Add admin pages

admin-www/.htaccess

@@ -0,0 +1,7 @@
+AuthUserFile /home/utd/.htpasswd 
+AuthName "UTD-Hosting Admin"
+AuthType Basic
+
+<Limit GET POST PUT DELETE>
+require valid-user
+</Limit>

admin-www/discount.php

@@ -0,0 +1,22 @@
+<?PHP
+
+$codes = array();
+
+function randLetter($set) {
+ global $codes;
+ $num = rand(65,90);
+ $codes[$set] += $num - 65;
+ return chr($num);
+}
+
+for ($i = 0; $i < 4; $i++) {
+ for ($j = 0; $j < 4; $j++) {
+  echo randLetter($i);
+ }
+ echo '-';
+}
+for ($i = 0; $i < 4; $i++) {
+ echo chr(($codes[$i] % 26) + 65);
+}
+
+?>

admin-www/info.php

@@ -0,0 +1 @@
+<?PHP phpinfo(); ?>

admin-www/info.php6

@@ -0,0 +1 @@
+<?PHP phpinfo(); ?>

admin-www/info.pl

@@ -0,0 +1,10 @@
+#!/opt/perl/current/bin/perl
+print "Content-type: text/html\n\n";
+print "<HTML><HEAD>";
+print "<TITLE>CGI Test</TITLE>";
+print "</head>";
+print "<BODY><h2>Perl Enviroment Info</h2>";
+foreach $key (sort keys(%ENV)) {
+      print "$key = $ENV{$key}<p>";
+   } 
+print "</BODY></HTML>";

admin-www/info.py

@@ -0,0 +1,28 @@
+#!/opt/python/current/bin/python
+
+   import os
+   import cgi
+
+  print "Content-type: text/html"
+  print
+
+  print """<!DOCTYPE html PUBLIC
+     "-//W3C//DTD XHTML 1.0 Transitional//EN"
+     "DTD/xhtml1-transitional.dtd">"""
+ print """
+ <html xmlns = "http://www.w3.org/1999/xhtml" xml:lang="en"
+    lang="en">
+    <head><title>Environment Variables</title></head>
+    <body><table style = "border: 0">"""
+rowNumber = 0
+for item in os.environ.keys():
+    rowNumber += 1
+    if rowNumber % 2 == 0:
+       backgroundColor = "white"
+    else:
+       backgroundColor = "lightgrey"
+   print """<tr style = "background-color: %s">
+    <td>%s</td><td>%s</td></tr>""" \
+       % ( backgroundColor, item,
+          cgi.escape( os.environ[ item ] ) )
+print """</table></body></html>"""

admin-www/issues/.htaccess

@@ -0,0 +1,9 @@
+ErrorDocument 404 /issues/notfound.php
+
+Options -MultiViews
+RewriteEngine on
+
+RewriteRule .* - [E=REMOTE_USER:%{HTTP:Authorization}]
+RewriteRule ^([a-z0-9]+)$ /issues/$1.php [L]
+RewriteRule ^([a-z]+)/([0-9a-z]+)$ /issues/$1.php?n=$2 [L]
+RewriteRule ^([a-z]+)/([0-9a-z]+)/([0-9a-z]+)$ /issues/$1.php?n=$2&m=$3 [L]

admin-www/issues/addcategory.php

@@ -0,0 +1,35 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (isset($_POST['submit'])) {
+  $_POST['name'] = trim($_POST['name']);
+  if (empty($_POST['name'])) {
+   header('Location: '.CP_PATH.'categories');
+   return;
+  }
+
+  $sql = 'INSERT INTO issues_categories
+          (icat_id, icat_name) VALUES(\'0\', \''.m($_POST['name']).'\')';
+
+  $res = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+  logger::log('Issue tracker: category added: '.$_POST['name'], getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+  header('Location: '.CP_PATH.'categories');
+  return;
+ }
+
+ define('TITLE', 'Issue tracker :: Add Category');
+
+ addDashboardItem('Actions', 'Add Category', 'addcategory');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/addcategory.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/addissue.php

@@ -0,0 +1,58 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (isset($_POST['submit'])) {
+  $_POST['title'] = trim($_POST['title']);
+  $_POST['text'] = trim($_POST['text']);
+  if (empty($_POST['title']) || empty($_POST['text'])) {
+   header('Location: '.CP_PATH);
+   return;
+  }
+  if ($_POST['deadline'] == 'none') {
+   $_POST['deadline'] = 0;
+  }
+  if ($_POST['assignee'] != '') {
+   $_POST['status'] = 'assigned';
+  } else {
+   $sql = 'SELECT icat_assign FROM issues_categories WHERE icat_id = '.m($_POST['category']).'';
+   $catRes = mysql_query($sql);
+   $catData = mysql_fetch_assoc($catRes);
+   if ($catData['icat_assign'] != 0) {
+    $_POST['status'] = 'assigned';
+    $_POST['assignee'] = $catData['icat_assign'];
+   } else {
+    $_POST['status'] = 'open';
+   }
+  }
+  $sql = 'INSERT INTO issues_issues
+            (i_id, icat_id, i_submitter, i_assignee, i_priority, i_added, i_updated, i_deadline, i_title, i_status, i_text, i_extensiveness)
+            VALUES(\'0\', \''.m($_POST['category']).'\', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\',
+             \''.m($_POST['assignee']).'\', \''.m($_POST['priority']).'\', \''.time().'\', \''.time().'\', 
+             '.(($_POST['deadline'] == 0) ? '0' : strtotime($_POST['deadline'])).',  \''.m($_POST['title']).'\',
+             \''.m($_POST['status']).'\', \''.m($_POST['text']).'\', \''.m($_POST['extensiveness']).'\')';
+
+  $res = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+  logger::log('Issue tracker: issue added: '.getCategoryName($_POST['category']).': '.$_POST['title'], getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+  header('Location: http://'.$_SERVER['HTTP_HOST'].rtrim(dirname($_SERVER['PHP_SELF'])).'/viewissue/'.mysql_insert_id());
+  return;
+ }
+
+ $categories = getCategories();
+ $admins = getAdmins();
+
+ define('TITLE', 'Issue tracker :: Add Issue');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/addissue.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/addreply.php

@@ -0,0 +1,50 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) && !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH.'viewissues');
+ }
+ 
+ $sql = 'SELECT i_id FROM issues_issues WHERE i_id = '.m($_GET['n']);
+ $res = mysql_query($sql);
+ if (mysql_num_rows($res) == 0) {
+   header('Location: '.CP_PATH.'viewissues');
+ }
+
+ if (isset($_POST['submit'])) {
+  if ($_POST['text'] == '') {
+   header('Location: '.CP_PATH.'viewissue/'.$_GET['n']);
+  }
+
+  $sql = 'INSERT INTO issues_replies
+            (irep_id, i_id, user_id, irep_time, irep_text)
+             VALUES(\'0\', \''.m($_GET['n']).'\', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\',
+             \''.time().'\', \''.m($_POST['text']).'\')';
+
+  $res = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+  $sql = 'UPDATE issues_issues SET i_updated = \''.time().'\' WHERE i_id = \''.$_GET['n'].'\';';
+  $res = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+  logger::log('Issue tracker: reply added to : '.getIssueInfo($_GET['n']), getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+  header('Location: '.CP_PATH.'viewissue/'.$_GET['n'].'#'.mysql_insert_id());
+  return;
+ }
+
+ $categories = getCategories();
+ $admins = getAdmins();
+
+ define('TITLE', 'Issue tracker :: Add Issue');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/addreply.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/categories.php

@@ -0,0 +1,21 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ $categories = getCategoriesInfo();
+
+ define('TITLE', 'Issue tracker :: View Categories');
+
+ addDashboardItem('Actions', 'Add Category', 'addcategory');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/viewcategories.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/deletecategory.php

@@ -0,0 +1,54 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) || !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH.'categories');
+ }
+ 
+ $categories = getCategories();
+
+ if (!isset($categories[$_GET['n']])) {
+   header('Location: '.CP_PATH.'categories');
+   return;
+ }
+ 
+ $sql = 'SELECT COUNT(*) FROM issues_issues WHERE icat_id = '.m($_GET['n']);
+ $res = mysql_query($sql);
+ $data = mysql_fetch_array($res);
+ 
+ if ($data[0] == 0) {
+   if (isset($_POST['confirm'])) {
+    $sql = 'DELETE FROM issues_categories WHERE icat_id = '.m($_GET['n']);
+    mysql_query($sql);
+    $sql = 'DELETE FROM issues_assigns WHERE icat_id = '.m($_GET['n']);
+    mysql_query($sql);
+    logger::log('Issue tracker: category deleted: '.getCategoryName($_POST['n']), getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+    header('Location: '.CP_PATH.'categories');
+    return;
+   } else {
+     $sql = 'SELECT icat_id, icat_name FROM issues_categories WHERE icat_id = '.m($_GET['n']);
+     $res = mysql_query($sql);
+     $data = mysql_fetch_assoc($res);
+     $data[0] = 0;
+   }
+ } else {
+  $sql = 'SELECT i_id, i_title FROM issues_issues WHERE icat_id = '.m($_GET['n']);
+  $res = mysql_query($sql);
+ }
+
+ define('TITLE', 'Issue tracker :: Delete Category :: '.h($categories[$_GET['n']]));
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/deletecategory.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/deleteissue.php

@@ -0,0 +1,53 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) || !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH);
+ }
+ $sql  = 'SELECT i_id, i_title FROM issues_issues WHERE i_id = '.m($_GET['n']);
+
+ $viewIssueRes = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+
+ if (mysql_num_rows($viewIssueRes) == 0) {
+   header('Location: '.CP_PATH);
+ }
+ 
+ $viewIssueData = mysql_fetch_assoc($viewIssueRes);
+ 
+ if (isset($_POST['confirm'])) {
+   $sql = 'DELETE FROM issues_issues WHERE i_id = '.m($_GET['n']);
+   mysql_query($sql);
+   $sql = 'DELETE FROM issues_replies WHERE i_id = '.m($_GET['n']);
+   mysql_query($sql);
+   $sql = 'DELETE FROM issues_logs WHERE i_id = '.m($_GET['n']);
+   mysql_query($sql);
+   logger::log('Issue tracker: issue deleted: '.$viewIssueData['i_title'], getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+   header('Location: '.CP_PATH);
+   return;
+ }
+
+ $sql  = 'SELECT COUNT(*) FROM issues_replies WHERE i_id = '.m($_GET['n']);
+ $viewIssueRepliesRes = mysql_query($sql) or die(mysql_error());
+ $viewIssueRepliesData = mysql_fetch_array($viewIssueRepliesRes);
+ 
+ $sql  = 'SELECT COUNT(*) FROM issues_logs WHERE i_id = '.m($_GET['n']);
+ $viewIssueChangesRes = mysql_query($sql) or die(mysql_error());
+ $viewIssueChangesData = mysql_fetch_array($viewIssueChangesRes);
+
+
+ define('TITLE', 'Issue tracker :: Delete Issue :: '.h($viewIssueData['i_title']));
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/deleteissue.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/editcategory.php

@@ -0,0 +1,47 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) && !ctype_digit($_GET['n'])) {
+  header('Location: '.CP_PATH.'categories');
+ }
+
+ if (isset($_POST['submit'])) {
+  $_POST['name'] = trim($_POST['name']);
+  if (empty($_POST['name'])) {
+   header('Location: '.CP_PATH.'categories');
+   return;
+  }
+
+  $sql = 'UPDATE issues_categories SET icat_name = \''.m($_POST['name']).'\', icat_assign = '.m($_POST['assignee']).' WHERE icat_id = '.m($_GET['n']);
+
+  $res = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+  logger::log('Issue tracker: category edited: '.getCategoryName($_GET['n']), getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+  header('Location: '.CP_PATH.'categories');
+  return;
+ }
+
+ $admins = getAdmins();
+ $sql = 'SELECT icat_id, icat_name, icat_assign FROM issues_categories WHERE icat_id = \''.$_GET['n'].'\'';
+ $res = mysql_query($sql);
+ if (mysql_num_rows($res) == 0) {
+  header('Location: '.CP_PATH.'categories');
+ }
+ $data = mysql_fetch_assoc($res);
+
+
+ define('TITLE', 'Issue tracker :: Edit Category :: '.h($data['icat_name']));
+
+ addDashboardItem('Actions', 'Add Category', 'addcategory');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/editcategory.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/editissue.php

@@ -0,0 +1,118 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) || !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH);
+ }
+
+ $categories = getCategories();
+ $admins = getAdmins();
+
+ $sql  = 'SELECT i.i_id, i.icat_id, c.icat_name, i.i_title, i.i_status, u1.user_name AS i_assignee,
+ u2.user_name AS i_submitter, i.i_priority, i.i_added, i.i_deadline, i.i_updated, i.i_text, i.i_extensiveness
+ FROM issues_issues AS i
+ LEFT JOIN issues_categories AS c ON i.icat_id = c.icat_id
+ LEFT JOIN users AS u1 ON i.i_assignee = u1.user_id
+ LEFT JOIN users AS u2 ON i.i_submitter = u2.user_id
+ WHERE i_id = '.m($_GET['n']);
+ 
+ $viewIssueRes = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+
+ if (mysql_num_rows($viewIssueRes) == 0) {
+   header('Location: '.CP_PATH);
+ }
+
+ $viewIssueData = mysql_fetch_assoc($viewIssueRes);
+
+ if (isset($_POST['submit'])) {
+  if ($_POST['deadline'] == 'none') {
+   $_POST['deadline'] = 0;
+  }
+  if ($_POST['assignee'] == '') {
+    $_POST['assignee'] = 0;
+  }
+  if ($_POST['assignee'] != '' && $_POST['status'] != 'closed') {
+   $_POST['status'] = 'assigned';
+  }
+  $changed = false;
+  if ($_POST['assignee'] != $viewIssueData['i_assignee']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).', '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'assignee\', \''.m($viewIssueData['i_assignee']).'\', \''.m($_POST['assignee']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['status'] != $viewIssueData['i_status']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).', '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'status\', \''.m($viewIssueData['i_status']).'\', \''.m($_POST['status']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['title'] != $viewIssueData['i_title']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).', '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'title\', \''.m($viewIssueData['i_title']).'\', \''.m($_POST['title']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['text'] != $viewIssueData['i_text']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).',  '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'text\', \''.m($viewIssueData['i_text']).'\', \''.m($_POST['text']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['category'] != $viewIssueData['icat_id']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).',  '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'category\', \''.m($viewIssueData['icat_id']).'\', \''.m($_POST['category']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['priority'] != $viewIssueData['i_priority']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).',  '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'priority\', \''.m($viewIssueData['i_priority']).'\', \''.m($_POST['priority']).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if (strtotime($_POST['deadline']) != $viewIssueData['i_deadline']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).',  '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'deadline\', \''.m($viewIssueData['i_deadline']).'\', \''.m(strtotime($_POST['deadline'])).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($_POST['extensiveness'] != $viewIssueData['i_extensiveness']) {
+   $changed = true;
+   $sql = 'INSERT INTO issues_logs
+           VALUES (0, '.m($_GET['n']).',  '.time().', \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\', \'extensiveness\', \''.m($viewIssueData['i_extensiveness']).'\', \''.m(strtotime($_POST['extensiveness'])).'\')';
+   mysql_query($sql) or die($sql."<br>".mysql_error());
+  }
+  if ($changed) {
+   $sql = 'UPDATE issues_issues
+           SET i_title = \''.m($_POST['title']).'\', i_status = \''.m($_POST['status']).'\',
+               i_assignee = \''.m($_POST['assignee']).'\', i_text = \''.m($_POST['text']).'\',
+               i_updated = '.time().', icat_id = '.m($_POST['category']).', i_priority = \''.m($_POST['priority']).'\',
+               i_deadline = '.m(strtotime($_POST['deadline'])).', i_extensiveness = \''.m($_POST['extensiveness']).'\' 
+          WHERE i_id = '.m($_GET['n']);
+   $res = mysql_query($sql) or die($sql."<br>".mysql_error());
+   logger::log('Issue tracker: issue edited: '.getCategoryName($_POST['category']).': '.$_POST['title'], getUserID($_SERVER['REDIRECT_REMOTE_USER']), logger::information);
+  }
+  header('Location: '.CP_PATH.'viewissue/'.$_GET['n']);
+  return;
+ }
+
+ define('TITLE', 'Issue tracker :: Edit Issue :: '.h($viewIssueData['i_title']));
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+ addDashboardItem('Actions', 'Edit', 'editissue/'.$_GET['n']);
+ addDashboardItem('Actions', 'Reply', 'addreply/'.$_GET['n']);
+ addDashboardItem('Actions', 'View Log', 'viewlog/'.$_GET['n']);
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/editissue.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/index.php

@@ -0,0 +1,37 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ $admins = getAdmins();
+ $categories = getCategories();
+
+ $search = array();
+ $search['title'] = 'Recently updated issues';
+ $search['keywords'] = '';
+ $search['keywordloc'] = 'both';
+ $search['submitter'] = 'any';
+ $search['assignee'] = 'any';
+ $search['added'] = 'any';
+ $search['updated'] = 'any';
+ $search['deadline'] = 'any';
+ $search['priority'] = array('urgent', 'high', 'normal', 'low');
+ $search['status'] = array('open', 'assigned', 'closed', 'reopened');
+ $search['categories'] = array_keys($categories);
+ $search['order'] = 'updateddesc';
+ $search['limit'] = 20;
+
+ define('TITLE', 'Issue tracker');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/searchresults.php');
+ 
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/lib/account.php

@@ -0,0 +1,25 @@
+<?php
+$authInfo = base64_decode(substr($_SERVER["REDIRECT_REMOTE_USER"],6));
+unset($_SERVER['REDIRECT_REMOTE_USER']);
+if ($authInfo != "") {
+list($user, $password) = explode(':', $authInfo);
+$_SERVER['REDIRECT_REMOTE_USER'] = $user;
+$_SERVER['PHP_AUTH_PW'] = $password;
+}
+while (!isset($_SERVER['REDIRECT_REMOTE_USER']) || $_SERVER['REDIRECT_REMOTE_USER'] == "" ) {
+ if ( (strlen($authInfo) == 0) || ( strcasecmp($authInfo, ":" )  == 0 )) {
+  header('WWW-Authenticate: Basic realm="UTD-Hosting"');
+  header('HTTP/1.0 401 Unauthorized');
+  die('<div class="block">Authorisation failed.</div>');
+  return;
+ } else {
+ $sql = 'SELECT user_name FROM users
+   WHERE user_name = \''.m($_SERVER['REDIRECT_REMOTE_USER']).'\'
+   AND user_pass = \''.m(md5($_SERVER['REDIRECT_REMOTE_USER'].$_SERVER['PHP_AUTH_PW'])).'\' AND user_admin = 1';
+ $res = mysql_query($sql) or die(mysql_error());
+ if (mysql_num_rows($res) > 0) {
+   $result = mysql_fetch_assoc($res);
+ }
+ }
+}
+?>

admin-www/issues/lib/common.php

@@ -0,0 +1,201 @@
+<?PHP
+
+ if (defined('LIB_COMMON')) { return; }
+
+ require_once('lib/database.php');
+ //require_once('lib/account.php');
+ require_once('lib/log.php');
+ 
+ define('CP_PATH', '/issues/');
+
+ function stripSlashesDeep($value) {
+    $value = is_array($value) ? array_map('stripslashesDeep', $value) : (isset($value) ? stripslashes($value) : null);
+    return $value;
+  }
+
+ function stripSlashesOnInput() {
+    if (get_magic_quotes_gpc()) {
+      $_POST = stripSlashesDeep($_POST);
+      $_GET = stripSlashesDeep($_GET);
+      $_COOKIE = stripSlashesDeep($_COOKIE);
+    }
+  }
+
+ function repairPost($data) {
+  $rawpost = "&".file_get_contents("php://input");
+   while(list($key,$value)= each($data)) {
+    $pos = preg_match_all("/&".$key."=([^&]*)/i",$rawpost, $regs, PREG_PATTERN_ORDER);
+    if((!is_array($value)) && ($pos > 1)) {
+     $qform[$key] = array();
+     for($i = 0; $i < $pos; $i++) {
+      $qform[$key][$i] = urldecode($regs[1][$i]);
+     }
+    } else {
+    $qform[$key] = $value;
+   }
+  }
+  return $qform;
+ }
+
+ function getAdmins() {
+  $sql = 'SELECT user_id, user_name FROM users WHERE user_admin = 1 AND user_pass != \'invalid\' ORDER BY user_name';
+  $adminsRes = mysql_query($sql);
+  if (mysql_num_rows($adminsRes) == 0) {
+   return array();
+  }
+  while ($adminsData = mysql_fetch_assoc($adminsRes)) {
+   $admins[$adminsData['user_id']] = $adminsData['user_name'];
+  }
+  return $admins;
+ }
+
+ function getCategories() {
+  $sql = 'SELECT icat_id, icat_name, icat_assign FROM issues_categories ORDER BY icat_name';
+  $categoriesRes = mysql_query($sql);
+  if (mysql_num_rows($categoriesRes) == 0) {
+   return array();
+  }
+  $categories = array();
+  while ($categoriesData = mysql_fetch_assoc($categoriesRes)) {
+   $categories[$categoriesData['icat_id']] = $categoriesData['icat_name'];   
+  }
+  return $categories;
+ }
+ 
+ function getCategoriesInfo() {
+  $sql = 'SELECT icat_id, icat_name, icat_assign FROM issues_categories ORDER BY icat_name';
+  $categoriesRes = mysql_query($sql);
+  if (mysql_num_rows($categoriesRes) == 0) {
+   return array();
+  }
+  $categories = array();
+  while ($categoriesData = mysql_fetch_assoc($categoriesRes)) {
+   $categories[$categoriesData['icat_id']] = array('name'=>$categoriesData['icat_name'], 'assign'=>$categoriesData['icat_assign']);
+  }
+  return $categories;
+ }
+
+ function getUserID($name) {
+   $sql = 'SELECT user_id FROM users WHERE user_name = \''.m($name).'\'';
+   $res = mysql_query($sql);
+   if (mysql_num_rows($res) == 0) {
+     return 0;
+   }
+   $result = mysql_fetch_assoc($res);
+   return $result['user_id'];
+ }
+
+function getUserName($id) {
+   $sql = 'SELECT user_name FROM users WHERE user_id = '.m($id);
+   $res = mysql_query($sql);
+   if (mysql_num_rows($res) == 0) {
+     return 'Unknown';
+   }
+   $result = mysql_fetch_assoc($res);
+   return $result['user_name'];
+ }
+ 
+ function getCategoryID($name) {
+   $sql = 'SELECT icat_id FROM issues_categories WHERE icat_name = \''.m($name).'\'';
+   $res = mysql_query($sql);
+   if (mysql_num_rows($res) == 0) {
+     return 0;
+   }
+   $result = mysql_fetch_assoc($res);
+   return $result['icat_id'];
+ }
+
+ function getCategoryName($id) {
+   $sql = 'SELECT icat_name FROM issues_categories WHERE icat_id = '.m($id);
+   $res = mysql_query($sql);
+   if (mysql_num_rows($res) == 0) {
+     return 'Unknown';
+   }
+   $result = mysql_fetch_assoc($res);
+   return $result['icat_name'];
+ }
+ 
+ function getIssueTitle($id) {
+  $sql = 'SELECT i_title FROM issues_issues WHERE i_id = '.m($id);
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   return 'Unknown';
+  }
+  $result = mysql_fetch_assoc($res);
+  return $result['i_title'];
+ }
+
+ function getIssueInfo($id) {
+  $sql = 'SELECT i_title, icat_name FROM issues_issues NATURAL JOIN issues_categories WHERE i_id = '.m($id);
+  $res = mysql_query($sql);
+  if (mysql_num_rows($res) == 0) {
+   return 'Unknown : Unknown';
+  }
+  $result = mysql_fetch_assoc($res);
+  return $result['icat_name'].': '.$result['i_title'];
+ }
+ 
+ function NiceSize($bytes) {
+  $sizes = array();
+  $sizes[1024] = ' <abbr title="Kibibytes">KiB</abbr>';
+  $sizes[(1024*1024)] = ' <abbr title="Mebibytes">MiB</abbr>';
+  $sizes[(1024*1024*1024)] = ' <abbr title="Gibibytes">GiB</abbr>';
+  krsort($sizes);
+  foreach ($sizes as $val => $name) {
+   if ($bytes > ($val * 1.2)) {
+    return round($bytes/$val, 2).$name;
+   }
+  }
+  return $bytes.' <abbr title="Bytes">B</abbr>';
+ }
+ 
+ function h ($text) { return htmlspecialchars($text); } 
+ function m ($a) { return mysql_real_escape_string($a); }
+
+ function n ($user) {
+  if (strtolower($user) == strtolower($_SERVER['REDIRECT_REMOTE_USER'])) {
+   return '<strong>You</strong>';
+  } elseif ($user == '') {
+   return '<span style="font-style: italic;">None</span>';
+  } else {
+   return h($user);
+  }
+ }
+ 
+ function d($format, $timestamp) {
+   if ($timestamp == 0) {
+     return '<span style="font-style: italic;">None</span>';
+   }
+   return date($format, $timestamp);
+ }
+
+ function duration($seconds=0, $max_periods=7)
+ {
+  if (empty($seconds)) {
+    return '0 seconds';
+  }
+  $periods = array("year" => 31536000, "month" => 2419200, "week" => 604800, "day" => 86400, "hour" => 3600, "minute" => 60, "second" => 1);
+  $i = 1;
+  foreach ( $periods as $period => $period_seconds )
+  {
+   $period_duration = floor($seconds / $period_seconds);
+   $seconds = $seconds % $period_seconds;
+   if ( $period_duration == 0 )
+   {
+    continue;
+   }
+   $duration[] = "{$period_duration} {$period}" . ($period_duration > 1 ? 's' : '');
+   $i++;
+   if ( $i >  $max_periods )
+   {
+    break;
+   }
+  }
+  return implode(' ', $duration);
+ }
+ 
+ stripSlashesOnInput();
+
+ define('LIB_COMMON', true);
+
+?>

admin-www/issues/lib/dashboard.php

@@ -0,0 +1,42 @@
+<?PHP
+
+if (defined('LIB_DASHBOARD')) { return; }
+
+$dbitems = array();
+
+function addDashboardItem ($category, $title, $url) {
+  global $dbitems;
+  
+  if (!isset($dbitems[$category])) {
+    $dbitems[$category] = array();
+  }
+  
+  $dbitems[$category][$title] = $url;
+}
+
+function generateDashboard () {
+  global $dbitems;
+  
+  ksort($dbitems);
+  
+  foreach ($dbitems as $k => $v) { ksort($dbitems[$k]); }
+  
+  echo '<div id="dashboard">';
+  
+  foreach ($dbitems as $category => $data) {
+    echo '<h2>'.$category.'</h2><ul>';  
+    foreach ($data as $title => $url) {
+      if ($url[0] != '#' && substr($url,0,7) != 'http://') { 
+	    $url = CP_PATH.$url;
+      }
+      echo '<li><a href="'.htmlspecialchars($url).'">'.$title.'</a></li>';
+    }
+    echo '</ul>';
+  }
+  
+  echo '</div>';
+}
+
+define('LIB_DASHBOARD', true);
+
+?>

admin-www/issues/lib/database.php

@@ -0,0 +1,10 @@
+<?PHP
+
+ if (defined('LIB_DB') && !isset($_redodb)) { return; }
+
+ mysql_connect('', '', '');
+ mysql_select_db('');
+
+ define('LIB_DB', true);
+
+?>

admin-www/issues/lib/footer.php

@@ -0,0 +1,2 @@
+ </body>
+</html>

admin-www/issues/lib/header.php

@@ -0,0 +1,37 @@
+<?PHP
+
+ if (!defined('LIB_COMMON')) { require_once('lib/common.php'); }
+ if (!defined('LIB_DASHBOARD')) { require_once('lib/dashboard.php'); }
+
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+ <head>
+  <title>UTD-Hosting :: <?PHP echo TITLE; ?></title>
+  <link rel="stylesheet" type="text/css" href="<?PHP echo CP_PATH; ?>res/style.css">
+ </head>
+ <body>
+  <div id="header">
+   <h1><img src="<?PHP echo CP_PATH; ?>res/logo.png" alt="UTD-Hosting" title="UTD-Hosting"></h1>
+  </div>
+  <div id="menu">
+   <div id="menuleft">
+    <a href="<?PHP echo CP_PATH; ?>">Issue Tracker</a> |
+    <a href="<?PHP echo CP_PATH; ?>search">Search</a> |
+    <a href="<?PHP echo CP_PATH; ?>stats">Stats</a> |
+    <a href="<?PHP echo CP_PATH; ?>categories">Categories</a> |
+    <a href="<?PHP echo CP_PATH; ?>searches">Searches</a>
+   </div>
+   <div id="menuright">
+    <a href="https://secure.utd-hosting.com/control">Control panel</a> |
+    <a href="https://secure.utd-hosting.com/control/admin">Admin</a>
+   </div>
+  </div>
+  <?PHP generateDashboard(); ?>
+  <?PHP if (defined('MESSAGE')) { ?>
+  <div id="message">
+   <div>
+    <?PHP echo MESSAGE; ?>
+   </div>
+  </div>
+  <?PHP } ?>

admin-www/issues/lib/log.php

@@ -0,0 +1,59 @@
+<?PHP
+
+ require_once('lib/database.php');
+
+ class logger {
+
+  const unknown = "'unknown'";
+  const critical = "'critical'";
+  const important = "'important'";
+  const normal = "'normal'";
+  const information = "'info'";
+  const info = "'info'";
+
+  static function log ($message, $uid = false, $level = logger::unknown) {
+   if ($uid !== false && !ctype_digit($uid)) {
+    $temp = $level;
+    $level = $uid;
+    $uid = $temp;
+   }
+
+   if ($uid === false || !ctype_digit($uid)) {
+    if (defined('UID')) { $uid = UID; } else { $uid = 5; }
+   }
+
+   $sql  = 'INSERT INTO log (user_id, log_level, log_time, log_message) ';
+   $sql .= 'VALUES('.$uid.', '.$level.', '.time().', \''.m($message).'\')';
+   mysql_query($sql);
+
+   $botmsg = '';
+   switch ($level) {
+    case self::critical:
+     $botmsg = chr(2).chr(3).'4CRITICAL:'.chr(3).chr(2); break;
+    case self::important:
+     $botmsg = chr(2).'IMPORTANT:'.chr(2); break;
+    case self::normal:
+     $botmsg = 'NORMAL:'; break;
+    case self::unknown:
+     $botmsg = 'UNKNOWN:'; break;
+    case self::information:
+     $botmsg = chr(3).'14INFORMATION:'.chr(3); break;
+   }
+
+   if ($uid != 5) {
+    $sql = 'SELECT user_name FROM users WHERE user_id = '.$uid;
+    $res = mysql_query($sql);
+    $row = mysql_fetch_array($res);
+    $botmsg .= ' User '.$row['user_name'].':';
+   }
+
+   $botmsg .= ' '.$message;
+
+   if ($fh = @fsockopen('207.150.170.50',7530,$errno,$errstr,0.1)) {
+    fputs($fh, '...'.$botmsg."\r\n");
+    fclose($fh);
+   }
+  }
+ }
+
+?>

admin-www/issues/notfound.php

@@ -0,0 +1,19 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ define('TITLE', 'Issue tracker :: 404 - Page not found');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/404.php');
+ 
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/pages/404.php

@@ -0,0 +1,4 @@
+<div class="block">
+ <h2>Page not found</h2>
+ <p>The page you requested (<?php echo str_replace(CP_PATH, '', $_SERVER['REQUEST_URI']) ?>) was not found.</p>
+</div>

admin-www/issues/pages/addcategory.php

@@ -0,0 +1,11 @@
+<div class="block">
+ <h2>Add Category</h2>
+ <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
+ <table class="innerblock righthead">
+  <tr><th>Name</th><td><input type="text" name="name" value="" size="50" /></td></tr>
+  <tr><th>Actions</th><td>
+   <input type="submit" name="submit" value="Submit" />&nbsp;<input type="reset" value="Reset" />
+  </td></tr>
+ </table>
+ </form>
+</div>

admin-www/issues/pages/addissue.php

@@ -0,0 +1,51 @@
+<div class="block">
+ <h2>Add Issue</h2>
+ <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
+ <table class="innerblock righthead">
+  <tr><th>Title</th><td><input type="text" name="title" size="50" /></td></tr>
+  <tr><th>Category</th><td>
+   <select name="category" size="1">
+    <?php
+      foreach($categories as $id => $name) {
+        echo '<option value="'.$id.'">'.$name.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+  </td></tr>
+  <tr><th>Assignee</th><td>
+   <select name="assignee">
+    <option value="">(None)</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'">'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+  </td></tr>
+  <tr><th>Priority</th><td>
+   <select name="priority" size="1">
+    <option value="urgent">Urgent</option>
+    <option value="high">High</option>
+    <option value="normal" selected="true">Normal</option>
+    <option value="low">Low</option>
+   </select>
+  </tr><tr>
+   <th>Extensiveness</th>
+   <td>
+    <select name="extensiveness" size="1">
+     <option name="extensive">Extensive</option>
+     <option name="normal" selected="true">Normal</option>
+     <option name="trivial">Trivial</option>
+    </select>
+   </td>
+  </tr> 
+  <tr><th>Deadline</th><td><input type="text" name="deadline" size="50" value="none"/></td></tr>
+  <tr><th>Notes</th><td>
+  <textarea name="text" cols="45" rows="10"></textarea>
+  </td></tr>
+  <tr><th>Actions</th><td>
+   <input type="submit" name="submit" value="Submit" />&nbsp;<input type="reset" value="Reset" />
+  </td></tr>
+ </table>
+ </form>
+</div>

admin-www/issues/pages/addreply.php

@@ -0,0 +1,13 @@
+<div class="block">
+ <h2>Add Reply</h2>
+ <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
+ <table class="innerblock righthead">
+  <tr><th>Notes</th><td>
+  <textarea name="text" cols="45" rows="10"></textarea>
+  </td></tr>
+  <tr><th>Actions</th><td>
+   <input type="submit" name="submit" value="Submit" />&nbsp;<input type="reset" value="Reset" />
+  </td></tr>
+ </table>
+ </form>
+</div>

admin-www/issues/pages/addsearch.php

@@ -0,0 +1,113 @@
+<div class="block">
+ <h2>Search Options</h2>
+ <div class="innerblock">
+ <form action="<?php $_SERVER['REQUEST_URI']; ?>" method="post">
+  <div class="searchrow">
+   <label for="name">Title: </label>
+   <input type="text" name="title" value="" />
+  </div>
+  <div class="searchrow">
+   <label for="keywords">Keywords:</label>
+   <input type="text" name="keywords" class="search" value="">
+
+   <label for="keywordloc">Search in:</label>
+   <select name="keywordloc">
+    <option value="both">Titles And Notes</option>
+    <option value="title">Titles</option>
+    <option value="notes">Notes</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="submitter">Submitter:</label>
+   <select name="submitter">
+    <option value="any">Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'">'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="assignee">Assignee:</label>
+   <select name="assignee">
+    <option value="any">Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'">'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="added">Added:</label>
+   <select name="added">
+    <option value="any">Any time</option>
+    <option value="day">Past day</option>
+    <option value="week">Past week</option>
+    <option value="month">Past month</option>
+   </select>
+
+   <label for="updated">Updated:</label>
+   <select name="updated">
+    <option value="any">Any time</option>
+    <option value="day">Past day</option>
+    <option value="week">Past week</option>
+    <option value="month">Past month</option>
+   </select>
+
+   <label for="deadline">Deadline:</label>
+   <select name="deadline">
+    <option value="any">Any time</option>
+    <option value="day">Tomorrow</option>
+    <option value="week">Next week</option>
+    <option value="month">Next month</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="status" style="vertical-align: top">Status: </label>
+   <select name="status" multiple="true" size="4">
+    <option value="open">Open</option>
+    <option value="assigned">Assigned</option>
+    <option value="closed">Closed</option>
+    <option value="reopened">Re-Opened</option>
+   </select>
+
+   <label for="priority" style="vertical-align: top">Priority: </label>
+   <select name="priority" multiple="true" size="4">
+    <option value="urgent">Urgent</option>
+    <option value="high">High</option>
+    <option value="normal">Normal</option>
+    <option value="low">Low</option>
+   </select>
+
+   <label for="categories" style="vertical-align: top">Category: </label>
+   <select name="categories" multiple="true" size="4">
+    <option value="all">All</option>
+    <?php
+      foreach($categories as $id => $name) {
+        echo '<option value="'.$id.'">'.$name.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="order" style="vertical-align: top">Order: </label>
+   <select name="order" size="4">
+    <option value="added">Added</option>
+    <option value="updated">Updated</option>
+    <option value="status">Status</option>
+    <option value="priority">Priority</option>
+    <option value="category">Category</option>
+    <option value="deadline">Deadline</option>
+    <option value="title">Title</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="limit">Limit: </label>
+   <input type="text" name="limit" value="" />
+  </div>
+  <div class="searchrow">
+   <input type="submit" name="add" value="Add">
+  </div>
+ </form>
+ </div>
+</div>

admin-www/issues/pages/deletecategory.php

@@ -0,0 +1,40 @@
+<?php
+if ($data[0] == 0) {
+  ?>
+  <div class="block">
+   <h2>Delete Category :: Confirmation</h2>
+   <div class="innerblock">
+    Are you sure you want to delete category #<?php echo $data['icat_id']; ?> (<?php echo $data['icat_name']; ?>)?
+    <form action="<?php $_SERVER['REQUEST_URI']; ?>" method="post"><input type="submit" name="confirm" value="Yes" /></form>
+   </div>
+  </div>
+  <?php
+} else {
+?>
+<div class="block">
+ <h2>Unable to delete category</h2>
+ <div class="innerblock bottomdiv">
+  You cannot delete a category which has active issues, please alter the issues below before proceeding.
+ </div>
+ <table class="innerblock">
+  <tr>
+   <th>ID</th><th>Title</th><th>Actions</th>
+  </tr>
+   <?php
+   $i = -1;
+   while($data = mysql_fetch_assoc($res)) {
+     $i++;
+    ?>
+    <tr <?php echo ($i % 2 == 0 ? 'class="even"':'class="odd"'); ?>>
+     <td><?php echo $data['i_id']; ?></td>
+     <td><?php echo $data['i_title']; ?></td>
+     <td><a href="<?php echo CP_PATH.'editissue/'.$data['i_id']; ?>" title="Edit">Edit</a> | <a href="<?php echo CP_PATH.'deleteissue/'.$data['i_id']; ?>" title="Delete">Delete</a></td>
+    </tr>
+    <?php
+   }
+   ?>
+ </table>
+</div>
+<?php
+}
+?>

admin-www/issues/pages/deleteissue.php

@@ -0,0 +1,12 @@
+<div class="block">
+ <h2>Delete Issue :: Confirmation</h2>
+ <table class="innerblock righthead bottomdiv">
+  <tr><th>Title</th><td><?php echo $viewIssueData['i_title']; ?></td></tr>
+  <tr><th># Replies</th><td><?php echo $viewIssueRepliesData['0']; ?></td></tr>
+  <tr><th># Changes</th><td><?php echo $viewIssueChangesData['0']; ?></td></tr>
+ </table>
+ <div class="innerblock">
+  Are you sure you want to delete issue #<?php echo $viewIssueData['i_id']; ?>?
+  <form action="<?php $_SERVER['REQUEST_URI']; ?>" method="post"><input type="submit" name="confirm" value="Yes" /></form>
+ </div>
+</div>

admin-www/issues/pages/editcategory.php

@@ -0,0 +1,21 @@
+<div class="block">
+ <h2>Edit Category</h2>
+ <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
+ <table class="innerblock righthead">
+  <tr><th>Name</th><td><input type="text" name="name" value="<?php echo $data['icat_name']; ?>" size="50" /></td></tr>
+  <tr><th>Auto-Assignee</th><td>
+    <select name="assignee">
+     <option value="0">(None)</option>
+     <?php
+       foreach($admins as $id => $username) {
+         echo '<option value="'.$id.'"'.(($data['icat_assign'] == $id) ? ' selected="true"' : '').'>'.$username.'</option>'."\r\n";
+       }
+     ?>
+    </select>
+   </td></tr>
+  <tr><th>Actions</th><td>
+   <input type="submit" name="submit" value="Submit" />&nbsp;<input type="reset" value="Reset" />
+  </td></tr>
+ </table>
+ </form>
+</div>

admin-www/issues/pages/editissue.php

@@ -0,0 +1,61 @@
+<div class="block">
+ <h2>Edit Issue</h2>
+ <form method="post" action="<?php echo $_SERVER['REQUEST_URI']; ?>">
+  <table class="innerblock righthead">
+   <tr><th>Title</th><td><input type="text" name="title" value="<?php echo h($viewIssueData['i_title']); ?>" size="50" /></td></tr>
+   <tr><th>Category</th><td>
+    <select name="category" size="1">
+     <?php
+       foreach($categories as $id => $name) {
+         echo '<option value="'.$id.'"'.(($viewIssueData['icat_name'] == $name) ? ' selected="true"' : '').'>'.$name.'</option>'."\r\n";
+       }
+     ?>
+   </td></tr>
+   <tr><th>Status</th><td>
+    <select name="status" size="1">
+     <option value="open"<?php echo (($viewIssueData['i_status'] == 'open') ? ' selected="true"': '');?>>Open</option>
+     <option value="assigned"<?php echo (($viewIssueData['i_status'] == 'assigned') ? ' selected="true"': '');?>>Assigned</option>
+     <option value="closed"<?php echo (($viewIssueData['i_status'] == 'closed') ? ' selected="true"': '');?>>Closed</option>
+     <option value="reopened"<?php echo (($viewIssueData['i_status'] == 'reopened') ? ' selected="true"': '');?>>Re-Open</option>
+    </select>
+   </td></tr>
+   <tr><th>Assignee</th><td>
+    <select name="assignee">
+     <option value="">(None)</option>
+     <?php
+       foreach($admins as $id => $username) {
+         echo '<option value="'.$id.'"'.(($viewIssueData['i_assignee'] == $username) ? ' selected="true"' : '').'>'.$username.'</option>'."\r\n";
+       }
+     ?>
+    </select>
+   </td></tr>
+   <tr><th>Priority</th><td>
+    <select name="priority" size="1">
+     <option value="urgent"<?php echo (($viewIssueData['i_priority'] == 'urgent') ? ' selected="true"': '');?>>Urgent</option>
+     <option value="high"<?php echo (($viewIssueData['i_priority'] == 'high') ? ' selected="true"': '');?>>High</option>
+     <option value="normal"<?php echo (($viewIssueData['i_priority'] == 'normal') ? ' selected="true"': '');?>>Normal</option>
+     <option value="low"<?php echo (($viewIssueData['i_priority'] == 'low') ? ' selected="true"': '');?>>Low</option>
+    </select>
+   </td></tr>
+   <tr>
+    <th>Extensiveness</th>
+    <td>
+     <select name="extensiveness" size="1">
+      <option name="extensive"<?php echo (($viewIssueData['i_extensiveness'] == 'extensive') ? ' selected="true"': '');?>>Extensive</option>
+      <option name="normal"<?php echo (($viewIssueData['i_extensiveness'] == 'normal') ? ' selected="true"': '');?>>Normal</option>
+      <option name="trivial"<?php echo (($viewIssueData['i_extensiveness'] == 'trivial') ? ' selected="true"': '');?>>Trivial</option>
+     </select>
+    </td>
+   </tr>
+   <tr><th>Deadline</th><td>
+    <input type="text" name="deadline" size="50" value="<?php echo date('Y-m-d H:i:s', $viewIssueData['i_deadline']);?>"/>
+   </td></tr>
+   <tr><th>Notes</th><td>
+    <textarea name="text" cols="45" rows="10"><?php echo htmlentities($viewIssueData['i_text']); ?></textarea>
+   </td></tr>
+   <tr><th>Actions</th><td>
+    <input type="submit" name="submit" value="Submit" />&nbsp;<input type="reset" value="Reset" />
+   </td></tr>
+  </table>
+ </form>
+</div>

admin-www/issues/pages/editsearch.php

@@ -0,0 +1,113 @@
+<div class="block">
+ <h2>Search Options</h2>
+ <div class="innerblock">
+ <form action="<?php $_SERVER['REQUEST_URI']; ?>" method="post">
+  <div class="searchrow">
+   <label for="name">Title: </label>
+   <input type="text" name="title" value="<?php echo $search['title']; ?>" />
+  </div>
+  <div class="searchrow">
+   <label for="keywords">Keywords:</label>
+   <input type="text" name="keywords" class="search" value="<?php echo $search['keywords']?>">
+
+   <label for="keywordloc">Search in:</label>
+   <select name="keywordloc">
+    <option value="both"<?php echo (($search['keywordloc'] == 'both') ? ' selected="true"' : '' )?>>Titles And Notes</option>
+    <option value="title"<?php echo (($search['keywordloc'] == 'title') ? ' selected="true"' : '' )?>>Titles</option>
+    <option value="notes"<?php echo (($search['keywordloc'] == 'notes') ? ' selected="true"' : '' )?>>Notes</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="submitter">Submitter:</label>
+   <select name="submitter">
+    <option value="any"<?php echo (($search['submitter'] == 'any') ? ' selected="true"' : '' )?>>Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'"'.(($search['submitter'] == $id) ? ' selected="true"' : '' ).'>'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="assignee">Assignee:</label>
+   <select name="assignee">
+    <option value="any"<?php echo (($search['assignee'] == 'any') ? ' selected="true"' : '' )?>>Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'"'.(($search['assignee'] == $id) ? ' selected="true"' : '' ).'>'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="added">Added:</label>
+   <select name="added">
+    <option value="any"<?php echo (($search['added'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['added'] == 'day') ? ' selected="true"' : '' )?>>Past day</option>
+    <option value="week"<?php echo (($search['added'] == 'week') ? ' selected="true"' : '' )?>>Past week</option>
+    <option value="month"<?php echo (($search['added'] == 'month') ? ' selected="true"' : '' )?>>Past month</option>
+   </select>
+
+   <label for="updated">Updated:</label>
+   <select name="updated">
+    <option value="any"<?php echo (($search['updated'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['updated'] == 'day') ? ' selected="true"' : '' )?>>Past day</option>
+    <option value="week"<?php echo (($search['updated'] == 'week') ? ' selected="true"' : '' )?>>Past week</option>
+    <option value="month"<?php echo (($search['updated'] == 'month') ? ' selected="true"' : '' )?>>Past month</option>
+   </select>
+
+   <label for="deadline">Deadline:</label>
+   <select name="deadline">
+    <option value="any"<?php echo (($search['deadline'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['deadline'] == 'day') ? ' selected="true"' : '' )?>>Tomorrow</option>
+    <option value="week"<?php echo (($search['deadline'] == 'week') ? ' selected="true"' : '' )?>>Next week</option>
+    <option value="month"<?php echo (($search['deadline'] == 'month') ? ' selected="true"' : '' )?>>Next month</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="status" style="vertical-align: top">Status: </label>
+   <select name="status" multiple="true" size="4">
+    <option value="open"<?php echo ((in_array('open', $search['status'])) ? ' selected="true"' : '' )?>>Open</option>
+    <option value="assigned"<?php echo ((in_array('assigned', $search['status'])) ? ' selected="true"' : '' )?>>Assigned</option>
+    <option value="closed"<?php echo ((in_array('closed', $search['status'])) ? ' selected="true"' : '' )?>>Closed</option>
+    <option value="reopened"<?php echo ((in_array('reopened', $search['status'])) ? ' selected="true"' : '' )?>>Re-Opened</option>
+   </select>
+
+   <label for="priority" style="vertical-align: top">Priority: </label>
+   <select name="priority" multiple="true" size="4">
+    <option value="urgent"<?php echo ((in_array('urgent', $search['priority'])) ? ' selected="true"' : '' )?>>Urgent</option>
+    <option value="high"<?php echo ((in_array('high', $search['priority'])) ? ' selected="true"' : '' )?>>High</option>
+    <option value="normal"<?php echo ((in_array('normal', $search['priority'])) ? ' selected="true"' : '' )?>>Normal</option>
+    <option value="low"<?php echo ((in_array('low', $search['priority'])) ? ' selected="true"' : '' )?>>Low</option>
+   </select>
+
+   <label for="categories" style="vertical-align: top">Category: </label>
+   <select name="categories" multiple="true" size="4">
+    <option value="any"<?php echo (($search['categories'] == 'all') ? ' selected="true"' : '' )?>>All</option>
+    <?php
+      foreach($categories as $id => $name) {
+        echo '<option value="'.$id.'"'.((in_array($id, $search['categories'])) ? ' selected="true"' : '' ).'>'.$name.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="order" style="vertical-align: top">Order: </label>
+   <select name="order" size="4">
+    <option value="added"<?php echo (($search['order'] == 'added') ? ' selected="true"' : '' )?>>Added</option>
+    <option value="updated"<?php echo (($search['order'] == 'updated') ? ' selected="true"' : '' )?>>Updated</option>
+    <option value="status"<?php echo (($search['order'] == 'status') ? ' selected="true"' : '' )?>>Status</option>
+    <option value="priority"<?php echo (($search['order'] == 'priority') ? ' selected="true"' : '' )?>>Priority</option>
+    <option value="category"<?php echo (($search['order'] == 'category') ? ' selected="true"' : '' )?>>Category</option>
+    <option value="deadline"<?php echo (($search['order'] == 'deadline') ? ' selected="true"' : '' )?>>Deadline</option>
+    <option value="title"<?php echo (($search['order'] == 'title') ? ' selected="true"' : '' )?>>Title</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="limit">Limit: </label>
+   <input type="text" name="limit" value="<?php echo $search['limit']?>" />
+  </div>
+  <div class="searchrow">
+   <input type="submit" name="edit" value="Edit">
+  </div>
+ </form>
+ </div>
+</div>

admin-www/issues/pages/listsearch.php

@@ -0,0 +1,35 @@
+<div class="block">
+ <h2>Your saved searches</h2>
+ <table class="innerblock">
+  <tr><th>Name</th><th>Actions</th></tr>
+  <?php
+   if (count($savedsearches) == 0) {
+    echo '<tr><td style="text-align: center; font-style: italic;" colspan="3">No Results Found</td></tr>';
+   } else {
+    foreach($savedsearches as $search) {
+     echo '<tr><td><a href="'.CP_PATH.'search/'.$search['isea_id'].'" title="'.$search['isea_name'].'">'.$search['isea_name'].'</a></td>
+           <td><a href="'.CP_PATH.'searches/edit/'.$search['isea_id'].'" title="Edit">Edit</a> |
+           <a href="'.CP_PATH.'searches/delete/'.$search['isea_id'].'" title="Delete">Delete</a></td></tr>';
+    }
+   }
+  ?>
+ </table>
+</div>
+
+<div class="block">
+ <h2>Global saved searches</h2>
+ <table class="innerblock">
+  <tr><th>Name</th><th>Actions</th></tr>
+  <?php
+   if (count($globalsavedsearches) == 0) {
+    echo '<tr><td style="text-align: center; font-style: italic;" colspan="3">No Results Found</td></tr>';
+   } else {
+    foreach($globalsavedsearches as $search) {
+     echo '<tr><td><a href="'.CP_PATH.'search/'.$search['isea_id'].'" title="'.$search['isea_name'].'">'.$search['isea_name'].'</a></td>
+           <td><a href="'.CP_PATH.'searches/edit/'.$search['isea_id'].'" title="Edit">Edit</a> |
+           <a href="'.CP_PATH.'searches/delete/'.$search['isea_id'].'" title="Delete">Delete</a></td></tr>';
+    }
+   }
+  ?>
+ </table>
+</div>

admin-www/issues/pages/searchform.php

@@ -0,0 +1,114 @@
+<?php
+//unset($search['search']);
+//echo serialize($search);
+?>
+<div class="block">
+ <h2>Search Options</h2>
+ <div class="innerblock">
+ <form action="<?php $_SERVER['REQUEST_URI']; ?>" method="post">
+  <div class="searchrow">
+   <label for="keywords">Keywords:</label>
+   <input type="text" name="keywords" class="search" value="<?php echo $search['keywords']?>">
+
+   <label for="keywordloc">Search in:</label>
+   <select name="keywordloc">
+    <option value="both"<?php echo (($search['keywordloc'] == 'both') ? ' selected="true"' : '' )?>>Titles And Notes</option>
+    <option value="title"<?php echo (($search['keywordloc'] == 'title') ? ' selected="true"' : '' )?>>Titles</option>
+    <option value="notes"<?php echo (($search['keywordloc'] == 'notes') ? ' selected="true"' : '' )?>>Notes</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="submitter">Submitter:</label>
+   <select name="submitter">
+    <option value="any"<?php echo (($search['submitter'] == 'any') ? ' selected="true"' : '' )?>>Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'"'.(($search['submitter'] == $id) ? ' selected="true"' : '' ).'>'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="assignee">Assignee:</label>
+   <select name="assignee">
+    <option value="any"<?php echo (($search['assignee'] == 'any') ? ' selected="true"' : '' )?>>Any</option>
+    <?php
+      foreach($admins as $id => $username) {
+        echo '<option value="'.$id.'"'.(($search['assignee'] == $id) ? ' selected="true"' : '' ).'>'.$username.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="added">Added:</label>
+   <select name="added">
+    <option value="any"<?php echo (($search['added'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['added'] == 'day') ? ' selected="true"' : '' )?>>Past day</option>
+    <option value="week"<?php echo (($search['added'] == 'week') ? ' selected="true"' : '' )?>>Past week</option>
+    <option value="month"<?php echo (($search['added'] == 'month') ? ' selected="true"' : '' )?>>Past month</option>
+   </select>
+
+   <label for="updated">Updated:</label>
+   <select name="updated">
+    <option value="any"<?php echo (($search['updated'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['updated'] == 'day') ? ' selected="true"' : '' )?>>Past day</option>
+    <option value="week"<?php echo (($search['updated'] == 'week') ? ' selected="true"' : '' )?>>Past week</option>
+    <option value="month"<?php echo (($search['updated'] == 'month') ? ' selected="true"' : '' )?>>Past month</option>
+   </select>
+
+   <label for="deadline">Deadline:</label>
+   <select name="deadline">
+    <option value="any"<?php echo (($search['deadline'] == 'any') ? ' selected="true"' : '' )?>>Any time</option>
+    <option value="day"<?php echo (($search['deadline'] == 'day') ? ' selected="true"' : '' )?>>Tomorrow</option>
+    <option value="week"<?php echo (($search['deadline'] == 'week') ? ' selected="true"' : '' )?>>Next week</option>
+    <option value="month"<?php echo (($search['deadline'] == 'month') ? ' selected="true"' : '' )?>>Next month</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="status" style="vertical-align: top">Status: </label>
+   <select name="status" multiple="true" size="4">
+    <option value="open"<?php echo ((in_array('open', $search['status'])) ? ' selected="true"' : '' )?>>Open</option>
+    <option value="assigned"<?php echo ((in_array('assigned', $search['status'])) ? ' selected="true"' : '' )?>>Assigned</option>
+    <option value="closed"<?php echo ((in_array('closed', $search['status'])) ? ' selected="true"' : '' )?>>Closed</option>
+    <option value="reopened"<?php echo ((in_array('reopened', $search['status'])) ? ' selected="true"' : '' )?>>Re-Opened</option>
+   </select>
+
+   <label for="priority" style="vertical-align: top">Priority: </label>
+   <select name="priority" multiple="true" size="4">
+    <option value="urgent"<?php echo ((in_array('urgent', $search['priority'])) ? ' selected="true"' : '' )?>>Urgent</option>
+    <option value="high"<?php echo ((in_array('high', $search['priority'])) ? ' selected="true"' : '' )?>>High</option>
+    <option value="normal"<?php echo ((in_array('normal', $search['priority'])) ? ' selected="true"' : '' )?>>Normal</option>
+    <option value="low"<?php echo ((in_array('low', $search['priority'])) ? ' selected="true"' : '' )?>>Low</option>
+   </select>
+
+   <label for="categories" style="vertical-align: top">Category: </label>
+   <select name="categories" multiple="true" size="4">
+    <?php
+      foreach($categories as $id => $name) {
+        echo '<option value="'.$id.'"'.((in_array($id, $search['categories'])) ? ' selected="true"' : '' ).'>'.$name.'</option>'."\r\n";
+      }
+    ?>
+   </select>
+
+   <label for="order" style="vertical-align: top">Order: </label>
+   <select name="order" size="4">
+    <option value="added"<?php echo (($search['order'] == 'added') ? ' selected="true"' : '' )?>>Added</option>
+    <option value="addeddesc"<?php echo (($search['order'] == 'addeddesc') ? ' selected="true"' : '' )?>>Added Desc</option>
+    <option value="updated"<?php echo (($search['order'] == 'updated') ? ' selected="true"' : '' )?>>Updated</option>
+    <option value="updateddesc"<?php echo (($search['order'] == 'updateddesc') ? ' selected="true"' : '' )?>>Updated Desc</option>
+    <option value="status"<?php echo (($search['order'] == 'status') ? ' selected="true"' : '' )?>>Status</option>
+    <option value="priority"<?php echo (($search['order'] == 'priority') ? ' selected="true"' : '' )?>>Priority</option>
+    <option value="category"<?php echo (($search['order'] == 'category') ? ' selected="true"' : '' )?>>Category</option>
+    <option value="deadline"<?php echo (($search['order'] == 'deadline') ? ' selected="true"' : '' )?>>Deadline</option>
+    <option value="title"<?php echo (($search['order'] == 'title') ? ' selected="true"' : '' )?>>Title</option>
+   </select>
+  </div>
+  <div class="searchrow">
+   <label for="limit">Limit: </label>
+   <input type="text" name="limit" value="<?php echo $search['limit']?>" />
+  </div>
+  <div class="searchrow">
+   <input type="submit" name="search" value="Search">
+  </div>
+ </form>
+ </div>
+</div>

admin-www/issues/pages/searchresults.php

@@ -0,0 +1,173 @@
+<?PHP
+
+ $sqlSelect  = 'SELECT i.i_id, c.icat_name, i.i_title, i.i_status, u1.user_name AS i_assignee,
+ u2.user_name AS i_submitter, i.i_priority, i.i_added, i.i_deadline, i.i_updated
+ FROM issues_issues AS i
+ LEFT JOIN issues_categories AS c ON i.icat_id = c.icat_id
+ LEFT JOIN users AS u1 ON i.i_assignee = u1.user_id
+ LEFT JOIN users AS u2 ON i.i_submitter = u2.user_id
+ WHERE 1';
+
+ $sqlCount = 'SELECT COUNT(*) FROM issues_issues AS i WHERE 1';
+
+ $sql = '';
+
+ //keywords
+ if (isset($search['keywords']) && !empty($search['keywords'])) {
+   switch ($search['keywordloc']) {
+   case 'title':
+    $target = 'i_title';
+    break;
+   case 'notes':
+    $target = 'i_text';
+    break;
+   default:
+    $target = 'CONCAT(i_title,i_text)';
+  }
+  $sql .= ' AND '.$target.' LIKE \'%'.m($search['keywords']).'%\'';
+ }
+
+ //submitter
+ if ($search['submitter'] != 'any' && !empty($search['submitter'])) {
+  $sql .= ' AND i_submitter = \''.m($search['submitter']).'\'';
+ }
+
+ //assignee
+ if ($search['assignee'] != 'any' && !empty($search['assignee'])) {
+  $sql .= ' AND i_assignee = \''.m($search['assignee']).'\'';
+ }
+
+ //added
+ if ($search['added'] != 'any' && !empty($search['added'])) {
+  $sql .= ' AND i_added > '.strtotime('-1 '.$search['added']);
+ }
+
+ //updated
+ if ($search['updated'] != 'any' && !empty($search['updated'])) {
+  $sql .= ' AND i_updated > '.strtotime('-1 '.$search['updated']);
+ }
+
+ //deadline
+ if ($search['deadline'] != 'any' && !empty($search['deadline'])) {
+  $sql .= ' AND i_deadline < '.strtotime('+1 '.$search['deadline']);
+ }
+
+ //priority
+ $sql .= ' AND (0';
+ foreach ($search['priority'] as $k => $v) {
+   $sql .= ' OR i_priority = \''.m($v).'\'';
+ }
+ $sql .= ')';
+
+ //status
+ $sql .= ' AND (0';
+ foreach ($search['status'] as $k => $v) {
+   $sql .= ' OR i_status = \''.m($v).'\'';
+ }
+ $sql .= ')';
+
+ //categories
+ $sql .= ' AND (0';
+ foreach ($search['categories'] as $k => $v) {
+   $sql .= ' OR i.icat_id = '.m($v);
+ }
+ $sql .= ')';
+
+ //order
+ if (isset($search['order']) && !empty($search['order'])) {
+   switch ($search['order']) {
+   case 'added':
+    $order = 'i_added';
+    break;
+   case 'addeddesc':
+    $order = 'i_added DESC';
+    break;
+   case 'updated':
+    $order = 'i_updated';
+    break;
+   case 'updateddesc':
+    $order = 'i_updated DESC';
+    break;
+   case 'status':
+    $order = 'i_status';
+    break;
+   case 'priority':
+    $order = 'i_priority';
+    break;
+   case 'category':
+    $order = 'i_category';
+    break;
+   case 'dealine':
+    $order = 'i_deadline';
+    break;
+   case 'status':
+    $order = 'i_status';
+    break;
+   default:
+    $order = 'i_added';
+  }
+  $sql .= ' ORDER BY '.m($order);
+ }
+
+ //limit
+ if (ctype_digit(''.$search['limit'])) {
+  if ($search['limit'] > 0) {
+   $sql .= ' LIMIT 0,'.m($search['limit']);
+  }
+ }
+
+ $res = mysql_query($sqlSelect.$sql) or print(mysql_error().'<hr>'.$sqlSelect.$sql);
+ $res2 = mysql_query($sqlCount.$sql) or print(mysql_error().'<hr>'.$sqlCount.$sql);
+ $data2 = mysql_fetch_array($res2);
+?>
+<div class="block">
+ <h2><?php echo ((isset($search['title'])) ? $search['title'] : 'Search Results'); ?></h2>
+ <table class="innerblock">
+  <tr>
+   <th>ID</th>
+   <th>Category</th>
+   <th>Title</th>
+   <th>Status</th>
+   <th>Priority</th>
+   <th>Submitter</th>
+   <th>Assignee</th>
+   <th>Updated</th>
+   <th>Deadline</th>
+  </tr>
+<?PHP
+ $i = 0;
+ if (isset($res) && mysql_num_rows($res) == 0) {
+  echo '<tr><td colspan="10" style="text-align: center; font-style: italic;">';
+  echo 'No results returned</td></tr>';
+ } else {
+  while ($row = mysql_fetch_assoc($res)) {
+   $i = 1 - $i;
+   ?>
+   <tr class="<?PHP echo ($i == 1) ? 'even' : 'odd'; ?>">
+    <td><a href="<?PHP echo CP_PATH.'viewissue/'.$row['i_id']; ?>"><?PHP echo $row['i_id']; ?></a></td>
+    <td><?PHP echo h($row['icat_name']); ?></td>
+    <td><?PHP echo h($row['i_title']); ?></td>
+    <td><?PHP echo h($row['i_status']); ?></td>
+    <td><?PHP echo h($row['i_priority']); ?></td>
+    <td><?PHP echo n($row['i_submitter']); ?></td>
+    <td><?PHP echo n($row['i_assignee']); ?></td>
+    <td><?PHP echo d('Y-m-d H:i',$row['i_updated']); ?></td>
+    <td>
+     <?PHP 
+      if ($row['i_deadline'] == 0) {
+       echo '<span style="text-style: italic">None</span>';
+      } elseif ($row['i_deadline'] - time() < 0) {
+       echo '<span style="color: red">Overdue</span>';
+      } else {
+       echo duration(time()-$row['i_deadline']);
+      } 
+     ?>
+    </td>
+   </tr>
+  <?PHP
+  }
+ }
+?>
+ </table>
+ <h2>Total Results (without limit): <?php echo $data2[0]; ?></h2>
+</div>

admin-www/issues/pages/searchresults.php~

@@ -0,0 +1,157 @@
+<?PHP
+
+ $sqlSelect  = 'SELECT i.i_id, c.icat_name, i.i_title, i.i_status, u1.user_name AS i_assignee,
+ u2.user_name AS i_submitter, i.i_priority, i.i_added, i.i_deadline, i.i_updated
+ FROM issues_issues AS i
+ LEFT JOIN issues_categories AS c ON i.icat_id = c.icat_id
+ LEFT JOIN users AS u1 ON i.i_assignee = u1.user_id
+ LEFT JOIN users AS u2 ON i.i_submitter = u2.user_id
+ WHERE 1';
+
+ $sqlCount = 'SELECT COUNT(*) FROM issues_issues AS i WHERE 1';
+
+ $sql = '';
+
+ //keywords
+ if (isset($search['keywords']) && !empty($search['keywords'])) {
+   switch ($search['keywordloc']) {
+   case 'title':
+    $target = 'i_title';
+    break;
+   case 'notes':
+    $target = 'i_text';
+    break;
+   default:
+    $target = 'CONCAT(i_title,i_text)';
+  }
+  $sql .= ' AND '.$target.' LIKE \'%'.m($search['keywords']).'%\'';
+ }
+
+ //submitter
+ if ($search['submitter'] != 'any' && !empty($search['submitter'])) {
+  $sql .= ' AND i_submitter = \''.m($search['submitter']).'\'';
+ }
+
+ //assignee
+ if ($search['assignee'] != 'any' && !empty($search['assignee'])) {
+  $sql .= ' AND i_assignee = \''.m($search['assignee']).'\'';
+ }
+
+ //added
+ if ($search['added'] != 'any' && !empty($search['added'])) {
+  $sql .= ' AND i_added > '.strtotime('-1 '.$search['added']);
+ }
+
+ //updated
+ if ($search['updated'] != 'any' && !empty($search['updated'])) {
+  $sql .= ' AND i_updated > '.strtotime('-1 '.$search['updated']);
+ }
+
+ //deadline
+ if ($search['deadline'] != 'any' && !empty($search['deadline'])) {
+  $sql .= ' AND i_deadline < '.strtotime('+1 '.$search['deadline']);
+ }
+
+ //priority
+ $sql .= ' AND (0';
+ foreach ($search['priority'] as $k => $v) {
+   $sql .= ' OR i_priority = \''.m($v).'\'';
+ }
+ $sql .= ')';
+
+ //status
+ $sql .= ' AND (0';
+ foreach ($search['status'] as $k => $v) {
+   $sql .= ' OR i_status = \''.m($v).'\'';
+ }
+ $sql .= ')';
+
+ //categories
+ $sql .= ' AND (0';
+ foreach ($search['categories'] as $k => $v) {
+   $sql .= ' OR i.icat_id = '.m($v);
+ }
+ $sql .= ')';
+
+ //order
+ if (isset($search['order']) && !empty($search['order'])) {
+   switch ($search['order']) {
+   case 'added':
+    $order = 'i_added';
+    break;
+   case 'updated':
+    $order = 'i_updated, i_added';
+    break;
+   case 'status':
+    $order = 'i_status';
+    break;
+   case 'priority':
+    $order = 'i_priority';
+    break;
+   case 'category':
+    $order = 'i_category';
+    break;
+   case 'dealine':
+    $order = 'i_deadline';
+    break;
+   case 'status':
+    $order = 'i_status';
+    break;
+   default:
+    $order = 'i_added';
+  }
+  $sql .= ' ORDER BY '.m($order);
+ }
+
+ //limit
+ if (ctype_digit(''.$search['limit'])) {
+  $sql .= ' LIMIT 0,'.m($search['limit']);
+ }
+
+ $res = mysql_query($sqlSelect.$sql) or print(mysql_error().'<hr>'.$sqlSelect.$sql);
+ $res2 = mysql_query($sqlCount.$sql) or print(mysql_error().'<hr>'.$sqlCount.$sql);
+ $data2 = mysql_fetch_array($res2);
+?>
+<div class="block">
+ <h2><?php echo ((isset($search['title'])) ? $search['title'] : 'Search Results'); ?></h2>
+ <table class="innerblock">
+  <tr>
+   <th>ID</th>
+   <th>Category</th>
+   <th>Title</th>
+   <th>Status</th>
+   <th>Priority</th>
+   <th>Submitter</th>
+   <th>Assignee</th>
+   <th>Added</th>
+   <th>Updated</th>
+   <th>Deadline</th>
+  </tr>
+<?PHP
+ $i = 0;
+ if (isset($res) && mysql_num_rows($res) == 0) {
+  echo '<tr><td colspan="10" style="text-align: center; font-style: italic;">';
+  echo 'No results returned</td></tr>';
+ } else {
+  while ($row = mysql_fetch_assoc($res)) {
+   $i = 1 - $i;
+   ?>
+   <tr class="<?PHP echo ($i == 1) ? 'even' : 'odd'; ?>">
+    <td><a href="<?PHP echo CP_PATH.'viewissue/'.$row['i_id']; ?>"><?PHP echo $row['i_id']; ?></a></td>
+    <td><?PHP echo h($row['icat_name']); ?></td>
+    <td><?PHP echo h($row['i_title']); ?></td>
+    <td><?PHP echo h($row['i_status']); ?></td>
+    <td><?PHP echo h($row['i_priority']); ?></td>
+    <td><?PHP echo n($row['i_submitter']); ?></td>
+    <td><?PHP echo n($row['i_assignee']); ?></td>
+    <td><?PHP echo d('Y-m-d H:i',$row['i_added']); ?></td>
+    <td><?PHP echo d('Y-m-d H:i',$row['i_updated']); ?></td>
+    <td><?PHP echo d('Y-m-d H:i',$row['i_deadline']); ?></td>
+   </tr>
+  <?PHP
+  }
+ }
+?>
+ </table>
+ <h2>Total Results: <?php echo $data2[0]; ?></h2>
+</div>

admin-www/issues/pages/stats.php

@@ -0,0 +1,160 @@
+<div class="block">
+ <h2>User Statistics</h2>
+ <table class="innerblock stats">
+  <tr>
+   <th rowspan="2">User</th>
+   <th rowspan="2">Raised</th>
+   <th rowspan="2">Assigned</th>
+   <th colspan="5">Closed</th>
+   <th rowspan="2">Average Resolution Time</th>
+  </tr>
+  <tr>
+   <th>All time</th>
+   <th>Past year</th>
+   <th>Past month</th>
+   <th>Past week</th>
+   <th>Past day</th>
+  </tr>
+<?PHP
+
+ $admins = getAdmins();
+
+ $i = -1;
+ foreach ($admins as $id => $admin) {
+  $i++;
+  echo '<tr '.($i % 2 == 0 ? 'class="even"':'class="odd"').'>';
+  echo '<td>'.h($admin).'</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_submitter = \''.m(getUserID($admin))."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'assigned\' AND i_assignee = \''.m(getUserID($admin))."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."' AND i_updated > ".strtotime('-1 year');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."' AND i_updated > ".strtotime('-1 month');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."' AND i_updated > ".strtotime('-1 week');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."' AND i_updated > ".strtotime('-1 day');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td>';
+  echo '<td>';
+  $sql = 'SELECT AVG(i_updated - i_added) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee = \''.m(getUserID($admin))."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo (($row[0] != 0) ? duration($row[0]) : 'None');
+  echo '</td></tr>';
+ }
+ $i++;
+
+  echo '<tr '.($i % 2 == 0 ? 'class="even"':'class="odd"').'>';
+  echo '<td>Total:</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'assigned\'';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\'';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_updated > '.strtotime('-1 year');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_updated > '.strtotime('-1 month');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_updated > '.strtotime('-1 week');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND i_updated > '.strtotime('-1 day');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  echo '</td><td>';
+  $sql = 'SELECT AVG(i_updated - i_added) FROM issues_issues WHERE i_status = \'closed\' AND i_assignee != 0';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo (($row[0] != 0) ? duration($row[0]) : 'None');
+  echo '</td></tr>';
+?>
+
+ </table>
+</div>
+
+<div class="block">
+ <h2>Category Statistics</h2>
+ <table class="innerblock stats">
+  <tr>
+   <th rowspan="2">Category</th>
+   <th rowspan="2">New</th>
+   <th rowspan="2">Assigned</th>
+   <th colspan="5">Closed</th>
+   <th rowspan="2">Average Resolution Time</th>
+  </tr>
+  <tr>
+   <th>All time</th>
+   <th>Past year</th>
+   <th>Past month</th>
+   <th>Past week</th>
+   <th>Past day</th>
+  </tr>
+<?PHP
+
+ $totals = array(0 => 0, 1 => 0, 2 => 0, 3 => 0, 4 => 0, 5 => 0, 6 => 0);
+
+ $categories  = getCategories();
+
+ $i = -1;
+ foreach ($categories as $id => $category) {
+  $i++;
+  echo '<tr '.($i % 2 == 0 ? 'class="even"':'class="odd"').'>';
+  echo '<td>'.h($category).'</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE (i_status = \'open\' OR i_status = \'reopened\') AND icat_id = \''.m($id)."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[0] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'assigned\' AND icat_id = \''.m($id)."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[1] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id)."'";
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[2] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id)."' AND i_updated > ".strtotime('-1 year');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[3] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id)."' AND i_updated > ".strtotime('-1 month');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[4] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id)."' AND i_updated > ".strtotime('-1 week');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[5] += $row[0];
+  echo '</td><td class="number">';
+  $sql = 'SELECT COUNT(*) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id)."' AND i_updated > ".strtotime('-1 day');
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo $row[0];
+  $totals[6] += $row[0];
+  echo '</td><td>';
+  $sql = 'SELECT AVG(i_updated - i_added) FROM issues_issues WHERE i_status = \'closed\' AND icat_id = \''.m($id).'\'';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo (($row[0] != 0) ? duration($row[0]) : 'None');
+  echo '</td></tr>';
+ }
+ $i++;
+
+?>
+  <tr <?php echo ($i % 2 == 0 ? 'class="even"':'class="odd"'); ?>><td>Total:</td>
+  <?PHP foreach ($totals as $v) { echo '<td class="number">'.$v.'</td>'; } ?>
+  <td>
+  <?php
+  $sql = 'SELECT AVG(i_updated - i_added) FROM issues_issues WHERE i_status = \'closed\'';
+  $res = mysql_query($sql); $row = mysql_fetch_array($res); echo (($row[0] != 0) ? duration($row[0]) : 'None');
+  ?>
+  </td>
+  </tr>
+ </table>
+ </div>
+

admin-www/issues/pages/viewcategories.php

@@ -0,0 +1,31 @@
+<?php
+ if (count($categories) == 0) {
+  ?>
+  <div class="block">
+  <h2>Categories</h2>
+  <div class="innerblock" style="text-align: center; font-style: italic;">No Categories</div>
+  </div>
+  <?php
+  return;
+ }
+
+ echo '<div class="block nobottomdiv">';
+ echo '<h2>Categories</h2>';
+ echo '<table class="innerblock bottomdiv">';
+ echo '<tr>';
+ echo '<th>ID</th><th>Name</th><th>Auto Assign</th><th>Actions</th>';
+ echo '</tr>';
+ foreach($categories as $id => $category) {
+   ?>
+      <tr>
+       <td><?php echo h($id); ?></td>
+       <td><?php echo h($category['name']); ?></td>
+       <td><?php echo n((($category['assign'] == 0) ? 'None': getUserName($category['assign'])))?></td>
+       <td><a href="<?php echo CP_PATH.'editcategory/'.$id; ?>" title="Edit">Edit</a> | <a href="<?php echo CP_PATH.'deletecategory/'.$id; ?>" title="Delete">Delete</a></td>
+      </tr>
+
+   <?php
+ }
+ echo '</table>';
+ echo '</div>';
+?>

admin-www/issues/pages/viewissue.php

@@ -0,0 +1,63 @@
+<div class="block">
+ <h2>Edit Issue</h2>
+  <table class="innerblock righthead bottomdiv">
+   <tr><th>ID</th><td><?php echo h($viewIssueData['i_id']); ?></td></tr>
+   <tr><th>Title</th><td><?php echo h($viewIssueData['i_title']); ?></td></tr>
+   <tr><th>Category</th><td><?php echo h($viewIssueData['icat_name']); ?></td></tr>
+   <tr><th>Status</th><td><?php echo h($viewIssueData['i_status']); ?></td></tr>
+   <tr><th>Submitter</th><td><?php echo n($viewIssueData['i_submitter']); ?></td></tr>
+   <tr><th>Assignee</th><td><?php echo n($viewIssueData['i_assignee']); ?></td></tr>
+   <tr><th>Priority</th><td><?php echo h($viewIssueData['i_priority']); ?></td></tr>
+   <tr><th>Extensiveness</th><td><?php echo h($viewIssueData['i_extensiveness']); ?></td></tr>
+   <tr><th>Added</th><td><?php echo d('Y-m-d H:i:s', $viewIssueData['i_added']) ?></td></tr>
+   <tr><th>Updated</th><td><?php echo d('Y-m-d H:i:s', $viewIssueData['i_updated']) ?></td></tr>
+   <tr><th>Deadline</th><td>
+    <?PHP
+     if ($viewIssueData['i_deadline'] == 0) {
+      echo '<span style="text-style: italic">None</span>';
+     } elseif ($viewIssueData['i_deadline'] - time() < 0) {
+      echo '<span style="color: red">Overdue by '.duration(time()-$viewIssueData['i_deadline']).'</span>';
+     } else {
+      echo duration(time()-$viewIssueData['i_deadline']);
+     }
+    ?>
+   </td></tr>
+  </table>
+  <div class="innerblock">
+   <?php echo nl2br(htmlentities($viewIssueData['i_text'])); ?>
+  </div>
+</div>
+
+<?php
+ if (count($issueReplies) == 0) {
+  ?>
+  <div class="block">
+  <h2>Replies</h2>
+  <div class="innerblock" style="text-align: center; font-style: italic;">No Replies</div>
+  </div>
+  <?php
+  return;
+ }
+
+ echo '<div class="block nobottomdiv">';
+ echo '<h2>Replies</h2>';
+ foreach($issueReplies as $id => $reply) {
+   ?>
+     <table class="innerblock righthead bottomdiv">
+      <tr>
+       <th>User</th><td><a href="#<?php echo $reply['irep_id']; ?>" /><?php echo $reply['irep_user']; ?></td>
+      </tr>
+      <tr>
+       <th>Time</th><td><?php echo date('Y-m-d H:i:s', $reply['irep_time']); ?></td>
+      </tr>
+      <tr>
+       <th>Actions</th><td><a href="<?php echo CP_PATH; ?>deletereply/<?php echo $id; ?>" title="Delete">Delete</a></td>
+      </tr>
+     </table>
+     <div class="innerblock bottomdiv">
+      <?PHP echo nl2br(htmlentities($reply['irep_text'])); ?>
+     </div>
+   <?php
+ }
+ echo '</div>';
+?>

admin-www/issues/pages/viewlog.php

@@ -0,0 +1,34 @@
+<?php
+ if (count($issueChanges) == 0) {
+  ?>
+  <div class="block">
+  <h2>Changes</h2>
+  <div class="innerblock" style="text-align: center; font-style: italic;">No Changes</div>
+  </div>
+  <?php
+  return;
+ }
+
+ echo '<div class="block nobottomdiv">';
+ echo '<h2>Changes</h2>';
+ foreach($issueChanges as $id => $change) {
+   ?>
+     <table class="innerblock righthead bottomdiv">
+      <tr>
+       <th>ID</th><td><?php echo h($change['ilog_id']); ?></td>
+      </tr><tr>
+       <th>Time</th><td><?php echo d('Y-m-d H:m:s', $change['ilog_time']); ?></td>
+      </tr><tr>
+       <th>User</th><td><?php echo n($change['user_name']); ?></td>
+      </tr><tr>
+       <th>Field</th><td><?php echo h($change['ilog_field']); ?></td>
+      </tr><tr>
+       <th>Old Value</th><td><?php echo h($change['ilog_old']); ?></td>
+      </tr><tr>
+       <th>New Value</th><td><?php echo h($change['ilog_new']); ?></td>
+      </tr>
+     </table>
+   <?php
+ }
+ echo '</div>';
+?>

admin-www/issues/res/commonDashboard.php

@@ -0,0 +1,12 @@
+<?php
+ $sql = 'SELECT isea_id, isea_name FROM issues_searches WHERE user_id = \'\'';
+ $searchesdashboard = mysql_query($sql);
+ while ($searchdatadashboard = mysql_fetch_assoc($searchesdashboard)) {
+  addDashboardItem('Searches', $searchdatadashboard['isea_name'] ,'search/'.$searchdatadashboard['isea_id']);
+ }
+ $sql = 'SELECT isea_id, isea_name FROM issues_searches WHERE user_id = \''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\'';
+ $searchesdashboard = mysql_query($sql);
+ while ($searchdatadashboard = mysql_fetch_assoc($searchesdashboard)) {
+  addDashboardItem('Saved Searches', $searchdatadashboard['isea_name'] ,'search/'.$searchdatadashboard['isea_id']);
+ }
+?>

admin-www/issues/res/script.js

@@ -0,0 +1,97 @@
+function validateLoginForm () {
+  var error = false;
+  
+  document.getElementById('username').className = 'inflat';
+  document.getElementById('usernamevalid').innerHTML = '';
+  document.getElementById('password').className = 'inflat';
+  document.getElementById('passwordvalid').innerHTML = '';  
+  
+  if (document.forms.login.password.value.length < 4) {
+    error = true;
+    document.getElementById('password').className = 'inflaterr';
+    document.getElementById('passwordvalid').innerHTML = 'Passwords must be at least four characters long.';
+    document.getElementById('password').focus();
+  }
+  
+  if (document.forms.login.username.value.length < 2) {
+    error = true;
+    document.getElementById('username').className = 'inflaterr';
+    document.getElementById('usernamevalid').innerHTML = 'Usernames must be at least two characters long.';
+    document.getElementById('username').focus();
+  }
+  
+  return (error == false);
+}
+
+function validateSubdomainForm () {
+  var error = false;
+
+  document.getElementById('subdomain').className = 'inflat';
+  document.getElementById('subdomainerr').innerHTML = '';
+
+  if (document.forms.submd.subdomain.value.length == 0) {
+    error = true;
+    document.getElementById('subdomain').className = 'inflaterr';
+    document.getElementById('subdomainerr').innerHTML = 'You must enter a subdomain';
+    document.getElementById('subdomain').focus();
+  }
+
+  var valid = /^[a-z][a-z0-9\-]*$/i;
+  if (!valid.test(document.forms.submd.subdomain.value)) {
+    error = true;
+    document.getElementById('subdomain').className = 'inflaterr';
+    document.getElementById('subdomainerr').innerHTML = 'Invalid subdomain.';
+    document.getElementById('subdomain').focus();
+  }
+
+  return (error == false);
+}
+
+function validateDomainForm () {
+  var error = false;
+
+  document.getElementById('domain').className = 'inflat';
+  document.getElementById('domainerr').innerHTML = '';
+
+  if (document.forms.md.domain.value.length == 0) {
+    error = true;
+    document.getElementById('domain').className = 'inflaterr';
+    document.getElementById('domainerr').innerHTML = 'You must enter a domain';
+    document.getElementById('domain').focus();
+  }
+  
+  var valid = /^[a-z][a-z0-9\-\.]*\.[a-z]{2,}$/i
+  if (!valid.test(document.forms.md.domain.value)) {
+    error = true;
+    document.getElementById('domain').className = 'inflaterr';
+    document.getElementById('domainerr').innerHTML = 'Invalid domain.';
+    document.getElementById('domain').focus();
+  }
+
+  return (error == false);
+}
+
+function validateTicketForm () {
+  var error = false;
+  
+  document.getElementById('body').className = 'inflat';
+  document.getElementById('messagevalid').innerHTML = '';
+  document.getElementById('subject').className = 'inflat';
+  document.getElementById('subjectvalid').innerHTML = '';  
+  
+  if (document.forms.ticket.body.value.length < 10) {
+    error = true;
+    document.getElementById('body').className = 'inflaterr';
+    document.getElementById('messagevalid').innerHTML = 'Please enter a complete description of the problem.';
+    document.getElementById('body').focus();
+  }
+  
+  if (document.forms.ticket.subject.value.length < 5) {
+    error = true;
+    document.getElementById('subject').className = 'inflaterr';
+    document.getElementById('subjectvalid').innerHTML = 'Please enter a complete subject.';
+    document.getElementById('subject').focus();
+  }
+  
+  return (error == false);
+}

admin-www/issues/res/style.css

@@ -0,0 +1,254 @@
+body {
+  font-family: Tahoma, Arial, Sans-serif;
+  font-size: small;
+  margin: 170px 3% 5px 5%;
+  padding: 0px;
+}
+
+div#header {
+  position: absolute;
+  top: 15px;
+  left: 3%;
+  margin: 0px;
+}
+
+div#header h1 {
+  margin: 0px;
+}
+
+div#menu {
+  border: 1px solid #AAA;
+  position: absolute;
+  top: 115px;
+  left: 3%;
+  width: 94%;
+  background-color: #EEE;
+  padding: 5px;
+}
+
+div#menu a {
+  color: black;
+  text-decoration: none;
+}
+
+div#menu a:hover {
+  text-decoration: underline;
+}
+
+div#menuleft, div#menuright {
+  display: inline;
+}
+
+div#menuright {
+  position: absolute;
+  right: 0px;
+  padding-right: 6px;
+  text-align: right;
+}
+
+div.block {
+  width: 70%;
+  border: 1px solid #666;
+  padding: 0px;
+  margin-bottom: 20px;
+}
+
+div.nobottomdiv {
+  border-bottom: 0;
+}
+
+div.block h2 {
+  margin: 0px;
+  background-color: #666;
+  font-size: 1em;
+  font-weight: bold;
+  padding: 3px 7px;
+  color: #F5F5F5;
+}
+
+div.innerblock {
+  padding: 10px;
+}
+
+table.innerblock {
+  width: 100%;
+  border-collapse: collapse;
+}
+
+table.innerblock th {
+  text-align: left;
+  background-color: #EEE;
+  border-bottom: 1px solid #666;
+}
+
+body table.righthead th {
+  text-align: right;	
+  background-color: #EEE;
+  border-bottom: 0px;
+  border-right: 1px solid #666;
+  padding-right: 10px;
+  width: 30%;
+}
+
+body table.bottomdiv {
+  border-bottom: 1px solid #666;
+}
+
+body div.bottomdiv {
+  border-bottom: 1px solid #666;
+}
+
+body table.righthead td {
+  padding-left: 10px;
+}
+
+table.innerblock td, table.innerblock th {
+  margin: 0px;
+  padding: 3px;
+}
+
+p.blurb {
+  font-style: italic;
+  margin: 0px;
+}
+
+table.form {
+  margin: 10px 0px;	
+}
+
+table.form td, table.form th {
+  padding: 3px;
+}
+
+table.leftpad {
+  margin-left: 10px;	
+}
+
+.inflat {
+  border: 1px solid #AAA;
+  padding: 3px;
+  width: 170px;
+}
+
+.inflaterr {
+  border: 1px solid #F00;
+  padding: 3px;
+  width: 170px;
+}
+
+div#dashboard {
+  float: right;
+  width: 25%;
+  border-left: 1px dotted #AAA;
+  padding: 5px 10px;
+}
+
+div#dashboard h2 {
+  margin: 0px;
+  font-size: 1em;
+  font-weight: bold;
+  color: #666;
+}
+
+div#dashboard ul {
+  padding-left: 20px;
+  margin-left: 0px;
+}
+
+div#dashboard li {
+  margin: 10px 0px;
+}
+
+div#dashboard a {
+  color: #000;
+  text-decoration: none;
+}
+
+div#dashboard a:hover {
+  text-decoration: underline;
+}
+
+table {
+  width: 100%;
+}
+
+th {
+  text-align: left;
+}
+
+table tr.odd td {
+  background-color: #F3F3F3;
+}
+
+table tr:hover td {
+  background-color: #E8E8E8;	
+}
+
+table.form tr:hover td { background-color: #FFF; }
+
+td.err {
+  color: #C44;
+}
+
+em {
+  font-style: normal;
+  font-family: monospace;
+  padding: 0px 5px;
+}
+
+ol li {
+  margin: 5px;
+}
+
+p.cleartop {
+  margin-top: 10px;
+}
+
+div#message {
+ border: 2px dashed #FAA;	
+ background-color: #FEE;
+ width: 70%;
+ margin-bottom: 20px;
+}
+
+div#message div {
+ padding: 10px;	
+}
+
+table#bandwidth {
+ border: 1px solid #AAA;
+ border-collapse: collapse;
+ width: auto;
+ position: absolute;
+ top: 20px;
+ right: 3%;
+ font-size: small;
+ font-family: Tahoma, sans-serif
+}
+
+table#bandwidth th {
+ font-weight: normal;
+ padding: 3px 10px;
+ width: auto;
+}
+
+table#bandwidth td {
+ border: 0px;
+ padding: 3px 7px;
+}
+
+table#bandwidth th, table#bandwidth td {
+ border-bottom: 1px solid #AAA;	
+}
+
+div.longtext {
+ line-height: 1.5em;
+}
+
+a img { border: 0px; }
+
+td.number { text-align: right; }
+
+table.stats th { border-right: 1px solid #666; vertical-align: bottom; text-align: center; }
+
+div.searchrow.center { text-align: center; }

admin-www/issues/search.php

@@ -0,0 +1,83 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ $admins = getAdmins();
+ $categories = getCategories();
+ if (isset($_POST['search'])) {
+  $_POST = repairPost($_POST);
+  $search = $_POST;
+ } elseif (isset($_GET['n']) && ctype_digit($_GET['n'])) {
+  $sql = 'SELECT isea_name, user_id, isea_options FROM issues_searches WHERE isea_id = '.m($_GET['n']).';';
+  $res = mysql_query($sql) or die(mysql_error());
+  if (mysql_num_rows($res) > 0) {
+   $data = mysql_fetch_assoc($res);
+   $search = unserialize($data['isea_options']);
+   $search['title'] = $data['isea_name'];
+   foreach($search as $key => $value) {
+     if ($value == '<<me>>') {
+       $search[$key] = getUserID($_SERVER['REDIRECT_REMOTE_USER']);
+     }
+   }
+  }
+ }
+ if (isset($search)) {
+  if (!isset($search['categories'])) {
+    $search['categories'] = array();
+  }
+  if ($search['categories'] == 'all') {
+   $search['categories'] = array_keys($categories);
+  }
+  if (!is_array($search['categories'])) {
+    $search['categories'] = array($search['categories']);
+  }
+  if (!isset($search['priority'])) {
+    $search['priority'] = array();
+  }
+  if ($search['priority'] == 'all') {
+    $search['priority'] = array('urgent', 'high', 'normal', 'low');
+  }
+  if (!is_array($search['priority'])) {
+    $search['priority'] = array($search['priority']);
+  }
+  if (!isset($search['status'])) {
+    $search['status'] = array();
+  }
+  if ($search['status'] == 'all') {
+    $search['status'] = array('open', 'assigned', 'closed', 'reopened');
+  }
+  if (!is_array($search['status'])) {
+    $search['status'] = array($search['status']);
+  }
+ } else {
+  $search = array();
+  $search['keywords'] = '';
+  $search['keywordloc'] = 'both';
+  $search['submitter'] = 'any';
+  $search['assignee'] = 'any';
+  $search['added'] = 'any';
+  $search['updated'] = 'any';
+  $search['deadline'] = 'any';
+  $search['priority'] = array('urgent', 'high', 'normal', 'low');
+  $search['status'] = array('open', 'assigned', 'closed', 'reopened');
+  $search['categories'] = array_keys($categories);
+  $search['order'] = 'added';
+  $search['limit'] = 20;
+ }
+
+ define('TITLE', 'Issue tracker :: Search');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/searchform.php');
+ require_once('pages/searchresults.php');
+ 
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/searches.php

@@ -0,0 +1,117 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+ 
+ $categories = getCategories();
+ $admins = getAdmins();
+
+ if (!isset($_GET['n'])) { $_GET['n'] = 'list'; }
+
+ if ($_GET['n'] == 'add') {
+  if (isset($_POST['add'])) {
+   $_GET['n'] = 'list';
+   unset($_POST['add']);
+   $_POST = repairPost($_POST);
+   print_r($_POST);
+   if (!empty($_POST['title'])) {
+    $sql = 'INSERT INTO issues_searches (user_id, isea_name, isea_options) 
+            VALUES (0, \''.m($_POST['title']).'\', \''.m(serialize($_POST)).'\')';
+    mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+   }
+  } else {
+   $title = ' :: Add search';
+   $page = 'addsearch.php';
+  }
+ }
+ elseif ($_GET['n'] == 'edit') {
+  if (isset($_GET['m']) && ctype_digit($_GET['m'])) {
+   $title = ' :: Edit Search';
+   $page = 'editsearch.php';
+   if (!isset($_POST['edit'])) {
+    $sql = 'SELECT isea_id, isea_name, isea_options FROM issues_searches WHERE isea_id = '.$_GET['m'].';';
+    $res = mysql_query($sql);
+    if (mysql_num_rows($res) == 0) {
+     $_GET['n'] = 'list';
+    } else {
+     $data = mysql_fetch_assoc($res);
+     $search = unserialize($data['isea_options']);
+     $search['title'] = $data['isea_name']; 
+     foreach($search as $key => $value) {
+      if ($value == '<<me>>') {
+       $search[$key] = getUserID($_SERVER['REDIRECT_REMOTE_USER']);
+      }
+     }
+    }
+   } else {
+    echo 'moo';
+   }
+   if (!isset($search['categories'])) {
+    $search['categories'] = array();
+   }
+   if ($search['categories'] == 'all') {     
+    $search['categories'] = array_keys($categories);
+   }
+   if (!is_array($search['categories'])) {
+    $search['categories'] = array($search['categories']);
+   }
+   if (!isset($search['priority'])) {
+    $search['priority'] = array();
+   }
+   if ($search['priority'] == 'all') {
+    $search['priority'] = array('urgent', 'high', 'normal', 'low');
+   }
+   if (!is_array($search['priority'])) {
+    $search['priority'] = array($search['priority']);
+   }
+   if (!isset($search['status'])) {
+    $search['status'] = array();
+   }
+   if ($search['status'] == 'all') {
+    $search['status'] = array('open', 'assigned', 'closed', 'reopened');
+   }
+   if (!is_array($search['status'])) {
+    $search['status'] = array($search['status']);
+   }
+  }
+ }
+ elseif ($_GET['n'] == 'delete') {
+  if (isset($_GET['m']) && ctype_digit($_GET['m'])) {
+   $title = ' :: Delete search';
+   $page = 'deletesearch.php';
+  }
+ }
+ if ($_GET['n'] == 'list') {
+   $title = ' :: List searches';
+   $page = 'listsearch.php';
+   $sql = 'SELECT isea_id, isea_name, isea_options FROM issues_searches WHERE user_id =\''.m(getUserID($_SERVER['REDIRECT_REMOTE_USER'])).'\';';
+   $res = mysql_query($sql);
+   $savedsearches = array();
+   if (mysql_num_rows($res) > 0) {
+    while ($data = mysql_fetch_assoc($res)) {
+     $savedsearches[] = $data;
+    }
+   }
+   $sql = 'SELECT isea_id, isea_name, isea_options FROM issues_searches WHERE user_id =\'0\';';
+   $res = mysql_query($sql);
+   $globalsavedsearches = array();
+   if (mysql_num_rows($res) > 0) {
+    while ($data = mysql_fetch_assoc($res)) {
+     $globalsavedsearches[] = $data;
+    }
+   }
+ }
+
+ define('TITLE', 'Issue tracker :: Manage searches'.$title);
+
+ addDashboardItem('Actions', 'Add new saved search', 'searches/add');
+
+ include('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ echo '<p>Incomplete</p>';
+ require_once('pages/'.$page);
+
+ require_once('lib/footer.php');
+
+?>

admin-www/issues/stats.php

@@ -0,0 +1,18 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ define('TITLE', 'Issue tracker :: Stats');
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/stats.php');
+ 
+ require_once('lib/footer.php');
+
+?>

admin-www/issues/viewissue.php

@@ -0,0 +1,54 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) || !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH);
+ }
+ $sql  = 'SELECT i.i_id, c.icat_name, i.i_title, i.i_status, u1.user_name AS i_assignee,
+ u2.user_name AS i_submitter, i.i_priority, i.i_added, i.i_deadline, i.i_updated, i.i_text, i.i_extensiveness
+ FROM issues_issues AS i
+ LEFT JOIN issues_categories AS c ON i.icat_id = c.icat_id
+ LEFT JOIN users AS u1 ON i.i_assignee = u1.user_id
+ LEFT JOIN users AS u2 ON i.i_submitter = u2.user_id
+ WHERE i_id = '.m($_GET['n']);
+ 
+ $viewIssueRes = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+ 
+ if (mysql_num_rows($viewIssueRes) == 0) {
+   header('Location: '.CP_PATH);
+ }
+
+ $viewIssueData = mysql_fetch_assoc($viewIssueRes);
+ 
+ $sql  = 'SELECT irep_id, u1.user_name AS irep_user, irep_time, irep_text';
+ $sql .= ' FROM issues_replies NATURAL JOIN users as u1';
+ $sql .= ' WHERE u1.user_id = user_id AND i_id = '.m($_GET['n']);
+ $sql .= ' ORDER BY irep_time';
+
+ $viewIssueRepliesRes = mysql_query($sql) or die(mysql_error());
+
+ $issueReplies = array();
+ while ($viewIssueRepliesData = mysql_fetch_assoc($viewIssueRepliesRes)) {
+   $issueReplies[$viewIssueRepliesData['irep_id']] = $viewIssueRepliesData;
+ }
+
+ define('TITLE', 'Issue tracker :: View Issue :: '.h($viewIssueData['i_title']));
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+ addDashboardItem('Actions', 'Delete', 'deleteissue/'.$_GET['n']);
+ addDashboardItem('Actions', 'Edit', 'editissue/'.$_GET['n']);
+ addDashboardItem('Actions', 'Reply', 'addreply/'.$_GET['n']);
+ addDashboardItem('Actions', 'View Log', 'viewlog/'.$_GET['n']);
+
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+
+ require_once('pages/viewissue.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/issues/viewlog.php

@@ -0,0 +1,48 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/common.php');
+
+ if (!isset($_GET['n']) || !ctype_digit($_GET['n'])) {
+   header('Location: '.CP_PATH);
+ }
+ 
+ $sql  = 'SELECT i_title FROM issues_issues WHERE i_id = '.m($_GET['n']);
+ 
+ $viewIssueRes = mysql_query($sql) or die(mysql_error().'<br />'.$sql);
+ 
+ if (mysql_num_rows($viewIssueRes) == 0) {
+   header('Location: '.CP_PATH);
+ }
+
+ $viewIssueData = mysql_fetch_assoc($viewIssueRes);
+
+ $sql  = 'SELECT ilog_id, ilog_time, user_name, ilog_field, ilog_old, ilog_new';
+ $sql .= ' FROM issues_logs NATURAL JOIN users';
+ $sql .= ' WHERE i_id = '.m($_GET['n']);
+ $sql .= ' ORDER BY ilog_time';
+ 
+ $viewIssueChangesRes = mysql_query($sql) or die(mysql_error());
+
+ $issueChanges = array();
+ while ($viewIssueChangesData = mysql_fetch_assoc($viewIssueChangesRes)) {
+   $issueChanges[$viewIssueChangesData['ilog_id']] = $viewIssueChangesData;
+ }
+
+ define('TITLE', 'Issue tracker :: View Issue Changes :: '.h($viewIssueData['i_title']));
+
+ addDashboardItem('Actions', 'Raise new issue', 'addissue');
+ addDashboardItem('Actions', 'Edit', 'editissue/'.$_GET['n']);
+ addDashboardItem('Actions', 'Reply', 'addreply/'.$_GET['n']);
+ addDashboardItem('Actions', 'View Log', 'viewlog/'.$_GET['n']);
+ 
+ include_once('res/commonDashboard.php');
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/viewlog.php');
+
+ require_once('lib/footer.php');
+
+
+?>

admin-www/mon/index.php

@@ -0,0 +1,22 @@
+<?PHP
+
+ require_once('lib/dashboard.php');
+ require_once('lib/account.php');
+ require_once('lib/database.php');
+ 
+ define('TITLE', 'Service monitoring');
+
+ if (isset($_GET['silence']) && isset($_GET['serv']) && isset($_GET['svc'])) {
+  mysql_query('UPDATE servserv SET ss_silenced = 1 WHERE server_id = '.$_GET['serv'].' AND service_id = '.$_GET['svc']);
+  define('MESSAGE', 'Service silenced.');
+ }
+
+ require_once('lib/header.php');
+ 
+ require_once('pages/servers.php');
+ require_once('pages/status.php');
+ 
+ require_once('lib/footer.php');
+
+
+?>

admin-www/mon/lib/account.php

@@ -0,0 +1,4 @@
+<?PHP
+
+
+?>

admin-www/mon/lib/bandwidth.php

@@ -0,0 +1,38 @@
+<?PHP
+
+ $sql = 'SELECT band_total, band_used, hdd_total, hdd_used FROM users WHERE user_id = '.UID;
+ $ress = mysql_query($sql);
+ $row = mysql_fetch_array($ress);
+
+ $used = round($row[1] * (150/($row[0])),0);
+ $free = 150 - $used;
+
+ $hused = round($row[3] * (150/($row[2])),0);
+ $hfree = 150 - $hused;
+
+ $sql  = 'SELECT bill_due FROM billing WHERE';
+ $sql .= ' user_id = '.UID.' AND bill_paid <> 2';
+ $ress = mysql_query($sql);
+ $pay = mysql_fetch_array($ress);
+ $next = $pay[0];
+?>
+<table id="bandwidth" class="righthead">
+ <tr>
+  <th>Bandwidth</th>
+  <td>
+   <img src="<?PHP echo CP_PATH; ?>res/bandout.png" alt="[Red]" title="Bandwidth used" width="<?PHP echo $used; ?>" height="10"><img src="<?PHP echo CP_PATH; ?>res/bandfree.png" alt="[Green]" title="Free bandwidth" width="<?PHP echo $free; ?>" height="10">
+  </td>
+  <td><?PHP echo niceSize($row[1]).' / '.niceSize($row[0]); ?></td>
+ </tr>
+ <tr>
+  <th>Hard drive</th>
+  <td>
+   <img src="<?PHP echo CP_PATH; ?>res/bandout.png" alt="[Red]" title="Hard drive space used" width="<?PHP echo $hused; ?>" height="10"><img src="<?PHP echo CP_PATH; ?>res/bandfree.png" alt="[Green]" title="Free space" width="<?PHP echo $hfree; ?>" height="10">
+  </td>
+  <td><?PHP echo niceSize($row[3]).' / '.niceSize($row[2]); ?></td>
+ </tr>
+ <tr>
+  <th>Next payment</th>
+  <td colspan="2" style="text-align: center"><?PHP echo date('l, jS F, Y', $next); ?></td>
+ </tr>
+</table>

admin-www/mon/lib/common.php

@@ -0,0 +1,42 @@
+<?PHP
+
+ if (defined('LIB_COMMON')) { return; }
+
+ require_once('lib/database.php');
+ 
+ define('CP_PATH', '/mon/');
+ 
+ function NiceSize($bytes) {
+  $sizes = array();
+  $sizes[1024] = ' <abbr title="Kibibytes">KiB</abbr>';
+  $sizes[(1024*1024)] = ' <abbr title="Mebibytes">MiB</abbr>';
+  $sizes[(1024*1024*1024)] = ' <abbr title="Gibibytes">GiB</abbr>';
+  krsort($sizes);
+  foreach ($sizes as $val => $name) {
+   if ($bytes > ($val * 1.2)) {
+    return round($bytes/$val, 2).$name;
+   }
+  }
+  return $bytes.' <abbr title="Bytes">B</abbr>';
+ }
+ 
+ function h ($text) { return htmlspecialchars($text); } 
+ function m ($a) { return mysql_real_escape_string($a); }
+ function l ($message, $uid = false) { 
+  if ($uid === false ){ $uid = UID; }; mysql_query('INSERT INTO log (log_time, user_id, log_message) VALUES ('.time().', '.$uid.', \''.m($message).'\')') or print(mysql_error());
+  $sql = 'SELECT user_name FROM users WHERE user_id = '.$uid;
+  $res = mysql_query($sql);
+  $row = mysql_fetch_array($res);
+  botlog('User '.chr(2).$row[0].chr(2).': '.$message);
+ }
+
+ function botlog ($message) {
+  if ($fh = @fsockopen('soren.dataforce.org.uk',7530,$errno,$errstr,0.2)) {
+   fputs($fh, 'ZOMGutdSTAFF '.$message."\r\n");
+   fclose($fh);
+  }
+ }
+ 
+ define('LIB_COMMON', true);
+
+?>

admin-www/mon/lib/dashboard.php

@@ -0,0 +1,42 @@
+<?PHP
+
+if (defined('LIB_DASHBOARD')) { return; }
+
+$dbitems = array();
+
+function addDashboardItem ($category, $title, $url) {
+  global $dbitems;
+  
+  if (!isset($dbitems[$category])) {
+    $dbitems[$category] = array();
+  }
+  
+  $dbitems[$category][$title] = $url;
+}
+
+function generateDashboard () {
+  global $dbitems;
+  
+  ksort($dbitems);
+  
+  foreach ($dbitems as $k => $v) { ksort($dbitems[$k]); }
+  
+  echo '<div id="dashboard">';
+  
+  foreach ($dbitems as $category => $data) {
+    echo '<h2>'.$category.'</h2><ul>';  
+    foreach ($data as $title => $url) {
+      if ($url[0] != '#' && substr($url,0,7) != 'http://') { 
+	    $url = CP_PATH.$url;
+      }
+      echo '<li><a href="'.htmlspecialchars($url).'">'.$title.'</a></li>';
+    }
+    echo '</ul>';
+  }
+  
+  echo '</div>';
+}
+
+define('LIB_DASHBOARD', true);
+
+?>

admin-www/mon/lib/database.php

@@ -0,0 +1,10 @@
+<?PHP
+
+ if (defined('LIB_DB') && !isset($_redodb)) { return; }
+
+ mysql_connect('', '', '');
+ mysql_select_db('');
+
+ define('LIB_DB', true);
+
+?>

admin-www/mon/lib/footer.php

@@ -0,0 +1,2 @@
+ </body>
+</html>

admin-www/mon/lib/header.php

@@ -0,0 +1,44 @@
+<?PHP
+
+ if (!defined('LIB_COMMON')) { require_once('lib/common.php'); }
+ if (!defined('LIB_ACCOUNT')) { require_once('lib/account.php'); }
+ if (!defined('LIB_DASHBOARD')) { require_once('lib/dashboard.php'); }
+
+?>
+<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.01//EN" "http://www.w3.org/TR/html4/strict.dtd">
+<html>
+ <head>
+  <title>UTD-Hosting :: <?PHP echo TITLE; ?></title>
+  <link rel="stylesheet" type="text/css" href="<?PHP echo CP_PATH; ?>res/style.css">
+  </script>
+  <script type="text/javascript">
+   _uacct = "UA-70222-2";
+   urchinTracker();
+  </script>
+ </head>
+ <body>
+  <div id="header">
+   <h1><img src="<?PHP echo CP_PATH; ?>res/logo.png" alt="UTD-Hosting" title="UTD-Hosting"></h1>
+  </div>
+<?PHP
+
+ if (defined('USER')) { require_once('lib/bandwidth.php'); }
+
+?>  
+  <div id="menu">
+   <div id="menuleft">
+    <a href="<?PHP echo CP_PATH; ?>">Monitoring</a> 
+   </div>
+   <div id="menuright">
+    <a href="https://secure.utd-hosting.com/control">Control panel</a> |
+    <a href="https://secure.utd-hosting.com/control/admin">Admin</a>
+   </div>
+  </div>
+  <?PHP generateDashboard(); ?>
+  <?PHP if (defined('MESSAGE')) { ?>
+  <div id="message">
+   <div>
+    <?PHP echo MESSAGE; ?>
+   </div>
+  </div>
+  <?PHP } ?>

admin-www/mon/pages/servers.php

@@ -0,0 +1,57 @@
+<?PHP
+
+ $sql = 'SELECT count(*) FROM services';
+ $res = mysql_query($sql);
+ $row = mysql_fetch_array($res);
+ define('SERVICES', (int)$row[0]);
+
+?>
+<div class="block">
+ <h2>Servers</h2>
+ <table class="innerblock">
+  <tr>
+   <th>ID</th>
+   <th>Name</th>
+   <th>Host</th>
+   <th>Status</th>
+  </tr>
+<?PHP
+
+ $sql = 'SELECT server_id, server_name, server_host FROM servers';
+ $res = mysql_query($sql);
+ $i = 0;
+ while ($row = mysql_fetch_assoc($res)) {
+  $i = 1 - $i;
+?>
+  <tr class="<?PHP echo ($i == 1) ? 'even' : 'odd'; ?>">
+   <td><?PHP echo $row['server_id']; ?></td>
+   <td><a href="#<?PHP echo $row['server_name']; ?>"><?PHP echo $row['server_name']; ?></a></td>
+   <td><?PHP echo $row['server_host']; ?></td>
+   <td>
+<?PHP
+
+ $sql = 'SELECT COUNT(*) FROM servserv WHERE server_id = '.$row['server_id'];
+ $re2 = mysql_query($sql);
+ $ro2 = mysql_fetch_array($re2);
+ $services = $ro2[0];
+
+ $sql = 'SELECT COUNT(*) FROM results WHERE server_id = '.$row['server_id'].' AND result_result = \'down\' AND result_last = 1';
+ $re2 = mysql_query($sql);
+ $ro2 = mysql_fetch_array($re2);
+ if ((int)$ro2[0] > 0) {
+  echo '<span style="color: red; font-weight: bold;">'.$ro2[0].' DOWN</span>';
+ } 
+ if ((int)$ro2[0] < $services) {
+  if ((int)$ro2[0] > 0) { echo ' / '; }
+  echo '<span style="color: green;">'.($services - (int)$ro2[0]).' UP</span>';
+ }
+
+?>
+   </td>
+  </tr>
+<?PHP
+ }
+
+?>
+ </table>
+</div>

admin-www/mon/pages/status.php

@@ -0,0 +1,56 @@
+<?PHP
+
+ $sql = 'SELECT result_result, result_time, server_name, service_name, results.server_id, results.service_id FROM results NATURAL JOIN servers, services WHERE results.service_id = services.service_id AND result_last = 1 ORDER BY server_name, service_name';
+ $last = 0;
+ $res = mysql_query($sql);
+ while ($row = mysql_fetch_array($res)) {
+  if ($row['server_name'] !== $last) {
+   if ($last !== 0) { echo '</table></div>'; }
+   $i = 1;
+?>
+   <div class="block" id="<?PHP echo $row['server_name']; ?>">
+    <h2><?PHP echo $row['server_name']; ?></h2>
+    <table class="innerblock">
+     <tr>
+      <th>Service</th>
+      <th>Status</th>
+      <th>Time</th>
+      <th>Last up</th>
+      <th>Observed Uptime</th>
+      <th>Silence</th>
+     </tr>
+<?PHP
+   $last = $row['server_name'];
+  }
+  $i = 1 - $i;
+  echo '<tr class="'.($i == 0 ? 'even' : 'odd').'"><td>'.$row['service_name'].'</td><td';
+  if ($row['result_result'] == 'up') {
+   echo ' style="color: green;"';
+  } else {
+   echo ' style="color: red;"';
+  }
+  echo '>'.ucfirst($row['result_result']).'</td>';
+  echo '<td>'.date('r',$row['result_time']).'</td>';
+  $sql = 'SELECT MAX(result_time) FROM results WHERE server_id = '.$row['server_id'].' AND service_id = '.$row['service_id'].' AND result_result = \'up\'';
+  $re2 = mysql_query($sql);
+  $ro2 = mysql_fetch_array($re2);
+  echo '<td>'.date('r',$ro2[0]).'</td>';
+  $sql = 'SELECT COUNT(*), result_result FROM results WHERE server_id = '.$row['server_id'].' AND service_id = '.$row['service_id'].' GROUP BY result_result';
+  $re2 = mysql_query($sql) or print(mysql_error());
+  $uptime = array('up'=>0,'down'=>0);
+  while ($ro2 = mysql_fetch_array($re2)) {
+   $uptime[($ro2[1])] = $ro2[0];
+  }
+  echo '<td>'.round(100*$uptime['up']/($uptime['up']+$uptime['down']),3).'%</td>';
+  $re2 = mysql_query('SELECT ss_silenced FROM servserv WHERE server_id = '.$row['server_id'].' AND service_id = '.$row['service_id']) or print(mysql_error());
+  $ro2 = mysql_fetch_array($re2);
+  if ($ro2[0] == '1') {
+   echo '<td style="color: red;">Silenced</td>';
+  } else {
+   echo '<td><a href="?silence&amp;serv='.$row['server_id'].'&amp;svc='.$row['service_id'].'">Silence</a></td>';
+  }
+  echo '</tr>';
+ }
+
+?>
+</div>

admin-www/mon/probe.php

@@ -0,0 +1,31 @@
+#!/usr/bin/php -q
+<?PHP
+
+ chdir('/home/utd/public_html/mon');
+
+ set_time_limit(0);
+
+ require_once('lib/database.php');
+ require_once('lib/common.php');
+
+ mysql_query('UPDATE results SET result_last = 0');
+
+ $sql = 'SELECT ss_silenced, servers.server_id, server_host, service_name, server_name, services.service_id, service_port FROM servserv NATURAL JOIN servers, services WHERE services.service_id = servserv.service_id';
+ $res = mysql_query($sql) or print(mysql_error());
+ while ($row = mysql_fetch_assoc($res)) {
+  if (@fsockopen($row['server_host'], $row['service_port'], $a, $b, 10)) {
+   $result = 'up';
+   if ($row['ss_silenced'] == '1') {
+    mysql_query('UPDATE servserv SET ss_silenced = 0 WHERE server_id = '.$row['server_id'].' AND service_id = '.$row['service_id']);
+    botlog($row['service_name'].' [port '.$row['service_port'].'] is now accessible on '.$row['server_name'].'. The service has been unsilenced.'); 
+   }
+  } else {
+   $result = 'down';
+   if ($row['ss_silenced'] == '0') {
+    botlog(chr(2).'WARNING'.chr(2).': '.$row['service_name'].' [port '.$row['service_port'].'] is not accessible on '.$row['server_name'].' ['.$row['server_host'].']. Silence: http://admin.utd-hosting.com/mon/?silence&serv='.$row['server_id'].'&svc='.$row['service_id']);
+   }
+  }
+  mysql_query('INSERT INTO results (service_id, server_id, result_result, result_time) VALUES ('.$row['service_id'].', '.$row['server_id'].', \''.$result.'\', '.time().')'); 
+ }
+
+?>

admin-www/mon/res/bandwidth.php

@@ -0,0 +1,27 @@
+<?PHP
+
+ chdir('..'); // So all our includes work right
+ 
+ require('ext/pie.php');
+
+ require('lib/common.php');
+ require('lib/database.php');
+ require('lib/account.php');
+ 
+ $total = 0;
+ 
+ $sql = 'SELECT site_name, site_bandin, site_bandout FROM sites WHERE user_id = '.UID;
+ $res = mysql_query($sql); 
+ $stuf = array();
+ 
+ while ($row = mysql_fetch_array($res)) {
+  $stuff[($row['site_name'])] = ((int)$row['site_bandin'] + (int)$row['site_bandout']	) ;
+  $total += $stuff[($row['site_name'])];
+ }
+ 
+  $im = doPie('Bandwidth usage', $stuff); 
+ 
+ header('Content-type: image/png');
+ imagepng($im);
+
+?>

admin-www/mon/res/script.js

@@ -0,0 +1,97 @@
+function validateLoginForm () {
+  var error = false;
+  
+  document.getElementById('username').className = 'inflat';
+  document.getElementById('usernamevalid').innerHTML = '';
+  document.getElementById('password').className = 'inflat';
+  document.getElementById('passwordvalid').innerHTML = '';  
+  
+  if (document.forms.login.password.value.length < 4) {
+    error = true;
+    document.getElementById('password').className = 'inflaterr';
+    document.getElementById('passwordvalid').innerHTML = 'Passwords must be at least four characters long.';
+    document.getElementById('password').focus();
+  }
+  
+  if (document.forms.login.username.value.length < 2) {
+    error = true;
+    document.getElementById('username').className = 'inflaterr';
+    document.getElementById('usernamevalid').innerHTML = 'Usernames must be at least two characters long.';
+    document.getElementById('username').focus();
+  }
+  
+  return (error == false);
+}
+
+function validateSubdomainForm () {
+  var error = false;
+
+  document.getElementById('subdomain').className = 'inflat';
+  document.getElementById('subdomainerr').innerHTML = '';
+
+  if (document.forms.submd.subdomain.value.length == 0) {
+    error = true;
+    document.getElementById('subdomain').className = 'inflaterr';
+    document.getElementById('subdomainerr').innerHTML = 'You must enter a subdomain';
+    document.getElementById('subdomain').focus();
+  }
+
+  var valid = /^[a-z][a-z0-9\-]*$/i;
+  if (!valid.test(document.forms.submd.subdomain.value)) {
+    error = true;
+    document.getElementById('subdomain').className = 'inflaterr';
+    document.getElementById('subdomainerr').innerHTML = 'Invalid subdomain.';
+    document.getElementById('subdomain').focus();
+  }
+
+  return (error == false);
+}
+
+function validateDomainForm () {
+  var error = false;
+
+  document.getElementById('domain').className = 'inflat';
+  document.getElementById('domainerr').innerHTML = '';
+
+  if (document.forms.md.domain.value.length == 0) {
+    error = true;
+    document.getElementById('domain').className = 'inflaterr';
+    document.getElementById('domainerr').innerHTML = 'You must enter a domain';
+    document.getElementById('domain').focus();
+  }
+  
+  var valid = /^[a-z][a-z0-9\-\.]*\.[a-z]{2,}$/i
+  if (!valid.test(document.forms.md.domain.value)) {
+    error = true;
+    document.getElementById('domain').className = 'inflaterr';
+    document.getElementById('domainerr').innerHTML = 'Invalid domain.';
+    document.getElementById('domain').focus();
+  }
+
+  return (error == false);
+}
+
+function validateTicketForm () {
+  var error = false;
+  
+  document.getElementById('body').className = 'inflat';
+  document.getElementById('messagevalid').innerHTML = '';
+  document.getElementById('subject').className = 'inflat';
+  document.getElementById('subjectvalid').innerHTML = '';  
+  
+  if (document.forms.ticket.body.value.length < 10) {
+    error = true;
+    document.getElementById('body').className = 'inflaterr';
+    document.getElementById('messagevalid').innerHTML = 'Please enter a complete description of the problem.';
+    document.getElementById('body').focus();
+  }
+  
+  if (document.forms.ticket.subject.value.length < 5) {
+    error = true;
+    document.getElementById('subject').className = 'inflaterr';
+    document.getElementById('subjectvalid').innerHTML = 'Please enter a complete subject.';
+    document.getElementById('subject').focus();
+  }
+  
+  return (error == false);
+}

admin-www/mon/res/style.css

@@ -0,0 +1,240 @@
+body {
+  font-family: Tahoma, Arial, Sans-serif;
+  font-size: small;
+  margin: 170px 3% 5px 5%;
+  padding: 0px;
+}
+
+div#header {
+  position: absolute;
+  top: 15px;
+  left: 3%;
+  margin: 0px;
+}
+
+div#header h1 {
+  margin: 0px;
+}
+
+div#menu {
+  border: 1px solid #AAA;
+  position: absolute;
+  top: 115px;
+  left: 3%;
+  width: 94%;
+  background-color: #EEE;
+  padding: 5px;
+}
+
+div#menu a {
+  color: black;
+  text-decoration: none;
+}
+
+div#menu a:hover {
+  text-decoration: underline;
+}
+
+div#menuleft, div#menuright {
+  display: inline;
+}
+
+div#menuright {
+  position: absolute;
+  right: 0px;
+  padding-right: 6px;
+  text-align: right;
+}
+
+div.block {
+  width: 70%;
+  border: 1px solid #666;
+  padding: 0px;
+  margin-bottom: 20px;
+}
+
+div.block h2 {
+  margin: 0px;
+  background-color: #666;
+  font-size: 1em;
+  font-weight: bold;
+  padding: 3px 7px;
+  color: #F5F5F5;
+}
+
+div.innerblock {
+  padding: 10px;
+}
+
+table.innerblock {
+  width: 100%;
+  border-collapse: collapse;
+}
+
+table.innerblock th {
+  text-align: left;
+  background-color: #EEE;
+  border-bottom: 1px solid #666;
+}
+
+body table.righthead th {
+  text-align: right;	
+  background-color: #EEE;
+  border-bottom: 0px;
+  border-right: 1px solid #666;
+  padding-right: 10px;
+  width: 30%;
+}
+
+body table.bottomdiv {
+  border-bottom: 1px solid #666;
+}
+
+body table.righthead td {
+  padding-left: 10px;
+}
+
+table.innerblock td, table.innerblock th {
+  margin: 0px;
+  padding: 3px;
+}
+
+p.blurb {
+  font-style: italic;
+  margin: 0px;
+}
+
+table.form {
+  margin: 10px 0px;	
+}
+
+table.form td, table.form th {
+  padding: 3px;
+}
+
+table.leftpad {
+  margin-left: 10px;	
+}
+
+.inflat {
+  border: 1px solid #AAA;
+  padding: 3px;
+  width: 170px;
+}
+
+.inflaterr {
+  border: 1px solid #F00;
+  padding: 3px;
+  width: 170px;
+}
+
+div#dashboard {
+  float: right;
+  width: 25%;
+  border-left: 1px dotted #AAA;
+  padding: 5px 10px;
+}
+
+div#dashboard h2 {
+  margin: 0px;
+  font-size: 1em;
+  font-weight: bold;
+  color: #666;
+}
+
+div#dashboard ul {
+  padding-left: 20px;
+  margin-left: 0px;
+}
+
+div#dashboard li {
+  margin: 10px 0px;
+}
+
+div#dashboard a {
+  color: #000;
+  text-decoration: none;
+}
+
+div#dashboard a:hover {
+  text-decoration: underline;
+}
+
+table {
+  width: 100%;
+}
+
+th {
+  text-align: left;
+}
+
+table tr.odd td {
+  background-color: #F3F3F3;
+}
+
+table tr:hover td {
+  background-color: #E8E8E8;	
+}
+
+table.form tr:hover td { background-color: #FFF; }
+
+td.err {
+  color: #C44;
+}
+
+em {
+  font-style: normal;
+  font-family: monospace;
+  padding: 0px 5px;
+}
+
+ol li {
+  margin: 5px;
+}
+
+p.cleartop {
+  margin-top: 10px;
+}
+
+div#message {
+ border: 2px dashed #FAA;	
+ background-color: #FEE;
+ width: 70%;
+ margin-bottom: 20px;
+}
+
+div#message div {
+ padding: 10px;	
+}
+
+table#bandwidth {
+ border: 1px solid #AAA;
+ border-collapse: collapse;
+ width: auto;
+ position: absolute;
+ top: 20px;
+ right: 3%;
+ font-size: small;
+ font-family: Tahoma, sans-serif
+}
+
+table#bandwidth th {
+ font-weight: normal;
+ padding: 3px 10px;
+ width: auto;
+}
+
+table#bandwidth td {
+ border: 0px;
+ padding: 3px 7px;
+}
+
+table#bandwidth th, table#bandwidth td {
+ border-bottom: 1px solid #AAA;	
+}
+
+div.longtext {
+ line-height: 1.5em;
+}
+
+a img { border: 0px; }