Context Navigation

notes_addedit.php

Revision 727, 17.3 KB (checked in by brieb, 2 years ago)
Added more rights look ups to certain pages Fixed several path disclosure errors
Property svn:keywords set to `LastChangedBy LastChangedDate LastChangedRevision`

Line
1	<?php
2	/*
3	$Rev$ \| $LastChangedBy$
4	$LastChangedDate$
5	+-------------------------------------------------------------------------+
6	\| Copyright (c) 2004 - 2010, Kreotek LLC \|
7	\| All rights reserved. \|
8	+-------------------------------------------------------------------------+
9	\| \|
10	\| Redistribution and use in source and binary forms, with or without \|
11	\| modification, are permitted provided that the following conditions are \|
12	\| met: \|
13	\| \|
14	\| - Redistributions of source code must retain the above copyright \|
15	\| notice, this list of conditions and the following disclaimer. \|
16	\| \|
17	\| - Redistributions in binary form must reproduce the above copyright \|
18	\| notice, this list of conditions and the following disclaimer in the \|
19	\| documentation and/or other materials provided with the distribution. \|
20	\| \|
21	\| - Neither the name of Kreotek LLC nor the names of its contributore may \|
22	\| be used to endorse or promote products derived from this software \|
23	\| without specific prior written permission. \|
24	\| \|
25	\| THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND CONTRIBUTORS \|
26	\| "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, INCLUDING, BUT NOT \|
27	\| LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A \|
28	\| PARTICULAR PURPOSE ARE DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT \|
29	\| OWNER OR CONTRIBUTORS BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, \|
30	\| SPECIAL, EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT \|
31	\| LIMITED TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, \|
32	\| DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON ANY \|
33	\| THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, OR TORT \|
34	\| (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE \|
35	\| OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. \|
36	\| \|
37	+-------------------------------------------------------------------------+
38	*/
39
40	require_once("../../include/session.php");
41	require_once("include/fields.php");
42	require_once("include/tables.php");
43	require_once("include/notes.php");
44
45	if(isset($_GET["backurl"])){
46
47	$backurl=$_GET["backurl"];
48
49	if(isset($_GET["refid"]) && $_GET["tabledefid"])
50	$backurl.="?refid=".getId($db, $_GET["tabledefid"], $_GET["refid"]);
51	elseif(isset($_GET["refid"]))
52	$backurl.="?refid=".$_GET["refid"];
53
54	} else
55	$backurl = NULL;
56
57	$thetable = new notes($db, "tbld:a4cdd991-cf0a-916f-1240-49428ea1bdd1", $backurl);
58	$therecord = $thetable->processAddEditPage();
59
60	if($therecord["private"] && $therecord["createdby"] != $_SESSION["userinfo"]["id"] && !$_SESSION["userinfo"]["admin"])
61	goURL("../../noaccess.php");
62
63	if(isset($therecord["phpbmsStatus"]))
64	$statusmessage = $therecord["phpbmsStatus"];
65
66
67	$attachedtableinfo = $thetable->getAttachedTableDefInfo($therecord["attachedtabledefid"]);
68
69	$pageTitle = "Note/Task/Event";
70
71	$phpbms->cssIncludes[] = "pages/base/notes.css";
72	$phpbms->jsIncludes[] = "modules/base/javascript/notes.js";
73
74	//Form Elements
75	//==============================================================
76	$theform = new phpbmsForm();
77	$theform->onsubmit = "return submitForm(this)";
78	$theform->id = "record";
79
80	$temparray = array("Note"=>"NT","Task"=>"TS","Event"=>"EV","System Message"=>"SM");
81	$theinput = new inputBasicList("thetype",$therecord["type"],$temparray,"type");
82	$theinput->setAttribute("class","important");
83	$theinput->setAttribute("onchange","changeType()");
84	$theform->addField($theinput);
85
86	$theinput = new inputField("subject",$therecord["subject"], "title" ,true);
87	$theform->addField($theinput);
88
89	$temparray = array("Highest"=>3,"High"=>2,"Medium"=>1,"Normal"=>0,"Low"=>-1,"Lowest"=>-2);
90	$theinput = new inputBasicList("importance",$therecord["importance"],$temparray,"importance",false);
91	$theform->addField($theinput);
92
93	$theinput = new inputCheckbox("private",$therecord["private"]);
94	$theform->addField($theinput);
95
96	$theinput = new inputDatePicker("startdate",$therecord["startdate"], "start date" ,false, 11, 15, false);
97	$theinput->setAttribute("onchange","checkEndDate();");
98	$theform->addField($theinput);
99
100	$theinput = new inputTimePicker("starttime",$therecord["starttime"], "start time" ,false,11, 15, false);
101	$theinput->setAttribute("onchange","checkEndDate();");
102	$theform->addField($theinput);
103
104	$theinput = new inputDatePicker("enddate",$therecord["enddate"], "end date" ,false, 11, 15, false);
105	$theform->addField($theinput);
106
107	$theinput = new inputTimePicker("endtime",$therecord["endtime"], "end time" ,false,11, 15, false);
108	$theform->addField($theinput);
109
110	$theinput = new inputCheckbox("completed",$therecord["completed"],"completed",false,false);
111	$theinput->setAttribute("onclick","completedCheck()");
112	$theform->addField($theinput);
113
114	$theinput = new inputDatePicker("completeddate",$therecord["completeddate"], "completed date" ,false, 11, 15, false);
115	$theinput->setAttribute("readonly","readonly");
116	$theform->addField($theinput);
117
118	$theinput = new inputChoiceList($db, "status",$therecord["status"],"notestatus");
119	$theform->addField($theinput);
120
121	$theinput = new inputSmartSearch($db, "assignedtoid", "Pick Active User", $therecord["assignedtoid"], "assigned to", false, 18, 255, false);
122	$theform->addField($theinput);
123
124	$theinput = new inputDatePicker("assignedtodate",$therecord["assignedtodate"], "follow up date");
125	$theform->addField($theinput);
126
127	$theinput = new inputTimePicker("assignedtotime",$therecord["assignedtotime"], "follow up time" ,false,11, 15, false);
128	$theform->addField($theinput);
129
130	$theinput = new inputChoiceList($db, "category",$therecord["category"],"notecategories");
131	$theform->addField($theinput);
132
133
134	//repeat fields
135	if($therecord["startdate"])
136	$repeatBase = stringToDate($therecord["startdate"],"SQL");
137	else
138	$repeatBase = mktime();
139
140	$theinput = new inputCheckbox("repeating",$therecord["repeating"],"repeat");
141	$theinput->setAttribute("onchange","checkRepeat();");
142	$theform->addField($theinput);
143
144	$temparray = array("Daily"=>"Daily", "Weekly"=>"Weekly", "Monthly"=>"Monthly", "Yearly"=>"Yearly");
145	$theinput = new inputBasiclist("repeattype",$therecord["repeattype"],$temparray,"frequency");
146	$theinput->setAttribute("onchange","changeRepeatType();");
147	$theform->addField($theinput);
148
149	$theinput = new inputField("repeatevery",$therecord["repeatevery"],"frequency of repeating",false,"integer",2,4,false);
150	$theform->addField($theinput);
151
152	$theinput = new inputBasiclist("monthlyontheweek",$therecord["repeatontheweek"],$thetable->weekArray,"on the week of",false);
153	$theinput2 = new inputBasiclist("yearlyontheweek",$therecord["repeatontheweek"],$thetable->weekArray,"on the week of",false);
154	if(!$therecord["repeatontheday"]) {
155	$theinput->setAttribute("disabled","disabled");
156	$theinput2->setAttribute("disabled","disabled");
157
158	$weekNumber = ceil(date("d",$repeatBase)/7);
159	if($weekNumber > 4) $weekNumber = 5;
160
161	$theinput->value = $weekNumber;
162	$theinput2->value = $weekNumber;
163
164	}
165	$theform->addField($theinput);
166	$theform->addField($theinput2);
167
168	$temparray = array();
169	for($i=1; $i<8; $i++)
170	$temparray[nl_langinfo(constant("DAY_".$i))] = ($i==1)?(7):($i-1);
171	$theinput = new inputBasiclist("monthlyontheday",$therecord["repeatontheday"],$temparray,"on the day",false);
172	$theinput2 = new inputBasiclist("yearlyontheday",$therecord["repeatontheday"],$temparray,"on the day",false);
173	if(!$therecord["repeatontheday"]){
174	$theinput->setAttribute("disabled","disabled");
175	$theinput2->setAttribute("disabled","disabled");
176	$theinput->value = @strftime("%u",$repeatBase);
177	$theinput2->value = @strftime("%u",$repeatBase);
178	}
179	$theform->addField($theinput);
180	$theform->addField($theinput2);
181
182	$temparray = array("never"=>"never", "after"=>"after", "on date"=>"on date");
183	$thevalue = "never";
184	if($therecord["id"]){
185	if($therecord["repeattimes"])
186	$thevalue = "after";
187	elseif($therecord["repeatuntil"])
188	$thevalue = "on date";
189	}
190	$theinput = new inputBasiclist("repeatend",$thevalue,$temparray,"end");
191	$theinput->setAttribute("onchange","changeRepeatEnd();");
192	$theform->addField($theinput);
193
194	$theinput = new inputField("repeattimes",$therecord["repeattimes"],"repeat until number of times",false,"integer",3,5,false);
195	$theform->addField($theinput);
196
197	if(!$therecord["repeatuntil"])
198	$therecord["repeatuntil"] = dateToString(mktime(),"SQL");
199
200	$theinput = new inputDatePicker("repeatuntil", $therecord["repeatuntil"], "repeat until date" ,false, 10, 15, false);
201	$theform->addField($theinput);
202	//end repeat fields
203
204	$thetable->getCustomFieldInfo();
205	$theform->prepCustomFields($db, $thetable->customFieldsQueryResult, $therecord);
206	$theform->jsMerge();
207	//==============================================================
208	//End Form Elements
209
210	include("header.php");
211
212	?><div class="bodyline">
213	<?php $theform->startForm($pageTitle)?>
214
215	<fieldset id="fsTop">
216	<legend>Attributes</legend>
217	<p>
218	<?php $theform->showField("thetype")?>
219	<input type="hidden" id="typeCheck" name="typeCheck" value="<?php echo $therecord["type"]?>" />
220	</p>
221
222	<p class="big"><?php $theform->showField("subject") ?></p>
223	</fieldset>
224
225	<div id="rightSideDiv">
226	<fieldset>
227	<legend><label for="importance">importance / privacy</label></legend>
228	<p>
229	<?php $theform->showField("importance")?>
230	<?php $theform->showField("private")?>
231	</p>
232	</fieldset>
233
234	<fieldset id="thedates">
235	<legend>dates</legend>
236	<p>
237	<label for="startdate" id="starttext">start</label><br />
238	<input name="dostart" id="startcheck" type="checkbox" value="1" <?php if($therecord["startdate"]) echo "checked=\"checked\"" ?> onclick="dateChecked('start')" class="radiochecks" />
239	<?php $theform->showField("startdate");?>
240	<?php $theform->showField("starttime");?>
241	</p>
242	<p>
243	<label for="enddate" id="endtext">end</label><br />
244	<input name="doend" id="endcheck" type="checkbox" value="1" <?php if($therecord["enddate"]) echo "checked=\"checked\"" ?> onclick="dateChecked('end')" class="radiochecks" />
245	<?php $theform->showField("enddate");?>
246	<?php $theform->showField("endtime");?>
247	</p>
248	</fieldset>
249
250	<div id="thecompleted" class="fauxP">
251	<p>
252	<input type="hidden" name="completedChange" id="completedChange" value="<?php echo $therecord["completed"]?>" />
253	<?php $theform->showField("completed")?><label for="completed" id="completedtext">completed</label>
254	<?php $theform->showField("completeddate")?>
255	</p>
256	<p id="thestatus"><?php $theform->showField("status") ?></p>
257	</div>
258
259	<fieldset>
260	<legend><label for="ds-assignedtoid">assigned to</label></legend>
261	<div class="fauxP">
262	<?php $theform->showField("assignedtoid");?>
263	<input type="hidden" id="assignedtochange" name="assignedtochange" value="<?php echo $therecord["assignedtoid"] ?>" />
264	</div>
265
266	<?php if($therecord["assignedbyid"]){ ?>
267	<p>
268	<label for="assignedbyid">assigned by</label><br />
269	<input id="assignedbydisplay" value="<?php echo $phpbms->getUserName($therecord["assignedbyid"], true)?>" readonly="readonly" class="uneditable" />
270	<input type="hidden" name="assignedbyid" id="assignedbyid" value="<?php echo $therecord["assignedbyid"]?>" />
271	</p>
272	<?php
273	if($therecord["assignedbyid"] == $_SESSION["userinfo"]["uuid"]){?>
274	<p>
275	<button type="button" id="sendemailnotice" class="Buttons" onclick="sendEmailNotice()">send e-mail notice</button>
276	</p>
277	<?php } }?>
278
279	<p><?php $theform->showField("assignedtodate");?>   <?php $theform->showField("assignedtotime")?></p>
280	</fieldset>
281
282	<input id="attachedtabledefid" name="attachedtabledefid" type="hidden" value="<?php echo $therecord["attachedtabledefid"]?>" />
283	<fieldset id="theassociated">
284	<legend>associated with</legend>
285	<p>
286	<label for="assocarea">area</label><br />
287	<input id="assocarea" type="text" readonly="readonly" class="uneditable" value="<?php echo $attachedtableinfo["displayname"];?>" />
288	</p>
289
290	<p>
291	<label for="attachedid">record uuid</label><br />
292	<input id="attachedid" name="attachedid" type="text" readonly="readonly" class="uneditable" value="<?php echo $therecord["attachedid"]?>" size="40" />
293	<input name="link" type="button" class="Buttons" value="edit" onclick="document.location='<?php
294	echo APP_PATH.$attachedtableinfo["editfile"]."?id=";
295	if($therecord["attachedtabledefid"])
296	echo getId($db, $therecord["attachedtabledefid"], $therecord["attachedid"]);
297	?>'" />
298	</p>
299	</fieldset>
300
301	<fieldset>
302	<p>
303	<label for="location">location</label><br />
304	<input name="location" id="location" type="text" value="<?php echo $therecord["location"]?>"/>
305	</p>
306
307	<p><?php $theform->showField("category") ?></p>
308	</fieldset>
309
310	</div>
311
312	<div id="leftSideDiv">
313	<fieldset>
314	<legend><label for="content">memo</label></legend>
315	<p id="timeStampP">
316	<button id="timeStampButton" type="button" class="graphicButtons buttonTimeStamp" accesskey="t" title="Add time stamp to memo (Access Key - t)">time stamp</button>
317	</p>
318	<p>
319	<textarea name="content" cols="45" rows="23" id="content"><?php echo htmlQuotes($therecord["content"])?></textarea>
320	<input id = "username" type="hidden" value="<?php echo formatVariable(trim($_SESSION["userinfo"]["firstname"]." ".$_SESSION["userinfo"]["lastname"]))?>" />
321	</p>
322	</fieldset>
323	</div>
324
325	<div id="repeatDiv">
326
327	<div <?php if($therecord["parentid"]) echo 'style="display:none;"'?>>
328	<input type="hidden" id="bypass" name="bypass" value=""/>
329	<input type="hidden" id="eachlist" name="eachlist" value=""/>
330	<input type="hidden" id="firstrepeat" name="firstrepeat" value="<?php echo $therecord["firstrepeat"]?>"/>
331	<input type="hidden" id="lastrepeat" name="lastrepeat" value="<?php echo $therecord["lastrepeat"]?>"/>
332	<input type="hidden" id="timesrepeated" name="timesrepeated" value="<?php echo $therecord["timesrepeated"]?>"/>
333	<fieldset>
334	<legend>repeat</legend>
335
336	<p><?php $theform->showField("repeating")?></p>
337
338	<div id="repeatOptions" <?php if(!$therecord["repeating"]) echo 'style="display:none"'?>>
339
340	<p><?php $theform->showField("repeattype")?></p>
341
342	<p>every <?php $theform->showField("repeatevery")?> <span id="repeatTypeText">day(s)</span></p>
343
344	<div id="DailyDiv"></div>
345
346	<div id="WeeklyDiv">
347	<p><?php $thetable->showWeeklyOptions($therecord,$repeatBase)?></p>
348	</div>
349
350	<div id="MonthlyDiv">
351	<p><input type="radio" id="monthlyEach" name="monthlyWhat" onchange="monthlyChange();" value="1" <?php if(!$therecord["repeatontheday"]) echo 'checked="checked"'?> /><label for="monthlyEach"> each</label></p>
352
353	<p><?php $thetable->showMonthlyOptions($therecord,$repeatBase)?></p>
354
355	<p><input type="radio" id="monthlyOnThe" name="monthlyWhat" onchange="monthlyChange();" value="2" <?php if($therecord["repeatontheday"]) echo 'checked="checked"'?> /><label for="monthlyOnThe"> on the</label></p>
356	<p>
357	<?php $theform->showField("monthlyontheweek");?>
358	<?php $theform->showField("monthlyontheday");?>
359	</p>
360	</div>
361
362	<div id="YearlyDiv">
363	<p><?php $thetable->showYearlyOptions($therecord,$repeatBase)?></p>
364
365	<p><input id="yearlyOnThe" type="checkbox" name="yearlyOnThe" onclick="yearlyOnTheChecked();" value="1" <?php if($therecord["repeattype"]=="Yearly" && $therecord["repeatontheday"]) echo 'checked="checked"'?>/><label for="yearlyOnThe"> on the</label></p>
366	<p>
367	<?php $theform->showField("yearlyontheweek");?>
368	<?php $theform->showField("yearlyontheday");?>
369	</p>
370
371	</div>
372	</div>
373	</fieldset>
374
375	<fieldset id="repeatEnding" <?php if(!$therecord["repeating"]) echo 'style="display:none"'?>>
376	<legend>end</legend>
377	<p>
378	<?php $theform->showField("repeatend")?>
379	<span id="repeatAfterSpan" style="display:none">
380	<?php $theform->showField("repeattimes")?> <label for="repeattimes">time(s)</label>
381	</span>
382	<span id="repeatOndateSpan" style="display:none">
383	<?php $theform->showField("repeatuntil")?>
384	</span>
385	</p>
386	</fieldset>
387	</div>
388	<?php if($therecord["parentid"]){?>
389	<fieldset>
390	<legend>recurrence</legend>
391	<p>This record was created from a repeated task/event.</p>
392	<p>Click the <strong>Edit Repeating Options</strong> button to edit the options for the repeatable parent record.</p>
393	<p class="notes">Any unsaved changes with the current record will be lost.</p>
394	<p><input id="goparent" name="goparent" type="button" value="Edit Repeating Options..." onclick="goParent('<?php echo getAddEditFile($db, "tbld:a4cdd991-cf0a-916f-1240-49428ea1bdd1") ?>')" class="Buttons" /></p>
395	</fieldset>
396	<?php }//endif ?>
397	</div>
398
399	<?php $theform->showCustomFields($db, $thetable->customFieldsQueryResult) ?>
400
401	<?php
402	$theform->showGeneralInfo($phpbms,$therecord);
403	$theform->endForm();
404	?>
405	</div>
406	<?php include("footer.php");?>

Note: See TracBrowser for help on using the browser.

phpBMS

Context Navigation

root/trunk/phpbms/modules/base/notes_addedit.php

Download in other formats: