/**
* This function is beign used to load info that's needed for the userlist page.
* this function will return all users by using he pagination class, so that it can be used in the template. Only Mods and Admins can browse this page though.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function userlist()
{
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$pagination = new Pagination(WebUsers::getAllUsersQuery(), "web", 10, "WebUsers");
$pageResult['userlist'] = Gui_Elements::make_table($pagination->getElements(), array("getUId", "getUsername", "getEmail"), array("id", "username", "email"));
$pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent();
$i = 0;
foreach ($pageResult['userlist'] as $user) {
$pageResult['userlist'][$i]['permission'] = Ticket_User::constr_ExternId($pageResult['userlist'][$i]['id'])->getPermission();
$i++;
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$pageResult['isAdmin'] = "TRUE";
}
global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH;
global $BASE_WEBPATH;
$pageResult['base_webpath'] = $BASE_WEBPATH;
return $pageResult;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the login page.
* it will try to auto-login, this can only be used while ingame, the web browser sends additional cookie information that's also stored in the open_ring db.
* We will compare the values and if they match, the user will be automatically logged in!
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (helpers::check_if_game_client()) {
//check if you are logged in ingame, this should auto login
$result = Helpers::check_login_ingame();
if ($result) {
//handle successful login
$_SESSION['user'] = $result['name'];
$_SESSION['id'] = WebUsers::getId($result['name']);
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH);
} else {
header('Location: ' . $WEBPATH);
}
throw new SystemExit();
}
}
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
$pageElements['getstring'] = $GETString;
return $pageElements;
}
/**
* This function is beign used to add a user to a support group.
* It will first check if the user who executed this function is an admin. If the user exists it will try to add it to the supportgroup, in case it's not a mod or admin it will not
* add it to the group. if the executing user is not an admin or not logged in, the page will be redirected to the error page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user_to_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if the that executed the task is an admin.
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
$name = filter_var($_POST['Name'], FILTER_SANITIZE_STRING);
$id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$user_id = WebUsers::getId($name);
if ($user_id != "") {
//if the target user is a mod/admin
if (Ticket_User::constr_ExternId($user_id)->getPermission() > 1) {
//add it to the support group
$result['RESULT_OF_ADDING'] = Support_Group::addUserToSupportGroup($user_id, $id);
} else {
//return error message.
$result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN";
}
} else {
$result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING";
}
//$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
//$result['no_visible_elements'] = 'FALSE';
//$result['username'] = $_SESSION['user'];
//global $SITEBASE;
//require_once($SITEBASE . 'inc/show_sgroup.php');
//$result= array_merge($result, show_sgroup());
//helpers :: loadtemplate( 'show_sgroup', $result);
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $id);
}
throw new SystemExit();
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to login a user.
* It will first check if the sent POST data returns a match with the DB, if it does, some session variables will be appointed to the user and he will be redirected to the index page again.
* If it didn't match, the template will be reloaded and a matching error message will be shown.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
try {
$login_value = filter_var($_POST['LoginValue'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['Password'], FILTER_SANITIZE_STRING);
//check if the filtered sent POST data returns a match with the DB
$result = WebUsers::checkLoginMatch($login_value, $password);
if ($result != "fail") {
//handle successful login
$_SESSION['user'] = $result['Login'];
$_SESSION['id'] = $result['UId'];
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
$user = new WebUsers($_SESSION['id']);
$_SESSION['Language'] = $user->getLanguage();
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH . $GETString);
} else {
header('Location: ' . $WEBPATH . $GETString);
}
throw new SystemExit();
} else {
//handle login failure
$result = array();
$result['login_error'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('login', $result);
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to change the permission of a ticket_user.
* It will first check if the user who executed this function is an admin. If this is not the case the page will be redirected to an error page.
* in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1), the change will be executed and the page will
* redirect to the users profile page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_permission()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
//check if user who executed this function is an admin
if (ticket_user::isAdmin(unserialize($_SESSION['ticket_user']))) {
//in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1)
if (isset($_GET['user_id']) && isset($_GET['value']) && $_GET['user_id'] != 1 && $_GET['value'] < 4) {
$user_id = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
$value = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
//execute change.
Ticket_User::change_permission(Ticket_User::constr_ExternId($user_id)->getTUserId(), $value);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
} else {
//ERROR: GET PARAMS not given or trying to change admin
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_user page.
* Users can only browse their own user page, while mods/admins can browse all user pages. The current settings of the user being browsed will be loaded, as also their created tickets
* and this info will be returned so it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_user()
{
//if logged in
if (WebUsers::isLoggedIn()) {
//Users can only browse their own user page, while mods/admins can browse all user pages
if (!isset($_GET['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id']) {
if (isset($_GET['id'])) {
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
} else {
$result['target_id'] = $_SESSION['id'];
}
$webUser = new WebUsers($result['target_id']);
$result['target_name'] = $webUser->getUsername();
$result['mail'] = $webUser->getEmail();
$info = $webUser->getInfo();
$result['firstName'] = $info['FirstName'];
$result['lastName'] = $info['LastName'];
$result['country'] = $info['Country'];
$result['gender'] = $info['Gender'];
$ticket_user = Ticket_User::constr_ExternId($result['target_id']);
$result['userPermission'] = $ticket_user->getPermission();
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId());
$result['ticketlist'] = Gui_Elements::make_table($ticketlist, array("getTId", "getTimestamp", "getTitle", "getStatus", "getStatusText", "getStatusText", "getCategoryName"), array("tId", "timestamp", "title", "status", "statustext", "statusText", "category"));
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* return the ticket_user id from an email address.
* @param $email the emailaddress of a user.
* @return the ticket_user id related to that email address, in case none, return "FALSE".
*/
public static function get_id_from_email($email)
{
$webUserId = WebUsers::getIdFromEmail($email);
if ($webUserId != "FALSE") {
$user = Ticket_User::constr_ExternId($webUserId);
return $user->getTUserId();
} else {
return "FALSE";
}
}
/**
* This function is beign used to create a new ticket.
* It will first check if the user who executed this function is the person of whom the setting is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* next it will filter the POST data and it will try to create the new ticket. Afterwards a redirecion to the ticket will occur.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function create_ticket()
{
//if logged in
global $INGAME_WEBPATH;
global $WEBPATH;
$return = array();
$error = false;
if (WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])) {
if (strlen(preg_replace('/\\s\\s+/', ' ', $_POST['Title'])) < 2) {
$return = array_merge($_POST, $return);
$return['no_visible_elements'] = 'FALSE';
$catArray = Ticket_Category::getAllCategories();
$return['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, array("getName"), "getTCategoryId");
$return['TITLE_ERROR_MESSAGE'] = "Title must not be blank!";
$return['TITLE_ERROR'] = true;
$error = true;
}
if (strlen(preg_replace('/\\s\\s+/', ' ', $_POST['Content'])) < 2) {
$return = array_merge($_POST, $return);
$return['no_visible_elements'] = 'FALSE';
$catArray = Ticket_Category::getAllCategories();
$return['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, array("getName"), "getTCategoryId");
$return['CONTENT_ERROR_MESSAGE'] = "Content must not be blank!";
$return['CONTENT_ERROR'] = true;
$error = true;
}
if ($error) {
helpers::loadTemplate('createticket', $return);
throw new SystemExit();
}
if (isset($_POST['target_id'])) {
//if target_id is the same as session id or is admin
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT);
$title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING);
$content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING);
try {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the ticket is being made for the executing user himself
$author = unserialize($_SESSION['ticket_user'])->getTUserId();
} else {
//if a mod tries to make a ticket for someone else
$author = Ticket_User::constr_ExternId($_POST['target_id'])->getTUserId();
}
//create the ticket & return the id of the newly created ticket.
$ticket_id = Ticket::create_Ticket($title, $content, $category, $author, unserialize($_SESSION['ticket_user'])->getTUserId(), 0, $_POST);
//redirect to the new ticket.
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=show_ticket&id=" . $ticket_id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=show_ticket&id=" . $ticket_id);
throw new SystemExit();
}
} catch (PDOException $e) {
//ERROR: LIB DB is not online!
print_r($e);
throw new SystemExit();
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=createticket");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
