tech.php

jsp程序开发系统

<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: tech.php,v $
// | $Date: 2004/02/10 01:34:25 $
// | $Revision: 1.32 $
// +-------------------------------------------------------------+
// | File Details:
// | - Technician maintenance (administration interface)
// +-------------------------------------------------------------+

error_reporting(E_ALL & ~E_NOTICE);
require_once('./global.php');
//Nullify WTN-WDYL Team


// default do
$_REQUEST['do'] = trim($_REQUEST['do']);
if (!isset($_REQUEST['do']) or $_REQUEST['do'] == "") {
	$_REQUEST['do'] = "view";
}

// globalise variables
$global = array	(
			array('id')
);
rg($global);

############################### EMAIL TECHS ###############################

if ($_REQUEST['do'] == "email") {

	admin_header('Technicians', 'Email');

	$table[] = array('<b>From Email Address</b>', form_input('from'));
	$table[] = array('<b>Email Subject</b>', form_input('subject'));
	$table[] = array('<b>Email Body</b>', form_textarea('body', 100, 20));

	table_header('Email Technicians', 'tech.php', array('do' => 'email2'));
	table_content('', $table);
	table_footer('Send Email');
	unset($columns, $table);

}

############################### EMAIL TECHS ###############################

if ($_REQUEST['do'] == "email2") {

	admin_header('Technicians', 'Email');

	echo "<br />";

	$db->query("SELECT email FROM tech");
	
	while ($tech = $db->row_array()) {

		if (validate_email($tech[email])) {
			dp_mail($tech[email], $_REQUEST[subject], $_REQUEST[body], $_REQUEST[from]);
			echo "Email sent to $tech[email]<br />";
		}
	}
	echo "<br /><b>All Sent</b>";
}

############################### 1st STAGE OF NEW TECH CREATION ###############################

if ($_REQUEST['do'] == "add") {

	admin_header('Technicians', 'Add Technician');

	$db->query("SELECT id,username FROM tech");
	while ($result = $db->row_array()) {

	// Disabled for demo
	if ($REQUEST[username] == 'admin') {
		alert("Editing the 'admin' account is disabled in the demo.");
		$error = 1;
	}


	// Disabled for demo
	if ($REQUEST[username] == 'admin') {
		alert("Editing the 'admin' account is disabled in the demo.");
		$error = 1;
	}

		$tech_array[$result[id]] = $result[username];
	}

	$table[] = array('<input type="radio" name="permission" value="1" checked>', 'To create a new technician based on the permissions of another technician', form_select('tech_id', $tech_array));
	$table[] = array('<input type="radio" name="permission" value="0">', 'Create a new technician not based on the permissions of another technician');

	table_header('Create New User', 'tech.php', array('do' => 'add2'));
	table_content('', $table);
	table_footer('Create Technician');
	unset($table);

}

############################### CREATE / UPDATE TECH ###############################

if (($_REQUEST['do'] == "submit") OR ($_REQUEST['do'] == "update")) {

	if (($user[id] == $id) AND ($id != '') AND ($_REQUEST[is_admin] != 1)) {
		alert('You can not remove your own admin status');
		$error = 1;
	}
	if ($_REQUEST['username'] == '') {
		alert('You did not enter a username');
		$error = 1;
	}
	if ($_REQUEST['password'] == '') {
		alert('You have not entered a password');
		$error = 1;
		unset($_REQUEST['password']);
	}
	if ($_REQUEST['password'] != $_REQUEST['password2']) {
		alert('The passwords do not match');
		$error = 1;
		unset($_REQUEST['password']);
	}
	if (!validate_email($_REQUEST[email])) {
		alert('You have not entered a valid email address');
		$error = 1;
	}

	if (!$error) {
		
		if ($_REQUEST['do'] == "submit") {
			$query = "INSERT INTO tech SET";
		} elseif ($_REQUEST['do'] == "update") {
			$query = "UPDATE tech SET";
		}

		$query .= " username = '" . mysql_escape_string($_REQUEST[username]) . "',";

		if ($_REQUEST['password'] != "**********") {
			$query .= "password = '" . mysql_escape_string($_REQUEST[password]) . "', ";
		}

		$query .= "
		signature = '" . mysql_escape_string($_REQUEST[signature]) . "',
		email = '" . mysql_escape_string($_REQUEST['email']) . "',
		p_close_ticket = '" . $_REQUEST['p_close_ticket'] . "',
		p_tech_view = '" . $_REQUEST['p_tech_view'] . "',
		p_tech_edit = '$_REQUEST[p_tech_edit]',
		p_add_k = '$_REQUEST[p_add_k]',
		p_edit_k = '$_REQUEST[p_edit_k]',
		p_delete_k = '$_REQUEST[p_delete_k]',
		p_add_c_k = '$_REQUEST[p_add_c_k]',
		p_edit_c_k = '$_REQUEST[p_edit_c_k]',
		p_delete_c_k = '$_REQUEST[p_delete_c_k]',
		p_delete_announcements = '$_REQUEST[p_delete_announcements]',
		p_edit_announcements = '$_REQUEST[p_edit_announcements]',
		p_add_announcements = '$_REQUEST[p_add_announcements]',
		p_delete_users = '$_REQUEST[p_delete_users]',
		p_approve_new_registrations = '$_REQUEST[p_approve_new_registrations]',
		p_create_users = '$_REQUEST[p_create_users]',
		p_edit_users = '$_REQUEST[p_edit_users]',
		p_delete_own = '$_REQUEST[p_delete_own]',
		p_delete_other = '$_REQUEST[p_delete_other]',
		p_quickedit = '$_REQUEST[p_quickedit]',
		p_user_expire = '$_REQUEST[p_user_expire]',
		p_global_note = '$_REQUEST[p_global_note]',
		p_html_tech = '$_REQUEST[p_html_tech]',
		p_html_user = '$_REQUEST[p_html_user]',
		is_admin = '$_REQUEST[is_admin]',
		alert_reply_your = 1,
		alert_new_cat = 1,
		alert_pm = 1,
		alert_sound = 1,
		alert_popup = 1,
		email_new_email = 1,
		email_own_email = 1,
		email_reply_email = 1,
		email_assigned = 1,
		email_pm = 1
		";
		
		if ($_REQUEST['do'] == "submit") {
			$db->query($query);
			jump('tech.php', 'Technician Created');
		}
		
		if ($_REQUEST['do'] == "update") {
			$query .= " WHERE id = '$id'";

			$db->query($query);
			jump('tech.php', 'Technician Updated');
		}

	} else {
		$tech = $_REQUEST;
		$_REQUEST['do'] = 'redo';
		$password = $_REQUEST['password'];
	}

}

############################### FORM TO CREATE / UPDATE TECH ###############################

if (($_REQUEST['do'] == "add2") OR ($_REQUEST['do'] == "edit") OR ($_REQUEST['do'] == "redo")) {

	if ($_REQUEST['do'] == "edit") {
		$tech = $db->query_return("SELECT * FROM tech WHERE id = '$id'");
		$password = '**********';

		admin_header('Technicians', 'Edit Technician');

	} else {

		admin_header('Technicians', 'Add Technician');

		// sort out permissions if creating from another technician
		if ($_REQUEST[permission] == "1") {
			$tech = $db->query_return("SELECT * FROM tech WHERE id = '$_REQUEST[tech_id]'");
			echo table_border("<center><b>Permissions have been prefilled with the permissions assigned to technician $tech[username]</b></center>");
			echo "<BR>";
			unset($tech[username], $tech[password], $tech[email], $tech[real_name]);
		}
	}

	$bit = form_input('username', $tech[username], '30');
	$table[] = array('<b>Username</b><br />Your technicians username', $bit);

	$bit = form_password('password', $password, '30');
	$table[] = array('<b>Password</b><br />Your technicians password', $bit);

	$bit = form_password('password2', $password, '30');
	$table[] = array('<b>Password</b><br />Please confirm the password', $bit);

	$bit = form_textarea('signature', '30', '5', $tech[signature]);
	$table[] = array('<b>Signature</b><br />A signature for your technician', $bit);

	$bit = form_input('email', $tech[email], '30');
	$table[] = array('<b>Email</b><br />Your technicians email', $bit);

	$bit = form_radio_yn('is_admin', '', $tech[is_admin]);
	$table[] = array('<b>Is Admin</b><br />Do you wish to grant access to the admin control panel to your technician?', $bit);