Todolist is a set of PHP scripts that create a web-based list of things to do. Items can be added and removed, and are sorted by an assigned priority. Also it is possible to assign special tasks to another person and for example to specify a due date. ToDoList is multilingual (although some languages are still under development). Lots of unmentioned features. Features – Assign due-dates, responsible users.
<?php
/* main page - switch routines etc */
//error_reporting(E_ALL);
include_once 'include/constants.php';
include_once 'include/history.inc.php';
include_once 'include/config.php';
include_once 'include/user.inc.php';
include_once 'include/functions.inc.php';
if ($GLOBALS['DB_SESSIONS']) {
ini_set('session.save_handler', 'user');
include_once ('include/session_handler_db.php'); // Handle session-data in DB-Table
} else {
ini_set('session.save_handler', 'files');
}
ini_set('register_globals', 'true');
session_start();
// Use output-compression if Browser supports this. (Requires PHP 4.0.4!)
// Session-stuff must be handled _before_ output-buffering. Otherwise it confuses PHP... :(
if ($GLOBALS['USE_OUTPUT_COMPRESSION']) {
ob_start("ob_gzhandler");
}
if (isset($HTTP_GET_VARS['my_tasks'])) {
$HTTP_SESSION_VARS['usr']->my_tasks = $HTTP_GET_VARS['my_tasks'];
}
if (isset($HTTP_GET_VARS['show_done'])) {
$HTTP_SESSION_VARS['usr']->show_done = $HTTP_GET_VARS['show_done'];
}
include ('include/header.inc.php'); // set up database connection and authenticate user
// We had a value from the form? Tell it the user.
if (isset($HTTP_GET_VARS['selected_project']))
$HTTP_SESSION_VARS['usr']->selected_project = $HTTP_GET_VARS['selected_project'];
include ("include/pages.inc.php"); // contains most of the "output"
include ("include/admin.inc.php");
if (isset ($HTTP_POST_VARS['route'])){
$route = $HTTP_POST_VARS['route'];
} else if (isset ($HTTP_GET_VARS['route'])){
$route = $HTTP_GET_VARS['route'];
} else {
$route = FRONTPAGE;
}
if (isset ($HTTP_GET_VARS['order_by'])) {
$order_by = $HTTP_GET_VARS['order_by'];
} else {
$order_by = '';
}
// main switch - what are we trying to do?
switch($route){
// front page
case FRONTPAGE:
$HTTP_SESSION_VARS['history']->addPage(THELIST);
echo page_top("$TODO_HEADING",THELIST);
$query = makeFrontQuery($order_by, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,$order_by,$route);
if (isset($HTTP_GET_VARS['printlayout'])) { // Drucklayout. Ohne Formulare.
page_foot(THELIST);
exit;
} else {
echo add_box();
echo search_box($priority,$search_status, $search_project,$responsible_person,$HTTP_GET_VARS['date_min'],$HTTP_GET_VARS['date_max']);
echo page_foot(THELIST);
}
break;
// viewing a record's details
case DETAILS:
$HTTP_SESSION_VARS['history']->addPage(DETPAGE);
if (isset($HTTP_GET_VARS['feedback'])){
$GLOBALS['feedback'] = $HTTP_GET_VARS['feedback'];
}
echo page_top($TODO_HEADING,DETPAGE);
echo details_page($HTTP_GET_VARS['id']);
echo page_foot(DETPAGE);
break;
// searching
case SEARCH:
$HTTP_SESSION_VARS['history']->addPage(SEARCHPAGE);
echo page_top("$TODO_HEADING",$HTTP_GET_VARS['page']);
if (isset ($HTTP_GET_VARS['responsible_person'])) {
if (!is_array($HTTP_GET_VARS['responsible_person'])){
$HTTP_GET_VARS['responsible_person'] = array($HTTP_GET_VARS['responsible_person']);
}
} else {
$HTTP_GET_VARS['responsible_person'] = array('');
}
$query = makeSearchQuery($HTTP_GET_VARS['wildcards'],$HTTP_GET_VARS['priority'],
$HTTP_GET_VARS['search_status'],$HTTP_GET_VARS['search_project'], $HTTP_GET_VARS['responsible_person'],
$order_by,$HTTP_GET_VARS['date_min'],$HTTP_GET_VARS['date_max']);
if (isset($HTTP_GET_VARS['printlayout'])) { // Drucklayout. Ohne Formulare.
echo printToDoTable($query,$order_by,$route);
echo page_foot($HTTP_GET_VARS['page']);
exit;
} else {
echo search_box($HTTP_GET_VARS['priority'], $HTTP_GET_VARS['search_status'],
$HTTP_GET_VARS['search_project'],$HTTP_GET_VARS['responsible_person'],$HTTP_GET_VARS['date_min'],
$HTTP_GET_VARS['date_max']);
echo printToDoTable($query,$order_by,$route);
echo page_foot(SEARCHPAGE);
}
break;
// we're the admin.
case ADMIN:
//$HTTP_SESSION_VARS['history']->addPage($HTTP_GET_VARS['page']);
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
if (isset ($HTTP_GET_VARS['adm'])) {
if (!isset($HTTP_GET_VARS['adminmodule'])) {
$HTTP_GET_VARS['adminmodule'] = null;
}
if (!isset($HTTP_GET_VARS['module'])) {
$HTTP_GET_VARS['module'] = null;
}
if (!isset($HTTP_GET_VARS['user'])) {
$HTTP_GET_VARS['user'] = null;
}
if (!isset($HTTP_GET_VARS['project'])) {
$HTTP_GET_VARS['project'] = null;
}
echo admin_page($HTTP_GET_VARS['adm']);
if ($HTTP_GET_VARS['adm'] == ADMIN_GROUPS){
echo groupAdministration($HTTP_GET_VARS['adm'],$HTTP_GET_VARS['adminmodule'], $HTTP_GET_VARS['group']);
} elseif ($HTTP_GET_VARS['adm'] == ADMIN_USERS){
$HTTP_SESSION_VARS['history']->addPage(ADMIN_USERS_MAIN_PAGE);
echo userAdministration($HTTP_GET_VARS['module'],$HTTP_GET_VARS['user'],ADMINPAGE);
} elseif ($HTTP_GET_VARS['adm'] == ADMIN_PROJECTS){
$HTTP_SESSION_VARS['history']->addPage(ADMIN_PROJECTS_MAIN_PAGE);
echo projectAdministration($HTTP_GET_VARS['adm'],$HTTP_GET_VARS['adminmodule'],$HTTP_GET_VARS['project']);
}
} else {
$HTTP_SESSION_VARS['history']->addPage(ADMINPAGE);
echo admin_page(null);
echo '<br /><font>'.$TEXT_CHOOSE_MODULE.'</font>';
echo "<ul>";
echo '<li><a href="'.$HTTP_SERVER_VARS['PHP_SELF'].'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_USERS.'">'.$TEXT_USERS.'</a></li>';
//echo '<li><a href="'.$PHP_SELF.'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_GROUPS.'">'.$TEXT_GROUPS.'</a></li>';
echo '<li><a href="'.$HTTP_SERVER_VARS['PHP_SELF'].'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_PROJECTS.'">'.$TEXT_PROJECTS.'</a></li>';
echo "</ul>";
}
echo page_foot(ADMINPAGE);
break;
case PREFERENCES:
$HTTP_SESSION_VARS['history']->addPage(PREFPAGE);
echo page_top("$TODO_HEADING<br/>$TEXT_PREFERENCES", PREFPAGE);
echo userAdministration(null,$HTTP_SESSION_VARS['usr']->userid,PREFPAGE);
echo page_foot(PREFPAGE);
break;
case ADDFORM:
$HTTP_SESSION_VARS['history']->addPage(ADDFORM);
echo page_top("$TODO_HEADING<br/>$TEXT_NEW", ADDFORM);
echo add_box();
echo page_foot(ADDFORM);
break;
// actually making some change
case ACTIONS: // actually do stuff
// switch on action to see what precisely that is
switch ($HTTP_POST_VARS['action']){
// deleting a task
case "todo_delete":
if( delete_todo($HTTP_POST_VARS['id'])) {
$feedback = $TEXT_DATASET_DELETED;
} else {
$feedback = $TEXT_DATASET_NOT_DELETED;
}
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
break;
// update a task
case "todo_change":
update_todo($HTTP_POST_VARS['due_date'], $HTTP_POST_VARS['priority'], $HTTP_POST_VARS['status'],
$HTTP_POST_VARS['percentage_completed'], $HTTP_POST_VARS['text'], $HTTP_POST_VARS['responsible_persons'],
$HTTP_POST_VARS['id'], $HTTP_POST_VARS['note_text'], $HTTP_POST_VARS['project']);
$feedback = $TEXT_DATASET_CHANGED;
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
break;
// add a new task
case "todo-add":
add_todo($HTTP_POST_VARS['due_date'],$HTTP_POST_VARS['priority'],$HTTP_POST_VARS['project'],
$HTTP_POST_VARS['text'],$HTTP_POST_VARS['responsible_person']);
$feedback = stripslashes($TEXT_TODO_ADDED);
if ($HTTP_POST_VARS['page']==ADDTASK_SINGLE_PAGE) {
echo page_top($TODO_HEADING,ADDFORM);
echo add_box();
echo page_foot(ADDFORM);
} else {
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
}
break;
// add a new subtask
case "subtodo-add":
add_todo($HTTP_POST_VARS['due_date'],$HTTP_POST_VARS['priority'],$HTTP_POST_VARS['project'],
$HTTP_POST_VARS['text'],$HTTP_POST_VARS['responsible_person'],
$HTTP_POST_VARS['parent_task'], $HTTP_POST_VARS['level']);
$feedback = stripslashes($TEXT_TODO_ADDED);
echo page_top($TODO_HEADING,DETPAGE);
echo details_page($HTTP_POST_VARS['parent_task']);
echo page_foot(DETPAGE);
break;
// make a new user
case "newuser":
if ($HTTP_POST_VARS['new_password'] == $HTTP_POST_VARS['new_password_retyped']) {
if (!isset($HTTP_POST_VARS['new_email_notify'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_email_notify']=0;
}
if (!isset($HTTP_POST_VARS['new_my_tasks'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_my_tasks']=0;
}
if (!isset($HTTP_POST_VARS['new_primary_project'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_primary_project']=0;
}
if (!isset($HTTP_POST_VARS['new_my_tasks'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_my_tasks']=0;
}
if (!isset($HTTP_POST_VARS['showicons'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['showicons']=0;
}
if (!isset($HTTP_POST_VARS['isadmin'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['isadmin']=0;
}
$db->query('SELECT login_name FROM todo_users
where login_name=\''. $HTTP_POST_VARS['new_login_name']."'");
if ($db->num_rows() > 0 ) {
$feedback = $TEXT_USER_EXISTS;
} else {
$db->query("INSERT INTO
todo_users (login_name, first_name, last_name, email, email_notify, password,
language, primary_project, my_tasks, show_icons, admin)
VALUES ('".$HTTP_POST_VARS['new_login_name']."','".addslashes($HTTP_POST_VARS['new_first_name'])."','".
addslashes($HTTP_POST_VARS['new_last_name'])."', '".$HTTP_POST_VARS['new_email']."',".
$HTTP_POST_VARS['new_email_notify'].",'".md5($HTTP_POST_VARS['new_password'])."','".
$HTTP_POST_VARS['new_language']."', ".$HTTP_POST_VARS['new_primary_project'].','.
$HTTP_POST_VARS['new_my_tasks'].','. $HTTP_POST_VARS['showicons'].','. $HTTP_POST_VARS['isadmin'].')');
// Every user is member of project 1...
// FIXME: What if project 1 is deleted?!?!?
$db->query('INSERT INTO todo_project_members VALUES ('.$HTTP_POST_VARS['new_primary_project'].',LAST_INSERT_ID())');
$feedback = $TEXT_USER_CREATED;
}
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_USERS);
} else {
// Passwords don't match! Back to where we came from!
// FIXME formdata lost this way!
$feedback = $TEXT_PASSWORDS_DONT_MATCH;
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
}
echo userAdministration("newuser","", ADMINPAGE);
echo page_foot(ADMINPAGE);
break;
// alter a user
case "updateuser":
// Put the POST-Variables in local variables
if (isset($HTTP_POST_VARS['new_columns'])) {
$columns =$HTTP_POST_VARS['new_columns'];
}
$email = $HTTP_POST_VARS['new_email'];
$email_notify = isset($HTTP_POST_VARS['new_email_notify']) ? 1 : 0;
$first_name = $HTTP_POST_VARS['new_first_name'];
if ( isset ($HTTP_POST_VARS['isadmin']) ) {
$isadmin = $HTTP_POST_VARS['isadmin'];
}
$language = $HTTP_POST_VARS['new_language'];
$my_tasks = $HTTP_POST_VARS['new_my_tasks'];
$last_name = $HTTP_POST_VARS['new_last_name'];
$password = $HTTP_POST_VARS['new_password'];
$password_retyped= $HTTP_POST_VARS['new_password_retyped'];
$primary_project= $HTTP_POST_VARS['new_primary_project'];
$showicons = $HTTP_POST_VARS['showicons'];
$usernr = $HTTP_POST_VARS['usernr'];
if ($password == $password_retyped) {
if (!isset($email_notify)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$email_notify=0;
}
if (!isset($primary_project)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$primary_project=0;
}
if (!isset($my_tasks)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$my_tasks=0;
}
if (!isset($showicons)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$showicons=0;
}
if (!isset($isadmin)) {
if (($usernr==$HTTP_SESSION_VARS['usr']->userid) && $HTTP_SESSION_VARS['usr']->isAdmin())
$isadmin=1;
else
$isadmin=0;
}
$query="UPDATE todo_users
SET first_name='".addslashes($first_name)."', last_name='".addslashes($last_name)."',
email='".$email."', email_notify=$email_notify, language='".$language."',
primary_project='". $primary_project."', my_tasks=".$my_tasks.',
show_icons='.$showicons.',admin='.$isadmin;
if ($password != '')
$query .=", password='".md5($password)."'";
if (!isset($account_disabled)) {
$query .=", wrong_logins=0";
} else {
$query .=", wrong_logins=$MAX_LOGIN_TRIES";
}
if (isset($columns)) {
$query .= ", visible_columns='".implode(',', $columns)."'";
}
/* update the current user-session */
if ($usernr == $HTTP_SESSION_VARS['usr']->userid) {
$HTTP_SESSION_VARS['usr']->show_icons=$showicons;
$HTTP_SESSION_VARS['usr']->setColumns($columns);
$HTTP_SESSION_VARS['usr']->my_tasks=$my_tasks;
}
$query .= " WHERE usernr=$usernr";
$db->query("$query");
$feedback = $TEXT_USER_UPDATED;
if ($HTTP_SESSION_VARS['history']->getPage(1) == ADMINPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$HTTP_POST_VARS['user'], ADMINPAGE);
} else {
echo page_top("$TODO_HEADING",THELIST);
$query = makeFrontQuery($order_by, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,$order_by,$route);
echo add_box();
echo search_box();
}
} else {
// Passwords don't match! Back to where we came from!
$feedback = $TEXT_PASSWORDS_DONT_MATCH;
if ($page == ADMINPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$usernr, ADMINPAGE);
} elseif ($page == PREFPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_PREFERENCES", PREFPAGE);
echo userAdministration($module,$HTTP_SESSION_VARS['usr']->userid,PREFPAGE);
}
}
page_foot();
break;
// delete a user
case "deleteuser":
delete_user($HTTP_POST_VARS['usernr']);
$feedback = $TEXT_USER_DELETED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$HTTP_POST_VARS['user'], ADMINPAGE);
echo page_foot(ADMINPAGE);
break;
// create a new project
case "newproject":
$db->query("INSERT INTO todo_projects
VALUES
(NULL,'".addslashes($HTTP_POST_VARS['project_name'])."','".addslashes($HTTP_POST_VARS['project_description'])."',".
$HTTP_POST_VARS['project_leader'].")");
$db->query('INSERT INTO todo_project_members
VALUES
(LAST_INSERT_ID(),'.$HTTP_POST_VARS['project_leader'].')');
$feedback = $TEXT_PROJECT_CREATED;
echo page_top($TODO_HEADING,$HTTP_POST_VARS['page']);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration($HTTP_POST_VARS['adm'],$HTTP_POST_VARS['adminmodule'],"LAST_INSERT_ID()");
echo page_foot($HTTP_POST_VARS['page']);
break;
// update a project
case "updateproject":
$db->query("UPDATE todo_projects SET
project_name='".addslashes($HTTP_POST_VARS['new_project_name'])."',
description='".addslashes($HTTP_POST_VARS['new_project_description'])."',
project_leader=".$HTTP_POST_VARS['new_project_leader']."
WHERE id=".$HTTP_POST_VARS['project_id']);
// update project-members... Is there a more elegant way to do this?
// do we have to delete the tasks where someone is assigned who is no longer
// member of the project?
$db->query('DELETE from todo_project_members
WHERE project_id='.$HTTP_POST_VARS['project_id']);
if (sizeof($HTTP_POST_VARS['new_project_members']) > 0) {
$query='INSERT INTO todo_project_members VALUES ';
while ($member_id=array_pop($HTTP_POST_VARS['new_project_members'])){
$query .= '('.$HTTP_POST_VARS['project_id'].", $member_id)";
if (sizeof($HTTP_POST_VARS['new_project_members']) > 0)
$query .= ',';
}
}
$db->query("$query");
$feedback = $TEXT_PROJECT_UPDATED;
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration(ADMIN_PROJECTS,$adminmodule,null);
echo page_foot(ADMINPAGE);
break;
// delete a project
case "deleteproject":
// It would be better to ask before doing this...
delete_project($HTTP_POST_VARS['project_id']);
$feedback = $TEXT_PROJECT_DELETED;
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration(ADMIN_PROJECTS,null,null);
echo page_foot(ADMINPAGE);
break;
// create a new group
case "newgroup":
$db->query("INSERT INTO todo_groups
VALUES
(NULL,'$group_name','". $group_description ."',".$group_leader.")");
$db->query("INSERT INTO todo_group_members
VALUES
(LAST_INSERT_ID(),$group_leader)");
$feedback = $TEXT_GROUP_CREATED;
echo page_top("$TODO_HEADING",$page);
echo admin_page(ADMIN_GROUPS);
echo groupAdministration($HTTP_GET_VARS['adm'],$adminmodule, "LAST_INSERT_ID()");
echo page_foot($page);
break;
/*
// update a group
case "updategroup":
$db->query("UPDATE todo_groups SET
group_name='$new_group_name',
description='$new_group_description',
group_leader=$new_group_leader
WHERE id=$group_id");
// update group-members... Is there a more elegant way to do this?
// do we have to delete the tasks where someone is assigned who is no longer
// member of the group?
$db->query("DELETE from todo_group_members
WHERE group_id=$group_id");
if (sizeof($new_group_members) > 0) {
$query='INSERT INTO todo_group_members VALUES ';
while ($member_id=array_pop($new_group_members)){
$query .= "($group_id, $member_id)";
if (sizeof($new_group_members) > 0)
$query .= ',';
}
}
$db->query("$query");
$feedback = $TEXT_GROUP_UPDATED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_GROUPS);
echo groupAdministration(ADMIN_GROUPS,$adminmodule, $group);
echo page_foot(ADMINPAGE);
break;
// delete a group
case "deletegroup":
// It would be better to ask before doing this...
delete_group($group_id);
$feedback = $TEXT_GROUP_DELETED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_GROUPS);
// FIXME open group-details now!!!
echo groupAdministration(ADMIN_GROUPS,$adminmodule, null);
echo page_foot(ADMINPAGE);
break;
*/
}
break;
}
?>
&nbsp;
/* main page - switch routines etc */
//error_reporting(E_ALL);
include_once 'include/constants.php';
include_once 'include/history.inc.php';
include_once 'include/config.php';
include_once 'include/user.inc.php';
include_once 'include/functions.inc.php';
if ($GLOBALS['DB_SESSIONS']) {
ini_set('session.save_handler', 'user');
include_once ('include/session_handler_db.php'); // Handle session-data in DB-Table
} else {
ini_set('session.save_handler', 'files');
}
ini_set('register_globals', 'true');
session_start();
// Use output-compression if Browser supports this. (Requires PHP 4.0.4!)
// Session-stuff must be handled _before_ output-buffering. Otherwise it confuses PHP... :(
if ($GLOBALS['USE_OUTPUT_COMPRESSION']) {
ob_start("ob_gzhandler");
}
if (isset($HTTP_GET_VARS['my_tasks'])) {
$HTTP_SESSION_VARS['usr']->my_tasks = $HTTP_GET_VARS['my_tasks'];
}
if (isset($HTTP_GET_VARS['show_done'])) {
$HTTP_SESSION_VARS['usr']->show_done = $HTTP_GET_VARS['show_done'];
}
include ('include/header.inc.php'); // set up database connection and authenticate user
// We had a value from the form? Tell it the user.
if (isset($HTTP_GET_VARS['selected_project']))
$HTTP_SESSION_VARS['usr']->selected_project = $HTTP_GET_VARS['selected_project'];
include ("include/pages.inc.php"); // contains most of the "output"
include ("include/admin.inc.php");
if (isset ($HTTP_POST_VARS['route'])){
$route = $HTTP_POST_VARS['route'];
} else if (isset ($HTTP_GET_VARS['route'])){
$route = $HTTP_GET_VARS['route'];
} else {
$route = FRONTPAGE;
}
if (isset ($HTTP_GET_VARS['order_by'])) {
$order_by = $HTTP_GET_VARS['order_by'];
} else {
$order_by = '';
}
// main switch - what are we trying to do?
switch($route){
// front page
case FRONTPAGE:
$HTTP_SESSION_VARS['history']->addPage(THELIST);
echo page_top("$TODO_HEADING",THELIST);
$query = makeFrontQuery($order_by, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,$order_by,$route);
if (isset($HTTP_GET_VARS['printlayout'])) { // Drucklayout. Ohne Formulare.
page_foot(THELIST);
exit;
} else {
echo add_box();
echo search_box($priority,$search_status, $search_project,$responsible_person,$HTTP_GET_VARS['date_min'],$HTTP_GET_VARS['date_max']);
echo page_foot(THELIST);
}
break;
// viewing a record's details
case DETAILS:
$HTTP_SESSION_VARS['history']->addPage(DETPAGE);
if (isset($HTTP_GET_VARS['feedback'])){
$GLOBALS['feedback'] = $HTTP_GET_VARS['feedback'];
}
echo page_top($TODO_HEADING,DETPAGE);
echo details_page($HTTP_GET_VARS['id']);
echo page_foot(DETPAGE);
break;
// searching
case SEARCH:
$HTTP_SESSION_VARS['history']->addPage(SEARCHPAGE);
echo page_top("$TODO_HEADING",$HTTP_GET_VARS['page']);
if (isset ($HTTP_GET_VARS['responsible_person'])) {
if (!is_array($HTTP_GET_VARS['responsible_person'])){
$HTTP_GET_VARS['responsible_person'] = array($HTTP_GET_VARS['responsible_person']);
}
} else {
$HTTP_GET_VARS['responsible_person'] = array('');
}
$query = makeSearchQuery($HTTP_GET_VARS['wildcards'],$HTTP_GET_VARS['priority'],
$HTTP_GET_VARS['search_status'],$HTTP_GET_VARS['search_project'], $HTTP_GET_VARS['responsible_person'],
$order_by,$HTTP_GET_VARS['date_min'],$HTTP_GET_VARS['date_max']);
if (isset($HTTP_GET_VARS['printlayout'])) { // Drucklayout. Ohne Formulare.
echo printToDoTable($query,$order_by,$route);
echo page_foot($HTTP_GET_VARS['page']);
exit;
} else {
echo search_box($HTTP_GET_VARS['priority'], $HTTP_GET_VARS['search_status'],
$HTTP_GET_VARS['search_project'],$HTTP_GET_VARS['responsible_person'],$HTTP_GET_VARS['date_min'],
$HTTP_GET_VARS['date_max']);
echo printToDoTable($query,$order_by,$route);
echo page_foot(SEARCHPAGE);
}
break;
// we're the admin.
case ADMIN:
//$HTTP_SESSION_VARS['history']->addPage($HTTP_GET_VARS['page']);
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
if (isset ($HTTP_GET_VARS['adm'])) {
if (!isset($HTTP_GET_VARS['adminmodule'])) {
$HTTP_GET_VARS['adminmodule'] = null;
}
if (!isset($HTTP_GET_VARS['module'])) {
$HTTP_GET_VARS['module'] = null;
}
if (!isset($HTTP_GET_VARS['user'])) {
$HTTP_GET_VARS['user'] = null;
}
if (!isset($HTTP_GET_VARS['project'])) {
$HTTP_GET_VARS['project'] = null;
}
echo admin_page($HTTP_GET_VARS['adm']);
if ($HTTP_GET_VARS['adm'] == ADMIN_GROUPS){
echo groupAdministration($HTTP_GET_VARS['adm'],$HTTP_GET_VARS['adminmodule'], $HTTP_GET_VARS['group']);
} elseif ($HTTP_GET_VARS['adm'] == ADMIN_USERS){
$HTTP_SESSION_VARS['history']->addPage(ADMIN_USERS_MAIN_PAGE);
echo userAdministration($HTTP_GET_VARS['module'],$HTTP_GET_VARS['user'],ADMINPAGE);
} elseif ($HTTP_GET_VARS['adm'] == ADMIN_PROJECTS){
$HTTP_SESSION_VARS['history']->addPage(ADMIN_PROJECTS_MAIN_PAGE);
echo projectAdministration($HTTP_GET_VARS['adm'],$HTTP_GET_VARS['adminmodule'],$HTTP_GET_VARS['project']);
}
} else {
$HTTP_SESSION_VARS['history']->addPage(ADMINPAGE);
echo admin_page(null);
echo '<br /><font>'.$TEXT_CHOOSE_MODULE.'</font>';
echo "<ul>";
echo '<li><a href="'.$HTTP_SERVER_VARS['PHP_SELF'].'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_USERS.'">'.$TEXT_USERS.'</a></li>';
//echo '<li><a href="'.$PHP_SELF.'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_GROUPS.'">'.$TEXT_GROUPS.'</a></li>';
echo '<li><a href="'.$HTTP_SERVER_VARS['PHP_SELF'].'?route='.ADMIN.'&page='.ADMINPAGE.'&adm='.ADMIN_PROJECTS.'">'.$TEXT_PROJECTS.'</a></li>';
echo "</ul>";
}
echo page_foot(ADMINPAGE);
break;
case PREFERENCES:
$HTTP_SESSION_VARS['history']->addPage(PREFPAGE);
echo page_top("$TODO_HEADING<br/>$TEXT_PREFERENCES", PREFPAGE);
echo userAdministration(null,$HTTP_SESSION_VARS['usr']->userid,PREFPAGE);
echo page_foot(PREFPAGE);
break;
case ADDFORM:
$HTTP_SESSION_VARS['history']->addPage(ADDFORM);
echo page_top("$TODO_HEADING<br/>$TEXT_NEW", ADDFORM);
echo add_box();
echo page_foot(ADDFORM);
break;
// actually making some change
case ACTIONS: // actually do stuff
// switch on action to see what precisely that is
switch ($HTTP_POST_VARS['action']){
// deleting a task
case "todo_delete":
if( delete_todo($HTTP_POST_VARS['id'])) {
$feedback = $TEXT_DATASET_DELETED;
} else {
$feedback = $TEXT_DATASET_NOT_DELETED;
}
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
break;
// update a task
case "todo_change":
update_todo($HTTP_POST_VARS['due_date'], $HTTP_POST_VARS['priority'], $HTTP_POST_VARS['status'],
$HTTP_POST_VARS['percentage_completed'], $HTTP_POST_VARS['text'], $HTTP_POST_VARS['responsible_persons'],
$HTTP_POST_VARS['id'], $HTTP_POST_VARS['note_text'], $HTTP_POST_VARS['project']);
$feedback = $TEXT_DATASET_CHANGED;
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
break;
// add a new task
case "todo-add":
add_todo($HTTP_POST_VARS['due_date'],$HTTP_POST_VARS['priority'],$HTTP_POST_VARS['project'],
$HTTP_POST_VARS['text'],$HTTP_POST_VARS['responsible_person']);
$feedback = stripslashes($TEXT_TODO_ADDED);
if ($HTTP_POST_VARS['page']==ADDTASK_SINGLE_PAGE) {
echo page_top($TODO_HEADING,ADDFORM);
echo add_box();
echo page_foot(ADDFORM);
} else {
echo page_top($TODO_HEADING,THELIST);
$query = makeFrontQuery(null, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,null,$HTTP_POST_VARS['route']);
echo add_box();
echo search_box();
echo page_foot(THELIST);
}
break;
// add a new subtask
case "subtodo-add":
add_todo($HTTP_POST_VARS['due_date'],$HTTP_POST_VARS['priority'],$HTTP_POST_VARS['project'],
$HTTP_POST_VARS['text'],$HTTP_POST_VARS['responsible_person'],
$HTTP_POST_VARS['parent_task'], $HTTP_POST_VARS['level']);
$feedback = stripslashes($TEXT_TODO_ADDED);
echo page_top($TODO_HEADING,DETPAGE);
echo details_page($HTTP_POST_VARS['parent_task']);
echo page_foot(DETPAGE);
break;
// make a new user
case "newuser":
if ($HTTP_POST_VARS['new_password'] == $HTTP_POST_VARS['new_password_retyped']) {
if (!isset($HTTP_POST_VARS['new_email_notify'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_email_notify']=0;
}
if (!isset($HTTP_POST_VARS['new_my_tasks'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_my_tasks']=0;
}
if (!isset($HTTP_POST_VARS['new_primary_project'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_primary_project']=0;
}
if (!isset($HTTP_POST_VARS['new_my_tasks'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['new_my_tasks']=0;
}
if (!isset($HTTP_POST_VARS['showicons'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['showicons']=0;
}
if (!isset($HTTP_POST_VARS['isadmin'])) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$HTTP_POST_VARS['isadmin']=0;
}
$db->query('SELECT login_name FROM todo_users
where login_name=\''. $HTTP_POST_VARS['new_login_name']."'");
if ($db->num_rows() > 0 ) {
$feedback = $TEXT_USER_EXISTS;
} else {
$db->query("INSERT INTO
todo_users (login_name, first_name, last_name, email, email_notify, password,
language, primary_project, my_tasks, show_icons, admin)
VALUES ('".$HTTP_POST_VARS['new_login_name']."','".addslashes($HTTP_POST_VARS['new_first_name'])."','".
addslashes($HTTP_POST_VARS['new_last_name'])."', '".$HTTP_POST_VARS['new_email']."',".
$HTTP_POST_VARS['new_email_notify'].",'".md5($HTTP_POST_VARS['new_password'])."','".
$HTTP_POST_VARS['new_language']."', ".$HTTP_POST_VARS['new_primary_project'].','.
$HTTP_POST_VARS['new_my_tasks'].','. $HTTP_POST_VARS['showicons'].','. $HTTP_POST_VARS['isadmin'].')');
// Every user is member of project 1...
// FIXME: What if project 1 is deleted?!?!?
$db->query('INSERT INTO todo_project_members VALUES ('.$HTTP_POST_VARS['new_primary_project'].',LAST_INSERT_ID())');
$feedback = $TEXT_USER_CREATED;
}
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_USERS);
} else {
// Passwords don't match! Back to where we came from!
// FIXME formdata lost this way!
$feedback = $TEXT_PASSWORDS_DONT_MATCH;
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
}
echo userAdministration("newuser","", ADMINPAGE);
echo page_foot(ADMINPAGE);
break;
// alter a user
case "updateuser":
// Put the POST-Variables in local variables
if (isset($HTTP_POST_VARS['new_columns'])) {
$columns =$HTTP_POST_VARS['new_columns'];
}
$email = $HTTP_POST_VARS['new_email'];
$email_notify = isset($HTTP_POST_VARS['new_email_notify']) ? 1 : 0;
$first_name = $HTTP_POST_VARS['new_first_name'];
if ( isset ($HTTP_POST_VARS['isadmin']) ) {
$isadmin = $HTTP_POST_VARS['isadmin'];
}
$language = $HTTP_POST_VARS['new_language'];
$my_tasks = $HTTP_POST_VARS['new_my_tasks'];
$last_name = $HTTP_POST_VARS['new_last_name'];
$password = $HTTP_POST_VARS['new_password'];
$password_retyped= $HTTP_POST_VARS['new_password_retyped'];
$primary_project= $HTTP_POST_VARS['new_primary_project'];
$showicons = $HTTP_POST_VARS['showicons'];
$usernr = $HTTP_POST_VARS['usernr'];
if ($password == $password_retyped) {
if (!isset($email_notify)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$email_notify=0;
}
if (!isset($primary_project)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$primary_project=0;
}
if (!isset($my_tasks)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$my_tasks=0;
}
if (!isset($showicons)) {
//HTML-Forms submit nothing if a checkbox isn't checked... :-(
$showicons=0;
}
if (!isset($isadmin)) {
if (($usernr==$HTTP_SESSION_VARS['usr']->userid) && $HTTP_SESSION_VARS['usr']->isAdmin())
$isadmin=1;
else
$isadmin=0;
}
$query="UPDATE todo_users
SET first_name='".addslashes($first_name)."', last_name='".addslashes($last_name)."',
email='".$email."', email_notify=$email_notify, language='".$language."',
primary_project='". $primary_project."', my_tasks=".$my_tasks.',
show_icons='.$showicons.',admin='.$isadmin;
if ($password != '')
$query .=", password='".md5($password)."'";
if (!isset($account_disabled)) {
$query .=", wrong_logins=0";
} else {
$query .=", wrong_logins=$MAX_LOGIN_TRIES";
}
if (isset($columns)) {
$query .= ", visible_columns='".implode(',', $columns)."'";
}
/* update the current user-session */
if ($usernr == $HTTP_SESSION_VARS['usr']->userid) {
$HTTP_SESSION_VARS['usr']->show_icons=$showicons;
$HTTP_SESSION_VARS['usr']->setColumns($columns);
$HTTP_SESSION_VARS['usr']->my_tasks=$my_tasks;
}
$query .= " WHERE usernr=$usernr";
$db->query("$query");
$feedback = $TEXT_USER_UPDATED;
if ($HTTP_SESSION_VARS['history']->getPage(1) == ADMINPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$HTTP_POST_VARS['user'], ADMINPAGE);
} else {
echo page_top("$TODO_HEADING",THELIST);
$query = makeFrontQuery($order_by, $HTTP_SESSION_VARS['usr']->selected_project);
echo printToDoTable($query,$order_by,$route);
echo add_box();
echo search_box();
}
} else {
// Passwords don't match! Back to where we came from!
$feedback = $TEXT_PASSWORDS_DONT_MATCH;
if ($page == ADMINPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_ADMIN",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$usernr, ADMINPAGE);
} elseif ($page == PREFPAGE) {
echo page_top("$TODO_HEADING<br/>$TEXT_PREFERENCES", PREFPAGE);
echo userAdministration($module,$HTTP_SESSION_VARS['usr']->userid,PREFPAGE);
}
}
page_foot();
break;
// delete a user
case "deleteuser":
delete_user($HTTP_POST_VARS['usernr']);
$feedback = $TEXT_USER_DELETED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_USERS);
echo userAdministration(ADMIN_USERS,$HTTP_POST_VARS['user'], ADMINPAGE);
echo page_foot(ADMINPAGE);
break;
// create a new project
case "newproject":
$db->query("INSERT INTO todo_projects
VALUES
(NULL,'".addslashes($HTTP_POST_VARS['project_name'])."','".addslashes($HTTP_POST_VARS['project_description'])."',".
$HTTP_POST_VARS['project_leader'].")");
$db->query('INSERT INTO todo_project_members
VALUES
(LAST_INSERT_ID(),'.$HTTP_POST_VARS['project_leader'].')');
$feedback = $TEXT_PROJECT_CREATED;
echo page_top($TODO_HEADING,$HTTP_POST_VARS['page']);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration($HTTP_POST_VARS['adm'],$HTTP_POST_VARS['adminmodule'],"LAST_INSERT_ID()");
echo page_foot($HTTP_POST_VARS['page']);
break;
// update a project
case "updateproject":
$db->query("UPDATE todo_projects SET
project_name='".addslashes($HTTP_POST_VARS['new_project_name'])."',
description='".addslashes($HTTP_POST_VARS['new_project_description'])."',
project_leader=".$HTTP_POST_VARS['new_project_leader']."
WHERE id=".$HTTP_POST_VARS['project_id']);
// update project-members... Is there a more elegant way to do this?
// do we have to delete the tasks where someone is assigned who is no longer
// member of the project?
$db->query('DELETE from todo_project_members
WHERE project_id='.$HTTP_POST_VARS['project_id']);
if (sizeof($HTTP_POST_VARS['new_project_members']) > 0) {
$query='INSERT INTO todo_project_members VALUES ';
while ($member_id=array_pop($HTTP_POST_VARS['new_project_members'])){
$query .= '('.$HTTP_POST_VARS['project_id'].", $member_id)";
if (sizeof($HTTP_POST_VARS['new_project_members']) > 0)
$query .= ',';
}
}
$db->query("$query");
$feedback = $TEXT_PROJECT_UPDATED;
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration(ADMIN_PROJECTS,$adminmodule,null);
echo page_foot(ADMINPAGE);
break;
// delete a project
case "deleteproject":
// It would be better to ask before doing this...
delete_project($HTTP_POST_VARS['project_id']);
$feedback = $TEXT_PROJECT_DELETED;
echo page_top($TODO_HEADING,ADMINPAGE);
echo admin_page(ADMIN_PROJECTS);
// FIXME open project-details now!!!
echo projectAdministration(ADMIN_PROJECTS,null,null);
echo page_foot(ADMINPAGE);
break;
// create a new group
case "newgroup":
$db->query("INSERT INTO todo_groups
VALUES
(NULL,'$group_name','". $group_description ."',".$group_leader.")");
$db->query("INSERT INTO todo_group_members
VALUES
(LAST_INSERT_ID(),$group_leader)");
$feedback = $TEXT_GROUP_CREATED;
echo page_top("$TODO_HEADING",$page);
echo admin_page(ADMIN_GROUPS);
echo groupAdministration($HTTP_GET_VARS['adm'],$adminmodule, "LAST_INSERT_ID()");
echo page_foot($page);
break;
/*
// update a group
case "updategroup":
$db->query("UPDATE todo_groups SET
group_name='$new_group_name',
description='$new_group_description',
group_leader=$new_group_leader
WHERE id=$group_id");
// update group-members... Is there a more elegant way to do this?
// do we have to delete the tasks where someone is assigned who is no longer
// member of the group?
$db->query("DELETE from todo_group_members
WHERE group_id=$group_id");
if (sizeof($new_group_members) > 0) {
$query='INSERT INTO todo_group_members VALUES ';
while ($member_id=array_pop($new_group_members)){
$query .= "($group_id, $member_id)";
if (sizeof($new_group_members) > 0)
$query .= ',';
}
}
$db->query("$query");
$feedback = $TEXT_GROUP_UPDATED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_GROUPS);
echo groupAdministration(ADMIN_GROUPS,$adminmodule, $group);
echo page_foot(ADMINPAGE);
break;
// delete a group
case "deletegroup":
// It would be better to ask before doing this...
delete_group($group_id);
$feedback = $TEXT_GROUP_DELETED;
echo page_top("$TODO_HEADING",ADMINPAGE);
echo admin_page(ADMIN_GROUPS);
// FIXME open group-details now!!!
echo groupAdministration(ADMIN_GROUPS,$adminmodule, null);
echo page_foot(ADMINPAGE);
break;
*/
}
break;
}
?>
&nbsp;