From 86658dad23587a7c115b4c94d2eb3224c0d56b92 Mon Sep 17 00:00:00 2001
From: slerena <slerena@gmail.com>
Date: Mon, 10 Nov 2008 17:35:27 +0000
Subject: [PATCH] 2008-11-10  Sancho Lerena <slerena@artica.es>

        * operation/incidents/incident.php
        operation/incidents/incident_detail.php: Fixed some bugs in
        incident management that makes unusable the incident sytem
        Thanks to Esben for reporting this bug that was introduced
        only few days before closing 2.0 version :(



git-svn-id: https://svn.code.sf.net/p/pandora/code/trunk@1233 c3f86ba8-e40f-0410-aaad-9ba5e7f4b01f
---
 pandora_console/ChangeLog                     |  6 ++
 .../operation/incidents/incident.php          |  7 +-
 .../operation/incidents/incident_detail.php   | 76 ++++++++++---------
 3 files changed, 51 insertions(+), 38 deletions(-)

diff --git a/pandora_console/ChangeLog b/pandora_console/ChangeLog
index e141f72ae9..5a494078b1 100644
--- a/pandora_console/ChangeLog
+++ b/pandora_console/ChangeLog
@@ -1,5 +1,11 @@
 2008-11-10  Sancho Lerena <slerena@artica.es>
 
+	* operation/incidents/incident.php
+	operation/incidents/incident_detail.php: Fixed some bugs in
+	incident management that makes unusable the incident sytem
+	Thanks to Esben for reporting this bug that was introduced
+	only few days before closing 2.0 version :( 
+
         * include/funcions_db.php: Reference to inexistant table
         tagent_data_image has been deleted and fixed notice.
 
diff --git a/pandora_console/operation/incidents/incident.php b/pandora_console/operation/incidents/incident.php
index a71c6c3b93..ebd14bb5d2 100644
--- a/pandora_console/operation/incidents/incident.php
+++ b/pandora_console/operation/incidents/incident.php
@@ -89,7 +89,7 @@ if ((isset ($_GET["action"])) AND ($_GET["action"] == "update")) {
 
 // INSERT incident
 if ((isset ($_GET["action"])) AND ($_GET["action"] == "insert")) {
-	$grupo = get_parameter_post ("grupo_form");
+	$grupo = get_parameter_post ("grupo_form", 1);
 	if (give_acl ($config['id_user'], $grupo, "IM")) {
 		// Read input variables
 		$titulo = get_parameter_post ("titulo"); 
@@ -98,8 +98,7 @@ if ((isset ($_GET["action"])) AND ($_GET["action"] == "insert")) {
 		$prioridad = get_parameter_post ("prioridad_form");
 		$id_creator = $config['id_user'];
 		$estado = get_parameter_post ("estado_form");
-		$sql = sprintf ("INSERT INTO tincidencia (inicio,actualizacion,titulo,descripcion,id_usuario,origen,estado,prioridad,id_grupo,id_creator) VALUES 
-			(NOW(), NOW(), '%s', '%s', '%s', '%s', %d, %d, '%s')".$titulo,$descripcion,$config["id_user"],$origen,$estado,$prioridad,$grupo,$config["id_user"]);
+		$sql = sprintf ("INSERT INTO tincidencia (inicio, actualizacion, titulo, descripcion, id_usuario, origen, estado, prioridad, id_grupo, id_creator) VALUES (NOW(), NOW(), '%s', '%s', '%s', '%s', %d, %d, '%s', '%s')", $titulo, $descripcion, $config["id_user"], $origen, $estado, $prioridad, $grupo, $config["id_user"]);
 		$id_inc = process_sql ($sql, "insert_id");
 
 		if ($id_inc === false) {
@@ -227,6 +226,8 @@ if ($count < 1) {
 	// TOTAL incidents
 	$url = "index.php?sec=incidencias&sec2=operation/incidents/incident";
 
+	$estado = -1;
+
 	// add form filter values for group, priority, state, and search fields: user and text
 	if ($grupo != -1)
 		$url .= "&grupo=".$grupo;
diff --git a/pandora_console/operation/incidents/incident_detail.php b/pandora_console/operation/incidents/incident_detail.php
index 943857f617..2e0ee2ce3f 100644
--- a/pandora_console/operation/incidents/incident_detail.php
+++ b/pandora_console/operation/incidents/incident_detail.php
@@ -30,6 +30,9 @@ if (! give_acl ($config["id_user"], 0, "IR")) {
 	exit;
 }
 
+$inicio = date('Y-m-d H:i:s');
+$actualizacion = date('Y-m-d H:i:s');
+
 // EDITION MODE
 if (isset ($_GET["id"])) {
 	$id_inc = get_parameter_get ("id");
@@ -270,9 +273,9 @@ foreach ($return as $row) {
 
 // Only owner could change source or user with Incident management privileges
 if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($usuario == $config["id_user"])) {
-	print_select ($fields, "estado_form", $estado, '', '', '', false, false, false, 'w135');
+	print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135');
 } else {
-	print_select ($fields, "estado_form", $estado, '', '', '', false, false, false, 'w135', true);
+	print_select ($fields, "origen_form", $estado, '', '', '', false, false, false, 'w135', true);
 }
 echo '</td><td class="datos2"><b>'.__('Group').'</b></td><td class="datos2">';
 
@@ -325,44 +328,46 @@ if (isset ($id_inc) AND (give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR
 	print_submit_button (__('Submit'), "accion", true, 'class="sub upd"');
 }
 echo "</div></form>";
-echo '<div>';
-print_submit_button (__('Add note'), "note_control", false, 'class="sub next"');
-echo '</div><div>';
-echo '<form id="add_note" name="nota" method="POST" action="index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insertar_nota=1&id='.$id_inc.'">';
-echo '<table cellpadding="4" cellspacing="4" class="databox" width="600px">
-	<tr><td class="datos2"><textarea name="nota" rows="5" cols="70" style="height: 100px;"></textarea></td>
-	<td valign="bottom"><input name="addnote" type="submit" class="sub wand" value="'.__('Add').'"></td></tr>
-	</table></form></div><div>';
-
-// ********************************************************************
-// Notes 
-// ********************************************************************
 
 if (isset ($id_inc)) {
-	$sql = sprintf ("SELECT tnota.* FROM tnota, tnota_inc WHERE tnota_inc.id_incidencia = '%d' AND tnota.id_nota = tnota_inc.id_nota",$id_inc);
-	$result = get_db_all_rows_sql ($sql);
-} else {
-	$result = array ();
-}
+	echo '<div>';
+	print_submit_button (__('Add note'), "note_control", false, 'class="sub next"');
+	echo '</div><div>';
+	echo '<form id="add_note" name="nota" method="POST" action="index.php?sec=incidencias&sec2=operation/incidents/incident_detail&insertar_nota=1&id='.$id_inc.'">';
+	echo '<table cellpadding="4" cellspacing="4" class="databox" width="600px">
+		<tr><td class="datos2"><textarea name="nota" rows="5" cols="70" style="height: 100px;"></textarea></td>
+		<td valign="bottom"><input name="addnote" type="submit" class="sub wand" value="'.__('Add').'"></td></tr>
+		</table></form></div><div>';
 
-if (empty ($result)) {
-	$result = array ();
-} else {
-	echo "<h3>".__('Notes attached to incident').'<h3>';
-}
+	// ********************************************************************
+	// Notes 
+	// ********************************************************************
 
-echo '<table cellpadding="4" cellspacing="4" class="databox" width="600px">';
-foreach ($result as $row) {
-	echo '<tr><td><img src="images/page_white_text.png" border="0"></td>';
-	echo '<td>'.__('Author').': <a href="index.php?sec=usuario&sec2=operation/users/user_edit&ver='.$row["id_usuario"].'">'.dame_nombre_real ($row["id_usuario"]).'</a> ('.date ($config['date_format'],strtotime ($row["timestamp"])).')</td></tr>';
-	echo '<tr><td>';
-	if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($row["id_usuario"] == $config["id_user"])) {
-		echo '<a href="index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id='.$id_inc.'&id_nota='.$row["id_nota"].'"><img src="images/cross.png" border="0"></a>';
+	if (isset ($id_inc)) {
+		$sql = sprintf ("SELECT tnota.* FROM tnota, tnota_inc WHERE tnota_inc.id_incidencia = '%d' AND tnota.id_nota = tnota_inc.id_nota",$id_inc);
+		$result = get_db_all_rows_sql ($sql);
+	} else {
+		$result = array ();
 	}
-	echo '</td><td>'.safe_input ($row["nota"]).'</td></tr>';
-}
-echo '</table>';
 
+	if (empty ($result)) {
+		$result = array ();
+	} else {
+		echo "<h3>".__('Notes attached to incident').'<h3>';
+	}
+
+	echo '<table cellpadding="4" cellspacing="4" class="databox" width="600px">';
+	foreach ($result as $row) {
+		echo '<tr><td><img src="images/page_white_text.png" border="0"></td>';
+		echo '<td>'.__('Author').': <a href="index.php?sec=usuario&sec2=operation/users/user_edit&ver='.$row["id_usuario"].'">'.dame_nombre_real ($row["id_usuario"]).'</a> ('.date ($config['date_format'],strtotime ($row["timestamp"])).')</td></tr>';
+		echo '<tr><td>';
+		if ((give_acl ($config["id_user"], $id_grupo, "IM") == 1) OR ($row["id_usuario"] == $config["id_user"])) {
+			echo '<a href="index.php?sec=incidencias&sec2=operation/incidents/incident_detail&id='.$id_inc.'&id_nota='.$row["id_nota"].'"><img src="images/cross.png" border="0"></a>';
+		}
+		echo '</td><td>'.safe_input ($row["nota"]).'</td></tr>';
+	}
+	echo '</table>';
+}
 
 // ************************************************************
 // Files attached to this incident
@@ -417,8 +422,9 @@ unset ($table);
 // Upload control
 // ************************************************************
 
+
 // Upload control
-if (give_acl($config["id_user"], $id_grupo, "IW")==1){
+if ((give_acl($config["id_user"], $id_grupo, "IW")==1) AND (isset ($id_inc))) {
 	echo '<div>';
 	print_submit_button (__('Add attachment'), "attachment", false, 'class="sub next"');
 	echo '</div>';