diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog index ac0263a979..07c82e10a2 100644 --- a/pandora_console/ChangeLog +++ b/pandora_console/ChangeLog @@ -1,3 +1,17 @@ +2011-08-09 Javier Lanz + + * operation/incidents/incident.incident.php, + operation/incidents/incident.files.php, + operation/incidents/incident.tracking.php, + operation/incidents/incident.workunits.php, + operation/incidents/incident.download_file.php, + operation/incidents/incident.list.php: Deleted. + + * operation/incidents/incident.php, + operation/incidents/incident_detail.php: Restored from a previous + version due an incident moving and copying files. + + 2011-08-09 Juan Manuel Ramon * extensions/module_groups.php: Add tooltip message when a module group diff --git a/pandora_console/operation/incidents/incident.download_file.php b/pandora_console/operation/incidents/incident.download_file.php deleted file mode 100644 index 5f9aa87859..0000000000 --- a/pandora_console/operation/incidents/incident.download_file.php +++ /dev/null @@ -1,36 +0,0 @@ - diff --git a/pandora_console/operation/incidents/incident.files.php b/pandora_console/operation/incidents/incident.files.php deleted file mode 100644 index 583275c7dd..0000000000 --- a/pandora_console/operation/incidents/incident.files.php +++ /dev/null @@ -1,72 +0,0 @@ -width = "98%"; -$table->class = "databox"; - -$table->data = array(); - -$profiles = array(); -$table->data[0][0] = "".__('File')."
".html_print_input_file ('new_file', true, array('size' => "50%")); - -$table->data[1][0] = "".__('Description')."
".html_print_textarea('description', 3, 6, '' , '', true); - -$form = "
"; -$form .= html_print_table($table, true); -$form .= html_print_submit_button(__('Add'), 'submit_button', false, '', true); -$form .= html_print_input_hidden('tab', 'files', true); -$form .= html_print_input_hidden('attach_file', '1', true); -$form .= html_print_input_hidden('id_incident', $id_incident, true); -$form .= "
"; - -ui_toggle($form, __('Add a file')); - -unset($table); - -$table->width = "98%"; -$table->class = "databox"; - -$table->head[0] = __('Filename'); -$table->head[1] = __('Timestamp'); -$table->head[2] = __('Description'); -$table->head[3] = __('Size'); -$table->head[4] = __('Delete'); - -$table->data = array(); - -if(isset($result['file'][0]) && is_array($result['file'][0])){ - $files = $result['file']; -} -else { - $files = $result; -} - -$row = 0; -foreach($files as $value) { - $table->data[$row][0] = ''.$value['filename'].''; - $table->data[$row][1] = $value['id_usuario']; - if(is_array($value['description'])) { - $value['description'] = ''; - } - $table->data[$row][2] = $value['description']; - $table->data[$row][3] = $value['size']; - $table->data[$row][4] = "".html_print_image("images/cross.png", true, array('title' => __('Delete file'))).""; - $row++; -} - -html_print_table($table); - -?> diff --git a/pandora_console/operation/incidents/incident.incident.php b/pandora_console/operation/incidents/incident.incident.php deleted file mode 100644 index 39137ca02d..0000000000 --- a/pandora_console/operation/incidents/incident.incident.php +++ /dev/null @@ -1,119 +0,0 @@ -width = "98%"; -$table->class = "databox"; - -$table->data = array(); -$table->colspan[0][0] = 3; -$table->colspan[3][0] = 3; -$table->colspan[4][0] = 3; - -$table->data[0][0] = "".__('Title')."
".html_print_input_text("title", $result['titulo'], '', 50, 255, true); -if(isset($result['id_incidencia'])) { - $table->data[1][2] = "".__('Assigned user')."
".html_print_select ($users, 'id_user', $result['id_usuario'], '', '', 0, true, false, false); -} -else { - $table->data[1][2] = ""; -} - -$table->data[1][0] = "".__('Group')."
".html_print_select ($groups, 'group', $result['id_grupo'], '', '', 0, true, false, false); -$table->data[1][1] = "".__('Priority')."
".html_print_select (incidents_get_priorities (), 'priority', $result['prioridad'], '', '', 0, true, false, false); -$table->data[1][2] = "".__('Creator')."
".$result['id_creator']; - -if(isset($result['id_incidencia'])) { - $table->data[2][0] = "".__('Source')."
".html_print_select ($sources, 'source', $result['origen'], '', '', 0, true, false, false); - $table->data[2][1] = "".__('Resolution')."
".html_print_select ($resolutions, 'resolution', $result['resolution'], '', '', 0, true, false, false); - $table->data[2][2] = "".__('Status')."
".html_print_select ($status, 'status', $result['estado'], '', '', 0, true, false, false); -} - -if(is_array($result['descripcion'])) { - $result['descripcion'] = ""; -} - -$table->data[3][0] = "".__('Description')."
".html_print_textarea("description", 10, 6, $result['descripcion'] , '', true); - -if(isset($result['id_incidencia'])) { -if(is_array($result['epilog'])) { - $result['epilog'] = implode(',', $result['epilog']); -} -$table->data[4][0] = "".__('Resolution epilog')."
".html_print_textarea("epilog", 10, 6, $result['epilog'] , '', true); -} - -if(isset($result['id_incidencia'])) { - echo "
"; - html_print_table($table); - html_print_submit_button(__('Update'), 'submit_button'); - html_print_input_hidden('tab', 'incident'); - html_print_input_hidden('update_incident', '1'); - html_print_input_hidden('id_incident', $result['id_incidencia']); - echo "
"; -} -else { - echo "
"; - html_print_table($table); - html_print_submit_button(__('Create'), 'submit_button'); - html_print_input_hidden('tab', 'incident'); - html_print_input_hidden('create_incident', '1'); - echo "
"; -} -?> diff --git a/pandora_console/operation/incidents/incident.list.php b/pandora_console/operation/incidents/incident.list.php deleted file mode 100644 index 31253bab0c..0000000000 --- a/pandora_console/operation/incidents/incident.list.php +++ /dev/null @@ -1,144 +0,0 @@ -'; - -echo '
'; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo ''; -echo '
'; -echo "".__('Search string').""; -echo ''; -echo "".__('Status').""; -echo ''; -echo "".__('Group').""; -echo '
'; -html_print_input_text('search_string', $search_string, ''); -echo ''; -html_print_select ($status, 'search_status', $search_status, '', '', 0, false); -echo ''; -html_print_select ($groups, 'search_group', $search_group, '', '', 0, false, false, false); -echo ''; -html_print_submit_button (__('Search')); -echo '
'; - -echo ''; - - -// Show headers -$table->width = "98%"; -$table->class = "databox"; -$table->cellpadding = 4; -$table->cellspacing = 4; -$table->head = array (); -$table->data = array (); -$table->size = array (); -$table->align = array (); - -$table->head[0] = __('ID'); -//$table->head[1] = __('SLA'); -$table->head[2] = __('Incident'); -$table->head[3] = __('Group'); -$table->head[4] = __('Status')."
".__('Resolution').""; -$table->head[5] = __('Priority'); -$table->head[6] = __('Updated')."
".__('Started').""; -$table->head[7] = __('Details'); -$table->head[8] = __('Creator'); -$table->head[9] = __('Owner'); -$table->head[10] = __('Action'); - -$table->align[4] = "center"; -$table->align[5] = "center"; - -if(isset($result['incident'][0]) && is_array($result['incident'][0])){ - $incidents = $result['incident']; -} -else { - $incidents = $result; -} - -$rowPair = true; -$iterator = 0; -foreach ($incidents as $row) { - if ($rowPair) - $table->rowclass[$iterator] = 'rowPair'; - else - $table->rowclass[$iterator] = 'rowOdd'; - $rowPair = !$rowPair; - $iterator++; - - $data = array(); - - $data[0] = ''.$row["id_incidencia"].''; - //$data[1] = ""; - $data[2] = ''.substr(io_safe_output($row["titulo"]),0,45).''; - $data[3] = $groups[$row["id_grupo"]]; - $data[4] = $status[$row["estado"]]."
".$resolutions[$row["resolution"]].""; - $data[5] = incidents_print_priority_img ($row["prioridad"], true); - $data[6] = ui_print_timestamp ($row["actualizacion"], true)."
" . ui_print_timestamp ($row["inicio"], true).""; - $data[7] = $row["workunits_hours"]." ".__('Hours')."
".$row["workunits_count"]." ".__('Workunits'); - $data[8] = $row["id_creator"]; - $data[9] = $row["id_usuario"]; - $data[10] = "".html_print_image("images/cross.png", true, array('title' => __('Delete incident')))."".html_print_image("images/config.png", true, array('title' => __('View incident details'))).""; - - array_push ($table->data, $data); -} - -if(isset($data)) { - html_print_table ($table); -} -else { - echo "
".__('There are no defined incidents')."
"; -} -?> diff --git a/pandora_console/operation/incidents/incident.php b/pandora_console/operation/incidents/incident.php index d08b9903cc..63061af002 100755 --- a/pandora_console/operation/incidents/incident.php +++ b/pandora_console/operation/incidents/incident.php @@ -24,247 +24,313 @@ if (! check_acl ($config['id_user'], 0, "IR")) { exit; } -$tab = get_parameter('tab', 'list'); -$id_incident = get_parameter('id_incident', 0); - -// We choose a strange token to use texts with commas, etc. -$token = ';,;'; - // Header -if($tab == 'list' || $tab == 'editor') { - $buttons = array( - 'list' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/page_white_text.png", true, array ("title" => __('Incidents'))) .''), - 'editor' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/add.png", true, array ("title" => __('New Incident'))) .'')); -} -else { - $buttons = array( - 'list' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/page_white_text.png", true, array ("title" => __('Incidents'))) .''), - 'incident' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/eye.png", true, array ("title" => __('Incident details'))) .''), - 'workunits' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/computer.png", true, array ("title" => __('Workunits'))) .''), - 'files' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/file.png", true, array ("title" => __('Files'))) .''), - 'tracking' => array( - 'active' => false, - 'text' => '' . - html_print_image ("images/comments.png", true, array ("title" => __('Tracking'))) .'')); +ui_print_page_header (__('Incident management'), "images/book_edit.png", false, "", false, ""); + +// Take input parameters + +// Offset adjustment +if (isset($_GET["offset"])) { + $offset = get_parameter ("offset"); +} else { + $offset = 0; } + +// Check action. Try to get author and group +$action = get_parameter ("action"); + +if ($action == "mass") { + $id_inc = get_parameter ("id_inc", array ()); + $delete_btn = get_parameter ("delete_btn", -1); + $own_btn = get_parameter ("own_btn", -1); -$buttons[$tab]['active'] = true; - -ui_print_page_header (__('Incident management'), "images/book_edit.png", false, "", false, $buttons); - -$update_incident = get_parameter('update_incident', 0); - -$integria_api = $config['integria_url']."/include/api.php?return_type=xml&user=".$config['id_user']."&pass=".$config['integria_api_password']; - -if($update_incident == 1) { - $values[0] = $id_incident; - $values[1] = str_replace(" ", "%20", io_safe_output(get_parameter('title'))); - $values[2] = str_replace(" ", "%20", io_safe_output(get_parameter('description'))); - $values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('epilog'))); - $values[4] = get_parameter('group'); - $values[5] = get_parameter('priority'); - $values[6] = get_parameter('source'); - $values[7] = get_parameter('resolution'); - $values[8] = get_parameter('status'); - $values[9] = get_parameter('creator', get_parameter('creator_fix')); - - $params = implode($token, $values); - - $url = $integria_api."&op=update_incident&token=".$token."¶ms=".$params; - // Call the integria API - $result = incidents_call_api($url); -} - -$create_incident = get_parameter('create_incident', 0); - -if($create_incident == 1) { - $values[0] = str_replace(" ", "%20", io_safe_output(get_parameter('title'))); - $values[1] = get_parameter('group'); - $values[2] = get_parameter('priority'); - $values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('description'))); - $values[4] = $config['integria_inventory']; + foreach ($id_inc as $incident) { + if (check_acl ($config['id_user'], incidents_get_group ($incident), "IM") || incidents_get_author ($incident) == $config["id_user"] || incidents_get_owner ($incident) == $config["id_user"]) { + continue; + } + db_pandora_audit("ACL Forbidden","Mass-update or deletion of incident"); + require ("general/noaccess.php"); + exit; + } - $params = implode($token, $values); + if ($delete_btn != -1) { + $result = incidents_delete_incident ($id_inc); + ui_print_result_message ($result, + __('Successfully deleted'), + __('Could not be deleted')); + } + if ($own_btn != -1) { + $result = incidents_process_chown ($id_inc, $config["id_user"]); + ui_print_result_message ($result, + __('Successfully reclaimed ownership'), + __('Could not reclame ownership')); + } - $url = $integria_api."&op=create_incident&token=".$token."¶ms=".$params; - - // Call the integria API - $result = incidents_call_api($url); } +elseif ($action == "update") { + $id_inc = get_parameter ("id_inc", 0); + $author = incidents_get_author ($id_inc); + $owner = incidents_get_owner ($id_inc); + $grupo = incidents_get_group ($id_inc); + + if ($author != $config["id_user"] && $owner != $config["id_user"] && !check_acl ($config['id_user'], $grupo, "IM")) { // Only admins (manage incident) or owners/creators can modify incidents + db_pandora_audit("ACL Forbidden", "Update incident #".$id_inc, $author); + require ("general/noaccess.php"); + exit; + } + + $titulo = get_parameter ("titulo"); + $descripcion = get_parameter ("descripcion"); + $origen = get_parameter ("origen_form"); + $prioridad = get_parameter ("prioridad_form", 0); + $estado = get_parameter ("estado_form", 0); + $grupo = get_parameter ("grupo_form", 1); + $usuario = get_parameter ("usuario_form", $config["id_user"]); + + $sql = sprintf ("UPDATE tincidencia SET titulo = '%s', origen = '%s', estado = %d, id_grupo = %d, id_usuario = '%s', prioridad = %d, descripcion = '%s', id_lastupdate = '%s' WHERE id_incidencia = %d", + $titulo, $origen, $estado, $grupo, $usuario, $prioridad, $descripcion, $config["id_user"], $id_inc); + $result = db_process_sql ($sql); -$attach_file = get_parameter('attach_file', 0); + if ($result !== false) { + db_pandora_audit("Incident updated","User ".$config['id_user']." updated incident #".$id_inc); + } + + ui_print_result_message ($result, + __('Successfully updated'), + __('Could not be updated')); + +} elseif ($action == "insert") { + //Create incident + $grupo = get_parameter ("grupo_form", 1); + + if (!check_acl ($config['id_user'], $grupo, "IW")) { + db_pandora_audit("ACL Forbidden", "User ".$config["id_user"]." tried to update incident"); + require ("general/noaccess.php"); + exit; + } -if($attach_file == 1) { - if($_FILES['new_file']['name'] != "" && $_FILES['new_file']['error'] == 0) { - $file_content = file_get_contents($_FILES["new_file"]["tmp_name"]); - - $values[0] = $id_incident; - $values[1] = $_FILES['new_file']['name']; - $values[2] = $_FILES['new_file']['size']; - $values[3] = str_replace(" ", "%20", io_safe_output(get_parameter('description'), __('No description available'))); - $values[4] = base64_encode($file_content); - - - $params = implode($token, $values); + // Read input variables + $titulo = get_parameter ("titulo"); + $descripcion = get_parameter ("descripcion"); + $origen = get_parameter ("origen_form"); + $prioridad = get_parameter ("prioridad_form"); + $id_creator = $config['id_user']; + $estado = get_parameter ("estado_form"); + $sql = sprintf ("INSERT INTO tincidencia (inicio, actualizacion, titulo, descripcion, id_usuario, origen, estado, prioridad, id_grupo, id_creator) VALUES + (NOW(), NOW(), '%s', '%s', '%s', '%s', %d, %d, '%s', '%s')", $titulo, $descripcion, $config["id_user"], $origen, $estado, $prioridad, $grupo, $config["id_user"]); + $id_inc = db_process_sql ($sql, "insert_id"); - $url = $integria_api."&op=attach_file&token=".$token; - - // Call the integria API - $result = incidents_call_api($url, array('params' => $params)); + if ($id_inc === false) { + echo '

'.__('Error creating incident').'

'; } else { - switch ($_FILES['new_file']['error']) { - case 1: - echo '

'.__('File is too big').'

'; - break; - case 3: - echo '

'.__('File was partially uploaded. Please try again').'

'; - break; - case 4: - echo '

'.__('No file was uploaded').'

'; - break; - default: - echo '

'.__('Generic upload error').'(Code: '.$_FILES['new_file']['error'].')

'; + db_pandora_audit("Incident created", "User ".$config["id_user"]." created incident #".$id_inc); + } +} + +// Search +$filter = ""; + +$texto = (string) get_parameter ("texto", ""); +if ($texto != "") + $filter .= sprintf (" AND (titulo LIKE '%%%s%%' OR descripcion LIKE '%%%s%%')", $texto, $texto); + +$usuario = (string) get_parameter ("usuario", ""); +if ($usuario != "") + $filter .= sprintf (" AND id_usuario = '%s'", $usuario); + +$estado = (int) get_parameter ("estado", -1); +if ($estado >= 0) //-1 = All + $filter .= sprintf (" AND estado = %d", $estado); + +$grupo = (int) get_parameter ("grupo", 0); +if ($grupo > 0) { + $filter .= sprintf (" AND id_grupo = %d", $grupo); + if (check_acl ($config['id_user'], $grupo, "IM") == 0) { + db_pandora_audit("ACL Forbidden","User tried to read incidents from group without access"); + include ("general/noaccess.php"); + exit; + } +} + +$prioridad = (int) get_parameter ("prioridad", -1); +if ($prioridad != -1) //-1 = All + $filter .= sprintf (" AND prioridad = %d", $prioridad); + +$offset = (int) get_parameter ("offset", 0); +$groups = users_get_groups ($config["id_user"], "IR"); + +//Select incidencts where the user has access to ($groups from +//get_user_groups), array_keys for the id, implode to pass to SQL +$sql = "SELECT * FROM tincidencia WHERE + id_grupo IN (".implode (",",array_keys ($groups)).")".$filter." + ORDER BY actualizacion DESC LIMIT ".$offset.",".$config["block_size"]; + +$result = db_get_all_rows_sql ($sql); +if (empty ($result)) { + $result = array (); + $count = 0; +} else { + $count = count ($result); +} + + +echo '
'; + +echo ' +

'.__('Filter').'

'; + +$fields = incidents_get_status (); +html_print_select ($fields, "estado", $estado, 'javascript:this.form.submit();', __('All incidents'), -1, false, false, false, 'w155'); + +//Legend +echo '

'.__('Status').'

'; +foreach (incidents_get_status () as $id => $str) { + incidents_print_status_img ($id); + echo ' - ' . $str . '
'; +} + +echo '

'.__('Priority').'

'; +foreach (incidents_get_priorities () as $id => $str) { + incidents_print_priority_img ($id); + echo ' - ' . $str . '
'; +} + +echo '
'; + +$fields = incidents_get_priorities (); + +html_print_select ($fields, "prioridad", $prioridad, 'javascript:this.form.submit();', __('All priorities'), -1,false,false,false,'w155'); + +echo '
'; + +html_print_select (users_get_info (), "usuario", $usuario, 'javascript:this.form.submit();', __('All users'), "", false, false, false, "w155"); + +echo '
'; + +html_print_select_groups($config["id_user"], "IR", true, "grupo", $grupo, 'javascript:this.form.submit();', '', '',false,false,false,'w155'); + +echo "    "; + +html_print_input_text ('texto', $texto, '', 45); +echo ' '; +html_print_input_image ("submit", "images/zoom.png", __('Search'), 'padding:0;', false, array ("alt" => __('Search'))); + +echo "
"; +echo '
'; + +if ($count < 1) { + echo '
'.__('No incidents match your search filter').'

'; +} else { + // TOTAL incidents + $url = "index.php?sec=incidencias&sec2=operation/incidents/incident"; + + $estado = -1; + + // add form filter values for group, priority, state, and search fields: user and text + if ($grupo != -1) + $url .= "&grupo=".$grupo; + if ($prioridad != -1) + $url .= "&prioridad=".$prioridad; + if ($estado != -1) + $url .= "&estado=".$estado; + if ($usuario != '') + $url .= "&usuario=".$usuario; + if ($texto != '') + $url .= "&texto=".$texto; + + // Show pagination + ui_pagination ($count + $offset, $url, $offset, 15, false); //($count + $offset) it's real count of incidents because it's use LIMIT $offset in query. + echo '
'; + + // Show headers + $table->width = "100%"; + $table->class = "databox"; + $table->cellpadding = 4; + $table->cellspacing = 4; + $table->head = array (); + $table->data = array (); + $table->size = array (); + $table->align = array (); + + $table->head[0] = __('ID'); + $table->head[1] = __('Status'); + $table->head[2] = __('Incident'); + $table->head[3] = __('Priority'); + $table->head[4] = __('Group'); + $table->head[5] = __('Updated'); + $table->head[6] = __('Source'); + $table->head[7] = __('Owner'); + $table->head[8] = __('Action'); + + $table->size[0] = 43; + $table->size[7] = 50; + + $table->align[1] = "center"; + $table->align[3] = "center"; + $table->align[4] = "center"; + $table->align[8] = "center"; + + $rowPair = true; + $iterator = 0; + foreach ($result as $row) { + if ($rowPair) + $table->rowclass[$iterator] = 'rowPair'; + else + $table->rowclass[$iterator] = 'rowOdd'; + $rowPair = !$rowPair; + $iterator++; + + $data = array(); + + $data[0] = ''.$row["id_incidencia"].''; + $attach = incidents_get_attach ($row["id_incidencia"]); + + if (!empty ($attach)) + $data[0] .= '  '.html_print_image ("images/attachment.png", true, array ("style" => "align:middle;")); + + $data[1] = incidents_print_status_img ($row["estado"], true); + $data[2] = ''.substr(io_safe_output($row["titulo"]),0,45).''; + $data[3] = incidents_print_priority_img ($row["prioridad"], true); + $data[4] = ui_print_group_icon ($row["id_grupo"], true); + $data[5] = ui_print_timestamp ($row["actualizacion"], true); + $data[6] = $row["origen"]; + $data[7] = ui_print_username ($row["id_usuario"], true); + + if (check_acl ($config["id_user"], $row["id_grupo"], "IM") || $config["id_user"] == $row["id_usuario"] || $config["id_user"] == $row["id_creator"]) { + $data[8] = html_print_checkbox ("id_inc[]", $row["id_incidencia"], false, true); + } else { + $data[8] = ''; } + + array_push ($table->data, $data); } -} - -$delete_file = get_parameter('delete_file', 0); - -if($delete_file != 0) { - $url = $integria_api."&op=delete_file¶ms=".$delete_file; - - // Call the integria API - $result = incidents_call_api($url); -} - -$delete_incident = get_parameter('delete_incident', 0); - -if($delete_incident != 0) { - $url = $integria_api."&op=delete_incident¶ms=".$delete_incident; - - // Call the integria API - $result = incidents_call_api($url); -} - -$create_workunit = get_parameter('create_workunit', 0); - -if($create_workunit == 1) { - $values[0] = $id_incident; - $values[1] = str_replace(" ", "%20", io_safe_output(get_parameter('description'))); - $values[2] = get_parameter('time_used'); - $values[3] = get_parameter('have_cost'); - $values[4] = get_parameter('public'); - $values[5] = get_parameter('profile'); - $params = implode($token, $values); - - $url = $integria_api."&op=create_workunit&token=".$token."¶ms=".$params; - - // Call the integria API - $result = incidents_call_api($url); -} - -// Set the url with parameters to call the api -switch($tab) { - case 'list': - $search_string = get_parameter('search_string', ""); - $params[0] = $search_string; - - $search_status = get_parameter('search_status', -10); - $params[1] = $search_status; - - $search_group = get_parameter('search_group', 1); - $params[2] = $search_group; - - $params = implode($token,$params); - - $url = $integria_api."&op=get_incidents&token=".$token."¶ms=".$params; - $url_resolutions = $integria_api."&op=get_incidents_resolutions"; - $url_status = $integria_api."&op=get_incidents_status"; - $url_groups = $integria_api."&op=get_groups¶ms=1"; - break; - case 'incident': - $url = $integria_api."&op=get_incident_details¶ms=".$id_incident; - case 'editor': - $url_resolutions = $integria_api."&op=get_incidents_resolutions"; - $url_status = $integria_api."&op=get_incidents_status"; - $url_sources = $integria_api."&op=get_incidents_sources"; - $url_groups = $integria_api."&op=get_groups¶ms=0"; - $url_users = $integria_api."&op=get_users"; - break; - case 'workunits': - $url = $integria_api."&op=get_incident_workunits¶ms=".$id_incident; - break; - case 'files': - $url = $integria_api."&op=get_incident_files¶ms=".$id_incident; - break; - case 'tracking': - $url = $integria_api."&op=get_incident_tracking¶ms=".$id_incident; - break; -} - -if(isset($url)) { - // Call the integria API - $xml = incidents_call_api($url); -} -else { - $xml = ""; -} - -// If is a valid XML, parse it -if(xml_parse(xml_parser_create(), $xml)) { - $result = incidents_xml_to_array($xml); - if($result == false) { - $result = array(); + echo '
'; + html_print_table ($table); + echo '
'; + echo ''.__('Action').': ' ; + if (check_acl ($config["id_user"], 0, "IW")) { + html_print_submit_button (__('Delete incidents'), 'delete_btn', false, 'class="sub delete"'); } - switch($tab) { - case 'list': - $result_resolutions = incidents_xml_to_array(incidents_call_api($url_resolutions)); - $result_status = incidents_xml_to_array(incidents_call_api($url_status)); - $result_groups = incidents_xml_to_array(incidents_call_api($url_groups)); - require_once('incident.list.php'); - break; - case 'editor': - case 'incident': - $result_resolutions = incidents_xml_to_array(incidents_call_api($url_resolutions)); - $result_status = incidents_xml_to_array(incidents_call_api($url_status)); - $result_sources = incidents_xml_to_array(incidents_call_api($url_sources)); - $result_groups = incidents_xml_to_array(incidents_call_api($url_groups)); - $result_users = incidents_xml_to_array(incidents_call_api($url_users)); - require_once('incident.incident.php'); - break; - case 'workunits': - require_once('incident.workunits.php'); - break; - case 'files': - require_once('incident.files.php'); - break; - case 'tracking': - require_once('incident.tracking.php'); - break; + if (check_acl ($config["id_user"], 0, "IM")) { + html_print_submit_button (__('Become owner'), 'own_btn', false, 'class="sub upd"'); } + echo '
'; + echo '
'; + unset ($table); +} + echo '

'; +if (check_acl ($config["id_user"], 0, "IW")) { + echo '
'; + echo '
'; + html_print_submit_button (__('Create incident'), 'crt', false, 'class="sub next"'); + echo '
'; + echo '
'; } - - echo '
 
'; ?> diff --git a/pandora_console/operation/incidents/incident.tracking.php b/pandora_console/operation/incidents/incident.tracking.php deleted file mode 100644 index 336fb3e17d..0000000000 --- a/pandora_console/operation/incidents/incident.tracking.php +++ /dev/null @@ -1,45 +0,0 @@ -width = "98%"; -$table->class = "databox"; - -$table->head[0] = __('Description'); -$table->head[1] = __('User'); -$table->head[2] = __('Date'); - -$table->data = array(); - -if(isset($result['tracking'][0]) && is_array($result['tracking'][0])){ - $tracking = $result['tracking']; -} -else { - $tracking = $result; -} - -$row = 0; -foreach($tracking as $value) { - - $table->data[$row][0] = $value['description']; - $table->data[$row][1] = $value['id_user']; - $table->data[$row][2] = $value['timestamp']; - $row++; -} - -html_print_table($table); - -?> diff --git a/pandora_console/operation/incidents/incident.workunits.php b/pandora_console/operation/incidents/incident.workunits.php deleted file mode 100644 index 7350810434..0000000000 --- a/pandora_console/operation/incidents/incident.workunits.php +++ /dev/null @@ -1,67 +0,0 @@ -width = "98%"; -$table->class = "databox"; - -$table->data = array(); -$table->colspan[1][0] = 3; - -$profiles = array(); -$default_time = "0.25"; -$table->data[0][0] = "".__('Time used')."
".html_print_input_text ('time_used', $default_time, '', 10, 255, true); -$table->data[0][1] = "".__('Have cost')."
".html_print_checkbox ('have_cost', '', false, true); -$table->data[0][2] = "".__('Public')."
".html_print_checkbox ('public', '', true, true); - -$table->data[1][0] = "".__('Description')."
".html_print_textarea('description', 3, 6, '' , '', true); - -$form = "
"; -$form .= html_print_table($table, true); -$form .= html_print_submit_button(__('Add'), 'submit_button', false, '', true); -$form .= html_print_input_hidden('tab', 'workunits', true); -$form .= html_print_input_hidden('create_workunit', '1', true); -$form .= html_print_input_hidden('id_incident', $id_incident, true); -$form .= html_print_input_hidden('profile', '0', true); -$form .= "
"; - -ui_toggle($form, __('Add workunit')); - -if(isset($result['workunit'][0]) && is_array($result['workunit'][0])){ - $workunits = $result['workunit']; -} -else { - $workunits = $result; -} - -foreach($workunits as $value) { - $table->width = "98%"; - $table->class = "databox"; - $table->colspan[1][0] = 4; - $table->size[0] = "80%"; - $table->size[1] = "20%"; - - $table->data = array(); - - $table->data[0][0] = $value['id_user']." ".__('said')." ".$value['timestamp']; - $table->data[0][1] = $value['duration']." ".__('Hours')." ".__('Public').": ".$value['public']; - - $table->data[1][0] = $value['description']; - - html_print_table($table); -} -?> diff --git a/pandora_console/operation/incidents/incident_detail.php b/pandora_console/operation/incidents/incident_detail.php index c661972bcf..939068ce20 100755 --- a/pandora_console/operation/incidents/incident_detail.php +++ b/pandora_console/operation/incidents/incident_detail.php @@ -18,7 +18,6 @@ global $config; require_once ("include/functions_incidents.php"); require_once ("include/functions_events.php"); //To get events group information -require_once ($config['homedir'] . "/include/functions_users.php"); check_login (); @@ -34,7 +33,7 @@ $actualizacion = get_system_time (); // EDITION MODE if (isset ($_GET["id"])) { - $id_inc = (int) get_parameter_get ("id", 0); + $id_inc = (int) get_parameter ("id", 0); // Obtain group of this incident $row = db_get_row ("tincidencia","id_incidencia",$id_inc); @@ -54,13 +53,10 @@ if (isset ($_GET["id"])) { // Note add - everybody that can read incidents, can add notes if (isset ($_GET["insertar_nota"])) { - $nota = get_parameter_post ("nota"); + $nota = get_parameter ("nota"); - $values = array( - 'id_usuario' => $config["id_user"], - 'id_incident' => $id_inc, - 'nota' => $nota); - $id_nota = db_process_sql_insert('tnota', $values); + $sql = sprintf ("INSERT INTO tnota (id_usuario, id_incident, nota) VALUES ('%s', %d, '%s')",$config["id_user"],$id_inc, $nota); + $id_nota = db_process_sql ($sql, "insert_id"); if ($id_nota !== false) { incidents_process_touch ($id_inc); @@ -72,7 +68,7 @@ if (isset ($_GET["id"])) { // Delete note if (isset ($_POST["delete_nota"])) { - $id_nota = get_parameter_post ("delete_nota", 0); + $id_nota = get_parameter ("delete_nota", 0); $note_user = incidents_get_notes_author ($id_nota); if (((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($note_user == $config["id_user"])) OR ($id_owner == $config["id_user"])) { // Only admins (manage incident) or owners can modify @@ -91,10 +87,10 @@ if (isset ($_GET["id"])) { // Delete file if (((check_acl ($config["id_user"], $id_grupo, "IM")==1) OR ($id_owner == $config["id_user"])) AND isset ($_POST["delete_file"])) { - $file_id = (int) get_parameter_post ("delete_file", 0); + $file_id = (int) get_parameter ("delete_file", 0); $filename = db_get_value ("filename", "tattachment", "id_attachment", $file_id); - - $result = db_process_sql_delete('tattachment', array('id_attachment' => $file_id)); + $sql = sprintf ("DELETE FROM tattachment WHERE id_attachment = %d",$file_id); + $result = db_process_sql ($sql); if (!empty ($result)) { unlink ($config["attachment_store"]."/pand".$file_id."_".$filename); @@ -108,7 +104,7 @@ if (isset ($_GET["id"])) { // Upload file if ((check_acl ($config["id_user"], $id_grupo, "IW") == 1) AND isset ($_GET["upload_file"]) AND ($_FILES['userfile']['name'] != "")) { - $description = get_parameter_post ("file_description", __('No description available')); + $description = get_parameter ("file_description", __('No description available')); // Insert into database $filename = io_safe_input ($_FILES['userfile']['name']); @@ -126,20 +122,16 @@ if (isset ($_GET["id"])) { } } - $values = array( - 'id_incidencia' => $id_inc, - 'id_usuario' => $config["id_user"], - 'filename' => $filename, - 'description' => $description, - 'size' => $filesize); - $id_attachment = db_process_sql_insert('tattachment', $values); + $sql = sprintf ("INSERT INTO tattachment (id_incidencia, id_usuario, filename, description, size) + VALUES (%d, '%s', '%s', '%s', %d)", $id_inc, $config["id_user"],$filename,$description,$filesize); + + $id_attachment = db_process_sql ($sql,"insert_id"); // Copy file to directory and change name if ($id_attachment !== false) { $nombre_archivo = $config["attachment_store"]."/pand".$id_attachment."_".$filename; $result = copy ($_FILES['userfile']['tmp_name'], $nombre_archivo); - } - else { + } else { echo '

'.__('File could not be saved due to database error').'

'; $result = false; } @@ -147,9 +139,8 @@ if (isset ($_GET["id"])) { if ($result !== false) { unlink ($_FILES['userfile']['tmp_name']); incidents_process_touch ($id_inc); - } - else { - db_process_sql_delete('tattachment', array('id_attachment' => $id_attachment)); + } else { + db_process_sql ("DELETE FROM tattachment WHERE id_attachment = ".$id_attachment); } ui_print_result_message ($result, @@ -170,7 +161,7 @@ elseif (isset ($_GET["insert_form"])) { $id_creator = $config["id_user"]; if (isset ($_GET["from_event"])) { - $event = get_parameter_get ("from_event"); + $event = get_parameter ("from_event"); $titulo = events_get_description ($event); $id_grupo = events_get_group ($event); $origen = "Pandora FMS event"; @@ -242,8 +233,7 @@ echo ''.__('Status').''; if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { html_print_select (incidents_get_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135'); -} -else { +} else { html_print_select (incidents_get_status (), "estado_form", $estado, '', '', '', false, false, false, 'w135', true); } echo ''; @@ -262,8 +252,7 @@ foreach ($return as $row) { // Only owner could change source or user with Incident management privileges if ((check_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) { html_print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135'); -} -else { +} else { html_print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135', true); } echo ''.__('Group').''; @@ -341,7 +330,7 @@ if (isset ($id_inc)) { foreach ($result as $row) { $data = array (); $data[0] = html_print_image("images/page_white_text.png", true, array("border" => '0')); - $data[1] = __('Author').': ' . ui_print_username ($row["id_usuario"], true).' (' . ui_print_timestamp ($row["timestamp"], true).')'; + $data[1] = __('Author').': '.ui_print_username ($row["id_usuario"], true).' ('.ui_print_timestamp ($row["timestamp"], true).')'; array_push ($table->data, $data); $data = array ();