<?php
function retrieve_msg($err_msg,$conn) {
global $error_msg;
$sql = "SELECT * FROM error_messages WHERE msg_id = '$err_msg'";
$result = mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$error_msg = $row['msg_name'];
}
}
function get_pernames($conn) {
global $per1_id,$per2_id,$per3_id,$per4_id,$per5_id;
$sql = "SELECT * FROM permissions";
$result = mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$getper_id = $row['per_id'];
$getper_name = $row['per_name'];
if ($getper_id == '1') { $per1_id = $getper_name; }
if ($getper_id == '2') { $per2_id = $getper_name; }
if ($getper_id == '3') { $per3_id = $getper_name; }
if ($getper_id == '4') { $per4_id = $getper_name; }
if ($getper_id == '5') { $per5_id = $getper_name; }
}
}
//Gets the prefered contact method as previously defined from the $contact_by and retrives the actual number
function get_contactnum($user_id,$contact_by,$conn) {
global $contact_num;
$sql = "SELECT user_id, work_num, mobile_num, email, fax FROM help_users WHERE user_id = '$user_id'";
$result = mysql_query($sql,$conn) or die(mysql_errno().":2 ".mysql_error());
while ($row = mysql_fetch_array($result)) {
$work_num = $row['work_num'];
$mobile_num = $row['mobile_num'];
$email = $row['email'];
$fax = $row['fax'];
if ($contact_by == '1') { $contact_num = $email; }
if ($contact_by == '2') { $contact_num = $work_num; }
if ($contact_by == '3') { $contact_num = $fax; }
if ($contact_by == '4') { $contact_num = $mobile_num; }
}
}
// Calculates the amount of time left until a request has to be completed
function respond_within($respond_bytime,$conn) {
global $elapsed;
$today_datetime = date("Y-m-d H:i:s");
list ($year, $month, $day, $hour, $min, $sec) = split ('[- :]', $today_datetime);
$now_secs = mktime ($hour, $min, $sec, $month, $day, $year);
list ($year, $month, $day, $hour, $min, $sec) = split ('[- :]', $respond_bytime);
$respond_secs = mktime ($hour, $min, $sec, $month, $day, $year);
if ($now_secs < $respond_secs) {
//This is when u have time left
$diff_secs = $respond_secs - $now_secs;
$elapsed_day = (date ("d", $diff_secs) -1);
$elapsed_hour = (date ("G", $diff_secs));
$elapsed_min = (date ("i", $diff_secs));
if ($elapsed_day == "0") {
$elapsed = "$elapsed_hour hour(s), $elapsed_min min(s).";
} else {
$elapsed = "$elapsed_day day(s), $elapsed_hour hour(s), $elapsed_min min(s).";
}
}
if ($now_secs > $respond_secs) {
//This is when you go over time.
$diff_secs = $now_secs - $respond_secs;
$elapsed_day = (date ("d", $diff_secs) -1);
$elapsed_hour = (date ("G", $diff_secs));
$elapsed_min = (date ("i", $diff_secs));
if ($elapsed_day == "0") {
$elapsed = "<em class=redtext2>$elapsed_hour hour(s), $elapsed_min min(s) OVER</em>.";
} else {
$elapsed = "<em class=redtext2>$elapsed_day day(s), $elapsed_hour hour(s) + OVER</em>.";
}
}
}
function convert_date($input_time) {
global $output_date;
list ($year, $month, $day, $hour, $min, $sec) = split ('[- :]', $input_time);
$input_secs = mktime ($hour, $min, $sec, $month, $day, $year);
$output_date = date("H:i:s, D, M jS Y", $input_secs);
}
//Todays date and time, name of priority (eg, high/med/low), Connection info.
function calc_response($today_datetime,$prio_name,$conn) {
global $plus_datetime,$plus_datetime2;
//Get the hour length from dbase
$sql = "SELECT prio_name, prio_time FROM priorities WHERE prio_name = '$prio_name'";
$result = mysql_query($sql,$conn) or die(mysql_errno().":2 ".mysql_error());
while ($row = mysql_fetch_array($result)) {
$prio_name = $row['prio_name'];
$prio_time = $row['prio_time'];
}
$secs = "3600";
//Calculate the seconds from the hour
$calc_secs = $prio_time * $secs;
list ($year, $month, $day, $hour, $min, $sec) = split ('[- :]', $today_datetime);
$secs_date = mktime ($hour, $min, $sec, $month, $day, $year);
$secs_plus = $secs_date + $calc_secs;
$plus_datetime = date("H:i:s, D, M jS Y", $secs_plus);
$plus_datetime2 = date("Y-m-d H:i:s", $secs_plus);
}
function user_gennum($conn) {
global $request_num;
//First check for a blank field. If there is, use that id instead
$sql = "SELECT request_id, random_number, request_used FROM requests";
$result = mysql_query($sql,$conn) or die(mysql_errno().":2 ".mysql_error());
while ($row = mysql_fetch_array($result)) {
$request_id = $row['request_id'];
$request_used = $row['request_used'];
$random_number = $row['random_number'];
if ($request_used != "yes") {
$output_id = $request_id;
}
}
if ($output_id) {
$request_num = $output_id;
} else {
//Generate the number
mt_srand ((double)microtime() * 1000000);
$random = mt_rand();
//Check to see if num already exists (not likely, but just in case)
$sql = "SELECT random_number FROM requests";
$result = mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$check = $row['random_number'];
if ($check == $random) {
$equal = "yes";
}
}
if (!$equal) {
//Insert the random number
$sql = "insert into requests (request_id, random_number) values ('','$random')";
$result = mysql_query($sql,$conn);
//Now get request id from the random number
$sql_getID = "select request_id, random_number from requests where random_number = '$random'";
$result_getID = mysql_query($sql_getID,$conn) or die(mysql_errno().":2 ".mysql_error());
while ($row_getID = mysql_fetch_array($result_getID)) {
$request_num = $row_getID['request_id'];
}
}
}
}
function user_getname($name_id,$conn) {
global $genout;
$sql = "SELECT user_id, f_name, l_name FROM help_users WHERE user_id='$name_id'";
$result=mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$f_name = $row['f_name'];
$l_name = $row['l_name'];
$genout = "$f_name $l_name";
}
}
function user_login($username,$password,$conn) {
global $warning;
if (!$username || !$password) {
$warning .= '<td class=warning>** ERROR - Please enter your user name or password.';
return false;
} else {
$usernames=strtolower($username);
$password=strtolower($password);
$sql="SELECT * FROM help_users WHERE username='$usernames' AND password='". md5($password) ."'";
$result=mysql_query($sql,$conn);
if (!$result || db_numrows($result) < 1){
$warning .= '<td class=warning>** ERROR - Username not found or password incorrect.';
return false;
} else {
while ($row = mysql_fetch_array($result)) {
$user_ids = $row['user_id'];
$per_ids = $row['per_id'];
$f_names = $row['f_name'];
$l_names = $row['l_name'];
$names = "$f_names $l_names";
}
user_set_sessions($usernames,$user_ids,$per_ids,$names);
$warning .= '<td class=success>** SUCCESS - You Are Now Logged In ';
return true;
}
}
}
function user_set_sessions($usernames,$user_ids,$per_ids,$names) {
global $username,$user_id,$per_id,$name,$valid;
//if ((!$usernames) || (!$user_ids) || (!$per_ids) || (!$names)) {
session_register('username');
session_register('user_id');
session_register('per_id');
session_register('name');
session_register('valid');
//}
session_register('user_id');
$username = "$usernames";
$user_id = "$user_ids";
$per_id = "$per_ids";
$name = "$names";
$valid = "yes";
}
function user_logout() {
$username = "";
$user_id = "";
$per_id = "";
$name = "";
$valid = "";
session_unregister('username');
session_unregister('user_id');
session_unregister('per_id');
session_unregister('name');
session_unregister('valid');
}
function user_getDropMenu($id_name,$name_name,$cur_name,$dbase,$conn,$cur_id,$all) {
global $select;
//Get info from database
$sql = "SELECT $id_name, $name_name FROM $dbase";
$result = mysql_query($sql,$conn);
//Start of menu HTML
$select_beg = "<select name=$cur_name>";
if (!$cur_id) {
$select_start = "<option value=''>=Select an Option=</option>";
}
while ($row = mysql_fetch_array($result)) {
$id = $row[$id_name];
$name = $row[$name_name];
//If the id from the database matched the current id value, add the option to the top of the menu.
if ($id == $cur_id) {
$select_start = "<option value='$id'>$name</option>";
} else {
$select2 .= "<option value='$id'>$name</option>";
}
}
if ($all == "yes") {
if ($cur_id == 'all') {
$select_start = "<option value='all'>All</option>";
} else {
$select2 .= "<option value='all'>All</option>";
}
}
$select = $select_beg.$select_start.$select2.'</select>';
}
function existorder($conn,$user_id,$order_name) {
//Check the order dbase to see if this user already has an order set.
$sql = "SELECT user_id, order_name FROM order_prefs WHERE user_id = '$user_id' AND order_name = '$order_name'";
$result = mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$user_id_temp = $row['user_id'];
}
if ($user_id_temp) {
return true;
} else {
return false;
}
}
function getorder($conn,$user_id,$order_name) {
global $view,$sorted,$ordering,$support_view;
//Get all the values for this particular order.
$sql = "SELECT * FROM order_prefs WHERE user_id = '$user_id' AND order_name = '$order_name'";
$result = mysql_query($sql,$conn);
while ($row = mysql_fetch_array($result)) {
$view = $row['view'];
$sorted = $row['sorted'];
$ordering = $row['ordering'];
$support_view = $row['support_view'];
}
}
//The current Users ID, name of order(eg users/requests), the 3 drop dowm menus: view, sorted and order, then conn is the dbase connection.
function addorder($user_id,$order_name,$view,$sorted,$order,$sup_view,$conn) {
//When a user changes their order, this saves the order in the database.
if ($sup_view) {
$sql_name = ", support_view";
$sql_value = ", $sup_view";
$sql_bit = ", support_view = '$sup_view'";
}
if (existorder($conn,$user_id,$order_name)) { //Check first to see if an entry already exists. If it does, I want to update.
$sql = "UPDATE order_prefs SET view = '$view', sorted = '$sorted', ordering = '$order' $sql_bit WHERE user_id = '$user_id' AND order_name = '$order_name'";
} else {
$sql = "INSERT INTO order_prefs (order_id, user_id, order_name, view, sorted, ordering $sql_name) VALUES ('','$user_id','$order_name','$view','$sorted','$order' $sql_value)";
}
$result = mysql_query($sql,$conn);
if (!$result) {
$warning .= '<td class=warning>** Database error - '.db_error();
} else {
$warning .= '<td class=success>** Successfully Added.';
}
}
function reg_user_session($view,$sorted,$ordering) {
global $user_view,$user_sorted,$user_order;
$user_view = $view;
$user_sorted = $sorted;
$user_order = $ordering;
}
function reg_request_session($view,$sorted,$ordering) {
global $request_view,$request_sorted,$request_ordering;
$request_view = $view;
$request_sorted = $sorted;
$request_order = $ordering;
}
function account_pwvalid($pw) {
global $warning;
if (strlen($pw) < 5) {
$warning .= "<td class=warning>** Password must be at least 5 characters. <br>";
return false;
}
return true;
}
function account_namevalid($name) {
global $warning;
// no spaces
if (strrpos($name,' ') > 0) {
$warning .= "<td class=warning>** There cannot be any spaces in the login name. <br>";
return false;
}
// must have at least one character
if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ") == 0) {
$warning .= "<td class=warning>** There must be at least one character.<br>";
return false;
}
// must contain all legal characters
if (strspn($name,"abcdefghijklmnopqrstuvwxyzABCDEFGHIJKLMNOPQRSTUVWXYZ0123456789-_")
!= strlen($name)) {
$warning .= "<td class=warning>** Illegal character in name.<br> ";
return false;
}
// min and max length
if (strlen($name) < 4) {
$warning .= "<td class=warning>** Name is too short. It must be at least 5 characters.<br> ";
return false;
}
if (strlen($name) > 15) {
$warning .= "<td class=warning>** Name is too long. It must be less than 15 characters.<br>";
return false;
}
// illegal names
if (eregi("^((root)|(bin)|(daemon)|(adm)|(lp)|(sync)|(shutdown)|(halt)|(mail)|(news)"
. "|(uucp)|(operator)|(games)|(mysql)|(httpd)|(nobody)|(dummy)"
. "|(www)|(cvs)|(shell)|(ftp)|(irc)|(debian)|(ns)|(download))$",$name)) {
$warning .= "<td class=warning>** Name is reserved.<br>";
return 0;
}
if (eregi("^(anoncvs_)",$name)) {
$warning .= "<td class=warning>** Name is reserved for CVS.<br>";
return false;
}
return true;
}
function validate_email ($address) {
global $warning;
if (!eregi('^[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+'. '@'. '[-!#$%&\'*+\\/0-9=?A-Z^_`a-z{|}~]+\.' . '[-!#$%&\'*+\\./0-9=?A-Z^_`a-z{|}~]+$', $address)) {
$warning .= "<td class=warning>** E-Mail is not valid.<br>";
return false;
}
return true;
}
?>