forked from sitracker/sitracker_old
/
billing_edit_activity_duration.php
111 lines (93 loc) · 4.91 KB
/
billing_edit_activity_duration.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
<?php
// edit_activity_duration.php - Edit the duration of an activity
// Page to adjust the duration of a timed activity
//
// SiT (Support Incident Tracker) - Support call tracking system
// Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
//
// This software may be used and distributed according to the terms
// of the GNU General Public License, incorporated herein by reference.
//
// TODO should this update the tasks table?
// Author: Paul Heaney Paul Heaney <paulheaney[at]users.sourceforge.net>
$permission = 81;
require ('core.php');
require_once (APPLICATION_LIBPATH . 'functions.inc.php');
// This page requires authentication
require_once (APPLICATION_LIBPATH . 'auth.inc.php');
$mode = cleanvar($_REQUEST['mode']);
$updateid = cleanvar($_REQUEST['updateid']);
$incidentid = cleanvar($_REQUEST['incidentid']);
$id = $incidentid; // So he header works
$title = $strAdjustActivityDuration;
switch ($mode)
{
case 'edit':
$sql = "SELECT bodytext, duration FROM `{$dbUpdates}` WHERE id = {$updateid} AND duration IS NOT NULL AND duration != 0";
$oldduration = cleanvar($_REQUEST['oldduration']);
$reason = cleanvar($_REQUEST['reason']);
$newduration = cleanvar($_REQUEST['newduration']); // In minutes
$result = mysql_query($sql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
if (mysql_num_rows($result) == 1)
{
$obj = mysql_fetch_object($result);
if ($obj->duration == $oldduration)
{
// Double check the oldduration thats been passed is whats in the DB
$text = "{$obj->bodytext}\n\n[b]Duration adjusted[/b] by ".user_realname($sit[2])." on ".ldate($CONFIG['dateformat_datetime'], $now)." from ".ceil($obj->duration)."minutes to {$newduration}minutes, reason given:\n---\n{$reason}\n---"; // FIXME should this be i18n? If so which language
// $newduration *= 60;
$usql = "UPDATE `{$dbUpdates}` SET bodytext = '".mysql_real_escape_string($text)."', duration = '{$newduration}' WHERE id = '{$updateid}'";
mysql_query($usql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
// Some error checking
if (mysql_affected_rows() < 1)
{
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", FALSE, $strFailed);
}
else
{
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", TRUE, $strDurationUpdated);
}
}
else
{
// The value we've been passed isn't whats in the DB
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", FALSE, $strDurationMismatch);
}
}
else
{
// No matching incident found (updateID and a duration with a value)
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", FALSE, $strNoDurationOnActivity);
}
break;
case 'showform':
default:
$sql = "SELECT duration FROM `{$dbUpdates}` WHERE id = {$updateid} AND duration IS NOT NULL AND duration != 0";
$result = mysql_query($sql);
if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
if (mysql_num_rows($result) == 1)
{
include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
$obj = mysql_fetch_object($result);
echo "<h2>{$strAdjustActivityDuration}</h2>";
echo "<form name='editduration' action='{$_SERVER['PHP_SELF']}?mode=edit' method='post' onsubmit='return confirm_submit(\"{$strAreYouSureMakeTheseChanges}\");'>";
echo "<table align='center' class='vertical'>";
echo "<tr><th>{$strDuration}</th><td>".sprintf($strXMinutes, ceil($obj->duration))."</d></tr>";
echo "<tr><th>{$strNewDuration}</th><td><input type='text' size='10' name='newduration' id='newduration' />{$strMinutes}</d></tr>";
echo "<tr><th>{$strReason}</th><td><textarea rows='3' cols='6' name='reason' id='reason' ></textarea></td></tr>";
echo "</table>";
echo "<p align='center'><input type='submit' name='editduration' value='{$strEdit}' /></p>";
echo "<input type='hidden' name='oldduration' id='oldduration' value='{$obj->duration}' />";
echo "<input type='hidden' name='updateid' id='updateid' value='{$updateid}' />";
echo "<input type='hidden' name='incidentid' id='incidentid' value='{$incidentid}' />";
echo "</form>";
include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
}
else
{
html_redirect("{$CONFIG['application_webpath']}incident_details.php?id={$incidentid}", FALSE, $strNoDurationOnActivity);
}
}
?>