Refactor contact management functions and remove phpinfo.php

- Updated formatting and structure of functions in edit_contact.inc.php for better readability and consistency.
- Added comments to clarify the purpose of certain code sections, especially regarding mandant handling.
- Removed the deprecated phpinfo.php file to clean up the codebase.
This commit is contained in:
2026-05-11 08:54:44 +02:00
parent 8749bc7994
commit 52ca9249c3
64 changed files with 13445 additions and 3562 deletions

View File

@@ -96,9 +96,14 @@ RewriteRule ^mysyde/([^/.]*)/([^/.]*)/([^/.]*)/([^/.]*)/$ /mysyde/admin/admin.ph
# RewriteRule ^dc/([^/.]*)/([^/.]*)/([^/.]*)/$ /mysyde/admin/admin.php?site=$1&language=$2&level_1=$3&level_2=$4 [L,QSA]
# RewriteRule ^dc/([^/.]*)/([^/.]*)/([^/.]*)/([^/.]*)/$ /mysyde/admin/admin.php?site=$1&language=$2&level_1=$3&level_2=$4&level_3=$5 [L,QSA]
#RewriteCond %{REQUEST_FILENAME} !-d
# userdata immer ueber Session-Controller
RewriteRule ^userdata/?$ /mysyde/frontend/frontend_userdata_controller.php [L,QSA]
RewriteRule ^userdata/(.+)$ /mysyde/frontend/frontend_userdata_controller.php?file=$1 [L,B,QSA]
# layout weiterhin direkt ausliefern
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^(layout|userdata)($|/) - [L]
RewriteRule ^layout($|/) - [L]
RewriteCond %{REQUEST_FILENAME} !-f
RewriteRule ^((?!dc).*)$ /mysyde/frontend/frontend.php [L,QSA]

View File

@@ -5570,6 +5570,23 @@ li#user_menu ul {
height: auto;
}
.main_menu.main_navigation {
overflow-y: auto !important;
height: calc(100dvh - 160px - 70px) !important;
display: block !important;
width: calc(100% - 1px) !important;
padding-bottom: 40px !important;
}
.main_menu:nth-child(2) {
position: fixed !important;
bottom: 0 !important;
left: 0 !important;
width: 286px !important;
z-index: 10 !important;
border-top: 1px solid var(--rahmen-toggle) !important;
}
/*
* === Specific styles for structure nav (without gray background) =============
*/

View File

@@ -5617,6 +5617,8 @@ input#login-button:hover {
width: 100%;
height: 100%;
z-index: -1;
background-image: url('/module/intranet/login_pic/Hamburg.jpg');
}
div#login-area {
@@ -11386,7 +11388,7 @@ body.login_area .login_button a {
padding: 12px 24px 12px 48px;
border: 1px solid var(--fc-primary);
border-radius: 4px;
background-image: url("/userdata/01_Basic/03_Icons/microsoft.svg");
background-image: url("/module/intranet/login_pic/microsoft.svg");
background-repeat: no-repeat;
background-size: 20px 20px;
background-position: 10px center;

File diff suppressed because it is too large Load Diff

File diff suppressed because it is too large Load Diff

View File

@@ -0,0 +1,19 @@
/*!
* Font Awesome Free 6.7.1 by @fontawesome - https://fontawesome.com
* License - https://fontawesome.com/license/free (Icons: CC BY 4.0, Fonts: SIL OFL 1.1, Code: MIT License)
* Copyright 2024 Fonticons, Inc.
*/
:root, :host {
--fa-style-family-classic: 'Font Awesome 6 Free';
--fa-font-solid: normal 900 1em/1 'Font Awesome 6 Free'; }
@font-face {
font-family: 'Font Awesome 6 Free';
font-style: normal;
font-weight: 900;
font-display: block;
src: url("../webfonts/fa-solid-900.woff2") format("woff2"), url("../webfonts/fa-solid-900.ttf") format("truetype"); }
.fas,
.fa-solid {
font-weight: 900; }

2
layout/frontend/b2c/dist/js/fonta.js vendored Normal file

File diff suppressed because one or more lines are too long

4
module/api/.htaccess Normal file
View File

@@ -0,0 +1,4 @@
<Files "notifications-c5c54-a9705bfea23c.json">
Order allow,deny
Deny from all
</Files>

View File

@@ -2,7 +2,8 @@
error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR | E_USER_ERROR);
ini_set('display_errors', 1);
function getAccessToken($jsonKeyPath) {
function getAccessToken($jsonKeyPath)
{
try {
$jwt = generateJWT($jsonKeyPath);
@@ -29,7 +30,8 @@ function getAccessToken($jsonKeyPath) {
return $jsonResponse['access_token'];
}
function generateJWT($jsonKeyPath) {
function generateJWT($jsonKeyPath)
{
$jsonKey = json_decode(file_get_contents($jsonKeyPath), true);
$header = base64_encode(json_encode([
@@ -55,8 +57,10 @@ function generateJWT($jsonKeyPath) {
return $signatureInput . '.' . $signature;
}
function send($token, $username, $message){
$jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
function send($token, $username, $message)
{
// $jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
$jsonKeyPath = 'secrets/notifications-c5c54-a9705bfea23c.json';
$accessToken = getAccessToken($jsonKeyPath);
$json = json_encode([
@@ -73,7 +77,7 @@ function send($token, $username, $message){
"apns" => [
"payload" => [
"aps" => [
"content-available" => 1 // Требуется для пробуждения приложения на iOS
"content-available" => 1
]
]
]
@@ -181,12 +185,12 @@ if ($result_collections->num_rows > 0) {
var_dump($mergedArray);
foreach ($mergedArray as $element) {
if ( $element['abteilung'] == "" && $element['role'] == "") {
if ($element['abteilung'] == "" && $element['role'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1";
} else if ( $element['abteilung'] == "") {
} else if ($element['abteilung'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_role_id = " . $element['role'];
} else if ( $element['role'] == "") {
} else if ($element['role'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_department_id = " . $element['abteilung'];
} else {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_department_id = " . $element['abteilung'] . " and main_role_id = " . $element['role'];
@@ -195,12 +199,12 @@ if ($result_collections->num_rows > 0) {
var_dump($sql);
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$query = "SELECT DISTINCT main_contact.id, main_contact.name, token_contact.token as 'token' FROM main_contact LEFT JOIN token_contact ON token_contact.contact_id = main_contact.id WHERE main_contact.id = '".$row['main_contact_id']."'";
while ($row = $result->fetch_assoc()) {
$query = "SELECT DISTINCT main_contact.id, main_contact.name, token_contact.token as 'token' FROM main_contact LEFT JOIN token_contact ON token_contact.contact_id = main_contact.id WHERE main_contact.id = '" . $row['main_contact_id'] . "'";
// var_dump($query);
$user_result = $conn->query($query);
if ($user_result->num_rows > 0) {
while($contact = $user_result->fetch_assoc()) {
while ($contact = $user_result->fetch_assoc()) {
if ($contact['token'] != null && $contact['token'] != "") {
// send($contact['token'], "Intranet", "Neuer Beitrag im Intranet");
$contact_info = [

View File

@@ -11,7 +11,8 @@ $domain = $_POST['domain'];
$input_collection_id = $_POST['input_collection_id'];
function getAccessToken($jsonKeyPath) {
function getAccessToken($jsonKeyPath)
{
try {
$jwt = generateJWT($jsonKeyPath);
@@ -38,7 +39,8 @@ function getAccessToken($jsonKeyPath) {
return $jsonResponse['access_token'];
}
function generateJWT($jsonKeyPath) {
function generateJWT($jsonKeyPath)
{
$jsonKey = json_decode(file_get_contents($jsonKeyPath), true);
$header = base64_encode(json_encode([
@@ -64,8 +66,10 @@ function generateJWT($jsonKeyPath) {
return $signatureInput . '.' . $signature;
}
function send($token, $username, $message){
$jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
function send($token, $username, $message)
{
// $jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
$jsonKeyPath = 'secrets/notifications-c5c54-a9705bfea23c.json';
$accessToken = getAccessToken($jsonKeyPath);
@@ -100,7 +104,7 @@ function send($token, $username, $message){
"apns" => [
"payload" => [
"aps" => [
"content-available" => 1 // Требуется для пробуждения приложения на iOS
"content-available" => 1
]
]
]
@@ -180,24 +184,24 @@ $tokenArray = [];
foreach ($mergedArray as $element) {
// $sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_department_id = " . $element['abteilung'] . " and main_role_id = " . $element['role'];
// var_dump($sql);
if ( $element['abteilung'] == "" && $element['role'] == "") {
if ($element['abteilung'] == "" && $element['role'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1";
} else if ( $element['abteilung'] == "") {
} else if ($element['abteilung'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_role_id = " . $element['role'];
} else if ( $element['role'] == "") {
} else if ($element['role'] == "") {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_department_id = " . $element['abteilung'];
} else {
$sql = "SELECT DISTINCT main_contact_id FROM main_contact_department WHERE main_mandant_id = 1 AND active = 1 and main_department_id = " . $element['abteilung'] . " and main_role_id = " . $element['role'];
}
$result = $conn->query($sql);
if ($result->num_rows > 0) {
while($row = $result->fetch_assoc()) {
$query = "SELECT DISTINCT main_contact.id, main_contact.name, token_contact.token as 'token' FROM main_contact LEFT JOIN token_contact ON token_contact.contact_id = main_contact.id WHERE main_contact.id = '".$row['main_contact_id']."'";
while ($row = $result->fetch_assoc()) {
$query = "SELECT DISTINCT main_contact.id, main_contact.name, token_contact.token as 'token' FROM main_contact LEFT JOIN token_contact ON token_contact.contact_id = main_contact.id WHERE main_contact.id = '" . $row['main_contact_id'] . "'";
// var_dump($query);
$user_result = $conn->query($query);
if ($user_result->num_rows > 0) {
while($contact = $user_result->fetch_assoc()) {
while ($contact = $user_result->fetch_assoc()) {
if ($contact['token'] != null && $contact['token'] != "") {
// send($contact['token'], "Intranet", "Neuer Beitrag im Intranet");
$contact_info = [

View File

@@ -8,7 +8,8 @@ $domain = $_POST['domain'];
$news_id = $_POST["news_id"];
function getAccessToken($jsonKeyPath) {
function getAccessToken($jsonKeyPath)
{
try {
$jwt = generateJWT($jsonKeyPath);
@@ -35,7 +36,8 @@ function getAccessToken($jsonKeyPath) {
return $jsonResponse['access_token'];
}
function generateJWT($jsonKeyPath) {
function generateJWT($jsonKeyPath)
{
$jsonKey = json_decode(file_get_contents($jsonKeyPath), true);
$header = base64_encode(json_encode([
@@ -65,7 +67,8 @@ function generateJWT($jsonKeyPath) {
$jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
// $jsonKeyPath = '../../notifications-c5c54-a9705bfea23c.json';
$jsonKeyPath = 'secrets/notifications-c5c54-a9705bfea23c.json';
$accessToken = getAccessToken($jsonKeyPath);
@@ -84,31 +87,31 @@ $mysql_con = new mysqli("localhost", "web4_intranet", "WewJedjuAbEynk3", "web4_i
$allowed_contact_ids = [];
$all_mandants_query = "SELECT main_mandant_id FROM `main_collection_mandant_link` WHERE main_collection_id = ".(int)$news_id;
$all_mandants_query = "SELECT main_mandant_id FROM `main_collection_mandant_link` WHERE main_collection_id = " . (int) $news_id;
$sql_all_mandants = @mysqli_query($mysql_con, $all_mandants_query);
while ($row = @mysqli_fetch_assoc($sql_all_mandants)) {
$all_mandants[] = $row["main_mandant_id"];
}
$all_departments_query = "SELECT main_department_id FROM `main_collection_department_link` WHERE main_collection_id = ".(int)$news_id;
$all_departments_query = "SELECT main_department_id FROM `main_collection_department_link` WHERE main_collection_id = " . (int) $news_id;
$sql_all_departments = @mysqli_query($mysql_con, $all_departments_query);
while ($row = @mysqli_fetch_assoc($sql_all_departments)) {
$all_departments[] = $row["main_department_id"];
}
$all_fachbereich_query = "SELECT main_fachbereich_id FROM `main_collection_fachbereich_link` WHERE main_collection_id = ".(int)$news_id;
$all_fachbereich_query = "SELECT main_fachbereich_id FROM `main_collection_fachbereich_link` WHERE main_collection_id = " . (int) $news_id;
$sql_all_fachbereichs = @mysqli_query($mysql_con, $all_fachbereich_query);
while ($row = @mysqli_fetch_assoc($sql_all_fachbereichs)) {
$all_fachbereichs[] = $row["main_fachbereich_id"];
}
$all_einrichtungen_query = "SELECT main_einricht_id FROM `main_collection_einricht_link` WHERE main_collection_id = ".(int)$news_id;
$all_einrichtungen_query = "SELECT main_einricht_id FROM `main_collection_einricht_link` WHERE main_collection_id = " . (int) $news_id;
$sql_all_einrichtungen = @mysqli_query($mysql_con, $all_einrichtungen_query);
while ($row = @mysqli_fetch_assoc($sql_all_einrichtungen)) {
$all_einrichtungen[] = $row["main_einricht_id"];
}
$all_role_query = "SELECT main_role_id FROM `main_collection_role_link` WHERE main_collection_id = ".(int)$news_id;
$all_role_query = "SELECT main_role_id FROM `main_collection_role_link` WHERE main_collection_id = " . (int) $news_id;
$sql_all_rolles = @mysqli_query($mysql_con, $all_role_query);
while ($row = @mysqli_fetch_assoc($sql_all_rolles)) {
$all_rolles[] = $row["main_role_id"];
@@ -151,7 +154,7 @@ while ($row = mysqli_fetch_assoc($sql_get_all_contacts)) {
$allowed_contact_ids = array_unique($allowed_contact_ids);
foreach ($allowed_contact_ids as $cid) {
$query_contact_token = "SELECT * FROM token_contact WHERE contact_id = ".(int)$cid." AND in_system = 1 ORDER BY id DESC LIMIT 1";
$query_contact_token = "SELECT * FROM token_contact WHERE contact_id = " . (int) $cid . " AND in_system = 1 ORDER BY id DESC LIMIT 1";
$sql_contactn_token = @mysqli_query($mysql_con, $query_contact_token);
@@ -161,8 +164,10 @@ foreach ($allowed_contact_ids as $cid) {
$contactId = trim($row_token['contact_id'] ?? '');
$token = trim($row_token['token'] ?? '');
if ($contactId === '' || $contactId === 'undefined' ||
$token === '' || $token === 'undefined') {
if (
$contactId === '' || $contactId === 'undefined' ||
$token === '' || $token === 'undefined'
) {
continue;
}

View File

@@ -10,7 +10,7 @@ function get_certificate_contact_banner(){
$query = "SELECT * FROM main_contact LEFT JOIN main_contact_profile_content ON main_contact.id = main_contact_profile_content.main_contact_id WHERE main_contact_id = ".$GLOBALS['main_contact']['id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$main_contact = @mysqli_fetch_array($result);
$contact_image = "platzhalter-mann-compressor.jpg";
$contact_image = "platzhalter.png";
if(isset($main_contact['image']) && $main_contact['image'] != ""){
$contact_image = $main_contact['image'];
}?>

View File

@@ -10,7 +10,7 @@ function get_certificate_contact_banner(){
$query = "SELECT * FROM main_contact LEFT JOIN main_contact_profile_content ON main_contact.id = main_contact_profile_content.main_contact_id WHERE main_contact_id = ".$GLOBALS['main_contact']['id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$main_contact = @mysqli_fetch_array($result);
$contact_image = "platzhalter-mann-compressor.jpg";
$contact_image = "platzhalter.png";
if(isset($main_contact['image']) && $main_contact['image'] != ""){
$contact_image = $main_contact['image'];
}?>

View File

@@ -278,6 +278,7 @@ function save_collection($firstsave = FALSE)
$input_registration = ($_POST["input_registration"] == "on") ? 1 : 0;
$input_active = ($_POST["input_active"] == "on") ? 1 : 0;
$input_readable = ($_POST["input_readable"] == "on") ? 1 : 0;
$input_is_archived = (isset($_POST["input_is_archived"]) && $_POST["input_is_archived"] == "on") ? 1 : 0;
$registration_contactform_id = 0;
if ($input_registration == 1) {
@@ -312,7 +313,8 @@ function save_collection($firstsave = FALSE)
modified_date = " . time() . ",
modified_user = " . (int)$GLOBALS["admin_user"]['id'] . ",
active = 1,
readable = " . $input_readable . "
readable = " . $input_readable . ",
is_archived = " . $input_is_archived . "
WHERE id = '" . $_REQUEST["input_collection_id"] . "'
LIMIT 1";
$inserted = FALSE;
@@ -326,7 +328,7 @@ function save_collection($firstsave = FALSE)
$sorting = ($sorting["newsorting"] <> "") ? $sorting = $sorting["newsorting"] : $sorting = 1;
$insertquery = "INSERT INTO main_collection
(main_language_id, main_collection_setup_id, description, registration, registration_contactform_id, creation_date, modified_date, modified_user, validity_from, validity_to, sorting)
(main_language_id, main_collection_setup_id, description, registration, registration_contactform_id, creation_date, modified_date, modified_user, validity_from, validity_to, sorting, is_archived)
VALUES (
" . $GLOBALS["language"]['id'] . ",
'" . $collection_setup_id . "',
@@ -338,7 +340,8 @@ function save_collection($firstsave = FALSE)
" . (int)$GLOBALS["admin_user"]['id'] . ",
" . $input_validity_from . ",
" . $input_validity_to . ",
" . $sorting . "
" . $sorting . ",
" . $input_is_archived . "
)";
$inserted = TRUE;
}
@@ -1343,7 +1346,7 @@ function create_collection_input_field($fieldSetup, $collectionData) {
}else{
echo '<ul class="toolbar_menu">';
input("", "input_collection_link_".$fieldSetup['id'], "hidden", $data);
button("new", $translation->get("new"), $formname, "openGallery('input_collection_link_".$fieldSetup['id']."', 'collection_image_".$fieldSetup['id']."')", "", FALSE);
button("new", $translation->get("new"), $formname, "openGallery('input_collection_link_".$fieldSetup['id']."', 'collection_image_".$fieldSetup['id']."','collection', 'single')", "", FALSE);
button("delete", $translation->get("delete"), $formname, "delete_collection_image('input_collection_link_".$fieldSetup['id']."', 'collection_image_".$fieldSetup['id']."')", "", FALSE);
echo '</ul>';
$video_erweiterungen = array('mp4', 'avi', 'mkv', 'mov', 'wmv');
@@ -1938,6 +1941,56 @@ function copy_collection($addCopySuffix = TRUE) {
}
}
// Filegallery
if($lineRow['main_sitepart_id'] == 5) {
$query = "SELECT * FROM filegallery_header WHERE id = " . $lineRow['main_sitepart_header_id'];
$filegalleryHeader = @mysqli_query($GLOBALS['mysql_con'], $query);
if(@mysqli_num_rows($filegalleryHeader) > 0) {
if (!defined('PATH_ORIGINAL_FILEGALLERY')) {
require_once(MODULE_PATH . "filegallery/filegallery.config.inc.php");
}
$contentColumns = get_column_names_to_copy("filegallery_header");
$query = "INSERT INTO filegallery_header
SELECT " . join(", ", $contentColumns) . " FROM filegallery_header
WHERE id = " . $lineRow['main_sitepart_header_id'];
@mysqli_query($GLOBALS['mysql_con'], $query);
$newContentID = mysqli_insert_id($GLOBALS['mysql_con']);
insert_copy_link($lineRow['main_sitepart_header_id'], $newContentID, "filegallery_header");
$query = "UPDATE main_collection_link SET main_sitepart_header_id = '" . $newContentID . "' WHERE id = " . $newLineId;
@mysqli_query($GLOBALS['mysql_con'], $query);
$lineColumns = get_column_names_to_copy("filegallery_line");
$query = "SELECT * FROM filegallery_line WHERE header_id = " . $lineRow['main_sitepart_header_id'];
$filegalleryLineResult = @mysqli_query($GLOBALS['mysql_con'], $query);
while($filegalleryLineRow = @mysqli_fetch_array($filegalleryLineResult)) {
$finalLineColumns = $lineColumns;
$finalLineColumns['header_id'] = $newContentID;
$query = "INSERT INTO filegallery_line
SELECT " . join(", ", $finalLineColumns) . " FROM filegallery_line
WHERE id = " . $filegalleryLineRow['id'];
@mysqli_query($GLOBALS['mysql_con'], $query);
$newFilegalleryLineId = mysqli_insert_id($GLOBALS['mysql_con']);
insert_copy_link($filegalleryLineRow['id'], $newFilegalleryLineId, "filegallery_line");
if (!empty($filegalleryLineRow['filename'])) {
$filenameParts = explode('_', $filegalleryLineRow['filename'], 2);
$sourceFilename = $filegalleryLineRow['filename'];
$baseFilename = (count($filenameParts) === 2) ? $filenameParts[1] : $sourceFilename;
$targetFilename = $newFilegalleryLineId . "_" . $baseFilename;
if (file_exists(PATH_ORIGINAL_FILEGALLERY . $sourceFilename)) {
copy(PATH_ORIGINAL_FILEGALLERY . $sourceFilename, PATH_ORIGINAL_FILEGALLERY . $targetFilename);
$query = "UPDATE filegallery_line SET filename = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $targetFilename) . "' WHERE id = " . $newFilegalleryLineId;
@mysqli_query($GLOBALS['mysql_con'], $query);
}
}
}
}
}
// Youtube
if($lineRow['main_sitepart_id'] == 10) {

View File

@@ -59,7 +59,15 @@ $sorting_values = array(
</script>
<script type="text/javascript">
function showCollectionSavingLoader() {
jQuery('#overlay').show();
jQuery('#overlayWrapper').show();
jQuery('#overlayLoader').show();
}
function saveCollectionMasked(_close){
showCollectionSavingLoader();
var aFormData = new FormData();
// wird benoetigt damit die Inhalte des fckeditors uebertragen werden koennen
@@ -85,6 +93,8 @@ $sorting_values = array(
function saveCollection(_close) {
showCollectionSavingLoader();
var aFormData = new FormData();
// wird benoetigt damit die Inhalte des fckeditors uebertragen werden koennen
@@ -195,9 +205,12 @@ create_contactform_select($contactforms, $translation->get("registration_form"),
if ($input_collection["id"] != "" && is_page_edit() === FALSE) {
echo button("delete", $translation->get("delete"), $formname, "loadCard('delete_collection', true, '{$translation->get('delete_collection_confirm')}', true)", "", FALSE);
}
if ($input_collection["id"] != "") {
input("Archiv", "input_is_archived", "checkbox", (int)$input_collection["is_archived"] === 1 ? "on" : "");
}
// Zuruecksetzen
?>
</ul>
</li>

View File

@@ -92,8 +92,16 @@ while ($content = @mysqli_fetch_array($result)) {
$( "#overlaycrumb , .collectionform, .collections form#form_line_list " ).wrapAll( "<div class='collection-main-wrapper' />");
$( "ul.toolbar_menu.collection, .collection_form.collection " ).wrapAll( "<div class='collection-wrapper'></div>" );
function showCollectionSavingLoader() {
jQuery('#overlay').show();
jQuery('#overlayWrapper').show();
jQuery('#overlayLoader').show();
}
function saveCollection(_close) {
showCollectionSavingLoader();
var aFormData = new FormData();
// wird benoetigt damit die Inhalte des fckeditors uebertragen werden koennen

View File

@@ -38,7 +38,7 @@ function load_post($post_id, $category_id){
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$row = @mysqli_fetch_array($result);
$user = get_user_from_id($row['creation_contact']);
$user_image = 'platzhalter-mann-compressor.jpg';
$user_image = 'platzhalter.png';
if($user['image'] != ""){
$user_image = $user['image'];
}
@@ -151,7 +151,7 @@ function load_comments($post_id){
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($row = @mysqli_fetch_array($result)){
$user = get_user_from_id($row['main_contact_id']);
$user_image = 'platzhalter-mann-compressor.jpg';
$user_image = 'platzhalter.png';
if($user['image'] != ""){
$user_image = $user['image'];
}

View File

@@ -23,7 +23,7 @@ $input_collection_id = (isset($_REQUEST["input_collection_id"]) ? $_REQUEST["inp
<input type="hidden" id="module_input_filegallery_<?= $fieldSetup['id']; ?>" name="module_input_filegallery_<?= $fieldSetup['id']; ?>" value="" />
<ul class="toolbar_menu">
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_filegallery_".$fieldSetup['id']."', 'null', 'collection')", "", FALSE); ?>
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_filegallery_".$fieldSetup['id']."', 'null', 'collection', 'multi')", "", FALSE); ?>
<?= button("up", $translation->get("go_up"), $formname, "loadCard('moveup_line_filegallery')", "", FALSE); ?>
<?= button("down", $translation->get("go_down"), $formname, "loadCard('movedown_line_filegallery')", "", FALSE); ?>

View File

@@ -14,7 +14,7 @@ $input_component_id = (isset($_REQUEST["input_component_id"]) ? $_REQUEST["input
<h2><?php echo $translation->get("filegallery_field_headline"); ?></h2>
<ul class="toolbar_menu new">
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_filegallery_".$input_id."', 'null', 'filegallery')", "", FALSE); ?>
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_filegallery_".$input_id."', 'null', 'filegallery', 'single')", "", FALSE); ?>
<?= button("up", $translation->get("go_up"), $formname, "loadCard('moveup_line_filegallery')", "", FALSE); ?>
<?= button("down", $translation->get("go_down"), $formname, "loadCard('movedown_line_filegallery')", "", FALSE); ?>

View File

@@ -24,7 +24,7 @@ $input_collection_id = (isset($_REQUEST["input_collection_id"]) ? $_REQUEST["inp
<input type="hidden" id="module_input_gallery_<?= $fieldSetup['id']; ?>" name="module_input_gallery_<?= $fieldSetup['id']; ?>" value="" />
<ul class="toolbar_menu">
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_gallery_".$fieldSetup['id']."', 'null', 'collection')", "", FALSE); ?>
<?= button("new", $translation->get("new"), $formname, "openGallery('module_input_gallery_".$fieldSetup['id']."', 'null', 'collection', 'multi')", "", FALSE); ?>
<?= button("up", $translation->get("go_up"), $formname, "loadCard('moveup_line_gallery')", "", FALSE); ?>
<?= button("down", $translation->get("go_down"), $formname, "loadCard('movedown_line_gallery')", "", FALSE); ?>

View File

@@ -83,7 +83,7 @@ if ($messages !== null) {
<td>
<div class="label"><?php echo $translation->get("preview"); ?></div>
<?php echo $input_line['preview']; ?>
<input type="hidden" name="preview" value="<?php echo $input_line['preview']; ?>" />
<input type="hidden" name="preview" value="<?php echo htmlspecialchars($input_line['preview'], ENT_QUOTES, 'UTF-8'); ?>" />
</td>
<td>
@@ -158,5 +158,5 @@ if($input_line["id"] == "") {
}
</script>
<?php
} // end $input_line['preview'] != ""
}
?>

View File

@@ -2,9 +2,19 @@
$query = "SELECT * FROM image_header WHERE id = '" . $sitepart_id . "' LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 1) {
$image = @mysqli_fetch_array($result);
// Use module path for intranet images
if (!empty($image["content"]) && strpos($image["content"], 'intranet') !== false) {
$imagePath = '/module/' . ltrim($image["content"], '/');
} else {
$imagePath = '/userdata/' . ltrim($image["content"], '/');
}
echo "\n<div class=\"imgcontent\">\n";
echo "<img loading='lazy' src='/userdata/".$image["content"]."'>";
echo "<img loading='lazy' src='" . $imagePath . "'>";
echo "</div>\n";
}
?>

View File

@@ -3,6 +3,9 @@ support_login_listener();
if(isset($_SESSION['login_id']) && $_SESSION['login_id'] != 0){
// if ($_SESSION['login_id'] == "827") {
// $_SESSION['login_id'] = "351";
// }
check_if_read_collection($_GET['collection_id']);
update_contact_last_interaction($_SESSION['login_id']);
}else{
@@ -50,11 +53,18 @@ function support_login_listener() {
}
break;
case "change_mandant":
$current_mandant_id = $_GET['id'];
$query = "UPDATE main_contact SET current_mandant_id = $current_mandant_id WHERE id = ".$GLOBALS['main_contact']['id'];
@mysqli_query($GLOBALS['mysql_con'], $query);
$current_mandant_id = (int)$_GET['id'];
if ($current_mandant_id <= 0) {
$current_mandant_id = (int)$GLOBALS['main_contact']['master_mandant_id'];
}
$query = "UPDATE main_contact
SET current_mandant_id = {$current_mandant_id}
WHERE id = " . (int)$GLOBALS['main_contact']['id'];
mysqli_query($GLOBALS['mysql_con'], $query);
header('location:' . $_SERVER['HTTP_REFERER']);
break;
exit;
case "intranet_register_finish":
$password_hash = md5($_POST["input_password"]);
$email = $_POST["input_email"];

View File

@@ -7,6 +7,7 @@
require_once("../../mysyde/common/version_comment.inc.php");
require_once("intranet_functions.inc.php");
if (isset($_POST["fgztiknxbhhk"])) {
$_SESSION['login_id'] = $_POST["fgztiknxbhhk"];
header('location:/');

View File

@@ -263,7 +263,7 @@ function getList($current_mandant) {
echo '<tr class="contact_row">';
echo '<td class="contact_img_new">';
if ($value_users['image'] == "") {
echo "<img class='img-fluid' src='/userdata/intranet/contact/platzhalter-mann-compressor.jpg'>";
echo "<img class='img-fluid' src='/userdata/intranet/contact/platzhalter.png'>";
} else {
echo "<a data-fslightbox=" . $value_users['id'] . " href='/userdata/intranet/contact/" . $value_users['image'] . "'><img class='img-fluid' src='/userdata/intranet/contact/" . $value_users['image'] . "'></a>";
}
@@ -276,7 +276,7 @@ function getList($current_mandant) {
echo '<td>
<div style="cursor:pointer; width:16px; height:16px;"
onclick="open_modal_visitcard(\'' .
($value_users['image'] != "" ? $value_users['image'] : "platzhalter-mann-compressor.jpg") . '\', \'' .
($value_users['image'] != "" ? $value_users['image'] : "platzhalter.png") . '\', \'' .
$value_users['name'] . '\', \'' .
$value_users['email'] . '\', \'' .
$value_users['cost_center'] . '\', \'' .

Binary file not shown.

After

Width:  |  Height:  |  Size: 114 KiB

View File

@@ -27,7 +27,7 @@ function get_ceo($mandant_id){
function get_contact($image, $name, $email, $phone_no, $role_name) {
echo "<div class='group_container'>";
if($image == ""){
echo "<div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter-mann-compressor.jpg'></div>";
echo "<div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter.png'></div>";
}else {
echo "<div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/".$image."'></div>";
}

View File

@@ -27,7 +27,7 @@ WHERE
<div class="visitenkarte_kopf">
<a href="/awo/de/profil/">
<?php
$profile_image = 'platzhalter-mann-compressor.jpg';
$profile_image = 'platzhalter.png';
if($contact['image'] != ""){
$profile_image = $contact['image'];
}

View File

@@ -18,7 +18,7 @@ if (!$result) {
}
$contact = mysqli_fetch_array($result);
$contact_image = "platzhalter-mann-compressor.jpg";
$contact_image = "platzhalter.png";
if (!empty($contact['image'])) {
$contact_image = $contact['image'];
}

View File

@@ -51,7 +51,8 @@ function count_knowledgecenter(){
$opened = 0;
$closed = 0;
$read = 0;
$query = "SELECT DISTINCT main_collection.* FROM main_collection LEFT JOIN knowledgecenter_collection_link ON main_collection.id = knowledgecenter_collection_link.main_collection_id LEFT JOIN main_collection_mandant_link ON main_collection.id = main_collection_mandant_link.main_collection_id WHERE ((main_collection_mandant_link.main_collection_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id'].") OR main_collection_mandant_link.main_collection_id IS NULL) AND main_collection_setup_id = 3;";
$count = 0;
$query = "SELECT DISTINCT main_collection.* FROM main_collection LEFT JOIN knowledgecenter_collection_link ON main_collection.id = knowledgecenter_collection_link.main_collection_id LEFT JOIN main_collection_mandant_link ON main_collection.id = main_collection_mandant_link.main_collection_id WHERE ((main_collection_mandant_link.main_collection_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id'].") OR main_collection_mandant_link.main_collection_id IS NULL) AND main_collection_setup_id = 3 AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL);";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($posts = @mysqli_fetch_array($result)) {
$query2 = "SELECT * FROM main_collection_read WHERE main_collection_id = ".$posts['id']. " AND main_contact_id = ".$GLOBALS['main_contact']['id'];

View File

@@ -2,7 +2,7 @@
function get_custom_feed_posts(){
$if_query = "main_collection_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id'];
$query = "SELECT main_collection.* FROM main_collection LEFT JOIN main_collection_mandant_link ON main_collection.id = main_collection_mandant_link.main_collection_id WHERE ((".$if_query.") OR main_collection_id IS NULL) AND main_collection_setup_id = 3 ORDER BY sorting";
$query = "SELECT main_collection.* FROM main_collection LEFT JOIN main_collection_mandant_link ON main_collection.id = main_collection_mandant_link.main_collection_id WHERE ((".$if_query.") OR main_collection_id IS NULL) AND main_collection_setup_id = 3 AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL) ORDER BY sorting";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($posts = @mysqli_fetch_array($result)) {
$query2 = "SELECT * FROM main_collection_read WHERE main_collection_id = ".$posts['id']. " AND main_contact_id = ".$GLOBALS['main_contact']['id'];

View File

@@ -12,14 +12,15 @@ try {
function search($search)
{
$search_escaped = mysqli_real_escape_string($GLOBALS['mysql_con'], $search);
$archiveWhere = "(is_archived = 0 OR is_archived IS NULL)";
$array = array();
$array[] = 0;
$query = "SELECT * FROM main_collection WHERE main_collection_setup_id = 3";
$query = "SELECT * FROM main_collection WHERE main_collection_setup_id = 3 AND " . $archiveWhere;
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($collection = @mysqli_fetch_array($result)) {
$query3 = "SELECT * FROM main_collection WHERE id = '" . $collection['id'] . "' AND description LIKE '%" . $search_escaped . "%'";
$query3 = "SELECT * FROM main_collection WHERE id = '" . $collection['id'] . "' AND " . $archiveWhere . " AND description LIKE '%" . $search_escaped . "%'";
$result3 = @mysqli_query($GLOBALS['mysql_con'], $query3);
if ($result3 !== null) {
if (@mysqli_num_rows($result3) >= 1) {
@@ -55,7 +56,7 @@ try {
}
}
$query = "SELECT main_collection.* FROM main_collection WHERE id IN (" . join(",", $array) . ")";
$query = "SELECT main_collection.* FROM main_collection WHERE (is_archived = 0 OR is_archived IS NULL) AND id IN (" . join(",", $array) . ")";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 0) {
echo "Keine Suchergebnisse gefunden.";
@@ -90,7 +91,7 @@ try {
function all_posts()
{
$query = "SELECT DISTINCT main_collection.* FROM main_collection LEFT JOIN knowledgecenter_collection_link ON main_collection.id = knowledgecenter_collection_link.main_collection_id WHERE main_collection_setup_id = 3";
$query = "SELECT DISTINCT main_collection.* FROM main_collection LEFT JOIN knowledgecenter_collection_link ON main_collection.id = knowledgecenter_collection_link.main_collection_id WHERE main_collection_setup_id = 3 AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL)";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$count = @mysqli_num_rows($result);
?>
@@ -157,7 +158,7 @@ try {
function marked_posts()
{
$query = "SELECT COUNT(*) AS count FROM main_collection_mark WHERE main_contact_id = " . $GLOBALS['main_contact']['id'];
$query = "SELECT COUNT(*) AS count FROM main_collection_mark INNER JOIN main_collection ON main_collection.id = main_collection_mark.main_collection_id WHERE main_contact_id = " . $GLOBALS['main_contact']['id'] . " AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL)";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$count = @mysqli_fetch_array($result); ?>
<div id="show_bookmarks" class='kc_content_card'>
@@ -191,7 +192,7 @@ try {
function bookmarks()
{
$query = "SELECT * FROM main_collection LEFT JOIN main_collection_mark ON main_collection.id = main_collection_mark.main_collection_id WHERE main_contact_id = " . $GLOBALS['main_contact']['id'];
$query = "SELECT * FROM main_collection LEFT JOIN main_collection_mark ON main_collection.id = main_collection_mark.main_collection_id WHERE main_contact_id = " . $GLOBALS['main_contact']['id'] . " AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL)";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
?>
<div class="close">
@@ -246,7 +247,7 @@ try {
function count_posts($category_id)
{
$query = "SELECT knowledgecenter_collection_link.* FROM knowledgecenter_collection_link LEFT JOIN main_collection_mandant_link ON knowledgecenter_collection_link.main_collection_id = main_collection_mandant_link.main_collection_id WHERE knowledgecenter_category_id = " . $category_id;
$query = "SELECT knowledgecenter_collection_link.* FROM knowledgecenter_collection_link INNER JOIN main_collection ON main_collection.id = knowledgecenter_collection_link.main_collection_id LEFT JOIN main_collection_mandant_link ON knowledgecenter_collection_link.main_collection_id = main_collection_mandant_link.main_collection_id WHERE knowledgecenter_category_id = " . $category_id . " AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL)";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 0) {
return;
@@ -343,7 +344,7 @@ try {
$left_joint_main_fachbereich = "LEFT JOIN main_collection_fachbereich_link ON main_collection.id = main_collection_fachbereich_link.main_collection_id";
$left_joint_main_einricht = "LEFT JOIN main_collection_einricht_link ON main_collection.id = main_collection_einricht_link.main_collection_id";
$query = "SELECT DISTINCT main_collection.* FROM main_collection " . $left_joint_main_mandant . " " . $left_join_main_department . " " . $left_joint_main_fachbereich . " " . $left_joint_main_einricht . " " . $left_joint_main_role . " LEFT JOIN knowledgecenter_collection_link ON knowledgecenter_collection_link.main_collection_id = main_collection.id WHERE knowledgecenter_collection_link.knowledgecenter_category_id = $category_id AND knowledgecenter_category_id != 0 AND (main_collection_department_link.main_department_id IN(" . implode(",", $department) . ") OR main_collection_department_link.main_department_id IS NULL) AND (main_collection_mandant_link.main_mandant_id IN(" . implode(",", $mandants) . ") OR main_collection_mandant_link.main_mandant_id IS NULL) AND (main_collection_fachbereich_link.main_fachbereich_id IN(" . implode(",", $fachbereiches) . ") OR main_collection_fachbereich_link.main_fachbereich_id IS NULL) AND (main_collection_einricht_link.main_einricht_id IN(" . implode(",", $einrichts) . ") OR main_collection_einricht_link.main_einricht_id IS NULL) AND (main_collection_role_link.main_role_id IN(" . implode(",", $role) . ") OR main_collection_role_link.main_role_id IS NULL) ORDER BY main_collection.description ASC";
$query = "SELECT DISTINCT main_collection.* FROM main_collection " . $left_joint_main_mandant . " " . $left_join_main_department . " " . $left_joint_main_fachbereich . " " . $left_joint_main_einricht . " " . $left_joint_main_role . " LEFT JOIN knowledgecenter_collection_link ON knowledgecenter_collection_link.main_collection_id = main_collection.id WHERE knowledgecenter_collection_link.knowledgecenter_category_id = $category_id AND knowledgecenter_category_id != 0 AND (main_collection.is_archived = 0 OR main_collection.is_archived IS NULL) AND (main_collection_department_link.main_department_id IN(" . implode(",", $department) . ") OR main_collection_department_link.main_department_id IS NULL) AND (main_collection_mandant_link.main_mandant_id IN(" . implode(",", $mandants) . ") OR main_collection_mandant_link.main_mandant_id IS NULL) AND (main_collection_fachbereich_link.main_fachbereich_id IN(" . implode(",", $fachbereiches) . ") OR main_collection_fachbereich_link.main_fachbereich_id IS NULL) AND (main_collection_einricht_link.main_einricht_id IN(" . implode(",", $einrichts) . ") OR main_collection_einricht_link.main_einricht_id IS NULL) AND (main_collection_role_link.main_role_id IN(" . implode(",", $role) . ") OR main_collection_role_link.main_role_id IS NULL) ORDER BY main_collection.description ASC";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result) == 0) {
return;

View File

@@ -10,7 +10,7 @@ function get_contact_banner(){
$query = "SELECT * FROM main_contact LEFT JOIN main_contact_profile_content ON main_contact.id = main_contact_profile_content.main_contact_id WHERE main_contact_id = ".$GLOBALS['main_contact']['id'];
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$main_contact = @mysqli_fetch_array($result);
$contact_image = "platzhalter-mann-compressor.jpg";
$contact_image = "platzhalter.png";
if(isset($main_contact['image']) && $main_contact['image'] != ""){
$contact_image = $main_contact['image'];
}?>

View File

@@ -6,11 +6,11 @@ function get_all_knowledgebase_articles($period = "") {
if ($period == "") {
$query = "SELECT * FROM `main_collection` where main_collection_setup_id = 3 and description != '' ORDER BY creation_date DESC LIMIT 30";
$query = "SELECT * FROM `main_collection` WHERE main_collection_setup_id = 3 AND (is_archived = 0 OR is_archived IS NULL) AND description != '' ORDER BY creation_date DESC LIMIT 30";
} else {
// Zeitraum in Tagen in Timestamp umwandeln
$timestamp = time() - ($period * 24 * 60 * 60);
$query = "SELECT * FROM `main_collection` where main_collection_setup_id = 3 and creation_date >= $timestamp and description != '' ORDER BY creation_date DESC";
$query = "SELECT * FROM `main_collection` WHERE main_collection_setup_id = 3 AND (is_archived = 0 OR is_archived IS NULL) AND creation_date >= $timestamp AND description != '' ORDER BY creation_date DESC";
}
$result = mysqli_query($GLOBALS['mysql_con'], $query);

View File

@@ -0,0 +1,417 @@
:root {
--main-nav-hight: 200px;
--ticket-nav-hight: 200px;
--cardform_header-height: 90px;
}
@media (width < 1200px) {
:root {
--main-nav-hight: 260px;
}
}
@media (width < 991px) {
:root {
--main-nav-hight: 0px;
}
#hero_content {
display: none !important;
}
.cardform_body_left {
display: none;
}
}
body {
overflow: hidden;
}
.ticket_edit {
.cardform_content .container {
padding: 0px;
}
}
#area-2 {
padding: 0px;
>.container {
padding-left: 0px !important;
padding-right: 0px !important;
}
}
.tickets_cardform {
min-height: calc(100dvh - var(--main-nav-hight));
max-height: calc(100dvh - var(--main-nav-hight));
height: calc(100dvh - var(--main-nav-hight));
background: var(--bg-white);
.cardform_header {
padding: 20px 30px 20px 30px;
border-bottom: 1px solid var(--border);
display: flex;
justify-content: space-between;
.cardform_header_left {
display: flex;
align-items: center;
gap: 10px;
h2 {
margin-bottom: 0px;
}
}
.cardform_header_right {
display: flex;
gap: 10px;
align-items: center;
a {
display: block;
}
}
}
.cardform_body {
display: flex;
max-height: calc(100% - var(--cardform_header-height));
height: 100%;
.cardform_body_left {
flex: 1 1 25%;
padding: 10px;
border-right: 1px solid var(--border);
@media (width < 991px) {
display: none;
}
&.is-closed {
width: 40px;
flex: unset;
.ticket_list {
display: none;
}
h3 {
display: none;
}
.body_left_line {
button {
i {
transform: rotate(180deg);
}
}
}
}
.body_left_line {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 10px;
button {
background: var(--blur);
color: var(--fc-dark);
font-size: var(--fs-500);
padding: 8px;
text-align: left;
font-size: var(--fs-500);
padding: 4px;
}
}
.ticket_list {
height: calc(100% - 33px);
overflow-y: scroll;
display: flex;
flex-direction: column;
-ms-overflow-style: none;
/* IE and old Edge */
scrollbar-width: none;
/* Firefox */
.ticket_card {
position: relative;
a {
position: absolute;
top: 0px;
left: 0px;
width: 100%;
height: 100%;
}
font-size: 14px;
border: 1px solid var(--border);
border-radius: 5px;
padding: 10px;
margin-bottom: 10px;
transition-duration: 200ms;
&:hover {
border-color: var(--primary);
background-color: #FAFAFA;
transition-duration: 200ms;
}
&.active {
background-color: #FAFAFA;
}
.card_header {
display: flex;
.ticket_status {
font-size: 12px;
padding: 2px 5px;
border-radius: 3px;
background-color: #000;
color: #fff;
}
}
.card_body {
display: flex;
gap: 5px;
margin-top: 3px;
.ticket_no {
font-weight: var(--fw-bold);
}
.ticket_desc {
font-weight: var(--fw-bold);
}
}
.card_footer {
color: gray;
}
}
}
}
.cardform_body_middle {
flex: 1 1 45%;
/* padding-left: 20px; */
/* padding-right: 20px; */
background-color: #F6F5F8;
.communication {
height: 100%;
.messages_scroll_container {
min-height: calc(100% - 200px);
max-height: calc(100% - 200px);
overflow-y: auto;
display: flex;
flex-direction: column-reverse;
padding-left: 20px;
padding-right: 20px;
}
.communication_toolbar {
max-height: 200px;
padding-left: 20px;
padding-right: 20px;
background: #fff;
height: 200px;
border-top: 1px solid var(--border);
&.communication_toolbar--closed {
display: flex;
align-items: center;
justify-content: center;
p {
margin: 0;
color: gray;
font-size: var(--fs-500);
}
}
}
}
}
.cardform_body_right {
flex: 1 1 30%;
border-left: 1px solid var(--border);
padding: 16px;
overflow-y: scroll;
@media (width < 991px) {
position: fixed;
top: 60px;
right: 0px;
width: 90dvw;
height: calc(100dvh - 60px);
z-index: 100;
background-color: #fff;
padding-bottom: 100px;
}
&.is-closed {
width: 50px;
flex: unset;
@media (width < 991px) {
position: static;
}
h3 {
display: none;
}
.ticketinfo_body {
display: none;
}
.ticketinfo_header_status {
display: none;
}
}
.ticketinfo_header {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 20px;
.ticketinfo_header_title {
display: flex;
gap: 10px;
align-items: center;
h3 {
margin-bottom: 0px;
}
button {
background: var(--blur);
color: var(--fc-dark);
font-size: var(--fs-500);
padding: 8px;
text-align: left;
font-size: var(--fs-500);
padding: 4px;
}
}
.ticketinfo_header_status {
font-size: 12px;
padding: 4px 5px;
border-radius: 3px;
background-color: #000;
color: #fff;
}
}
.ticketinfo_body {
h3 {
border-top: 1px solid var(--border);
padding-top: 12px;
margin-top: 12px;
}
.ticketinfo_item {
display: flex;
justify-content: space-between;
align-items: center;
margin-bottom: 6px;
.ticketinfo_item_links {
font-size: var(--fs-500);
color: gray;
width: 50%;
}
.ticketinfo_item_right {
width: 50%;
font-weight: 700;
}
}
}
}
}
}
* {
scrollbar-color: unset;
}
@media (width < 768px) {
form#form_ticket_card {
padding-bottom: 85px;
}
body {
overflow: auto;
}
}
.close-ticket-modal {
display: none;
position: fixed;
top: 0;
left: 0;
width: 100%;
height: 100%;
background: rgba(0, 0, 0, 0.5);
z-index: 1000;
.close-ticket-modal-content {
position: absolute;
top: 50%;
left: 50%;
transform: translate(-50%, -50%);
background: white;
padding: 20px;
border-radius: 8px;
min-width: 300px;
border: 1px solid var(--border);
}
.close-ticket-warning {
color: #d32f2f;
font-weight: bold;
}
.close-ticket-modal-buttons {
text-align: right;
gap: 10px;
display: flex;
justify-content: flex-end;
margin-top: 20px;
.btn-cancel {
background: #ededed;
text-align: center;
padding: 10px;
border-radius: var(--br);
color: black;
}
.btn-confirm {
background: var(--clr-mandant);
color: var(--fc-white-8);
padding: 10px 15px;
border-radius: var(--br);
cursor: pointer;
border: none;
}
}
}

View File

@@ -0,0 +1,55 @@
:root {
--main-nav-width: 250px;
--ticket-nav-width: 200px;
}
.ticket_edit {
.create_cardform_content .container {
padding: 0px;
}
}
#area-2 {
padding: 0px;
> .container {
padding-left: 0px !important;
padding-right: 0px !important;
}
}
.tickets_create_cardform {
min-height: calc(100dvh - var(--ticket-nav-width));
background: var(--bg-white);
.create_cardform_header {
padding: 20px 30px 20px 30px;
border-bottom: 1px solid var(--border);
display: flex;
justify-content: space-between;
.create_cardform_header_left {
display: flex;
align-items: center;
gap: 10px;
h2 {
margin-bottom: 0px;
}
}
.create_cardform_header_right {
a {
display: block;
}
}
}
.create_cardform_body {
.create_cardform_content {
display: flex;
gap: 30px;
.create_cardform_content_left {
width: 50%;
padding: 30px;
}
.create_cardform_content_right {
width: 50%;
}
}
}
}

View File

@@ -0,0 +1,140 @@
:root {
--main-nav-width: 250px;
--ticket-nav-width: 300px;
}
#area-2 {
padding: 0px;
> .container {
padding: 0px;
}
}
#footer-header {
display: none;
}
.listform_body {
display: flex;
.listform_navigation {
width: var(--ticket-nav-width);
display: flex;
flex-direction: column;
background: var(--bg-white);
border: 1px solid var(--border);
padding: 12px;
gap: 4px;
min-height: calc(100dvh - 200px);
/* min-height: calc(100% - 200px); */
position: sticky;
top: 0px;
.listform_navigation_header {
display: flex;
flex-direction: column;
gap: 4px;
button {
background: var(--blur);
color: var(--fc-dark);
font-size: var(--fs-500);
padding: 8px;
text-align: left;
&.active {
background: var(--clr-mandant);
color: var(--fc-white-8);
}
}
a[role="button"] {
border-radius: var(--br);
background: var(--clr-mandant);
color: var(--fc-white-8);
font-size: var(--fs-500);
padding: 8px;
text-align: left;
margin-bottom: 10px;
}
.listform_navigation_header_line {
display: flex;
justify-content: space-between;
align-items: center;
button {
padding: 4px;
}
}
}
&.is-closed {
overflow: hidden;
width: unset;
.to-hide-on-close {
display: none;
}
i {
transform: rotate(180deg);
}
}
}
.listform_content {
flex: 1;
/* padding: 20px 20px 20px 20px; */
padding-top: 20px;
background: var(--bg-white);
padding-bottom: 100px;
overflow-x: scroll;
#grid {
.gridjs-head {
padding-top: 0px;
}
}
}
}
#grid {
height: 100%;
}
.gridjs-container {
position: relative;
padding: 0px !important;
height: 100%;
.gridjs-head {
padding-left: 20px;
}
.gridjs-wrapper {
border: unset;
box-shadow: unset;
border-radius: 0px;
overflow-x: auto;
-webkit-overflow-scrolling: touch;
.gridjs-thead {
tr.gridjs-tr {
th.gridjs-th {
padding: 6px 14px;
/* background-color: var(--bg-white); */
/* border-bottom: 1px solid var(--border); */
color: var(--fc-dark);
}
}
}
.gridjs-tbody {
cursor: pointer;
tr.gridjs-tr {
&:hover {
background-color: #f9fafb;
td {
background-color: #f9fafb;
}
}
td.gridjs-td {
padding: 6px 14px;
}
}
}
}
.gridjs-footer {
border: unset;
box-shadow: unset;
position: fixed;
bottom: 0px;
width: stretch;
background-color: var(--bg-white);
border-top: 1px solid var(--border);
}
}

File diff suppressed because one or more lines are too long

View File

@@ -1,4 +1,3 @@
/* Ticketcenter */
.ticketcenter {
@@ -372,7 +371,7 @@ i.fa-solid.fa-circle-exclamation {
.history {
padding: 1rem;
border-left: 1px solid var(--border);
/* border-left: 1px solid var(--border); */
}
table#service_item_create td {
@@ -476,12 +475,6 @@ table#service_item_create td input {
border: 1px solid var(--border);
}
.messages_scroll_container {
overflow-y: scroll;
height: 500px;
display: flex;
flex-direction: column-reverse;
}
p.date {
font-size: 12px;
@@ -663,8 +656,7 @@ a.button_send_message_button {
.message.outbound {
width: 100%;
margin-left: auto;
background: var(--blue-accent);
color: white;
background: var(--bg-white);
}
.info_labels label div {
@@ -679,7 +671,7 @@ a.button_send_message_button {
padding-bottom: 0 !important;
}
.card_header {
/* .card_header {
display: flex;
align-items: center;
justify-content: space-between;
@@ -687,7 +679,7 @@ a.button_send_message_button {
padding: 0.5rem;
padding-inline: 1rem;
min-height: 57px;
}
} */
.card_title h3 {
margin: 0;
@@ -736,9 +728,11 @@ body.wiki .subcategory {
left: 50%;
transform: translateX(-50%);
}
.pct_read{
.pct_read {
margin-bottom: 10px;
}
.pct_status {
height: 10px;
background: #5a9c9d;
@@ -747,6 +741,7 @@ body.wiki .subcategory {
position: relative;
}
}
body.wiki .category {
.pct_textcontent:after {
content: '';
@@ -760,9 +755,11 @@ body.wiki .category {
left: 50%;
transform: translateX(-50%);
}
.pct_read{
.pct_read {
margin-bottom: 10px;
}
.pct_status {
height: 10px;
background: #5a9c9d;
@@ -775,7 +772,7 @@ body.wiki .category {
.unreaded {
border: 1px solid red !important;
}
}
@@ -933,9 +930,9 @@ body.ticket_edit {
position: unset;
}
div#hero_content {
/* div#hero_content {
height: unset;
}
} */
.modal.category_edit {
max-width: 600px;
@@ -1008,26 +1005,34 @@ body.ticket_edit {
/* Ticketcenter Ende */
body.ticketcenter, body.servicecenter {
body.ticketcenter,
body.servicecenter {
background-image: url(/userdata/01_Basis/Intranet_bg.webp) !important;
}
.ticketcenter .right_toolbar a[role="button"].active {
border-bottom: 2px solid var(--clr-mandant);
}
}
.ticketcenter .right_toolbar a[role="button"]:hover {
.ticketcenter .right_toolbar a[role="button"]:hover {
border-bottom: 2px solid var(--clr-mandant);
}
}
.ticketcenter .right_toolbar {
.ticketcenter .right_toolbar {
border-bottom: 1px solid var(--border);
}
}
.ticketcenter .right_toolbar a[role="button"] {
.ticketcenter .right_toolbar a[role="button"] {
background: transparent;
border: 0;
color: var(--fc-primary);
padding: 5px 10px;
border-radius: 0;
}
}
.footer-header_1 {
display: none;
}
.footer-header_2 {
display: none;
}

View File

@@ -0,0 +1,222 @@
$(document).ready(function () {
// Hole die aktuelle URL
var currentUrl = window.location.href;
// Überprüfen, ob ?action= in der URL vorhanden ist
if (currentUrl.indexOf("?action=") !== -1) {
// Entferne den Teil ab ?action=, inkl. allem, was danach kommt
var newUrl = currentUrl.split("?action=")[0];
// Aktualisiere die URL ohne Neuladen der Seite
window.history.replaceState(null, null, newUrl);
}
});
document.addEventListener("DOMContentLoaded", function () {
// Initial load of category data
const categorySelect = document.getElementById('input_category');
if (categorySelect) {
let selectedId = categorySelect.value;
removeAjaxContent();
// Initial AJAX call
fetchCategoryData(selectedId);
// Add change event listener to category select
categorySelect.addEventListener('change', function() {
selectedId = this.value;
removeAjaxContent();
fetchCategoryData(selectedId);
getCategoryDescription();
});
// Initial description load
getCategoryDescription();
}
});
// Helper function to remove ajax content
function removeAjaxContent() {
const ajaxContents = document.querySelectorAll('.ajax-content');
ajaxContents.forEach(content => content.remove());
}
// Helper function to remove ajax subcontent
function removeAjaxSubContent() {
const ajaxSubContents = document.querySelectorAll('.ajax-subcontent');
ajaxSubContents.forEach(content => content.remove());
}
// Fetch category data via AJAX
function fetchCategoryData(categoryId) {
$.ajax({
url: '/module/ticketcenter/views/ticketcenter/show_ticketcenter_ajax.php',
type: 'POST',
data: { category_id: categoryId },
success: function (response) {
const categorySelect = document.getElementById('input_category');
const parentDiv = categorySelect.parentNode;
// Insert response after the parent div
const ajaxContent = document.createElement('div');
ajaxContent.className = 'ajax-content';
ajaxContent.innerHTML = response;
parentDiv.after(ajaxContent);
// Add event listener to subcategory select if it exists
const subcategorySelect = document.getElementById('input_subcategory');
if (subcategorySelect) {
subcategorySelect.addEventListener('change', function() {
getSubCategoryDescription();
getSubSubCategory();
});
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getCategoryDescription() {
const categorySelect = document.getElementById('input_category');
const selectedId = categorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".category_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/views/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'category_desc';
descDiv.innerHTML = "<h5>Kategoriebeschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("afterbegin", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubCategoryDescription() {
const subcategorySelect = document.getElementById('input_subcategory');
if (!subcategorySelect) return;
const selectedId = subcategorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".subcategory_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/views/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'subcategory_desc';
descDiv.style.marginTop = '20px';
descDiv.innerHTML = "<h5>Unterkategoriebeschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("beforeend", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubSubCategoryDescription() {
const subsubcategorySelect = document.getElementById('input_subsubcategory');
if (!subsubcategorySelect) return;
const selectedId = subsubcategorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".subsubcategory_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/views/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'subsubcategory_desc';
descDiv.style.marginTop = '20px';
descDiv.innerHTML = "<h5>Beschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("beforeend", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubSubCategory() {
const subcategorySelect = document.getElementById('input_subcategory');
if (!subcategorySelect) return;
const selectedId = subcategorySelect.value;
removeAjaxSubContent();
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_subcategory_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const parentDiv = subcategorySelect.parentNode;
// Insert response after the parent div
const ajaxSubContent = document.createElement('div');
ajaxSubContent.className = 'ajax-subcontent';
ajaxSubContent.innerHTML = response;
parentDiv.after(ajaxSubContent);
// Add event listener to subsubcategory select if it exists
const subsubcategorySelect = document.getElementById('input_subsubcategory');
if (subsubcategorySelect) {
subsubcategorySelect.addEventListener('change', function() {
getSubSubCategoryDescription();
});
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}

View File

@@ -0,0 +1,3 @@
function toggleSideboard(sideboard) {
document.querySelector(sideboard).classList.toggle('is-closed');
}

File diff suppressed because one or more lines are too long

View File

@@ -17,28 +17,309 @@ if (is_dir($envDir) && file_exists($envFilePath) && is_file($envFilePath) && is_
$dotenv = new \Dotenv\Dotenv($envDir);
$dotenv->load();
}
$common = $mysydeDir ."/common/common_functions.inc.php";
$common = $mysydeDir . "/common/common_functions.inc.php";
require_once($common);
$connEnv = (local_environment()) ? $mysydeDir."/dc.config.php" : $mysydeDir."/dc-server.config.php";
$connEnv = (local_environment()) ? $mysydeDir . "/dc.config.php" : $mysydeDir . "/dc-server.config.php";
require_once($connEnv);
db_connect();
function parse_ids_list(?string $csv): array
{
if ($csv === null)
return [];
$csv = trim($csv);
if ($csv === '')
return [];
switch ($_POST['action']) {
$parts = explode(',', $csv);
$out = [];
foreach ($parts as $p) {
$p = trim($p);
if ($p === '')
continue;
if (ctype_digit($p))
$out[] = (int) $p;
}
$out = array_values(array_unique($out));
return $out;
}
function build_user_pairs(array $contact_rows): array
{
$pairs = [];
foreach ($contact_rows as $row) {
$m = $row['main_mandant_id'] ?? null;
$d = $row['main_department_id'] ?? null;
if ($m === null || $d === null)
continue;
if (!is_numeric($m) || !is_numeric($d))
continue;
$pairs[((int) $m) . ':' . ((int) $d)] = true;
}
return $pairs; // associative set
}
function user_can_see_ticket(int $contact_id, array $user_pairs, array $ticket): bool
{
$contact_ids = parse_ids_list($ticket['contact_ids'] ?? null);
$mandant_ids = parse_ids_list($ticket['mandant_ids'] ?? null);
$department_ids = parse_ids_list($ticket['department_ids'] ?? null);
if (!empty($contact_ids) && in_array($contact_id, $contact_ids, true)) {
return true;
}
$mandant_unrestricted = empty($mandant_ids);
$department_unrestricted = empty($department_ids);
if ($mandant_unrestricted && $department_unrestricted) {
return true;
}
if (!$mandant_unrestricted && $department_unrestricted) {
foreach ($user_pairs as $pairKey => $_) {
[$um, $ud] = array_map('intval', explode(':', $pairKey, 2));
if (in_array($um, $mandant_ids, true))
return true;
}
return false;
}
if ($mandant_unrestricted && !$department_unrestricted) {
foreach ($user_pairs as $pairKey => $_) {
[$um, $ud] = array_map('intval', explode(':', $pairKey, 2));
if (in_array($ud, $department_ids, true))
return true;
}
return false;
}
foreach ($mandant_ids as $m) {
foreach ($department_ids as $d) {
if (isset($user_pairs[$m . ':' . $d])) {
return true;
}
}
}
return false;
}
function filter_tickets_for_user(int $contact_id, array $contact_rows, array $tickets): array
{
$user_pairs = build_user_pairs($contact_rows);
$out = [];
foreach ($tickets as $ticket) {
if (user_can_see_ticket($contact_id, $user_pairs, $ticket)) {
$out[] = $ticket;
}
}
return $out;
}
$json = file_get_contents('php://input');
$data = json_decode($json, true);
switch ($data['action']) {
case 'get_tickets':
get_tickets();
get_tickets($data);
break;
case 'getSubCategories':
get_sub_categories($data);
break;
case 'getParendCategories':
get_parent_categories($data);
break;
case 'getCategorieInfo':
get_categorie_info($data);
break;
default:
echo json_encode(['error' => 'Invalid action']);
break;
}
function get_tickets() {
$contact = $_SESSION['main_contact'];
$contact_json = json_encode($contact);
function get_categorie_info($data)
{
$category_id = $data['category_id'] ?? '';
return json_encode(['contact' => $contact_json]);
$query = "SELECT id, description, text FROM main_tickets_category WHERE id = :category_id";
$stmt = $GLOBALS['pdo_conn']->prepare($query);
$stmt->bindParam(':category_id', $category_id);
$stmt->execute();
$category_info = $stmt->fetch(PDO::FETCH_ASSOC);
echo json_encode($category_info);
}
function get_parent_categories($data)
{
$query = "SELECT id, description, text FROM main_tickets_category WHERE parent_id IS NULL ORDER BY sorting";
$stmt = $GLOBALS['pdo_conn']->prepare($query);
$stmt->execute();
$parent_categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode($parent_categories);
}
function get_sub_categories($data)
{
$category_id = $data['category_id'] ?? '';
$query = "SELECT id, description, text FROM main_tickets_category WHERE parent_id = :category_id ORDER BY sorting";
$stmt = $GLOBALS['pdo_conn']->prepare($query);
$stmt->bindParam(':category_id', $category_id);
$stmt->execute();
$sub_categories = $stmt->fetchAll(PDO::FETCH_ASSOC);
echo json_encode($sub_categories);
}
function get_tickets($data)
{
$cue = $data['cue'] ?? '';
$contact_id = $data['contactID'] ?? '';
$query = "SELECT
main_contact.id AS contact_id,
main_contact_department.main_mandant_id,
main_contact_department.main_department_id,
main_contact_department.main_role_id,
main_contact_department.main_bereich_id,
main_contact_department.main_einricht_id
FROM main_contact
LEFT JOIN main_contact_department AS main_contact_department ON main_contact_department.main_contact_id = main_contact.id
WHERE main_contact.id = :contact_id
";
$stmt = $GLOBALS['pdo_conn']->prepare($query);
$stmt->bindParam(':contact_id', $contact_id);
$stmt->execute();
$contact_rows = $stmt->fetchAll(PDO::FETCH_ASSOC);
switch ($cue) {
case '1000':
$where = "WHERE main_tickets.sender_id = :contact_id
AND current_state != 4";
break;
case '2000':
$where = "WHERE main_tickets.receiver_id = :contact_id
AND current_state != 4";
break;
case '3000':
$where = "WHERE current_state != 4";
break;
case '4000':
$where = "WHERE main_tickets.current_state = 4";
break;
case '6000':
$where = "";
break;
case '7000':
$where = "WHERE main_tickets.receiver_id = 0";
break;
case '8000':
$where = "WHERE main_tickets.insurance_claim = 1";
break;
default:
$where = "";
break;
}
$query = "SELECT
main_tickets.id,
main_tickets.id AS 'ticket_no',
main_tickets.description,
main_tickets.creation_date,
receiver.name AS 'receiver',
sender.name AS 'sender',
main_tickets_category.description AS 'category_description',
individual_state.description AS 'individual_state_description',
GROUP_CONCAT(DISTINCT main_tickets_category_mandant.main_mandant_id) AS mandant_ids,
GROUP_CONCAT(DISTINCT main_tickets_category_department.main_department_id) AS department_ids,
GROUP_CONCAT(DISTINCT main_tickets_category_contact.main_contact_id) AS contact_ids
FROM main_tickets
LEFT JOIN main_contact AS receiver ON receiver.id = main_tickets.receiver_id
LEFT JOIN main_contact AS sender ON sender.id = main_tickets.sender_id
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_status AS individual_state ON individual_state.id = main_tickets.individual_state
LEFT JOIN main_tickets_category_mandant AS main_tickets_category_mandant ON main_tickets_category_mandant.main_tickets_category_id = main_tickets.main_ticket_category_id
LEFT JOIN main_tickets_category_department AS main_tickets_category_department ON main_tickets_category_department.main_tickets_category_id = main_tickets.main_ticket_category_id
LEFT JOIN main_tickets_category_contact AS main_tickets_category_contact ON main_tickets_category_contact.main_tickets_category_id = main_tickets.main_ticket_category_id
$where
GROUP BY main_tickets.id
";
$stmt = $GLOBALS['pdo_conn']->prepare($query);
switch ($cue) {
case '1000':
$stmt->bindParam(':contact_id', $contact_id, PDO::PARAM_INT);
break;
case '2000':
$stmt->bindParam(':contact_id', $contact_id, PDO::PARAM_INT);
break;
case '3000':
break;
case '4000':
break;
case '5000':
break;
case '6000':
break;
case '7000':
break;
default:
break;
}
$stmt->execute();
$tickets = $stmt->fetchAll(PDO::FETCH_ASSOC);
$contact_id_int = (int) $contact_id;
switch ($cue) {
case '1000':
break;
case '2000':
break;
case '3000':
$tickets = filter_tickets_for_user($contact_id_int, $contact_rows, $tickets);
break;
case '4000':
$tickets = filter_tickets_for_user($contact_id_int, $contact_rows, $tickets);
break;
case '5000':
break;
case '6000':
break;
case '7000':
break;
default:
break;
}
$tickets = array_map(function ($ticket) {
$ticket['id'] = encryptId($ticket['id']);
return $ticket;
}, $tickets);
echo json_encode($tickets);
}

View File

@@ -0,0 +1,105 @@
<?
date_default_timezone_set('Europe/Berlin');
$messages = array();
$error = FALSE;
if (isset($custom_action)) {
$action = $custom_action;
} else {
$action = $_REQUEST["action"];
}
switch ($action) {
case 'save_status':
save_status();
break;
default:
require_once("settings_cardform.inc.php");
break;
}
function save_status() {
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$inserted = FALSE;
$messages = array();
if ($_REQUEST["input_status_id"] <> '') {
$query = "UPDATE main_tickets_status SET
description = '" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_description"]) . "'
WHERE id = '" . $_REQUEST["input_status_id"] . "' LIMIT 1";
$inserted = TRUE;
} else {
$sorting = @mysqli_fetch_array(@mysqli_query($GLOBALS['mysql_con'], "SELECT MAX(sorting)+1 AS 'newsorting' FROM main_tickets_status"));
$sorting = ($sorting["newsorting"] <> "") ? $sorting = $sorting["newsorting"] : $sorting = 1;
$query = "INSERT INTO main_tickets_status (description) VALUES (
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $_REQUEST["input_description"]) . "'
)";
$inserted = TRUE;
}
@mysqli_query($GLOBALS['mysql_con'], $query);
if ($inserted == TRUE) {
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
$messages[] = '<div class="successbox">' . $translation->get("msg_success") . '</div>';
} else {
$messages[] = '<div class="successbox">' . $translation->get("msg_error") . '</div>';
}
if ($_REQUEST['save_and_close'] == 1) {
require_once("status_listform.inc.php");
} else {
edit_status($input_id);
}
}
function selectContact($group_id)
{
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query = "SELECT * FROM main_contact";
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query);
if (@mysqli_num_rows($result_contact) == 0) {
return;
}
$preselect = array();
$query = "SELECT main_contact.* FROM main_contact INNER JOIN main_tickets_category_contact ON main_contact.id = main_tickets_category_contact.main_contact_id WHERE main_tickets_category_contact.main_tickets_category_id = '" . $group_id . "'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = @mysqli_fetch_array($result)) {
array_push($preselect, $row['name']);
}
$allselect = array();
?>
<div class="label">Zusätzlicher Benutzer auswählen</div>
<div class="contacts bc-select-ui ui fluid multiple search selection dropdown" style="clear:both;display:inline-block;">
<input type="hidden" name="select_user">
<i class="dropdown icon"></i>
<div class="default text"><?php echo $translation->get("top_user") ?></div>
<div class="menu">
<?
while ($contact = @mysqli_fetch_array($result_contact)) {
array_push($allselect, $contact['id']);
echo "<div class=\"item\" data-value=\"{$contact['id']}\">" . $contact["name"] . "</div>";
}
?>
</div>
</div>
<script type="text/javascript" src="/plugins/jquery/jquery-3.5.1.min.js"></script>
<script type="text/javascript" src="/plugins/Semantic-UI-master/semantic.min.js"></script>
<link rel="stylesheet" type="text/css"
href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css') ?>">
<script>
var $y = jQuery.noConflict();
$y(document).ready(function () {
$y('.contacts.ui.fluid.multiple.dropdown').dropdown('set selected', <?= json_encode($preselect) ?>);
});
</script>
<?php
}

View File

@@ -0,0 +1,10 @@
<div id="mainContent">
<h1><?php echo get_translation('Einstellungen'); ?></h1>
<form id="<?= $formname ?>" name="<?= $formname ?>" method="post">
<? selectContact($input_category['id']) ?>
</form>
</div>

View File

@@ -17,7 +17,7 @@ $inputname = "input_status_id";
<div class="requestLoader"></div>
<?
$query = "SELECT id, description AS '" . $translation->get("description") . "' FROM main_tickets_status WHERE id NOT IN (0, 1, 2, 3)";
$query = "SELECT id, description AS '" . $translation->get("description") . "' FROM main_tickets_status WHERE id NOT IN (0, 1, 2, 3, 4)";
$format = array("option", "text");
if ($result = mysqli_query($GLOBALS['mysql_con'], $query)) {
linklist($result, "form_status_list", $format);

View File

@@ -1,14 +1,15 @@
<?php
// Display only errors (no notices, warnings, or deprecation messages)
error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
ini_set('display_errors', 1);
ini_set('display_startup_errors', 1);
?>
<script src="/module/ticketcenter/js/functions.js?v=<?= filemtime(__DIR__ . "/../../js/functions.js") ?>"></script>
<link href="/layout/frontend/b2c/dist/fontawesome/css/fontawesome.css" rel="stylesheet" />
<link href="/layout/frontend/b2c/dist/fontawesome/css/brands.css" rel="stylesheet" />
<link href="/layout/frontend/b2c/dist/fontawesome/css/solid.css" rel="stylesheet" />
<!-- <script src="https://kit.fontawesome.com/e89a33a132.js" crossorigin="anonymous"></script> -->
<script src="/layout/frontend/b2c/dist/js/fonta.js" crossorigin="anonymous"></script>
<div class="ticket_overlay" style="display:none;">
<div class="ticket_overlay_content">
<div class="ticket_overlay_content_header">
@@ -31,7 +32,7 @@ error_reporting(E_ERROR | E_PARSE | E_CORE_ERROR | E_COMPILE_ERROR);
switch ($_GET['action']) {
case 'new':
require_once("show_ticketcenter_cardform.inc.php");
require_once("show_ticketcenter_create_cardform.inc.php");
break;
case 'save':
save_ticket();
@@ -39,61 +40,42 @@ switch ($_GET['action']) {
case 'update_ticket':
update_ticket();
break;
case 'save_new_ticket_receiver':
save_new_ticket_receiver();
save_new_due_date();
save_new_ticket_individual_state();
break;
case 'save_new_due_date':
save_new_due_date();
break;
case 'save_category':
save_category();
break;
case 'save_new_ticket_individual_state':
// save_new_ticket_individual_state();
break;
case 'save_ticket_supplieres':
save_ticket_supplieres();
break;
case 'save_and_close':
save_ticket(TRUE);
break;
case 'edit':
edit_ticket(decryptId($_GET['id']));
edit_ticket(decryptId(trim($_GET['id'])));
break;
case 'delete':
delete_ticket();
break;
case 'close':
close_ticket();
break;
case 'send_message':
send_message();
save_new_ticket_receiver();
save_new_due_date();
save_new_ticket_individual_state();
// Kategorie ebenfalls mitschreiben, wenn Werte übergeben wurden (silent, ohne direktes Rendern)
save_category(true);
// Nach Abschluss alles per Redirect neu laden, damit die Seite mit frischen DB-Werten gerendert wird
$tid = null;
if (isset($_POST['input_id']) && is_numeric($_POST['input_id'])) {
$tid = (int)$_POST['input_id'];
} elseif (isset($_POST['ticket_id']) && is_numeric($_POST['ticket_id'])) {
$tid = (int)$_POST['ticket_id'];
}
if ($tid) {
$encId = encryptId($tid);
$encId = encryptId($_POST['input_id']);
echo "<script>window.location.href='/intranet/de/ticketcenter/?action=edit&id=" . $encId . "';</script>";
}
break;
case 'save_forward_ticket':
// Speichert alle relevanten Felder in einem Durchlauf und rendert erst am Ende
save_new_ticket_receiver();
save_new_due_date();
save_new_ticket_individual_state();
// Kategorie still (ohne direktes Rendern) speichern
save_category(true);
if (isset($_POST['input_id']) && is_numeric($_POST['input_id'])) {
// Statt direkt zu rendern: Redirect per JS auf GET-Edit-Ansicht,
// damit der Browser keine alten Formularwerte aus dem POST puffert.
$insurance_claim = isset($_POST['input_insurance_case']) ? 1 : 0;
$stmt = mysqli_prepare($GLOBALS['mysql_con'], "UPDATE main_tickets SET insurance_claim = ? WHERE id = ?");
if ($stmt) {
$input_id = (int)$_POST['input_id'];
mysqli_stmt_bind_param($stmt, "ii", $insurance_claim, $input_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
}
if (isset($_POST['input_id']) && is_numeric($_POST['input_id'])) {
$encId = encryptId($_POST['input_id']);
echo "<script>window.location.href='/intranet/de/ticketcenter/?action=edit&id=" . $encId . "';</script>";
}
@@ -103,6 +85,28 @@ switch ($_GET['action']) {
break;
}
function edit_ticket($_id = "")
{
if ((int) $_id > 0) {
$input_id = $_id;
}
if ($input_id <> '') {
$query = "SELECT main_tickets.*,main_tickets_category.description AS 'category_description',receiver.name as 'receiver',sender.name as 'sender',main_tickets_state.description as 'state' FROM main_tickets
LEFT JOIN main_contact AS receiver ON receiver.id = main_tickets.receiver_id
LEFT JOIN main_contact AS sender ON sender.id = main_tickets.sender_id
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_state ON main_tickets.current_state = main_tickets_state.id
WHERE main_tickets.id = '" . $input_id . "'";
// $query = "SELECT * FROM main_tickets WHERE id = '".$input_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$ticket = @mysqli_fetch_array($result);
}
$query_update = "UPDATE main_tickets_notification SET viewed = 1 WHERE main_ticket_id = '" . $input_id . "' AND main_contact_id = '" . $GLOBALS['main_contact']['id'] . "'";
@mysqli_query($GLOBALS['mysql_con'], $query_update);
require_once("show_ticketcenter_cardform.inc.php");
}
// Speichert einen neuen oder aktualisierten ticket in der Datenbank und leitet je nach Bedarf entweder zum Listenformular zurück oder schließt das Bearbeitungsformular.
function save_ticket($close = FALSE)
{
@@ -113,39 +117,38 @@ function save_ticket($close = FALSE)
$input_id = $_POST["input_id"];
} else {
// $query_contact = "SELECT main_mandant.main_contact_id FROM main_tickets_category LEFT JOIN main_mandant ON main_mandant.id = main_tickets_category.main_mandant_id WHERE main_tickets_category.id = ".$_POST["input_category"];
// if(isset($_POST['input_subcategory'])){
// $query_contact = "SELECT main_mandant.main_contact_id FROM main_tickets_category LEFT JOIN main_mandant ON main_mandant.id = main_tickets_category.main_mandant_id WHERE main_tickets_category.id = ".$_POST["input_subcategory"];
// }
// $result = mysqli_query($GLOBALS['mysql_con'], $query_contact);
// $contact = @mysqli_fetch_array($result);
// $approval_by_manager = isset($_POST["input_approval_by_manager"]) ? 1 : 0;
$sender_id = $GLOBALS['main_contact']['id'];
// if($_POST['input_new_ticket_sender'] != ""){
// $sender_id = $_POST['input_new_ticket_sender'];
// }
$location = isset($_POST["input_location"]) ? $_POST["input_location"] : "";
$address = isset($_POST["input_address"]) ? $_POST["input_address"] : "";
$facility = isset($_POST["input_facility"]) ? $_POST["input_facility"] : "";
// last element of array $_POST["input_category"]
$category = $_POST["input_category"];
$lastCategory = end($category);
$insurance_claim = $_POST["input_insurance_case"] == "on" ? 1 : 0;
$query = "INSERT INTO main_tickets (
ticket_no,
description,
main_ticket_category_id,
main_ticket_subcategory_id,
main_ticket_subsubcategory_id,
service_item_no,
last_action_date,
last_opening_date,
creation_date,
current_state,
individual_state,
sender_id,
cost_center,
link
link,
location,
address,
facility,
insurance_claim
) VALUES (
'" . $_POST["input_ticket_no"] . "',
'" . strip_tags($_POST["input_description"]) . "',
'" . $_POST["input_category"] . "',
'" . $_POST["input_subcategory"] . "',
'" . $_POST["input_subsubcategory"] . "',
'" . $lastCategory . "',
'" . $_POST["input_service_item"] . "',
NOW(),
NOW(),
@@ -153,7 +156,11 @@ function save_ticket($close = FALSE)
2,
'" . $sender_id . "',
'" . $_POST["input_cost_center"] . "',
'" . $_POST["input_link"] . "'
'" . $_POST["input_link"] . "',
'" . $location . "',
'" . $address . "',
'" . $facility . "',
'" . $insurance_claim . "'
)";
$inserted = TRUE;
$message = "success";
@@ -179,7 +186,7 @@ function save_ticket($close = FALSE)
$content = "";
$type = "message";
if (isset($_FILES['input_image']) && $_FILES['input_image']['error'] === UPLOAD_ERR_OK) {
$baseDir = realpath(__DIR__ . '/../../');
$baseDir = realpath(__DIR__ . '/../../../../');
$uploadDir = $baseDir . '/userdata/Tickets/' . $input_id . '/';
if (!file_exists($uploadDir)) {
mkdir($uploadDir, 0777, true);
@@ -203,7 +210,7 @@ function save_ticket($close = FALSE)
}
$query_insert_message = "INSERT INTO main_tickets_messages(message, content, datetime, main_tickets_id, main_contact_id, type) VALUES(
'" . strip_tags($_POST["input_message"]) . "',
'" . $_POST["input_message"] . "',
'" . $content . "',
NOW(),
'" . $input_id . "',
@@ -215,16 +222,6 @@ function save_ticket($close = FALSE)
@mysqli_query($GLOBALS['mysql_con'], $query_insert_message);
}
update_notification($input_id, 'save');
// var_dump("test---");
make_notification($input_id,
isset($_POST["input_category"]) ? $_POST["input_category"] : null,
isset($_POST["input_subcategory"]) ? $_POST["input_subcategory"] : null,
isset($_POST["input_subsubcategory"]) ? $_POST["input_subsubcategory"] : null);
// insert_main_service_items_history($_POST['input_ticket_no'], $_POST['input_description'], $input_id, $_POST["input_service_item"]);
if ($close == TRUE) {
require_once("show_ticketcenter_listform.inc.php");
@@ -251,6 +248,7 @@ function save_ticket($close = FALSE)
$('#closeTicketOverlay, #showTicket').on('click', function() {
$('.ticket_overlay').remove();
});
$('.ticket_overlay').remove();
});
</script>
";
@@ -258,22 +256,6 @@ function save_ticket($close = FALSE)
}
}
function insert_main_service_items_history($ticketno, $ticket_description, $ticket_id, $service_item_id)
{
// Erstelle die Nachricht für die history_message
$history_message = "$ticketno $ticket_description wurde eröffnet.";
// Bereite das INSERT-Statement vor
$query_insert_main_service_item_history = "
INSERT INTO main_service_items_history (history_message, history_date, main_ticket_id, main_service_item_id)
VALUES ('$history_message', NOW(), '$ticket_id', '$service_item_id')
";
// Führe die Abfrage aus
@mysqli_query($GLOBALS['mysql_con'], $query_insert_main_service_item_history);
}
function send_message()
{
$ticket_id = $_POST["ticket_id"];
@@ -281,7 +263,7 @@ function send_message()
$ticket_message_sender = $GLOBALS['main_contact']['id'];
if (isset($_FILES['files']) && $_FILES['files']['error'] === UPLOAD_ERR_OK) {
$baseDir = realpath(__DIR__ . '/../../');
$baseDir = realpath(__DIR__ . '/../../../../');
$uploadDir = $baseDir . '/userdata/Tickets/' . $ticket_id . '/';
if (!file_exists($uploadDir)) {
mkdir($uploadDir, 0777, true);
@@ -337,7 +319,54 @@ function send_message()
// edit_ticket($ticket_id);
}
// Löscht einen ticket aus der Datenbank und zeigt anschließend das Listenformular an.
function close_ticket()
{
$id = (int)$_POST['input_id'];
if ($id <= 0) {
$_SESSION['save_status'] = "Fehler: Ungültige Ticket-ID.";
require_once("show_ticketcenter_listform.inc.php");
return;
}
$result = @mysqli_query($GLOBALS['mysql_con'], "SELECT sender_id, receiver_id FROM main_tickets WHERE id = $id LIMIT 1");
$ticket = @mysqli_fetch_assoc($result);
if (!$ticket) {
$_SESSION['save_status'] = "Fehler: Ticket nicht gefunden.";
require_once("show_ticketcenter_listform.inc.php");
return;
}
$contact_id = $GLOBALS['main_contact']['id'];
$mandant_id = $GLOBALS['main_contact']['master_mandant_id'];
$can_close = $ticket['sender_id'] == $contact_id
|| get_permission_state('all_tickets', $mandant_id, $contact_id) == 1;
if (!$can_close) {
$_SESSION['save_status'] = "Fehler: Keine Berechtigung zum Schließen dieses Tickets.";
edit_ticket($id);
return;
}
@mysqli_query($GLOBALS['mysql_con'], "UPDATE main_tickets SET
last_action_date = NOW(),
current_state = '4'
WHERE id = $id LIMIT 1");
@mysqli_query($GLOBALS['mysql_con'], "INSERT INTO main_tickets_messages(message, content, datetime, main_tickets_id, main_contact_id, type) VALUES(
'Geschlossen von',
'',
NOW(),
'$id',
'" . mysqli_real_escape_string($GLOBALS['mysql_con'], $contact_id) . "',
'history'
)");
update_notification($id, 'state');
edit_ticket($id);
}
function delete_ticket()
{
// Entschlüssle die ID, bevor du die Abfrage ausführst
@@ -367,7 +396,6 @@ function delete_ticket()
";
}
function save_new_ticket_receiver()
{
// Überprüfe, ob die POST-Daten vorhanden sind
@@ -447,27 +475,25 @@ function save_new_due_date() {
}
// Keine History hier; nur ändern, wenn sich der Wert unterscheidet
}
function save_category($silent = false)
{
// Überprüfe, ob die POST-Daten vorhanden sind
if (isset($_POST["input_id"]) && isset($_POST["input_category"])) {
// Hole die POST-Daten und bereinige sie mit mysqli_real_escape_string
$input_id = mysqli_real_escape_string($GLOBALS['mysql_con'], $_POST["input_id"]);
$input_category = mysqli_real_escape_string($GLOBALS['mysql_con'], isset($_POST["input_category"]) ? $_POST["input_category"] : 0);
$input_subcategory = mysqli_real_escape_string($GLOBALS['mysql_con'], isset($_POST["input_subcategory"]) ? $_POST["input_subcategory"] : 0);
$input_subsubcategory = mysqli_real_escape_string($GLOBALS['mysql_con'], isset($_POST["input_subsubcategory"]) ? $_POST["input_subsubcategory"] : 0);
$category = $_POST["input_category"];
$lastCategory = end($category);
// Aktuelle Werte laden
$qryCurrent = "SELECT main_ticket_category_id, main_ticket_subcategory_id, main_ticket_subsubcategory_id FROM main_tickets WHERE id = " . (int)$input_id . " LIMIT 1";
$qryCurrent = "SELECT main_ticket_category_id FROM main_tickets WHERE id = " . (int)$input_id . " LIMIT 1";
$resCurrent = @mysqli_query($GLOBALS['mysql_con'], $qryCurrent);
$rowCurrent = $resCurrent ? @mysqli_fetch_assoc($resCurrent) : null;
$changed = false;
if ($rowCurrent) {
$cur_cat = (string)$rowCurrent['main_ticket_category_id'];
$cur_sub = (string)$rowCurrent['main_ticket_subcategory_id'];
$cur_subsub = (string)$rowCurrent['main_ticket_subsubcategory_id'];
if ($cur_cat !== (string)$input_category || $cur_sub !== (string)$input_subcategory || $cur_subsub !== (string)$input_subsubcategory) {
if ($cur_cat !== (string)$lastCategory) {
$changed = true;
}
} else {
@@ -475,17 +501,17 @@ function save_category($silent = false)
}
if ($changed) {
$query = "UPDATE main_tickets SET main_ticket_category_id = ?, main_ticket_subcategory_id = ?, main_ticket_subsubcategory_id = ? WHERE id = ?";
$query = "UPDATE main_tickets SET main_ticket_category_id = ? WHERE id = ?";
$stmt = mysqli_prepare($GLOBALS['mysql_con'], $query);
if ($stmt) {
mysqli_stmt_bind_param($stmt, "iiii", $input_category, $input_subcategory, $input_subsubcategory, $input_id);
mysqli_stmt_bind_param($stmt, "ii", $lastCategory, $input_id);
mysqli_stmt_execute($stmt);
mysqli_stmt_close($stmt);
}
// History-Eintrag
$query_insert_message = "INSERT INTO main_tickets_messages(message, content, datetime, main_tickets_id, main_contact_id, type) VALUES(
'Abteilung geändert',
'Kategorie geändert',
'',
NOW(),
'" . $input_id . "',
@@ -600,33 +626,6 @@ function save_ticket_supplieres()
edit_ticket($_POST["input_id"]);
}
function edit_ticket($_id = "")
{
if ((int) $_id > 0) {
$input_id = $_id;
}
if ($input_id <> '') {
$query = "SELECT main_tickets.*,main_tickets_category.description AS 'category_description',main_tickets_subcategory.description AS 'subcategory_description',main_tickets_subsubcategory.description AS 'subsubcategory_description',receiver.name as 'receiver',sender.name as 'sender',main_tickets_state.description as 'state' FROM main_tickets
LEFT JOIN main_contact AS receiver ON receiver.id = main_tickets.receiver_id
LEFT JOIN main_contact AS sender ON sender.id = main_tickets.sender_id
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
LEFT JOIN main_tickets_category AS main_tickets_subsubcategory ON main_tickets.main_ticket_subsubcategory_id = main_tickets_subsubcategory.id
LEFT JOIN main_tickets_state ON main_tickets.current_state = main_tickets_state.id
WHERE main_tickets.id = '" . $input_id . "'";
// $query = "SELECT * FROM main_tickets WHERE id = '".$input_id."'";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$ticket = @mysqli_fetch_array($result);
}
$query_update = "UPDATE main_tickets_notification SET viewed = 1 WHERE main_ticket_id = '" . $input_id . "' AND main_contact_id = '" . $GLOBALS['main_contact']['id'] . "'";
@mysqli_query($GLOBALS['mysql_con'], $query_update);
require_once("show_ticketcenter_cardform.inc.php");
}
function load_messages($ticket_id)
{
$query = "SELECT main_tickets_messages.*, main_contact.name FROM main_tickets_messages LEFT JOIN main_contact ON main_contact.id = main_tickets_messages.main_contact_id WHERE main_tickets_id = $ticket_id ORDER BY datetime";
@@ -672,61 +671,9 @@ function load_messages($ticket_id)
}
}
// Verschlüsselt eine ID, normalerweise zur Verwendung in URLs.
function encryptId($id)
{
$encryptedId = base64_encode($id . "EC1ibm38FI53cxmSnQUi");
return $encryptedId;
}
// Entschlüsselt eine zuvor verschlüsselte ID, um ihre ursprüngliche Form wiederherzustellen.
function decryptId($encryptedId)
{
$decryptedId = base64_decode($encryptedId);
$id = str_replace("EC1ibm38FI53cxmSnQUi", "", $decryptedId);
return $id;
}
function input_ticketnumber($ticket_no = "")
{
if ($ticket_no == "") {
// Aktuelles Jahr als zwei Ziffern
$current_year = date('y');
// Query, um das letzte Ticket des aktuellen Jahres zu finden
$query = "SELECT ticket_no FROM main_tickets WHERE ticket_no LIKE 'T$current_year-%' ORDER BY ticket_no DESC LIMIT 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
// Initialisiere die Ticketnummer
$new_ticket_no = '';
// Wenn es bereits Tickets in diesem Jahr gibt
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$last_ticket_no = $row['ticket_no'];
// Extrahiere die Nummer nach dem Bindestrich
$last_ticket_number = (int) substr($last_ticket_no, 6);
// Erhöhe die Nummer um 1
$new_ticket_number = $last_ticket_number + 1;
// Formatiere die neue Ticketnummer mit führenden Nullen (z.B. 0002)
$new_ticket_no = 'T' . $current_year . '-' . str_pad($new_ticket_number, 5, '0', STR_PAD_LEFT);
} else {
// Falls es noch keine Tickets in diesem Jahr gibt, starte bei 0001
$new_ticket_no = 'T' . $current_year . '-00001';
}
$ticket_no = $new_ticket_no;
}
return $ticket_no;
}
function update_ticket()
{
switch ($_POST['input_state']) {
switch ($_POST['input_main_tickets_status']) {
case '1':
$query_update = "UPDATE main_tickets SET
last_action_date = NOW(),
@@ -812,19 +759,17 @@ function update_notification($ticket_id, $type, $notif_message = "Neue Aktivitä
if ($ticket['receiver_id'] == 0) {
$query_contact = "SELECT main_tickets.*,
COALESCE(main_tickets_subcategory.main_mandant_id, main_tickets_category.main_mandant_id) AS 'mandant_id',
main_tickets_category.main_mandant_id AS 'mandant_id',
main_mandant.mail_team AS 'mandant_email',
contact.email AS 'contact_email'
FROM main_tickets
LEFT JOIN main_tickets_category
ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory
ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
LEFT JOIN main_mandant
ON main_mandant.id = COALESCE(main_tickets_subcategory.main_mandant_id, main_tickets_category.main_mandant_id)
ON main_mandant.id = main_tickets_category.main_mandant_id
LEFT JOIN main_contact AS contact
ON contact.id = COALESCE(main_tickets_subcategory.main_contact_id, main_tickets_category.main_contact_id)
AND COALESCE(main_tickets_subcategory.main_contact_id, main_tickets_category.main_contact_id) != 0
ON contact.id = main_tickets_category.main_contact_id
AND main_tickets_category.main_contact_id != 0
WHERE main_tickets.id = " . $ticket_id;
$result = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$mandant = @mysqli_fetch_array($result);
@@ -871,105 +816,76 @@ function update_notification($ticket_id, $type, $notif_message = "Neue Aktivitä
}
}
// function make_notification($id, $category_id = null, $subcategory_id = null, $subsubcategory_id = null){
// $choised_category_id = 0;
// if ($subsubcategory_id != null) {
// $choised_category_id = $subsubcategory_id;
// } elseif ($subcategory_id != null) {
// $choised_category_id = $subcategory_id;
// } elseif ($category_id != null) {
// $choised_category_id = $category_id;
// } else {
// return;
// }
// $choised_contacts = getContactsByCategory($choised_category_id);
// $departments = getDepartmentsByCategory($choised_category_id);
// $mandants = getMandantsByCategory($choised_category_id);
// $contacts = [];
function get_ticket_status($status_id) {
// var_dump($departments);
// var_dump($mandants);
// if ($departments == null or implode(',', $departments) == "0") {
// $query = "SELECT * FROM main_contact_department WHERE main_mandant_id IN (" . implode(',', $mandants) . ")";
// var_dump($query);
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $departments = [];
// while ($row = mysqli_fetch_assoc($result)) {
// $contacts[] = $row['main_contact_id'];
$query = "SELECT description FROM main_tickets_status WHERE id = $status_id";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$status = @mysqli_fetch_array($result);
return $status['description'];
}
function get_contact($contact_id) {
$query = "SELECT name, phone_no FROM main_contact WHERE id = $contact_id";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contact = @mysqli_fetch_array($result);
return $contact;
}
// }
// var_dump($contacts);
// } else if ($mandants == null or implode(',', $mandants) == "0") {
// $query = "SELECT * FROM main_contact_department WHERE main_department_id IN (" . implode(',', $departments) . ")";
// var_dump($query);
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $mandants = [];
// while ($row = mysqli_fetch_assoc($result)) {
// $contacts[] = $row['main_contact_id'];
// }
// var_dump($contacts);
// } else if (($mandants == null or implode(',', $mandants) == "0") && ($departments == null or implode(',', $departments) == "0")) {
// // ----
// } else {
// $query = "SELECT * FROM main_contact_department WHERE main_mandant_id IN (" . implode(',', $mandants) . ") AND main_department_id IN (" . implode(',', $departments) . ")";
// var_dump($query);
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $contacts = [];
// while ($row = mysqli_fetch_assoc($result)) {
// $contacts[] = $row['main_contact_id'];
// }
// var_dump($contacts);
// }
// var_dump($choised_contacts);
// if ($choised_contacts != null) {
// $contacts = array_unique(array_merge($contacts, $choised_contacts));
// }
// DEPRIKATED: Funktion wird aktuell nicht mehr verwendet.
// Sollte die Funktion wieder benötigt werden, muss sie entsprechend angepasst werden, um die neuen Datenstrukturen zu berücksichtigen.
// var_dump($contacts);
// }
function input_ticketnumber($ticket_no = "")
{
if ($ticket_no == "") {
// Aktuelles Jahr als zwei Ziffern
$current_year = date('y');
// function getDepartmentsByCategory($category_id) {
// $query = "SELECT * FROM main_tickets_category_department WHERE main_tickets_category_id = " . $category_id;
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $departments = [];
// if (mysqli_num_rows($result) == 0) {
// return null;
// }
// while ($row = mysqli_fetch_assoc($result)) {
// $departments[] = $row['main_department_id'];
// }
// return $departments;
// }
// Query, um das letzte Ticket des aktuellen Jahres zu finden
$query = "SELECT ticket_no FROM main_tickets WHERE ticket_no LIKE 'T$current_year-%' ORDER BY ticket_no DESC LIMIT 1";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
// function getMandantsByCategory($category_id) {
// $query = "SELECT * FROM main_tickets_category_mandant WHERE main_tickets_category_id = " . $category_id;
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $mandants = [];
// var_dump(mysqli_num_rows($result));
// if (mysqli_num_rows($result) == 0) {
// return null;
// }
// while ($row = mysqli_fetch_assoc($result)) {
// $mandants[] = $row['main_mandant_id'];
// }
// var_dump($mandants);
// return $mandants;
// }
// Initialisiere die Ticketnummer
$new_ticket_no = '';
// Wenn es bereits Tickets in diesem Jahr gibt
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$last_ticket_no = $row['ticket_no'];
// Extrahiere die Nummer nach dem Bindestrich
$last_ticket_number = (int) substr($last_ticket_no, 6);
// Erhöhe die Nummer um 1
$new_ticket_number = $last_ticket_number + 1;
// Formatiere die neue Ticketnummer mit führenden Nullen (z.B. 0002)
$new_ticket_no = 'T' . $current_year . '-' . str_pad($new_ticket_number, 5, '0', STR_PAD_LEFT);
} else {
// Falls es noch keine Tickets in diesem Jahr gibt, starte bei 0001
$new_ticket_no = 'T' . $current_year . '-00001';
}
$ticket_no = $new_ticket_no;
}
return $ticket_no;
}
function insert_main_service_items_history($ticketno, $ticket_description, $ticket_id, $service_item_id)
{
// Erstelle die Nachricht für die history_message
$history_message = "$ticketno $ticket_description wurde eröffnet.";
// Bereite das INSERT-Statement vor
$query_insert_main_service_item_history = "
INSERT INTO main_service_items_history (history_message, history_date, main_ticket_id, main_service_item_id)
VALUES ('$history_message', NOW(), '$ticket_id', '$service_item_id')
";
// Führe die Abfrage aus
@mysqli_query($GLOBALS['mysql_con'], $query_insert_main_service_item_history);
}
// function getContactsByCategory($category_id) {
// $query = "SELECT * FROM main_tickets_category_contact WHERE main_tickets_category_id = " . $category_id;
// $result = mysqli_query($GLOBALS['mysql_con'], $query);
// $contacts = [];
// if (mysqli_num_rows($result) == 0) {
// return null;
// }
// while ($row = mysqli_fetch_assoc($result)) {
// $contacts[] = $row['main_contact_id'];
// }
// return $contacts;
// }
function make_notification($id, $category_id = null, $subcategory_id = null, $subsubcategory_id = null) {
$choised_category_id = $subsubcategory_id ?? $subcategory_id ?? $category_id;
@@ -1095,245 +1011,3 @@ function getContactsByCategory($category_id) {
}
?>
<script>
$(document).ready(function () {
// Hole die aktuelle URL
var currentUrl = window.location.href;
// Überprüfen, ob ?action= in der URL vorhanden ist
if (currentUrl.indexOf("?action=") !== -1) {
// Entferne den Teil ab ?action=, inkl. allem, was danach kommt
var newUrl = currentUrl.split("?action=")[0];
// Aktualisiere die URL ohne Neuladen der Seite
window.history.replaceState(null, null, newUrl);
}
});
document.addEventListener("DOMContentLoaded", function () {
// Initial load of category data
const categorySelect = document.getElementById('input_category');
if (categorySelect) {
let selectedId = categorySelect.value;
removeAjaxContent();
// Initial AJAX call
fetchCategoryData(selectedId);
// Add change event listener to category select
categorySelect.addEventListener('change', function() {
selectedId = this.value;
removeAjaxContent();
fetchCategoryData(selectedId);
getCategoryDescription();
});
// Initial description load
getCategoryDescription();
}
});
// Helper function to remove ajax content
function removeAjaxContent() {
const ajaxContents = document.querySelectorAll('.ajax-content');
ajaxContents.forEach(content => content.remove());
}
// Helper function to remove ajax subcontent
function removeAjaxSubContent() {
const ajaxSubContents = document.querySelectorAll('.ajax-subcontent');
ajaxSubContents.forEach(content => content.remove());
}
// Fetch category data via AJAX
function fetchCategoryData(categoryId) {
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_ajax.php',
type: 'POST',
data: { category_id: categoryId },
success: function (response) {
const categorySelect = document.getElementById('input_category');
const parentDiv = categorySelect.parentNode;
// Insert response after the parent div
const ajaxContent = document.createElement('div');
ajaxContent.className = 'ajax-content';
ajaxContent.innerHTML = response;
parentDiv.after(ajaxContent);
// Add event listener to subcategory select if it exists
const subcategorySelect = document.getElementById('input_subcategory');
if (subcategorySelect) {
subcategorySelect.addEventListener('change', function() {
getSubCategoryDescription();
getSubSubCategory();
});
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getCategoryDescription() {
const categorySelect = document.getElementById('input_category');
const selectedId = categorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".category_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'category_desc';
descDiv.innerHTML = "<h5>Kategoriebeschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("afterbegin", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubCategoryDescription() {
const subcategorySelect = document.getElementById('input_subcategory');
if (!subcategorySelect) return;
const selectedId = subcategorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".subcategory_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'subcategory_desc';
descDiv.style.marginTop = '20px';
descDiv.innerHTML = "<h5>Unterkategoriebeschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("beforeend", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubSubCategoryDescription() {
const subsubcategorySelect = document.getElementById('input_subsubcategory');
if (!subsubcategorySelect) return;
const selectedId = subsubcategorySelect.value;
// Remove existing description if it exists
const existingDesc = document.querySelector(".subsubcategory_desc");
if (existingDesc) {
existingDesc.remove();
}
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_category_desc_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const instructionDiv = document.querySelector(".ticket-instruction");
if (instructionDiv) {
const descDiv = document.createElement('div');
descDiv.className = 'subsubcategory_desc';
descDiv.style.marginTop = '20px';
descDiv.innerHTML = "<h5>Beschreibung</h5>" + response;
instructionDiv.insertAdjacentElement("beforeend", descDiv);
if (response.trim() === "") {
descDiv.style.display = 'none'; // Hide if no description
} else {
descDiv.style.display = 'block'; // Show if description exists
}
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
function getSubSubCategory() {
const subcategorySelect = document.getElementById('input_subcategory');
if (!subcategorySelect) return;
const selectedId = subcategorySelect.value;
removeAjaxSubContent();
$.ajax({
url: '/module/ticketcenter/show_ticketcenter_subcategory_ajax.php',
type: 'POST',
data: { category_id: selectedId },
success: function (response) {
const parentDiv = subcategorySelect.parentNode;
// Insert response after the parent div
const ajaxSubContent = document.createElement('div');
ajaxSubContent.className = 'ajax-subcontent';
ajaxSubContent.innerHTML = response;
parentDiv.after(ajaxSubContent);
// Add event listener to subsubcategory select if it exists
const subsubcategorySelect = document.getElementById('input_subsubcategory');
if (subsubcategorySelect) {
subsubcategorySelect.addEventListener('change', function() {
getSubSubCategoryDescription();
});
}
},
error: function (xhr, status, error) {
console.log('Error:', error);
}
});
}
// make fetch to server to get subsubcategory data based on subcategory id and insert it after subcategory select
// fetch('/module/ticketcenter/services/show_ticketcenter_ajax.php', {
// method: 'POST',
// headers: {
// 'Content-Type': 'application/x-www-form-urlencoded'
// },
// body: new URLSearchParams({ action: "get_tickets" })
// })
// .then(response => response.text())
// .then(data => {
// console.log(data);
// })
// .catch(error => {
// console.error('Error:', error);
// })
</script>

View File

@@ -1,7 +1,7 @@
<?php
session_start();
$currDir = __DIR__;
$rootDir = dirname(dirname($currDir));
$rootDir = dirname(dirname(dirname($currDir)));
$mysydeDir = $rootDir . '/mysyde';
require_once($rootDir . '/vendor/autoload.php');
@@ -13,10 +13,10 @@ if (is_dir($envDir) && file_exists($envFilePath) && is_file($envFilePath) && is_
$dotenv = new \Dotenv\Dotenv($envDir);
$dotenv->load();
}
$common = $mysydeDir ."/common/common_functions.inc.php";
$common = $mysydeDir . "/common/common_functions.inc.php";
require_once($common);
$connEnv = (local_environment()) ? $mysydeDir."/dc.config.php" : $mysydeDir."/dc-server.config.php";
$connEnv = (local_environment()) ? $mysydeDir . "/dc.config.php" : $mysydeDir . "/dc-server.config.php";
require_once($connEnv);

View File

@@ -1,64 +1,86 @@
<?php
$formname = "form_ticket_card";
if (isset($_GET['service_item_no'])) {
$ticket['service_item_no'] = $_GET['service_item_no'];
function create_save_button($ticket, $formname)
{
if (isset($ticket["id"])) {
switch ($ticket['current_state']) {
case 2: // Offen
return button("save primary", "Ticket annehmen", $formname, "sendRequest('update_ticket', true)");
case 3: // In Bearbeitung
if ($ticket['sender_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
?>
<button type="button" class="close-ticket-btn" onclick="showCloseTicketModal()">Ticket schließen</button>
<div id="closeTicketModal" class="close-ticket-modal">
<div class="close-ticket-modal-content">
<h2>Ticket schließen</h2>
<p class="close-ticket-warning">Hinweis: Bitte laden Sie einen Arbeitschein oder eine Rechnung in den Chat hoch, bevor Sie das Ticket schließen.</p>
<div class="close-ticket-modal-buttons">
<button type="button" class="btn-cancel" onclick="closeModal()">Abbrechen</button>
<button data-formname="form_ticket_card" type="button" class="btn-confirm" onclick="dc.current_formname='form_ticket_card'; sendRequest('close', true); closeModal();">Ticket schließen</button>
</div>
</div>
</div>
<script>
function showCloseTicketModal() {
document.getElementById('closeTicketModal').style.display = 'block';
}
function closeModal() {
document.getElementById('closeTicketModal').style.display = 'none';
}
window.onclick = function(event) {
var modal = document.getElementById('closeTicketModal');
if (event.target == modal) modal.style.display = 'none';
}
</script>
<?php
}
break;
case 4: // Geschlossen
if ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || $ticket['sender_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
return button("save primary", "Wiedereröffnen", $formname, "sendRequest('update_ticket', true)");
}
break;
default: // Anderer Status
return button("save primary", "Ticket annehmen", $formname, "sendRequest('update_ticket', true)");
}
}
return "";
}
?>
<link rel="stylesheet" href="/module/ticketcenter/css/repair.css">
<link rel="stylesheet" href="/module/ticketcenter/css/repair.css?v=<?= filemtime(__DIR__ . "/../../css/repair.css") ?>">
<link rel="stylesheet" href="/module/ticketcenter/css/cardform.css?v=<?= filemtime(__DIR__ . "/../../css/cardform.css") ?>">
<script type="text/javascript"
src="/mysyde/admin/admin.js?t=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/mysyde/admin/admin.js') ?>"></script>
<link href="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/css/select2.min.css" rel="stylesheet" />
<script src="https://cdn.jsdelivr.net/npm/select2@4.1.0-rc.0/dist/js/select2.min.js"></script>
<form action="" id="<?= $formname ?>" name="<?= $formname ?>" method="post" enctype="multipart/form-data">
<section class="cardform_content">
<div class="container">
<div class="titlebar">
<?php if (isset($ticket["id"])): ?>
<div>
<div class="tickets_cardform">
<div class="cardform_header">
<div class="cardform_header_left">
<a class="back" href="/intranet/de/ticketcenter/"><i class="fa-solid fa-arrow-left-long"></i></a>
<h1>Ticket <?= $ticket['ticket_no'] ?></h1>
</div>
<div>
<?php
// Definiere die Aktion basierend auf dem Ticketstatus
switch ($ticket['current_state']) {
case 2: // Offen
// if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
echo button("save primary", "Ticket annehmen", $formname, "sendRequest('update_ticket', true)");
// }
break;
case 3: // In Bearbeitung
if ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || $ticket['sender_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
echo button("save primary", "Ticket schließen", $formname, "sendRequest('update_ticket', true)");
}
break;
case 4: // Geschlossen
if ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || $ticket['sender_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
echo button("save primary", "Wiedereröffnen", $formname, "sendRequest('update_ticket', true)");
}
break;
default: // Anderer Status
echo button("save primary", "Ticket annehmen", $formname, "sendRequest('update_ticket', true)");
break;
}
?>
</div>
<?php else: ?>
<!-- <h1>Ticket erstellen</h1> -->
<?php endif; ?>
</div>
<?php
if (isset($ticket["id"])) {
?>
<script>
document.querySelector("body").classList.add("ticket_edit");
</script>
<div class="section_group">
<div class="cardform_header_right">
<?= button("forward_ticket", "Ticket speichern", $formname, "sendRequest('save_forward_ticket', true)"); ?>
<?= create_save_button($ticket, $formname) ?>
<section class="cardform_section" tab-attribute="ticket" aria-current="true">
</div>
</div>
<div class="cardform_body">
<div class="cardform_body_left">
<div class="body_left_line">
<h3>Alle verfügbaren Tickets</h3>
<button type="button" onclick="toggleSideboard('.cardform_body_left')"><i class="fa-regular fa-square-caret-left"></i></button>
</div>
<?php
require_once __DIR__ . '/components/show_open_tickets.php';
?>
</div>
<div class="cardform_body_middle">
<div class="communication">
<div class="messages_scroll_container">
<div class="messages">
@@ -85,389 +107,36 @@ if (isset($_GET['service_item_no'])) {
</form>
</div>
<?php
}
?>
</div>
</section>
<aside>
<div class="card_ticket">
<div class="card_header">
<div class="card_title">
<h3><i class="fa-solid fa-circle-info"></i> Ticketstatus</h3>
</div>
<div class="plant_card_status">
<span id="green"><?= $ticket['state'] ?></span>
</div>
</div>
<fieldset>
<div class="info_labels">
<?php if (!empty($ticket['description'])): ?>
<label>Beschreibung
<div><?= $ticket['description'] ?></div>
</label>
<?php endif; ?>
<?php
if ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
?>
<div class="zusatzstatus">
<?php
if (isset($ticket["main_ticket_subsubcategory_id"]) and $ticket["main_ticket_subsubcategory_id"] > 0 ) {
$query = "SELECT * FROM main_tickets_category_process WHERE main_tickets_category_id = " . $ticket['main_ticket_subsubcategory_id'] . " LIMIT 1;";
} else if (isset($ticket["main_ticket_subcategory_id"]) and $ticket["main_ticket_subcategory_id"] > 0 ) {
$query = "SELECT * FROM main_tickets_category_process WHERE main_tickets_category_id = " . $ticket['main_ticket_subcategory_id'] . " LIMIT 1;";
} else {
$query = "SELECT * FROM main_tickets_category_process WHERE main_tickets_category_id = " . $ticket['main_ticket_category_id'] . " LIMIT 1;";
}
$result = mysqli_query($GLOBALS['mysql_con'], $query);
if (mysqli_num_rows($result) > 0) {
$row = mysqli_fetch_assoc($result);
$ticket['process_id'] = $row['main_tickets_process_id'];
$query = "SELECT main_tickets_status.id, main_tickets_status.description as 'name' FROM main_tickets_status JOIN main_tickets_process_status ON main_tickets_status.id = main_tickets_process_status.main_tickets_status_id where main_tickets_process_status.main_tickets_process_id = " . $ticket['process_id'] . " ORDER BY name ASC";
} else {
$ticket['process_id'] = 0;
$query = "SELECT id, description as 'name' FROM main_tickets_status ORDER BY name ASC";
}
?>
<?= input_select_from_sql("Aktueller Zusatzstatus", "input_main_tickets_status", $query, $ticket['individual_state']) ?>
<!-- <?= button("forward_ticket", "Zusatzstatus speichern", $formname, "sendRequest('save_new_ticket_individual_state', true)"); ?> -->
</div>
<!-- Tagify CSS und JS einbinden -->
<link rel="stylesheet"
href="https://cdn.jsdelivr.net/npm/@yaireo/tagify/dist/tagify.css">
<script src="https://cdn.jsdelivr.net/npm/@yaireo/tagify"></script>
<!-- <div class="ticket-supplier-input">
<div class="label">
<label for="input_ticket_supliers">Lieferanten</label>
</div>
<input name="input_ticket_supliers" id="input_ticket_supliers"
placeholder="Lieferanten auswählen">
</div> -->
<!-- Hidden Input, in dem die ausgewählten IDs gespeichert werden -->
<input type="hidden" name="supplier_ids" id="hidden_supplier_ids" value="">
<script>
document.addEventListener("DOMContentLoaded", function () {
var input = document.getElementById('input_ticket_supliers');
var hiddenInput = document.getElementById('hidden_supplier_ids');
// Tagify initialisieren
var tagify = new Tagify(input, {
tagTextProp: 'name', // Die ausgewählten Tags zeigen den Namen an
whitelist: <?= $supplier_list_json ?>,
enforceWhitelist: true, // Nur Werte aus der Whitelist zulassen
dropdown: {
enabled: 0, // Autocomplete: Schon nach 1 Zeichen wird das Dropdown angezeigt
closeOnSelect: false,
maxItems: 10,
searchKeys: ['name'] // Suche anhand des Namens
},
templates: {
dropdownItem: function (tagData) {
// Internen Attribute werden über this.getAttributes(tagData) gesetzt
return `<div ${this.getAttributes(tagData)} class="tagify__dropdown__item">${tagData.name}</div>`;
}
}
});
// Bereits verknüpfte Lieferanten als Initial-Tags hinzufügen
var supplierList = <?= $supplier_list_json ?>;
var linkedSupplierIds = <?= $linked_suppliers_json ?>;
var initialTags = supplierList.filter(function (item) {
return linkedSupplierIds.indexOf(parseInt(item.value)) !== -1;
});
tagify.addTags(initialTags);
// Bei jeder Änderung werden die ausgewählten IDs im Hidden Input gespeichert
tagify.on('change', function (e) {
var selectedIds = tagify.value.map(function (tag) {
return tag.value;
});
hiddenInput.value = selectedIds.join(',');
});
// Optional: Dropdown explizit öffnen, wenn etwas eingegeben wird
input.addEventListener("input", function () {
tagify.dropdown.show.call(tagify);
});
});
</script>
<?php
}
?>
<?php if (!empty($ticket['ticket_no'])): ?>
<label>Ticketnr.
<div><?= $ticket['ticket_no'] ?></div>
</label>
<?php endif; ?>
<?php if (!empty($ticket['service_item_no'])): ?>
<?php
$query_service_item = "SELECT service_item_no, description AS 'service_description' FROM main_service_items WHERE id = '" . $ticket['service_item_no'] . "'";
$result = mysqli_query($GLOBALS['mysql_con'], $query_service_item);
$row = mysqli_fetch_assoc($result)
?>
<label>Gerätenr.
<div><a target="_blank" class="link"
href="/intranet/de/geraetecenter/?action=edit&id=<?= encryptID($ticket['service_item_no']) ?>"><?= $row['service_item_no'] . ' - ' . $row['service_description'] ?></a>
</div>
</label>
<?php endif; ?>
<?php if (!empty($ticket['cost_center'])): ?>
<label>Kostenstelle
<div><?= $ticket['cost_center'] ?></div>
</label>
<?php endif; ?>
<?php
// Inline-Bearbeitung für Abteilung statt separatem Button/Modal
$canEditCategory = ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1);
if ($canEditCategory) {
$query = "SELECT id, description as 'name' FROM main_tickets_category WHERE parent_id = 0 ORDER BY sorting";
$selectedCategory = isset($ticket['main_ticket_category_id']) ? $ticket['main_ticket_category_id'] : (isset($ticket['category']) ? $ticket['category'] : null);
echo input_select_from_sql("Abteilung*", "input_category", $query, $selectedCategory);
} else if (!empty($ticket['category_description'])) { ?>
<label>Abteilung
<div><?= $ticket['category_description'] ?></div>
</label>
<?php } ?>
<?php if (!$canEditCategory && !empty($ticket['subcategory_description'])): ?>
<label>Kategorie
<div><?= $ticket['subcategory_description'] ?></div>
</label>
<?php endif; ?>
<?php if (!$canEditCategory && !empty($ticket['subsubcategory_description'])): ?>
<label>Unterkategorie
<div><?= $ticket['subsubcategory_description'] ?></div>
</label>
<?php endif; ?>
<!-- Kategorie wird nun direkt oben editierbar angezeigt; separater Bearbeiten-Button entfällt -->
<?php if (!empty($ticket['sender'])): ?>
<label>Ticketersteller
<div><?= $ticket['sender'] ?></div>
</label>
<?php endif; ?>
<?php if (!empty($ticket['receiver'])): ?>
<label>Ticketbearbeiter
<div><?= $ticket['receiver'] ?></div>
</label>
<?php endif; ?>
<?php
if ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
input("Zu erledigen bis", "input_due_date", "date", $ticket['due_date']);
// button("forward_ticket", "Datum speichern", $formname, "sendRequest('save_new_due_date', true)");
}
?>
<?php if (!empty($ticket['link'])): ?>
<label>Link
<div><a target="_blank" class="link" href="<?= $ticket['link'] ?>"
target="_blank"><?= $ticket['link'] ?></a></div>
</label>
<?php endif; ?>
<?php
$hasOrderLinks = false;
for ($i = 1; $i <= 10; $i++) {
if (!empty($ticket["order_link_$i"])) {
$hasOrderLinks = true;
break;
}
}
?>
<?php if ($hasOrderLinks): ?>
<label class="order_link_text_label">Bestell-Links
<?php for ($i = 1; $i <= 10; $i++): ?>
<?php if (!empty($ticket["order_link_$i"])): ?>
<div>
<?php if (!empty($ticket["order_link_amount_$i"])): ?>
<span class="order_link_amount">Anzahl:
<?= htmlspecialchars($ticket["order_link_amount_$i"]) ?>x </span>
<?php endif; ?>
<a target="_blank" class="order_link_text"
href="<?= htmlspecialchars($ticket["order_link_$i"]) ?>">
<?= htmlspecialchars($ticket["order_link_$i"]) ?>
</a>
</div>
<?php endif; ?>
<?php endfor; ?>
</label>
<?php endif; ?>
<?php if (isset($ticket["approval_by_manager"]) && $ticket["approval_by_manager"] == 1): ?>
<label>Freigabe durch Vorgesetzten vorhanden
<div>ja</div>
</label>
<?php endif; ?>
<?php
if ($ticket['current_state'] != 4 && ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1)) {
?>
<div class="ticket_weiterleiten">
<?php $query = "SELECT id, name as 'name' FROM main_contact ORDER BY name ASC"; ?>
<?= input_select_from_sql("Ticket weiterleiten an", "input_new_ticket_receiver", $query, $ticket['receiver_id']) ?>
<?= button("forward_ticket", "Ticket speichern", $formname, "sendRequest('save_forward_ticket', true)"); ?>
} else { ?>
<div class="communication_toolbar communication_toolbar--closed">
<p>Um eine Nachricht zu senden, öffnen Sie das Ticket erneut.</p>
</div>
<?php
}
?>
</div>
</div>
<div class="cardform_body_right">
<?php
input("ID", "input_id", "hidden", $ticket["id"]);
input("Status", "input_state", "hidden", $ticket["current_state"]);
require_once __DIR__ . '/components/ticketdetails.com.php';
?>
</fieldset>
</div>
</aside>
</div>
<!-- Modal für Abteilungsbearbeitung entfernt: Inline-Select wird verwendet -->
</div>
</div>
<?php } else { ?>
<section class="cardform_section new_ticket">
<script>
document.querySelector("body").classList.add("new_ticket");
</script>
<fieldset>
<h1>Ticket erstellen</h1>
<?= input("ID", "input_id", "hidden", "") ?>
<div class="hide">
<?= input_ticketnumber(); ?>
</div>
<?php
$ticket_description = [
'Markt Küche',
'Metzgerei',
'Obst + Gemüse',
'Bake Off',
'MoPro',
'TK',
'Getränke | Spirituosen',
'Drogerie | Non Food',
'Sortiment',
'Sonstiges'
];
?>
<?php
input("Betreff*", "input_description", "text", $ticket['description'])
?>
<?php $query = "SELECT id, description as 'name' FROM main_tickets_category WHERE parent_id = 0 ORDER BY sorting"; ?>
<?= input_select_from_sql("Abteilung*", "input_category", $query, isset($_GET['category_id']) ? $_GET['category_id'] : null) ?>
<?php if (get_permission_state('connect_service_items', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
$query = "SELECT main_service_items.id, CONCAT(service_item_no, ' | ', description, ' | ', main_contact.name) as 'name' FROM main_service_items LEFT JOIN main_contact ON main_contact.id = main_service_items.main_contact_id";
} else {
$query = "SELECT id, CONCAT(service_item_no, ' | ', description) as 'name' FROM main_service_items WHERE main_contact_id = " . $GLOBALS['main_contact']['id'];
}
?>
<!-- <?php $query = "SELECT id, name as 'name' FROM main_contact ORDER BY name ASC"; ?>
<?= input_select_from_sql("Im Namen erstellen von", "input_new_ticket_sender", $query, $ticket['sender_id']) ?> -->
<?= input("Nachricht*", "input_message", "textarea", "", "512") ?>
<?= input("Datei hochladen", "input_image", "file", $ticket['image']) ?>
<?= button("create_ticket", "Ticket abschicken", $formname, "sendRequest('save', true)"); ?>
</fieldset>
<div class="ticket-instruction">
<? get_content("ticket_instruction", null, $IOCContainer); ?>
</div>
</section>
<?php
}
?>
<script>
// if (document.querySelector(".button_create_ticket")) {
// document.querySelector(".button_create_ticket").style.display = "none";
// setInterval(function() {
// const input_subsubcategory = document.getElementById('input_subsubcategory');
// if (input_subsubcategory) {
// if (input_subsubcategory.value) {
// document.querySelector(".button_create_ticket").style.display = "block";
// } else if (input_subsubcategory.value == "") {
// document.querySelector(".button_create_ticket").style.display = "none";
// }
// } else {
// document.querySelector(".button_create_ticket").style.display = "none";
// }
// }, 1000);
// }
</script>
</section>
</div>
</form>
<script>
// Funktion zur Steuerung der Sichtbarkeit und Required-Status basierend auf der Auswahl
function showDivBasedOnSelect(selectId, optionTexts, targetClass, isRequired = false) {
// Alle Elemente der übergebenen Klasse standardmäßig ausblenden
$('.' + targetClass).hide().find('input, select, textarea').prop('required', false);
// Eventlistener für Änderung im Select
$('#' + selectId).on('change', function () {
var selectedText = $('#' + selectId + ' option:selected').text().toLowerCase().trim();
// Flag um zu prüfen, ob es einen Match gibt
let matchFound = false;
// Über alle übergebenen Optionstexte iterieren
optionTexts.forEach(function (optionText) {
var normalizedOptionText = optionText.toLowerCase().trim();
if (selectedText === normalizedOptionText) {
matchFound = true;
function scrollToBottom() {
const chat = document.querySelector('.messages');
chat.scrollTop = chat.scrollHeight;
}
document.addEventListener('DOMContentLoaded', function () {
scrollToBottom();
});
// Div anzeigen und "required" setzen, wenn ein Match gefunden wurde
if (matchFound) {
$('.' + targetClass).show();
// Falls isRequired aktiv ist, setze das Eingabefeld auf required
if (isRequired) {
$('.' + targetClass).find('input, select, textarea').prop('required', true);
}
} else {
// Div ausblenden und "required" entfernen, wenn kein Match
$('.' + targetClass).hide().find('input, select, textarea').prop('required', false);
}
});
}
// Aufrufe der Funktion mit mehreren Optionen
// Felder anzeigen UND als Pflichtfeld markieren
showDivBasedOnSelect('input_category', ['Bestellung-Neuanschaffung', 'Bestellung-Ersatzbeschaffung'], 'input_approval_by_manager', true);
showDivBasedOnSelect('input_category', ['Bestellung-Neuanschaffung', 'Bestellung-Ersatzbeschaffung'], 'input_cost_center', false);
showDivBasedOnSelect('input_category', ['Bestellung-Neuanschaffung', 'Bestellung-Ersatzbeschaffung'], 'input_order_link_1', false);
showDivBasedOnSelect('input_category', ['Bestellung-Neuanschaffung', 'Bestellung-Ersatzbeschaffung'], 'input_order_link_amount_1', false);
// Felder nur anzeigen, NICHT required
showDivBasedOnSelect('input_category', ['Fehlermeldung', 'Sonstige'], 'input_link', false);
showDivBasedOnSelect('input_category', ['Fehlermeldung', 'Sonstige'], 'input_service_item', false);
$('#input_new_ticket_receiver').select2();
$('#input_new_ticket_sender').select2();
$('#input_service_item').select2();
@@ -486,12 +155,6 @@ if (isset($_GET['service_item_no'])) {
setRequiredField("input_category");
// // Zuerst alle Order-Link-Container und dazugehörigen Amount-Felder ab Index 2 ausblenden
// $('.input_order_link_2, .input_order_link_3, .input_order_link_4, .input_order_link_5, .input_order_link_6, .input_order_link_7, .input_order_link_8, .input_order_link_9, .input_order_link_10').hide();
// $('.input_order_link_amount_2, .input_order_link_amount_3, .input_order_link_amount_4, .input_order_link_amount_5, .input_order_link_amount_6, .input_order_link_amount_7, .input_order_link_amount_8, .input_order_link_amount_9, .input_order_link_amount_10').hide();
// Alle Order-Link-Container außer dem ersten initial ausblenden
$(".order_amount_link").not(":first").hide();
@@ -530,60 +193,28 @@ if (isset($_GET['service_item_no'])) {
});
// Preselect values only; rely on existing fetchCategoryData/getSubSubCategory to build inputs
(function() {
(function () {
var canEditCategory = <?php echo ($ticket['receiver_id'] == $GLOBALS['main_contact']['id'] || get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) ? 'true' : 'false'; ?>;
if (!canEditCategory) return;
var savedCat = <?=(int)($ticket['main_ticket_category_id'] ?? $ticket['category'] ?? 0)?>;
var savedSub = <?=(int)($ticket['main_ticket_subcategory_id'] ?? 0)?>;
var savedSubSub = <?=(int)($ticket['main_ticket_subsubcategory_id'] ?? 0)?>;
var savedCat = <?= (int) ($ticket['main_ticket_category_id'] ?? $ticket['category'] ?? 0) ?>;
function preselectChain() {
var catSelect = document.getElementById('input_category');
if (!catSelect || !savedCat || String(catSelect.value) !== String(savedCat)) return;
var tries = 0;
var t = setInterval(function() {
var sub = document.getElementById('input_subcategory');
if (sub) {
if (savedSub) {
sub.value = String(savedSub);
// Trigger both native and jQuery change to ensure listeners run
try { sub.dispatchEvent(new Event('change', { bubbles: true })); } catch(e) {}
if (window.jQuery) { jQuery(sub).trigger('change'); }
// If subsubcategory wasn't created shortly after, request it once
setTimeout(function() {
var subsubExisting = document.getElementById('input_subsubcategory');
if (!subsubExisting && typeof getSubSubCategory === 'function') {
try { getSubSubCategory(); } catch(e) {}
}
}, 250);
}
var tries2 = 0;
var t2 = setInterval(function() {
var subsub = document.getElementById('input_subsubcategory');
if (subsub) {
if (savedSubSub) {
subsub.value = String(savedSubSub);
if (window.jQuery) { jQuery(subsub).trigger('change'); }
}
clearInterval(t2);
}
if (++tries2 > 20) clearInterval(t2);
}, 100);
clearInterval(t);
}
if (++tries > 20) clearInterval(t);
}, 150);
}
// Try shortly after DOMContentLoaded handlers in main script
setTimeout(preselectChain, 300);
var catSelect = document.getElementById('input_category');
if (catSelect) {
catSelect.addEventListener('change', function() {
catSelect.addEventListener('change', function () {
setTimeout(preselectChain, 300);
});
}
})();
// if display smaller than 991px
if (window.innerWidth < 991) {
document.querySelector(".cardform_body_right").classList.toggle('is-closed');
}
</script>

View File

@@ -0,0 +1,153 @@
<?php
$formname = "form_ticket_create_card";
?>
<link rel="stylesheet" href="/module/ticketcenter/css/repair.css">
<link rel="stylesheet" href="/module/ticketcenter/css/create_cardform.css">
<script type="text/javascript"
src="/mysyde/admin/admin.js?t=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/mysyde/admin/admin.js') ?>"></script>
<form action="" id="<?= $formname ?>" name="<?= $formname ?>" method="post" enctype="multipart/form-data" class="tickets_create_cardform">
<div class="create_cardform_header">
<div class="create_cardform_header_left">
<a class="back" href="/intranet/de/ticketcenter/"><i class="fa-solid fa-arrow-left-long"></i></a>
<h2>Neue Ticket erstellen</h2>
</div>
<div class="create_cardform_header_right">
<?=button("create_ticket", "Ticket abschicken", $formname, "sendRequest('save', true)");?>
</div>
</div>
<div class="create_cardform_body">
<div class="create_cardform_content">
<div class="create_cardform_content_left">
<?php
input("Betreff*", "input_description", "text", $ticket['description'], required: true);
$query = "SELECT id, description as 'name' FROM main_tickets_category WHERE parent_id = 0 ORDER BY sorting";
input_select_from_sql("Kategorie*", "input_category[0]", $query, isset($_GET['category_id']) ? $_GET['category_id'] : null);
input("Nachricht*", "input_message", "textarea", "", "512", required: true);
input("Adresse*", "input_address", "text", "", "512", required: true);
input("Standort / Etage / Raum*", "input_location", "text", "", "512", required: true);
input("Einrichtung*", "input_facility", "text", "", "512", required: true);
// input("Versicherungsfall", "input_insurance_case", "checkbox", "off");
input("Datei hochladen", "input_image", "file", $ticket['image']);
input("cost_center", "input_cost_center", "hidden", $GLOBALS["main_contact"]["cost_center"], "512");
?>
</div>
<div class="create_cardform_content_right">
</div>
</div>
</div>
</form>
<script>
const leftCol = document.querySelector(".create_cardform_content_left");
const firstSelect = document.querySelector('#input_category\\[0\\]');
const firstInputDiv = firstSelect.closest(".input");
const firstLabelDiv = firstInputDiv.previousElementSibling; // div.label
firstSelect.addEventListener("change", function () {
onCategoryChange(0, this.value);
});
function onCategoryChange(level, categoryId) {
removeCategoryLevelsDeeperThan(level);
if (!categoryId) return;
loadSubCategories(categoryId)
.then(subs => {
if (!Array.isArray(subs) || subs.length === 0) return;
addCategorySelect(level + 1, subs);
})
.catch(err => {
console.error("Failed to load subcategories:", err);
});
}
function loadSubCategories(categoryId) {
return fetch("/module/ticketcenter/services/ticketcenter.api.php", {
method: "POST",
headers: { "Content-Type": "application/json" },
body: JSON.stringify({
action: "getSubCategories",
category_id: categoryId
})
}).then(r => {
if (!r.ok) throw new Error("HTTP " + r.status);
return r.json();
});
}
function removeCategoryLevelsDeeperThan(level) {
const selects = leftCol.querySelectorAll('select[id^="input_category["]');
selects.forEach(sel => {
const selLevel = parseLevelFromId(sel.id);
if (selLevel > level) {
const inputDiv = sel.closest(".input");
const labelDiv = inputDiv?.previousElementSibling;
if (labelDiv && labelDiv.classList.contains("label")) labelDiv.remove();
if (inputDiv) inputDiv.remove();
}
});
}
function addCategorySelect(level, subCategories) {
const labelDiv = document.createElement("div");
labelDiv.className = "label";
const label = document.createElement("label");
label.setAttribute("for", `input_category[${level}]`);
label.textContent = "Kategorie*";
labelDiv.appendChild(label);
const inputDiv = document.createElement("div");
inputDiv.className = "input";
const select = document.createElement("select");
select.name = `input_category[${level}]`;
select.id = `input_category[${level}]`;
select.className = "select";
const placeholder = document.createElement("option");
placeholder.value = "";
placeholder.textContent = "— Bitte wählen —";
placeholder.selected = true;
select.appendChild(placeholder);
subCategories.forEach(item => {
const opt = document.createElement("option");
opt.value = item.id;
opt.textContent = item.description;
select.appendChild(opt);
});
select.addEventListener("change", function () {
onCategoryChange(level, this.value);
});
inputDiv.appendChild(select);
const allCategorySelects = leftCol.querySelectorAll('select[id^="input_category["]');
const lastSelect = allCategorySelects[allCategorySelects.length - 1];
const lastInputDiv = lastSelect.closest(".input");
lastInputDiv.insertAdjacentElement("afterend", inputDiv);
inputDiv.insertAdjacentElement("beforebegin", labelDiv);
}
function parseLevelFromId(id) {
const m = id.match(/input_category\[(\d+)\]/);
return m ? parseInt(m[1], 10) : -1;
}
</script>

View File

@@ -1,941 +0,0 @@
<script type="text/javascript" src="/mysyde/admin/admin.js"></script>
<?php
$formname = "form_ticket_list";
// Enable error reporting
// ini_set('display_errors', 1);
// ini_set('display_startup_errors', 1);
// error_reporting(E_ALL);
function load_ticket_list($cue)
{
// Query to get user's department and mandant information
$contact_info_query = "SELECT
mcd.main_mandant_id,
mcd.main_department_id
FROM
main_contact_department mcd
WHERE
mcd.main_contact_id = " . $GLOBALS['main_contact']['id'];
$contact_info_result = mysqli_query($GLOBALS['mysql_con'], $contact_info_query);
$mandant_ids = [];
$department_ids = [];
while ($contact_info = mysqli_fetch_assoc($contact_info_result)) {
if (!empty($contact_info['main_mandant_id']) && !in_array($contact_info['main_mandant_id'], $mandant_ids)) {
$mandant_ids[] = $contact_info['main_mandant_id'];
}
if (!empty($contact_info['main_department_id']) && !in_array($contact_info['main_department_id'], $department_ids)) {
$department_ids[] = $contact_info['main_department_id'];
}
}
// For debugging
// echo "User Mandant IDs: " . implode(', ', $mandant_ids) . "<br>";
// echo "User Department IDs: " . implode(', ', $department_ids) . "<br>";
// Store the result in contact_info for compatibility with existing code
$contact_info = [
'mandant_ids' => implode(', ', $mandant_ids),
'department_ids' => implode(', ', $department_ids)
];
$join = "";
$additional_joins = "";
$additional_where = "";
if (isset($cue)) {
switch ($cue) {
case '1000': // Meine offenen und in bearbeitung Tickets
$where = " WHERE sender_id = " . $GLOBALS['main_contact']['id'] . " AND current_state != 4";
break;
case '1500': // Meine offenen und in bearbeitung Tickets
$where = " WHERE receiver_id = " . $GLOBALS['main_contact']['id'] . " AND current_state != 4";
break;
case '2000': // Offene Tickets der Abteilung
// $join = " LEFT JOIN main_contact_department ON main_contact_department.main_contact_id = main_tickets.receiver_id";
// $where = " WHERE current_state != 4 AND (main_contact_department.main_mandant_id =" . $GLOBALS['main_contact']['master_mandant_id'] . " OR main_tickets_category.main_mandant_id = " . $GLOBALS['main_contact']['master_mandant_id'] . ")";
$where = " WHERE 1=1 and current_state != 4 and receiver_id = 0";
// Only add these joins for case 2000
// $additional_joins = "
// -- Category contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact cat_contact
// ON main_tickets.main_ticket_category_id = cat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_department cat_dept
// ON main_tickets.main_ticket_category_id = cat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_mandant cat_mandant
// ON main_tickets.main_ticket_category_id = cat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// -- Subcategory contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact subcat_contact
// ON main_tickets.main_ticket_subcategory_id = subcat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_department subcat_dept
// ON main_tickets.main_ticket_subcategory_id = subcat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_mandant subcat_mandant
// ON main_tickets.main_ticket_subcategory_id = subcat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// -- Subsubcategory contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact subsubcat_contact
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// LEFT JOIN main_tickets_category_department subsubcat_dept
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// LEFT JOIN main_tickets_category_mandant subsubcat_mandant
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// ";
// Only add these conditions for case 2000
// $additional_where = "
// OR current_state != 4 AND (
// -- For tickets with a category but no subcategory and no subsubcategory
// main_tickets.main_ticket_subcategory_id = 0 AND
// main_tickets.main_ticket_subsubcategory_id = 0 AND (
// cat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// cat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// cat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// ) OR current_state != 4 AND (
// -- For tickets with a subcategory but no subsubcategory
// main_tickets.main_ticket_subcategory_id != 0 AND
// main_tickets.main_ticket_subsubcategory_id = 0 AND (
// subcat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// subcat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// subcat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// ) OR current_state != 4 AND (
// -- For tickets with a subsubcategory (ignore category and subcategory)
// main_tickets.main_ticket_subsubcategory_id != 0 AND (
// subsubcat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// subsubcat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// subsubcat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// )
// ";
break;
case '2500': // Offene Tickets der Abteilung
// $join = " LEFT JOIN main_contact_department ON main_contact_department.main_contact_id = main_tickets.receiver_id";
// $where = " WHERE current_state != 4 AND (main_contact_department.main_mandant_id =" . $GLOBALS['main_contact']['master_mandant_id'] . " OR main_tickets_category.main_mandant_id = " . $GLOBALS['main_contact']['master_mandant_id'] . ")";
$where = " WHERE 1=1 and current_state != 4";
// Only add these joins for case 2000
// $additional_joins = "
// -- Category contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact cat_contact
// ON main_tickets.main_ticket_category_id = cat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_department cat_dept
// ON main_tickets.main_ticket_category_id = cat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_mandant cat_mandant
// ON main_tickets.main_ticket_category_id = cat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id = 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// -- Subcategory contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact subcat_contact
// ON main_tickets.main_ticket_subcategory_id = subcat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_department subcat_dept
// ON main_tickets.main_ticket_subcategory_id = subcat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// LEFT JOIN main_tickets_category_mandant subcat_mandant
// ON main_tickets.main_ticket_subcategory_id = subcat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subcategory_id != 0
// AND main_tickets.main_ticket_subsubcategory_id = 0
// -- Subsubcategory contact, department, mandant joins
// LEFT JOIN main_tickets_category_contact subsubcat_contact
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_contact.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// LEFT JOIN main_tickets_category_department subsubcat_dept
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_dept.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// LEFT JOIN main_tickets_category_mandant subsubcat_mandant
// ON main_tickets.main_ticket_subsubcategory_id = subsubcat_mandant.main_tickets_category_id
// AND main_tickets.main_ticket_subsubcategory_id != 0
// ";
// Only add these conditions for case 2000
// $additional_where = "
// OR current_state != 4 AND (
// -- For tickets with a category but no subcategory and no subsubcategory
// main_tickets.main_ticket_subcategory_id = 0 AND
// main_tickets.main_ticket_subsubcategory_id = 0 AND (
// cat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// cat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// cat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// ) OR current_state != 4 AND (
// -- For tickets with a subcategory but no subsubcategory
// main_tickets.main_ticket_subcategory_id != 0 AND
// main_tickets.main_ticket_subsubcategory_id = 0 AND (
// subcat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// subcat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// subcat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// ) OR current_state != 4 AND (
// -- For tickets with a subsubcategory (ignore category and subcategory)
// main_tickets.main_ticket_subsubcategory_id != 0 AND (
// subsubcat_contact.main_contact_id = " . $GLOBALS['main_contact']['id'] . " OR
// subsubcat_dept.main_department_id IN (" . ($contact_info['department_ids'] ?: "0") . ") OR
// subsubcat_mandant.main_mandant_id IN (" . ($contact_info['mandant_ids'] ?: "0") . ")
// )
// )
// ";
break;
case '3000': // Alle geschlossenen Tickets
$join = " LEFT JOIN main_contact_department ON main_contact_department.main_contact_id = main_tickets.receiver_id";
$where = " WHERE main_tickets.current_state = 4 AND ((main_contact_department.main_mandant_id =" . $GLOBALS['main_contact']['master_mandant_id'] . " OR main_contact_department.main_mandant_id IS NULL) OR main_tickets.sender_id = " . $GLOBALS['main_contact']['id'] . " )";
break;
case '4000': // Alle Tickets ungefiltert
// Fix for case 4000 - set a valid WHERE clause that's always true
$where = " WHERE 1=1";
break;
case '5000': // Alle Tickets die Eskalieren (die zu lange offen/in Bearbeitung sind)
$where = " WHERE due_date <> '0000-00-00' AND due_date < CURDATE() AND current_state IN (2, 3)";
break;
case '6000': // Alle Tickets die Eskalieren (die zu lange offen/in Bearbeitung sind)
$join = " LEFT JOIN main_contact_department ON main_contact_department.main_contact_id = main_tickets.receiver_id";
$where = " WHERE receiver_id = 0 ";
// $where = " WHERE receiver_id = 0 AND main_contact_department.main_mandant_id =".$GLOBALS['main_contact']['master_mandant_id'];
break;
default:
break;
}
} else {
$where = " WHERE (receiver_id = " . $GLOBALS['main_contact']['id'] . " OR sender_id = " . $GLOBALS['main_contact']['id'] . " ) AND current_state != 4";
}
$query = "SELECT DISTINCT
main_tickets.*,
main_tickets_category.description AS 'category_description',
COALESCE(main_tickets_subsubcategory.escalation_state, main_tickets_subcategory.escalation_state, main_tickets_category.escalation_state) AS 'escalation_state',
individual_state.description AS 'individual_state_description',
main_tickets_subcategory.description AS 'subcategory_description',
main_tickets_subsubcategory.description AS 'subsubcategory_description',
receiver.name AS 'receiver',
sender.name AS 'sender',
main_tickets_state.description AS 'state',
DATE_ADD(main_tickets.creation_date, INTERVAL COALESCE(main_tickets_subsubcategory.escalation_state, main_tickets_subcategory.escalation_state, main_tickets_category.escalation_state) DAY) AS 'escalation'
FROM
main_tickets
" . $join . "
LEFT JOIN main_contact AS receiver ON receiver.id = main_tickets.receiver_id
LEFT JOIN main_contact AS sender ON sender.id = main_tickets.sender_id
LEFT JOIN main_tickets_status AS individual_state ON individual_state.id = main_tickets.individual_state
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
LEFT JOIN main_tickets_category AS main_tickets_subsubcategory ON main_tickets.main_ticket_subsubcategory_id = main_tickets_subsubcategory.id
LEFT JOIN main_tickets_state ON main_tickets.current_state = main_tickets_state.id
" . $additional_joins . "
WHERE
(" . substr($where, 7) . ")
" . $additional_where . "
ORDER BY
ticket_no DESC;";
// var_dump($query);
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = @mysqli_fetch_array($result)) {
// var_dump($row);
if ($cue == 2000) {
if (checkUserPermission($row, $contact_info) == false) {
continue; // Skip this row if the user doesn't have permission
}
}
// var_dump("-----");
// print_r($row);
$unread = "";
$query2 = "SELECT * FROM main_tickets_notification
WHERE main_ticket_id = " . $row['id'] . " AND main_contact_id = " . $GLOBALS['main_contact']['id'] . " AND viewed = 0";
// var_dump($query2);
$result2 = @mysqli_query($GLOBALS['mysql_con'], $query2);
$viewed = @mysqli_num_rows($result2);
if ($viewed != 0) {
$unread = '<i class="fa-solid fa-circle-exclamation"></i>';
}
$creation_date = new DateTime($row['creation_date']);
$last_action = new DateTime($row['last_action_date']);
$escalation = new DateTime($row['escalation']);
$now = new DateTime(); // Aktuelles Datum und Uhrzeit
$escalated = "";
if ($escalation < $now && (isset($row['escalation_state']) && $row['escalation_state'] != "0")) {
$escalated = "escalated";
}
?>
<tr id="item_<?= $row['id'] ?>" class='list_item <?= $escalated ?>' data-checked="false" data-inputname="input_id"
data-action="edit" data-inputid="<?= encryptId($row['id']) ?>">
<td><?= $unread ?></td>
<td class=ticket_numb><?= $row['ticket_no'] ?></td>
<td>
<div class="status_container">
<span class="<?= $row['state'] ?>"><?= $row['state'] ?></span>
<?php if (!empty($row['individual_state_description'])): ?>
<span class="individual_state_span"><?= $row['individual_state_description'] ?></span>
<?php endif; ?>
</div>
</td>
<td><?= "1. " . $row['category_description'] . "<br>"?>
<?= !empty($row['subcategory_description']) ? "2. " . $row['subcategory_description'] . "<br>" : '' ?>
<?= !empty($row['subsubcategory_description']) ? "3. " . $row['subsubcategory_description'] : '' ?>
</td>
<td><?= $row['description'] ?></td>
<td><?= $row['sender'] ?></td>
<td><?= $row['receiver'] ?></td>
<td><?= $creation_date->format('d.m.y H:i') ?></td>
<td><?= $last_action->format('d.m.y H:i') ?></td>
<td>
<?php
if ($row['due_date'] != "0000-00-00") {
// var_dump($due_date);
$due_date = new DateTime($row['due_date']);
if ($due_date > $now) {
echo $due_date->format('d.m.y');
} else {
echo '<span class="overdue">' . $due_date->format('d.m.y') . '</span>';
}
} else {
echo '--.--.--';
}
?>
</td>
<td><?php
$now = new DateTime(); // Current date and time
$creation = clone $creation_date; // Clone to avoid modifying the original
$interval = $now->diff($creation);
if ($interval->y > 0) {
echo $interval->y . ' Jahre, ' . $interval->m . ' Monate';
} elseif ($interval->m > 0) {
echo $interval->m . ' Monate, ' . $interval->d . ' Tage';
} elseif ($interval->d > 0) {
echo $interval->d . ' Tage, ' . $interval->h . ' Std';
} elseif ($interval->h > 0) {
echo $interval->h . ' Std, ' . $interval->i . ' Min';
} else {
echo $interval->i . ' Minuten';
}
?></td>
<?php if ($cue == 5000) { ?>
<td>
<?php if (isset($row['escalation_state']) && $row['escalation_state'] != "0") {
echo $escalation->format('d.m.y H:i');
}
?>
</td>
<?php } ?>
<?php if ($cue == 7000 || $cue == 8000) { ?>
<td>
<?php
$supplierQuery = "SELECT s.description
FROM main_ticket_suplier l
LEFT JOIN main_tickets_supliers s ON l.main_ticket_suplier_id = s.id
WHERE l.main_ticket_id = " . (int) $row['id'];
$supplierResult = mysqli_query($GLOBALS['mysql_con'], $supplierQuery);
?>
<div class="suppliers">
<?php
while ($supplier = mysqli_fetch_assoc($supplierResult)) {
echo '<span class="ticket_supplier">' . htmlspecialchars($supplier['description']) . '</span> ';
}
?>
</div>
</td>
<?php } ?>
</tr>
<?php
}
}
function checkUserPermission($row, $contact_info) {
$category_keys = [
'main_ticket_subsubcategory_id',
'main_ticket_subcategory_id',
'main_ticket_category_id'
];
foreach ($category_keys as $key) {
if (isset($row[$key]) && $row[$key] != 0) {
$category_id = $row[$key];
// 1. Direct contact match
$contacts = getContactsByCategory($category_id);
if (in_array($GLOBALS['main_contact']['id'], $contacts)) {
return true;
}
// 2. Department and mandant matching
$departments = getDepartmentsByCategory($category_id);
$mandants = getMandantsByCategory($category_id);
// var_dump($mandants);
// var_dump($departments);
// var_dump($mandants);
// $userDepartments = array_map('trim', explode(',', $contact_info['department_ids']));
// $userMandants = array_map('trim', explode(',', $contact_info['mandant_ids']));
// $hasDepartments = !empty($departments) && $departments != [0];
// $hasMandants = !empty($mandants) && $mandants != [0];
// $departmentMatch = !$hasDepartments || count(array_intersect($userDepartments, $departments)) > 0;
// $mandantMatch = !$hasMandants || count(array_intersect($userMandants, $mandants)) > 0;
// // Check if the user has access to the department and mandant
// if ($departmentMatch && $mandantMatch) {
// return true;
// }
// 3. Check if the user has access to the department and mandant
// $array_dep_mand = [];
// foreach ($departments as $department) {
// foreach ($mandants as $mandant) {
// $dep_mand_bind = [
// 'department' => $department,
// 'mandant' => $mandant
// ];
// $array_dep_mand[] = $dep_mand_bind;
// }
// }
if (empty($departments) and empty($mandants)){
return false;
} else if (empty($mandants)) {
$query = "SELECT * FROM main_contact_department WHERE main_contact_id = " . $GLOBALS['main_contact']['id'] . "
AND main_department_id IN (" . implode(',', $departments) . ")";
} else if (empty($departments)) {
$query = "SELECT * FROM main_contact_department WHERE main_contact_id = " . $GLOBALS['main_contact']['id'] . "
AND main_department_id IN (" . implode(',', $departments) . ")";
} else {
$query = "SELECT * FROM main_contact_department WHERE main_contact_id = " . $GLOBALS['main_contact']['id'] . " AND main_mandant_id IN (" . implode(',', $mandants) . ") AND main_department_id IN (" . implode(',', $departments) . ")";
}
// var_dump($query);
// var_dump($query);
$result = mysqli_query($GLOBALS['mysql_con'], $query);
if (mysqli_num_rows($result) > 0) {
return true;
}
return false;
// If we checked one level and didn't find a match - don't exit, continue to the next one
}
}
return false;
}
// 1000: Meine offenen und in Bearbeitung Tickets
$query_count_1000 = "SELECT COUNT(*) FROM main_tickets WHERE (receiver_id = " . $GLOBALS['main_contact']['id'] . " OR sender_id = " . $GLOBALS['main_contact']['id'] . " ) AND current_state != 4";
$result_1000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_1000))[0];
// 2000: Offene Tickets der Abteilung
$query_count_2000 = "SELECT COUNT(DISTINCT main_tickets.id)
FROM main_tickets
LEFT JOIN main_contact_department ON main_contact_department.main_contact_id = main_tickets.receiver_id
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
WHERE current_state != 4
AND (
main_contact_department.main_mandant_id = " . $GLOBALS['main_contact']['master_mandant_id'] . "
OR main_tickets_category.main_mandant_id = " . $GLOBALS['main_contact']['master_mandant_id'] . "
)";
$result_2000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_2000))[0];
// 3000: Alle geschlossenen Tickets
$query_count_3000 = "SELECT COUNT(*) FROM main_tickets WHERE current_state = 4";
$result_3000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_3000))[0];
// 4000: Alle Tickets ungefiltert
$query_count_4000 = "SELECT COUNT(*) FROM main_tickets";
$result_4000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_4000))[0];
// 5000: Alle eskalierenden Tickets (zu lange offen/in Bearbeitung)
$query_count_5000 = "SELECT COUNT(*)
FROM main_tickets
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
WHERE DATE_ADD(main_tickets.creation_date, INTERVAL COALESCE(main_tickets_subcategory.escalation_state, main_tickets_category.escalation_state) DAY) < NOW()
AND main_tickets.current_state IN (2, 3)";
$result_5000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_5000))[0];
// 6000: Alle nicht zugewiesenen Tickets
$query_count_6000 = "SELECT COUNT(*) FROM main_tickets WHERE receiver_id = 0";
$result_6000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_6000))[0];
// 7000: // Alle Tickets die im Bereich Einkauf sind (holen wir über main_mandant_id aus main_tickets_category = 15)
$query_count_7000 = "SELECT COUNT(*)
FROM main_tickets
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
WHERE main_tickets_category.main_mandant_id = 15
OR main_tickets_subcategory.main_mandant_id = 15 AND main_tickets.current_state != 4";
$result_7000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_7000))[0];
// 8000: // Alle Tickets die im Bereich Einkauf sind (holen wir über main_mandant_id aus main_tickets_category = 15)
$query_count_8000 = "SELECT COUNT(*)
FROM main_tickets
LEFT JOIN main_tickets_category ON main_tickets.main_ticket_category_id = main_tickets_category.id
LEFT JOIN main_tickets_category AS main_tickets_subcategory ON main_tickets.main_ticket_subcategory_id = main_tickets_subcategory.id
WHERE main_tickets_category.main_mandant_id = 15
OR main_tickets_subcategory.main_mandant_id = 15 AND main_tickets.current_state = 4";
$result_8000 = mysqli_fetch_array(mysqli_query($GLOBALS['mysql_con'], $query_count_8000))[0];
?>
<link rel="stylesheet" href="/module/ticketcenter/css/repair.css">
<form action="" id="<?= $formname ?>" name="<?= $formname ?>" method="post">
<!-- DataTables -->
<!-- <link rel="stylesheet" href="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.css" /> -->
<link rel="stylesheet" href="https://cdn.datatables.net/searchbuilder/1.8.0/css/searchBuilder.dataTables.css" />
<link rel="stylesheet" href="https://cdn.datatables.net/2.0.2/css/dataTables.semanticui.css" />
<link rel="stylesheet" href="https://cdn.datatables.net/responsive/3.0.0/css/responsive.semanticui.css" />
<script src="https://code.jquery.com/jquery-3.7.1.js"></script>
<link
href="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.0.2/af-2.7.0/b-3.0.1/b-colvis-3.0.1/b-html5-3.0.1/b-print-3.0.1/cr-2.0.0/date-1.5.2/fc-5.0.0/fh-4.0.1/kt-2.12.0/r-3.0.0/rg-1.5.0/rr-1.5.0/sc-2.4.1/sb-1.7.0/sp-2.3.0/sl-2.0.0/sr-1.4.0/datatables.min.css"
rel="stylesheet">
<script src="https://cdnjs.cloudflare.com/ajax/libs/fomantic-ui/2.9.2/semantic.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/moment.js/2.29.2/moment.min.js"></script>
<script src="https://cdn.datatables.net/datetime/1.5.2/js/dataTables.dateTime.min.js"></script>
<script src="https://cdn.datatables.net/searchbuilder/1.8.0/js/searchBuilder.dataTables.js"></script>
<script src="https://cdn.datatables.net/searchbuilder/1.8.0/js/dataTables.searchBuilder.js"></script>
<script
src="https://cdn.datatables.net/v/se/jszip-3.10.1/dt-2.0.2/af-2.7.0/b-3.0.1/b-colvis-3.0.1/b-html5-3.0.1/b-print-3.0.1/cr-2.0.0/date-1.5.2/fc-5.0.0/fh-4.0.1/kt-2.12.0/r-3.0.0/rg-1.5.0/rr-1.5.0/sc-2.4.1/sb-1.7.0/sp-2.3.0/sl-2.0.0/sr-1.4.0/datatables.min.js"></script>
<script src="https://cdn.datatables.net/2.0.2/js/dataTables.semanticui.js"></script>
<script src="https://cdn.datatables.net/responsive/3.0.0/js/dataTables.responsive.js"></script>
<script src="https://cdn.datatables.net/responsive/3.0.0/js/responsive.semanticui.js"></script>
<script src="https://cdn.datatables.net/buttons/3.0.2/js/dataTables.buttons.js"></script>
<script src="https://cdn.datatables.net/buttons/3.0.2/js/buttons.semanticui.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/jszip/3.10.1/jszip.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/vfs_fonts.js"></script>
<script src="https://cdn.datatables.net/buttons/3.0.2/js/buttons.html5.min.js"></script>
<script src="https://cdnjs.cloudflare.com/ajax/libs/pdfmake/0.2.7/pdfmake.min.js"></script>
<div class="loading" aria-busy="true"></div>
<input type='hidden' class='selected_linklist_row' name='input_id' value=''>
<div class="toolbar">
<div class="container">
<!-- <div class="right_toolbar">
<a role="button" class="secondary" href="?cue=1000">
Meine Tickets <span class="badge">(<?= $result_1000 ?>)</span>
</a>
<a role="button" class="secondary" href="?cue=2000">
Abteilungstickets <span class="badge">(<?= $result_2000 ?>)</span>
</a>
<a role="button" class="secondary" href="?cue=3000">
Archiv <span class="badge">(<?= $result_3000 ?>)</span>
</a>
<?php if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=4000">
Alle Tickets <span class="badge">(<?= $result_4000 ?>)</span>
</a>
<?php } ?>
<?php if (get_permission_state('escalated_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=5000">
Eskalierte Tickets <span class="badge">(<?= $result_5000 ?>)</span>
</a>
<?php } ?>
<?php if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=6000">
Nicht zugewiesene Tickets <span class="badge">(<?= $result_6000 ?>)</span>
</a>
<?php } ?>
</div> -->
<div class="right_toolbar">
<a role="button" class="secondary" href="?cue=1000">
Von mir erstellt <span class="badge"></span>
</a>
<a role="button" class="secondary" href="?cue=1500">
Zu bearbeitende Tickets <span class="badge"></span>
</a>
<a role="button" class="secondary" href="?cue=2000">
Ticket Pool <span class="badge"></span>
</a>
<a role="button" class="secondary" href="?cue=2500">
Ticket Übersicht <span class="badge"></span>
</a>
<a role="button" class="secondary" href="?cue=3000">
Archiv <span class="badge"></span>
</a>
<?php if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=4000">
Alle Tickets <span class="badge"></span>
</a>
<?php } ?>
<?php if (get_permission_state('escalated_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=5000">
Eskalierte Tickets <span class="badge"></span>
</a>
<?php } ?>
<?php if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) { ?>
<a role="button" class="secondary" href="?cue=6000">
Nicht zugewiesene Tickets <span class="badge"></span>
</a>
<?php } ?>
</div>
<div class="left_toolbar">
<?php if (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) == 1) {
echo button("delete", "Löschen", $formname, "sendRequest('delete', true)");
} ?>
<a role="button" class="primary" href="?action=new">Ticket erstellen</a>
</div>
</div>
</div>
<section class="listform_content">
<div class="container">
<div class="titlebar">
<?php
if (isset($_GET["cue"])) {
switch ($_GET["cue"]) {
case 1000:
$title = "Von mir erstellt";
$description = "Meine eigenen Tickets";
break;
case 1500:
$title = "Zu bearbeitende Tickets";
$description = "Meine in Bearbeitung befindlichen Tickets";
break;
case 2000:
$title = "Abteilungstickets";
$description = "Alle laufenden Abteilungstickets";
break;
case 2500:
$title = "Ticket Übersicht";
$description = "Alle laufenden Tickets";
break;
case 3000:
$title = "Archiv";
$description = "Alle geschlossenen Abteilungstickets";
break;
case 4000:
$title = "Alle Tickets";
$description = "Alle laufenden und geschlossenen Tickets";
break;
case 5000:
$title = "Eskalierte Tickets";
$description = "Alle eskalierenden Tickets";
break;
case 6000:
$title = "Nicht zugewiesene Tickets";
$description = "Alle Tickets ohne aktuellen Bearbeiter";
break;
case 7000:
$title = "Einkauf Tickets";
$description = "Alle Tickets des Bereichs Einkauf";
break;
case 8000:
$title = "Einkauf Tickets (Archiv)";
$description = "Alle Tickets des Bereichs Einkauf";
break;
default:
$title = "Tickets";
$description = "Übersicht über Tickets";
break;
}
?>
<hgroup>
<h1><?php echo htmlspecialchars($title); ?></h1>
<p><?php echo htmlspecialchars($description); ?></p>
</hgroup>
<?php
} else {
?>
<hgroup>
<h1>Ticketcenter</h1>
</hgroup>
<?php
}
?>
<div>
<!-- <div title="Datumsfilter"role="button" id="openDateFilter" class="outline"><i class="fa-solid fa-calendar-days"></i></div>
<div title="Filter"role="button" id="openSearchBuilder" class="outline"><i class="fa-solid fa-filter"></i></div> -->
<select name="select_categoty" id="">
<option value="all">Alle Kategorien</option>
<?php
$query = "SELECT * FROM main_tickets_category ORDER BY description ASC";
$result = mysqli_query($GLOBALS['mysql_con'], $query);
while ($row = mysqli_fetch_array($result)) {
echo '<option value="' . $row['description'] . '">' . htmlspecialchars($row['description']) . '</option>';
}
?>
</select>
<input type="text" title="Suche..." placeholder="Suche..." id="listform_search">
</div>
</div>
<div class="date_filter_builder">
<div class="date_filter_builder_title_row">
<div class="dtsb-title">Datumsfilter</div>
</div>
<div class="date_filter_builder_group">
<label for="min">
Datum von...
<input placeholder="Datum von..." type="text" id="min" name="min">
</label>
<label for="max">
Datum bis...
<input placeholder="Datum bis..." type="text" id="max" name="max">
</label>
</div>
</div>
<table id="ticket" class="ui celled table selectable linklist" style="width:100%">
<thead>
<tr>
<th></th>
<th>Nr.</th>
<th>Status</th>
<th>Abteilung</th>
<th>Beschreibung</th>
<th>Ersteller</th>
<th>Akt. Bearbeiter</th>
<th>Erstellt</th>
<th>Letzte Aktion</th>
<th>Zu erledigen bis</th>
<th>Geöffnet seit</th>
<?php if ($_GET['cue'] == 5000) { ?>
<th>Eskaliert am</th>
<?php } ?>
</tr>
</thead>
<tbody>
<? load_ticket_list($_GET['cue']); ?>
</tbody>
</table>
</div>
</section>
</form>
<script>
$('#ticket').DataTable({
info: false,
responsive: true,
pageLength: 20,
colReorder: false,
pagingType: 'simple_numbers',
lengthChange: false,
// lengthMenu: [10, 20, 50, 100],
paging: true,
sorting: 0,
language: {
url: '//cdn.datatables.net/plug-ins/2.0.2/i18n/de-DE.json',
searchPlaceholder: '',
search: '',
lengthMenu: 'Zeige _MENU_ Einträge',
paginate: {
next: '>',
previous: '<'
},
datetime: {
previous: 'Zurück',
next: 'Weiter',
months: ['Januar', 'Februar', 'März', 'April', 'Mai', 'Juni', 'Juli', 'August', 'September', 'Oktober', 'November', 'Dezember'],
weekdays: ['So', 'Mo', 'Di', 'Mi', 'Do', 'Fr', 'Sa'],
amPm: ['am', 'pm'],
hours: 'Stunde',
minutes: 'Minute',
seconds: 'Sekunde',
unknown: '-'
},
// searchBuilder: {
// title: {
// 0: 'Filter',
// _: 'Filters (%d)'
// },
// }
},
layout: {
// top1: {
// searchBuilder: {
// greyscale: true
// }
// },
topStart: 'pageLength',
topEnd: '',
bottomStart: {
buttons: [
{
extend: 'collection',
// split: ['copyHtml5', 'excelHtml5', 'csvHtml5', 'print']
split: ['copyHtml5', 'excelHtml5', 'csvHtml5', 'print']
}
]
},
bottomEnd: 'paging',
},
// drawCallback: function(settings) {
// initLinklist();
// }
});
var table = $('#ticket').DataTable();
// Ermöglicht das durchsuchen von Tabellen
$('#listform_search').keyup(function () {
table.search($(this).val()).draw();
})
var minDate, maxDate;
// Custom filtering function which will search data in column four between two values
DataTable.ext.search.push(function (settings, data, dataIndex) {
var min = minDate.val();
var max = maxDate.val();
var date = new Date(moment(data[1], 'DD.MM.YYYY'));
if (
(min === null && max === null) ||
(min === null && date <= max) ||
(min <= date && max === null) ||
(min <= date && date <= max)
) {
return true;
}
return false;
});
// Create date inputs
minDate = new DateTime('#min', {
format: 'DD.MM.YYYY'
});
maxDate = new DateTime('#max', {
format: 'DD.MM.YYYY'
});
// Refilter the table
$('#min, #max').on('change', function () {
table.draw();
});
$(".list_item").click(function () {
// Hole die Datenattribute aus der geklickten Zeile
var inputId = $(this).data('inputid');
// Setze den Wert des versteckten Input-Feldes auf die inputid der geklickten Zeile
$('input[name="input_id"]').val(inputId);
});
$(window).on('load', function () {
$('.loading').hide();
$('.listform_content').show();
});
$(".list_item").dblclick(function () {
// Hole die Datenattribute aus der geklickten Zeile
var action = $(this).data('action');
var inputId = $(this).data('inputid');
// Erweitere die URL mit den Parametern
var newUrl = window.location.href.split('?')[0] + '?action=' + action + '&id=' + inputId;
// Aktualisiere die URL
window.location.href = newUrl;
});
// Funktion zum Ãffnen/Schließen der Filter Search Groups vom DataTable
$('#openSearchBuilder').click(function () {
$(".dtsb-searchBuilder").toggle();
$(this).toggleClass("active")
});
// Funktion zum Ãffnen/Schließen der Date Filter vom DataTable
$('#openDateFilter').click(function () {
$(".date_filter_builder").toggle();
$(this).toggleClass("active")
});
$(document).ready(function () {
// Hole den Wert des cue-Parameters aus der URL
const urlParams = new URLSearchParams(window.location.search);
const cue = urlParams.get('cue');
// Wenn ein cue-Wert vorhanden ist, füge die Klasse active zum passenden Button hinzu
if (cue) {
$(`a[href="?cue=${cue}"]`).addClass('active');
}
});
document.addEventListener('DOMContentLoaded', function () {
const urlParams = new URLSearchParams(window.location.search);
const cue = urlParams.get('cue');
if (cue) {
sessionStorage.setItem('lastCue', cue);
}
});
document.addEventListener('DOMContentLoaded', function () {
function filterByCategory() {
const selectedCategory = $('select[name="select_categoty"]').val();
console.log("Selected category:", selectedCategory);
const table = $('#ticket').DataTable();
if (selectedCategory === 'all') {
// Zeige alle Zeilen
table.column(3).search('').draw();
} else {
// Filtere nach der ausgewählten Kategorie (Spalte 3 ist "Abteilung")
table.column(3).search(selectedCategory, true, false).draw();
}
}
// Event Listener für die Kategorie-Auswahl
$('select[name="select_categoty"]').on('change', filterByCategory);
});
</script>

View File

@@ -1,42 +0,0 @@
<?php
session_start();
$currDir = __DIR__;
$rootDir = dirname(dirname($currDir));
$mysydeDir = $rootDir . '/mysyde';
require_once($rootDir . '/vendor/autoload.php');
require_once($rootDir . "/mysyde/frontend/frontend_functions.inc.php");
$envDir = $rootDir . '/config';
$envFilePath = $envDir . '/.env';
if (is_dir($envDir) && file_exists($envFilePath) && is_file($envFilePath) && is_readable($envFilePath)) {
$dotenv = new \Dotenv\Dotenv($envDir);
$dotenv->load();
}
$common = $mysydeDir ."/common/common_functions.inc.php";
require_once($common);
$connEnv = (local_environment()) ? $mysydeDir."/dc.config.php" : $mysydeDir."/dc-server.config.php";
require_once($connEnv);
db_connect();
if ($_SERVER["REQUEST_METHOD"] == "POST") {
$category_id = $_POST['category_id'];
$query = "SELECT * FROM main_tickets_category WHERE parent_id = ".$category_id." ORDER BY sorting";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
if (mysqli_num_rows($result) <= 0) {
return;
}
echo "<div class='label'><label for='input_subsubcategory'>Genaue Beschreibung</label></div>";
echo "<div class='input'>";
echo "<select name='input_subsubcategory' id='input_subsubcategory' class='select' required>";
echo "<option value=''>Auswählen..</option>";
while($row = @mysqli_fetch_array($result)){
echo "<option value='".$row['id']."'>".$row['description']."</option>";
}
echo "</select>";
echo "</div>";
}

View File

@@ -564,18 +564,24 @@ function getFormData(_form) {
* @param _confirmtext
* @returns {Boolean}
*/
function sendRequest(_action, _load_without_check, _confirmtext) {
function sendRequest(_action, _load_without_check, _confirmtext, sub_get = "") {
// variable zum pruefen ob in einer linkliste ein element markiert wurde
var load_without_check = _load_without_check || false;
if (load_without_check === false) {
var currentMarkedLinklistRow = jQuery('.linklist_active', jQuery('#' + dc.current_formname));
var currentMarkedLinklistRow = jQuery(
".linklist_active",
jQuery("#" + dc.current_formname)
);
if (dc.current_linklist === null || currentMarkedLinklistRow.length <= 0) {
return;
}
var input_id = currentMarkedLinklistRow.data('inputid');
jQuery('input.selected_linklist_row', jQuery('#' + dc.current_formname)).val(input_id);
var input_id = currentMarkedLinklistRow.data("inputid");
jQuery(
"input.selected_linklist_row",
jQuery("#" + dc.current_formname)
).val(input_id);
}
var confirmtext = _confirmtext || false;
@@ -585,14 +591,21 @@ function sendRequest(_action, _load_without_check, _confirmtext) {
}
}
if (dc.overlay_mode === true) {
jQuery('#overlayLoader').show();
} else {
jQuery('#mainContent').find('.requestLoader').show();
// Проверка обязательных полей
var form = document.getElementById(dc.current_formname);
if (!form.checkValidity()) {
form.reportValidity();
return false;
}
jQuery('#' + dc.current_formname).attr("action", "?action=" + _action);
jQuery('#' + dc.current_formname).submit();
if (dc.overlay_mode === true) {
jQuery("#overlayLoader").show();
} else {
jQuery("#mainContent").find(".requestLoader").show();
}
jQuery('#' + dc.current_formname).attr("action", "?action=" + _action + "&sub_get=" + sub_get);
jQuery("#" + dc.current_formname).submit();
}
/**
@@ -832,11 +845,16 @@ function myFunction(counter) {
console.log("myDropdown" + counter);
}
function openGallery(input_id, image_id, type){
function openGallery(input_id, image_id, type, select_mode){
var currentDate = new Date();
var unixTimestamp = Math.floor(currentDate.getTime() / 1000);
var selectionMode = select_mode || '';
var popupURL = '/components/files/filegallery_content.inc.php?input_id='+input_id+'&image_id='+image_id+'&type='+type+'&time='+unixTimestamp;
if (selectionMode !== 'single' && selectionMode !== 'multi') {
selectionMode = (type === 'filegallery') ? 'single' : 'multi';
}
var popupURL = '/components/files/filegallery_content.inc.php?input_id='+input_id+'&image_id='+image_id+'&type='+type+'&select_mode='+selectionMode+'&time='+unixTimestamp;
var popup = window.open(popupURL, 'Popup-Fenster', 'width=1080,height=720');
}

View File

@@ -46,6 +46,21 @@ function mysqli_result( $res, $row = 0, $col = 0 ) {
return FALSE;
}
function encryptId($id)
{
$encryptedId = base64_encode($id . "EC1ibm38FI53cxmSnQUi");
return $encryptedId;
}
// Entschlüsselt eine zuvor verschlüsselte ID, um ihre ursprüngliche Form wiederherzustellen.
function decryptId($encryptedId)
{
$decryptedId = base64_decode($encryptedId);
$id = str_replace("EC1ibm38FI53cxmSnQUi", "", $decryptedId);
return $id;
}
// Verbindung mir der Datenbank herstellen
function db_connect() {
$servername = $GLOBALS['myservername'];
@@ -57,6 +72,9 @@ function db_connect() {
@mysqli_select_db($GLOBALS['mysql_con'], $db) or die (mysqli_error($GLOBALS['mysql_con']) . " - Keine Verbindung hergestellt!");
@mysqli_query($GLOBALS['mysql_con'], "set character set 'utf8';");
@mysqli_query($GLOBALS['mysql_con'], "set names 'utf8';");
$pdo = new PDO('mysql:host='.$servername.';dbname='.$db, $login, $pass);
$GLOBALS['pdo_conn'] = $pdo;
}
// Globales führen der Reihenfolge in der Felder angewählt werden

View File

@@ -59,7 +59,7 @@ function listUsers(){
}
echo "<div class='user-wrapper'>";
if($main_contact['image'] == ""){
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter-mann-compressor.jpg'></div></td>";
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/platzhalter.png'></div></td>";
}else{
echo "<td><div class='img_container'><img class='img-fluid' src='/userdata/intranet/contact/".$main_contact['image']."'></div></td>";
}

View File

@@ -2,7 +2,8 @@
$translation = \DynCom\mysyde\common\classes\Registry::get('translation');
$adminMenu = \DynCom\mysyde\common\classes\Adminmenu::get(0);
function check_if_betriebsrat_role($admin_user) {
function check_if_betriebsrat_role($admin_user)
{
// Angepasste SQL-Abfrage, um nach is_betriebsrat = 1 zu filtern
$query = "SELECT * FROM main_admin_user WHERE is_betriebsrat = 1 AND id = " . $admin_user;
@@ -23,7 +24,8 @@ $is_betriebsrat = check_if_betriebsrat_role($admin_user['id']);
function create_collections_menu($site, $language, $translation) {
function create_collections_menu($site, $language, $translation)
{
// Greife auf die globale Variable $is_betriebsrat zu
global $is_betriebsrat;
@@ -31,9 +33,12 @@ function create_collections_menu($site, $language, $translation) {
if ($is_betriebsrat == 1) {
?>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/collections/17/">Aktuelles</a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/knowledge/category/">Wiki Kategorien</a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="/mysyde/awo/de/collections/3/">Wiki Beiträge</a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
href="/mysyde/awo/de/collections/17/">Aktuelles</a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
href="/mysyde/awo/de/knowledge/category/">Wiki Kategorien</a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
href="/mysyde/awo/de/collections/3/">Wiki Beiträge</a>
</li>
<?php
@@ -41,7 +46,7 @@ function create_collections_menu($site, $language, $translation) {
}
// Andernfalls, führe die normale Logik zur Menüerstellung aus
$query = "SELECT * FROM main_collection_setup WHERE (main_language_id = " . (int)$GLOBALS["language"]['id'] . " OR all_languages = 1) AND show_in_menu = 1";
$query = "SELECT * FROM main_collection_setup WHERE (main_language_id = " . (int) $GLOBALS["language"]['id'] . " OR all_languages = 1) AND show_in_menu = 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
// Prüfe, ob das Ergebnis mindestens eine Zeile hat
@@ -53,7 +58,8 @@ function create_collections_menu($site, $language, $translation) {
while ($row = @mysqli_fetch_assoc($result)) {
?>
<li class='structure_nav'>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>" href="<?php echo get_menu_link('collections/'.$row['id'], $site, $language); ?>"><?php echo $row['description'] ?></a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $row['id']) ? 'active' : ''; ?>"
href="<?php echo get_menu_link('collections/' . $row['id'], $site, $language); ?>"><?php echo $row['description'] ?></a>
</li>
<?php
}
@@ -64,7 +70,8 @@ function create_collections_menu($site, $language, $translation) {
function create_module_menu($site, $language, $translation, $adminMenu){
function create_module_menu($site, $language, $translation, $adminMenu)
{
global $is_betriebsrat;
// Wenn $is_betriebsrat gleich 1 ist, gib "Test" aus und beende die Funktion
@@ -83,17 +90,18 @@ function create_module_menu($site, $language, $translation, $adminMenu){
while ($i <= $count) {
$row = @mysqli_fetch_assoc($result);
$second_menu = FALSE;
if(isset($adminMenu[$row['code']])){
if(isset($adminMenu[$row['code']]['subsites'])){
if (isset($adminMenu[$row['code']])) {
if (isset($adminMenu[$row['code']]['subsites'])) {
$second_menu = TRUE;
}
}
$href = '#';
if($second_menu == TRUE){?>
if ($second_menu == TRUE) { ?>
<li class='structure_nav toggle_li parent_dropdown'>
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>" href="<?= $href?>"><?php echo $row['title'] ?></a>
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>"
href="<?= $href ?>"><?php echo $row['title'] ?></a>
<ul class='site_dropdown_new'>
<?php
$x = 0;
@@ -101,12 +109,14 @@ function create_module_menu($site, $language, $translation, $adminMenu){
$key = array_keys($adminMenu[$row['code']]['subsites']);
?>
<li class=''>
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>" href="<?php echo get_menu_link($row['code']."/".$key[$x], $site, $language); ?>"><?php echo $subsite['name'] ?></a>
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>"
href="<?php echo get_menu_link($row['code'] . "/" . $key[$x], $site, $language); ?>"><?php echo $subsite['name'] ?></a>
</li>
<?php
if($adminMenu[$row['code']]['name'] == 'Firmenwiki'){?>
if ($adminMenu[$row['code']]['name'] == 'Firmenwiki') { ?>
<li class=''>
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>" href="<?php echo get_menu_link('collections/3', $site, $language); ?>">Beiträge</a>
<a class=" <?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == $key[$x]) ? 'active' : ''; ?>"
href="<?php echo get_menu_link('collections/3', $site, $language); ?>">Beiträge</a>
</li>
<?php }
$x++;
@@ -114,9 +124,10 @@ function create_module_menu($site, $language, $translation, $adminMenu){
?>
</ul>
</li>
<?php }else{ ?>
<?php } else { ?>
<li class='structure_nav toggle_li'>
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>" href="<?php echo get_menu_link($row['code'], $site, $language); ?>"><?php echo $row['title'] ?></a>
<a class=" <?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == $row['code']) ? 'active' : ''; ?>"
href="<?php echo get_menu_link($row['code'], $site, $language); ?>"><?php echo $row['title'] ?></a>
</li>
<?php }
$i++;
@@ -135,8 +146,10 @@ function create_module_menu($site, $language, $translation, $adminMenu){
if ($is_betriebsrat == 0) {
?>
<li class="structure_nav group small">
<a href="<?= get_menu_link('collections', $site, $language);?>" class="<?= (isset($_GET["level_1"]) && $_GET["level_1"] == "collections") ? 'active' : ''; ?>"><svg
xmlns="http://www.w3.org/2000/svg" width="14.701" height="20.582" viewBox="0 0 14.701 20.582">
<a href="<?= get_menu_link('collections', $site, $language); ?>"
class="<?= (isset($_GET["level_1"]) && $_GET["level_1"] == "collections") ? 'active' : ''; ?>"><svg
xmlns="http://www.w3.org/2000/svg" width="14.701" height="20.582"
viewBox="0 0 14.701 20.582">
<g id="kollektion" transform="translate(2139 296)">
<path id="Pfad_1" data-name="Pfad 1"
d="M21.23,7.617,16.085,2.471a.667.667,0,0,0-.514-.22H8.22a1.474,1.474,0,0,0-1.47,1.47V21.363a1.474,1.474,0,0,0,1.47,1.47H19.981a1.474,1.474,0,0,0,1.47-1.47V8.131a.668.668,0,0,0-.22-.514Zm-5.66-3.6,4.116,4.116H15.571Zm4.41,17.347H8.22V3.72H14.1v4.41a1.474,1.474,0,0,0,1.47,1.47h4.41Z"
@@ -158,19 +171,25 @@ function create_module_menu($site, $language, $translation, $adminMenu){
<!-- Module -->
<div class="group-wrapper module">
<li class="structure_nav group small toggle_trigger">
<a href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "module") ? 'active' : ''; ?>"><svg xmlns="http://www.w3.org/2000/svg" width="36" height="35.827" viewBox="0 0 36 35.827">
<a href="#"
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "module") ? 'active' : ''; ?>"><svg
xmlns="http://www.w3.org/2000/svg" width="36" height="35.827" viewBox="0 0 36 35.827">
<g id="box-seam" transform="translate(0 -0.173)">
<path id="Pfad_26" data-name="Pfad 26" d="M18.419,2.5a1.125,1.125,0,0,0-.837,0L4.154,7.875l5.409,2.162L23.409,4.5Zm8.019,3.208L12.591,11.25,18,13.412,31.846,7.875,26.437,5.713Zm7.313,3.825-14.625,5.85V33.212l14.625-5.85V9.54ZM16.875,33.215V15.386L2.25,9.538V27.365ZM16.747.414a3.375,3.375,0,0,1,2.507,0l16.04,6.417A1.125,1.125,0,0,1,36,7.875v19.49a2.25,2.25,0,0,1-1.415,2.088L18.419,35.919a1.125,1.125,0,0,1-.837,0L1.417,29.453A2.25,2.25,0,0,1,0,27.365V7.875A1.125,1.125,0,0,1,.707,6.831Z" fill-rule="evenodd"/>
<path id="Pfad_26" data-name="Pfad 26"
d="M18.419,2.5a1.125,1.125,0,0,0-.837,0L4.154,7.875l5.409,2.162L23.409,4.5Zm8.019,3.208L12.591,11.25,18,13.412,31.846,7.875,26.437,5.713Zm7.313,3.825-14.625,5.85V33.212l14.625-5.85V9.54ZM16.875,33.215V15.386L2.25,9.538V27.365ZM16.747.414a3.375,3.375,0,0,1,2.507,0l16.04,6.417A1.125,1.125,0,0,1,36,7.875v19.49a2.25,2.25,0,0,1-1.415,2.088L18.419,35.919a1.125,1.125,0,0,1-.837,0L1.417,29.453A2.25,2.25,0,0,1,0,27.365V7.875A1.125,1.125,0,0,1,.707,6.831Z"
fill-rule="evenodd" />
</g>
</svg>
<?php echo $adminMenu['module']['name']; ?></a>
</li>
<div class="toggle_menu">
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "contactform") ? 'active' : ''; ?>" href="<?php echo get_menu_link('contactform', $site, $language); ?>"><?php echo $translation->get('left_contactforms'); ?></a>
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "contactform") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('contactform', $site, $language); ?>"><?php echo $translation->get('left_contactforms'); ?></a>
</li>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "photo_approve") ? 'active' : ''; ?>" href="<?php echo get_menu_link('photo_approve', $site, $language); ?>"><?php echo $translation->get('photo_approve'); ?></a>
<a class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "photo_approve") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('photo_approve', $site, $language); ?>"><?php echo $translation->get('photo_approve'); ?></a>
</li>
<?php create_module_menu($site, $language, $translation, $adminMenu); ?>
</div>
@@ -180,36 +199,45 @@ function create_module_menu($site, $language, $translation, $adminMenu){
if ($is_betriebsrat == 0) {
?>
<div class='group-wrapper module'>
<li class="structure_nav group small">
<a class='cms' href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "intranet") ? 'active' : ''; ?>">
<li class="structure_nav group small toggle_trigger">
<a class='cms' href="#"
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "intranet") ? 'active' : ''; ?>">
<svg xmlns="http://www.w3.org/2000/svg" width="31.5" height="31.5" viewBox="0 0 31.5 31.5">
<g id="dashboard" transform="translate(-2.25 -2.25)">
<path id="Pfad_135" data-name="Pfad 135" d="M27,23.625h2.25V29.25H27Z"/>
<path id="Pfad_136" data-name="Pfad 136" d="M22.5,18h2.25V29.25H22.5Z"/>
<path id="Pfad_137" data-name="Pfad 137" d="M12.375,29.25A5.632,5.632,0,0,1,6.75,23.625H9a3.375,3.375,0,1,0,3.375-3.375V18a5.625,5.625,0,0,1,0,11.25Z"/>
<path id="Pfad_138" data-name="Pfad 138" d="M31.5,2.25H4.5A2.252,2.252,0,0,0,2.25,4.5v27A2.252,2.252,0,0,0,4.5,33.75h27a2.253,2.253,0,0,0,2.25-2.25V4.5A2.252,2.252,0,0,0,31.5,2.25Zm0,10.125H15.75V4.5H31.5ZM13.5,4.5v7.875h-9V4.5Zm-9,27V14.625h27l0,16.875Z"/>
<path id="Pfad_135" data-name="Pfad 135" d="M27,23.625h2.25V29.25H27Z" />
<path id="Pfad_136" data-name="Pfad 136" d="M22.5,18h2.25V29.25H22.5Z" />
<path id="Pfad_137" data-name="Pfad 137"
d="M12.375,29.25A5.632,5.632,0,0,1,6.75,23.625H9a3.375,3.375,0,1,0,3.375-3.375V18a5.625,5.625,0,0,1,0,11.25Z" />
<path id="Pfad_138" data-name="Pfad 138"
d="M31.5,2.25H4.5A2.252,2.252,0,0,0,2.25,4.5v27A2.252,2.252,0,0,0,4.5,33.75h27a2.253,2.253,0,0,0,2.25-2.25V4.5A2.252,2.252,0,0,0,31.5,2.25Zm0,10.125H15.75V4.5H31.5ZM13.5,4.5v7.875h-9V4.5Zm-9,27V14.625h27l0,16.875Z" />
</g>
</svg>
<?php echo $translation->get("intranet_basics") ?></a>
</li>
<div class="toggle_menu">
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_contact") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_contact', $site, $language); ?>"><?php echo $translation->get('top_contact'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_contact") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_contact', $site, $language); ?>"><?php echo $translation->get('top_contact'); ?></a>
</li>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_mandant") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_mandant', $site, $language); ?>"><?php echo $translation->get('top_mandant'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_mandant") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_mandant', $site, $language); ?>"><?php echo $translation->get('top_mandant'); ?></a>
</li>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_department") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_department', $site, $language); ?>"><?php echo $translation->get('top_department'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_department") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_department', $site, $language); ?>"><?php echo $translation->get('top_department'); ?></a>
</li>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_space") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_space', $site, $language); ?>"><?php echo $translation->get('top_space'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_space") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_space', $site, $language); ?>"><?php echo $translation->get('top_space'); ?></a>
</li>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_facility") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_facility', $site, $language); ?>"><?php echo $translation->get('Einrichtungen'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_facility") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_facility', $site, $language); ?>"><?php echo $translation->get('Einrichtungen'); ?></a>
</li>
<li class="structure_nav">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_role") ? 'active' : ''; ?>" href="<?php echo get_menu_link('intranet/config_role', $site, $language); ?>"><?php echo $translation->get('top_role'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "config_role") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('intranet/config_role', $site, $language); ?>"><?php echo $translation->get('top_role'); ?></a>
</li>
@@ -222,8 +250,9 @@ function create_module_menu($site, $language, $translation, $adminMenu){
?>
<!-- CMS-System -->
<li class="structure_nav group small toggle_trigger">
<a class="cms" href="#" class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "structure") ? 'active' : ''; ?>"> <svg
xmlns="http://www.w3.org/2000/svg" width="19.548" height="19.557" viewBox="0 0 19.548 19.557">
<a class="cms" href="#"
class="<?php echo (isset($_GET["level_1"]) && $_GET["level_1"] == "structure") ? 'active' : ''; ?>">
<svg xmlns="http://www.w3.org/2000/svg" width="19.548" height="19.557" viewBox="0 0 19.548 19.557">
<g id="struktur" transform="translate(2141 225)">
<path id="Pfad_4" data-name="Pfad 4" d="M10.4,7.448a.7.7,0,1,1-.7-.7A.7.7,0,0,1,10.4,7.448Z"
transform="translate(-2145.811 -228.957)" fill="#fff" />
@@ -236,21 +265,26 @@ function create_module_menu($site, $language, $translation, $adminMenu){
</li>
<div class="toggle_menu">
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "sites") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/sites', $site, $language); ?>"><?php echo $translation->get('left_sites'); ?></a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "sites") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('structure/sites', $site, $language); ?>"><?php echo $translation->get('left_sites'); ?></a>
</li>
<?php
if ($is_betriebsrat == 0) {
?>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "navigation") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/navigation', $site, $language); ?>"><?php echo $translation->get('left_navigation'); ?></a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "navigation") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('structure/navigation', $site, $language); ?>"><?php echo $translation->get('left_navigation'); ?></a>
</li>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "components") ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/components', $site, $language); ?>"><?php echo $translation->get('left_components'); ?></a>
<a class="<?php echo (isset($_GET["level_2"]) && $_GET["level_2"] == "components") ? 'active' : ''; ?>"
href="<?php echo get_menu_link('structure/components', $site, $language); ?>"><?php echo $translation->get('left_components'); ?></a>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/files', $site, $language); ?>"><?php echo $translation->get('left_files'); ?></a>
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>"
href="<?php echo get_menu_link('structure/files', $site, $language); ?>"><?php echo $translation->get('left_files'); ?></a>
</li>
<li class="structure_nav toggle_li">
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>" href="<?php echo get_menu_link('structure/video_uploud', $site, $language); ?>"><?php echo $translation->get('video_uploud'); ?></a>
<a class="<?php echo (isset($_GET['level_2']) && $_GET['level_2'] == 'files') ? 'active' : ''; ?>"
href="<?php echo get_menu_link('structure/video_uploud', $site, $language); ?>"><?php echo $translation->get('video_uploud'); ?></a>
</li>
<?php
}
@@ -259,7 +293,9 @@ function create_module_menu($site, $language, $translation, $adminMenu){
</div>
<div class='main_menu'>
<div class="sitelanguage-version"><?php echo current_website_language($site, $language); ?><div class="version">v.23.1</div></div>
<div class="sitelanguage-version"><?php echo current_website_language($site, $language); ?>
<div class="version">v.23.1</div>
</div>
<div class="theme-switch">
<div>
<input type="checkbox" class="checkbox" id="theme-toggle" />
@@ -277,7 +313,8 @@ function create_module_menu($site, $language, $translation, $adminMenu){
<a href="#"><?php echo $translation->get("signed_user") . ": " . $admin_user["name"]; ?></i></a>
<ul>
<li class="menu_userdata">
<a href="<?php echo get_menu_link('config/config_users', $site, $language, "?action=open_card&input_id=" . $admin_user['id']); ?>"><?php echo $translation->get('my_account'); ?></a>
<a
href="<?php echo get_menu_link('config/config_users', $site, $language, "?action=open_card&input_id=" . $admin_user['id']); ?>"><?php echo $translation->get('my_account'); ?></a>
</li>
<li class="spacer">&nbsp;</li>
@@ -292,31 +329,38 @@ function create_module_menu($site, $language, $translation, $adminMenu){
<a href="#"><i class="bi bi-sliders"></i></a>
<ul>
<li>
<a href="<?php echo get_menu_link('config/config_websites', $site, $language); ?>"><?php echo $translation->get('top_websites'); ?></a>
<a
href="<?php echo get_menu_link('config/config_websites', $site, $language); ?>"><?php echo $translation->get('top_websites'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/config_language', $site, $language); ?>"><?php echo $translation->get('top_languages'); ?></a>
<a
href="<?php echo get_menu_link('config/config_language', $site, $language); ?>"><?php echo $translation->get('top_languages'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/config_users', $site, $language); ?>"><?php echo $translation->get('top_users'); ?></a>
<a
href="<?php echo get_menu_link('config/config_users', $site, $language); ?>"><?php echo $translation->get('top_users'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/config_layouts', $site, $language); ?>"><?php echo $translation->get('top_layouts'); ?></a>
<a
href="<?php echo get_menu_link('config/config_layouts', $site, $language); ?>"><?php echo $translation->get('top_layouts'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/config_collections', $site, $language); ?>"><?php echo $translation->get('top_collections_config'); ?></a>
<a
href="<?php echo get_menu_link('config/config_collections', $site, $language); ?>"><?php echo $translation->get('top_collections_config'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/config_url_management', $site, $language); ?>"><?php echo $translation->get('url_management'); ?></a>
<a
href="<?php echo get_menu_link('config/config_url_management', $site, $language); ?>"><?php echo $translation->get('url_management'); ?></a>
</li>
<li>
<a href="<?php echo get_menu_link('config/sitemap', $site, $language); ?>"><?php echo $translation->get('sitemap'); ?></a>
<a
href="<?php echo get_menu_link('config/sitemap', $site, $language); ?>"><?php echo $translation->get('sitemap'); ?></a>
</li>
</ul>
</li>
@@ -353,15 +397,14 @@ function create_module_menu($site, $language, $translation, $adminMenu){
</nav>
<script>
//Dark Mode Light Mode Switch Header
var toggle = document.getElementById("theme-toggle");
// Dark Mode Light Mode Switch Header
var toggle = document.getElementById("theme-toggle");
var storedTheme = localStorage.getItem('theme') || (window.matchMedia("(prefers-color-scheme: light)").matches ? "dark" : "light");
if (storedTheme)
var storedTheme = localStorage.getItem('theme') || (window.matchMedia("(prefers-color-scheme: light)").matches ? "dark" : "light");
if (storedTheme)
document.documentElement.setAttribute('data-theme', storedTheme)
toggle.onclick = function() {
toggle.onclick = function () {
var currentTheme = document.documentElement.getAttribute("data-theme");
var targetTheme = "light";
@@ -371,28 +414,96 @@ toggle.onclick = function() {
document.documentElement.setAttribute('data-theme', targetTheme)
localStorage.setItem('theme', targetTheme);
};
};
const menuToggle = document.querySelector('.menu-toggle');
const menuToggle = document.querySelector('.menu-toggle');
menuToggle.addEventListener('click', () => {
menuToggle.addEventListener('click', () => {
const isOpened = menuToggle.getAttribute('aria-expanded') === "true";
isOpened ? closeMenu() : openMenu();
});
});
function openMenu() {
function openMenu() {
menuToggle.setAttribute('aria-expanded', "true");
}
function closeMenu() {
}
function closeMenu() {
menuToggle.setAttribute('aria-expanded', "false");
}
function saveMenuState() {
const openMenus = [];
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
if (el.classList.contains('rotate_chevron')) {
openMenus.push(index);
}
});
localStorage.setItem('openMenus', JSON.stringify(openMenus));
}
function restoreMenuState() {
const saved = localStorage.getItem('openMenus');
let openMenus;
if (saved === null) {
openMenus = [];
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
openMenus.push(index);
});
localStorage.setItem('openMenus', JSON.stringify(openMenus));
} else {
openMenus = JSON.parse(saved);
}
document.querySelectorAll('li.structure_nav.group.small').forEach((el, index) => {
if (openMenus.includes(index)) {
el.classList.add('rotate_chevron');
$(el).next().children(".toggle_li").show();
}
});
}
$(".parent_dropdown").click(function(){
$(this).children(".site_dropdown_new").toggle();
});
restoreMenuState();
$("li.structure_nav.group.small").click(function(){
$("li.structure_nav.group.small").click(function () {
$(this).toggleClass("rotate_chevron");
$(this).next().children(".toggle_li").toggle();
});
saveMenuState();
});
function saveDropdownState() {
const openDropdowns = [];
document.querySelectorAll('.parent_dropdown').forEach((el, index) => {
if ($(el).children(".site_dropdown_new").is(":visible")) {
openDropdowns.push(index);
}
});
localStorage.setItem('openDropdowns', JSON.stringify(openDropdowns));
}
function restoreDropdownState() {
const openDropdowns = JSON.parse(localStorage.getItem('openDropdowns') || '[]');
document.querySelectorAll('.parent_dropdown').forEach((el, index) => {
if (openDropdowns.includes(index)) {
$(el).children(".site_dropdown_new").show();
}
});
}
restoreDropdownState();
$(".parent_dropdown").click(function () {
$(this).children(".site_dropdown_new").toggle();
saveDropdownState();
});
function fixNavHeight() {
const nav = document.querySelector('.main_navigation');
const bottomBar = document.querySelector('.main_menu:nth-child(2)');
if (!nav || !bottomBar) return;
const bottomBarHeight = bottomBar.offsetHeight;
nav.style.height = (window.innerHeight - 160 - bottomBarHeight) + 'px';
}
fixNavHeight();
window.addEventListener('resize', fixNavHeight);
</script>

View File

@@ -244,6 +244,12 @@ class Adminmenu {
'include' => MODULE_PATH . "ticketcenter/ticketcenter.inc.php",
'linklistmenu' => TRUE,
'subsites' => array(
// 'settings' => array(
// 'name' => $translation->get('Einstelungen'),
// 'include' => MODULE_PATH . "ticketcenter/views/settings/settings.inc.php",
// 'admin_start_parameter' => "",
// 'linklistmenu' => TRUE
// ),
'category' => array(
'name' => $translation->get('category'),
'include' => MODULE_PATH . "ticketcenter/views/category/category.inc.php",

View File

@@ -38,7 +38,19 @@ function showBasicAuth($realm): void
header('HTTP/1.0 401 Unauthorized');
die();
}
function encryptId($id)
{
$encryptedId = base64_encode($id . "EC1ibm38FI53cxmSnQUi");
return $encryptedId;
}
// Entschlüsselt eine zuvor verschlüsselte ID, um ihre ursprüngliche Form wiederherzustellen.
function decryptId($encryptedId)
{
$decryptedId = base64_decode($encryptedId);
$id = str_replace("EC1ibm38FI53cxmSnQUi", "", $decryptedId);
return $id;
}
//mysqli_result analog zu mysql_result
function mysqli_result( $res, $row = 0, $col = 0 ) {
if ($row >= 0 && @mysqli_num_rows($res) > $row) {
@@ -1239,6 +1251,7 @@ function navigation_fullmenu_rek( $site, $language, $navigation, $parent_id, $le
if( $nav["code"] == '404' ){
$display = " style='display:none;' ";
}
if($nav["code"] == 'home' || $nav["code"] == 'startseite' || $nav["is_home_page"] == 1){
$addr = '/';
}
@@ -1249,6 +1262,9 @@ function navigation_fullmenu_rek( $site, $language, $navigation, $parent_id, $le
if($nav['forward_type'] == 4){
$link = "";
}
if( $nav["code"] == 'ticketcenter' and (get_permission_state('all_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) != 1 and get_permission_state('show_tickets', $GLOBALS['main_contact']['master_mandant_id'], $GLOBALS['main_contact']['id']) != 1)){
continue;
}
$if_query = "(content_id IS NOT NULL AND content_type != 'collection') OR content_id IS NULL OR (content_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id']." AND content_type = 'collection')";
// $if_query = "main_collection_mandant_link.main_collection_id IS NOT NULL AND main_mandant_id = ".$GLOBALS['main_contact']['current_mandant_id'];
$query2 = "SELECT * FROM main_page_link LEFT JOIN main_collection ON main_collection.main_collection_setup_id = main_page_link.main_collection_setup_id LEFT JOIN intranet_mandant_link ON main_collection.id = intranet_mandant_link.content_id WHERE (".$if_query.") AND main_page_id = ".$nav['forward_page_id']." AND main_collection_list = 1 AND main_collection.id NOT IN (SELECT main_collection_id FROM main_collection_read WHERE main_contact_id = ".$GLOBALS['main_contact']['id'].") AND main_collection.readable = 1";
@@ -3143,7 +3159,7 @@ function update_sitepart_changes( $sitepartId, $headerId, $delete = FALSE ) {
// }
//}
function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disabled = FALSE, $evaluate = FALSE, $script = "", $idSuffix = '' ) {
function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disabled = FALSE, $evaluate = FALSE, $script = "", $idSuffix = '', $required = FALSE ) {
if ($evaluate && $value == "") {
//$eval_string = "<font color=\"red\">Bitte füllen Sie dieses Feld aus</font>";
$typ = $typ . "_error";
@@ -3151,6 +3167,8 @@ function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disa
//$eval_string = "";
}
$eval_string = "";
$required_text = ($required) ? " required=\"required\"" : "";
if ($typ != "smalltext_cc_2_error" && $typ != "hidden") {
echo "<div class=\"label " . $inputname . "\"><label for=\"" . $inputname . "\" >" . $name . "</label></div>";
}
@@ -3168,63 +3186,62 @@ function input( $name, $inputname, $typ, $value = "on", $maxlength = NULL, $disa
switch ($typ) {
case "smalltextarea":
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"small\"" . $disabled_text . $maxlength_text . ">" . $value . "</textarea></div>\n";
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"small\"" . $disabled_text . $maxlength_text . $required_text . ">" . $value . "</textarea></div>\n";
break;
case "textarea":
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"normal\"" . $disabled_text . $maxlength_text . ">" . $value . "</textarea></div>\n";
echo "<div class=\"input " . $inputname . "\"><textarea name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"normal\"" . $disabled_text . $maxlength_text . $required_text . ">" . $value . "</textarea></div>\n";
break;
case "smalltext_cn_1_error":
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
break;
case "smalltext_cn_1":
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
echo "<div class=\"input_2\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
break;
case "smalltext_cn_2_error":
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
break;
case "smalltext_cn_2":
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "\n";
break;
case "file":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"file\" /></div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"file\"" . $required_text . " /></div>\n";
break;
case "checkbox":
$checked_text = ($value == "on") ? "checked=\"checked\"" : "";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname.$idSuffix . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " " . $script . "/>" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname.$idSuffix . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " " . $script . "/>" . $eval_string . "</div>\n";
break;
case "checkbox_shop":
$checked_text = ($value == "on") ? "checked=\"checked\"" : "";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox_shop\" type=\"checkbox\"" . $disabled_text . $checked_text . " " . $script . "/>" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox_shop\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " " . $script . "/>" . $eval_string . "</div>\n";
break;
case "checkbox_with_formreload":
$checked_text = ($value) ? "checked=\"checked\"" : "";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " onclick=\"this.form.submit();\"/>" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " onclick=\"this.form.submit();\"/>" . $eval_string . "</div>\n";
break;
case "checkbox_with_formreload_checked":
$checked_text = ($value) ? "checked=\"checked\"" : "";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . " onclick=\"this.form.submit();\"/></div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"checkbox\" type=\"checkbox\"" . $disabled_text . $checked_text . $required_text . " onclick=\"this.form.submit();\"/></div>\n";
break;
case "password":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"password\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /></div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"password\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" /></div>\n";
break;
case "date":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"date\" type=\"date\"" . $script . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /></div> \n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"date\" type=\"date\"" . $script . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" /></div> \n";
break;
case "input_pref_delivery_date":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " readonly /></div> \n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " readonly /></div> \n";
break;
//case "input_pref_delivery_date": echo "<div class=\"input\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"code\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" /><img src=\"/layout/frontend/haendler/img/calendar_icon.png\" width=\"15\" height=\"16\" onclick='fPopCalendar(\"date\")' /></div> \n"; break;
case "hidden":
echo "<input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"hidden\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />\n";
break;
case "number":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"number\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"number\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
break;
case "color":
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"color\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"color\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " min=\"0\" />" . $eval_string . "</div>\n";
break;
default:
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "</div>\n";
echo "<div class=\"input " . $inputname . "\"><input name=\"" . $inputname . "\" id=\"" . $inputname . "\" class=\"" . $typ . "\" type=\"text\"" . $disabled_text . $maxlength_text . $required_text . " value=\"" . $value . "\" " . $script . " />" . $eval_string . "</div>\n";
break;
}
}

View File

@@ -138,7 +138,7 @@
<? get_content("horizontal_nav_bar",null,$IOCContainer); ?>
<a href="/awo/de/profil/">
<?php
$profile_image = 'platzhalter-mann-compressor.jpg';
$profile_image = 'platzhalter.png';
if($GLOBALS['main_contact']['image'] != ""){
$profile_image = $GLOBALS['main_contact']['image'];
}

View File

@@ -0,0 +1,682 @@
<?php
declare(strict_types=1);
const SESSION_COOKIE_CANDIDATES = ['sidintranet', 'sidcms', 'mysyde', 'PHPSESSID', 'sidawo'];
const LOGIN_REDIRECT = '/';
const USERDATA_BASE_DIR = __DIR__ . '/../../userdata';
const USE_X_SENDFILE = true;
const ALLOW_PHP_STREAM_FALLBACK = true;
const MEDIA_CACHE_MAX_AGE = 3600;
const TRUSTED_PROXY_HEADER = true;
const STREAM_CHUNK_SIZE = 1048576;
const ENABLE_INLINE_SVG_FOR_IMAGE_REQUESTS = true;
const ENABLE_TEMP_SESSION_DEBUG = false;
// Optional hardening: e.g. ['icons/', 'logos/']; empty array allows all paths.
const INLINE_SVG_ALLOWED_PATH_PREFIXES = [];
// Main flow:
// 1. Start session (cookie hardening)
// 2. Enforce authentication
// 3. Validate + deliver requested file (X-Sendfile preferred, PHP fallback)
bootstrapSession();
maybeOutputSessionDebug();
requireAuthenticatedUser();
serveRequestedFile();
function bootstrapSession(): void
{
ini_set('session.use_only_cookies', '1');
ini_set('session.use_strict_mode', '1');
session_set_cookie_params([
'lifetime' => 0,
'path' => '/',
'secure' => isSecureConnection(),
'httponly' => true,
'samesite' => 'Lax',
]);
$availableCookies = [];
foreach (SESSION_COOKIE_CANDIDATES as $cookieName) {
if (isset($_COOKIE[$cookieName]) && $_COOKIE[$cookieName] !== '') {
$availableCookies[] = $cookieName;
}
}
if ($availableCookies === []) {
session_start();
return;
}
foreach ($availableCookies as $cookieName) {
if (session_name() !== $cookieName) {
session_name($cookieName);
}
session_id((string)$_COOKIE[$cookieName]);
session_start();
if (isCurrentSessionAuthenticated()) {
return;
}
session_write_close();
}
// No authenticated session found: reopen the first available session.
$fallbackCookie = $availableCookies[0];
if (session_name() !== $fallbackCookie) {
session_name($fallbackCookie);
}
session_id((string)$_COOKIE[$fallbackCookie]);
session_start();
}
function requireAuthenticatedUser(): void
{
$loginId = (int)($_SESSION['login_id'] ?? 0);
$adminId = (int)(
$_SESSION['id']
?? $_SESSION['main_admin_user_id']
?? $_SESSION['admin_user_id']
?? 0
);
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
$hasAdminSid = (
session_name() === 'sidcms'
&& $sidCmsCookie !== ''
&& (
hash_equals($sidCmsCookie, session_id())
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''))
)
);
$hasAdminAuthFlags = isAdminSessionFlagSet();
if ($loginId <= 0 && !($hasAdminSid && ($adminId > 0 || $hasAdminAuthFlags))) {
header('Location: ' . LOGIN_REDIRECT, true, 302);
exit;
}
// Release session lock early so parallel media requests do not block.
session_write_close();
}
function maybeOutputSessionDebug(): void
{
if (!ENABLE_TEMP_SESSION_DEBUG) {
return;
}
$debugFlag = strtolower(trim((string)($_GET['__debug_session'] ?? '0')));
if (!in_array($debugFlag, ['1', 'true', 'yes'], true)) {
return;
}
$sessionId = session_id();
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
$loginId = (int)($_SESSION['login_id'] ?? 0);
$adminId = (int)(
$_SESSION['id']
?? $_SESSION['main_admin_user_id']
?? $_SESSION['admin_user_id']
?? 0
);
$hasAdminSid = (
session_name() === 'sidcms'
&& $sidCmsCookie !== ''
&& (
hash_equals($sidCmsCookie, $sessionId)
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''))
)
);
$hasAdminAuthFlags = isAdminSessionFlagSet();
$payload = [
'debug' => true,
'session_name' => session_name(),
'session_id' => $sessionId,
'cookie_candidates_present' => array_values(array_filter(
SESSION_COOKIE_CANDIDATES,
static fn(string $name): bool => !empty($_COOKIE[$name])
)),
'auth_evaluation' => [
'login_id' => $loginId,
'admin_id' => $adminId,
'has_admin_sid' => $hasAdminSid,
'has_admin_auth_flags' => $hasAdminAuthFlags,
'would_pass_auth' => ($loginId > 0) || ($hasAdminSid && ($adminId > 0 || $hasAdminAuthFlags)),
],
'session' => $_SESSION,
'cookies' => $_COOKIE,
'request' => [
'method' => (string)($_SERVER['REQUEST_METHOD'] ?? ''),
'uri' => (string)($_SERVER['REQUEST_URI'] ?? ''),
'remote_addr' => (string)($_SERVER['REMOTE_ADDR'] ?? ''),
],
];
while (ob_get_level() > 0) {
ob_end_clean();
}
header('Content-Type: application/json; charset=UTF-8');
header('Cache-Control: no-store, no-cache, must-revalidate, max-age=0');
header('Pragma: no-cache');
echo json_encode($payload, JSON_PRETTY_PRINT | JSON_UNESCAPED_UNICODE | JSON_UNESCAPED_SLASHES);
exit;
}
function isCurrentSessionAuthenticated(): bool
{
$loginId = (int)($_SESSION['login_id'] ?? 0);
if ($loginId > 0) {
return true;
}
if (session_name() !== 'sidcms') {
return false;
}
$adminId = (int)(
$_SESSION['id']
?? $_SESSION['main_admin_user_id']
?? $_SESSION['admin_user_id']
?? 0
);
if ($adminId <= 0 && !isAdminSessionFlagSet()) {
return false;
}
$sidCmsCookie = (string)($_COOKIE['sidcms'] ?? '');
if ($sidCmsCookie === '') {
return false;
}
return hash_equals($sidCmsCookie, session_id())
|| hash_equals($sidCmsCookie, (string)($_SESSION['sidcms'] ?? ''));
}
function isAdminSessionFlagSet(): bool
{
if (!empty($_SESSION['IsAuthorized'])) {
return true;
}
if ((int)($_SESSION['session_login'] ?? 0) > 0) {
return true;
}
if ((int)($_SESSION['admin_login'] ?? 0) > 0) {
return true;
}
return false;
}
function serveRequestedFile(): void
{
$requestMethod = strtoupper((string)($_SERVER['REQUEST_METHOD'] ?? 'GET'));
if (!in_array($requestMethod, ['GET', 'HEAD'], true)) {
header('Allow: GET, HEAD', true, 405);
exit;
}
$relativePath = requestedRelativePath();
if ($relativePath === '') {
http_response_code(400);
echo 'Bad Request';
exit;
}
$baseDir = realpath(USERDATA_BASE_DIR);
if ($baseDir === false || !is_dir($baseDir)) {
http_response_code(500);
echo 'Storage Not Configured';
exit;
}
$resolvedPath = realpath($baseDir . DIRECTORY_SEPARATOR . $relativePath);
if ($resolvedPath === false || !is_file($resolvedPath) || !is_readable($resolvedPath)) {
http_response_code(404);
echo 'Not Found';
exit;
}
if (!isInsideBasePath($resolvedPath, $baseDir)) {
http_response_code(403);
echo 'Forbidden';
exit;
}
deliverFile($resolvedPath, $relativePath, $requestMethod === 'HEAD');
}
function requestedRelativePath(): string
{
// PHP already decodes $_GET values; do not decode again.
$rawPath = (string)($_GET['file'] ?? '');
$rawPath = trim(str_replace('\\', '/', $rawPath));
$rawPath = ltrim($rawPath, '/');
$rawPath = preg_replace('#/+#', '/', $rawPath) ?? '';
if ($rawPath === '' || str_contains($rawPath, "\0")) {
return '';
}
$segments = explode('/', $rawPath);
foreach ($segments as $segment) {
if ($segment === '' || $segment === '.' || $segment === '..') {
return '';
}
}
return $rawPath;
}
function isInsideBasePath(string $resolvedPath, string $baseDir): bool
{
$base = rtrim($baseDir, DIRECTORY_SEPARATOR) . DIRECTORY_SEPARATOR;
return strncmp($resolvedPath, $base, strlen($base)) === 0;
}
function deliverFile(string $absolutePath, string $relativePath, bool $headOnly): void
{
$fileSize = filesize($absolutePath);
if ($fileSize === false || $fileSize < 0) {
http_response_code(500);
echo 'Unable to read file metadata';
exit;
}
$lastModifiedTs = filemtime($absolutePath);
if ($lastModifiedTs === false) {
$lastModifiedTs = time();
}
$mimeType = detectSafeMimeType($absolutePath, $relativePath);
$isInlineSvg = ($mimeType === 'image/svg+xml');
$isMedia = isMediaMimeType($mimeType);
$etag = buildEtag($absolutePath, $fileSize, $lastModifiedTs);
$ifNoneMatch = trim((string)($_SERVER['HTTP_IF_NONE_MATCH'] ?? ''));
if ($ifNoneMatch !== '' && requestEtagMatches($ifNoneMatch, $etag)) {
sendNotModified($etag, $lastModifiedTs, $isMedia, $isInlineSvg);
}
$ifModifiedSince = trim((string)($_SERVER['HTTP_IF_MODIFIED_SINCE'] ?? ''));
if ($ifNoneMatch === '' && $ifModifiedSince !== '' && requestNotModifiedSince($ifModifiedSince, $lastModifiedTs)) {
sendNotModified($etag, $lastModifiedTs, $isMedia, $isInlineSvg);
}
$useXSendfile = shouldUseXSendfile();
$rangeRequest = ['status' => 'none'];
if ($isMedia && !$useXSendfile) {
$rangeRequest = parseRangeHeader((string)($_SERVER['HTTP_RANGE'] ?? ''), $fileSize);
if ($rangeRequest['status'] === 'invalid') {
sendRangeNotSatisfiable($fileSize, $etag, $lastModifiedTs, $isMedia);
}
}
sendSharedSecurityHeaders($isInlineSvg);
sendCacheHeaders($isMedia);
header('Content-Type: ' . $mimeType);
header('ETag: "' . $etag . '"');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
header('Content-Disposition: inline; filename="' . sanitizeFilenameForHeader(basename($absolutePath)) . '"');
if ($isMedia) {
header('Accept-Ranges: bytes');
}
if ($useXSendfile) {
header('X-Sendfile: ' . $absolutePath);
exit;
}
if ($rangeRequest['status'] !== 'none' || ALLOW_PHP_STREAM_FALLBACK || !USE_X_SENDFILE) {
streamFileWithPhp($absolutePath, $fileSize, $headOnly, $rangeRequest);
}
// X-Sendfile requested, but not available and fallback disabled.
http_response_code(503);
echo 'File delivery backend unavailable';
exit;
}
function sendSharedSecurityHeaders(bool $isInlineSvg = false): void
{
if ($isInlineSvg) {
// Inline SVG only for image requests with a strict CSP.
header("Content-Security-Policy: default-src 'none'; img-src data:; style-src 'unsafe-inline'; script-src 'none'; object-src 'none'; base-uri 'none'; sandbox");
header('X-Content-Type-Options: nosniff');
return;
}
header("Content-Security-Policy: default-src 'none'; style-src 'unsafe-inline'; img-src data:; sandbox");
header('X-Content-Type-Options: nosniff');
}
function sendCacheHeaders(bool $isMedia): void
{
if ($isMedia) {
header('Cache-Control: private, max-age=' . (string)MEDIA_CACHE_MAX_AGE . ', must-revalidate');
return;
}
header('Cache-Control: private, no-store, no-cache, must-revalidate, max-age=0');
header('Pragma: no-cache');
header('Expires: 0');
}
function sendNotModified(string $etag, int $lastModifiedTs, bool $isMedia, bool $isInlineSvg = false): void
{
http_response_code(304);
sendSharedSecurityHeaders($isInlineSvg);
sendCacheHeaders($isMedia);
header('ETag: "' . $etag . '"');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
exit;
}
function sendRangeNotSatisfiable(int $fileSize, string $etag, int $lastModifiedTs, bool $isMedia): void
{
http_response_code(416);
sendSharedSecurityHeaders();
sendCacheHeaders($isMedia);
header('ETag: "' . $etag . '"');
header('Last-Modified: ' . gmdate('D, d M Y H:i:s', $lastModifiedTs) . ' GMT');
header('Content-Range: bytes */' . (string)$fileSize);
exit;
}
function shouldUseXSendfile(): bool
{
if (!USE_X_SENDFILE) {
return false;
}
if (!function_exists('apache_get_modules')) {
return false;
}
$modules = apache_get_modules();
return in_array('mod_xsendfile', $modules, true) || in_array('mod_xsendfile.c', $modules, true);
}
function streamFileWithPhp(string $absolutePath, int $fileSize, bool $headOnly, array $rangeRequest): void
{
$start = 0;
$end = $fileSize > 0 ? $fileSize - 1 : 0;
$statusCode = 200;
if ($rangeRequest['status'] === 'range') {
$start = $rangeRequest['start'];
$end = $rangeRequest['end'];
$statusCode = 206;
header('Content-Range: bytes ' . $start . '-' . $end . '/' . $fileSize);
}
$length = ($fileSize > 0) ? ($end - $start + 1) : 0;
http_response_code($statusCode);
header('Content-Length: ' . (string)$length);
if ($headOnly || $length <= 0) {
exit;
}
$handle = fopen($absolutePath, 'rb');
if ($handle === false) {
http_response_code(500);
echo 'Unable to open file stream';
exit;
}
while (ob_get_level() > 0) {
ob_end_clean();
}
if ($start > 0) {
fseek($handle, $start);
}
$bytesRemaining = $length;
while ($bytesRemaining > 0 && !feof($handle)) {
$chunkSize = (int)min(STREAM_CHUNK_SIZE, $bytesRemaining);
$buffer = fread($handle, $chunkSize);
if ($buffer === false || $buffer === '') {
break;
}
echo $buffer;
flush();
$bytesRemaining -= strlen($buffer);
}
fclose($handle);
exit;
}
function parseRangeHeader(string $rangeHeader, int $fileSize): array
{
$rangeHeader = trim($rangeHeader);
if ($rangeHeader === '') {
return ['status' => 'none'];
}
if ($fileSize <= 0 || !str_starts_with($rangeHeader, 'bytes=')) {
return ['status' => 'invalid'];
}
$rangeValue = trim(substr($rangeHeader, 6));
if ($rangeValue === '' || str_contains($rangeValue, ',')) {
return ['status' => 'invalid'];
}
if (!preg_match('/^(\d*)-(\d*)$/', $rangeValue, $matches)) {
return ['status' => 'invalid'];
}
$startRaw = $matches[1];
$endRaw = $matches[2];
if ($startRaw === '' && $endRaw === '') {
return ['status' => 'invalid'];
}
if ($startRaw === '') {
$suffixLength = (int)$endRaw;
if ($suffixLength <= 0) {
return ['status' => 'invalid'];
}
$suffixLength = min($suffixLength, $fileSize);
$start = $fileSize - $suffixLength;
$end = $fileSize - 1;
return ['status' => 'range', 'start' => $start, 'end' => $end];
}
$start = (int)$startRaw;
if ($start >= $fileSize) {
return ['status' => 'invalid'];
}
if ($endRaw === '') {
$end = $fileSize - 1;
} else {
$end = (int)$endRaw;
if ($end < $start) {
return ['status' => 'invalid'];
}
$end = min($end, $fileSize - 1);
}
return ['status' => 'range', 'start' => $start, 'end' => $end];
}
function requestEtagMatches(string $ifNoneMatchHeader, string $etag): bool
{
$ifNoneMatchHeader = trim($ifNoneMatchHeader);
if ($ifNoneMatchHeader === '*') {
return true;
}
$parts = explode(',', $ifNoneMatchHeader);
foreach ($parts as $part) {
$candidate = trim($part);
if ($candidate === '') {
continue;
}
if (str_starts_with($candidate, 'W/')) {
$candidate = substr($candidate, 2);
}
$candidate = trim($candidate, " \t\n\r\0\x0B\"");
if ($candidate === $etag) {
return true;
}
}
return false;
}
function requestNotModifiedSince(string $ifModifiedSinceHeader, int $lastModifiedTs): bool
{
$requestTs = strtotime($ifModifiedSinceHeader);
if ($requestTs === false) {
return false;
}
return $lastModifiedTs <= $requestTs;
}
function buildEtag(string $absolutePath, int $fileSize, int $lastModifiedTs): string
{
return sha1($absolutePath . '|' . $fileSize . '|' . $lastModifiedTs);
}
function isMediaMimeType(string $mimeType): bool
{
$normalized = strtolower(trim($mimeType));
if ($normalized === '') {
return false;
}
if (str_starts_with($normalized, 'image/') || str_starts_with($normalized, 'video/') || str_starts_with($normalized, 'audio/')) {
return true;
}
return in_array($normalized, [
'application/dash+xml',
'application/x-mpegurl',
'application/vnd.apple.mpegurl',
'vnd.apple.mpegurl',
], true);
}
function detectSafeMimeType(string $absolutePath, string $relativePath): string
{
$mimeType = 'application/octet-stream';
$finfo = finfo_open(FILEINFO_MIME_TYPE);
if ($finfo !== false) {
$detected = finfo_file($finfo, $absolutePath);
finfo_close($finfo);
if (is_string($detected) && $detected !== '') {
$mimeType = $detected;
}
}
$dangerousMimeTypes = [
'text/html',
'application/xhtml+xml',
'image/svg+xml',
'text/xml',
'application/xml',
'text/xsl',
'application/javascript',
'text/javascript',
];
if ($mimeType === 'image/svg+xml' && shouldServeSvgInline($relativePath)) {
return $mimeType;
}
if (in_array($mimeType, $dangerousMimeTypes, true)) {
return 'application/octet-stream';
}
return $mimeType;
}
function shouldServeSvgInline(string $relativePath): bool
{
if (!ENABLE_INLINE_SVG_FOR_IMAGE_REQUESTS) {
return false;
}
$fetchDest = strtolower(trim((string)($_SERVER['HTTP_SEC_FETCH_DEST'] ?? '')));
if ($fetchDest !== '' && $fetchDest !== 'image') {
return false;
}
if ($fetchDest === '') {
$accept = strtolower(trim((string)($_SERVER['HTTP_ACCEPT'] ?? '')));
if ($accept === '' || !str_contains($accept, 'image/')) {
return false;
}
}
$normalizedPath = strtolower(ltrim(str_replace('\\', '/', $relativePath), '/'));
if ($normalizedPath === '') {
return false;
}
if (INLINE_SVG_ALLOWED_PATH_PREFIXES === []) {
return true;
}
foreach (INLINE_SVG_ALLOWED_PATH_PREFIXES as $prefix) {
$normalizedPrefix = strtolower(ltrim(str_replace('\\', '/', (string)$prefix), '/'));
if ($normalizedPrefix === '') {
continue;
}
$normalizedPrefix = rtrim($normalizedPrefix, '/') . '/';
if (str_starts_with($normalizedPath, $normalizedPrefix)) {
return true;
}
}
return false;
}
function sanitizeFilenameForHeader(string $filename): string
{
return preg_replace('/[^A-Za-z0-9._-]/', '_', $filename) ?? 'download';
}
function isSecureConnection(): bool
{
$https = strtolower((string)($_SERVER['HTTPS'] ?? ''));
if ($https !== '' && $https !== 'off') {
return true;
}
if ((int)($_SERVER['SERVER_PORT'] ?? 80) === 443) {
return true;
}
if (TRUSTED_PROXY_HEADER) {
$forwardedProto = strtolower((string)($_SERVER['HTTP_X_FORWARDED_PROTO'] ?? ''));
return $forwardedProto === 'https';
}
return false;
}

View File

@@ -237,6 +237,15 @@ if ($GLOBALS["site"]["use_session_id"]) {
session_start();
}
// // Temporary debug switch for test environment
// if (isset($_SESSION['login_id']) && (int)$_SESSION['login_id'] === 827) {
// $_SESSION['login_id'] = 1054; // Rainer Braun
// // Clear stale user-related globals
// unset($GLOBALS['main_contact']);
// unset($GLOBALS['admin_user_frontend']);
// }
if (!$GLOBALS["site"]["use_session_id"]) {
}

View File

@@ -37,15 +37,17 @@ switch ($_GET["action"]) {
break;
}
function open_card() {?>
function open_card()
{ ?>
<script type="text/javascript">
openCardOnStart = true;
openCardAction = 'new';
</script>
<?php }
function edit_contact( $_id = "", $messages = array() ) {
if ((int)$_id > 0) {
function edit_contact($_id = "", $messages = array())
{
if ((int) $_id > 0) {
$input_id = $_id;
} else {
$input_id = $_POST["input_id"];
@@ -74,7 +76,7 @@ function edit_contact( $_id = "", $messages = array() ) {
if (count($result) == 1) {
$input_contact = $result[0];
$input_contact["password"] = "nochange";
echo "<script>console.log('".$input_id."')</script>";
echo "<script>console.log('" . $input_id . "')</script>";
require_once("edit_contact_cardform.inc.php");
}
} else {
@@ -83,16 +85,17 @@ function edit_contact( $_id = "", $messages = array() ) {
}
}
function delete_contact($curr_contact_id) {
function delete_contact($curr_contact_id)
{
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
if ($_POST["input_id"] <> '') {
if ($_POST["input_id"] <> $curr_contact_id) {
$query = "DELETE FROM main_contact WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
$deleteDepartment = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_department WHERE main_contact_id=".$_POST["input_id"]);
$deletePermission = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=".$_POST["input_id"]);
$deleteProfileContent = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_profile_content WHERE main_contact_id=".$_POST["input_id"]);
$deleteSkills = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_skills WHERE main_contact_id=".$_POST["input_id"]);
$deleteDepartment = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_department WHERE main_contact_id=" . $_POST["input_id"]);
$deletePermission = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $_POST["input_id"]);
$deleteProfileContent = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_profile_content WHERE main_contact_id=" . $_POST["input_id"]);
$deleteSkills = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_skills WHERE main_contact_id=" . $_POST["input_id"]);
} else {
header('EDIT_ERROR: 1');
$messages[] = "<div class=\"errorbox\">" . $translation->get("contact_error5") . "</div>";
@@ -102,17 +105,27 @@ function delete_contact($curr_contact_id) {
require_once("edit_contact_listform.inc.php");
}
function save_contact() {
// Hinweis:
// Da die Mandanten-Auswahl im Frontend aktuell deaktiviert ist (kein change_mandant möglich),
// wird der current_mandant_id beim Speichern eines Kontakts immer auf den master_mandant_id gesetzt.
// Hintergrund: Ohne sichtbaren Mandantenwechsel bleibt der alte current_mandant bestehen,
// was zu falscher Darstellung im Profil (z.B. falsche Rolle/Bereich) führt.
// Durch diese Anpassung wird sichergestellt, dass der Benutzer immer im korrekten Mandanten geladen wird.
//
// -> Fix implementiert von FA Ticket T26-1218 ∙ Fehlerhafte Darstellung Intranet
function save_contact()
{
$messages = array();
$error = FALSE;
$input_id = "";
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
if($_POST['input_password'] != ""){
if ($_POST['input_password'] != "") {
$password = md5($_POST['input_password']);
$query = "UPDATE main_contact SET
password = '".$password."'
WHERE id = '".$_POST['input_id']."' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'],$query);
password = '" . $password . "'
WHERE id = '" . $_POST['input_id'] . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
$birthday = new DateTime($_POST['input_birthday']);
@@ -130,7 +143,8 @@ function save_contact() {
birthday = '" . $birthday->format('Y-m-d') . "',
phone_no = '" . $_POST['input_phone_no'] . "',
birthday_state = '" . $_POST['input_birthday_state'] . "',
master_mandant_id = '" . $_POST['master_mandant_id'] . "'
master_mandant_id = '" . $_POST['master_mandant_id'] . "',
current_mandant_id = '" . $_POST['master_mandant_id'] . "'
WHERE id = '" . $_POST["input_id"] . "' LIMIT 1";
} else {
$query = "INSERT INTO main_contact (id, name, email, shortcut, password, address, post_code, city, birthday, birthday_state, phone_no, cost_center, master_mandant_id, current_mandant_id, active) VALUES (
@@ -166,23 +180,23 @@ function save_contact() {
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
$query2 = "INSERT INTO main_contact_profile_content (id, main_contact_id) VALUES (
NULL,
'" . $input_id. "'
'" . $input_id . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $query2);
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success1") . '</div>';
} else {
$messages[] = '<div class="successbox">' . $translation->get("contact_msg_success2") . '</div>';
}
if(isset($_FILES) && $_FILES['input_image']['size'] != 0 ){
if (isset($_FILES) && $_FILES['input_image']['size'] != 0) {
$fileName = saveImage('input_image', $input_id);
$query = "UPDATE main_contact SET
image = '" . $fileName. "'
image = '" . $fileName . "'
WHERE id = '" . $input_id . "' LIMIT 1";
@mysqli_query($GLOBALS['mysql_con'],$query);
@mysqli_query($GLOBALS['mysql_con'], $query);
}
save_mandant_link($_POST, $input_id);
save_permission($input_id);
echo "<script>console.log('".$input_id."')</script>";
echo "<script>console.log('" . $input_id . "')</script>";
edit_contact($input_id, $messages);
} else {
header('EDIT_ERROR: 1');
@@ -194,59 +208,90 @@ function save_contact() {
}
}
function report_new_emp() {
function report_new_emp()
{
$message = "Neuer Mitarbeiter wurde registriert!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (mail_create("Neuer Mitarbeiter", // titel
if (
mail_create(
"Neuer Mitarbeiter", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file, "", "", 0, "", $spid)) {
$file,
"",
"",
0,
"",
$spid
)
) {
mail_send();
}
}
function report_emp_dismissal() {
function report_emp_dismissal()
{
$message = "Der Mitarbeiter muss entlassen werden!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (mail_create("Mitarbeiter entlassen!", // titel
if (
mail_create(
"Mitarbeiter entlassen!", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file, "", "", 0, "", $spid)) {
$file,
"",
"",
0,
"",
$spid
)
) {
mail_send();
}
}
function hausausweis_request() {
function hausausweis_request()
{
$message = "Der Mitarbeiter soll einen Hausausweis erhalten!" .
"<br> Name:" . $_POST['input_name'] .
"<br> Email:" . $_POST['input_email'];
if (mail_create("Der Mitarbeiter soll einen Hausausweis erhalten!", // titel
if (
mail_create(
"Der Mitarbeiter soll einen Hausausweis erhalten!", // titel
$message,
"intranet@awo-hamburg.de", // wer send
"helpdesk@awo-hamburg.de", // wer kriegt
"AWO Hamburg", // name des senders
"AWO Hamburg IT", // name des empfängers
FALSE,
$file, "", "", 0, "", $spid)) {
$file,
"",
"",
0,
"",
$spid
)
) {
mail_send();
}
}
function saveImage($filekey, $input_id){
function saveImage($filekey, $input_id)
{
$erlaubte_endungen = array("jpg", "jpeg", "gif", "png");
$filename = strtolower($_FILES[$filekey]['name']);
$filename_expl = explode(".", $filename);
@@ -262,13 +307,14 @@ function saveImage($filekey, $input_id){
return $saveFilename;
}
function delete_contact_image(){
function delete_contact_image()
{
$contact_id = $_POST['input_id'];
$query = "SELECT * FROM main_contact WHERE id =".$contact_id." LIMIT 1";
$query = "SELECT * FROM main_contact WHERE id =" . $contact_id . " LIMIT 1";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
$contact = @mysqli_fetch_array($result);
if(!empty($contact)){
if (!empty($contact)) {
$filename = $contact['image'];
require_once("intranet_config.inc.php");
@@ -284,7 +330,8 @@ function delete_contact_image(){
}
function save_mandant_link($contacts, $contact_id) {
function save_mandant_link($contacts, $contact_id)
{
// $contact_id als Integer absichern
$contact_id = intval($contact_id);
@@ -299,7 +346,7 @@ function save_mandant_link($contacts, $contact_id) {
foreach ($contacts as $key => $value) {
if (strpos($key, needle: 'input_mandant_') === 0 && $value != 0) {
$mandants[] = $value;
} elseif (strpos($key, needle: 'input_mandant_') === 1 && $value == 0 ) {
} elseif (strpos($key, needle: 'input_mandant_') === 1 && $value == 0) {
$mandants[] = $value;
}
}
@@ -322,16 +369,20 @@ function save_mandant_link($contacts, $contact_id) {
$input_id = mysqli_insert_id($GLOBALS['mysql_con']);
if ($i === 0) {
$query2 = "UPDATE main_contact SET master_mandant_id = " . $mandantEscaped . " WHERE id = " . $contact_id;
$query2 = "UPDATE main_contact
SET master_mandant_id = " . $mandantEscaped . ",
current_mandant_id = " . $mandantEscaped . "
WHERE id = " . $contact_id;
mysqli_query($GLOBALS['mysql_con'], $query2);
}
}
}
// Weitere Verarbeitung
save_contact_department($contacts, $contact_id);
}
function save_contact_department($contacts, $contact_id) {
function save_contact_department($contacts, $contact_id)
{
// Arrays initialisieren
$mandants = [];
$departments = [];
@@ -397,17 +448,18 @@ function save_contact_department($contacts, $contact_id) {
}
}
function load_mandant_list($contact){
function load_mandant_list($contact)
{
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query = "SELECT * FROM main_mandant";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($mandant = @mysqli_fetch_array($result)) {
while ($mandant = @mysqli_fetch_array($result)) {
$mandant_id = $mandant['id'];
$check_master_mandant = ($contact['master_mandant_id'] == $mandant_id) ? 'checked' : '';
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '".$contact['id']."' AND main_mandant_id = '".$mandant_id."'";
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "' AND main_mandant_id = '" . $mandant_id . "'";
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$contact_link = @mysqli_fetch_array($result_contact);
@@ -422,16 +474,21 @@ function load_mandant_list($contact){
?>
<tr>
<td><?= $mandant['description'] ?></td>
<td><input class="checkbox_square" type="checkbox" name="active_<?= $mandant_id?>" <?= $check_active ?>></td>
<td><input class="checkbox_square" type="radio" name="master_mandant_id" value='<?= $mandant_id?>' <?= $check_master_mandant ?>></td>
<td><?= input_select_from_sql("", "input_department_".$mandant_id, $query_department, $contact_link['main_department_id'], FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_".$mandant_id, $query_bereich, $contact_link['main_bereich_id'], FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_".$mandant_id, $query_einricht, $contact_link['main_einricht_id'], FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql("", "input_role_".$mandant_id, $query_role, $contact_link['main_role_id'], FALSE, FALSE, "", TRUE); ?></td>
<td><?= input("", "input_phone_no_".$mandant_id, "text", $contact_link["phone_no"], 100); ?></td>
<td><?= input("", "input_email_".$mandant_id, "text", $contact_link["email"], 100); ?></td>
<!-- <?php if ($GLOBALS['admin_user']['control_permissions'] == 1){?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant_id?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
<td><input class="checkbox_square" type="checkbox" name="active_<?= $mandant_id ?>" <?= $check_active ?>></td>
<td><input class="checkbox_square" type="radio" name="master_mandant_id" value='<?= $mandant_id ?>'
<?= $check_master_mandant ?>></td>
<td><?= input_select_from_sql("", "input_department_" . $mandant_id, $query_department, $contact_link['main_department_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $mandant_id, $query_bereich, $contact_link['main_bereich_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $mandant_id, $query_einricht, $contact_link['main_einricht_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_role_" . $mandant_id, $query_role, $contact_link['main_role_id'], FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input("", "input_phone_no_" . $mandant_id, "text", $contact_link["phone_no"], 100); ?></td>
<td><?= input("", "input_email_" . $mandant_id, "text", $contact_link["email"], 100); ?></td>
<!-- <?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant_id ?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
<path id="shield-security" d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z" transform="translate(0 -0.375)"/></svg>
</button>
</td>
@@ -443,15 +500,16 @@ function load_mandant_list($contact){
function load_mandant_list_new($contact){
function load_mandant_list_new($contact)
{
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '".$contact['id']."'";
$query_contact = "SELECT * FROM main_contact_department WHERE main_contact_id = '" . $contact['id'] . "'";
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$contacts = [];
while ($contact_link = @mysqli_fetch_assoc($result_contact)) {
$contacts[] = $contact_link;
}
for ($i=1; $i < 10; $i++) {
for ($i = 1; $i < 10; $i++) {
@@ -487,16 +545,25 @@ function load_mandant_list_new($contact){
}
?>
<tr>
<td><?= input_select_from_sql_mandant("", "input_mandant_".$i, $query_mandant, $mandant, FALSE, FALSE, "", TRUE);?></td>
<td><?= input_select_from_sql("", "input_department_".$i, $query_department, $department, FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_".$i, $query_bereich, $bereich, FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_".$i, $query_einricht, $einricht, FALSE, FALSE, "", TRUE); ?></td>
<td><?= input_select_from_sql("", "input_role_".$i, $query_role, $role, FALSE, FALSE, "", TRUE); ?></td>
<td style="display: none;"><?= input("", "input_phone_no_".$i, "text", $phone, 100); ?></td>
<td style="display: none;"><?= input("", "input_email_".$i, "text", $email, 100); ?></td>
<?php if ($GLOBALS['admin_user']['control_permissions'] == 1){?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern" data-popup-id="popup-mandant-<?= $mandant?>" ><svg xmlns="http://www.w3.org/2000/svg" width="28.8" height="35.25" viewBox="0 0 28.8 35.25">
<path id="shield-security" d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z" transform="translate(0 -0.375)"/></svg>
<td><?= input_select_from_sql_mandant("", "input_mandant_" . $i, $query_mandant, $mandant, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_department_" . $i, $query_department, $department, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_bereich("", "input_bereiche_" . $i, $query_bereich, $bereich, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql_ein("", "input_einrichtung_" . $i, $query_einricht, $einricht, FALSE, FALSE, "", TRUE); ?>
</td>
<td><?= input_select_from_sql("", "input_role_" . $i, $query_role, $role, FALSE, FALSE, "", TRUE); ?></td>
<td style="display: none;"><?= input("", "input_phone_no_" . $i, "text", $phone, 100); ?></td>
<td style="display: none;"><?= input("", "input_email_" . $i, "text", $email, 100); ?></td>
<?php if ($GLOBALS['admin_user']['control_permissions'] == 1) { ?>
<td><button class="pop_up_button svg_button" title="Berechtigung ändern"
data-popup-id="popup-mandant-<?= $mandant ?>"><svg xmlns="http://www.w3.org/2000/svg" width="28.8"
height="35.25" viewBox="0 0 28.8 35.25">
<path id="shield-security"
d="M14.4.375l14.4,6.45v9.6a19.876,19.876,0,0,1-4.125,12.188A17.908,17.908,0,0,1,14.4,35.625,17.912,17.912,0,0,1,4.125,28.612,19.875,19.875,0,0,1,0,16.425v-9.6ZM14.4,18V3.9L3.225,8.85V18H14.4V32.325a15.292,15.292,0,0,0,7.5-5.4A17.845,17.845,0,0,0,25.575,18Z"
transform="translate(0 -0.375)" />
</svg>
</button>
</td>
<?php } ?>
@@ -506,19 +573,20 @@ function load_mandant_list_new($contact){
}
function load_permission($contact){
function load_permission($contact)
{
$translation = \DynCom\mysyde\common\classes\Registry::get("translation");
$query_mandant = "SELECT * FROM main_mandant";
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
while($mandant = @mysqli_fetch_array($result_mandant)) {
while ($mandant = @mysqli_fetch_array($result_mandant)) {
$mandant_id = $mandant['id'];
?>
<div class='pop_up_element' id='popup-mandant-<?= $mandant_id?>'>
<div class='pop_up_element' id='popup-mandant-<?= $mandant_id ?>'>
<table class="mandant_table">
<thead>
<tr>
<th>Berechtigungen für: <span style="font-weight: bold;"><?= $mandant['description']?></span></th>
<th>Berechtigungen für: <span style="font-weight: bold;"><?= $mandant['description'] ?></span></th>
<th style="text-align: right;">Status</th>
</tr>
</thead>
@@ -526,22 +594,28 @@ function load_permission($contact){
<?php
$query = "SELECT * FROM main_permission";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($permission = @mysqli_fetch_array($result)) {
$query_contact = "SELECT * FROM main_contact_permission WHERE main_contact_id = ".$contact['id']." AND main_mandant_id = ".$mandant_id." AND main_permission_id = ".$permission['id'];
while ($permission = @mysqli_fetch_array($result)) {
$check_permission = ($permission['default_active'] == 1) ? 'checked' : '';
if (!empty($contact['id'])) {
$query_contact = "SELECT * FROM main_contact_permission WHERE main_contact_id = " . intval($contact['id']) . " AND main_mandant_id = " . intval($mandant_id) . " AND main_permission_id = " . intval($permission['id']);
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query_contact);
$row = @mysqli_fetch_array($result_contact);
$check_permission = ($permission['default_active'] == 1) ? 'checked' : '';
if(@mysqli_num_rows($result_contact) == 1){
} else {
$result_contact = false;
}
if ($result_contact && @mysqli_num_rows($result_contact) == 1) {
$check_permission = ($row['active'] == 1) ? 'checked' : '';
}
?>
<?php if($permission['only_main_mandant'] == 1 && $mandant_id != $contact['master_mandant_id']){ ?>
<?php if ($permission['only_main_mandant'] == 1 && $mandant_id != $contact['master_mandant_id']) { ?>
<tr class='inactive' title='Dieses Berechtigung kann nur im Hauptmandanten geändert werden'>
<?php }else{ ?>
<?php } else { ?>
<tr>
<?php } ?>
<td><?= $permission['description']?></td>
<td class="watch_state_td" style="text-align: right;"><input class="checkbox_square watch_state" type="checkbox" name="active_<?= $mandant_id?>_<?= $permission['id']?>" <?= $check_permission ?>></td>
<td><?= $permission['description'] ?></td>
<td class="watch_state_td" style="text-align: right;"><input class="checkbox_square watch_state"
type="checkbox" name="active_<?= $mandant_id ?>_<?= $permission['id'] ?>" <?= $check_permission ?>>
</td>
</tr>
<?php
}
@@ -552,23 +626,24 @@ function load_permission($contact){
<?php }
}
function save_permission($contact_id){
$deleteLink = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=".$contact_id);
function save_permission($contact_id)
{
$deleteLink = @mysqli_query($GLOBALS["mysql_con"], "DELETE FROM main_contact_permission WHERE main_contact_id=" . $contact_id);
$query_mandant = "SELECT * FROM main_mandant";
$result_mandant = @mysqli_query($GLOBALS['mysql_con'], $query_mandant);
while($mandant = @mysqli_fetch_array($result_mandant)) {
while ($mandant = @mysqli_fetch_array($result_mandant)) {
$query = "SELECT * FROM main_permission";
$result = @mysqli_query($GLOBALS['mysql_con'], $query);
while($permission = @mysqli_fetch_array($result)) {
$active = ($_POST["active_".$mandant['id']."_".$permission['id']] == "on") ? '1' : '0';
while ($permission = @mysqli_fetch_array($result)) {
$active = ($_POST["active_" . $mandant['id'] . "_" . $permission['id']] == "on") ? '1' : '0';
$query = "INSERT INTO main_contact_permission
(main_contact_id, main_mandant_id, main_permission_id, active)
VALUES (
" . $contact_id . ",
'" . $mandant['id'] . "',
'" . $permission['id'] . "',
'" . $active. "'
'" . $active . "'
)";
@mysqli_query($GLOBALS['mysql_con'], $query);
}
@@ -577,7 +652,7 @@ function save_permission($contact_id){
?>
<script>
$(document).ready(function() {
$(document).ready(function () {
// Funktion zur Aktualisierung des Status für eine einzelne Checkbox
function updateStatus(checkbox) {
if (checkbox.is(':checked')) {
@@ -592,21 +667,22 @@ $(document).ready(function() {
}
// Überwachen Sie Änderungen am Status der Checkbox
$('.watch_state').change(function() {
$('.watch_state').change(function () {
// Rufen Sie die Funktion auf, um den Status nur für die angeklickte Checkbox zu aktualisieren
updateStatus($(this));
});
// Rufen Sie die Funktion zum ersten Mal auf, um den Anfangszustand festzulegen
$('.watch_state').each(function() {
$('.watch_state').each(function () {
updateStatus($(this));
});
});
});
</script>
<?php
function load_absence_contact($main_contact){
function load_absence_contact($main_contact)
{
$query = "SELECT * FROM main_contact";
$result_contact = @mysqli_query($GLOBALS['mysql_con'], $query);
@@ -615,7 +691,7 @@ function load_absence_contact($main_contact){
$contact_array = explode(",", $main_contact['absence_contact']);
foreach ($contact_array as $contact) {
array_push($preselect,$contact);
array_push($preselect, $contact);
}
?>
<!-- <div class="label">Ansprechpartner Krankmeldung</div>
@@ -625,22 +701,23 @@ function load_absence_contact($main_contact){
<div class="default text">Ansprechpartner Krankmeldung</div>
<div class="menu">
<?
while($contacts = @mysqli_fetch_array($result_contact)) {
echo "<div class=\"item\" data-value=\"{$contacts['id']}\">".$contacts["name"]."</div>";
while ($contacts = @mysqli_fetch_array($result_contact)) {
echo "<div class=\"item\" data-value=\"{$contacts['id']}\">" . $contacts["name"] . "</div>";
}
?>
</div>
</div> -->
<script type="text/javascript" src="/plugins/jquery/jquery-3.5.1.min.js"></script>
<script type="text/javascript" src="/plugins/Semantic-UI-master/semantic.min.js"></script>
<link rel="stylesheet" type="text/css" href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css')?>">
<link rel="stylesheet" type="text/css"
href="/plugins/Semantic-UI-master/bc-semantic.css?time=<?= filemtime($_SERVER['DOCUMENT_ROOT'] . '/plugins/Semantic-UI-master/bc-semantic.css') ?>">
<script>
var $y = jQuery.noConflict();
$y( document ).ready(function() {
$y(document).ready(function () {
$y('.contacts.ui.fluid.multiple.dropdown').dropdown('set selected', <?= json_encode($preselect) ?>);
});
</script>
<?php
<?php
}
// function updateFromJSON() {

View File

@@ -1,3 +0,0 @@
<?php
phpinfo();
?>