function sendAccessLink() { global $ost; if (!($ticket = $this->getTicket()) || !($email = $ost->getConfig()->getDefaultEmail()) || !($content = Page::lookup(Page::getIdByType('access-link')))) { return; } $vars = array('url' => $ost->getConfig()->getBaseUrl(), 'ticket' => $this->getTicket(), 'user' => $this, 'recipient' => $this); $msg = $ost->replaceTemplateVariables(array('subj' => $content->getName(), 'body' => $content->getBody()), $vars); $email->send($this->getEmail(), Format::striptags($msg['subj']), $msg['body']); }
Peter Rotich <*****@*****.**> Copyright (c) 2006-2013 osTicket http://www.osticket.com Released under the GNU General Public License WITHOUT ANY WARRANTY. See LICENSE.TXT for details. vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ require_once '../main.inc.php'; if (!defined('INCLUDE_DIR')) { die('Fatal Error. Kwaheri!'); } require_once INCLUDE_DIR . 'class.staff.php'; require_once INCLUDE_DIR . 'class.csrf.php'; $content = Page::lookup(Page::getIdByType('banner-staff')); $dest = $_SESSION['_staff']['auth']['dest']; $msg = $_SESSION['_staff']['auth']['msg']; $msg = $msg ?: ($content ? $content->getName() : 'Authentication Required'); $dest = $dest && (!strstr($dest, 'login.php') && !strstr($dest, 'ajax.php')) ? $dest : 'index.php'; $show_reset = false; if ($_POST) { // Lookup support backends for this staff $username = trim($_POST['userid']); if ($user = StaffAuthenticationBackend::process($username, $_POST['passwd'], $errors)) { session_write_close(); Http::redirect($dest); require_once 'index.php'; //Just incase header is messed up. exit; }
function getPages($criteria = array()) { $sql = ' SELECT id FROM ' . PAGE_TABLE . ' WHERE 1'; if (isset($criteria['active'])) { $sql .= ' AND isactive=' . db_input($criteria['active'] ? 1 : 0); } if (isset($criteria['type'])) { $sql .= ' AND `type`=' . db_input($criteria['type']); } $sql .= ' ORDER BY name'; $pages = array(); if (($res = db_query($sql)) && db_num_rows($res)) { while (list($id) = db_fetch_row($res)) { $pages[] = Page::lookup($id); } } return array_filter($pages); }
$errors['err'] = __('Unable to create local account. See messages below'); } elseif (!$user && !$thisclient && !($user = User::fromVars($user_form->getClean()))) { $errors['err'] = __('Unable to register account. See messages below'); } elseif (!$user && !($user = $thisclient ?: User::fromForm($user_form))) { $errors['err'] = __('Unable to register account. See messages below'); } else { if (!($acct = ClientAccount::createForUser($user))) { $errors['err'] = __('Internal error. Unable to create new account'); } elseif (!$acct->update($_POST, $errors)) { $errors['err'] = __('Errors configuring your profile. See messages below'); } } if (!$errors) { switch ($_POST['do']) { case 'create': $content = Page::lookup(Page::getIdByType('registration-confirm')); $inc = 'register.confirm.inc.php'; $acct->sendConfirmEmail(); break; case 'import': if ($bk = UserAuthenticationBackend::getBackend($_POST['backend'])) { $cl = new ClientSession(new EndUser($user)); if (!$bk->supportsInteractiveAuthentication()) { $acct->set('backend', null); } $acct->confirm(); if ($user = $bk->login($cl, $bk)) { Http::redirect('tickets.php'); } } break;
function getPage() { if (!$this->page && $this->getPageId()) { $this->page = Page::lookup($this->getPageId()); } return $this->page; }
<?php if (!defined('OSTCLIENTINC')) { die('Access Denied'); } $email = Format::input($_POST['luser'] ?: $_GET['e']); $passwd = Format::input($_POST['lpasswd'] ?: $_GET['t']); $content = Page::lookup(Page::getIdByType('banner-client')); if ($content) { list($title, $body) = $ost->replaceTemplateVariables(array($content->getName(), $content->getBody())); } else { $title = 'Sign In'; $body = 'To better serve you, we encourage our clients to register for an account and verify the email address we have on record.'; } ?> <h1><?php echo Format::display($title); ?> </h1> <p><?php echo Format::display($body); ?> </p> <form action="login.php" method="post" id="clientLogin"> <?php csrf_token(); ?> <div style="display:table-row"> <div style="width:40%;display:table-cell;box-shadow: 12px 0 15px -15px rgba(0,0,0,0.4);padding:15px;"> <strong><?php
function getThankYouPage() { if (!$this->thankyou_page && $this->getThankYouPageId()) { $this->thankyou_page = Page::lookup($this->getThankYouPageId()); } return $this->thankyou_page; }
function sendResetEmail($template = 'pwreset-staff', $log = true) { global $ost, $cfg; $content = Page::lookup(Page::getIdByType($template)); $token = Misc::randCode(48); // 290-bits if (!$content) { return new Error('Unable to retrieve password reset email template'); } $vars = array('url' => $ost->getConfig()->getBaseUrl(), 'token' => $token, 'staff' => $this, 'recipient' => $this, 'reset_link' => sprintf("%s/scp/pwreset.php?token=%s", $ost->getConfig()->getBaseUrl(), $token)); $vars['link'] =& $vars['reset_link']; if (!($email = $cfg->getAlertEmail())) { $email = $cfg->getDefaultEmail(); } $info = array('email' => $email, 'vars' => &$vars, 'log' => $log); Signal::send('auth.pwreset.email', $this, $info); if ($info['log']) { $ost->logWarning(_S('Agent Password Reset'), sprintf(_S('Password reset was attempted for agent: %1$s<br><br> Requested-User-Id: %2$s<br> Source-Ip: %3$s<br> Email-Sent-To: %4$s<br> Email-Sent-Via: %5$s'), $this->getName(), $_POST['userid'], $_SERVER['REMOTE_ADDR'], $this->getEmail(), $email->getEmail()), false); } $msg = $ost->replaceTemplateVariables(array('subj' => $content->getName(), 'body' => $content->getBody()), $vars); $_config = new Config('pwreset'); $_config->set($vars['token'], $this->getId()); $email->send($this->getEmail(), Format::striptags($msg['subj']), $msg['body']); }
vim: expandtab sw=4 ts=4 sts=4: **********************************************************************/ @chdir(dirname(__FILE__) . '/../'); require_once 'client.inc.php'; require_once INCLUDE_DIR . 'class.format.php'; require_once INCLUDE_DIR . 'class.page.php'; // Determine the requested page // - Strip extension $slug = Format::slugify($ost->get_path_info()); // Get the part before the first dash $first_word = explode('-', $slug); $first_word = $first_word[0]; $sql = 'SELECT id, name FROM ' . PAGE_TABLE . ' WHERE name LIKE ' . db_input("{$first_word}%"); $page_id = null; $res = db_query($sql); while (list($id, $name) = db_fetch_row($res)) { if (Format::slugify($name) == $slug) { $page_id = $id; break; } } if (!$page_id || !($page = Page::lookup($page_id))) { Http::response(404, __('Page Not Found')); } if (!$page->isActive() || $page->getType() != 'other') { Http::response(404, __('Page Not Found')); } require CLIENTINC_DIR . 'header.inc.php'; print $page->getBodyWithImages(); require CLIENTINC_DIR . 'footer.inc.php';
if (($p = Page::lookup($v)) && $p->disable()) { $i++; } } if ($i && $i == $count) { $msg = 'Selected pages disabled'; } elseif ($i > 0) { $warn = "{$num} of {$count} selected pages disabled"; } elseif (!$errors['err']) { $errors['err'] = 'Unable to disable selected pages'; } break; case 'delete': $i = 0; foreach ($_POST['ids'] as $k => $v) { if (($p = Page::lookup($v)) && $p->delete()) { $i++; } } if ($i && $i == $count) { $msg = 'Selected pages deleted successfully'; } elseif ($i > 0) { $warn = "{$i} of {$count} selected pages deleted"; } elseif (!$errors['err']) { $errors['err'] = 'Unable to delete selected pages'; } break; default: $errors['err'] = 'Unknown action - get technical help.'; } }
function updateContent($id) { global $thisstaff; if (!$thisstaff) { Http::response(403, 'Login Required'); } elseif (!$_POST['name'] || !$_POST['body']) { Http::response(422, 'Please submit name and body'); } elseif (!($content = Page::lookup($id))) { Http::response(404, 'No such content'); } $vars = array_merge($content->getHashtable(), $_POST); $errors = array(); if (!$content->save($id, $vars, $errors)) { if ($errors['err']) { Http::response(422, $errors['err']); } else { Http::response(500, 'Unable to update content: ' . print_r($errors, true)); } } }
protected function sendUnlockEmail($template) { global $ost, $cfg; $token = Misc::randCode(48); // 290-bits $email = $cfg->getDefaultEmail(); $content = Page::lookup(Page::getIdByType($template)); if (!$email || !$content) { return new Error(sprintf(_S('%s: Unable to retrieve template'), $template)); } $vars = array('url' => $ost->getConfig()->getBaseUrl(), 'token' => $token, 'user' => $this->getUser(), 'recipient' => $this->getUser(), 'link' => sprintf("%s/pwreset.php?token=%s", $ost->getConfig()->getBaseUrl(), $token)); $vars['reset_link'] =& $vars['link']; $info = array('email' => $email, 'vars' => &$vars, 'log' => true); Signal::send('auth.pwreset.email', $this->getUser(), $info); $msg = $ost->replaceTemplateVariables(array('subj' => $content->getName(), 'body' => $content->getBody()), $vars); $_config = new Config('pwreset'); $_config->set($vars['token'], $this->getUser()->getId()); $email->send($this->getUser()->getEmail(), Format::striptags($msg['subj']), $msg['body']); return true; }
function updateContent($id) { global $thisstaff; if (!$thisstaff) { Http::response(403, 'Login Required'); } elseif (!($content = Page::lookup($id))) { Http::response(404, 'No such content'); } if (!isset($_POST['body'])) { $_POST['body'] = ''; } $vars = array_merge($content->getHashtable(), $_POST); $errors = array(); // Allow empty content for the staff banner if ($content->save($id, $vars, $errors, $content->getType() == 'banner-staff')) { Http::response(201, 'Have a great day!'); } if (!$errors['err']) { $errors['err'] = __('Correct the error(s) below and try again!'); } $info = $_POST; $errors = Format::htmlchars($errors); include STAFFINC_DIR . 'templates/content-manage.tmpl.php'; }