/includes/ajax_filter_tasks.php
PHP | 161 lines | 146 code | 6 blank | 9 comment | 53 complexity | 14c908a7196fb8acab152a712cdea279 MD5 | raw file
- <?php
- include("../mysql.php");
- $link = mysql_connect($mysqlhost, $mysqluser, $mysqlpass) or die("Could not connect to server");
- mysql_select_db($mysqldb) or die("Could not select database");
- include("functions.php");
- $level_auth = getCurrentUserAccessLevel();
- $group_auth = getCurrentUserGroupID();
- $clocked_in = checkIfClockedIn();
- // set completed variable through POST or GET
- if(isset($_POST['completed'])) $completed = $_POST['completed'];
- // set date format
- if(getSetting("dateFormat", $_SESSION['userid_auth']) == "0") {
- $date_format_setting = "%b %e %Y";
- } else {
- $date_format_setting = getSetting("dateFormat", $_SESSION['userid_auth']);
- }
- if (isset($_POST['search']) && $_POST['search']) {
- $level_auth = getCurrentUserAccessLevel();
- $group_auth = getCurrentUserGroupID();
- $search_project = "Project: ";
- $search_client = "Client: ";
- // PROJECTS SECTION
- if(substr($_POST['search'], 0, strlen($search_project)) == $search_project) {
- $project_sql = "SELECT id FROM projects WHERE project_name LIKE '%" . str_replace($search_project, "", $_POST['search']) . "%'";
- $project_q = mysql_query($project_sql);
- while($i = mysql_fetch_object($project_q)) {
- $project_id = $i->id;
- }
- $sql = "SELECT tasks.`id` AS `id`,
- tasks.`task_title` AS `task_title`,
- tasks.`task_describe` AS `task_describe`,
- DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
- tasks.`modified` AS `modified`,
- tasks.`duedate` AS `duedate`,
- tasks.`milestoneid` AS `milestoneid`,
- tasks.`projectid` AS `projectid`
- FROM tasks, projects
- WHERE projects.`userid`='" . $_SESSION['userid_auth'] . "'
- AND projects.`id` = tasks.`projectid`
- AND tasks.milestoneid='0'
- AND tasks.completed='" . $completed . "'
- AND tasks.projectid='" . $project_id . "'";
- //if($level_auth < "11") $sql .= " AND projects.groupid = '" . $group_auth . "'";
- $sql .= " ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
- $search_text = "Tasks for the project <span id=\"searchcriteria\">Project: </span><span id=\"searchterm\">".str_replace($search_project, "", $_POST['search'])."</span>";
- // CLIENTS SECTION
- } elseif(substr($_POST['search'], 0, strlen($search_client)) == $search_client) {
- $client_sql = "SELECT id FROM clients WHERE fullname LIKE '%" . str_replace($search_client, "", $_POST['search']) . "%'";
- $client_q = mysql_query($client_sql);
- while($i = mysql_fetch_object($client_q)) {
- $clientid = $i->id;
- }
- $sql = "SELECT tasks.`id` AS `id`,
- tasks.`task_title` AS `task_title`,
- tasks.`task_describe` AS `task_describe`,
- DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
- tasks.`modified` AS `modified`,
- tasks.`duedate` AS `duedate`,
- tasks.`projectid` AS `projectid`
- FROM tasks, projects, clients
- WHERE tasks.projectid=projects.id
- AND projects.clientid=clients.id
- AND clients.id='" . $clientid . "'
- AND projects.`userid`='" . $_SESSION['userid_auth'] . "'
- AND tasks.milestoneid='0'
- AND tasks.completed='" . $completed . "'";
- //if($level_auth < "11") $sql .= " AND projects.groupid = '" . $group_auth . "'";
- $sql .= " ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
- $search_text = "Tasks for the client <u>".str_replace($search_client, "", $_POST['search'])."</u>";
- // TASKS SECTION
- } else {
- $sql = "SELECT tasks.`id` AS `id`,
- tasks.`task_title` AS `task_title`,
- tasks.`task_describe` AS `task_describe`,
- completed,
- DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- tasks.`modified` AS `modified`,
- DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
- tasks.`duedate` AS `duedate`,
- milestoneid,
- projectid
- FROM tasks
- WHERE userid='" . $_SESSION['userid_auth'] . "'
- AND milestoneid='0'
- AND completed='" . $completed . "'
- AND task_title LIKE '%" . $_POST['search'] . "%'
- ORDER BY tasks.modified, tasks.priority ASC, tasks.created ASC";
- $search_text = "Search results for the search term <u>".$_POST['search']."</u>";
- }
- // NO SEARCH, LOAD EVERYTHING
- } else {
- $sql = "SELECT tasks.`id`,
- tasks.`task_title`,
- tasks.`task_describe`,
- tasks.`completed`,
- DATE_FORMAT(tasks.`created`, '" . $date_format_setting . ", %l:%i %p') AS `fcreated`,
- DATE_FORMAT(tasks.`modified`, '" . $date_format_setting . ", %l:%i %p') AS `fmodified`,
- tasks.`modified` AS `modified`,
- DATE_FORMAT(tasks.`duedate`, '" . $date_format_setting . "') AS `fduedate`,
- tasks.`duedate` AS `duedate`,
- tasks.`milestoneid`,
- tasks.`projectid`
- FROM projects, tasks, users";
- if($level_auth < "11" || ($level_auth == "11" && getSetting("onlyShowProjectsInMyGroup", $_SESSION['userid_auth']) == "1"))
- $sql .= " WHERE users.groupid = '" . $group_auth . "' AND users.id='" . $_SESSION['userid_auth'] . "' AND ";
- else $sql .= " WHERE ";
- $sql .= "projects.id=tasks.projectid
- AND users.id=projects.userid
- AND tasks.milestoneid='0'
- AND tasks.completed='" . $completed . "'
- ORDER BY tasks.sort ASC, tasks.priority ASC, tasks.created DESC";
- }
- //if($debugmode) echo "<tr><td colspan=\"8\"><pre>sql:<br />".$sql."</pre><br /></td></tr>";
- $q = mysql_query($sql) or die(mysql_error());
- $total_numrows = mysql_num_rows($q);
- if(isset($_POST['search']) && $_POST['search']) echo "<p><strong>" . $search_text . "</strong></p>";
- if((isset($_POST['search']) && $_POST['search'] && $total_numrows) || $total_numrows) {
- $j = 0;
- while($i = mysql_fetch_object($q)) {
- $id = $i->id;
- $task_title = $i->task_title;
- $completed = $i->completed;
- $fcreated = $i->fcreated;
- $fmodified = $i->fmodified;
- $modified = $i->modified;
- $fduedate = $i->fduedate;
- $duedate = $i->duedate;
- $project_name = getProjectName($i->projectid);
- if($j % 2 == 0) $rowcolor = "row"; else $rowcolor = "altrow";
- ?>
- <tr id="item_<?php echo $id; ?>" class="<? echo $rowcolor; ?> item_<? echo $id; ?>">
- <td><input type="checkbox"<?php if($completed) echo ' checked="checked"'; ?> id="<? echo $id; ?>" /></td>
- <td><?php if($completed): ?> <? else: ?><input type="radio" id="<? echo $id; ?>" name="timeclock"<? if($clocked_in == $id) echo ' checked="checked"' ?> /><? endif; ?></td>
- <td><a href="/includes/ajax_get_task.php?id=<?php echo $id; ?>" class="lightbox" rel="lightbox"><? echo $task_title; ?></a></td>
- <td><?php echo $project_name; ?></td>
- <td><?php if($duedate != "0000-00-00" && $duedate != "") echo $fduedate; else echo '-'; ?></td>
- <td><?php if($modified == "0000-00-00 00:00:00") echo $fcreated; else echo $fmodified; ?></td>
- <td><a href="" id="<?php echo $id; ?>"><img src="/img/icons/button-delete.png" border="0" alt="" /></a></td>
- <td><?php if(!$_POST['search']): ?><a href="" class="drag"><img src="/img/icons/button-drag.png" border="0" alt="" /></a><? endif; ?></td>
- </tr>
- <?php
- $j++;
- }
- } elseif(isset($_POST['search']) && $_POST['search'] && !$total_numrows) {
- ?><tr class="notice"><td colspan="8">There are no <?php if($completed == "0") echo "incomplete"; elseif($completed == "1") echo "completed"; ?> tasks matching your search.</td></tr><?
- } elseif(!$total_numrows) {
- ?><tr class="notice"><td colspan="8">No <?php if($completed == "0") echo "incomplete"; elseif($completed == "1") echo "completed"; ?> tasks. <? if($completed == "0") echo 'Time for a break!'; elseif($completed == "1") echo ' Get to work!'; ?></td></tr><?
- }
- mysql_close($link);
- ?>