PageRenderTime 56ms CodeModel.GetById 19ms RepoModel.GetById 0ms app.codeStats 1ms

/incident_email.php

https://github.com/paulheaney/sitracker
PHP | 908 lines | 748 code | 95 blank | 65 comment | 122 complexity | df7252923a9bfa57e7b631e3c44d169f MD5 | raw file
Possible License(s): LGPL-2.1, LGPL-2.0, BSD-3-Clause, GPL-2.0 
    

  1. <?php
    2. 

  2. // incident_email.php
    3. 

  3. //
    4. 

  4. // SiT (Support Incident Tracker) - Support call tracking system
    5. 

  5. // Copyright (C) 2000-2009 Salford Software Ltd. and Contributors
    6. 

  6. //
    7. 

  7. // This software may be used and distributed according to the terms
    8. 

  8. // of the GNU General Public License, incorporated herein by reference.
    9. 

  9. //
    10. 

  10. 

  11. 

  12. $permission = 33; // Send Emails
    13. 

  13. require ('core.php');
    14. 

  14. require (APPLICATION_LIBPATH . 'functions.inc.php');
    15. 

  15. // include ('mime.inc.php');
    16. 

  16. 

  17. // This page requires authentication
    18. 

  18. require (APPLICATION_LIBPATH . 'auth.inc.php');
    19. 

  19. 

  20. // External variables
    21. 

  21. $step = cleanvar($_REQUEST['step']);
    22. 

  22. $id = cleanvar($_REQUEST['id']);
    23. 

  23. $menu = cleanvar($_REQUEST['menu']);
    24. 

  24. $incidentid = $id;
    25. 

  25. $draftid = cleanvar($_REQUEST['draftid']);
    26. 

  26. if (empty($draftid)) $draftid = -1;
    27. 

  27. 

  28. $title = $strEmail;
    29. 

  29. 

  30. 

  31. if (empty($step))
    32. 

  32. {
    33. 

  33.     $action = $_REQUEST['action'];
    34. 

  34. 

  35.     if ($action == "deletedraft")
    36. 

  36.     {
    37. 

  37.         if ($draftid != -1)
    38. 

  38.         {
    39. 

  39.             $sql = "DELETE FROM `{$dbDrafts}` WHERE id = {$draftid}";
    40. 

  40.             $result = mysql_query($sql);
    41. 

  41.             if (mysql_error()) trigger_error(mysql_error(),E_USER_ERROR);
    42. 

  42.         }
    43. 

  43.         html_redirect("incident_email.php?id={$id}");
    44. 

  44.         exit;
    45. 

  45.     }
    46. 

  46. 

  47.     $sql = "SELECT * FROM `{$dbDrafts}` WHERE type = 'email' AND userid = '{$sit[2]}' AND incidentid = '{$id}'";
    48. 

  48.     $result = mysql_query($sql);
    49. 

  49.     if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    50. 

  50. 

  51.     if (mysql_num_rows($result) > 0)
    52. 

  52.     {
    53. 

  53.         include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
    54. 

  54. 

  55.         echo "<h2>{$title}</h2>";
    56. 

  56. 

  57.         echo display_drafts('email', $result);
    58. 

  58. 

  59.         echo "<p align='center'><a href='".$_SERVER['PHP_SELF']."?step=1&amp;id={$id}'>{$strNewEmail}</a></p>";
    60. 

  60. 

  61.         include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
    62. 

  62. 

  63.         exit;
    64. 

  64.     }
    65. 

  65.     else
    66. 

  66.     {
    67. 

  67.         $step = 1;
    68. 

  68.     }
    69. 

  69. }
    70. 

  70. 

  71. switch ($step)
    72. 

  72. {
    73. 

  73.     case 1:
    74. 

  74.         // show form 1
    75. 

  75.         include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
    76. 

  76.         ?>
    77. 

  77.         <script type="text/javascript">
    78. 

  78.         //<![CDATA[
    79. 

  79.         function deleteOption(object)
    80. 

  80.         {
    81. 

  81.             var Current = object.updatetype.selectedIndex;
    82. 

  82.             object.updatetype.options[Current] = null;
    83. 

  83.         }
    84. 

  84. 

  85.         function notarget(object)
    86. 

  86.         {
    87. 

  87.             // remove last option
    88. 

  88.             var length = object.updatetype.length;
    89. 

  89.             if (length > 6)
    90. 

  90.             {
    91. 

  91.                 object.updatetype.selectedIndex=6;
    92. 

  92.                 var Current = object.updatetype.selectedIndex;
    93. 

  93.                 object.updatetype.options[Current] = null;
    94. 

  94.             }
    95. 

  95.             object.priority.value=object.storepriority.value;
    96. 

  96.             object.priority.disabled=true;
    97. 

  97.             object.updatetype.selectedIndex=0;
    98. 

  98.             object.updatetype.disabled=false;
    99. 

  99.         }
    100. 

  100. 

  101. 

  102.         function initialresponse(object)
    103. 

  103.         {
    104. 

  104.             // remove last option
    105. 

  105.             var length = object.updatetype.length;
    106. 

  106.             if (length > 6)
    107. 

  107.             {
    108. 

  108.                 object.updatetype.selectedIndex=6;
    109. 

  109.                 var Current = object.updatetype.selectedIndex;
    110. 

  110.                 object.updatetype.options[Current] = null;
    111. 

  111.             }
    112. 

  112.             object.priority.value=object.storepriority.value;
    113. 

  113.             object.priority.disabled=true;
    114. 

  114.             object.updatetype.selectedIndex=0;
    115. 

  115.             object.updatetype.disabled=false;
    116. 

  116.         }
    117. 

  117. 

  118. 

  119.         function actionplan(object)
    120. 

  120.         {
    121. 

  121.             // remove last option
    122. 

  122.             var length = object.updatetype.length;
    123. 

  123.             if (length > 6)
    124. 

  124.             {
    125. 

  125.                 object.updatetype.selectedIndex=6;
    126. 

  126.                 var Current = object.updatetype.selectedIndex;
    127. 

  127.                 object.updatetype.options[Current] = null;
    128. 

  128.             }
    129. 

  129. 

  130.             var defaultSelected = true;
    131. 

  131.             var selected = true;
    132. 

  132.             var optionName = new Option('Action Plan', 'actionplan', defaultSelected, selected);
    133. 

  133.             var length = object.updatetype.length;
    134. 

  134.             object.updatetype.options[length] = optionName;
    135. 

  135.             object.priority.value=object.storepriority.value;
    136. 

  136.             object.priority.disabled=true;
    137. 

  137.             object.updatetype.disabled=true;
    138. 

  138.         }
    139. 

  139. 

  140.         function reprioritise(object)
    141. 

  141.         {
    142. 

  142.             // remove last option
    143. 

  143.             var length = object.updatetype.length;
    144. 

  144.             if (length > 6)
    145. 

  145.             {
    146. 

  146.                 object.updatetype.selectedIndex=6;
    147. 

  147.                 var Current = object.updatetype.selectedIndex;
    148. 

  148.                 object.updatetype.options[Current] = null;
    149. 

  149.             }
    150. 

  150.             // add new option
    151. 

  151.             var defaultSelected = true;
    152. 

  152.             var selected = true;
    153. 

  153.             var optionName = new Option('Reprioritise', 'solution', defaultSelected, selected);
    154. 

  154.             var length = object.updatetype.length;
    155. 

  155.             object.updatetype.options[length] = optionName;
    156. 

  156.             object.priority.disabled=false;
    157. 

  157.             object.updatetype.disabled=true;
    158. 

  158.         }
    159. 

  159. 

  160.         function probdef(object)
    161. 

  161.         {
    162. 

  162.             // remove last option
    163. 

  163.             var length = object.updatetype.length;
    164. 

  164.             if (length > 6)
    165. 

  165.             {
    166. 

  166.                 object.updatetype.selectedIndex=6;
    167. 

  167.                 var Current = object.updatetype.selectedIndex;
    168. 

  168.                 object.updatetype.options[Current] = null;
    169. 

  169.             }
    170. 

  170. 

  171.             var defaultSelected = true;
    172. 

  172.             var selected = true;
    173. 

  173.             var optionName = new Option('Problem Definition', 'probdef', defaultSelected, selected);
    174. 

  174.             var length = object.updatetype.length;
    175. 

  175.             object.updatetype.options[length] = optionName;
    176. 

  176.             object.priority.value=object.storepriority.value;
    177. 

  177.             object.priority.disabled=true;
    178. 

  178.             object.updatetype.disabled=true;
    179. 

  179.         }
    180. 

  180. 

  181.         function replaceOption(object)
    182. 

  182.         {
    183. 

  183.             var Current = object.updatetype.selectedIndex;
    184. 

  184.             object.updatetype.options[Current].text = object.currentText.value;
    185. 

  185.             object.updatetype.options[Current].value = object.currentText.value;
    186. 

  186.         }
    187. 

  187.         //]]>
    188. 

  188.         </script>
    189. 

  189.         <?php
    190. 

  190.         echo "<h2>".icon('email', 32)." {$strSendEmail}</h2>";
    191. 

  191.         echo "<form action='{$_SERVER['PHP_SELF']}?id={$id}' name='updateform' method='post'>";
    192. 

  192.         echo "<table align='center' class='vertical'>";
    193. 

  193.         echo "<tr><th>{$strTemplate}</th><td>".emailtemplate_drop_down("emailtype", 1, 'incident')."</td></tr>";
    194. 

  194.         echo "<tr><th>{$strDoesThisUpdateMeetSLA}:</th><td>";
    195. 

  195.         $target = incident_get_next_target($id);
    196. 

  196.         echo "<select name='target' class='dropdown'>\n";
    197. 

  197.         echo "<option value='none' onclick='notarget(this.form)'>{$strNo}</option>\n";
    198. 

  198.         switch ($target->type)
    199. 

  199.         {
    200. 

  200.             //FIXME can this be put into the style sheets?
    201. 

  201.             case 'initialresponse':
    202. 

  202.                 echo "<option value='initialresponse' style='text-indent: 15px;";
    203. 

  203.                 echo " height: 17px; background-image: ";
    204. 

  204.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    205. 

  205.                 echo "{$iconset}/16x16/initialresponse.png); background-repeat:";
    206. 

  206.                 echo " no-repeat;' onclick='initialresponse(this.form)' >";
    207. 

  207.                 echo "{$strInitialResponse}</option>\n";
    208. 

  208.                 echo "<option value='probdef' style='text-indent: 15px; height:";
    209. 

  209.                 echo " 17px; background-image: ";
    210. 

  210.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    211. 

  211.                 echo "{$iconset}/16x16/probdef.png); background-repeat: ";
    212. 

  212.                 echo "no-repeat;' onclick='probdef(this.form)'>";
    213. 

  213.                 echo "{$strProblemDefinition}</option>\n";
    214. 

  214.                 echo "<option value='actionplan' style='text-indent: 15px; ";
    215. 

  215.                 echo "height: 17px; background-image: ";
    216. 

  216.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    217. 

  217.                 echo "{$iconset}/16x16/actionplan.png); background-repeat: ";
    218. 

  218.                 echo "no-repeat;' onclick='actionplan(this.form)'>";
    219. 

  219.                 echo "{$strActionPlan}</option>\n";
    220. 

  220.                 echo "<option value='solution' style='text-indent: 15px; ";
    221. 

  221.                 echo "height: 17px; background-image: ";
    222. 

  222.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    223. 

  223.                 echo "{$iconset}/16x16/solution.png); background-repeat: ";
    224. 

  224.                 echo "no-repeat;' onclick='reprioritise(this.form)'>";
    225. 

  225.                 echo "{$strResolutionReprioritisation}</option>\n";
    226. 

  226.             break;
    227. 

  227. 

  228.             case 'probdef':
    229. 

  229.                 echo "<option value='probdef' style='text-indent: 15px; height:";
    230. 

  230.                 echo " 17px; background-image: ";
    231. 

  231.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    232. 

  232.                 echo "{$iconset}/16x16/probdef.png); background-repeat: ";
    233. 

  233.                 echo "no-repeat;' onclick='probdef(this.form)'>";
    234. 

  234.                 echo "{$strProblemDefinition}</option>\n";
    235. 

  235.                 echo "<option value='actionplan' style='text-indent: 15px; ";
    236. 

  236.                 echo "height: 17px; background-image: ";
    237. 

  237.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    238. 

  238.                 echo "{$iconset}/16x16/actionplan.png); background-repeat: ";
    239. 

  239.                 echo "no-repeat;' onclick='actionplan(this.form)'>";
    240. 

  240.                 echo "{$strActionPlan}</option>\n";
    241. 

  241.                 echo "<option value='solution' style='text-indent: 15px; ";
    242. 

  242.                 echo "height: 17px; background-image: ";
    243. 

  243.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    244. 

  244.                 echo "{$iconset}/16x16/solution.png); background-repeat: ";
    245. 

  245.                 echo "no-repeat;' onclick='reprioritise(this.form)'>";
    246. 

  246.                 echo "{$strResolutionReprioritisation}</option>\n";
    247. 

  247.             break;
    248. 

  248. 

  249.             case 'actionplan':
    250. 

  250.                 echo "<option value='actionplan' style='text-indent: 15px; ";
    251. 

  251.                 echo "height: 17px; background-image: ";
    252. 

  252.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    253. 

  253.                 echo "{$iconset}/16x16/actionplan.png); background-repeat: ";
    254. 

  254.                 echo "no-repeat;' onclick='actionplan(this.form)'>";
    255. 

  255.                 echo "{$strActionPlan}</option>\n";
    256. 

  256.                 echo "<option value='solution' style='text-indent: 15px; ";
    257. 

  257.                 echo "height: 17px; background-image: ";
    258. 

  258.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    259. 

  259.                 echo "{$iconset}/16x16/solution.png); background-repeat: ";
    260. 

  260.                 echo "no-repeat;' onclick='reprioritise(this.form)'>";
    261. 

  261.                 echo "{$strResolutionReprioritisation}</option>\n";
    262. 

  262.             break;
    263. 

  263. 

  264.             case 'solution':
    265. 

  265.                 echo "<option value='solution' style='text-indent: 15px; ";
    266. 

  266.                 echo "height: 17px; background-image: ";
    267. 

  267.                 echo "url({$CONFIG['application_webpath']}/images/icons/";
    268. 

  268.                 echo "{$iconset}/16x16/solution.png); background-repeat: ";
    269. 

  269.                 echo "no-repeat;' onclick='reprioritise(this.form)'>";
    270. 

  270.                 echo "{$strResolutionReprioritisation}</option>\n";
    271. 

  271.             break;
    272. 

  272.         }
    273. 

  273.         echo "</select>\n</td></tr>";
    274. 

  274. 

  275.         if ($CONFIG['auto_chase'] == TRUE)
    276. 

  276.         {
    277. 

  277.             $sql = "SELECT * FROM `{$dbUpdates}` WHERE incidentid = {$id} ";
    278. 

  278.             $sql .= "ORDER BY timestamp DESC LIMIT 1";
    279. 

  279.             $result = mysql_query($sql);
    280. 

  280.             if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_WARNING);
    281. 

  281. 

  282.             $obj = mysql_fetch_object($result);
    283. 

  283. 

  284.             if ($obj->type == 'auto_chase_phone')
    285. 

  285.             {
    286. 

  286.                 echo "<tr><th>{$strCustomerChaseUpdate}</th><td>";
    287. 

  287.                 echo "<label><input type='radio' name='chase_customer' ";
    288. 

  288.                 echo "value='no' checked='yes' />{$strNo}</label> ";
    289. 

  289.                 echo "<label><input type='radio' name='chase_customer' ";
    290. 

  290.                 echo "value='yes' />{$strYes}</label>";
    291. 

  291.                 echo "</td></tr>";
    292. 

  292.             }
    293. 

  293. 

  294.             if ($obj->type == 'auto_chase_manager')
    295. 

  295.             {
    296. 

  296.                 echo "<tr><th>{$strManagerChaseUpdate}</th>";
    297. 

  297.                 echo "<label><input type='radio' name='chase_manager' ";
    298. 

  298.                 echo "value='no' checked='yes' />{$strNo}</label> ";
    299. 

  299.                 echo "<label><input type='radio' name='chase_manager' ";
    300. 

  300.                 echo "value='yes' />{$strYes}</label>";
    301. 

  301.                 echo "</td></tr>";
    302. 

  302.             }
    303. 

  303.         }
    304. 

  304. 

  305.         echo "<tr><th>{$strNewIncidentStatus}:</th><td>";
    306. 

  306.         echo incidentstatus_drop_down("newincidentstatus", incident_status($id));
    307. 

  307.         echo "</td></tr>\n";
    308. 

  308.         echo "<tr><th>{$strTimeToNextAction}:</th>";
    309. 

  309.         echo "<td>";
    310. 

  310.         echo show_next_action('updateform');
    311. 

  311.         echo "</td>";
    312. 

  312.         echo "<br />";
    313. 

  313.         echo "</td></tr>";
    314. 

  314.         plugin_do('incident_email_form1');
    315. 

  315.         echo "</table>";
    316. 

  316.         echo "<p align='center'>";
    317. 

  317.         echo "<input type='hidden' name='step' value='2' />";
    318. 

  318.         echo "<input type='hidden' name='menu' value='$menu' />";
    319. 

  319.         echo "<input name='submit1' type='submit' value='{$strContinue}' /></p>";
    320. 

  320.         echo "</form>\n";
    321. 

  321.         include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
    322. 

  322.     break;
    323. 

  323. 

  324.     case 2:
    325. 

  325.         // show form 2
    326. 

  326.         if ($draftid != -1)
    327. 

  327.         {
    328. 

  328.             $draftsql = "SELECT * FROM `{$dbDrafts}` WHERE id = {$draftid}";
    329. 

  329.             $draftresult = mysql_query($draftsql);
    330. 

  330.             if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    331. 

  331.             $draftobj = mysql_fetch_object($draftresult);
    332. 

  332. 

  333.             $metadata = explode("|",$draftobj->meta);
    334. 

  334.         }
    335. 

  335. 

  336.         include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
    337. 

  337.         ?>
    338. 

  338.         <script type='text/javascript'>
    339. 

  339.         //<![CDATA[
    340. 

  340. 

  341.         function confirm_send_mail()
    342. 

  342.         {
    343. 

  343.             return window.confirm('<?php echo $strAreYouSureSendEmail ?>');
    344. 

  344.         }
    345. 

  345. 

  346.         function urlencode(str) {
    347. 

  347.             str = escape(str);
    348. 

  348.             str = str.replace('+', '%2B');
    349. 

  349.             str = str.replace('%20', '+');
    350. 

  350.             str = str.replace('*', '%2A');
    351. 

  351.             str = str.replace('/', '%2F');
    352. 

  352.             str = str.replace('@', '%40');
    353. 

  353.             return str;
    354. 

  354.         }
    355. 

  355. 

  356.         <?php
    357. 

  357.             echo "var draftid = {$draftid};";
    358. 

  358.         ?>
    359. 

  359. 

  360.         // Auto save
    361. 

  361.         function save_content(){
    362. 

  362.             var xmlhttp=false;
    363. 

  363. 

  364.             if (!xmlhttp && typeof XMLHttpRequest!='undefined')
    365. 

  365.             {
    366. 

  366.                 try
    367. 

  367.                 {
    368. 

  368.                     xmlhttp = new XMLHttpRequest();
    369. 

  369.                 }
    370. 

  370.                 catch (e)
    371. 

  371.                 {
    372. 

  372.                     xmlhttp=false;
    373. 

  373.                 }
    374. 

  374.             }
    375. 

  375.             if (!xmlhttp && window.createRequest)
    376. 

  376.             {
    377. 

  377.                 try
    378. 

  378.                 {
    379. 

  379.                     xmlhttp = window.createRequest();
    380. 

  380.                 }
    381. 

  381.                 catch (e)
    382. 

  382.                 {
    383. 

  383.                     xmlhttp=false;
    384. 

  384.                 }
    385. 

  385.             }
    386. 

  386. 

  387.             var toPass = $('bodytext').value;
    388. 

  388.             //alert(toPass.value);
    389. 

  389. 

  390. /*
    391. 

  391. Format of meta data
    392. 

  392. $emailtype|$newincidentstatus|$timetonextaction_none|$timetonextaction_days|$timetonextaction_hours|$timetonextaction_minutes|$day|$month|$year|$target|$chase_customer|$chase_manager|$from|$replyTo|$ccemail|$bccemail|$toemail|$subject|$body
    393. 

  393. */
    394. 

  394. 

  395.             var meta = $('emailtype').value+"|"+$('newincidentstatus').value+"|"+$('timetonextaction_none').value+"|";
    396. 

  396.             meta = meta+$('timetonextaction_days').value+"|"+$('timetonextaction_hours').value+"|";
    397. 

  397.             meta = meta+$('timetonextaction_minutes').value+"||||";
    398. 

  398.             meta = meta+$('target').value+"|"+$('chase_customer').value+"|";
    399. 

  399.             meta = meta+$('chase_manager').value+"|"+$('fromfield').value+"|"+$('replytofield').value+"|";
    400. 

  400.             meta = meta+$('ccfield').value+"|"+$('bccfield').value+"|"+$('tofield').value+"|";
    401. 

  401.             meta = meta+urlencode($('subjectfield').value)+"|"+urlencode($('bodytext').value)+"|"
    402. 

  402.             meta = meta+$('date').value+"|"+$('timeoffset').value;
    403. 

  403. 

  404.             if (toPass != '')
    405. 

  405.             {
    406. 

  406.                 /*
    407. 

  407.                 xmlhttp.open("GET", "ajaxdata.php?action=auto_save&userid="+<?php echo $_SESSION['userid']; ?>+
    408. 

  408.                              "&type=email&incidentid="+<?php echo $id; ?>+
    409. 

  409.                              "&draftid="+draftid+"&meta="+meta+"&content="+
    410. 

  410.                              escape(toPass), true);
    411. 

  411.              */
    412. 

  412. 

  413.                 var url =  "ajaxdata.php";
    414. 

  414.                 var params = "action=auto_save&userid="+<?php echo $_SESSION['userid']; ?>+"&type=email&incidentid="+<?php echo $id; ?>+"&draftid="+draftid+"&meta="+meta+"&content="+escape(toPass);
    415. 

  415.                 xmlhttp.open("POST", url, true)
    416. 

  416.                 xmlhttp.setRequestHeader("Content-type", "application/x-www-form-urlencoded");
    417. 

  417.                 xmlhttp.setRequestHeader("Content-length", params.length);
    418. 

  418.                 xmlhttp.setRequestHeader("Connection", "close");
    419. 

  419. 

  420. 

  421.                 xmlhttp.onreadystatechange=function()
    422. 

  422.                 {
    423. 

  423.                     if (xmlhttp.readyState==4)
    424. 

  424.                     {
    425. 

  425.                         if (xmlhttp.responseText != '')
    426. 

  426.                         {
    427. 

  427.                             if (draftid == -1)
    428. 

  428.                             {
    429. 

  429.                                 draftid = xmlhttp.responseText;
    430. 

  430.                             }
    431. 

  431.                             var currentTime = new Date();
    432. 

  432.                             var hours = currentTime.getHours();
    433. 

  433.                             var minutes = currentTime.getMinutes();
    434. 

  434.                             if (minutes < 10)
    435. 

  435.                             {
    436. 

  436.                                 minutes = "0" + minutes;
    437. 

  437.                             }
    438. 

  438.                             var seconds = currentTime.getSeconds();
    439. 

  439.                             if (seconds < 10)
    440. 

  440.                             {
    441. 

  441.                                 seconds = "0" + seconds;
    442. 

  442.                             }
    443. 

  443.                             $('updatestr').innerHTML = '<?php echo "<a href=\"javascript:save_content();\">".icon('save', 16, $GLOBALS['strSaveDraft'])."</a> ".icon('info', 16, $GLOBALS['strDraftLastSaved'])." "; ?>' + hours + ':' + minutes + ':' + seconds;
    444. 

  444.                             $('draftid').value = draftid;
    445. 

  445.                         }
    446. 

  446.                     }
    447. 

  447.                 }
    448. 

  448.                 xmlhttp.send(params);
    449. 

  449.             }
    450. 

  450.         }
    451. 

  451. 

  452.         setInterval("save_content()", 10000); //every 10 seconds
    453. 

  453. 

  454.         //]]>
    455. 

  455.         </script>
    456. 

  456.         <?php
    457. 

  457.         // External vars
    458. 

  458.         if ($draftid == -1)
    459. 

  459.         {
    460. 

  460.             $emailtype = cleanvar($_REQUEST['emailtype']);
    461. 

  461.             $newincidentstatus = cleanvar($_REQUEST['newincidentstatus']);
    462. 

  462.             $timetonextaction_none = cleanvar($_REQUEST['timetonextaction_none']);
    463. 

  463.             $timetonextaction_days = cleanvar($_REQUEST['timetonextaction_days']);
    464. 

  464.             $timetonextaction_hours = cleanvar($_REQUEST['timetonextaction_hours']);
    465. 

  465.             $timetonextaction_minutes = cleanvar($_REQUEST['timetonextaction_minutes']);
    466. 

  466.             $day = cleanvar($_REQUEST['day']);
    467. 

  467.             $month = cleanvar($_REQUEST['month']);
    468. 

  468.             $year = cleanvar($_REQUEST['year']);
    469. 

  469.             $target = cleanvar($_REQUEST['target']);
    470. 

  470.             $chase_customer = cleanvar($_REQUEST['chase_customer']);
    471. 

  471.             $chase_manager = cleanvar($_REQUEST['chase_manager']);
    472. 

  472.             $date = cleanvar($_REQUEST['date']);
    473. 

  473.             $timeoffset = cleanvar($_REQUEST['timeoffset']);
    474. 

  474.         }
    475. 

  475.         else
    476. 

  476.         {
    477. 

  477.             $emailtype = $metadata[0];
    478. 

  478.             $newincidentstatus = $metadata[1];
    479. 

  479.             $timetonextaction_none = $metadata[2];
    480. 

  480.             $timetonextaction_days = $metadata[3];
    481. 

  481.             $timetonextaction_hours = $metadata[4];
    482. 

  482.             $timetonextaction_minutes = $metadata[5];
    483. 

  483.             $day = $metadata[6];
    484. 

  484.             $month = $metadata[7];
    485. 

  485.             $year = $metadata[8];
    486. 

  486.             $target = $metadata[9];
    487. 

  487.             $chase_customer = $metadata[10];
    488. 

  488.             $chase_manager = $metadata[11];
    489. 

  489.             $date = $metadata[12];
    490. 

  490.             $timeoffset = $metadata[13];
    491. 

  491.         }
    492. 

  492. 

  493. 

  494.         if ($draftid == -1)
    495. 

  495.         {
    496. 

  496.             // Grab the template
    497. 

  497.             $tsql = "SELECT * FROM `{$dbEmailTemplates}` WHERE id=$emailtype LIMIT 1";
    498. 

  498.             $tresult = mysql_query($tsql);
    499. 

  499.             if (mysql_error()) trigger_error(mysql_error(),E_USER_WARNING);
    500. 

  500.             if (mysql_num_rows($tresult) > 0) $template = mysql_fetch_object($tresult);
    501. 

  501.             $paramarray = array('incidentid' => $id, 'triggeruserid' => $sit[2]);
    502. 

  502.             $from = replace_specials($template->fromfield, $paramarray);
    503. 

  503.             $replyto = replace_specials($template->replytofield, $paramarray);
    504. 

  504.             $ccemail = replace_specials($template->ccfield, $paramarray);
    505. 

  505.             $bccemail = replace_specials($template->bccfield, $paramarray);
    506. 

  506.             $toemail = replace_specials($template->tofield, $paramarray);
    507. 

  507.             $subject = replace_specials($template->subjectfield, $paramarray);
    508. 

  508.             $body = replace_specials($template->body, $paramarray);
    509. 

  509.         }
    510. 

  510.         else
    511. 

  511.         {
    512. 

  512.             $from = $metadata[12];
    513. 

  513.             $replyto = $metadata[13];
    514. 

  514.             $ccemail = $metadata[14];
    515. 

  515.             $bccemail = $metadata[15];
    516. 

  516.             $toemail = $metadata[16];
    517. 

  517.             $subject = $metadata[17];
    518. 

  518.             $body = $metadata[18];
    519. 

  519.         }
    520. 

  520. 

  521.         echo "<form action='{$_SERVER['PHP_SELF']}?id={$id}' method='post' ";
    522. 

  522.         echo "enctype='multipart/form-data' onsubmit='return confirm_send_mail();' >";
    523. 

  523.         echo "<table align='center' class='vertical' width='95%'>";
    524. 

  524.         echo "<tr><th width='30%'>{$strFrom}</th><td><input maxlength='100' ";
    525. 

  525.         echo "name='fromfield' id='fromfield' size='40' value=\"{$from}\" /></td></tr>\n";
    526. 

  526.         echo "<tr><th>{$strReplyTo}</th><td><input maxlength='100' name='replytofield' ";
    527. 

  527.         echo "id='replytofield' size='40' value=\"{$replyto}\" /></td></tr>\n";
    528. 

  528.         if (trim($ccemail) == ",") $ccemail = '';
    529. 

  529.         if (substr($ccemail, 0, 1) == ",") $ccfield = substr($ccemail, 1, strlen($ccemail));
    530. 

  530.         echo "<tr><th>{$strCC}</th><td><input maxlength='100' name='ccfield' ";
    531. 

  531.         echo "id='ccfield' size='40' value=\"{$ccemail}\" /></td></tr>\n";
    532. 

  532.         echo "<tr><th>{$strBCC}</th><td><input maxlength='100' name='bccfield' ";
    533. 

  533.         echo "id='bccfield' size='40' value=\"{$bccemail}\" /></td></tr>\n";
    534. 

  534.         echo "<tr><th>{$strTo}</th><td><input maxlength='100' name='tofield' ";
    535. 

  535.         echo "id='tofield' size='40' value=\"{$toemail}\" /></td></tr>\n";
    536. 

  536.         echo "<tr><th>{$strSubject}</th><td><input maxlength='255' ";
    537. 

  537.         echo "name='subjectfield' id='subjectfield' size='40' value=\"{$subject}\" /></td></tr>\n";
    538. 

  538.         echo "<tr><th>{$strAttachment}";
    539. 

  539.         $file_size = readable_file_size($CONFIG['upload_max_filesize']);
    540. 

  540.         echo "(&lt; $file_size)";
    541. 

  541.         echo "</th><td>";
    542. 

  542.         echo "<input type='hidden' name='MAX_FILE_SIZE' value='{$CONFIG['upload_max_filesize']}' />";
    543. 

  543.         echo "<input type='file' name='attachment' size='40' maxfilesize='{$CONFIG['upload_max_filesize']}' />";
    544. 

  544.         echo "</td></tr>";
    545. 

  545.         echo "<tr><th>{$strMessage}</th><td>";
    546. 

  546.         echo "<textarea name='bodytext' id='bodytext' rows='20' cols='65'>";
    547. 

  547.         echo $body;
    548. 

  548.         echo "</textarea>";
    549. 

  549.         echo "<div id='updatestr'><a href='javascript:save_content();'>".icon('save', 16, $strSaveDraft)."</a></div>";
    550. 

  550.         echo "</td></tr>";
    551. 

  551.         plugin_do('incident_email_form2');
    552. 

  552.         echo "</table>";
    553. 

  553.         echo "<p align='center'>";
    554. 

  554.         echo "<input name='newincidentstatus' id='newincidentstatus' type='hidden' value='{$newincidentstatus}' />";
    555. 

  555.         echo "<input name='timetonextaction_none' id='timetonextaction_none' type='hidden' value='{$timetonextaction_none}' />";
    556. 

  556.         echo "<input name='timetonextaction_days' id='timetonextaction_days' type='hidden' value='{$timetonextaction_days}' />";
    557. 

  557.         echo "<input name='timetonextaction_hours' id='timetonextaction_hours' type='hidden' value='{$timetonextaction_hours}' />";
    558. 

  558.         echo "<input name='timetonextaction_minutes' id='timetonextaction_minutes' type='hidden' value='{$timetonextaction_minutes}' />";
    559. 

  559.         echo "<input name='chase_customer' id='chase_customer' type='hidden' value='{$chase_customer}' />";
    560. 

  560.         echo "<input name='chase_manager' id='chase_manager' type='hidden' value='{$chase_manager}' />";
    561. 

  561.         echo "<input name='date' id='date' type='hidden' value='{$date}' />";
    562. 

  562.         echo "<input name='timeoffset' id='timeoffset' type='hidden' value='{$timeoffset}' />";
    563. 

  563.         echo "<input name='target' id='target' type='hidden' value='{$target}' />";
    564. 

  564.         echo "<input type='hidden' id='step' name='step' value='3' />";
    565. 

  565.         echo "<input type='hidden' id='emailtype' name='emailtype' value='{$emailtype}' />";
    566. 

  566.         echo "<input type='hidden' id='draftid' name='draftid' value='{$draftid}' />";
    567. 

  567.         echo "<input name='submit2' type='submit' value='{$strSendEmail}' />";
    568. 

  568.         echo "</p>\n</form>\n";
    569. 

  569. 

  570.         include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
    571. 

  571.     break;
    572. 

  572. 

  573.     case 3:
    574. 

  574.         // show form 3 or send email and update incident
    575. 

  575. 

  576.         // External variables
    577. 

  577.         $bodytext = $_REQUEST['bodytext'];
    578. 

  578.         $tofield = cleanvar($_REQUEST['tofield']);
    579. 

  579.         $fromfield = cleanvar($_REQUEST['fromfield']);
    580. 

  580.         $replytofield = cleanvar($_REQUEST['replytofield']);
    581. 

  581.         $ccfield = cleanvar($_REQUEST['ccfield']);
    582. 

  582.         $bccfield = cleanvar($_REQUEST['bccfield']);
    583. 

  583.         $subjectfield = cleanvar($_REQUEST['subjectfield'], FALSE, TRUE, FALSE);
    584. 

  584.         $emailtype = cleanvar($_REQUEST['emailtype']);
    585. 

  585.         $newincidentstatus = cleanvar($_REQUEST['newincidentstatus']);
    586. 

  586.         $timetonextaction_none = cleanvar($_REQUEST['timetonextaction_none']);
    587. 

  587.         $timetonextaction_days = cleanvar($_REQUEST['timetonextaction_days']);
    588. 

  588.         $timetonextaction_hours = cleanvar($_REQUEST['timetonextaction_hours']);
    589. 

  589.         $timetonextaction_minutes = cleanvar($_REQUEST['timetonextaction_minutes']);
    590. 

  590.         $date = cleanvar($_REQUEST['date']);
    591. 

  591.         $timeoffset = cleanvar($_REQUEST['timeoffset']);
    592. 

  592.         $year = cleanvar($_REQUEST['year']);
    593. 

  593.         $target = cleanvar($_REQUEST['target']);
    594. 

  594.         $chase_customer = cleanvar($_REQUEST['chase_customer']);
    595. 

  595.         $chase_manager = cleanvar($_REQUEST['chase_manager']);
    596. 

  596. 

  597.         // move attachment to a safe place for processing later
    598. 

  598.         if ($_FILES['attachment']['name'] != '')       // Should be using this format throughout TPG 13/08/2002
    599. 

  599.         {
    600. 

  600.             $umask = umask(0000);
    601. 

  601.             $mk = TRUE;
    602. 

  602.             if (!file_exists($CONFIG['attachment_fspath'].$id))
    603. 

  603.             {
    604. 

  604.                 $mk = mkdir($CONFIG['attachment_fspath'].$id, 0770, TRUE);
    605. 

  605.                 if (!$mk)
    606. 

  606.                 {
    607. 

  607.                     trigger_error('Failed creating incident attachment directory: '.$CONFIG['attachment_fspath'].$id, E_USER_WARNING);
    608. 

  608.                 }
    609. 

  609.             }
    610. 

  610. 

  611.             $name = $_FILES['attachment']['name'];
    612. 

  612.             $size = filesize($_FILES['attachment']['tmp_name']);
    613. 

  613.             $sql = "INSERT INTO `{$dbFiles}`(filename, size, userid, usertype) ";
    614. 

  614.             $sql .= "VALUES('{$name}', '{$size}', '{$sit[2]}', '1')";
    615. 

  615.             mysql_query($sql);
    616. 

  616.             if (mysql_error()) trigger_error(mysql_error(), E_USER_WARNING);
    617. 

  617.             $fileid = mysql_insert_id();
    618. 

  618. 

  619.             $filename = $CONFIG['attachment_fspath'].$id.$fsdelim.$fileid."-".$name;
    620. 

  620. 

  621.             $mv = rename($_FILES['attachment']['tmp_name'], $filename);
    622. 

  622.             if (!mv) trigger_error("Problem moving attachment from temp directory: {$filename}", E_USER_WARNING);
    623. 

  623.             $attachmenttype = $_FILES['attachment']['type'];
    624. 

  624.         }
    625. 

  625.         $errors = 0;
    626. 

  626.         // check to field
    627. 

  627.         if ($tofield == '')
    628. 

  628.         {
    629. 

  629.             $errors = 1;
    630. 

  630.             $error_string .= "<p class='error'>".sprintf($strFieldMustNotBeBlank, $strTo)."</p>\n";
    631. 

  631.         }
    632. 

  632.         // check from field
    633. 

  633.         if ($fromfield == '')
    634. 

  634.         {
    635. 

  635.             $errors = 1;
    636. 

  636.             $error_string .= "<p class='error'>".sprintf($strFieldMustNotBeBlank, $strFrom)."</p>\n";
    637. 

  637.         }
    638. 

  638.         // check reply to field
    639. 

  639.         if ($replytofield == '')
    640. 

  640.         {
    641. 

  641.             $errors = 1;
    642. 

  642.             $error_string .= "<p class='error'>".sprintf($strFieldMustNotBeBlank, $strReplyTo)."</p>\n";
    643. 

  643.         }
    644. 

  644.         // Store email body in session if theres been an error
    645. 

  645.         if ($errors > 0) $_SESSION['temp-emailbody'] = $bodytext;
    646. 

  646.         else unset($_SESSION['temp-emailbody']);
    647. 

  647. 

  648.         // send email if no errors
    649. 

  649.         if ($errors == 0)
    650. 

  650.         {
    651. 

  651.             $extra_headers = "Reply-To: $replytofield\nErrors-To: ".user_email($sit[2])."\n";
    652. 

  652.             $extra_headers .= "X-Mailer: {$CONFIG['application_shortname']} {$application_version_string}/PHP " . phpversion() . "\n";
    653. 

  653.             $extra_headers .= "X-Originating-IP: {$_SERVER['REMOTE_ADDR']}\n";
    654. 

  654.             if ($ccfield != '')  $extra_headers .= "CC: $ccfield\n";
    655. 

  655.             if ($bccfield != '') $extra_headers .= "BCC: $bccfield\n";
    656. 

  656.             $extra_headers .= "\n"; // add an extra crlf to create a null line to separate headers from body
    657. 

  657.                                 // this appears to be required by some email clients - INL
    658. 

  658. 

  659.             $mime = new MIME_mail($fromfield, $tofield, html_entity_decode($subjectfield), '', $extra_headers, $mailerror);
    660. 

  660.             // INL 5 Aug 09, quoted-printable seems to split lines in unexpected places, base64 seems to work ok
    661. 

  661.             $mime -> attach($bodytext, 'bodytext', "text/plain; charset={$GLOBALS['i18ncharset']}", 'quoted-printable', 'inline');
    662. 

  662. 

  663.             // check for attachment
    664. 

  664.             //        if ($_FILES['attachment']['name']!='' || strlen($filename) > 3)
    665. 

  665.             if ($filename != '' && strlen($filename) > 3)
    666. 

  666.             {
    667. 

  667.                 //          if (!isset($filename)) $filename = $attachment_fspath.$_FILES['attachment']['name'];   ??? TPG 13/08/2002
    668. 

  668.                 if (!file_exists($filename)) trigger_error("File did not exist upon processing attachment: {$filename}", E_USER_WARNING);
    669. 

  669.                 if ($filename == '') trigger_error("Filename was blank upon processing attachment: {$filename}", E_USER_WARNING);
    670. 

  670. 

  671.                 // Check file size before sending
    672. 

  672.                 if (filesize($filename) > $CONFIG['upload_max_filesize'] || filesize($filename)==FALSE)
    673. 

  673.                 {
    674. 

  674.                     trigger_error("User Error: Attachment too large or file upload error, filename: $filename,  perms: ".fileperms($filename).", size:",filesize($filename), E_USER_WARNING);
    675. 

  675.                     // throwing an error isn't the nicest thing to do for the user but there seems to be no way of
    676. 

  676.                     // checking file sizes at the client end before the attachment is uploaded. - INL
    677. 

  677.                 }
    678. 

  678. 

  679.                 if (preg_match("!/x\-.+!i", $attachmenttype)) $type = OCTET;
    680. 

  680.                 else $type = str_replace("\n","",$attachmenttype);
    681. 

  681.                 $disp = "attachment; filename=\"$name\"; name=\"$name\";";
    682. 

  682.                 $mime -> fattach($filename, "Attachment for incident $id", $type, 'base64', $disp);
    683. 

  683.             }
    684. 

  684. 

  685.             // Lookup the email template (we need this to find out if the update should be visible or not)
    686. 

  686.             $sql = "SELECT * FROM `{$dbEmailTemplates}` WHERE id='$emailtype' ";
    687. 

  687.             $result = mysql_query($sql);
    688. 

  688.             if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_WARNING);
    689. 

  689.             if (mysql_num_rows($result) < 1) trigger_error("Email template '{$meailtype}' not found",E_USER_WARNING);
    690. 

  690.             $emailtype = mysql_fetch_object($result);
    691. 

  691. 

  692.             // actually send the email
    693. 

  693.             $mailok = $mime -> send_mail();
    694. 

  694. 

  695.             if ($mailok == FALSE)
    696. 

  696.             {
    697. 

  697.                 trigger_error("Internal error sending email: send_mail() failed", E_USER_WARNING);
    698. 

  698.             }
    699. 

  699. 

  700.             if ($mailok == TRUE)
    701. 

  701.             {
    702. 

  702.                 // update incident status if necessary
    703. 

  703.                 switch ($timetonextaction_none)
    704. 

  704.                 {
    705. 

  705.                     case 'none':
    706. 

  706.                         $timeofnextaction = 0;
    707. 

  707.                     break;
    708. 

  708. 

  709.                     case 'time':
    710. 

  710.                         $timeofnextaction = calculate_time_of_next_action($timetonextaction_days, $timetonextaction_hours, $timetonextaction_minutes);
    711. 

  711.                     break;
    712. 

  712. 

  713.                     case 'date':
    714. 

  714.                         // kh: parse date from calendar picker, format: 200-12-31
    715. 

  715.                         $date=explode("-", $date);
    716. 

  716.                         $timeofnextaction=mktime(8 + $timeoffset,0,0,$date[1],$date[2],$date[0]);
    717. 

  717.                         $now = time();
    718. 

  718.                         if ($timeofnextaction < 0) $timeofnextaction = 0;
    719. 

  719.                     break;
    720. 

  720. 

  721.                     default:
    722. 

  722.                         $timeofnextaction = 0;
    723. 

  723.                     break;
    724. 

  724.                 }
    725. 

  725. 

  726.                 $oldtimeofnextaction = incident_timeofnextaction($id);
    727. 

  727. 

  728.                 if ($newincidentstatus != incident_status($id))
    729. 

  729.                 {
    730. 

  730.                     $sql = "UPDATE `{$dbIncidents}` SET status='$newincidentstatus', lastupdated='$now', timeofnextaction='$timeofnextaction' WHERE id='$id'";
    731. 

  731.                     mysql_query($sql);
    732. 

  732.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    733. 

  733.                     $updateheader = "New Status: <b>" . incidentstatus_name($newincidentstatus) . "</b>\n\n";
    734. 

  734.                 }
    735. 

  735.                 else
    736. 

  736.                 {
    737. 

  737.                     mysql_query("UPDATE `{$dbIncidents}` SET lastupdated='$now', timeofnextaction='$timeofnextaction' WHERE id='$id'");
    738. 

  738.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    739. 

  739.                 }
    740. 

  740. 

  741.                 $timetext = '';
    742. 

  742. 

  743.                 if ($timeofnextaction != 0)
    744. 

  744.                 {
    745. 

  745.                     $timetext = "Next Action Time: ";
    746. 

  746.                     if (($oldtimeofnextaction-$now) < 1)
    747. 

  747.                     {
    748. 

  748.                         $timetext .= "None";
    749. 

  749.                     }
    750. 

  750.                     else
    751. 

  751.                     {
    752. 

  752.                         $timetext .= date("D jS M Y @ g:i A", $oldtimeofnextaction);
    753. 

  753.                     }
    754. 

  754.                     $timetext .= " -&gt; <b>";
    755. 

  755.                     if ($timeofnextaction < 1)
    756. 

  756.                     {
    757. 

  757.                         $timetext .= "None";
    758. 

  758.                     }
    759. 

  759.                     else
    760. 

  760.                     {
    761. 

  761.                         $timetext .= date("D jS M Y @ g:i A", $timeofnextaction);
    762. 

  762.                     }
    763. 

  763.                     $timetext .= "</b>\n\n";
    764. 

  764.                     //$bodytext = $timetext.$bodytext;
    765. 

  765.                 }
    766. 

  766. 

  767.                 // add update
    768. 

  768.                 $bodytext = htmlentities($bodytext, ENT_COMPAT, 'UTF-8');
    769. 

  769.                 $updateheader .= "{$SYSLANG['strTo']}: [b]{$tofield}[/b]\n";
    770. 

  770.                 $updateheader .= "{$SYSLANG['strFrom']}: [b]{$fromfield}[/b]\n";
    771. 

  771.                 $updateheader .= "{$SYSLANG['strReplyTo']}: [b]{$replytofield}[/b]\n";
    772. 

  772.                 if ($ccfield != '' AND $ccfield != ",") $updateheader .=   "CC: [b]{$ccfield}[/b]\n";
    773. 

  773.                 if ($bccfield != '') $updateheader .= "BCC: [b]{$bccfield}[/b]\n";
    774. 

  774.                 if ($filename != '') $updateheader .= "{$SYSLANG['strAttachment']}: [b][[att={$fileid}]]".$name."[[/att]][/b]\n";
    775. 

  775.                 $updateheader .= "{$SYSLANG['strSubject']}: [b]{$subjectfield}[/b]\n";
    776. 

  776. 

  777.                 if (!empty($updateheader)) $updateheader .= "<hr>";
    778. 

  778.                 $updatebody = $timetext . $updateheader . $bodytext;
    779. 

  779.                 $updatebody = mysql_real_escape_string($updatebody);
    780. 

  780. 

  781.                 $sql  = "INSERT INTO `{$dbUpdates}` (incidentid, userid, bodytext, type, timestamp, currentstatus, customervisibility) ";
    782. 

  782.                 $sql .= "VALUES ({$id}, {$sit[2]}, '{$updatebody}', 'email', '{$now}', '{$newincidentstatus}', '{$emailtype->customervisibility}')";
    783. 

  783.                 mysql_query($sql);
    784. 

  784.                 if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    785. 

  785.                 $updateid = mysql_insert_id();
    786. 

  786. 

  787.                 $sql = "INSERT INTO `{$dbLinks}`(linktype, origcolref, linkcolref, direction, userid) ";
    788. 

  788.                 $sql .= "VALUES (5, '{$updateid}', '{$fileid}', 'left', '{$sit[2]}')";
    789. 

  789.                 mysql_query($sql);
    790. 

  790.                 if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    791. 

  791. 

  792.                 $owner = incident_owner($id);
    793. 

  793. 

  794.                 // Handle meeting of service level targets
    795. 

  795.                 switch ($target)
    796. 

  796.                 {
    797. 

  797.                     case 'none':
    798. 

  798.                         // do nothing
    799. 

  799.                         $sql = '';
    800. 

  800.                     break;
    801. 

  801. 

  802.                     case 'initialresponse':
    803. 

  803.                         $sql  = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) ";
    804. 

  804.                         $sql .= "VALUES ('{$id}', '{$sit[2]}', 'slamet', '{$now}', '{$owner}', '{$newincidentstatus}', 'show', 'initialresponse','{$SYSLANG['strInitialResponseHasBeenMade']}')";
    805. 

  805.                     break;
    806. 

  806. 

  807.                     case 'probdef':
    808. 

  808.                         $sql  = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) ";
    809. 

  809.                         $sql .= "VALUES ('{$id}', '{$sit[2]}', 'slamet', '{$now}', '{$owner}', '{$newincidentstatus}', 'show', 'probdef','{$SYSLANG['strProblemHasBeenDefined']}')";
    810. 

  810.                     break;
    811. 

  811. 

  812.                     case 'actionplan':
    813. 

  813.                         $sql  = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) ";
    814. 

  814.                         $sql .= "VALUES ('{$id}', '{$sit[2]}', 'slamet', '{$now}', '{$owner}', '{$newincidentstatus}', 'show', 'actionplan','{$SYSLANG['strActionPlanHasBeenMade']}')";
    815. 

  815.                     break;
    816. 

  816. 

  817.                     case 'solution':
    818. 

  818.                         $sql  = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, timestamp, currentowner, currentstatus, customervisibility, sla, bodytext) ";
    819. 

  819.                         $sql .= "VALUES ('{$id}', '{$sit[2]}', 'slamet', '{$now}', '{$owner}', '{$newincidentstatus}', 'show', 'solution','{$SYSLANG['strIncidentResolved']}')";
    820. 

  820.                     break;
    821. 

  821.                 }
    822. 

  822.                 if (!empty($sql))
    823. 

  823.                 {
    824. 

  824.                     mysql_query($sql);
    825. 

  825.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    826. 

  826.                 }
    827. 

  827.                 if ($target != 'none')
    828. 

  828.                 {
    829. 

  829.                     // Reset the slaemail sent column, so that email reminders can be sent if the new sla target goes out
    830. 

  830.                     $sql = "UPDATE `{$dbIncidents}` SET slaemail='0', slanotice='0' WHERE id='$id' LIMIT 1";
    831. 

  831.                     mysql_query($sql);
    832. 

  832.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    833. 

  833.                 }
    834. 

  834. 

  835.                 if (!empty($chase_customer))
    836. 

  836.                 {
    837. 

  837.                     $sql_insert = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, currentowner, currentstatus, bodytext, timestamp, customervisibility) ";
    838. 

  838.                     $sql_insert .= "VALUES ('{$id}','{$sit['2']}','auto_chased_phone', '{$owner}', '{$newincidentstatus}', '{$SYSLANG['strCustomerHasBeenCalledToChase']}','{$now}','hide')";
    839. 

  839.                     mysql_query($sql_insert);
    840. 

  840.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    841. 

  841. 

  842.                     $sql_update = "UPDATE `{$dbIncidents}` SET lastupdated = '{$now}' WHERE id = {$id}";
    843. 

  843.                     mysql_query($sql_update);
    844. 

  844.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    845. 

  845.                 }
    846. 

  846. 

  847.                 if (!empty($chase_manager))
    848. 

  848.                 {
    849. 

  849.                     $sql_insert = "INSERT INTO `{$dbUpdates}` (incidentid, userid, type, currentowner, currentstatus, bodytext, timestamp, customervisibility) ";
    850. 

  850.                     $sql_insert .= "VALUES ('{$id}','{$sit['2']}','auto_chased_manager', '{$owner}', '{$newincidentstatus}', 'Manager has been called to chase','{$now}','hide')";
    851. 

  851.                     mysql_query($sql_insert);
    852. 

  852.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    853. 

  853. 

  854.                     $sql_update = "UPDATE `{$dbIncidents}` SET lastupdated = '{$now}' WHERE id = {$id}";
    855. 

  855.                     mysql_query($sql_update);
    856. 

  856.                     if (mysql_error()) trigger_error("MySQL Query Error ".mysql_error(), E_USER_ERROR);
    857. 

  857.                 }
    858. 

  858. 

  859.                 if ($draftid != -1)
    860. 

  860.                 {
    861. 

  861.                     $sql = "DELETE FROM `{$dbDrafts}` WHERE id = {$draftid}";
    862. 

  862.                     mysql_query($sql);
    863. 

  863.                     if (mysql_error()) trigger_error(mysql_error(),E_USER_ERROR);
    864. 

  864.                 }
    865. 

  865. 

  866.                 journal(CFG_LOGGING_FULL, $SYSLANG['strEmailSent'], "{$SYSLANG['strSubject']}: $subjectfield, {$SYSLANG['strIncident']}: $id", CFG_JOURNAL_INCIDENTS, $id);
    867. 

  867.                 // FIXME i18n, maybe have a function that prints a dialog and then closes the window?
    868. 

  868.                 echo "<html>";
    869. 

  869.                 echo "<head>";
    870. 

  870.                 ?>
    871. 

  871.                 <script type="text/javascript">
    872. 

  872.                 function confirm_close_window()
    873. 

  873.                 {
    874. 

  874.                     if (window.confirm('The email was sent successfully, click OK to close this window'))
    875. 

  875.                     {
    876. 

  876.                         window.opener.location='incident_details.php?id=<?php echo $id; ?>';
    877. 

  877.                         window.close();
    878. 

  878.                     }
    879. 

  879.                 }
    880. 

  880.                 </script>
    881. 

  881.                 <?php
    882. 

  882.                 echo "</head>";
    883. 

  883.                 echo "<body onload=\"confirm_close_window();\">";
    884. 

  884.                 echo "</body>";
    885. 

  885.                 echo "</html>";
    886. 

  886.             }
    887. 

  887.             else
    888. 

  888.             {
    889. 

  889.                 include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
    890. 

  890.                 echo "<p class='error'>{$SYSLANG['strErrorSendingEmail']}: $mailerror</p>\n";
    891. 

  891.                 include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
    892. 

  892.             }
    893. 

  893.         }
    894. 

  894.         else
    895. 

  895.         {
    896. 

  896.             // there were errors
    897. 

  897.             include (APPLICATION_INCPATH . 'incident_html_top.inc.php');
    898. 

  898.             echo $error_string;
    899. 

  899.             include (APPLICATION_INCPATH . 'incident_html_bottom.inc.php');
    900. 

  900.         }
    901. 

  901.     break;
    902. 

  902. 

  903.     default:
    904. 

  904.         trigger_error("{$SYSLANG['strInvalidParameter']}: $step", E_USER_ERROR);
    905. 

  905.     break;
    906. 

  906. } // end switch step
    907. 

  907. 

  908. ?>
    909.