metadata)) {
if ($metadata[2] == "true") {
$checkbox = "checked='checked'";
}
} else {
$checkbox = "checked='checked'";
}
echo "<label><input type='checkbox' name='cust_vis' id='cust_vis' ";
echo "{$checkbox} value='yes' /> {$GLOBALS['strMakeVisibleInPortal']}<label><br />";
echo bbcode_toolbar('updatelog');
echo "<textarea name='bodytext' id='updatelog' rows='13' cols='50'>";
if ($draftid != -1) {
echo $draftobj->content;
}
echo "</textarea>";
echo "<div id='updatestr'><a href='javascript:save_content();'>" . icon('save', 16, $GLOBALS['strSaveDraft']) . "</a></div>";
echo "</td></tr>";
if ($target->type == 'initialresponse') {
$disable_priority = TRUE;
} else {
$disable_priority = FALSE;
}
echo "<tr><th align='right'>{$GLOBALS['strNewPriority']}</th>";
echo "<td class='shade1'>";
// // FIXME fix maximum priority
// $servicelevel=maintenance_servicelevel(incident_maintid($id));
// if ($servicelevel == 2 || $servicelevel == 5) $maxpriority = 4;
// else $maxpriority = 3;
$maxpriority = 4;
$setPriorityTo = incident_priority($id);
if (!empty($metadata)) {
$setPriorityTo = $metadata[3];
}
echo priority_drop_down("newpriority", $setPriorityTo, $maxpriority, $disable_priority);
//id='priority
echo "</td></tr>\n";
echo "<tr>";
echo "<th align='right'>{$GLOBALS['strNewStatus']}</th>";
$setStatusTo = incident_status($id);
$disabled = FALSE;
//we do this so if you update another user's incident, it defaults to active
if ($sit[2] != incident_owner($incidentid)) {
$setStatusTo = '0';
} elseif (!empty($metadata)) {
$setStatusTo = $metadata[4];
}
echo "<td class='shade1'>" . incidentstatus_drop_down("newstatus", $setStatusTo) . "</td>";
echo "</tr>";
echo "<tr>";
echo "<th align='right'>{$GLOBALS['strNextAction']}</th>";
$nextAction = '';
if (!empty($metadata)) {
$nextAction = $metadata[5];
}
echo "<td class='shade2'><input type='text' name='nextaction' ";
echo "id='nextaction' maxlength='50' size='30' value='{$nextAction}' /></td></tr>";
echo "<tr>";
echo "<th align='right'>";
echo "<strong>{$GLOBALS['strTimeToNextAction']}</strong></th>";
echo "<td class='shade2'>";
echo show_next_action();
echo "</td></tr>";
echo "<tr>";
// calculate upload filesize
$att_file_size = readable_file_size($CONFIG['upload_max_filesize']);
echo "<th align='right'>{$GLOBALS['strAttachFile']}";
echo " (<{$att_file_size})</th>";
echo "<td class='shade1'><input type='hidden' name='MAX_FILE_SIZE' value='{$CONFIG['upload_max_filesize']}' />";
echo "<input type='file' name='attachment' size='40' maxfilesize='{$CONFIG['upload_max_filesize']}' /></td>";
echo "</tr>";
echo "</table>";
echo "<p class='center'>";
echo "<input type='hidden' name='action' value='update' />";
if ($draftid == -1) {
$localdraft = '';
} else {
$localdraft = $draftid;
}
echo "<input type='hidden' name='draftid' id='draftid' value='{$localdraft}' />";
echo "<input type='hidden' name='storepriority' value='" . incident_priority($id) . "' />";
echo "<input type='submit' name='submit' value='{$GLOBALS['strUpdateIncident']}' /></p>";
echo "</form>";
}
$errors = 0;
// check for blank name
if ($name == '') {
$errors++;
$_SESSION['formerrors']['add_product']['name'] = sprintf($strFieldMustNotBeBlank, $strProduct);
}
if ($vendor == '' or $vendor == "0") {
$errors++;
$_SESSION['formerrors']['add_product']['vendor'] = sprintf($strFieldMustNotBeBlank, $strVendor);
}
// add product if no errors
if ($errors == 0) {
$sql = "INSERT INTO `{$dbProducts}` (name, vendorid, description) VALUES ('{$name}', '{$vendor}', '{$description}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (!$result) {
echo "<p class='error'>" . sprintf($strAddXfailed, $strProduct) . "\n";
} else {
$id = mysql_insert_id();
journal(CFG_LOGGING_NORMAL, 'Product Added', "Product {$id} was added", CFG_JOURNAL_PRODUCTS, $id);
html_redirect("products.php");
}
clear_form_errors('add_product');
clear_form_data('add_product');
} else {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
html_redirect("product_add.php", FALSE);
}
}
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
$newuserid = mysql_insert_id();
// Create permissions (set to none)
$sql = "SELECT * FROM `{$dbPermissions}`";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
while ($perm = mysql_fetch_object($result)) {
$psql = "INSERT INTO `{$dbUserPermissions}` (userid, permissionid, granted) ";
$psql .= "VALUES ('{$newuserid}', '{$perm->id}', 'false')";
mysql_query($psql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
}
if (!$result) {
echo "<p class='error'>{$strAdditionFail}</p>\n";
} else {
setup_user_triggers($newuserid);
trigger('TRIGGER_NEW_USER', array('userid' => $newuserid));
html_redirect("manage_users.php#userid{$newuserid}");
}
clear_form_data('add_user');
clear_form_errors('add_user');
} else {
html_redirect($_SERVER['PHP_SELF'], FALSE);
}
}
}
if ($email == '') {
$errors++;
$_SESSION['formerrors']['add_site']['email'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strEmail}'"), E_USER_ERROR);
}
// add site if no errors
if ($errors == 0) {
if ($owner == '') {
$owner = 0;
}
$sql = "INSERT INTO `{$dbSites}` (name, department, address1, address2, city, county, country, postcode, telephone, fax, email, websiteurl, notes, typeid, owner) ";
$sql .= "VALUES ('{$name}', '{$department}' ,'{$address1}', '{$address2}', '{$city}', '{$county}', '{$country}', '{$postcode}', ";
$sql .= "'{$telephone}', '{$fax}', '{$email}', '{$websiteurl}', '{$notes}', '{$typeid}','{$owner}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
$id = mysql_insert_id();
// show error message if addition failed
if (!$result) {
echo "<p class='error'>{$strAddSiteFailed}</p>\n";
} else {
clear_form_data('add_site');
clear_form_errors('add_site');
trigger('TRIGGER_NEW_SITE', array('siteid' => $id, 'userid' => $sit[2]));
html_redirect("site_details.php?id={$id}");
}
} else {
html_redirect($_SERVER['PHP_SELF'], FALSE);
}
}
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
}
if (mysql_num_rows($result) > 0) {
list($prev_enddate) = mysql_fetch_row($result);
$suggested_startdate = mysql2date($prev_enddate) + 86400;
// the next day
} else {
$suggested_startdate = $now;
// Today
}
if (empty($submit) or !empty($_SESSION['formerrors']['add_service'])) {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo show_form_errors('add_service');
clear_form_errors('add_service');
echo "<h2>{$strNewService}</h2>\n";
$timed = is_contract_timed($contractid);
echo "<form id='serviceform' name='serviceform' action='{$_SERVER['PHP_SELF']}' method='post' onsubmit='return confirm_submit(\"{$strAreYouSureMakeTheseChanges}\");'>";
echo "<table align='center' class='vertical'>";
if ($timed) {
echo "<thead>\n";
}
echo "<tr><th>{$strStartDate}</th>";
echo "<td><input class='required' type='text' name='startdate' id='startdate' size='10' ";
if ($_SESSION['formdata']['add_service']['startdate'] != '') {
echo "value='{$_SESSION['formdata']['add_service']['startdate']}'";
} else {
echo "value='" . date('Y-m-d', $suggested_startdate) . "'";
}
echo "/> ";
// External variables
$name = cleanvar($_REQUEST['name']);
$_SESSION['formdata'] = $_REQUEST;
// Add new
$errors = 0;
// check for blank name
if ($name == '') {
$errors++;
$_SESSION['formerrors']['name'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strVendorName}'"), E_USER_ERROR);
}
// add product if no errors
if ($errors == 0) {
$sql = "INSERT INTO `{$dbVendors}` (name) VALUES ('{$name}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (!$result) {
echo "<p class='error'>{$strAdditionFail}</p>\n";
} else {
$id = mysql_insert_id();
journal(CFG_LOGGING_DEBUG, 'Vendor Added', "Vendor {$id} was added", CFG_JOURNAL_DEBUG, $id);
html_redirect("products.php");
}
clear_form_data('add_vendor');
clear_form_errors('add_vendor');
} else {
include APPLICATION_INCPATH . 'htmlheader.inc.php';
html_redirect($_SERVER['PHP_SELF'], FALSE);
}
}
// External variables
$name = cleanvar($_REQUEST['name']);
$type = cleanvar($_REQUEST['type']);
$trackurl = cleanvar($_REQUEST['trackurl']);
$homeurl = cleanvar($_REQUEST['homeurl']);
$title = cleanvar($_REQUEST['title']);
$emaildomain = cleanvar($_REQUEST['emaildomain']);
$_SESSION['formdata']['add_escalation_path'] = $_REQUEST;
$errors = 0;
if (empty($name)) {
$errors++;
$_SESSION['formerrors']['add_escalation_path']['name'] = user_alert(sprintf($strFieldMustNotBeBlank, "'{$strName}'"), E_USER_ERROR);
}
if ($errors == 0) {
$sql = "INSERT INTO `{$dbEscalationPaths}` (name,track_url,home_url,url_title,email_domain) VALUES ";
$sql .= " ('{$name}','{$trackurl}','{$homeurl}','{$title}','{$emaildomain}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error(mysql_error(), E_USER_ERROR);
}
if (!$result) {
$_SESSION['formerrors']['add_escalation_path']['error'] = "{$strError}: {$strFailed}";
} else {
html_redirect("escalation_paths.php");
}
clear_form_errors('add_escalation_path');
clear_form_data('add_escalation_path');
} else {
html_redirect("escalation_path_add.php", FALSE);
}
}
/**
* Procceses a new contact
*
* @author Kieran Hogg
*/
function process_add_contact($mode = 'internal')
{
global $now, $CONFIG, $dbContacts, $sit;
// Add new contact
// External variables
$siteid = mysql_real_escape_string($_REQUEST['siteid']);
$email = strtolower(cleanvar($_REQUEST['email']));
$dataprotection_email = mysql_real_escape_string($_REQUEST['dataprotection_email']);
$dataprotection_phone = mysql_real_escape_string($_REQUEST['dataprotection_phone']);
$dataprotection_address = mysql_real_escape_string($_REQUEST['dataprotection_address']);
$username = cleanvar($_REQUEST['username']);
$courtesytitle = cleanvar($_REQUEST['courtesytitle']);
$forenames = cleanvar($_REQUEST['forenames']);
$surname = cleanvar($_REQUEST['surname']);
$jobtitle = cleanvar($_REQUEST['jobtitle']);
$address1 = cleanvar($_REQUEST['address1']);
$address2 = cleanvar($_REQUEST['address2']);
$city = cleanvar($_REQUEST['city']);
$county = cleanvar($_REQUEST['county']);
if (!empty($address1)) {
$country = cleanvar($_REQUEST['country']);
} else {
$country = '';
}
$postcode = cleanvar($_REQUEST['postcode']);
$phone = cleanvar($_REQUEST['phone']);
$mobile = cleanvar($_REQUEST['mobile']);
$fax = cleanvar($_REQUEST['fax']);
$department = cleanvar($_REQUEST['department']);
$notes = cleanvar($_REQUEST['notes']);
$returnpage = cleanvar($_REQUEST['return']);
$_SESSION['formdata']['add_contact'] = $_REQUEST;
$errors = 0;
// check for blank name
if ($surname == '') {
$errors++;
$_SESSION['formerrors']['add_contact']['surname'] = $GLOBALS['strMustEnterSurname'];
}
// check for blank site
if ($siteid == '') {
$errors++;
$_SESSION['formerrors']['add_contact']['siteid'] = $GLOBALS['strMustSelectCustomerSite'];
}
// check for blank email
if ($email == '' or $email == 'none' or $email == 'n/a') {
$errors++;
$_SESSION['formerrors']['add_contact']['email'] = $GLOBALS['strMustEnterEmail'];
}
if ($siteid == 0 or $siteid == '') {
$errors++;
$_SESSION['formerrors']['add_contact']['siteid'] = $GLOBALS['strMustSelectSite'];
}
// Check this is not a duplicate
$sql = "SELECT id FROM `{$dbContacts}` WHERE email='{$email}' AND LCASE(surname)=LCASE('{$surname}') LIMIT 1";
$result = mysql_query($sql);
if (mysql_num_rows($result) >= 1) {
$errors++;
$_SESSION['formerrors']['add_contact']['duplicate'] = $GLOBALS['strContactRecordExists'];
}
// add contact if no errors
if ($errors == 0) {
if (!empty($dataprotection_email)) {
$dataprotection_email = 'Yes';
} else {
$dataprotection_email = 'No';
}
if (!empty($dataprotection_phone)) {
$dataprotection_phone = 'Yes';
} else {
$dataprotection_phone = 'No';
}
if (!empty($dataprotection_address)) {
$dataprotection_address = 'Yes';
} else {
$dataprotection_address = 'No';
}
// generate username and password
$username = strtolower(substr($surname, 0, strcspn($surname, " ")));
$prepassword = generate_password();
$password = md5($prepassword);
$sql = "INSERT INTO `{$dbContacts}` (username, password, courtesytitle, forenames, surname, jobtitle, ";
$sql .= "siteid, address1, address2, city, county, country, postcode, email, phone, mobile, fax, ";
$sql .= "department, notes, dataprotection_email, dataprotection_phone, dataprotection_address, ";
$sql .= "timestamp_added, timestamp_modified) ";
$sql .= "VALUES ('{$username}', '{$password}', '{$courtesytitle}', '{$forenames}', '{$surname}', '{$jobtitle}', ";
$sql .= "'{$siteid}', '{$address1}', '{$address2}', '{$city}', '{$county}', '{$country}', '{$postcode}', '{$email}', ";
$sql .= "'{$phone}', '{$mobile}', '{$fax}', '{$department}', '{$notes}', '{$dataprotection_email}', ";
$sql .= "'{$dataprotection_phone}', '{$dataprotection_address}', '{$now}', '{$now}')";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
// concatenate username with insert id to make unique
$newid = mysql_insert_id();
$username = $username . $newid;
$sql = "UPDATE `{$dbContacts}` SET username='******' WHERE id='{$newid}'";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_ERROR);
}
if (!$result) {
if ($mode == 'internal') {
html_redirect("contact_add.php", FALSE);
} else {
html_redirect("addcontact.php", FALSE);
}
} else {
clear_form_data('add_contact');
clear_form_errors('add_contact');
$sql = "SELECT username, password FROM `{$dbContacts}` WHERE id={$newid}";
$result = mysql_query($sql);
if (mysql_error()) {
trigger_error("MySQL Query Error " . mysql_error(), E_USER_WARNING);
} else {
if ($CONFIG['portal'] and $_POST['emaildetails'] == 'on') {
trigger('TRIGGER_NEW_CONTACT', array('contactid' => $newid, 'prepassword' => $prepassword, 'userid' => $sit[2]));
}
if ($returnpage == 'addincident') {
html_redirect("incident_add.php?action=findcontact&contactid={$newid}");
exit;
} elseif ($mode == 'internal') {
html_redirect("contact_details.php?id={$newid}");
exit;
} else {
html_redirect("contactdetails.php?id={$newid}");
exit;
}
}
}
} else {
if ($mode == 'internal') {
html_redirect('contact_add.php', FALSE);
} else {
html_redirect('addcontact.php', FALSE);
}
}
}
}
if ($addition_errors == 1) {
// show addition error message
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo $addition_errors_string;
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
} else {
// show success message
$id = mysql_insert_id();
journal(CFG_LOGGING_NORMAL, 'Reseller Added', "Reseller {$id} Added", CFG_JOURNAL_MAINTENANCE, $id);
clear_form_errors('formerrors');
html_redirect("main.php");
}
}
break;
default:
$title = $strAddReseller;
include APPLICATION_INCPATH . 'htmlheader.inc.php';
echo show_form_errors('add_reseller');
clear_form_errors('formerrors');
echo "<h2>{$strAddReseller}</h2>";
echo "<p align='center'>" . sprintf($strMandatoryMarked, "<sup class='red'>*</sup>") . "</p>";
echo "<form action='{$_SERVER['PHP_SELF']}?action=add' method='post' onsubmit=\"return confirm_action('{$strAreYouSureAdd}')\">";
echo "<table align='center' class='vertical'>";
echo "<tr><th>{$strName}: <sup class='red'>*</sup></th><td><input type='text' name='reseller_name' /></td></tr>";
echo "</table>";
echo "<p align='center'><input name='submit' type='submit' value='{$strAddReseller}' /></p>";
echo "</form>";
include APPLICATION_INCPATH . 'htmlfooter.inc.php';
break;
}
