109 lines
3.8 KiB
PHP
109 lines
3.8 KiB
PHP
<?php
|
|
/*********************************************************************
|
|
directory.php
|
|
|
|
Company's directories.
|
|
|
|
Peter Rotich <peter@osticket.com>
|
|
Copyright (c) 2006-2010 osTicket
|
|
http://www.osticket.com
|
|
|
|
Released under the GNU General Public License WITHOUT ANY WARRANTY.
|
|
See LICENSE.TXT for details.
|
|
|
|
vim: expandtab sw=4 ts=4 sts=4:
|
|
$Id: $
|
|
**********************************************************************/
|
|
|
|
require('staff.inc.php');
|
|
$nav->setTabActive('directory');
|
|
$nav->addSubMenu(array('desc'=>'Personal','href'=>'directory.php','iconclass'=>'staff'));
|
|
|
|
$WHERE=' WHERE isvisible=1 ';
|
|
$sql=' SELECT staff.staff_id,staff.dept_id, firstname,lastname,email,phone,phone_ext,mobile,dept_name,onvacation '.
|
|
' FROM '.STAFF_TABLE.' staff LEFT JOIN '.DEPT_TABLE.' USING(dept_id)';
|
|
if($_POST && $_POST['a']=='search') {
|
|
$searchTerm=$_POST['query'];
|
|
if($searchTerm){
|
|
$query=db_real_escape($searchTerm,false); //escape the term ONLY...no quotes.
|
|
if(is_numeric($searchTerm)){
|
|
$WHERE.=" AND staff.phone LIKE '%$query%'";
|
|
}elseif(strpos($searchTerm,'@') && Validator::is_email($searchTerm)){
|
|
$WHERE.=" AND staff.email='$query'";
|
|
}else{
|
|
$WHERE.=" AND ( staff.email LIKE '%$query%'".
|
|
" OR staff.lastname LIKE '%$query%'".
|
|
" OR staff.firstname LIKE '%$query%'".
|
|
' ) ';
|
|
}
|
|
}
|
|
if($_POST['dept'] && is_numeric($_POST['dept'])) {
|
|
$WHERE.=' AND staff.dept_id='.db_input($_POST['dept']);
|
|
}
|
|
}
|
|
|
|
$users=db_query("$sql $WHERE ORDER BY lastname,firstname");
|
|
//Render the page.
|
|
require_once(STAFFINC_DIR.'header.inc.php');
|
|
?>
|
|
<div>
|
|
<?if($errors['err']) {?>
|
|
<p align="center" id="errormessage"><?=$errors['err']?></p>
|
|
<?}elseif($msg) {?>
|
|
<p align="center" id="infomessage"><?=$msg?></p>
|
|
<?}elseif($warn) {?>
|
|
<p id="warnmessage"><?=$warn?></p>
|
|
<?}?>
|
|
</div>
|
|
<div align="left">
|
|
<form action="directory.php" method="POST" >
|
|
<input type='hidden' name='a' value='search'>
|
|
Suche nach : <input type="text" name="query" value="<?=Format::htmlchars($_REQUEST['query'])?>">
|
|
Abt.
|
|
<select name="dept">
|
|
<option value=0>Alle Abteilungen</option>
|
|
<?
|
|
$depts= db_query('SELECT dept_id,dept_name FROM '.DEPT_TABLE);
|
|
while (list($deptId,$deptName) = db_fetch_row($depts)){
|
|
$selected = ($_POST['dept']==$deptId)?'selected':''; ?>
|
|
<option value="<?=$deptId?>"<?=$selected?>><?=$deptName?></option>
|
|
<?}?>
|
|
</select>
|
|
|
|
<input type="submit" name="search" class="button" value="GO">
|
|
</form>
|
|
</div>
|
|
<? if($users && db_num_rows($users)):?>
|
|
<div class="msg">Personal Mitarbeiter</div>
|
|
<table border="0" cellspacing=0 cellpadding=2 class="dtable" width="100%">
|
|
<tr>
|
|
<th>Name</th>
|
|
<th>Abt.</th>
|
|
<th>Email</th>
|
|
<th>Tel</th>
|
|
<th>Mobil</th>
|
|
</tr>
|
|
<?
|
|
$class = 'row1';
|
|
while ($row = db_fetch_array($users)) {
|
|
$name=ucfirst($row['firstname'].' '.$row['lastname']);
|
|
$ext=$row['phone_ext']?' Durchwahl '.$row['phone_ext']:'';
|
|
?>
|
|
<tr class="<?=$class?>" id="<?=$row['staff_id']?>" onClick="highLightToggle(this.id);">
|
|
<td><?=$name?> </td>
|
|
<td><?=$row['dept_name']?> </td>
|
|
<td><?=$row['email']?> </td>
|
|
<td><?=Format::phone($row['phone'])?> <?=$ext?></td>
|
|
<td><?=Format::phone($row['mobile'])?> </td>
|
|
</tr>
|
|
<?
|
|
$class = ($class =='row2') ?'row1':'row2';
|
|
}
|
|
?>
|
|
</table>
|
|
<?
|
|
else:
|
|
echo "<b>Probleme beim Anzeigen des Verzeichnisses</b>";
|
|
endif;
|
|
include_once(STAFFINC_DIR.'footer.inc.php');
|
|
?>
|