PageRenderTime 46ms CodeModel.GetById 18ms RepoModel.GetById 0ms app.codeStats 0ms

/includes/ajax_filter_tasks.php

https://bitbucket.org/websightdesigns/project-manager
PHP | 161 lines | 146 code | 6 blank | 9 comment | 53 complexity | 14c908a7196fb8acab152a712cdea279 MD5 | raw file
    

  1. <?php
    2. 

  2. 	include("../mysql.php");
    3. 

  3. 	$link = mysql_connect($mysqlhost, $mysqluser, $mysqlpass) or die("Could not connect to server");
    4. 

  4. 	mysql_select_db($mysqldb) or die("Could not select database");
    5. 

  5. 	include("functions.php");
    6. 

  6. 

  7. 	$level_auth = getCurrentUserAccessLevel();
    8. 

  8. 	$group_auth = getCurrentUserGroupID();
    9. 

  9. 	$clocked_in = checkIfClockedIn();
    10. 

  10. 

  11. 	// set completed variable through POST or GET
    12. 

  12. 	if(isset($_POST['completed'])) $completed = $_POST['completed'];
    13. 

  13. 

  14. 	// set date format
    15. 

  15. 	if(getSetting("dateFormat", $_SESSION['userid_auth']) == "0") {
    16. 

  16. 	    $date_format_setting = "%b %e %Y";
    17. 

  17. 	} else {
    18. 

  18. 	    $date_format_setting = getSetting("dateFormat", $_SESSION['userid_auth']);
    19. 

  19. 	}
    20. 

  20. 

  21. 	if (isset($_POST['search']) && $_POST['search']) {
    22. 

  22. 		$level_auth = getCurrentUserAccessLevel();
    23. 

  23. 		$group_auth = getCurrentUserGroupID();
    24. 

  24. 		$search_project = "Project: ";
    25. 

  25. 		$search_client = "Client: ";
    26. 

  26. 		// PROJECTS SECTION
    27. 

  27. 		if(substr($_POST['search'], 0, strlen($search_project)) == $search_project) {
    28. 

  28. 			$project_sql = "SELECT id FROM projects WHERE project_name LIKE '%" . str_replace($search_project, "", $_POST['search']) . "%'";
    29. 

  29. 			$project_q = mysql_query($project_sql);
    30. 

  30. 			while($i = mysql_fetch_object($project_q)) {
    31. 

  31. 			    $project_id = $i->id;
    32. 

  32. 			}
    33. 

  33. 			$sql = "SELECT tasks.`id` AS `id`,
    34. 

  34. 				tasks.`task_title` AS `task_title`,
    35. 

  35. 				tasks.`task_describe` AS `task_describe`,
    36. 

  36. 				DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
    37. 

  37. 				DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
    38. 

  38. 				DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
    39. 

  39. 				tasks.`modified` AS `modified`,
    40. 

  40. 				tasks.`duedate` AS `duedate`,
    41. 

  41. 				tasks.`milestoneid` AS `milestoneid`,
    42. 

  42. 				tasks.`projectid` AS `projectid`
    43. 

  43. 				FROM tasks, projects
    44. 

  44. 				WHERE projects.`userid`='" . $_SESSION['userid_auth'] . "'
    45. 

  45. 				AND projects.`id` = tasks.`projectid`
    46. 

  46. 				AND tasks.milestoneid='0'
    47. 

  47. 				AND tasks.completed='" . $completed . "'
    48. 

  48. 				AND tasks.projectid='" . $project_id . "'";
    49. 

  49. 			//if($level_auth < "11") $sql .= " AND projects.groupid = '" . $group_auth . "'";
    50. 

  50. 			$sql .= " ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
    51. 

  51. 			$search_text = "Tasks for the project <span id=\"searchcriteria\">Project: </span><span id=\"searchterm\">".str_replace($search_project, "", $_POST['search'])."</span>";
    52. 

  52. 		// CLIENTS SECTION
    53. 

  53. 		} elseif(substr($_POST['search'], 0, strlen($search_client)) == $search_client) {
    54. 

  54. 			$client_sql = "SELECT id FROM clients WHERE fullname LIKE '%" . str_replace($search_client, "", $_POST['search']) . "%'";
    55. 

  55. 			$client_q = mysql_query($client_sql);
    56. 

  56. 			while($i = mysql_fetch_object($client_q)) {
    57. 

  57. 			    $clientid = $i->id;
    58. 

  58. 			}
    59. 

  59. 			$sql = "SELECT tasks.`id` AS `id`,
    60. 

  60. 				tasks.`task_title` AS `task_title`,
    61. 

  61. 				tasks.`task_describe` AS `task_describe`,
    62. 

  62. 				DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
    63. 

  63. 				DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
    64. 

  64. 				DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
    65. 

  65. 				tasks.`modified` AS `modified`,
    66. 

  66. 				tasks.`duedate` AS `duedate`,
    67. 

  67. 				tasks.`projectid` AS `projectid`
    68. 

  68. 				FROM tasks, projects, clients
    69. 

  69. 				WHERE tasks.projectid=projects.id
    70. 

  70. 				AND projects.clientid=clients.id
    71. 

  71. 				AND clients.id='" . $clientid . "'
    72. 

  72. 				AND projects.`userid`='" . $_SESSION['userid_auth'] . "'
    73. 

  73. 				AND tasks.milestoneid='0'
    74. 

  74. 				AND tasks.completed='" . $completed . "'";
    75. 

  75. 			//if($level_auth < "11") $sql .= " AND projects.groupid = '" . $group_auth . "'";
    76. 

  76. 			$sql .= " ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
    77. 

  77. 			$search_text = "Tasks for the client <u>".str_replace($search_client, "", $_POST['search'])."</u>";
    78. 

  78. 		// TASKS SECTION
    79. 

  79. 		} else {
    80. 

  80. 		    $sql = "SELECT tasks.`id` AS `id`,
    81. 

  81. 			    tasks.`task_title` AS `task_title`,
    82. 

  82. 				tasks.`task_describe` AS `task_describe`,
    83. 

  83. 			    completed,
    84. 

  84. 			    DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
    85. 

  85. 			    DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
    86. 

  86. 			    tasks.`modified` AS `modified`,
    87. 

  87. 			    DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
    88. 

  88. 			    tasks.`duedate` AS `duedate`,
    89. 

  89. 			    milestoneid,
    90. 

  90. 			    projectid
    91. 

  91. 			    FROM tasks
    92. 

  92. 			    WHERE userid='" . $_SESSION['userid_auth'] . "'
    93. 

  93. 			    AND milestoneid='0'
    94. 

  94. 			    AND completed='" . $completed . "'
    95. 

  95. 			    AND task_title LIKE '%" . $_POST['search'] . "%'
    96. 

  96. 			    ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
    97. 

  97. 		    $search_text = "Search results for the search term <u>".$_POST['search']."</u>";
    98. 

  98. 		}
    99. 

  99. 	// NO SEARCH, LOAD EVERYTHING
    100. 

  100. 	} else {
    101. 

  101. 		$sql = "SELECT tasks.`id`,
    102. 

  102. 			tasks.`task_title`,
    103. 

  103. 			tasks.`task_describe`,
    104. 

  104. 			tasks.`completed`,
    105. 

  105. 			DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
    106. 

  106. 			DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
    107. 

  107. 			tasks.`modified` AS `modified`,
    108. 

  108. 			DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
    109. 

  109. 			tasks.`duedate` AS `duedate`,
    110. 

  110. 			tasks.`milestoneid`,
    111. 

  111. 			tasks.`projectid`
    112. 

  112. 			FROM projects, tasks, users";
    113. 

  113. 			if($level_auth < "11" || ($level_auth == "11" && getSetting("onlyShowProjectsInMyGroup", $_SESSION['userid_auth']) == "1"))
    114. 

  114. 				$sql .= " WHERE users.groupid = '" . $group_auth . "' AND users.id='" . $_SESSION['userid_auth'] . "' AND ";
    115. 

  115. 			else $sql .= " WHERE ";
    116. 

  116. 			$sql .= "projects.id=tasks.projectid
    117. 

  117. 			AND users.id=projects.userid
    118. 

  118. 			AND tasks.milestoneid='0'
    119. 

  119. 			AND tasks.completed='" . $completed . "'
    120. 

  120. 			ORDER BY tasks.sort ASC, tasks.priority ASC, tasks.created DESC";
    121. 

  121. 	}
    122. 

  122. 

  123. 	//if($debugmode) echo "<tr><td colspan=\"8\"><pre>sql:<br />".$sql."</pre><br /></td></tr>";
    124. 

  124. 	$q = mysql_query($sql) or die(mysql_error());
    125. 

  125. 	$total_numrows = mysql_num_rows($q);
    126. 

  126. 

  127. 	if(isset($_POST['search']) && $_POST['search']) echo "<p><strong>" . $search_text . "</strong></p>";
    128. 

  128. 	if((isset($_POST['search']) && $_POST['search'] && $total_numrows) || $total_numrows) {
    129. 

  129. 		$j = 0;
    130. 

  130. 		while($i = mysql_fetch_object($q)) {
    131. 

  131. 			$id = $i->id;
    132. 

  132. 			$task_title = $i->task_title;
    133. 

  133. 			$completed = $i->completed;
    134. 

  134. 			$fcreated = $i->fcreated;
    135. 

  135. 			$fmodified = $i->fmodified;
    136. 

  136. 			$modified = $i->modified;
    137. 

  137. 			$fduedate = $i->fduedate;
    138. 

  138. 			$duedate = $i->duedate;
    139. 

  139. 			$project_name = getProjectName($i->projectid);
    140. 

  140. 			if($j % 2 == 0) $rowcolor = "row"; else $rowcolor = "altrow";
    141. 

  141. 			?>
    142. 

  142. 			<tr id="item_<?php echo $id; ?>" class="<? echo $rowcolor; ?> item_<? echo $id; ?>">
    143. 

  143. 				<td><input type="checkbox"<?php if($completed) echo ' checked="checked"'; ?> id="<? echo $id; ?>" /></td>
    144. 

  144. 				<td><?php if($completed): ?>&nbsp;<? else: ?><input type="radio" id="<? echo $id; ?>" name="timeclock"<? if($clocked_in == $id) echo ' checked="checked"' ?> /><? endif; ?></td>
    145. 

  145. 				<td><a href="/includes/ajax_get_task.php?id=<?php echo $id; ?>" class="lightbox" rel="lightbox"><? echo $task_title; ?></a></td>
    146. 

  146. 				<td><?php echo $project_name; ?></td>
    147. 

  147. 				<td><?php if($duedate != "0000-00-00" && $duedate != "") echo $fduedate; else echo '-'; ?></td>
    148. 

  148. 				<td><?php if($modified == "0000-00-00 00:00:00") echo $fcreated; else echo $fmodified; ?></td>
    149. 

  149. 				<td><a href="" id="<?php echo $id; ?>"><img src="/img/icons/button-delete.png"  border="0" alt="" /></a></td>
    150. 

  150. 				<td><?php if(!$_POST['search']): ?><a href="" class="drag"><img src="/img/icons/button-drag.png"  border="0" alt="" /></a><? endif; ?></td>
    151. 

  151. 			</tr>
    152. 

  152. 			<?php
    153. 

  153. 			$j++;
    154. 

  154. 		}
    155. 

  155. 	} elseif(isset($_POST['search']) && $_POST['search'] && !$total_numrows) {
    156. 

  156. 		?><tr class="notice"><td colspan="8">There are no <?php if($completed == "0") echo "incomplete"; elseif($completed == "1") echo "completed";  ?> tasks matching your search.</td></tr><?
    157. 

  157. 	} elseif(!$total_numrows) {
    158. 

  158. 		?><tr class="notice"><td colspan="8">No <?php if($completed == "0") echo "incomplete"; elseif($completed == "1") echo "completed";  ?> tasks. <? if($completed == "0") echo 'Time for a break!'; elseif($completed == "1") echo ' Get to work!'; ?></td></tr><?
    159. 

  159. 	}
    160. 

  160. 	mysql_close($link);
    161. 

  161. ?>
    162.