Example #1
0
function required_parameters_check($parameters_required)
{
    global $data_in, $result;
    // Проверка наличия обязательных параметров
    $required_error_parameters = array();
    if (!empty($parameters_required) || count($parameters_required)) {
        foreach ($parameters_required as $parameter_name) {
            // Если параметр не пришел - заносим в массив его как ошибочный
            if (empty($data_in[$parameter_name])) {
                $required_error_parameters[] = $parameter_name;
            }
        }
        if (!empty($required_error_parameters)) {
            api_exit('Отсутствуют обязательные параметры: ' . implode(', ', $required_error_parameters));
        }
    }
}
Example #2
0
            case EX_NOINPUT:
            default:
                Http::response(416, $code, 'text/plain');
        }
    }
    exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
    //Upto 10 consecutive errors allowed...before a 5 minute timeout.
    //One more error during timeout and timeout starts a new clock
    if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 50) {
        // timeout!
        api_exit(EX_NOPERM, 'Host in Timeout');
    }
    //Check IP
    $ip = $_SERVER['REMOTE_ADDR'];
    if (!Validator::is_ip($ip) || !$cfg->isKnownHost($ip)) {
        //unknown IP
        api_exit(EX_NOPERM, 'Unknown remote host [' . $ip . ']');
    }
    //For added security...check API pass phrase.
    $key = $_SERVER['HTTP_USER_AGENT'];
    //pulling all tricks.
    if (empty($key) || strcasecmp($key, md5($cfg->getAPIKey()))) {
        api_exit(EX_NOPERM, 'Invalid API Key [' . $key . ']');
    }
    //At this point we know the remote host/IP is allowed.
    $_SESSION['api']['errors'] = 0;
    //clear errors for the session.
}
Example #3
0
                break;
            case EX_NOPERM:
                Http::response(403, $code, 'text/plain');
                break;
            case EX_DATAERR:
            case EX_NOINPUT:
            default:
                Http::response(416, $code, 'text/plain');
        }
    }
    exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
    $ip = $_SERVER['REMOTE_ADDR'];
    $key = $_SERVER['HTTP_USER_AGENT'];
    //pulling all tricks.
    //Upto 10 consecutive errors allowed...before a 5 minute timeout.
    //One more error during timeout and timeout starts a new clock
    if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 60) {
        // timeout!
        api_exit(EX_NOPERM, "Remote host [{$ip}] in timeout - error #" . $_SESSION['api']['errors']);
    }
    //Check API key & ip
    if (!Validator::is_ip($ip) || !Api::validate($key, $ip)) {
        api_exit(EX_NOPERM, 'Unknown remote host [' . $ip . '] or invalid API key [' . $key . ']');
    }
    //At this point we know the remote host/IP is allowed.
    $_SESSION['api']['errors'] = 0;
    //clear errors for the session.
}
Example #4
0
<?php

require_once '../../admin/functions.php';
$req = get_param();
list($db_name, $table_name, $data, $apikey) = null_exit($req, 'db_name', 'table_name', 'data', 'apikey');
api_exit($db_name, $table_name, $apikey);
items_exit($data, 'ident', 'facility', 'priority', 'title');
$output = append_new_data($db_name, $table_name, $data);
unset($output['listview']);
jsonp_nocache_exit($output);
Example #5
0
    $ticket = new Ticket(Ticket::getIdByExtId($extid));
    //Allow mismatched emails?? For now hell NO.
    if (!is_object($ticket) || strcasecmp($ticket->getEmail(), $var['email'])) {
        $ticket = null;
    }
}
$errors = array();
$msgid = 0;
if (!$ticket) {
    //New tickets...
    $ticket = Ticket::create($var, $errors, 'email');
    if (!is_object($ticket) || $errors) {
        api_exit(EX_DATAERR, 'Ticket create Failed ' . implode("\n", $errors) . "\n\n");
    }
    $msgid = $ticket->getLastMsgId();
} else {
    //post message....postMessage does the cleanup.
    if (!($msgid = $ticket->postMessage($var['message'], 'Email', $var['mid'], $var['header']))) {
        api_exit(EX_DATAERR, 'Unable to post message');
    }
}
//Ticket created...save attachments if enabled.
if ($cfg->allowEmailAttachments() && ($attachments = $parser->getAttachments())) {
    foreach ($attachments as $attachment) {
        if ($attachment['filename'] && $ost->isFileTypeAllowed($attachment['filename'])) {
            $ticket->saveAttachment(array('name' => $attachment['filename'], 'data' => $attachment['body']), $msgid, 'M');
        }
    }
}
api_exit(EX_SUCCESS);
Example #6
0
                break;
            case EX_NOPERM:
                Http::response(403, $code, 'text/plain');
                break;
            case EX_DATAERR:
            case EX_NOINPUT:
            default:
                Http::response(416, $code, 'text/plain');
        }
    }
    exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
    $ip = $_SERVER['REMOTE_ADDR'];
    $key = $_SERVER['HTTP_USER_AGENT'];
    //pulling all tricks.
    //Upto 10 consecutive errors allowed...before a 5 minute timeout.
    //One more error during timeout and timeout starts a new clock
    if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 60) {
        // timeout!
        api_exit(EX_NOPERM, "Error de tiempo de espera [{$ip}] en el Host Remoto #" . $_SESSION['api']['errors']);
    }
    //Check API key & ip
    if (!Validator::is_ip($ip) || !Api::validate($key, $ip)) {
        api_exit(EX_NOPERM, 'Host Remoto Desconocido [' . $ip . '] o clave Api invalida[' . $key . ']');
    }
    //At this point we know the remote host/IP is allowed.
    $_SESSION['api']['errors'] = 0;
    //clear errors for the session.
}