Location: PHPKode > projects > OpenSupports > Opensupports_v2_EN/support/admin/staff.php
<?php
session_start();
require "config.php";
if($_SESSION['modo'] == "user")
{
session_unset();
session_destroy();
session_start();
}
if(isset($_POST['user'])){
$user = $_POST['user'];
$pass = $_POST['pass'];
$userreg=mysql_query("select * from staff WHERE user='$user' AND pass='$pass'") or die ("ERROR 1");
$reguser=mysql_fetch_array($userreg) or die ("ERROR, CAN NOT LOGIN");
$_SESSION['user'] = $reguser['user'];
$_SESSION['name'] = $reguser['name'];
$_SESSION['email'] = $reguser['email'];
$_SESSION['articulo'] = $reguser['articulo'];
$_SESSION['ban'] = $reguser['ban'];
$_SESSION['modo'] = "staff";
if($_SESSION['user'] == "")
{
header('Location: error.php');
}
}
elseif(!isset($_SESSION['user']))
{
header('Location: error.php');
}
$modificaultimoingreso= mysql_query("update staff set ultima='$date' where user='$_SESSION[user]'");
?>
<!DOCTYPE HTML PUBLIC "-//W3C//DTD HTML 4.01 Transitional//EN" "http://www.w3.org/TR/html4/loose.dtd">
<html><head>
<script language="JavaScript" type="text/javascript"> 
function enviar()
{
    document.departamentoselect.submit();
}
          </script>
<title>Support Center - <?php echo $titulo; ?></title>
<meta http-equiv="Content-Type" content="text/html; charset=UTF-8"><!-- default stylesheet -->
<link rel="stylesheet" type="text/css" media="all" href="index_files/index.css">
<style type="text/css">
<!--
body {
	background-image: url();
	margin-top: 0px;
	margin-bottom: 0px;
}
-->
</style>
<link rel="stylesheet" href="index_files/style.css" type="text/css">
<!-- default javascript -->
<script language="Javascript">
function mostrarcarga()
{
document.getElementById("articulo").style.display='none';
document.getElementById("cargando").style.display='';
document.articulopost.submit();
}
</script>
<script language="Javascript" src="index_files/basejs.js" type="text/javascript"></script>
<style type="text/css">
<!--
.Estilo2 {color: #003366}
.Estilo3 {color: #000000}
.Estilo5 {color: #666666}
.Estilo9 {color: #FF0000; font-weight: bold; font-size: 10px; }
.Estilo10 {
	color: #009900;
	font-weight: bold;
	font-size: 12px;
}
.Estilo11 {font-size: 12px; color: #009900;}
.Estilo12 {font-size: 10px}
.Estilo15 {
	font-size: 16px;
	color: #666666;
}
.Estilo16 {color: #FF0000}
.Estilo18 {color: #FF0000; font-weight: bold; }
.Estilo19 {
	color: #009900;
	font-weight: bold;
}
.Estilo20 {color: #000099}
-->
</style>
</head>
<body>
<table align="center" border="0" cellpadding="0" cellspacing="0" width="780">
    <tbody>
      <tr>
        <td style="background-image: url();" valign="top"><table align="center" border="0" cellpadding="0" cellspacing="0" width="750">
            <tbody>
              <tr>
                <td><table width="750" border="0" align="center" cellpadding="0" cellspacing="0">
                    <tbody>
                      <tr>
                        <td><table width="100%" border="0" cellpadding="3" cellspacing="0" background="index_files/button-right.jpg">
                            <tbody>
                              <tr>
                                <td class="smalltext" align="left" valign="top"><b><font color="#707070"><a href="index.php" id="navlink"></a>Support Center <img src="login_files/blueblockarrow.gif" width="8" height="8"> Admistration<img src="login_files/blueblockarrow.gif" width="8" height="8"> <a href="login-staff.php">Staff</a> </font></b></td>
                              </tr>
                            </tbody>
                        </table></td>
                      </tr>
                    </tbody>
                </table></td>
              </tr>
              <tr>
                <td><table border="0" cellpadding="0" cellspacing="0" width="100%">
                    <tbody>
                      <tr>
                        <td height="1" width="10"><img src="index_files/space.gif" height="1" width="5"></td>
                        <td height="1" width="10"><img src="index_files/space.gif" height="1" width="1"></td>
                        <td height="1" width="515"><img src="index_files/space.gif" height="1" width="5"></td>
                        <td height="1" width="210"><img src="index_files/space.gif" height="1" width="210"></td>
                        <td height="1" width="5"><img src="index_files/space.gif" height="1" width="5"></td>
                      </tr>
                      <tr>
                        <td height="1" width="10">&nbsp;</td>
                        <td align="left" valign="top" width="10"><img src="index_files/space.gif" height="1" width="5"></td>
                        <td width="515" align="left" valign="top"><?php if(isset($_POST[departamento]))
{
$registros=mysql_query("select * from tickets WHERE departamento='$_POST[departamento]'",$conexion);
if(mysql_fetch_array($registros) > 0)
{
?>
                            <table width="100%" height="69" border="0" cellpadding="3" cellspacing="1">
                              <tbody>
                                <tr class="tabletitlerow" title="" onMouseOver="" onMouseOut="" onClick="" id="" style="" height="">
                                  <td width="50" height="19" colspan="" align="center" valign="middle" class="tabletitlerow">New</td>
                                  <td width="140" colspan="" align="center" valign="middle" class="tabletitlerow">Title&nbsp;</td>
                                  <td width="91" colspan="" align="center" valign="middle" class="tabletitlerow">Autor</td>
                                  <td width="107" align="center" valign="middle" class="tabletitlerow">Date</td>
                                  <td width="91" align="center" valign="middle" class="tabletitlerow">Last </td>
                                </tr>
                                <?php
$registros2=mysql_query("select * from tickets WHERE departamento='$_POST[departamento]' ORDER BY leido ASC",$conexion);

while ($reg=mysql_fetch_array($registros2))
{
?>
                                <tr class="row1" onMouseOver="this.className='rowhighlight';" onMouseOut="this.className='row1';" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>">
                                  <td height="47" align="center" valign="middle" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>">
                                      <img src="<?php
									  if($reg['leido'] == 0) 
									  {
									  echo "si";
									  }
									  else
									  {
									  echo "no";
									  }
									  ?>.png" alt="ver.php?id=<?php echo $reg['id']; ?>" width="16" height="16">
</td>
                                  <td align="center" valign="middle" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>"><span class="smalltext"><a href="ver.php?id=<?php echo $reg['id']; ?>"><?php echo $reg['asunto']; ?></a></span></td>
                                  <td align="center" valign="middle" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>"><span class="smalltext"><?php echo $reg['user']; ?></span></td>
                                  <td align="center" valign="middle" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>"><span class="smalltext"><?php echo $reg['fecha']; ?></span></td>
                                  <td align="center" valign="middle" bgcolor="<?php
							 if($reg['leido'] == 0)
							 {
                             echo "#80A9EA";
							 }
							 if($reg['leido'] == 1)
							 {
                             echo "#EDF4FF"; 
							 }
							 ?>"><span class="smalltext"><?php echo $reg['ultimo']; ?></span></td>
                                </tr>
                                <?php
}
?>
                              </tbody>
                            </table>
                          <p>
                              <?php
}
else
{
?>
                          <p align="center" class="Estilo9 Estilo12">(There aren't any ticket)</p>
                          <?php
}
}
elseif (!isset($_GET[code]) && !isset($_POST['asunto']))
{?>
                          <p></p>
                          <p align="center" class="Estilo10"><img src="staff-big.png" width="128" height="128"></p>
                          <p align="center" class="Estilo10">Welcome to the Staff Panel , <span class="smalltext"><?php echo $_SESSION[name]; ?></span></p>
                          <hr>
                          <p align="center" class="Estilo11">To answer tickets , go to &quot;Show Tickets&quot;. </p>
                          <p>
                              <?php
}
elseif($_GET[code] == "475648DS7E4R5Y44F1ASD2W1" && $_SESSION['articulo'] == 1)
{
?>
                          </p>
                          <p align="center" class="redtext  Estilo15">Publish Article </p>
                          <form action="staff.php?code=475648DS7E4R5Y44F1ASD2W1" method="post" enctype='multipart/form-data' name="articulopost" id="articulopost">                          
  <table width="475" height="152" align="center">
                              <tr>
                                <td width="71" height="25" class="swiftfieldset">Title:</td>
                                <td width="392"><label>
                                  <input name="asunto" type="text" id="asunto">
                                </label></td>
                              </tr>
                              <tr>
                                <td height="45" class="swiftfieldset">Content:</td>
                                <td>
<textarea name="text_content" cols="60" rows="10" id="text_content"></textarea></td>
                              </tr>
                              <tr>
                                <td height="36" class="swiftfieldset">File: <span class="Estilo16">(optional)</span></td>
                                <td><input name='fileuploader' type=file class='bginput' id="fileuploader" value="">
                                  (Max.: 
                                <?php $valorutilizado = $filemax / 1048576; echo $valorutilizado;?>                                  Mb )<span class="Estilo18">*</span></td>
                              </tr>
                              <tr>
                                <td height="34" class="swiftfieldset"><input name="Submit2" type="submit" value="Publish Article" onClick=""></td>
                                <td><span class="Estilo18">*</span><span class="Estilo3">If you add a file, the article can lated more. </span></td>
                              </tr>
                          </table>
						  </form>
                          <p>
                            <?php
}
if(isset($_POST['asunto']))
{
if (strlen($_POST[asunto]) < 4)
{
?>
                            <span class="Estilo18">Error:</span><span class="Estilo16"> Title is very short                            </span>
                            <?php
}
elseif (strlen($_POST[text_content]) < 10)
{
?>
                            <span class="Estilo18">Error:</span><span class="Estilo16"> Content  is very short                            </span>
                            <?php
}
else
{
//INICIA UPLOAD FILE
if($_FILES['fileuploader']['name'] != "")
{
if($_FILES['fileuploader']['size'] < $filemax)
{
do{
$filename = rand(1,1000000) . "_" . $_FILES['fileuploader']['name'];
					$filename=str_replace(" ","_",$filename);
}while(@mysql_num_rows("SELECT file from guias where file LIKE '%$filename%'") == 1);
					$add = "../files/$filename";
					move_uploaded_file($_FILES['fileuploader']['tmp_name'], $add) or die("ERROR1");
					chmod("$add",0777) or die("ERROR2");
					echo "
<span class='Estilo19'><strong>Éxito.</strong> El artículo se a publicado correctamente.</span>";
			}
			else
			{
			?><span class="Estilo18">Error:</span><span class="Estilo16"> Error uploding the file. Perhaps is very high </span><?php
		}
		}
		else
		{
		$filename = "";
		echo "
<span class='Estilo19'><strong>Éxito.</strong> El artículo se a publicado correctamente.</span>";
		}
//Termina
$publcararticulo = mysql_query("INSERT into guias(id,user,file,asunto,contenido,fecha) values ('','$_SESSION[name]','$filename','$_POST[asunto]','$_POST[text_content]','$date')") or die("Error!");
?>
                            <script>
div = document.getElementById("cargando");
div.style.display="none";
</script>
<?php
}
}
elseif($_GET[code] == "R5A7RHE4EW7D75EW5A" && $_SESSION['ban'] == 1)
{

?>
                          </p>
                          <p align="center">&nbsp;</p>
                          <p align="center"><span class="redtext  Estilo15">Delete User</span></p>
                          <form name="form1" method="post" action="staff.php?code=R5A7RHE4EW7D75EW5A">
                            <table width="475" height="67" align="center">
                              <tr>
                                <td width="71" height="25" class="swiftfieldset">Id:</td>
                                <td width="392"><label>
                                  <input name="id" type="text" id="id" size="15">
                                </label></td>
                              </tr>
                              <tr>
                                <td height="34" class="swiftfieldset"><input name="Submit22" type="submit" value="Delete User" onClick=""></td>
                                <td>&nbsp;</td>
                              </tr>
                            </table>
                          </form>
                          <p align="center">
                            <?php if(isset($_POST[id]))
{
if(strlen($_POST[id]) > 0 )
{
//Funcion Borrrar
mysql_query("delete from usuarios where id='$_POST[id]'");
?>
                          </p>
                          <p align="center" class="Estilo19">User has been deleted </p>
						  <?php
						  }
						  else
						  {
						  ?>
						  <p align="center" class="Estilo18">Incorrect ID</p>
                            <?php
}
}
}
?>                        </td>
                        <td align="left" valign="top"><table width="100%" height="323" border="0" cellpadding="0" cellspacing="0">
                            <tbody>
                              <tr>
                                <td align="left" valign="top"><table class="tborder" border="0" cellpadding="0" cellspacing="0" width="100%">
                                    <!-- BEGIN LOGIN BOX -->
                                    <tbody>
                                      <tr class="tcat">
                                        <td align="left" width="1"><img src="index_files/space.gif" height="21" width="1"></td>
                                        <td align="left" width="8"><img src="index_files/blockarrow.gif" height="8" width="8"></td>
                                        <td width="169" align="left" valign="middle">&nbsp;<span class="smalltext">Welcome:<?php echo $_SESSION[name]; ?>(<a href="../close.php">close</a>)</span></td>
                                        <td align="right" width="25">&nbsp;</td>
                                      </tr>
                                      <tr>
                                        <td colspan="4" bgcolor="#f5f5f5"><table border="0" cellpadding="2" cellspacing="1" width="98%">
                                            <tbody>
                                              <tr>
                                                <td class="smalltext" width="97%"><a href="staff.php" class="Estilo2"><img src="clipboard.gif" width="16" height="16"><span class="Estilo3"> Show Tickets </span></a></td>
                                                <td width="3%">&nbsp;</td>
                                              </tr>
                                              <tr>
                                                <td class="smalltext"><img src="new.gif" width="16" height="16">
                                                    <?php
									  if($_SESSION['articulo'] == 1)
									  {
									  ?>
                                                  <span class="Estilo3"> <a href="staff.php?code=475648DS7E4R5Y44F1ASD2W1">Publish Article</a> </span>
                                                    <?php
									 }
									 else
									 {
									 ?>
                                                  <span class="Estilo5">Publish Article </span>
                                                    <?php }	?></td>
                                                <td>&nbsp;</td>
                                              </tr>
                                              <tr>
                                                <td class="smalltext"><p> <img src="lock.gif" width="16" height="16">
                                                      <?php
									  if($_SESSION['ban'] == 1)
									  {
									  ?>
                                                  <a href="staff.php?code=R5A7RHE4EW7D75EW5A" class="Estilo2"><span class="Estilo3"> Delete Users </span></a>
                                                        <?php
									 }
									 else
									 {
									 ?>
                                                  <span class="Estilo5">Delete Users </span>
                                                        <?php } ?>
                                                </p></td>
                                                <td>&nbsp;</td>
                                              </tr>
                                              <tr>
                                                <td class="smalltext"><form name="departamentoselect" method="post" action="staff.php">
                                                    <table class="tborder" border="0" cellpadding="0" cellspacing="0" width="100%">
                                                      <!-- BEGIN LOGIN BOX -->
                                                      <tbody>
                                                        <tr class="tcat">
                                                          <td align="left" width="1"><img src="index_files/space.gif" height="21" width="1"></td>
                                                          <td align="left" width="8"><img src="index_files/blockarrow.gif" height="8" width="8"></td>
                                                          <td width="169" align="left" valign="middle">&nbsp;<img src="clipboard.gif" width="16" height="16"> Show Tickets </td>
                                                          <td align="right" width="25">&nbsp;</td>
                                                        </tr>
                                                        <tr>
                                                          <td colspan="4" bgcolor="#f5f5f5"><table border="0" cellpadding="2" cellspacing="1" width="100%">
                                                              <tbody>
                                                                <tr>
                                                                  <td class="smalltext" width="46%"><label>
                                                                    <select name="departamento" onChange="enviar()">
                                                                      <option value="" selected>Department..</option>
                                                                      <?php
$usuariodep = "-" . $_SESSION['user'] . "-";
$busquedadepartamentos=mysql_query("SELECT * FROM departamentos WHERE staff LIKE '%$usuariodep%'") or die("Problemas en el select departamentos:".mysql_error());
while ($departamento=mysql_fetch_array($busquedadepartamentos))
{
?>
                                                                      <option value="<?php echo $departamento['departamento']; ?>"><?php echo $departamento['departamento']; ?></option>
                                                                      <?php }
																	?>
                                                                    </select>
                                                                  </label></td>
                                                                </tr>
                                                              </tbody>
                                                            </table>
                                                              <script language="Javascript">
						document.loginform.loginemail.focus();
						                            </script></td>
                                                        </tr>
                                                        <!-- END LOGIN BOX -->
                                                        <tr class="borderrow1">
                                                          <td colspan="4" align="left" height="1"><img src="index_files/space.gif" height="1" width="1"></td>
                                                        </tr>
                                                        <tr>                                                        </tr>
                                                      </tbody>
                                                    </table>
                                                </form>
                                                    <a href="seach.php" class="Estilo2">
                                                    <div align="center"></div>
                                                    </a> </td>
                                                <td>&nbsp;</td>
                                              </tr>
                                            </tbody>
                                          </table>
                                            <script language="Javascript">
						document.loginform.loginemail.focus();
						          </script></td>
                                      </tr>
                                      <!-- END LOGIN BOX -->
                                      <tr class="borderrow1">
                                        <td colspan="4" align="left" height="1"><img src="index_files/space.gif" height="1" width="1"></td>
                                      </tr>
                                      <tr>
                                        <td height="22" colspan="4" bgcolor="#f5f5f5">&nbsp;</td>
                                      </tr>
                                    </tbody>
                                </table></td>
                                <td width="5"><img src="index_files/space.gif" height="1" width="5"></td>
                              </tr>
                            </tbody>
                        </table></td>
                        <td height="1" width="5"><img src="index_files/space.gif" height="1" width="5"></td>
                      </tr>
                    </tbody>
                </table></td>
              </tr>
              <tr>
                <td colspan="2" height="15"><div align="center"><?php echo $titulo; echo "©"; echo $fecha = date("Y");  ?>. All rights Reserved - Power by <a href="http://www.opensupports.com" class="Estilo20">OpenSupports</a></div></td>
              </tr>
            </tbody>
        </table></td>
      </tr>
    </tbody>
</table>
  <table border="0" cellpadding="0" cellspacing="0" width="830">
  </table>
  </center></body></html>
Return current item: OpenSupports