}
return $result;
}
+
+ // getNotifications - obtains notification descriptions for a group.
+ static function getNotifications() {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ $result = array();
+ $sql = "select c.id, c.cron_spec, c.email, c.report_condition, fr.name from tt_cron c".
+ " left join tt_fav_reports fr on (fr.id = c.report_id)".
+ " where c.group_id = $group_id and c.org_id = $org_id and c.status = 1 and fr.status = 1";
+ $res = $mdb2->query($sql);
+ $result = array();
+ if (!is_a($res, 'PEAR_Error')) {
+ while ($val = $res->fetchRow()) {
+ $result[] = $val;
+ }
+ return $result;
+ }
+ return false;
+ }
+
+ // The getActiveUsers obtains all active users in a given group.
+ static function getActiveUsers($options = null) {
+ global $user;
+ global $i18n;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ if (isset($options['getAllFields']))
+ $sql = "select u.*, r.name as role_name, r.rank from tt_users u left join tt_roles r on (u.role_id = r.id) where u.group_id = $group_id and u.org_id = $org_id and u.status = 1 order by upper(u.name)";
+ else
+ $sql = "select id, name from tt_users where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
+ $res = $mdb2->query($sql);
+ $user_list = array();
+ if (is_a($res, 'PEAR_Error'))
+ return false;
+ while ($val = $res->fetchRow()) {
+ // Localize top manager role name, as it is not localized in db.
+ if ($val['rank'] == 512)
+ $val['role_name'] = $i18n->get('role.top_manager.label');
+ $user_list[] = $val;
+ }
+
+ if (isset($options['putSelfFirst'])) {
+ // Put own entry at the front.
+ $cnt = count($user_list);
+ for($i = 0; $i < $cnt; $i++) {
+ if ($user_list[$i]['id'] == $user->id) {
+ $self = $user_list[$i]; // Found self.
+ array_unshift($user_list, $self); // Put own entry at the front.
+ array_splice($user_list, $i+1, 1); // Remove duplicate.
+ }
+ }
+ }
+ return $user_list;
+ }
+
+ // getActiveTasks - returns an array of active tasks for a group.
+ static function getActiveTasks()
+ {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ $sql = "select id, name, description from tt_tasks".
+ " where group_id = $group_id and org_id = $org_id and status = 1 order by upper(name)";
+ $res = $mdb2->query($sql);
+ $result = array();
+ if (!is_a($res, 'PEAR_Error')) {
+ while ($val = $res->fetchRow()) {
+ $result[] = $val;
+ }
+ }
+ return $result;
+ }
+
+ // getInactiveTasks - returns an array of inactive tasks for a group.
+ static function getInactiveTasks()
+ {
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ $sql = "select id, name, description from tt_tasks".
+ " where group_id = $group_id and org_id = $org_id and status = 0 order by upper(name)";
+ $res = $mdb2->query($sql);
+ $result = array();
+ if (!is_a($res, 'PEAR_Error')) {
+ while ($val = $res->fetchRow()) {
+ $result[] = $val;
+ }
+ }
+ return $result;
+ }
+
+ // validateCheckboxGroupInput - validates user input in a group of checkboxes
+ // in context of a specific database table.
+ //
+ // We need to make sure that input is a set of unique positive integers, and is
+ // "relevant" to the current group (entities exists in table).
+ //
+ // It is a safeguard against manipulation of data in posts.
+ static function validateCheckboxGroupInput($input, $table) {
+ // Empty input is valid.
+ if (!$input) return true;
+
+ // Input containing duplicates is invalid.
+ if (count($input) !== count(array_unique($input))) return false;
+
+ // Input containing anything but positive integers is invalid.
+ foreach ($input as $single_selection) {
+ if (!is_numeric($single_selection) || $single_selection <= 0) return false;
+ }
+
+ global $user;
+ $mdb2 = getConnection();
+
+ $group_id = $user->getGroup();
+ $org_id = $user->org_id;
+
+ // Now check the table. It must contain all entities associated with current group and org.
+ $comma_separated = implode(',', $input);
+ $sql = "select count(*) as item_count from $table".
+ " where id in ($comma_separated) and group_id = $group_id and org_id = $org_id and status = 1";
+ $res = $mdb2->query($sql);
+ if (is_a($res, 'PEAR_Error')) return false;
+ $val = $res->fetchRow();
+ if (count($input) != $val['item_count'])
+ return false; // Number of entities in table is different.
+
+ return true; // All is good.
+ }
}
projects / timetracker.git / blobdiff