2006-03-27 05:37:27 +02:00
< ? php
// Pandora - The Free Monitoring System
// This code is protected by GPL license.
// Este codigo esta protegido por la licencia GPL.
// Sancho Lerena <slerena@gmail.com>, 2003-2006
// Raul Mateos <raulofpandora@gmail.com>, 2005-2006
// Load global vars
require ( " include/config.php " );
//require("include/functions.php");
//require("include/functions_db.php");
if ( comprueba_login () == 0 ) {
$accion = " " ;
$id_usuario = $_SESSION [ " id_usuario " ];
if (( give_acl ( $id_user , 0 , " IR " ) == 1 ) OR ( give_acl ( $id_user , 0 , " IM " ) == 1 ) or ( dame_admin ( $id_user ) == 1 )) {
if ( isset ( $_GET [ " quick_delete " ])){
$id_inc = $_GET [ " quick_delete " ];
$sql2 = " SELECT * FROM tincidencia WHERE id_incidencia= " . $id_inc ;
$result2 = mysql_query ( $sql2 );
$row2 = mysql_fetch_array ( $result2 );
if ( $row2 ) {
$id_author_inc = $row2 [ " id_usuario " ];
if (( give_acl ( $id_usuario , $row2 [ " id_grupo " ], " IM " ) == 1 ) OR ( $_SESSION [ " id_usuario " ] == $id_author_inc ) ){
borrar_incidencia ( $id_inc );
echo " <h3 class='suc'> " . $lang_label [ " del_incid_ok " ] . " </h3> " ;
}
else {
audit_db ( $id_author_inc , $REMOTE_ADDR , " ACL Forbidden " , " User " . $_SESSION [ " id_usuario " ] . " try to delete incident " );
echo " <h3 class='error'> " . $lang_label [ " del_incid_no " ] . " </h3> " ;
no_permission ();
}
}
}
/* Pending to delete code
// Delete incidents (Actions)
if ( isset ( $_POST [ " accion " ])){
$id_inc = $_POST [ " id_inc " ];
if ( $_POST [ " accion " ] == $lang_label [ " in_delinc " ]){ // Delete Incident
$id_author_inc = give_incident_author ( $id_inc );
if (( $_SESSION [ " id_usuario " ] == $id_author_inc ) OR dame_admin ( $_SESSION [ " id_usuario " ])) {
borrar_incidencia ( $id_inc );
} else {
audit_db ( $id_author_inc , $REMOTE_ADDR , " ACL Forbidden " , " User " . $_SESSION [ " id_usuario " ] . " try to update incident " );
echo " <h3 class='error'> " . $lang_label [ " del_incid_no " ] . " </h3> " ;
no_permission ();
}
}
}
*/
/* EXPLANATION FOR THiS PAGE :
Due to this form get data from other forms , variables are mixed in GET and POST inputs . Combo data originally comes
from POST inputs . All data from posts are translated below to GET INPUT , all posterior data process are using GET
because filter data are dynamically written to links to pass filter data between pages
*/
// Search
$busqueda = " " ;
if ( isset ( $_POST [ " texto " ]) OR ( isset ( $_GET [ " texto " ]))){
if ( isset ( $_POST [ " texto " ])){
$texto_form = $_POST [ " texto " ];
$_GET [ " texto " ] = $texto_form ; // Update GET vars if data comes from POST
} else // GET
$texto_form = $_GET [ " texto " ];
$busqueda = " ( titulo LIKE '% " . $texto_form . " %' OR descripcion LIKE '% " . $texto_form . " %' ) " ;
}
if ( isset ( $_POST [ " usuario " ]) OR ( isset ( $_GET [ " usuario " ]))){
if ( isset ( $_POST [ " usuario " ])){
$usuario_form = $_POST [ " usuario " ];
$_GET [ " usuario " ] = $usuario_form ;
} else // GET
$usuario_form = $_GET [ " usuario " ];
if ( $usuario_form != " " ){
if ( isset ( $_GET [ " texto " ]))
$busqueda = $busqueda . " and " ;
$busqueda = $busqueda . " id_usuario = ' " . $_GET [ " usuario " ] . " ' " ;
}
}
// Filter
if ( $busqueda != " " )
$sql1 = " WHERE " . $busqueda ;
else
$sql1 = " " ;
if ( isset ( $_GET [ " estado " ]) and ( ! isset ( $_POST [ " estado " ])))
$_POST [ " estado " ] = $_GET [ " estado " ];
if ( isset ( $_GET [ " grupo " ]) and ( ! isset ( $_POST [ " grupo " ])))
$_POST [ " grupo " ] = $_GET [ " grupo " ];
if ( isset ( $_GET [ " prioridad " ]) and ( ! isset ( $_POST [ " prioridad " ])))
$_POST [ " prioridad " ] = $_GET [ " prioridad " ];
if ( isset ( $_POST [ 'estado' ]) OR ( isset ( $_POST [ 'grupo' ])) OR ( isset ( $_POST [ 'prioridad' ]) ) ) {
if (( isset ( $_POST [ " estado " ])) AND ( $_POST [ " estado " ] != - 1 )){
$_GET [ " estado " ] = $_POST [ " estado " ];
if ( $sql1 == " " )
$sql1 = 'WHERE estado=' . $_POST [ " estado " ];
else
$sql1 = $sql1 . ' AND estado=' . $_POST [ " estado " ];
}
if (( isset ( $_POST [ " prioridad " ])) AND ( $_POST [ " prioridad " ] != - 1 )) {
$_GET [ " prioridad " ] = $_POST [ " prioridad " ];
if ( $sql1 == " " )
$sql1 = 'WHERE prioridad=' . $_POST [ " prioridad " ];
else
$sql1 = $sql1 . ' and prioridad=' . $_POST [ " prioridad " ];
}
if (( isset ( $_POST [ " grupo " ])) AND ( $_POST [ " grupo " ] != - 1 )) {
$_GET [ " grupo " ] = $_POST [ " grupo " ];
if ( $sql1 == " " )
$sql1 = 'WHERE id_grupo=' . $_POST [ " grupo " ];
else
$sql1 = $sql1 . ' AND id_grupo=' . $_POST [ " grupo " ];
}
}
$sql0 = " SELECT * FROM tincidencia " . $sql1 . " ORDER BY actualizacion DESC " ;
$sql1_count = " SELECT COUNT(id_incidencia) FROM tincidencia " . $sql1 ;
$sql1 = $sql0 ;
echo " <h2> " . $lang_label [ " incident_manag " ] . " </h2> " ;
2006-07-09 16:58:02 +02:00
echo " <h3> " . $lang_label [ " manage_incidents " ] . " <a href='help/ " . $help_code . " /chap4.php#4' target='_help' class='help'> <span> " . $lang_label [ " help " ] . " </span></a></h3> " ;
2006-03-27 05:37:27 +02:00
?>
< ? php
if ( isset ( $_POST [ 'operacion' ])){
echo " <h3> " . $lang_label [ " incident_view_filter " ] . " - " . $_POST [ 'operacion' ] . " </h3> " ;
}
?>
< form name = 'visualizacion' method = 'POST' action = 'index.php?sec=incidencias&sec2=operation/incidents/incident' >
< table border = " 0 " cellpadding = 3 cellspacing = 3 >
< tr >
< td valign = " middle " >
< h3 >< ? php echo $lang_label [ " filter " ]; ?> </h3>
< select name = " estado " onChange = " javascript:this.form.submit(); " class = " w155 " >
< ? php
// Tipo de estado (Type)
// 0 - Abierta / Sin notas (Open without notes)
// 1 - Abierta / Notas aniadidas (Open with notes)
// 2 - Descartada (Not valid)
// 3 - Caducada (out of date)
// 13 - Cerrada (closed)
if ( isset ( $_GET [ " estado " ])){
echo " <option value=' " . $_GET [ " estado " ] . " '> " ;
switch ( $_GET [ " estado " ]){
case - 1 : echo $lang_label [ " all_inc " ]; break ;
case 0 : echo $lang_label [ " opened_inc " ]; break ;
case 13 : echo $lang_label [ " closed_inc " ]; break ;
case 2 : echo $lang_label [ " rej_inc " ]; break ;
case 3 : echo $lang_label [ " exp_inc " ]; break ;
}
}
echo " <option value='-1'> " . $lang_label [ " all_inc " ];
echo " <option value='0'> " . $lang_label [ " opened_inc " ];
echo " <option value='13'> " . $lang_label [ " closed_inc " ];
echo " <option value='2'> " . $lang_label [ " rej_inc " ];
echo " <option value='3'> " . $lang_label [ " exp_inc " ];
?>
</ select >
</ td >
< td valign = " middle " >< noscript >< input type = " submit " class = " sub " value = " <?php echo $lang_label["show"] ?> " border = " 0 " ></ noscript >
</ td >
< td rowspan = " 5 " class = " f9130t " >
< h3 >< ? php echo $lang_label [ " status " ] ?> </h3>
< img src = 'images/dot_red.gif' > - < ? php echo $lang_label [ " opened_inc " ] ?> <br>
< img src = 'images/dot_yellow.gif' > - < ? php echo $lang_label [ " openedcom_inc " ] ?> <br>
< img src = 'images/dot_blue.gif' > - < ? php echo $lang_label [ " rej_inc " ] ?> <br>
< img src = 'images/dot_green.gif' > - < ? php echo $lang_label [ " closed_inc " ] ?> <br>
< img src = 'images/dot_white.gif' > - < ? php echo $lang_label [ " exp_inc " ] ?> </td>
< td rowspan = " 5 " class = " f9130t " >
< h3 >< ? php echo $lang_label [ " priority " ] ?> </h3>
< img src = 'images/dot_red.gif' >< img src = 'images/dot_red.gif' >< img src = 'images/dot_red.gif' > - < ? php echo $lang_label [ " very_serious " ] ?> <br>
< img src = 'images/dot_yellow.gif' >< img src = 'images/dot_red.gif' >< img src = 'images/dot_red.gif' > - < ? php echo $lang_label [ " serious " ] ?> <br>
< img src = 'images/dot_yellow.gif' >< img src = 'images/dot_yellow.gif' >< img src = 'images/dot_red.gif' > - < ? php echo $lang_label [ " medium " ] ?> <br>
< img src = 'images/dot_green.gif' >< img src = 'images/dot_yellow.gif' >< img src = 'images/dot_yellow.gif' > - < ? php echo $lang_label [ " low " ] ?> <br>
< img src = 'images/dot_green.gif' >< img src = 'images/dot_green.gif' >< img src = 'images/dot_yellow.gif' > - < ? php echo $lang_label [ " informative " ] ?> <br>
< img src = 'images/dot_green.gif' >< img src = 'images/dot_green.gif' >< img src = 'images/dot_green.gif' > - < ? php echo $lang_label [ " maintenance " ] ?> <br>
< tr >< td >
< select name = " prioridad " onChange = " javascript:this.form.submit(); " class = " w155 " >
< ? php
if ( isset ( $_GET [ " prioridad " ])){
echo " <option value= " . $_GET [ " prioridad " ] . " > " ;
switch ( $_GET [ " prioridad " ]){
case - 1 : echo $lang_label [ " all " ] . " " . $lang_label [ " priority " ]; break ;
case 0 : echo $lang_label [ " informative " ]; break ;
case 1 : echo $lang_label [ " low " ]; break ;
case 2 : echo $lang_label [ " medium " ]; break ;
case 3 : echo $lang_label [ " serious " ]; break ;
case 4 : echo $lang_label [ " very_serious " ]; break ;
case 10 : echo $lang_label [ " maintenance " ]; break ;
}
}
echo " <option value='-1'> " . $lang_label [ " all " ] . " " . $lang_label [ " priority " ]; // al priorities (default)
echo '<option value="0">' . $lang_label [ " informative " ];
echo '<option value="1">' . $lang_label [ " low " ];
echo '<option value="2">' . $lang_label [ " medium " ];
echo '<option value="3">' . $lang_label [ " serious " ];
echo '<option value="4">' . $lang_label [ " very_serious " ];
echo '<option value="10">' . $lang_label [ " maintenance " ];
?>
</ select >
</ td >
< td valign = " middle " >< noscript >< input type = " submit " class = " sub " value = " <?php echo $lang_label["show"] ?> " border = " 0 " ></ noscript >
</ td >
< tr >< td >
< select name = " grupo " onChange = " javascript:this.form.submit(); " class = " w155 " >
< ? php
if ( isset ( $_GET [ " grupo " ])){
echo " <option value= " . $_GET [ " grupo " ] . " > " ;
if ( $_GET [ " grupo " ] == - 1 )
echo $lang_label [ " all " ] . " " . $lang_label [ " groups " ]; // all groups (default)
else
echo dame_nombre_grupo ( $_GET [ " grupo " ]);
}
echo " <option value='-1'> " . $lang_label [ " all " ] . " " . $lang_label [ " groups " ]; // all groups (default)
$sql2 = " SELECT * FROM tgrupo " ;
$result2 = mysql_query ( $sql2 );
while ( $row2 = mysql_fetch_array ( $result2 )){
echo " <option value= " . $row2 [ " id_grupo " ] . " > " . $row2 [ " nombre " ];
}
?>
</ select >
</ td >
< td valign = " middle " >< noscript >< input type = " submit " class = " sub " value = " <?php echo $lang_label["show"] ?> " border = " 0 " ></ noscript >
</ td >
< ? php
// Pass search parameters for possible future filter searching by user
if ( isset ( $_GET [ " usuario " ]))
echo " <input type='hidden' name='usuario' value=' " . $_GET [ " usuario " ] . " '> " ;
if ( isset ( $_GET [ " texto " ]))
echo " <input type='hidden' name='texto' value=' " . $_GET [ " texto " ] . " '> " ;
?>
</ table >
</ form >
< ? php
// Offset adjustment
if ( isset ( $_GET [ " offset " ]))
$offset = $_GET [ " offset " ];
else
$offset = 0 ;
$offset_counter = 0 ;
// Prepare index for pagination
$incident_list [] = " " ;
$result2 = mysql_query ( $sql1 );
if ( ! mysql_num_rows ( $result2 )) {
echo '<div style="margin-left: 7px; color: red">' . $lang_label [ " no_incidents " ] . '</div><br><table>' ;}
else {
while ( $row2 = mysql_fetch_array ( $result2 )){ // Jump offset records
$id_group = $row2 [ " id_grupo " ];
if ( give_acl ( $id_usuario , $id_group , " IR " ) == 1 ){ // Only incident read access to view data !
$incident_list [] = $row2 [ " id_incidencia " ];
}
}
// Fill array with data
// TOTAL incidents
$total_incidentes = sizeof ( $incident_list );
$url = " index.php?sec=incidencias&sec2=operation/incidents/incident " ;
// add form filter values for group, priority, state, and search fields: user and text
if ( isset ( $_GET [ " grupo " ]))
$url = $url . " &grupo= " . $_GET [ " grupo " ];
if ( isset ( $_GET [ " prioridad " ]))
$url = $url . " &prioridad= " . $_GET [ " prioridad " ];
if ( isset ( $_GET [ " estado " ]))
$url = $url . " &estado= " . $_GET [ " estado " ];
if ( isset ( $_GET [ " usuario " ]))
$url = $url . " &usuario= " . $_GET [ " usuario " ];
if ( isset ( $_GET [ " texto " ]))
$url = $url . " &texto= " . $_GET [ " texto " ];
// Show pagination
pagination ( $total_incidentes , $url , $offset );
echo '<br>' ;
// Show headers
echo " <table cellpadding=3 cellspacing=3 width=770> " ;
echo " <tr> " ;
echo " <th width='43'>ID " ;
echo " <th> " . $lang_label [ " status " ];
echo " <th width='165'> " . $lang_label [ " incident " ];
echo " <th width='50'> " . $lang_label [ " priority " ];
echo " <th> " . $lang_label [ " group " ];
echo " <th width='150'> " . $lang_label [ " updated_at " ];
echo " <th> " . $lang_label [ " source " ];
echo " <th width='75'> " . $lang_label [ " in_openedby " ];
echo " <th> " . $lang_label [ " delete " ];
2006-07-04 12:09:39 +02:00
$color = 1 ;
2006-03-27 05:37:27 +02:00
// Skip offset records and begin show data
if ( $offset != 0 )
$offset_begin = $offset + 1 ;
else
$offset_begin = $offset ;
for ( $a = $offset_begin ; $a < ( $offset + $block_size + 1 ); $a ++ ){
if ( isset ( $incident_list [ $a ])){
$id_incidente = $incident_list [ $a ];
} else {
$id_incidente = " " ;
}
if ( $id_incidente != " " ){
$sql = " SELECT * FROM tincidencia WHERE id_incidencia = $id_incidente " ;
$result = mysql_query ( $sql );
$row = mysql_fetch_array ( $result );
$id_group = $row [ " id_grupo " ];
2006-07-03 12:49:42 +02:00
if ( $color == 1 ){
$tdcolor = " datos " ;
$color = 0 ;
}
else {
$tdcolor = " datos2 " ;
$color = 1 ;
}
2006-03-27 05:37:27 +02:00
if ( give_acl ( $id_usuario , $id_group , " IR " ) == 1 ){ // Only incident read access to view data !
$offset_counter ++ ;
$note_number = dame_numero_notas ( $row [ " id_incidencia " ]);
echo " <tr> " ;
2006-07-03 12:49:42 +02:00
echo " <td class=' $tdcolor ' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id= " . $row [ " id_incidencia " ] . " '> " . $row [ " id_incidencia " ] . " </a> " ;
2006-03-27 05:37:27 +02:00
// Check for attachments in this incident
$result3 = mysql_query ( " SELECT * FROM tattachment WHERE id_incidencia = " . $row [ " id_incidencia " ]);
mysql_fetch_array ( $result3 );
if ( mysql_affected_rows () > 0 )
echo ' <img src="images/file.gif" align="middle">' ;
// Tipo de estado (Type)
// 0 - Abierta / Sin notas (Open, no notes)
// 1 - Abierta / Notas anyadidas (Open with notes)
// 2 - Descartada (not valid)
// 3 - Caducada (out of date)
// 13 - Cerrada (closed)
// Verify if the status changes
if (( $row [ " estado " ] == 0 ) && ( $note_number > 0 )){
$row [ " estado " ] = 1 ;
}
2006-07-03 12:49:42 +02:00
echo " <td class=' $tdcolor ' align='center'> " ;
2006-03-27 05:37:27 +02:00
switch ( $row [ " estado " ]) {
case 0 : echo " <img src='images/dot_red.gif'> " ;
break ;
case 1 : echo " <img src='images/dot_yellow.gif'> " ;
break ;
case 2 : echo " <img src='images/dot_blue.gif'> " ;
break ;
case 3 : echo " <img src='images/dot_white.gif'> " ;
break ;
case 13 : echo " <img src='images/dot_green.gif'> " ;
break ;
}
2006-07-03 12:49:42 +02:00
echo " <td class=' $tdcolor '><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id= " . $row [ " id_incidencia " ] . " '> " . substr ( salida_limpia ( $row [ " titulo " ]), 0 , 27 );
echo " <td class=' $tdcolor '> " ;
2006-03-27 05:37:27 +02:00
switch ( $row [ " prioridad " ] ){
case 0 : echo " <img src='images/dot_green.gif'> " . " <img src='images/dot_green.gif'> " . " <img src='images/dot_yellow.gif'> " ; break ;
case 1 : echo " <img src='images/dot_green.gif'> " . " <img src='images/dot_yellow.gif'> " . " <img src='images/dot_yellow.gif'> " ; break ;
case 2 : echo " <img src='images/dot_yellow.gif'> " . " <img src='images/dot_yellow.gif'> " . " <img src='images/dot_red.gif'> " ; break ;
case 3 : echo " <img src='images/dot_yellow.gif'> " . " <img src='images/dot_red.gif'> " . " <img src='images/dot_red.gif'> " ; break ;
case 4 : echo " <img src='images/dot_red.gif'> " . " <img src='images/dot_red.gif'> " . " <img src='images/dot_red.gif'> " ; break ;
case 10 : echo " <img src='images/dot_green.gif'> " . " <img src='images/dot_green.gif'> " . " <img src='images/dot_green.gif'> " ; break ;
}
/*
case 0 : echo $lang_label [ " informative " ]; break ;
case 1 : echo $lang_label [ " low " ]; break ;
case 2 : echo $lang_label [ " medium " ]; break ;
case 3 : echo $lang_label [ " serious " ]; break ;
case 4 : echo $lang_label [ " very_serious " ]; break ;
case 10 : echo $lang_label [ " maintenance " ]; break ;
*/
2006-07-03 12:49:42 +02:00
echo " <td class=' $tdcolor '> " . dame_nombre_grupo ( $row [ " id_grupo " ]);
echo " <td class=' $tdcolor '> " . $row [ " actualizacion " ];
echo " <td class=' $tdcolor '> " . $row [ " origen " ];
echo " <td class=' $tdcolor '><a href='index.php?sec=usuario&sec2=operation/users/user_edit&ver= " . $row [ " id_usuario " ] . " '><a href='#' class='tip'> <span> " . dame_nombre_real ( $row [ " id_usuario " ]) . " </span></a> " . substr ( $row [ " id_usuario " ], 0 , 8 ) . " </a></td> " ;
2006-03-27 05:37:27 +02:00
$id_author_inc = $row [ " id_usuario " ];
if (( give_acl ( $id_usuario , $id_group , " IM " ) == 1 ) OR ( $_SESSION [ " id_usuario " ] == $id_author_inc ) ){ // Only incident owners or incident manager from this group can delete incidents
2006-07-03 12:49:42 +02:00
echo " <td class=' $tdcolor ' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident&quick_delete= " . $row [ " id_incidencia " ] . " ' onClick='if (!confirm( \ ' " . $lang_label [ " are_you_sure " ] . " \ ')) return false;'><img src='images/cancel.gif' border='0'></a></td> " ;
2006-03-27 05:37:27 +02:00
}
} // if ACL is correct
}
}
echo " <tr><td colspan='9'><div class='raya'></div> " ;
}
if ( give_acl ( $_SESSION [ " id_usuario " ], 0 , " IW " ) == 1 ) {
echo " <tr><td align='right' colspan='9'> " ;
echo " <form method='post' action='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insert_form'> " ;
echo " <input type='submit' class='sub' name='crt' value=' " . $lang_label [ " create_incident " ] . " '></form> " ;
}
echo " </td></tr></table> " ;
}
else {
require ( " general/noaccess.php " );
audit_db ( $id_user , $REMOTE_ADDR , " ACL Violation " , " Trying to access Incident section " );
}
}
?>
