index.php

本代码是为客户联系管理而做的系统

<?php
// +-------------------------------------------------------------+
// | DeskPRO v [2.0.1 Production]
// | Copyright (C) 2001 - 2004 Headstart Solutions Limited
// | Supplied by WTN-WDYL
// | Nullified by WTN-WDYL
// | Distribution via WebForum, ForumRU and associated file dumps
// +-------------------------------------------------------------+
// | DESKPRO IS NOT FREE SOFTWARE
// +-------------------------------------------------------------+
// | License ID : Full Enterprise License =) ...
// | License Owner : WTN-WDYL Team
// +-------------------------------------------------------------+
// | $RCSfile: index.php,v $
// | $Date: 2004/02/10 01:34:25 $
// | $Revision: 1.157 $
// +-------------------------------------------------------------+
// | File Details:
// | - Calendar viewer.
// +-------------------------------------------------------------+

error_reporting(E_ALL ^ E_NOTICE);

// start file
require("./../global.php");

tech_nav('calendar');

if ($_REQUEST['do'] == 'added') {
	alert('Task added');
	unset($_REQUEST['do']);
}

// defaults
$_REQUEST['do'] = trim($_REQUEST['do']);
if (!isset($_REQUEST['do']) or $_REQUEST['do'] == "") {
	$_REQUEST['do'] = "monthly";
}

$_REQUEST['type'] = trim($_REQUEST['type']);
if (!isset($_REQUEST['type']) or $_REQUEST['type'] == "") {
	$_REQUEST['type'] = "calendar";
}

// globalise variables
$global = array	(
			array('year'),
			array('day'),
			array('month'),
			array('week')
);

rg($global);

require_once(INCLUDE_PATH . 'functions/calendar_functions.php');

#####################################################################################
  ############################### SEARCH SETUP ###############################
#####################################################################################

if (isset($_REQUEST['search'])) {
	if ($_REQUEST['search'] == 'upcoming') { 
		// Set up a search for all unfinished tasks within a reasonable timeframe
		$startdate = '1970-01-01'; 
		$enddate = date('Y-m-d', strtotime(date('Y-m-d') . " + 1 month")); // Go a month out in the future
		$complete = 0;
		$search = 'upcoming';
	} else {
		// Perform a normal search
		if ($_REQUEST['ystartdate'] OR $_REQUEST['mstartdate'] OR $_REQUEST['dstartdate']) {
			$startdate = formatymd($_REQUEST['ystartdate'].'-'.$_REQUEST['mstartdate'].'-'.$_REQUEST['dstartdate']); 
		}
		if ($_REQUEST['yenddate'] OR $_REQUEST['menddate'] OR $_REQUEST['denddate']) {
			$enddate = formatymd($_REQUEST['yenddate'].'-'.$_REQUEST['menddate'].'-'.$_REQUEST['denddate']); 
		}
		$search = 1;
	}

	// Force the monthly list view for the search since that's where the search logic is
	$_REQUEST['do'] = 'monthly';
	$_REQUEST['type'] = 'list';
}

#####################################################################################
  ############################### QUICK ADD ENTRY ###############################
#####################################################################################

if ($_REQUEST['addentry'] == '1') {
	$date = $_REQUEST['ydate'] . '-' . $_REQUEST['mdate'] . '-' . $_REQUEST['ddate'];

	if (trim($_REQUEST['title']) == '') {
		$error .= 'The title was left empty\\n';
	}
	if (trim($_REQUEST['description']) == '') {
		$error .= 'The description was left empty\\n';
	}

	if ($_REQUEST['title'] == 'Title ...') {
		$error .= 'Please specify a title.\\n';
	}

	if ($_REQUEST['description'] == 'Message ...') {
		$error .= 'Please specify a description/message.\\n';
	}

	$date = formatymd($date); // needs month day year
	$tmp = split('-', $date);

	if (!@checkdate($tmp[1], $tmp[2], $tmp[0])) {
		$error .= 'The date entered was not valid\\n';
	}
	
	// Add record if no errors. We do *not* e-mail reminders here, because
	// the quick form only adds scheduled entries for the technician
	// submitting the form.
	if (!$error) {
	    $checks = xss_check(array($_REQUEST['title'], $_REQUEST['description']), 'tech');

		$db->query("INSERT INTO calendar_task SET
			title = '" . mysql_escape_string($checks[0]) . "',
			description = '" . mysql_escape_string($checks[1]) . "',
			repeattype = '0',
			techmaker = '$user[id]',
			startdate = '$date',
			enddate = '$date',
			timezone = '$settings[timezone]',
			weekstart = '$user[weekstart]'
		");

		$id = $db->last_id();
		
		$db->query("INSERT INTO calendar_task_tech SET
			eventid = '$id',
			techid = '$user[id]'
		");

		alert('Task Added');
	} else {
		alert($error);
	}
}

#####################################################################################
############################### TOGGLE AND DELETE ##############################
#####################################################################################

// There's lots of different types of events, and we have to handle them all
// here, so each 'ids' entry is itself an array of two required elements, and
// an optional one, separated by "|" characters, as in:
//
// 1234|2003-04-19|2
//
// This entry refers to a reminder to look at ticket 1234 on April 19, 2003.
//
// 4321|2003-05-13
//
// This entry refers to a normal scheduled event (or a repeat iteration). If
// event 4321 is repeating and the date specified here isn't the item's start
// date, this entry refers to the repeat iteration, not the parent event.
// If it *does* match, this refers to the parent event, or to an event with
// no repeat options.

if (isset($_REQUEST['Process'])) {
	// Sort out event IDs and dates
	if (is_array($_REQUEST['ids'])) {
		foreach ($_REQUEST['ids'] as $key => $var) {
			$key = explode('|', $key);
			if ($key[2]) { // It's a ticket watch event, not a normal one
				$watches[$key[0]][] = $key[1];
			} else {
				$events[$key[0]][] = $key[1];
			}
		}
	}
	
	if (is_array($events)) {
		$ids = array2sql(array_keys($events));
	}

	if (!$ids) {
		$ids = "('')";
	}

	if (is_array($watches)) {
		$watches = array2sql(array_keys($watches));
	}

	if ($_REQUEST['action']) { // Delete or stop repeating today
		// We only want to let the user delete items he's created himself.
		$db->query("SELECT id FROM calendar_task WHERE id IN $ids AND techmaker = '$user[id]'");
		$ids = array();
		while($row = $db->row_array()) {
			$ids[] = $row[0];
		}
		$ids = array2sql($ids);
		if ($_REQUEST['action'] == 2) { // Stop repeating, set due today
			// We only want to update repeating items here; don't mess with normal items
			$db->query("UPDATE calendar_task SET enddate = now() WHERE id IN $ids AND repeattype");
			alert("Repetition stopped.");
		} else {
			$db->query("DELETE FROM calendar_task WHERE id IN $ids");
			$db->query("DELETE FROM calendar_task_tech WHERE eventid IN $ids");
			$db->query("DELETE FROM calendar_task_iteration WHERE taskid IN $ids");
			if ($watches) {
				$db->query("DELETE FROM tech_ticket_watch WHERE ticketid IN $watches AND techid = '$user[id]'");
			}
			alert("Item(s) deleted.");
		}
		
	} else { // Toggle
		if (is_array($events)) {
			foreach($events as $key => $val) {
				foreach($val as $key2 => $val2) {
	
					$db->query("SELECT techmaker, title, description, notifycompletion, multistaff, repeattype FROM calendar_task WHERE id = '$key'");
					$res = $db->row_array();
					$maker = $res['techmaker'];
					$title = $res['title'];
					$descr = $res['description'];
					$notify = $res['notifycompletion'];
					$staff = $res['multistaff'];
					$repeat = $res['repeattype'];
	
					$db->query('SELECT id, username, email FROM tech WHERE id = \'' . mysql_escape_string($maker) . "' or id = '$user[id]'");
					while ($result = $db->row_array()) {
						$emails[$result['id']]['username'] 	= $result['username'];
						$emails[$result['id']]['email'] 	= $result['email'];
					}
				
					if ($staff OR $repeat) { // If multistaff, we have to update the iterations table

						$row = $db->query_return("SELECT taskid, completed 
							FROM calendar_task_iteration 
							WHERE taskid = '$key'
								AND task_techid = '$user[id]'
								AND date = '$val2'"
						);

						if ($db->num_rows()) { // Toggling an existing record

							$db->query("UPDATE calendar_task_iteration 
								SET completed = !completed
								WHERE taskid = '$key' 
									AND task_techid = '$user[id]'
									AND date = '$val2'"
							);

							$db->query("SELECT completed 
								FROM calendar_task_iteration
								WHERE taskid = '$key' 
									AND task_techid = '$user[id]' AND 
									date = '$val2'"
							);

							$res = $db->row_array();
							$done = $res['completed'];

						} else { // Marking completed, no existing iteration record
	
							$db->query("INSERT INTO calendar_task_iteration 
								(task_techid, taskid, completed, date) 
								VALUES ('$user[id]', '$key', '1', '$val2')"
							);
	
							$done = 1;
						}
					} else { // Otherwise, update the tech table
	
						$db->query("SELECT eventid, completed 
							FROM calendar_task_tech 
							WHERE eventid = '$key'
								AND techid = '$user[id]'"
						);

						if ($db->num_rows()) {
							$row = $db->row_array();

							$db->query("UPDATE calendar_task_tech 
								SET completed = !completed
								WHERE eventid = '$key' 
									AND techid = '$user[id]'"
							);

							$done = $row['completed'];
						}
					}

					if (($maker != $user[id]) && $notify) { // If the owner wants notifications and the owner isn't making this update, start sending mail
						if ($done) {
							$done = "complete";
						} else {
							$done = "incomplete";
						}

						$taskusername = $emails[$user['id']]['username'];
						$taskurl = $settings['helpdesk_url'] . "/tech/calendar/viewtask.php?id=$id";
						$tasktitle = htmlspecialchars($title);
						$taskdescription = htmlspecialchars($descr);
						$taskdone = $done;
						eval(makeemaileval('message', 'TECHBODY_task_toggled', $subject));
						dp_mail($emails[$maker][email], $subject, $message);
					}
				}
			}
		}
		if ($watches) {
			$db->query("UPDATE tech_ticket_watch SET completed = !completed WHERE id IN $watches AND techid = '$user[id]'");
		}
		alert("Item(s) toggled.");
	}
}

#####################################################################################
############################### USEFUL VARIABLES ###############################
#####################################################################################

// we are getting some useful variables that will be used for display

// incoming dateform
if ($_REQUEST['ddate']) {
	$day = ($_REQUEST['ddate']);
}
if ($_REQUEST['mdate']) {
	$month = ($_REQUEST['mdate']);
}
if ($_REQUEST['ydate']) {
	$year = ($_REQUEST['ydate']);
}

// arrays of dates
$month_array = array(
	'1' => 'Jan', 
	'2' => 'Feb', 
	'3' => 'Mar', 
	'4' => 'Apr', 
	'5' => 'May', 
	'6' => 'Jun', 
	'7' => 'Jul', 
	'8' => 'Aug', 
	'9' => 'Sep', 
	'10' => 'Oct', 
	'11' => 'Nov', 
	'12' => 'Dec'
);

$day_array = make_numberarray(1, 31);
$year_array = make_numberarray(2000, 2050);

$days_array = array(
	'Monday', 
	'Tuesday', 
	'Wednesday', 
	'Thursday', 
	'Friday', 
	'Saturday', 
	'Sunday'
);

$daysshort_array = array('S', 'M', 'T', 'W', 'T', 'F', 'S');

// current dates
$today_d = date('d');
$today_m = date('m');
$today_y = date('Y');
$today = "$today_y-$today_m-$today_d";

// default weekstart or use monday
if (!$user['weekstart']) {
	$user['weekstart'] = 7;
}

// is it today?
if ($year == $today_y AND $month == $today_m AND $day == $today_d) {
	$its_today = 1;
}