header("Location:index.php?inc=manage_cases");
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
$query = "insert into cases (c_name, c_desc, c_result, c_status, c_global) values ('" . escapeChars($c_name) . "','" . stripbr(escapeChars($ta)) . "','" . stripbr(escapeChars($ta2)) . "','" . escapeChars($c_status) . "','" . escapeChars($c_global) . "')";
mysql_query($query) or die(mysql_error());
$c_id = mysql_insert_id();
//header("Location:index.php?inc=manage_cases");
}
if ($action == "update" && $c_id != "") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
$query = "update cases set c_name='" . escapeChars($c_name) . "', c_desc='" . stripbr(escapeChars($ta)) . "', c_result='" . stripbr(escapeChars($ta2)) . "', c_status='" . escapeChars($c_status) . "', c_global='" . escapeChars($c_global) . "' where c_id=" . $c_id;
mysql_query($query) or die(mysql_error());
//header("Location:index.php?inc=manage_cases");
}
// if ($what=="projects_list" && $c_id!="")
if ($action != "") {
$query = "delete from project_cases where pc_c_id=" . $c_id;
mysql_query($query) or die(mysql_error());
$list = explode(",", substr($projects_list, 1));
if ($projects_list != "") {
while (list($key, $val) = each($list)) {
$query = "insert into project_cases (pc_c_id, pc_p_id) values ('" . $c_id . "','" . $val . "')";
mysql_query($query) or die(mysql_error());
}
}
//header("Location:index.php?inc=manage_cases");
$query = "delete from reviews where r_id=" . $r_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_reviews");
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "insert into reviews (r_name, r_desc, r_date, r_status, r_p_id) values ('" . escapeChars($r_name) . "','" . stripbr(escapeChars($ta)) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . escapeChars($r_status) . "','" . escapeChars($r_p_id) . "')";
mysql_query($query) or die(mysql_error());
$r_id = mysql_insert_id();
//header("Location:index.php?inc=manage_projects");
}
if ($action == "update" && $r_id != "") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "update reviews set r_name='" . escapeChars($r_name) . "', r_desc='" . stripbr(escapeChars($ta)) . "', r_status='" . escapeChars($r_status) . "', r_p_id='" . escapeChars($r_p_id) . "' where r_id=" . $r_id;
mysql_query($query) or die(mysql_error());
//header("Location:index.php?inc=manage_projects");
}
if ($action != "") {
$query = "delete from review_users where ru_r_id=" . $r_id;
mysql_query($query) or die(mysql_error());
$list = explode(",", substr($users_list, 1));
if ($users_list != "") {
while (list($key, $val) = each($list)) {
$query = "insert into review_users (ru_r_id, ru_u_id) values ('" . $r_id . "','" . $val . "')";
mysql_query($query) or die(mysql_error());
}
}
//header("Location:index.php?inc=manage_projects");
}
<meta name="keywords" content="<?php
echo $lng[1][3];
?>
"/>
<title><?php
echo $lng[1][1];
?>
</title>
<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">
<?php
if ($action == "add") {
$query = "insert into glossary (g_name, g_term, g_abbreviation, g_desc, g_global) values ('" . escapeChars($g_name) . "','" . escapeChars($g_term) . "','" . escapeChars($g_abbreviation) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($g_global) . "')";
mysql_query($query) or die(mysql_error());
$g_id = mysql_insert_id();
$query = "insert into project_glossary (pg_p_id, pg_g_id) values ('" . $p_id . "','" . $g_id . "')";
mysql_query($query) or die(mysql_error());
?>
<script>
<?php
if ($where != "1") {
?>
opener.change_select();
opener.document.forms['edit'].r_glossary.value+=<?php
echo $g_id;
?>
+",";
opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
?>
"/>
<title><?php
echo $lng[1][1];
?>
</title>
<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">
<?php
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "insert into subprojects (s_name, s_desc, s_p_id) values ('" . escapeChars($s_name) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($p_id) . "')";
mysql_query($query) or die(mysql_error());
$s_id = mysql_insert_id();
?>
<script>
<?php
if ($where != "1") {
?>
opener.change_select();
opener.document.forms['edit'].r_s_id_tmp.value='<?php
echo $s_id;
?>
';
opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
opener.document.forms['edit'].submit();
self.close();
$query = "delete from glossary where g_id=" . $g_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_glossary");
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "insert into glossary (g_name, g_term, g_abbreviation, g_desc,g_global) values ('" . escapeChars($g_name) . "','" . escapeChars($g_term) . "','" . escapeChars($g_abbreviation) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($g_global) . "')";
mysql_query($query) or die(mysql_error());
$g_id = mysql_insert_id();
header("Location:index.php?inc=manage_glossary");
}
if ($action == "update" && $g_id != "") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "update glossary set g_name='" . escapeChars($g_name) . "', g_term='" . escapeChars($g_term) . "', g_abbreviation='" . escapeChars($g_abbreviation) . "', g_desc='" . stripbr(escapeChars($ta)) . "', g_global='" . escapeChars($g_global) . "' where g_id=" . $g_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_glossary");
}
if ($g_id != "") {
$query = "select * from glossary where g_id=" . $g_id;
$rs = mysql_query($query) or die(mysql_error());
if ($row = mysql_fetch_array($rs)) {
$g_name = htmlspecialchars($row['g_name']);
$g_term = htmlspecialchars($row['g_term']);
$g_abbreviation = htmlspecialchars($row['g_abbreviation']);
$g_global = htmlspecialchars($row['g_global']);
$ta = $row['g_desc'];
}
}
?>
} else {
if ($action == "update" && $r_id != "") {
//history
$query = "select * from requirements where r_id=" . $r_id;
$rs = mysql_query($query) or die(mysql_error());
if ($row = mysql_fetch_array($rs)) {
$query = "insert into requirements_history (r_parent_id, r_p_id, r_release, r_c_id, r_s_id, r_stakeholder,r_glossary,r_keyword, r_u_id, r_assigned_u_id, r_name, r_desc, r_state, r_type_r, r_priority, r_valid, r_link, r_satisfaction, r_dissatisfaction, r_conflicts, r_depends, r_component, r_source, r_risk, r_complexity, r_weight, r_points, r_creation_date, r_change_date, r_accept_date, r_accept_user, r_version, r_save_date, r_save_user, r_parent_id2, r_pos, r_stub, r_keywords, r_userfield1, r_userfield2, r_userfield3, r_userfield4, r_userfield5, r_userfield6) values ('" . $r_id . "','" . escapeChars($row['r_p_id']) . "','" . escapeChars($row['r_release']) . "','" . escapeChars($row['r_c_id']) . "','" . escapeChars($row['r_s_id']) . "','" . escapeChars($row['r_stakeholder']) . "','" . escapeChars($row['r_glossary']) . "','" . escapeChars($row['r_keyword']) . "','" . escapeChars($row['r_u_id']) . "','" . $row['r_assigned_u_id'] . "','" . escapeChars($row['r_name']) . "','" . escapeChars($row['r_desc']) . "','" . escapeChars($row['r_state']) . "','" . escapeChars($row['r_type_r']) . "','" . escapeChars($row['r_priority']) . "','" . escapeChars($row['r_valid']) . "','" . escapeChars($row['r_link']) . "','" . escapeChars($row['r_satisfaction']) . "','" . escapeChars($row['r_dissatisfaction']) . "','" . escapeChars($row['r_conflicts']) . "','" . escapeChars($row['r_depends']) . "','" . escapeChars($row['r_component']) . "','" . escapeChars($row['r_source']) . "','" . escapeChars($row['r_risk']) . "','" . escapeChars($row['r_complexity']) . "','" . escapeChars($row['r_weight']) . "','" . escapeChars($row['r_points']) . "','" . escapeChars($row['r_creation_date']) . "','" . escapeChars($row['r_change_date']) . "','" . escapeChars($row['r_accept_date']) . "','" . escapeChars($row['r_accept_user']) . "','" . escapeChars($row['r_version']) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . $_SESSION['uid'] . "','" . escapeChars($row['r_parent_id']) . "','" . escapeChars($row['r_pos']) . "','" . escapeChars($row['r_stub']) . "','" . escapeChars($row['r_keywords']) . "','" . escapeChars($row['r_userfield1']) . "','" . escapeChars($row['r_userfield2']) . "','" . escapeChars($row['r_userfield3']) . "','" . escapeChars($row['r_userfield4']) . "','" . escapeChars($row['r_userfield5']) . "','" . escapeChars($row['r_userfield6']) . "')";
mysql_query($query) or die(mysql_error());
}
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
//if validated -adding accept date and user
//$r_link=str_replace('\\','|',$r_link);
//$r_link=str_replace('||','/',$r_link);
//$query="update requirements set r_name='".escapeChars($r_name)."', r_desc='".stripbr(escapeChars($ta))."', r_p_id='".escapeChars($r_p_id)."', r_release='".escapeChars($r_release)."', r_c_id='".escapeChars($r_c_id)."', r_s_id='".escapeChars($r_s_id)."', r_stakeholder='".escapeChars($r_stakeholder)."', r_glossary='".escapeChars($r_glossary)."', r_keyword='".escapeChars($r_keyword)."', r_assigned_u_id='".escapeChars($r_assigned_u_id)."', r_state='".escapeChars($r_state)."', r_type_r='".escapeChars($r_type_r)."', r_priority='".escapeChars($r_priority)."', r_link='".addslashes($r_link)."', r_satisfaction='".escapeChars($r_satisfaction)."', r_dissatisfaction='".escapeChars($r_dissatisfaction)."', r_conflicts='".escapeChars($r_conflicts)."', r_depends='".escapeChars($r_depends)."', r_component='".escapeChars($r_component)."', r_source='".escapeChars($r_source)."', r_risk='".escapeChars($r_risk)."', r_complexity='".escapeChars($r_complexity)."', r_weight='".escapeChars($r_weight)."', r_points='".escapeChars($r_points)."', r_parent_id='".escapeChars($r_parent_id)."', r_change_date=DATE_ADD( NOW( ) , INTERVAL - ".TIME_DIFF_HOURS." HOUR), r_version=r_version+1, r_stub='".escapeChars($r_stub)."', r_keywords='".escapeChars($r_keywords)."', r_userfield1='".escapeChars($r_userfield1)."', r_userfield2='".escapeChars($r_userfield2)."', r_userfield3='".escapeChars($r_userfield3)."', r_userfield4='".escapeChars($r_userfield4)."', r_userfield5='".escapeChars($r_userfield5)."', r_userfield6='".escapeChars($r_userfield6)."'";
$query = "update requirements set r_name='" . escapeChars($r_name) . "', r_desc='" . stripbr(escapeChars($ta)) . "', r_p_id='" . escapeChars($r_p_id) . "', r_release='" . escapeChars($r_release) . "', r_c_id='" . escapeChars($r_c_id) . "', r_s_id='" . escapeChars($r_s_id) . "', r_stakeholder='" . escapeChars($r_stakeholder) . "', r_glossary='" . escapeChars($r_glossary) . "', r_keyword='" . escapeChars($r_keyword) . "', r_assigned_u_id='" . escapeChars($r_assigned_u_id) . "', r_state='" . escapeChars($r_state) . "', r_type_r='" . escapeChars($r_type_r) . "', r_priority='" . escapeChars($r_priority) . "', r_link='" . addslashes($r_link) . "', r_satisfaction='" . escapeChars($r_satisfaction) . "', r_dissatisfaction='" . escapeChars($r_dissatisfaction) . "', r_conflicts='" . escapeChars($r_conflicts) . "', r_depends='" . escapeChars($r_depends) . "', r_component='" . escapeChars($r_component) . "', r_source='" . escapeChars($r_source) . "', r_risk='" . escapeChars($r_risk) . "', r_complexity='" . escapeChars($r_complexity) . "', r_weight='" . escapeChars($r_weight) . "', r_points='" . escapeChars($r_points) . "', r_parent_id='" . escapeChars($r_parent_id) . "', r_change_date=DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR), r_version=r_version+1, r_stub='" . escapeChars($r_stub) . "', r_keywords='" . escapeChars($r_keywords) . $kw_ids . "', r_userfield1='" . escapeChars($r_userfield1) . "', r_userfield2='" . escapeChars($r_userfield2) . "', r_userfield3='" . escapeChars($r_userfield3) . "', r_userfield4='" . escapeChars($r_userfield4) . "', r_userfield5='" . escapeChars($r_userfield5) . "', r_userfield6='" . escapeChars($r_userfield6) . "'";
//adding nodes position
if ($r_parent_id != $r_parent_id_tmp) {
$query2 = "select count(*) from requirements where r_parent_id=" . $r_parent_id . " and r_p_id='" . $r_p_id . "'";
$rs2 = mysql_query($query2) or die(mysql_error());
if ($row2 = mysql_fetch_array($rs2)) {
$pos_cnt = $row2[0] + 1;
}
//correcting positions of nodes of the old parent
if ($r_parent_id_tmp != 0) {
$query2 = "update requirements set r_pos=r_pos-1 where r_pos>" . $r_pos_tmp . " and r_parent_id=" . $r_parent_id_tmp . " and r_p_id='" . $r_p_id . "'";
$rs2 = mysql_query($query2) or die(mysql_error());
}
//adding new pos to the query
$query .= ", r_pos='" . $pos_cnt . "'";
} elseif ($r_parent_id == $r_parent_id_tmp && $r_pos != $r_pos_tmp) {
}
$p_load = "";
$p_id = $p_id_new;
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "insert into projects (p_name, p_phase, p_status, p_leader, p_date, p_desc, p_template, p_req_del) values ('" . escapeChars($p_name) . "','" . escapeChars($p_phase) . "','" . escapeChars($p_status) . "','" . escapeChars($p_leader) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . stripbr(escapeChars($ta)) . "','" . escapeChars($p_name) . "','" . escapeChars($p_req_del) . "')";
mysql_query($query) or die(mysql_error());
$p_id = mysql_insert_id();
//header("Location:index.php?inc=manage_projects");
}
if ($action == "update" && $p_id != "") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "update projects set p_name='" . escapeChars($p_name) . "', p_phase='" . escapeChars($p_phase) . "', p_status='" . escapeChars($p_status) . "', p_leader='" . escapeChars($p_leader) . "', p_desc='" . stripbr(escapeChars($ta)) . "', p_template='" . escapeChars($p_template) . "', p_req_del='" . escapeChars($p_req_del) . "' where p_id=" . $p_id;
mysql_query($query) or die(mysql_error());
//header("Location:index.php?inc=manage_projects");
}
//if ($what=="users_list" && $p_id!="")
if ($action != "") {
$query = "delete from project_users where pu_p_id=" . $p_id;
mysql_query($query) or die(mysql_error());
$list = explode(",", substr($users_list, 1));
if ($users_list != "") {
while (list($key, $val) = each($list)) {
$query = "insert into project_users (pu_p_id, pu_u_id) values ('" . $p_id . "','" . $val . "')";
mysql_query($query) or die(mysql_error());
}
}
//header("Location:index.php?inc=manage_projects");
<title><?php
echo $lng[1][1];
?>
</title>
<link rel='STYLESHEET' type='text/css' href='dhtmlxTree/samples/common/style.css'>
<link rel="stylesheet" href="s.css" type="text/css"/>
</head>
<body bgcolor="#ffffff">
<?php
if ($action == "add") {
//work up the text
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$ta2 = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta2));
$query = "insert into cases (c_name, c_desc, c_result, c_status, c_global) values ('" . escapeChars($c_name) . "','" . stripbr(escapeChars($ta)) . "','" . stripbr(escapeChars($ta2)) . "','" . escapeChars($c_status) . "','" . escapeChars($c_global) . "')";
mysql_query($query) or die(mysql_error());
$c_id = mysql_insert_id();
$query = "insert into project_cases (pc_c_id, pc_p_id) values ('" . $c_id . "','" . $p_id . "')";
mysql_query($query) or die(mysql_error());
?>
<script>
<?php
if ($where != "1") {
?>
opener.change_select();
opener.document.forms['edit'].r_c_id.value+=<?php
echo $c_id;
?>
+",";
opener.document.forms['edit'].tmp_p_id.value=opener.document.forms['edit'].r_p_id.value;
$query = "delete from subprojects where s_id=" . $s_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_subprojects");
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "insert into subprojects (s_name, s_desc, s_p_id) values ('" . escapeChars($s_name) . "','" . stripbr(escapeChars($ta)) . "','" . escapeChars($s_p_id) . "')";
mysql_query($query) or die(mysql_error());
$s_id = mysql_insert_id();
header("Location:index.php?inc=manage_subprojects");
}
if ($action == "update" && $s_id != "") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
$query = "update subprojects set s_name='" . escapeChars($s_name) . "', s_desc='" . stripbr(escapeChars($ta)) . "', s_p_id='" . escapeChars($s_p_id) . "' where s_id=" . $s_id;
mysql_query($query) or die(mysql_error());
header("Location:index.php?inc=manage_subprojects");
}
if ($s_id != "") {
$query = "select * from subprojects where s_id=" . $s_id;
$rs = mysql_query($query) or die(mysql_error());
if ($row = mysql_fetch_array($rs)) {
$s_name = htmlspecialchars($row['s_name']);
$s_desc = $row['s_desc'];
$s_p_id = $row['s_p_id'];
}
}
//projects
$query = "select * from projects where p_status<>2";
$rs = mysql_query($query) or die(mysql_error());
if ($r_id != "") {
//authorization check
$query = "select r.* from requirements r, projects p where r.r_id=" . $r_id . " and ((r.r_p_id=p.p_id and p.p_id in (" . $project_list . ")) OR r.r_p_id=0)";
$rs = mysql_query($query) or die(mysql_error());
if ($row = mysql_fetch_array($rs)) {
} else {
header("Location:index.php");
}
}
if ($action == "add") {
//work up the text
$ta = str_replace('<link href="styles.css" rel="stylesheet" />', '', stripslashes($ta));
if ($_SESSION['rights'] == "0") {
$c_question = 1;
}
$query = "insert into comments (c_r_id, c_u_id, c_text, c_date, c_question) values ('" . escapeChars($r_id) . "','" . $_SESSION['uid'] . "','" . stripbr(escapeChars($ta)) . "',DATE_ADD( NOW( ) , INTERVAL - " . TIME_DIFF_HOURS . " HOUR),'" . escapeChars($c_question) . "')";
if ($ta != "") {
mysql_query($query) or die(mysql_error());
}
if ($what == "long") {
header("Location:index.php?inc=view_requirement_long&r_id=" . $r_id);
} else {
header("Location:index.php?inc=view_requirement&r_id=" . $r_id);
}
}
?>
<table border="0" width="100%">
<tr valign="top">
<td>
<form method="post" name="edit" name="edit" action="" enctype='multipart/form-data'>
<input type="hidden" name="r_id" value="<?php