tyler.durden
/
pandorafms
mirror of https://github.com/pandorafms/pandorafms.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

2007-02-19 Sancho Lerena <slerena@openideas.info> 

* operation/incidents/incident.php: Pagination finished.

	* operation/events/events.php: Pagination finished.

	* godmode/admin_access_logs.php: Pagination fix (work in progress,
	not finished yet).
	


git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@376 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
This commit is contained in:
slerena 2007-02-19 07:44:07 +00:00
parent 55f88630da
commit 25f176b0a6
6 changed files with 303 additions and 292 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
pandora_console/ChangeLog
View File

@ -1,3 +1,12 @@
2007-02-19 Sancho Lerena <slerena@openideas.info>
* operation/incidents/incident.php: Pagination finished.
* operation/events/events.php: Pagination finished.
* godmode/admin_access_logs.php: Pagination fix (work in progress,
not finished yet).
2007-02-16 Sancho Lerena <slerena@artica.es>
* pandoradb.sql: added unixtime field to tagente_datos,

220
pandora_console/godmode/admin_access_logs.php
View File

@ -2,9 +2,9 @@
// Pandora - the Free monitoring system
// ====================================
// Copyright (c) 2004-2006 Sancho Lerena, slerena@gmail.com
// Copyright (c) 2005-2006 Artica Soluciones Tecnológicas S.L, info@artica.es
// Copyright (c) 2004-2006 Raul Mateos Martin, raulofpandora@gmail.com
// Copyright (c) 2004-2007 Sancho Lerena, slerena@gmail.com
// Copyright (c) 2005-2007 Artica Soluciones Tecnoloicas S.L, info@artica.es
// Copyright (c) 2004-2007 Raul Mateos Martin, raulofpandora@gmail.com
// This program is free software; you can redistribute it and/or
// modify it under the terms of the GNU General Public License
// as published by the Free Software Foundation; either version 2
@ -20,114 +20,120 @@
// Load global vars
require("include/config.php");
if (comprueba_login() == 0)
$id_usuario= $_SESSION["id_usuario"];
if ( (dame_admin($id_user)==1) OR (give_acl($id_usuario, 0, "PM")==1)){
echo "<h2>".$lang_label["audit_title"]."</h2>";
if (isset($_GET["offset"]))
$offset=$_GET["offset"];
else
$offset=0;
if (comprueba_login() != 0) {
audit_db("Noauth",$REMOTE_ADDR, "No authenticated acces","Trying to access event viewer");
require ("general/noaccess.php");
exit;
}
// Manage GET/POST parameter for subselect on action type. POST parameter are proccessed before GET parameter (if passed)
if (isset($_GET["tipo_log"])){
$tipo_log = $_GET["tipo_log"];
$tipo_log_select = " WHERE accion='".$tipo_log."' ";
} elseif (isset($_POST["tipo_log"])){
$tipo_log = $_POST["tipo_log"];
if ($tipo_log == "-1"){
$tipo_log_select = "";
unset($tipo_log);
} else
$tipo_log_select = " WHERE accion='".$tipo_log."' ";
}
else $tipo_log_select= "";
$id_usuario =$_SESSION["id_usuario"];
if (give_acl($id_usuario, 0, "PM")!=1) {
audit_db($id_usuario,$REMOTE_ADDR, "ACL Violation","Trying to access event viewer");
require ("general/noaccess.php");
exit;
}
// generate select
echo "<h3>".$lang_label["filter"];
echo "<a href='help/".$help_code."/chap6.php#6' target='_help' class='help'>
&nbsp;<span>".$lang_label["help"]."</span></a></h3>";
echo "<form name='query_sel' method='post' action='index.php?sec=godmode&sec2=godmode/admin_access_logs'>";
echo "<table border='0'><tr><td valign='middle'>";
echo "<select name='tipo_log' onChange='javascript:this.form.submit();'>";
if (isset($tipo_log))
echo "<option>".$tipo_log;
echo "<option value='-1'>".$lang_label["all"];
$sql3="SELECT DISTINCT (accion) FROM `tsesion`";
// Prepare index for pagination
$result3=mysql_query($sql3);
while ($row3=mysql_fetch_array($result3)){
if (isset($tipo_log)) {
if ($tipo_log != $row3[0])
echo "<option value='".$row3[0]."'>".$row3[0];
} else
echo "<option value='".$row3[0]."'>".$row3[0];
}
echo "</select>";
echo "<td valign='middle'><noscript><input name='uptbutton' type='submit' class='sub' value='".$lang_label["show"]."'></noscript>";
echo "</table></form>";
$sql2="SELECT COUNT(*) FROM tsesion ".$tipo_log_select." ORDER BY fecha DESC";
$result2=mysql_query($sql2);
$row2=mysql_fetch_array($result2);
$counter = $row2[0];
if (isset ($tipo_log))
$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs&tipo_log=".$tipo_log;
echo "<h2>".$lang_label["audit_title"]."</h2>";
if (isset($_GET["offset"]))
$offset=$_GET["offset"];
else
$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs";
$offset=0;
//echo "URLTipolog $tipo_log";
pagination ($counter, $url, $offset);
echo '<br>';
// table header
echo '<table cellpadding="3" cellspacing="3" width=700>';
echo '<tr>';
echo '<th class="w70">'.$lang_label["user"].'</th>';
echo '<th>'.$lang_label["action"].'</th>';
echo '<th class="w130">'.$lang_label["date"].'</th>';
echo '<th class="w100">'.$lang_label["src_address"].'</th>';
echo '<th class="w200">'.$lang_label["comments"].'</th>';
// Skip offset records
$query1="SELECT * FROM tsesion ".$tipo_log_select." ORDER BY fecha DESC";
$result=mysql_query($query1);
$offset_counter = 0;
while ($offset_counter < $offset){
if ($row=mysql_fetch_array($result))
$offset_counter++;
else
$offset_counter = $offset; //exit condition
}
$offset_counter = 0;
$color=1;
// Get data
while ($row=mysql_fetch_array($result) and ($offset_counter < $block_size) ){
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
$usuario=$row["ID_usuario"];
echo '<tr><td class="'.$tdcolor.'_id">'.$usuario;
echo '<td class="'.$tdcolor.'">'.$row["accion"];
echo '<td class="'.$tdcolor.'f9">'.$row["fecha"];
echo '<td class="'.$tdcolor.'f9">'.$row["IP_origen"];
echo '<td class="'.$tdcolor.'">'.$row["descripcion"];
echo '</tr>';
$offset_counter++;
}
// end table
echo "<tr><td colspan='5'><div class='raya'></div></td></tr></table>";
} // End security control
else {
audit_db($id_user,$REMOTE_ADDR, "ACL Violation","Trying to access Access Logs section ");
require ("general/noaccess.php");
// Manage GET/POST parameter for subselect on action type. POST parameter are proccessed before GET parameter (if passed)
if (isset($_GET["tipo_log"])){
$tipo_log = $_GET["tipo_log"];
$tipo_log_select = " WHERE accion='".$tipo_log."' ";
} elseif (isset($_POST["tipo_log"])){
$tipo_log = $_POST["tipo_log"];
if ($tipo_log == "-1"){
$tipo_log_select = "";
unset($tipo_log);
} else
$tipo_log_select = " WHERE accion='".$tipo_log."' ";
}
else $tipo_log_select= "";
// generate select
echo "<h3>".$lang_label["filter"];
echo "<a href='help/".$help_code."/chap6.php#6' target='_help' class='help'>
&nbsp;<span>".$lang_label["help"]."</span></a></h3>";
echo "<form name='query_sel' method='post' action='index.php?sec=godmode&sec2=godmode/admin_access_logs'>";
echo "<table border='0'><tr><td valign='middle'>";
echo "<select name='tipo_log' onChange='javascript:this.form.submit();'>";
if (isset($tipo_log))
echo "<option>".$tipo_log;
echo "<option value='-1'>".$lang_label["all"];
$sql3="SELECT DISTINCT (accion) FROM `tsesion`";
// Prepare index for pagination
$result3=mysql_query($sql3);
while ($row3=mysql_fetch_array($result3)){
if (isset($tipo_log)) {
if ($tipo_log != $row3[0])
echo "<option value='".$row3[0]."'>".$row3[0];
} else
echo "<option value='".$row3[0]."'>".$row3[0];
}
echo "</select>";
echo "<td valign='middle'><noscript><input name='uptbutton' type='submit' class='sub' value='".$lang_label["show"]."'></noscript>";
echo "</table></form>";
$sql2="SELECT COUNT(*) FROM tsesion ".$tipo_log_select." ORDER BY fecha DESC";
$result2=mysql_query($sql2);
$row2=mysql_fetch_array($result2);
$counter = $row2[0];
if (isset ($tipo_log))
$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs&tipo_log=".$tipo_log;
else
$url = "index.php?sec=godmode&sec2=godmode/admin_access_logs";
//echo "URLTipolog $tipo_log";
pagination ($counter, $url, $offset);
echo '<br>';
// table header
echo '<table cellpadding="3" cellspacing="3" width=700>';
echo '<tr>';
echo '<th class="w70">'.$lang_label["user"].'</th>';
echo '<th>'.$lang_label["action"].'</th>';
echo '<th class="w130">'.$lang_label["date"].'</th>';
echo '<th class="w100">'.$lang_label["src_address"].'</th>';
echo '<th class="w200">'.$lang_label["comments"].'</th>';
// Skip offset records
$query1="SELECT * FROM tsesion ".$tipo_log_select." ORDER BY fecha DESC";
$result=mysql_query($query1);
$offset_counter = 0;
while ($offset_counter < $offset){
if ($row=mysql_fetch_array($result))
$offset_counter++;
else
$offset_counter = $offset; //exit condition
}
$offset_counter = 0;
$color=1;
// Get data
while ($row=mysql_fetch_array($result) and ($offset_counter < $block_size) ){
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
$usuario=$row["ID_usuario"];
echo '<tr><td class="'.$tdcolor.'_id">'.$usuario;
echo '<td class="'.$tdcolor.'">'.$row["accion"];
echo '<td class="'.$tdcolor.'f9">'.$row["fecha"];
echo '<td class="'.$tdcolor.'f9">'.$row["IP_origen"];
echo '<td class="'.$tdcolor.'">'.$row["descripcion"];
echo '</tr>';
$offset_counter++;
}
// end table
echo "<tr><td colspan='5'><div class='raya'></div></td></tr></table>";
?>

4
pandora_console/include/config.php
View File

@ -24,8 +24,8 @@ $pandora_version="v1.3 devel";
// Database configuration
$dbname="pandora"; // MySQL DataBase
$dbuser="pandora"; // DB User
$dbpassword="pandora"; // Password
$dbuser="root"; // DB User
$dbpassword=""; // Password
$dbhost="localhost"; // MySQL Host
$dbtype="mysql"; // Type of Database, now only "mysql" its supported
$attachment_store="/var/www/pandora_console"; //This is directory where placed "attachment" directory, to upload files stores. This MUST be writtable by wwwserver user, and should be in pandora root. Please append "/" to the end :-)

2
pandora_console/include/functions.php
View File

@ -483,8 +483,8 @@ function pagination ($count, $url, $offset ) {
echo "</a>";
}
// End div and layout
}
echo "</div>";
}
}
?>

153
pandora_console/operation/events/events.php
View File

@ -186,9 +186,9 @@ echo "<option value='All'>".$lang_label["all"]."</option>";
// Fill event type combo (DISTINCT!)
if (isset($ev_group) && ($ev_group > 1))
$sql="SELECT DISTINCT evento FROM tevento WHERE id_grupo = '$ev_group' DESC LIMIT $offset, $block_size";
$sql="SELECT DISTINCT evento FROM tevento WHERE id_grupo = '$ev_group'";
else
$sql="SELECT DISTINCT evento FROM tevento DESC LIMIT $offset, $block_size";
$sql="SELECT DISTINCT evento FROM tevento";
$result=mysql_query($sql);
// Make query for distinct (to fill combo)
while ($row=mysql_fetch_array($result))
@ -219,66 +219,68 @@ $result3=mysql_query($sql3);
$row3=mysql_fetch_array($result3);
$total_events = $row3[0];
// Show pagination header
pagination($total_events, "index.php?sec=eventos&sec2=operation/events/events", $offset);
// Show data.
echo "<br>";
echo "<table cellpadding='3' cellspacing='3' width='775'>";
echo "<tr>";
echo "<th>".$lang_label["status"]."</th>";
echo "<th>".$lang_label["event_name"]."</th>";
echo "<th>".$lang_label["agent_name"]."</th>";
echo "<th>".$lang_label["group"]."</th>";
echo "<th>".$lang_label["id_user"]."</th>";
echo "<th class='w130'>".$lang_label["timestamp"]."</th>";
echo "<th width='62'>".$lang_label["action"]."</th>";
echo "<th class='p10'>";
echo "<label for='checkbox' class='p21'>".$lang_label["all"]." </label>";
echo '<input type="checkbox" class="chk" name="allbox" onclick="CheckAll();"></th>';
echo "<form name='eventtable' method='POST' action='index.php?sec=eventos&sec2=operation/events/events&refr=60&offset=".$offset."'>";
$color = 1;
$id_evento = 0;
// Prepare index for pagination. Prepare queries
if ($event=="All"){
if (isset($ev_group) && ($ev_group > 1)) {
$sql2="SELECT * FROM tevento WHERE id_grupo = '$ev_group' ORDER BY timestamp DESC LIMIT $offset, $block_size";
} else {
$sql2="SELECT * FROM tevento ORDER BY timestamp DESC LIMIT $offset, $block_size";
}
} else {
if (isset($ev_group) && ($ev_group > 1)) {
$sql2="SELECT * FROM tevento WHERE evento = '$event' AND id_grupo = '$ev_group' ORDER BY timestamp DESC LIMIT $offset, $block_size";
} else {
$sql2="SELECT * FROM tevento WHERE evento = '$event' ORDER BY timestamp DESC LIMIT $offset, $block_size";
}
}
// Make query for data (all data, not only distinct).
$result2=mysql_query($sql2);
while ($row2=mysql_fetch_array($result2)){
$id_grupo = $row2["id_grupo"];
if (give_acl($id_user, $id_grupo, "IR") == 1){ // Only incident read access to view data !
$id_group = $row2["id_grupo"];
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
if ($total_events > 0){
pagination($total_events, "index.php?sec=eventos&sec2=operation/events/events", $offset);
// Show data.
echo "<tr><td class='$tdcolor' align='center'>";
if ($row2["estado"] == 0)
echo "<img src='images/dot_red.gif'>";
else
echo "<img src='images/dot_green.gif'>";
echo "<td class='$tdcolor'>".$row2["evento"];
if ($row2["id_agente"] > 0){
echo "<td class='$tdcolor'><a href='index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=".$row2["id_agente"]."'><b>".dame_nombre_agente($row2["id_agente"])."</b></a>";
echo "<td class='$tdcolor'><img src='images/g_".show_icon_group($id_group).".gif'></td>";
echo "<td class='$tdcolor'>";
echo "<br>";
echo "<br>";
echo "<table cellpadding='3' cellspacing='3' width='775'>";
echo "<tr>";
echo "<th>".$lang_label["status"]."</th>";
echo "<th>".$lang_label["event_name"]."</th>";
echo "<th>".$lang_label["agent_name"]."</th>";
echo "<th>".$lang_label["group"]."</th>";
echo "<th>".$lang_label["id_user"]."</th>";
echo "<th class='w130'>".$lang_label["timestamp"]."</th>";
echo "<th width='62'>".$lang_label["action"]."</th>";
echo "<th class='p10'>";
echo "<label for='checkbox' class='p21'>".$lang_label["all"]." </label>";
echo '<input type="checkbox" class="chk" name="allbox" onclick="CheckAll();"></th>';
echo "<form name='eventtable' method='POST' action='index.php?sec=eventos&sec2=operation/events/events&refr=60&offset=".$offset."'>";
$color = 1;
$id_evento = 0;
// Prepare index for pagination. Prepare queries
if ($event=="All"){
if (isset($ev_group) && ($ev_group > 1)) {
$sql2="SELECT * FROM tevento WHERE id_grupo = '$ev_group' ORDER BY timestamp DESC LIMIT $offset, $block_size";
} else {
$sql2="SELECT * FROM tevento ORDER BY timestamp DESC LIMIT $offset, $block_size";
}
} else {
if (isset($ev_group) && ($ev_group > 1)) {
$sql2="SELECT * FROM tevento WHERE evento = '$event' AND id_grupo = '$ev_group' ORDER BY timestamp DESC LIMIT $offset, $block_size";
} else {
$sql2="SELECT * FROM tevento WHERE evento = '$event' ORDER BY timestamp DESC LIMIT $offset, $block_size";
}
}
// Make query for data (all data, not only distinct).
$result2=mysql_query($sql2);
while ($row2=mysql_fetch_array($result2)){
$id_grupo = $row2["id_grupo"];
if (give_acl($id_user, $id_grupo, "IR") == 1){ // Only incident read access to view data !
$id_group = $row2["id_grupo"];
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
echo "<tr><td class='$tdcolor' align='center'>";
if ($row2["estado"] == 0)
echo "<img src='images/dot_red.gif'>";
else
echo "<img src='images/dot_green.gif'>";
echo "<td class='$tdcolor'>".$row2["evento"];
if ($row2["id_agente"] > 0){
echo "<td class='$tdcolor'><a href='index.php?sec=estado&sec2=operation/agentes/ver_agente&id_agente=".$row2["id_agente"]."'><b>".dame_nombre_agente($row2["id_agente"])."</b></a>";
echo "<td class='$tdcolor'><img src='images/g_".show_icon_group($id_group).".gif'></td>";
echo "<td class='$tdcolor'>";
} else { // for SNMP generated alerts
echo "<td class='$tdcolor' colspan='2'>".$lang_label["alert"]." / SNMP";
echo "<td class='$tdcolor' width='95'>";
@ -287,33 +289,28 @@ while ($row2=mysql_fetch_array($result2)){
echo "<a href='index.php?sec=usuario&sec2=operation/users/user_edit&ver=".$row2["id_usuario"]."'><a href='#' class='tip'>&nbsp;<span>".dame_nombre_real($row2["id_usuario"])."</span></a>".substr($row2["id_usuario"],0,8)."</a>";
echo "<td class='$tdcolor'>".$row2["timestamp"];
echo "<td class='$tdcolor' align='right'>";
if (($row2["estado"] == 0) and (give_acl($id_user,$id_group,"IW") ==1))
echo "<a href='index.php?sec=eventos&sec2=operation/events/events&offset=".$offset."&check=".$row2["id_evento"]."'><img src='images/ok.gif' border='0'></a>";
if (give_acl($id_user,$id_group,"IM") ==1)
echo "<a href='index.php?sec=eventos&sec2=operation/events/events&delete=".$row2["id_evento"]."&refr=60&offset=".$offset."'><img src='images/cancel.gif' border=0></a> ";
if (give_acl($id_user,$id_group,"IW") == 1)
echo "<a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insert_form&from_event=".$row2["id_evento"]."'><img src='images/page_lightning.png' border=0></a>";
echo "<td class='$tdcolor' align='center'>";
echo "<input type='checkbox' class='chk' name='eventid".$offset_counter."' value='".$row2["id_evento"]."'>";
echo "</td></tr>";
//}
}
}
}
echo "<tr><td colspan='8'><div class='raya'></div></td></tr>";
echo "<tr><td colspan='8' align='right'>";
echo "<tr><td colspan='8'><div class='raya'></div></td></tr>";
echo "<tr><td colspan='8' align='right'>";
echo "<input class='sub' type='submit' name='updatebt' value='".$lang_label["validate"]."'> ";
if (give_acl($id_user, 0,"IM") ==1){
echo "<input class='sub' type='submit' name='deletebt' value='".$lang_label["delete"]."'>";
}
echo "</form></table>";
/* else {echo "</select></form></td></tr></table><br><div class='nf'>".$lang_label["no_event"]."</div>";}
} */
echo "<input class='sub' type='submit' name='updatebt' value='".$lang_label["validate"]."'> ";
if (give_acl($id_user, 0,"IM") ==1){
echo "<input class='sub' type='submit' name='deletebt' value='".$lang_label["delete"]."'>";
}
echo "</form></table>";
} // no events to show
?>

207
pandora_console/operation/incidents/incident.php
View File

@ -33,6 +33,14 @@ if (give_acl($id_usuario, 0, "IR")!=1) {
exit;
}
// Take input parameters
// Offset adjustment
if (isset($_GET["offset"]))
$offset=$_GET["offset"];
else
$offset=0;
// Delete incident
if (isset($_GET["quick_delete"])){
$id_inc = $_GET["quick_delete"];
@ -44,8 +52,8 @@ if (isset($_GET["quick_delete"])){
if ((give_acl($id_usuario, $row2["id_grupo"], "IM") ==1) OR ($_SESSION["id_usuario"] == $id_author_inc) ){
borrar_incidencia($id_inc);
echo "<h3 class='suc'>".$lang_label["del_incid_ok"]."</h3>";
}
else {
audit_db($id_author_inc,$REMOTE_ADDR,"Incident deleted","User ".$id_usuario." deleted incident #".$id_inc);
} else {
audit_db($id_author_inc,$REMOTE_ADDR,"ACL Forbidden","User ".$_SESSION["id_usuario"]." try to delete incident");
echo "<h3 class='error'>".$lang_label["del_incid_no"]."</h3>";
no_permission();
@ -68,8 +76,11 @@ if ((isset($_GET["action"])) AND ($_GET["action"]=="update")){
$ahora=date("Y/m/d H:i:s");
$sql = "UPDATE tincidencia SET actualizacion = '".$ahora."', titulo = '".$titulo."', origen= '".$origen."', estado = '".$estado."', id_grupo = '".$grupo."', id_usuario = '".$usuario."', prioridad = '".$prioridad."', descripcion = '".$descripcion."' WHERE id_incidencia = ".$id_inc;
$result=mysql_query($sql);
audit_db($id_author_inc,$REMOTE_ADDR,"Incident updated","User ".$id_usuario." deleted updated #".$id_inc);
if ($result)
echo "<h3 class='suc'>".$lang_label["upd_incid_ok"]."</h3>";
else
echo "<h3 class='suc'>".$lang_label["upd_incid_no"]."</h3>";
} else {
audit_db($id_usuario,$REMOTE_ADDR,"ACL Forbidden","User ".$_SESSION["id_usuario"]." try to update incident");
echo "<h3 class='error'>".$lang_label["upd_incid_no"]."</h3>";
@ -92,9 +103,11 @@ if ((isset($_GET["action"])) AND ($_GET["action"]=="insert")){
$id_creator = $id_usuario;
$estado = entrada_limpia($_POST["estado_form"]);
$sql = " INSERT INTO tincidencia (inicio,actualizacion,titulo,descripcion,id_usuario,origen,estado,prioridad,id_grupo, id_creator) VALUES ('".$inicio."','".$actualizacion."','".$titulo."','".$descripcion."','".$usuario."','".$origen."','".$estado."','".$prioridad."','".$grupo."','".$id_creator."') ";
if (mysql_query($sql))
if (mysql_query($sql)){
echo "<h3 class='suc'>".$lang_label["create_incid_ok"]."</h3>";
$id_inc=mysql_insert_id();
audit_db($usuario,$REMOTE_ADDR,"Incident created","User ".$id_usuario." created incident #".$id_inc);
}
} else {
audit_db($id_usuario,$REMOTE_ADDR,"ACL Forbidden","User ".$_SESSION["id_usuario"]." try to create incident");
no_permission();
@ -167,10 +180,11 @@ if (isset($_POST['estado']) OR (isset($_POST['grupo'])) OR (isset($_POST['priori
}
}
$sql0="SELECT * FROM tincidencia ".$sql1." ORDER BY actualizacion DESC";
$sql1_count="SELECT COUNT(id_incidencia) FROM tincidencia ".$sql1;
$sql1=$sql0;
$sql1=$sql1." LIMIT $offset, $block_size";
echo "<h2>".$lang_label["incident_manag"]."</h2>";
echo "<h3>".$lang_label["manage_incidents"]."<a href='help/".$help_code."/chap4.php#4' target='_help' class='help'>&nbsp;<span>".$lang_label["help"]."</span></a></h3>";
if (isset($_POST['operacion'])){
@ -192,9 +206,13 @@ if (isset($_POST['operacion'])){
// 3 - Caducada (out of date)
// 13 - Cerrada (closed)
if (isset($_GET["estado"])){
echo "<option value='".$_GET["estado"]."'>";
switch ($_GET["estado"]){
if ((isset($_GET["estado"])) OR (isset($_GET["estado"]))){
if (isset($_GET["estado"]))
$estado = $_GET["estado"];
if (isset($_POST["estado"]))
$estado = $_POST["estado"];
echo "<option value='".$estado."'>";
switch ($estado){
case -1: echo $lang_label["all_inc"]; break;
case 0: echo $lang_label["opened_inc"]; break;
case 13: echo $lang_label["closed_inc"]; break;
@ -233,9 +251,13 @@ if (isset($_POST['operacion'])){
<select name="prioridad" onChange="javascript:this.form.submit();" class="w155">
<?php
if (isset($_GET["prioridad"])){
echo "<option value=".$_GET["prioridad"].">";
switch ($_GET["prioridad"]){
if ((isset($_GET["prioridad"])) OR (isset($_GET["prioridad"]))){
if (isset($_GET["prioridad"]))
$prioridad = $_GET["prioridad"];
if (isset($_POST["prioridad"]))
$prioridad = $_POST["prioridad"];
echo "<option value=".$prioridad.">";
switch ($prioridad){
case -1: echo $lang_label["all"]." ".$lang_label["priority"]; break;
case 0: echo $lang_label["informative"]; break;
case 1: echo $lang_label["low"]; break;
@ -252,17 +274,22 @@ echo '<option value="2">'.$lang_label["medium"];
echo '<option value="3">'.$lang_label["serious"];
echo '<option value="4">'.$lang_label["very_serious"];
echo '<option value="10">'.$lang_label["maintenance"];
echo "</select></td><td valign='middle¡><noscript>";
echo "</select></td><td valign='middle><noscript>";
echo "<input type='submit' class='sub' value='".$lang_label["show"]."' border='0'></noscript>";
echo "</td>";
echo '<tr><td><select name="grupo" onChange="javascript:this.form.submit();" class="w155">';
if (isset($_GET["grupo"])){
echo "<option value=".$_GET["grupo"].">";
if ($_GET["grupo"] == -1)
echo $lang_label["all"]." ".$lang_label["groups"]; // all groups (default)
else
echo dame_nombre_grupo($_GET["grupo"]);
if ((isset($_GET["grupo"])) OR (isset($_GET["grupo"]))){
if (isset($_GET["grupo"]))
$grupo = $_GET["grupo"];
if (isset($_POST["grupo"]))
$grupo = $_POST["grupo"];
echo "<option value=".$grupo.">";
if ($grupo == -1)
echo $lang_label["all"]." ".$lang_label["groups"]; // all groups (default)
else
echo dame_nombre_grupo($grupo);
}
echo "<option value='-1'>".$lang_label["all"]." ".$lang_label["groups"]; // all groups (default)
$sql2="SELECT * FROM tgrupo";
@ -285,30 +312,18 @@ echo "
<br><br>
<table>";
// Offset adjustment
if (isset($_GET["offset"]))
$offset=$_GET["offset"];
else
$offset=0;
$offset_counter=0;
// Prepare index for pagination
$incident_list[]="";
$result2=mysql_query($sql1);
$result2_count=mysql_query($sql1_count);
$row2_count = mysql_fetch_array($result2_count);
if (!mysql_num_rows($result2)) {
if ($row2_count[0] <= 0 ) {
echo '<div class="nf">'.$lang_label["no_incidents"].'</div><br></table>';
} else {
while ($row2=mysql_fetch_array($result2)){ // Jump offset records
$id_group = $row2["id_grupo"];
if (give_acl($id_usuario, $id_group, "IR") ==1){
// Only incident read access to view data !
$incident_list[]=$row2["id_incidencia"];
}
}
// Fill array with data
// TOTAL incidents
$total_incidentes = sizeof($incident_list) - 1;
$total_incidentes = $row2_count[0];
$url = "index.php?sec=incidencias&sec2=operation/incidents/incident";
// add form filter values for group, priority, state, and search fields: user and text
@ -322,6 +337,8 @@ if (!mysql_num_rows($result2)) {
$url = $url."&usuario=".$_GET["usuario"];
if (isset($_GET["texto"]))
$url = $url."&texto=".$_GET["texto"];
if (isset($_GET["offset"] ))
$url = $url."&offset=".$_GET["offset"];
// Show pagination
pagination ($total_incidentes, $url, $offset);
@ -341,41 +358,25 @@ if (!mysql_num_rows($result2)) {
echo "<th>".$lang_label["delete"];
$color = 1;
// Skip offset records and begin show data
if ($offset !=0)
$offset_begin = $offset+1;
else
$offset_begin = $offset;
while ($row2=mysql_fetch_array($result2)){
$id_group = $row2["id_grupo"];
if (give_acl($id_usuario, $id_group, "IR") ==1){
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
$note_number = dame_numero_notas($row2["id_incidencia"]);
echo "<tr>";
echo "<td class='$tdcolor' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id=".$row2["id_incidencia"]."'>".$row2["id_incidencia"]."</a>";
for ($a=$offset_begin; $a < ($offset + $block_size +1);$a++){
if (isset($incident_list[$a])){
$id_incidente = $incident_list[$a];
} else {
$id_incidente ="";
}
if ($id_incidente != ""){
$sql="SELECT * FROM tincidencia WHERE id_incidencia = $id_incidente";
$result=mysql_query($sql);
$row=mysql_fetch_array($result);
$id_group = $row["id_grupo"];
if ($color == 1){
$tdcolor = "datos";
$color = 0;
}
else {
$tdcolor = "datos2";
$color = 1;
}
if (give_acl($id_usuario, $id_group, "IR") ==1){ // Only incident read access to view data !
$offset_counter++;
$note_number = dame_numero_notas($row["id_incidencia"]);
echo "<tr>";
echo "<td class='$tdcolor' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id=".$row["id_incidencia"]."'>".$row["id_incidencia"]."</a>";
// Check for attachments in this incident
$result3=mysql_query("SELECT * FROM tattachment WHERE id_incidencia = ".$row["id_incidencia"]);
mysql_fetch_array($result3);
if (mysql_affected_rows() > 0)
// Check for attachments in this incident
$result3=mysql_query("SELECT * FROM tattachment WHERE id_incidencia = ".$row2["id_incidencia"]);
mysql_fetch_array($result3);
if (mysql_affected_rows() > 0)
echo '&nbsp;&nbsp;<img src="images/file.gif" align="middle">';
// Tipo de estado (Type)
@ -385,12 +386,12 @@ if (!mysql_num_rows($result2)) {
// 3 - Caducada (out of date)
// 13 - Cerrada (closed)
// Verify if the status changes
if (($row["estado"] == 0) && ($note_number >0 )){
$row["estado"] = 1;
}
echo "<td class='$tdcolor' align='center'>";
switch ($row["estado"]) {
// Verify if the status changes
if (($row2["estado"] == 0) && ($note_number >0 )){
$row2["estado"] = 1;
}
echo "<td class='$tdcolor' align='center'>";
switch ($row2["estado"]) {
case 0: echo "<img src='images/dot_red.gif'>";
break;
case 1: echo "<img src='images/dot_yellow.gif'>";
@ -401,37 +402,35 @@ if (!mysql_num_rows($result2)) {
break;
case 13: echo "<img src='images/dot_green.gif'>";
break;
}
echo "<td class='$tdcolor'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id=".$row["id_incidencia"]."'>".substr(salida_limpia($row["titulo"]),0,27);
echo "<td class='$tdcolor'>";
switch ( $row["prioridad"] ){
case 0: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"."<img src='images/dot_yellow.gif'>"; break;
case 1: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_yellow.gif'>"."<img src='images/dot_yellow.gif'>"; break;
case 2: echo "<img src='images/dot_yellow.gif'>"."<img src='images/dot_yellow.gif'>"."<img src='images/dot_red.gif'>"; break;
case 3: echo "<img src='images/dot_yellow.gif'>"."<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"; break;
case 4: echo "<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"; break;
case 10: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"; break;
}
/*
case 0: echo $lang_label["informative"]; break;
case 1: echo $lang_label["low"]; break;
case 2: echo $lang_label["medium"]; break;
case 3: echo $lang_label["serious"]; break;
case 4: echo $lang_label["very_serious"]; break;
case 10: echo $lang_label["maintenance"]; break;
*/
echo "<td class='$tdcolor'>".dame_nombre_grupo($row["id_grupo"]);
echo "<td class='$tdcolor'>".$row["actualizacion"];
echo "<td class='$tdcolor'>".$row["origen"];
echo "<td class='$tdcolor'><a href='index.php?sec=usuario&sec2=operation/users/user_edit&ver=".$row["id_usuario"]."'><a href='#' class='tip'>&nbsp;<span>".dame_nombre_real($row["id_usuario"])."</span></a>".substr($row["id_usuario"], 0, 8)."</a></td>";
$id_author_inc = $row["id_usuario"];
if ((give_acl($id_usuario, $id_group, "IM") ==1) OR
($_SESSION["id_usuario"] == $id_author_inc) ){
// Only incident owners or incident manager
// from this group can delete incidents
echo "<td class='$tdcolor' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident&quick_delete=".$row["id_incidencia"]."' onClick='if (!confirm(\' ".$lang_label["are_you_sure"]."\')) return false;'><img src='images/cancel.gif' border='0'></a></td>";
}
} // if ACL is correct
}
echo "<td class='$tdcolor'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id=".$row2["id_incidencia"]."'>".substr(salida_limpia($row2["titulo"]),0,25);
echo "<td class='$tdcolor'>";
switch ( $row2["prioridad"] ){
case 0: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"."<img src='images/dot_yellow.gif'>"; break;
case 1: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_yellow.gif'>"."<img src='images/dot_yellow.gif'>"; break;
case 2: echo "<img src='images/dot_yellow.gif'>"."<img src='images/dot_yellow.gif'>"."<img src='images/dot_red.gif'>"; break;
case 3: echo "<img src='images/dot_yellow.gif'>"."<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"; break;
case 4: echo "<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"."<img src='images/dot_red.gif'>"; break;
case 10: echo "<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"."<img src='images/dot_green.gif'>"; break;
}
/*
case 0: echo $lang_label["informative"]; break;
case 1: echo $lang_label["low"]; break;
case 2: echo $lang_label["medium"]; break;
case 3: echo $lang_label["serious"]; break;
case 4: echo $lang_label["very_serious"]; break;
case 10: echo $lang_label["maintenance"]; break;
*/
echo "<td class='$tdcolor'>".dame_nombre_grupo($row2["id_grupo"]);
echo "<td class='$tdcolor'>".$row2["actualizacion"];
echo "<td class='$tdcolor'>".$row2["origen"];
echo "<td class='$tdcolor'><a href='index.php?sec=usuario&sec2=operation/users/user_edit&ver=".$row2["id_usuario"]."'><a href='#' class='tip'>&nbsp;<span>".dame_nombre_real($row2["id_usuario"])."</span></a>".substr($row2["id_usuario"], 0, 8)."</a></td>";
$id_author_inc = $row2["id_usuario"];
if ((give_acl($id_usuario, $id_group, "IM") ==1) OR ($_SESSION["id_usuario"] == $id_author_inc) ){
// Only incident owners or incident manager
// from this group can delete incidents
echo "<td class='$tdcolor' align='center'><a href='index.php?sec=incidencias&sec2=operation/incidents/incident&quick_delete=".$row2["id_incidencia"]."' onClick='if (!confirm(\' ".$lang_label["are_you_sure"]."\')) return false;'><img src='images/cancel.gif' border='0'></a></td>";
}
}
}
echo "<tr><td colspan='9'><div class='raya'></div>" ;