ticket_fields.php

jsp程序开发系统

<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: ticket_fields.php,v $
// | $Date: 2004/02/10 01:34:25 $
// | $Revision: 1.26 $
// +-------------------------------------------------------------+
// | File Details:
// | - Custom ticket field maintenance (administration page)
// +-------------------------------------------------------------+

error_reporting(E_ALL & ~E_NOTICE);

require_once('./global.php');
//Nullify WTN-WDYL Team
admin_header('Links', 'Ticket Fields');

// default do
$_REQUEST['do'] = trim($_REQUEST['do']);
if (!isset($_REQUEST['do']) or $_REQUEST['do'] == "") {
	$_REQUEST['do'] = "view";
}

// globalise variables
$global = array	(
			array('id', 'number'),
			array('type')
);
rg($global);

language_check();

############################### CREATE INDEX ###############################

if ($_REQUEST['do'] == 'createindex') {
	$db->query("SHOW INDEX FROM ticket");
	while ($index = $db->row_array()) {
		$indexed[$index['Column_name']] = 1;
	}
	$column = $db->query_return("SELECT name FROM ticket_def WHERE id = '$_REQUEST[id]'");
	$column = $column['name'];
	if (!$indexed[$column]) {
		$db->query("CREATE INDEX $column ON ticket ($column(20))");
		alert('Index created.');
		$_REQUEST['do'] = 'view';
	} else {
		alert('Index already present.');
	}
}

############################### DELETE INDEX ###############################

if ($_REQUEST['do'] == 'dropindex') {
	$db->query("SHOW INDEX FROM ticket");
	while ($index = $db->row_array()) {
		$indexed[$index['Column_name']] = 1;
	}
	$column = $db->query_return("SELECT name FROM ticket_def WHERE id = '$_REQUEST[id]'");
	$column = $column['name'];
	if ($indexed[$column]) {
		$db->query("DROP INDEX $column ON ticket");
		alert('Index removed.');
		$_REQUEST['do'] = 'view';
	} else {
		alert('No index present.');
	}
}


############################### CREATE NEW PROFILE FIELDS ###############################
if (($_REQUEST['do'] == "new3") OR ($_REQUEST['do'] == "update")) {

	if ($_REQUEST['regex'] != NULL) {
		$match = @preg_match($_REQUEST['regex'], '');
		if (!is_int($match)) { // It's invalid unless $match is an integer
			mistake('The regular expression you specified is invalid. Refer to
				PHP\'s manual 
				for current information about PHP\'s implementation of Perl-compatible 
				Regular Expressions. This may assist you in building a valid regular
				expression. Please go back and correct the regular expression.');
			exit;
		}
	}

	// code for creating a new field
	if ($_REQUEST['do'] == "new3") {

		$query = "INSERT INTO ticket_def SET ";

		// get max field number
		$db->query("SELECT name FROM ticket_def WHERE name LIKE 'custom%'");
		while ($results = $db->row_array()) {

			eregi("^custom([0-9]*)", $results[name], $value);
			if ($max < $value[1]) {
				$max = $value[1];
			}
		}

		$max++;
		$name = "custom" . $max;

		// create the column
		$db->query("ALTER TABLE ticket ADD $name MEDIUMTEXT");

		// sort out field
		$user_field[formtype] = $_REQUEST[formtype];

	// code for updating a field
	} elseif ($_REQUEST['do'] == "update") {
		
		$user_field = $db->query_return("SELECT * FROM ticket_def WHERE id = " . intval($id));
		$query = "UPDATE ticket_def SET ";
		$name = $user_field[name];

	}

	############################### THE FIELD DATA ############################### 

	if	(($user_field[formtype] == "checkbox") OR 
		($user_field[formtype] == "radio") OR 
		($user_field[formtype] == "select")) {

		// build array of current data
		$temp_data = unserialize($user_field[data]);
		if (is_array($temp_data)) {
			foreach($temp_data AS $key => $var) {
				$with_content[] = $temp_data[$key][0];
			}
		}
		
		// build array of new data
		if (is_array($_REQUEST[elementid])) {
			foreach($_REQUEST[elementid] AS $key => $var) {
				if (!is_int($key)) {
					$key++;
				}
				if ($_REQUEST[name][$key] != "") {

					$data[] = array(
						$key,
						$_REQUEST[order][$key],
						$_REQUEST[name][$key],
						$_REQUEST[start][$key]
						);

				} else {

				// check if there used to be value
					if (is_array($with_content)) {
						if (in_array($key, $with_content)) {

							// row needs to be deleted from the database
							$db->query("
								UPDATE ticket SET $user_field[name] = REPLACE ($user_field[name], '$key|||', '')
							");

						}		
					}
				}
			}
		}

		// sort based on order
		if (is_array($data)) {
			usort($data, "array_order2"); 
		}

		// convert to data to store in database
		$data = serialize($data);

	}

	############################### LANGUAGE BITS ###############################

	if ($settings[language_on]) {

		$_REQUEST[display_name] = serialize($_REQUEST[display_name]);
		$_REQUEST[description] = serialize($_REQUEST[description]);
		$_REQUEST[error_message] = serialize($_REQUEST[error_message]);

	} else {

		$display_name = unserialize($user_field[display_name]);
		$description = unserialize($user_field[description]);
		$error_message = unserialize($user_field[error_message]);

		$display_name[$settings[default_language]] = $_REQUEST['display_name'];
		$description[$settings[default_language]] = $_REQUEST['description'];
		$error_message[$settings[default_language]] = $_REQUEST['error_message'];

		$_REQUEST[display_name] = serialize($display_name);
		$_REQUEST[description] = serialize($description);
		$_REQUEST[error_message] = serialize($error_message);

	}

	############################### INPUT ############################### 
	if ($user_field[formtype] == "input") {

		$query .= "
		name = '$name',
		display_name = '".mysql_escape_string($_REQUEST['display_name'])."',
		description = '".mysql_escape_string($_REQUEST['description'])."',
		ticket_start  = '".mysql_escape_string($_REQUEST['ticket_start'])."',
		user_viewable = '".mysql_escape_string($_REQUEST['user_viewable'])."',
		user_editable = '".mysql_escape_string($_REQUEST['user_editable'])."',
		tech_viewable = '".mysql_escape_string($_REQUEST['tech_viewable'])."',
		tech_editable = '".mysql_escape_string($_REQUEST['tech_editable'])."',
		default_value = '".mysql_escape_string($_REQUEST['default_value'])."',
		parsed_default_value = '".mysql_escape_string($_REQUEST['parsed_default_value'])."',
		minlength = '".mysql_escape_string($_REQUEST['minlength'])."',
		maxlength = '".mysql_escape_string($_REQUEST['maxlength'])."',
		displayorder = '".mysql_escape_string($_REQUEST['displayorder'])."',
		regex = '".mysql_escape_string($_REQUEST['regex'])."',
		error_message = '".mysql_escape_string($_REQUEST['error_message'])."',
		length = '".mysql_escape_string($_REQUEST['length'])."',
		formtype = 'input'
		";

	############################### TEXTAREA ############################### 
	} elseif ($user_field[formtype] == "textarea") {

		$query .= "
		name = '$name',
		display_name = '".mysql_escape_string($_REQUEST['display_name'])."',
		description = '".mysql_escape_string($_REQUEST['description'])."',
		ticket_start  = '".mysql_escape_string($_REQUEST['ticket_start'])."',
		user_viewable = '".mysql_escape_string($_REQUEST['user_viewable'])."',
		user_editable = '".mysql_escape_string($_REQUEST['user_editable'])."',
		tech_viewable = '".mysql_escape_string($_REQUEST['tech_viewable'])."',
		tech_editable = '".mysql_escape_string($_REQUEST['tech_editable'])."',
		default_value = '".mysql_escape_string($_REQUEST['default_value'])."',
		parsed_default_value = '".mysql_escape_string($_REQUEST['parsed_default_value'])."',
		minlength = '".mysql_escape_string($_REQUEST['minlength'])."',
		maxlength = '".mysql_escape_string($_REQUEST['maxlength'])."',
		displayorder = '".mysql_escape_string($_REQUEST['displayorder'])."',
		regex = '".mysql_escape_string($_REQUEST['regex'])."',
		error_message = '".mysql_escape_string($_REQUEST['error_message'])."',
		length = '".mysql_escape_string($_REQUEST['length'])."',
		height = '".mysql_escape_string($_REQUEST['height'])."',
		formtype = 'textarea'
		";

	############################### RADIO ############################### 
	} elseif ($user_field[formtype] == "radio") {

		$query .= "
		name = '$name',
		data = '".mysql_escape_string($data)."',
		display_name = '".mysql_escape_string($_REQUEST['display_name'])."',
		description = '".mysql_escape_string($_REQUEST['description'])."',
		required = '".mysql_escape_string($_REQUEST['required'])."',