<?PHP
/********************************
phpToDoList V0.1 beta
@Author: ds.it (hide@address.com)
@Date: 2006-03-16
@License: GPL (GNU Public License)
**********************************/
#toggle for debug
#ini_set("display_errors","1");
#error_reporting(E_ALL);
# admin password is "admin" (you'll want to change this!)
# CHANGE these values for your needs.
##########################################################################################
$sqlHost = "localhost";
$sqlDB = "bugtrack";
$sqlUser = "root";
$sqlPass = "";
##########################################################################################
$useDB = true; # not yet impl. / later we will use xml files or db
$mode = ""; # overall action switch
$tmpHTML = ""; # output
$header = '
<!DOCTYPE html PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html><head><title></title>
<style type="text/css">
<!--
label {float:left;margin:0px 0px 5px 10px;padding: 2px;}
.textfield {
font:1.1em Verdana, Arial, Helvetica, sans-serif ;
color:#333 ;
margin:0px 0px 5px 10px;
height:20px;
border:solid 0 #fff;
padding: 3px 8px;
background: transparent url("img/formbg.gif") no-repeat;
width:200px;
width:187px;
}
.textsearch {
font:1.1em Verdana, Arial, Helvetica, sans-serif ;
color:#333 ;
height:20px;
border:solid 0 #fff;
background: transparent url("img/formbg.gif") no-repeat;
width:70px;
padding: 3px 8px;
}
body {margin:0px;background:#fcfcfc;}
body, table, td {font-family:sans-serif;font-size:12px;}
a {text-decoration:none;color:#0066ff;}
a:hover {text-decoration:none; color:#000099;}
.mbar1 {padding:2px; float: left; top: 0px; left: 200px; position:absolute; width:300px;}
.mbar2 {padding:2px; float: left; top: 5px; right: 50px; position:absolute;width:100px; }
.mbar3 {width: 32px;position:absolute; top:0px; right:10px; padding:2px; }
.head {width: 180px;position:absolute; top:7px; left:500px; padding:2px; font-size:18px; font-weight:bold; color:white; font-stretch: extra-expanded; font-variant:small-caps;}
.logo {background:url("img/menubar.jpg") repeat-x; width:100%; top:0px;}
.tdh {background:#f0f0f0;font-weight:bold;}
a.mitem:hover{border-bottom: 1px solid white;background:url("img/menubar.jpg") repeat-x; }
//-->
</style>
<meta http-equiv="Content-Type" content="text/html; charset=iso-8859-1">
</head>
<body link="#0000FF" vlink="#0000FF">
<div class="logo"><img src="img/logo.jpg" width=190 height=48 border=0 alt="phpToDoList"></div>';
$footer = '</div><div style="bottom: 0px; width:100%; height:27px; line-height:25px; position: fixed; text-align:right; background:url(\'img/footerbar.jpg\') repeat-x;"><small>© 2006 by ds.it | Last Change: 18.03.2006 by <a href="">lhasa</a> | All rights reserved. | <a href="http://www.gnu.org/copyleft/gpl.html" target="_blank">GPL</a> | <a href="http://phptodolist.sourceforge.net">phpToDoList</a> V0.1beta</small> </div></body></html>';
session_start();
if (isset($_POST['mode'])) {
$mode = sanitize($_POST['mode']);
} elseif (isset($_GET['mode'])) {
$mode = sanitize($_GET['mode']);
}
$connection = mysql_connect($sqlHost,$sqlUser ,$sqlPass );
mysql_select_db( $sqlDB ,$connection);
function sanitize($string, $allowed = array()) {
$allow = null;
if(!empty($allowed))
{
foreach ($allowed as $value)
{
$allow .= "\\$value";
}
}
if(is_array($string))
{
foreach ($string as $key => $clean)
{
$cleaned[$key] = preg_replace( "/[^{$allow}a-zA-Z0-9]/", "", $clean);
}
}
else
{
$cleaned = preg_replace( "/[^{$allow}a-zA-Z0-9]/", "", $string );
}
return $cleaned;
}
# user logged in?
if ($_SESSION['uid']=="" || $_SESSION['username']=="") {
# no -> redirect to login page
if ( !empty($_POST['user']) && !empty($_POST['pass']) ) {
$user = sanitize($_POST['user']);
$pass = sanitize($_POST['pass']);
$sQuery = "SELECT uid,id,pass,hash FROM bugtrack_users WHERE id='".$user."'";
$result = mysql_query($sQuery,$connection);
$userArr = array();
while ($val = mysql_fetch_assoc($result )) {
if ($val['id']==$user) {
if (trim(strlen($pass))>0 && $val['pass'] == md5($pass.$val['hash'])) {
$_SESSION['uid']=$val['uid'];
$_SESSION['username']=$val['id'];
header ("Location: index.php");
}
}
}
} else {
$tmpHTML = "<div id='content'><fieldset>
<form method=post action=\"".$_SERVER['PHP_SELF']."\"><label for='user'>Username</label><input class='textfield' type='text' name='user'><br><label for='pass'>Password</label><input class='textfield' type='password' name='pass'><br><input type='submit' value='login'></fieldset></form>";
}
} else {
$header .= "
<script src='sort.js'></script>
<div class='mbar1'><a class='mitem' title='Meine Aufgaben' href='javascript:ajx(\"userlist\");'><img src='img/home.png' width=32 height=32 border=0 hspace=10 alt='Bearbeiten'></a><a class='mitem' title='Alle Aufgaben' href='javascript:ajx(\"list\")'><img hspace=10 src='img/list.png' width=32 height=32 border=0 alt='Löschen'></a><a class='mitem' title='Neue Aufgabe' href='javascript:ajx(\"new\")'><img hspace=10 src='img/new.png' width=32 height=32 border=0 alt='Neuer Eintrag'></a><a class='mitem' title='Einstellungen' href='javascript:ajx(\"config\")'><img hspace=10 src='img/config.png' width=32 height=32 border=0 alt='config'></a><a class='mitem' title='Hilfe' href='javascript:ajx(\"help\");'><img hspace=10 src='img/help.png' width=32 height=32 border=0 alt='Hilfe'></a></div>
<div class='head' id='heading'>Welcome</div>
<div class='mbar2'><form method=post><input class='textsearch' size='8' type=text name='searchtxt'><input type=submit value='>' name='search'></form></div>
<div class='mbar3'><a class='mitem' title='Benutzer abmelden' href='?mode=logout'><img src='img/lock.png' width=32 height=32 border=0 hspace=5 alt='Benutzer abmelden'></a></div>
<div id='content' style=''>
";
$sQuery = "SELECT * FROM bugtrack_users";
$result = mysql_query($sQuery,$connection);
$userArr = array();
while ($rows = mysql_fetch_assoc($result )) {
Array_push($userArr,$rows);
}
$dateNow = date("d.m.Y, H:i \U\h\\r");
$bugNr = "";
$bugStatus = "";
$bugDate = $dateNow;
$bugUrl = "";
$bugTxt = "";
$bugTyp = "";
$bugPro = "";
$bugPrio = "";
$assigned = "";
$from = "";
$statArr = array(0 => "Open",1 => "20%",2 => "40%",3 => "60%",4 => "80%",5 => "Done");
$prioArr = array(0 => "Low",1 => "Normal",2 => "High",3 => "Alert");
if (isset($_POST['userMail'])) {
$sQuery = "UPDATE bugtrack_users SET username = '" . sanitize($_POST['userName']) . "', userpass = '" . sanitize($_POST['userPass']) . "',usermail = '" . sanitize($_POST['userMail']) . "' WHERE username = '".$_SESSION['username']."'";
$result = mysql_query($sQuery,$connection);
}
else if (!empty($_POST['updateuser'])) {
# if (trim(strlen($pass))>0 && $val['pass'] == md5($pass.$val['hash']))
if (!empty($_POST["newpass"])) {
$HASH_VAR=date('YmdHis').$_SERVER['REMOTE_ADDR'];
$hash=md5($HASH_VAR);
$newpass=md5($_POST["newpass"].$hash);
} else {
$newpass = "";
}
$activeMark = "0";
if ($_POST["active"]=="on") {$activeMark ="1";}
$sQuery = "UPDATE bugtrack_users SET " .
"id='" . $_POST["id"] . "', " .
"email='" . $_POST["email"] . "', " .
"active='" . $activeMark . "', " .
"lname='" . $_POST["lname"] . "', " .
"fname='" . $_POST["fname"] . "', " .
"mname='" . $_POST["mname"] . "', " .
"hash='" . $hash . "', " .
"phone='" . $_POST["phone"] . "', " .
"pass='" . $newpass . "' " .
"WHERE uid='".$_POST["uid"]."'";
# echo $sQuery ;
$result = mysql_query($sQuery,$connection);
echo mysql_error();
}
else if (!empty($_POST['saveuser'])) {
# if (trim(strlen($pass))>0 && $val['pass'] == md5($pass.$val['hash']))
if (!empty($_POST["newpass"])) {
$HASH_VAR=date('YmdHis').$_SERVER['REMOTE_ADDR'];
$hash=md5($HASH_VAR);
$newpass=md5($_POST["newpass"].$hash);
} else {
$newpass = "";
}
$activeMark = "0";
if ($_POST["active"]=="on") {$activeMark ="1";}
$sQuery = "INSERT INTO bugtrack_users VALUES ('".
$_POST["uid"]."', '','','".
$_POST["id"]."','".
$_POST["lname"] . "', '" .
$_POST["fname"] . "', '" .
$_POST["mname"] . "', '" .
$_POST["email"] . "', '" .
$_POST["phone"] . "', '" .
$newpass . "', '" .
$hash . "', '" .
$activeMark . "', '','', '" . date('Y-m-d H:i:s') . "','','')";
echo $sQuery ;
# $result = mysql_query($sQuery,$connection);
echo mysql_error();
}
else if (isset($_POST['add'])) {
if (!empty($_POST['newType'])) {
$sQuery = "SELECT * FROM bugtrackcat WHERE bugcat = '". sanitize($_POST['newType']) . "'";
$result = mysql_query($sQuery,$connection);
$numRows = mysql_num_rows($result);
if ($numRows == 0) {
$sQuery = "INSERT INTO bugtrackcat VALUES('','" . sanitize($_POST['newType']) . "','cat');";
$result = mysql_query($sQuery,$connection);
}
else {
$sQuery = "DELETE FROM bugtrackcat WHERE bugcat = '" . sanitize($_POST['newType']) . "' AND type='cat';";
$result = mysql_query($sQuery,$connection);
}
} else if (!empty($_POST['newBrowser'])) {
$sQuery = "SELECT * FROM bugtrackcat WHERE bugcat = '". sanitize($_POST['newBrowser']) . "'";
$result = mysql_query($sQuery,$connection);
$numRows = mysql_num_rows($result);
if ($numRows == 0) {
$sQuery = "INSERT INTO bugtrackcat VALUES('','" . sanitize($_POST['newBrowser']) . "','browser');";
$result = mysql_query($sQuery,$connection);
}
else {
$sQuery = "DELETE FROM bugtrackcat WHERE bugcat = '" . sanitize($_POST['newBrowser']) . "' AND type='browser';";
$result = mysql_query($sQuery,$connection);
}
} else if (!empty($_POST['newUser'])) {
$sQuery = "INSERT INTO bugtrack_users VALUES('','" . sanitize($_POST['newUser']) . "','','');";
$result = mysql_query($sQuery,$connection);
echo mysql_error();
}
}
else if (isset($_POST['save'])) {
$dateNow = date("Y-m-d H:i:s");
if ($_POST['browser'] == "") {$typ = "5";}
else {$browser = sanitize($_POST['browser']);}
if ($_POST['typ'] == "") {$typ = "5";}
else {$typ = sanitize($_POST['typ']);}
$sQuery ="INSERT INTO bugtrack VALUES (''," .
"'" . $dateNow . "'," .
"'Open'," .
"'" . str_replace("'","''",sanitize($_POST['url'])) . "'," .
"'" . str_replace("'","''",sanitize($_POST['txt'])) . "'," .
"'" . $typ . "'," .
"'" .str_replace("'","''",sanitize($_POST['pro'])) . "'," .
"'" . $browser . "'," .
"'" . sanitize($_POST['prio']). "',".
"'" . sanitize($_POST['assigned']) . "',".
"'" . sanitize($_POST['from']) . "')";
$result = mysql_query($sQuery,$connection);
}
else if (isset($_POST['update'])) {
if ($_POST['typ'] == "") {$typ = "5";}
else {$typ = sanitize($_POST['typ']);}
if ($_POST['browser'] == "") {$typ = "5";}
else {$browser = sanitize($_POST['browser']);}
if (sanitize($_POST['bugStatus'])=="5") {
foreach ($userArr as $k=>$v) {
if ($v[uid]==sanitize($_POST['assigned'])) {
$EMAILF = $v[email];
} else if ($v[uid]==sanitize($_POST['from'])){
$email['tomail'] = $v[email];
}
}
$email['subject']= "Task confirmation: [" . substr($_POST['txt'],0,25) . "]";
$email['msg'] = "The task ".sanitize($_POST['url'])."<br>".sanitize($_POST['txt'])." has been completed. Please review.\n\n";
$email["headers"]="Return-path: ".$EMAILF."\n";
$email["headers"].="From: <".$EMAILF.">\n";
$email["headers"].="Reply-To: <".$EMAILF.">\n";
$email['tomail'] = sanitize($_POST['email']);
@mail($email['tomail'], $email['subject'], $email['msg'], $email['headers']);
}
$sQuery ="UPDATE bugtrack SET bugStatus=" .
"'" . $_POST['bugStatus'] . "',bugUrl=".
"'" .str_replace("'","''",sanitize($_POST['url'])) . "',bugTxt=" .
"'" .str_replace("'","''",sanitize($_POST['txt'])) . "',bugTyp=" .
"'" . $typ . "', browser='" . $browser . "',bugPro=" .
"'" . str_replace("'","''",sanitize($_POST['pro'])) . "',bugPrio=" .
"'" . $_POST['prio'] . "',assigned=".
"'" . $_POST['assigned'] . "',`from`=".
"'" . $_POST['from'] . "' WHERE bugNr = '".sanitize($_POST['bugNr'])."'";
$result = mysql_query($sQuery,$connection);
}
$sQuery = "SELECT * FROM bugtrack ORDER BY bugPrio DESC, bugStatus ASC";
if ($_GET['mode']=="userlist") {
$sQuery = "SELECT * FROM bugtrack WHERE assigned = '".$_SESSION['uid']."'"; }
$result = mysql_query($sQuery,$connection);
$bugArr = array();
while ($rows = mysql_fetch_assoc($result )) {
Array_push($bugArr,$rows);
}
$sQuery = "SELECT * FROM bugtrackcat WHERE type='cat'";
$result = mysql_query($sQuery,$connection);
$typeArr = array();
while ($rows = mysql_fetch_assoc($result )) {
Array_push($typeArr,$rows['bugcat']);
}
$sQuery = "SELECT * FROM bugtrackcat WHERE type='browser'";
$result = mysql_query($sQuery,$connection);
$browserArr = array();
while ($rows = mysql_fetch_assoc($result )) {
Array_push($browserArr,$rows['bugcat']);
}
if ($mode=="edit") {
$sQuery = "SELECT * FROM bugtrack WHERE bugNr = '".sanitize($_GET['id'])."'";
$result = mysql_query($sQuery,$connection);
while ($rows = mysql_fetch_assoc($result )) {
$bugNr = $rows['bugNr'];
$bugStatus = $rows['bugStatus'];
$bugDate = $rows['date_add'];
$bugUrl = $rows['bugUrl'];
$bugTxt = $rows['bugTxt'];
$bugTyp = $rows['bugTyp'];
$browser = $rows['browser'];
$bugPro = $rows['bugPro'];
$bugPrio = $rows['bugPrio'];
$assigned = $rows['assigned'];
$from = $rows['from'];
}
}
else if ($mode=="del") {
$sQuery = "DELETE FROM bugtrack WHERE bugNr = '".sanitize($_GET['id'])."'";
$result = mysql_query($sQuery,$connection);
}
else if ($mode=="user") {
$sQuery = "SELECT usermail FROM bugtrack_users WHERE username = '".$_SESSION['username']."'";
$result = mysql_query($sQuery,$connection);
while ($rows = mysql_fetch_row($result )) {
$userEmail = $rows[0];
}
}
else if ($mode=="savepwd") {
$pass = sanitize($_POST['newpass']);
$sQuery = "UPDATE bugtrack_users SET pass='".$pass."' WHERE username = '".$_SESSION['username']."'";
$result = mysql_query($sQuery,$connection);
}
if (isset($_POST['searchtxt'])) {
$searchRes = "<b>Search results</b><br><br>";
$sQuery = "SELECT * FROM bugtrack WHERE bugTxt LIKE '%".sanitize($_POST['searchtxt'])."%' OR bugUrl = '%".$_POST['searchtxt']."%' OR bugPro = '%".sanitize($_POST['searchtxt'])."%'";
$result = mysql_query($sQuery,$connection);
while ($rows = mysql_fetch_assoc($result )) {
$searchRes .= "<b> #".$rows['bugNr'] ."</b> ".
$rows['bugUrl'] ." <br> ".
$rows['bugTxt'] ." / ".
$rows['bugPro'] ."<br><br>";
}
$searchRes .= "<br><br>";
}
mysql_close($connection);
if (isset($_POST['search'])) {
$tmpHTML .= $searchRes;
}
if ($mode=="del") {
$tmpHTML .= "Eintrag gelöscht.";
}
else if ($mode=="new" || $mode=="edit") {
$tmpHTML .= '
<form method="post" action="'.$_SERVER['PHP_SELF'].'">
<table width=100% border="0" cellpadding=3 cellspacing=2>';
if ($mode=="edit") {
$tmpHTML .= '
<tr bgcolor="#f0f0f0" >
<td colspan=3 valign=center align=left>
<table width=100%>
<tr>
<td colspan=3>
<b style="font-size:20px;"> #'.$bugNr .' '.substr($bugTxt,0,20).'</b>
</td>
</tr>
<tr>
<td>
<b>Date:</b>
</td>
<td>
</td>
<td align=right>'.$bugDate.'
</td>
</tr>
</table>
</td>
<td bgcolor="#ffffff" ></td>
</tr>';
}
$tmpHTML .= '
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Description:</b></td>
<td colspan=2><textarea name="txt" style="width:650px;" rows=5 >'.$bugTxt .'</textarea></td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>URL:</b></td>
<td colspan=2><input type="text" name="url" value="'.$bugUrl .'" style="width:650px;"></td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Type:</b></td>
<td valign=middle align=left><select name="typ" style="width:200px;">
<option value="">-- Please choose --';
foreach ($typeArr as $key => $val) {
if ($bugTyp!="") {
if ($key == $bugTyp) { $tmpHTML .= "<option selected value='".$key."'>".$val; }
else { $tmpHTML .= "<option value='".$key."'>".$val; }
} else {
$tmpHTML .= "<option value='".$key."'>".$val;
}
}
$tmpHTML .= '</select>';
if ($_SESSION['username']=="admin") {$tmpHTML .= '<input type="text" name="newType" value="" style="width:160px;"><input type="submit" name="add" value=">>" > neue Kategorie';};
$tmpHTML .= '</td>
<td valign=middle align=center></td>
<td valign=top bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Browser:</b></td>
<td valign=middle align=left><select name=browser style="width:200px;">
<option value="">-- Please choose --';
foreach ($browserArr as $key => $val) {
if ($bugTyp!="") {
if ($key == $browser) { $tmpHTML .= "<option selected value='".$key."'>".$val; }
else { $tmpHTML .= "<option value='".$key."'>".$val; }
} else {
$tmpHTML .= "<option value='".$key."'>".$val;
}
}
$tmpHTML .= '</select>';
if ($_SESSION['username']=="admin") {$tmpHTML .= '<input type="text" name="newBrowser" value="" style="width:160px;"><input type="submit" name="add" value=">>" > neuer Browser';};
$tmpHTML .= '</td>
<td valign=middle align=center></td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Suggestion:</b></td>
<td colspan=2><textarea name="pro" style="width:650px;" rows=2>'.$bugPro.'</textarea></td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=middle> <b>Task for:</b></td>
<td valign=middle align=left><select name="assigned" style="width:200px;">
<option value="">Please choose';
foreach ($userArr as $k => $v)
{
if ($assigned==$v['uid']) {
$tmpHTML .= '<option selected value="'.$v['uid'].'">' . ucfirst($v['id']);
}
else {
$tmpHTML .= '<option value="'.$v['uid'].'">' . ucfirst($v['id']);
}
}
$tmpHTML .= '</select>';
if ($_SESSION['username']=="admin") {$tmpHTML .= '<input type="text" name="newUser" value="" style="width:160px;"><input type="submit" name="add" value=">>" > neuer User';};
$tmpHTML .= '</td>
<td valign=middle align=center></td>
<td bgcolor="#ffffff" ></td>
</tr>';
if ($mode=="edit") {
if ($assigned == $_SESSION['uid']) {
$tmpHTML .= '
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Status</b></td>
<td colspan=2>
<select name="bugStatus">
<option value="">-- Please choose --';
for ($i=0;$i<=count($statArr)-1;$i++) {
if ($i==$bugStatus ) {
$tmpHTML .= "<option selected value='".$i."' >".$statArr[$i];
} else {
$tmpHTML .= "<option value='".$i."' >".$statArr[$i]; }
}
$tmpHTML .= '
</select>
</td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr bgcolor="#f0f0f0" >
<td valign=top> <b>Priority</b></td>
<td colspan=2><select name="prio">
<option value="">-- Please choose --';
for ($i=0;$i<=count($prioArr)-1;$i++) {
if ($i==$bugPrio ) {
$tmpHTML .= "<option selected value='".$i."' >".$prioArr[$i];
} else {
$tmpHTML .= "<option value='".$i."' >".$prioArr[$i]; }
}
$tmpHTML .= '
</select>
</td>
<td bgcolor="#ffffff" ></td>
</tr>
<tr >
<td colspan=3 align=center><input type="hidden" name="bugNr" value="'.$bugNr .'"><input type="hidden" name="from" value="'.$_SESSION['uid'].'"><input type="submit" name="update" style="width:180px;" value="Save changes"></td>
<td bgcolor="#ffffff" ></td>
</tr>';
}
} else {
$tmpHTML .= '
<tr >
<td colspan=3 align=center><input type="hidden" name="from" value="'.$_SESSION['uid'] .'"><input type="submit" name="save" style="width:180px;" value="send report"></td>
<td bgcolor="#ffffff" ></td>
</tr>';
}
$tmpHTML .= '
</table>
</form>
<br><br><br>';
}
else if ($mode=="list" || $mode=="" || $mode=="userlist") {
$tmpHTML .= '
<table class="sortable" id="unique_id" cellpadding=3 cellspacing=2 style="border:1px solid gray;" width=100%>
<tr style="font-weight:bold;background:#f0f0f0;">
<td width=40> </td><td valign=top> Nr.</td><td >Status</td><td width=80 nowrap>Priority</td><td width=100%>Description</td><td>URL</td><td width=100>Date</td><td width=60>for</td>
</tr>';
foreach ($bugArr as $k => $v) {
if ($v['bugPrio']=="3")
{$tmpHTML .= "<tr style=\"background:#fc6666;\">";} #sehr hoch
else if ($v['bugStatus']=="5")
{$tmpHTML .= "<tr style='text-decoration: line-through;'>";} #erledigt
else {echo "<tr style=\"background:#e8fce8;\">";}
$tmpHTML .= "<td nowrap='nowrap'><a href='" .$_SERVER['PHP_SELF'] . "?mode=edit&id=".$v['bugNr']."'><img src='img/edit.png' hspace=2 border=0></a>";
if ($v['from'] == $_SESSION['uid']) {
$tmpHTML .= "<a href='" .$_SERVER['PHP_SELF'] . "?mode=del&id=".$v['bugNr']."'><img src='img/delete.png' hspace=2 border=0></a>";
}
$tmpHTML .= "</td><td>".$v['bugNr']."</td>
<td>".$statArr[$v['bugStatus']]."</td>
<td>".$prioArr[$v['bugPrio']] . "</td>
<td>".substr($v['bugTxt'],0,50)."</td>
<td><a href='".$v['bugUrl']."' title='".$v['bugUrl']."'>".substr($v['bugUrl'],0,25)."</a></td>
<td>".substr($v['date_add'],0,10)." </td>";
foreach ($userArr as $kk => $kv) {
if ($kv['uid']==$v['assigned']) {
$tmpHTML .= "<td>".$kv['id']." </td>";
break;
}
}
$tmpHTML .= '</tr>';
}
$tmpHTML .= '
</table>
<br><br>';
}
else if ($mode == "logout") {
unset($_SESSION['uid']);
unset($_SESSION['username']);
session_unset();
session_destroy();
header("Location: index.php");
}
else if ($mode == "config") {
$tmpHTML .= '<form name=pwd method=post>';
if ($_SESSION['username'] == "admin") {
#userlist
$tmpHTML .= "<table ><tr><td width=300 valign=top><table cellpadding=3 cellspacing=2 width=300 style='border:1px solid gray;' ><tr><td><h3>User List <input type='button' onclick='location.href=\"index.php?mode=config&id=new\"' value='new'></h3></td></tr>";
foreach ($userArr as $kk => $kv) {
$tmpHTML .= "<tr><td nowrap='nowrap'><a href='" .$_SERVER['PHP_SELF'] . "?mode=config&id=".$kv['uid']."'><img src='img/edit.png' hspace=2 border=0 align=absmiddle>".$kv['id']."</a></tr>";
}
$tmpHTML .= '</table></td>';
#edit user
if ($_GET['id']!="new") {
$tmpHTML .= '<td width=300 valign=top><table cellpadding=3 cellspacing=2 style="border:1px solid gray;" >';
foreach ($userArr as $k=>$v) {
if (($v['uid']==$_GET['id'])) {
$activechk = "";
if ($v['active']=="1") { $activechk = "checked"; }
$tmpHTML .= '
<tr><td class="tdh">Username:</td><td><input name="id" type="text" value="'.$v['id'].'"></td>
</tr><tr><td class="tdh">EMail:</td><td><input name="email" type="text" value="'.$v['email'].'"></td>
</tr><tr><td class="tdh">Active:</td><td><input name="active" type="checkbox" name="active" '.$activechk.'></td>
</tr><tr><td class="tdh">Surname:</td><td><input name="lname" type="text" value="'.$v['lname'] .'"></td>
</tr><tr><td class="tdh">Name:</td><td><input name="fname" type="text" value="'. $v['fname'] .'"></td>
</tr><tr><td class="tdh">Middle:</td><td><input name="mname" type="text" value="'.$v['mname'] .'"></td>
</tr><tr><td class="tdh">Phone:</td><td><input name="phone" type="text" value="'. $v['phone'] . '"></td>
</tr><tr><td class="tdh">Pass:</td><td><input name="newpass" type="password" name="newpass" value=""></td>
</tr><tr><td></td><td><input type="submit" name="deleteuser" value="delete"><input type="submit" name="updateuser" value="update user"><input name="uid" type="hidden" value="'.$v['uid'].'"><br><br></td></tr>';
}
}
} else {
$tmpHTML .= '<td width=300 valign=top><table cellpadding=3 cellspacing=2 style="border:1px solid gray;" >';
$tmpHTML .= '
<tr><td class="tdh">Username:</td><td><input name="id" type="text" value="'.$v['id'].'"></td>
</tr><tr><td class="tdh">EMail:</td><td><input name="email" type="text" value="'.$v['email'].'"></td>
</tr><tr><td class="tdh">Active:</td><td><input name="active" type="checkbox" name="active" '.$activechk.'></td>
</tr><tr><td class="tdh">Surname:</td><td><input name="lname" type="text" value="'.$v['lname'] .'"></td>
</tr><tr><td class="tdh">Name:</td><td><input name="fname" type="text" value="'. $v['fname'] .'"></td>
</tr><tr><td class="tdh">Middle:</td><td><input name="mname" type="text" value="'.$v['mname'] .'"></td>
</tr><tr><td class="tdh">Phone:</td><td><input name="phone" type="text" value="'. $v['phone'] . '"></td>
</tr><tr><td class="tdh">Pass:</td><td><input name="newpass" type="password" name="newpass" value=""></td>
</tr><tr><td></td><td><input type="submit" name="deleteuser" value="delete"><input type="submit" name="saveuser" value="save user"><input name="uid" type="hidden" value="'.$v['uid'].'"><br><br></td></tr>';
}
$tmpHTML .= "</table></td></tr></table>";
}
else {
$tmpHTML .= '<table cellpadding=3 cellspacing=2 style="border:1px solid gray;" >';
$tmpHTML .= '
<tr><td class="tdh">Username:</td><td>'.$_SESSION['username'].'</td>
</tr><tr><td class="tdh">EMail:</td><td><input name="email" type="text" value="'.$v['email'].'"></td>
</tr><tr><td class="tdh">Surname:</td><td><input name="lname" type="text" value="'.$v['lname'] .'"></td>
</tr><tr><td class="tdh">Name:</td><td><input name="fname" type="text" value="'. $v['fname'] .'"></td>
</tr><tr><td class="tdh">Middle:</td><td><input name="mname" type="text" value="'.$v['mname'] .'"></td>
</tr><tr><td class="tdh">Phone:</td><td><input name="phone" type="text" value="'. $v['phone'] . '"></td>
</tr><tr><td class="tdh">Pass:</td><td><input name="newpass" type="password" name="newpass" value=""></td>
</tr><tr><td></td><td><input type="submit" name="updateuser" value="save user"><input name="uid" type="hidden" value="'.$_SESSION['uid'].'"><br><br></td></tr></table>';
}
$tmpHTML .= '</form>';
}
else if ($mode == "help") {
$tmpHTML .= '
<table cellpadding=3 cellspacing=2 width=100%>
<tr style="">
<td>
<div style="border: 1px solid gray; padding: 5px; width: 90%;">
<div style="background: rgb(240, 240, 240) none repeat scroll 0% 50%; font-size: 16px;">
<strong>My Tasks / Task-List </strong></div>
<ul><br><strong>red/rot </strong>- alert / Priorität sehr hoch<br>
<br><strong>white/weiss</strong> - finished tasks / erledigte Aufgaben<br>
<br><strong>green/grün </strong>- all other tasks / alle anderen Aufgaben<br>
<br>List is sorted by priority and status.
<br>Die Liste ist nach Priorität und zusätzlich nach Status sortiert. </ul></div>
<br>
<br>
<div style="border: 1px solid gray; padding: 5px; width: 90%;">
<div style="background: rgb(240, 240, 240) none repeat scroll 0% 50%; font-size: 16px;"><strong>Neu</strong></div>
<ul><br><b>New, Delete / Neu anlegen, Löschen</b><br>Everyone can change every task. Only the task initiator can delete a task. Status and priority are controlled by the assigned user.
<br>Jeder kann jede Aufgabe ändern. Nur der Auftraggeber kann eine Aufgabe löschen. Status und Priorität werden vom Beauftragten festgelegt. <br><br>
<b>Type, Browser, Task for / Art, Browser, Auftrag für</b>
<br>To add or delete a category, type the new/old name and click ">>".
<br>Um einen Eintrag zur Kategorienliste hinzufügen bzw. zu löschen, den neuen/entsprechenden Namen eingeben
und ">>" klicken.
<br><br><b>Task for / Auftrag für:</b>
<br>After a task is finished the task initiator gets a confirmation mail.
<br>Nachdem die Aufgabe erledigt wurde, erhält der Auftraggeber eine EMail über die Fertigstellung. </ul></div>
</td>
</tr>
</table>';
}
$tmpHTML .= "<script>";
$tmpHTML .= "function submitter(command) {";
$tmpHTML .= " document.forms.siteflx.action.value = command;";
$tmpHTML .= " document.forms.siteflx.submit();";
$tmpHTML .= " } ";
$tmpHTML .= "</script>";
}
if ($_GET['ajx']) {
echo $tmpHTML;
} else {
echo $header . $tmpHTML . $footer;
}