added real logins, login administration, task viewer page, contractor main page

[contractor-progress.git] / tasks.php

<?php

require_once('code/tasks.php');

$GLOBALS['tasks_form_recipient'] = "fixme@example.com";

define('TASKS_DB_FIELDS', 'title,url,description,state');


require_once('code/wfpl/template.php');
require_once('code/wfpl/format.php');
require_once('code/wfpl/messages.php');
require_once('code/wfpl/email.php');
require_once('code/db_connect.php');

# replace every character in $str with "&nbsp;"
function tonbsp($matches) {
        return str_repeat('&nbsp;', strlen($matches[0]) * 2);
}

# encode as html, make it display newlines and leading spaces
function enc_htmlbrtab($str) {
        $str = enc_htmlbr($str);
        $str = preg_replace_callback("|^ *|m", tonbsp, $str);
        return $str;
}

function tasks_get_fields() {
        $title = format_oneline($_REQUEST['title']);
        $url = format_oneline($_REQUEST['url']);
        $description = format_unix($_REQUEST['description']);

        tasks_tem_sets($title, $url, $description);

        return array($title, $url, $description);
}

function tasks_tem_sets($title, $url, $description) {
        tem_set('title', $title);
        tem_set('url', $url);
        tem_set('description', $description);
}

function tasks_main() {
        if(!logged_in()) {
                $GLOBALS['url'] = this_url();
                return 'login';
        }

        if(isset($_REQUEST['tasks_id'])) {
                $ret = tasks_display_main();
                if($ret) {
                        return $ret;
                }
                tem_show('display_body');
        } else {
                $ret = tasks_edit_main();
                if($ret) {
                        return $ret;
                }
                tem_show('edit_body');
        }

        tem_show('main_body');
}

function tasks_display_main() {
        $task_id = format_int($_REQUEST['tasks_id']);;
        $row = db_get_row('tasks', 'title,url,description,state', 'where id=%i', $task_id);
        if($row) {
                list($title, $url, $description, $state) = $row;
                tem_set('task_id', $task_id);
                tem_set('title', $title);
                tem_set('url', $url);
                tem_set('description', $description);
                tem_set('state', task_state_pretty($state));
                if($state == TASK_BUG) {
                        tem_show('bug_title');
                } else {
                        tem_show('normal_title');
                }
        } else {
                message("Task #$task_id not found");
                return './';
        }
}

function tasks_edit_main() {
        $state = TASK_DRAFT; # will be overwritten
        $edit_id = format_int($_REQUEST['tasks_edit_id']);
        unset($_REQUEST['tasks_edit_id']);
        if($edit_id) {
                # add hidden field for database id of row we're editing
                tem_set('tasks_edit_id', $edit_id);
                tem_show('editing');

                $state = db_get_value('tasks', 'state', 'where id=%i', $edit_id);
        }

        if(isset($_REQUEST['tasks_new_bug'])) {
                tem_show('bug_submit');
                $state = TASK_BUG;
        } else {
                tem_show('normal_submits');
        }

        if($state == TASK_BUG) {
                tem_show('bug_instructions');
        } else {
                tem_show('normal_instructions');
        }

        $delete_id = format_int($_REQUEST['tasks_delete_id']);
        unset($_REQUEST['tasks_delete_id']);
        if($delete_id) {
                db_delete('tasks', 'where id=%i', $delete_id);
                message('Task deleted.');

                return './tasks.html';
        }

        if(isset($_REQUEST['title'])) {
                list($title, $url, $description) = tasks_get_fields();

                # FIXME
                if(isset($_REQUEST['save_draft'])) {
                        $state = TASK_DRAFT;
                } elseif(isset($_REQUEST['save_bug'])) {
                        $state = TASK_BUG;
                } else {
                        $state = TASK_NEEDS_QUOTE;
                }

                if("you're happy with the POSTed values") {
                        if($edit_id) {
                                db_update('tasks', 'title,url,description,state', $title, $url, $description, $state, 'where id=%i', $edit_id);
                                message('Task updated.');
                        } else {
                                # new task
                                $paid = 0;
                                $client_id = 4; # FIXME
                                db_insert('tasks', 'client_id,title,url,description,state,paid', $client_id, $title, $url, $description, $state, $paid);
                                message('Task saved.');
                        }
                        if($GLOBALS['tasks_form_recipient'] != "fixme@example.com") {
                                $to = $GLOBALS['tasks_form_recipient'];
                                $from = $to;
                                $reply_to = '';
                                if(isset($_REQUEST['email']) and valid_email($_REQUEST['email'])) {
                                        $reply_to = $_REQUEST['email'];
                                        if($_REQUEST['name'] and ereg('^[a-zA-Z0-9_\' -]*$', $_REQUEST['name']) !== false) {
                                                $reply_to = "$_REQUEST[name] <$reply_to>";
                                        }
                                }
                                $subject = 'tasks form submitted';
                                $message = tem_run('tasks.email.txt');
                                $cc = '';
                                $bcc = '';
                                if(email($from, $to, $subject, $message, $reply_to, $cc, $bcc)) {
                                        message('Due to an internal error, your message could not be sent. Please try again later.');
                                        $error = true;
                                }
                        }
                        if($error !== true) {
                                return './';
                        }
                }
                # otherwise, we display the form again. tasks_get_fields() has
                # already put the posted values back into the template engine, so they will
                # show up in the form fields. You should add some message asking people to
                # fix their entry in whatever way you require.
        } elseif($edit_id) {
                # we've recieved an edit id, but no data. So we grab the values to be edited from the database
                list($client_id, $ord, $title, $url, $description, $state, $paid) = db_get_row('tasks', TASKS_DB_FIELDS, 'where id=%i', $edit_id);
                tasks_tem_sets($client_id, $ord, $title, $url, $description, $state, $paid);
        } else {
                # form not submitted, you can set default values like so:
                #tem_set('client_id', 'Yes');
        }

        # this has to be later in the file because it requres that client_id be set already
        if($edit_id) {
                tem_show('edit_msg');
        } elseif($state == TASK_BUG) {
                tem_show('bug_msg');
        } else {
                tem_show('new_msg');
        }
}

?>