static function afterAdd(Group_Ticket $item)
{
global $DB;
//Toolbox::logDebug(__METHOD__, $item);
$config = PluginBehaviorsConfig::getInstance();
if ($config->getField('add_notif')) {
if ($item->getField('type') == CommonITILActor::ASSIGN) {
$ticket = new Ticket();
if ($ticket->getFromDB($item->getField('tickets_id'))) {
NotificationEvent::raiseEvent('plugin_behaviors_ticketnewgrp', $ticket);
}
}
}
// Check is the connected user is a tech
if (!is_numeric(Session::getLoginUserID(false)) || !Session::haveRight('own_ticket', 1)) {
return false;
// No check
}
$config = PluginBehaviorsConfig::getInstance();
if ($config->getField('single_tech_mode') != 0 && $item->input['type'] == CommonITILActor::ASSIGN) {
$crit = array('tickets_id' => $item->input['tickets_id'], 'type' => CommonITILActor::ASSIGN);
foreach ($DB->request('glpi_groups_tickets', $crit) as $data) {
if ($data['id'] != $item->getID()) {
$gu = new Group_Ticket();
$gu->delete($data);
}
}
if ($config->getField('single_tech_mode') == 2) {
foreach ($DB->request('glpi_tickets_users', $crit) as $data) {
$gu = new Ticket_User();
$gu->delete($data);
}
}
}
}
/**
* This function is beign used to load info that's needed for the syncing page.
* this function is used for notifying admins that there are unsynced changes, a brief overview of the non syned changes will be shown. The entries are being loaded here
* so that they can be passed to the template itself. Only admins can browse this page, others will be redirected to an error page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function syncing()
{
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
//return a paginated version of all unsynced changes.
$pagination = new Pagination("SELECT * FROM ams_querycache", "lib", 5, "Querycache");
$pageResult['liblist'] = Gui_Elements::make_table($pagination->getElements(), array("getSID", "getType"), array("id", "type"));
$pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent();
global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH;
//check if shard is online
try {
$dbs = new DBLayer("shard");
$pageResult['shard'] = "online";
} catch (PDOException $e) {
$pageResult['shard'] = "offline";
}
return $pageResult;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
}
/**
* function plugins_update to get
* plugins updates from the Database using pagination object.
*
* @author shubham meena mentored by Matthew Lagoe
*/
function plugins_update()
{
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$pagination = new Pagination("SELECT * FROM plugins INNER JOIN updates ON plugins.Id=updates.PluginId", "lib", 5, "Plugincache");
$pageResult['plug'] = Gui_Elements::make_table($pagination->getElements(), array("getId", "getPluginName", "getPluginInfo", "getUpdateInfo"), array("id", "plugin_name", "plugin_info", "update_info"));
$pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent();
global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH;
// check if shard is online
try {
$dbs = new DBLayer("shard");
$pageResult['shard'] = "online";
} catch (PDOException $e) {
$pageResult['shard'] = "offline";
}
return $pageResult;
} else {
// ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the login page.
* it will try to auto-login, this can only be used while ingame, the web browser sends additional cookie information that's also stored in the open_ring db.
* We will compare the values and if they match, the user will be automatically logged in!
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (helpers::check_if_game_client()) {
//check if you are logged in ingame, this should auto login
$result = Helpers::check_login_ingame();
if ($result) {
//handle successful login
$_SESSION['user'] = $result['name'];
$_SESSION['id'] = WebUsers::getId($result['name']);
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH);
} else {
header('Location: ' . $WEBPATH);
}
throw new SystemExit();
}
}
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
$pageElements['getstring'] = $GETString;
return $pageElements;
}
/**
* return all replies on a specific ticket.
* @param $ticket_id the id of the ticket of which we want the replies.
* @param $view_as_admin if the browsing user is an admin/mod it should be 1, this will also show the hidden replies.
* @return an array with ticket_reply objects (beware the author and content are objects on their own, not integers!)
*/
public static function getRepliesOfTicket($ticket_id, $view_as_admin)
{
$dbl = new DBLayer("lib");
$statement = $dbl->execute("SELECT * FROM ticket_reply INNER JOIN ticket_content INNER JOIN ticket_user ON ticket_reply.Content = ticket_content.TContentId and ticket_reply.Ticket=:id and ticket_user.TUserId = ticket_reply.Author ORDER BY ticket_reply.TReplyId ASC", array('id' => $ticket_id));
$row = $statement->fetchAll();
$result = array();
foreach ($row as $tReply) {
//only add hidden replies if the user is a mod/admin
if (!$tReply['Hidden'] || $view_as_admin) {
//load author
$instanceAuthor = Ticket_User::constr_TUserId($tReply['Author']);
$instanceAuthor->setExternId($tReply['ExternId']);
$instanceAuthor->setPermission($tReply['Permission']);
//load content
$instanceContent = new Ticket_Content();
$instanceContent->setTContentId($tReply['TContentId']);
$instanceContent->setContent($tReply['Content']);
//load reply and add the author and content object in it.
$instanceReply = new self();
$instanceReply->setTReplyId($tReply['TReplyId']);
$instanceReply->setTimestamp($tReply['Timestamp']);
$instanceReply->setAuthor($instanceAuthor);
$instanceReply->setTicket($ticket_id);
$instanceReply->setContent($instanceContent);
$instanceReply->setHidden($tReply['Hidden']);
$result[] = $instanceReply;
}
}
return $result;
}
/**
* This function is beign used to load info that's needed for the userlist page.
* this function will return all users by using he pagination class, so that it can be used in the template. Only Mods and Admins can browse this page though.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function userlist()
{
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$pagination = new Pagination(WebUsers::getAllUsersQuery(), "web", 10, "WebUsers");
$pageResult['userlist'] = Gui_Elements::make_table($pagination->getElements(), array("getUId", "getUsername", "getEmail"), array("id", "username", "email"));
$pageResult['links'] = $pagination->getLinks(5);
$pageResult['lastPage'] = $pagination->getLast();
$pageResult['currentPage'] = $pagination->getCurrent();
$i = 0;
foreach ($pageResult['userlist'] as $user) {
$pageResult['userlist'][$i]['permission'] = Ticket_User::constr_ExternId($pageResult['userlist'][$i]['id'])->getPermission();
$i++;
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$pageResult['isAdmin'] = "TRUE";
}
global $INGAME_WEBPATH;
$pageResult['ingame_webpath'] = $INGAME_WEBPATH;
global $BASE_WEBPATH;
$pageResult['base_webpath'] = $BASE_WEBPATH;
return $pageResult;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
}
static function plugin_vip_item_update_user(Ticket_User $ticket)
{
global $DB;
$ticketid = $ticket->getField('tickets_id');
$vipticket = self::isTicketVip($ticketid);
$vipdbticket = "";
$ticketquery = "SELECT isvip\n\t\t\t\t\t\t FROM glpi_plugin_vip_tickets\n\t\t\t\t \t\t WHERE id = " . $ticketid;
$vipticketres = $DB->query($ticketquery);
$vipdbticket = mysqli_fetch_object($vipticketres);
if ($vipticket) {
$vipdbquery = "UPDATE glpi_plugin_vip_tickets\n SET isvip = 1\n WHERE id = " . $ticketid;
} else {
$vipdbquery = "UPDATE glpi_plugin_vip_tickets\n SET isvip = 0\n WHERE id = " . $ticketid;
}
$updatevipdb = $DB->query($vipdbquery);
}
/**
* This function is beign used to load info that's needed for the dashboard page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* next it will fetch a lot of information regarding to the status of the ticket system (eg return the total amount of tickets) and return this information so
* it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function dashboard()
{
//if logged in
if (WebUsers::isLoggedIn()) {
//is Mod
if (ticket_user::isMod(unserialize($_SESSION['ticket_user']))) {
//return useful information about the status of the ticket system.
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
$result['nrToDo'] = Ticket_Queue_Handler::getNrOfTicketsToDo(unserialize($_SESSION['ticket_user'])->getTUserId());
$result['nrAssignedWaiting'] = Ticket_Queue_Handler::getNrOfTicketsAssignedWaiting(unserialize($_SESSION['ticket_user'])->getTUserId());
$result['nrTotalTickets'] = Ticket_Queue_Handler::getNrOfTickets();
$ticket = Ticket_Queue_Handler::getNewestTicket();
$result['newestTicketId'] = $ticket->getTId();
$result['newestTicketTitle'] = $ticket->getTitle();
$result['newestTicketAuthor'] = Ticket_User::get_username_from_id($ticket->getAuthor());
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to reply on a ticket.
* It will first check if the user who executed this function is a mod/admin or the topic creator himself. If this is not the case the page will be redirected to an error page.
* in case the isset($_POST['hidden'] is set and the user is a mod, the message will be hidden for the topic starter. The reply will be created. If $_POST['ChangeStatus']) & $_POST['ChangePriority'] is set
* it will try to update the status and priority. Afterwards the page is being redirecte to the ticket again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function reply_on_ticket()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn() && isset($_POST['ticket_id'])) {
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($ticket_id);
//check if the user who executed this function is a mod/admin or the topic creator himself.
if ($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
try {
$author = unserialize($_SESSION['ticket_user'])->getTUserId();
if (isset($_POST['Content'])) {
$content = $_POST['Content'];
} else {
$content = "";
}
$hidden = 0;
if (isset($_POST['hidden']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$hidden = 1;
}
//create the reply
Ticket::createReply($content, $author, $ticket_id, $hidden);
//try to update the status & priority in case these are set.
if (isset($_POST['ChangeStatus']) && isset($_POST['ChangePriority']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$newStatus = filter_var($_POST['ChangeStatus'], FILTER_SANITIZE_NUMBER_INT);
$newPriority = filter_var($_POST['ChangePriority'], FILTER_SANITIZE_NUMBER_INT);
Ticket::updateTicketStatusAndPriority($ticket_id, $newStatus, $newPriority, $author);
}
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_ticket&id=" . $ticket_id);
} else {
header("Location: " . $WEBPATH . "?page=show_ticket&id=" . $ticket_id);
}
throw new SystemExit();
} catch (PDOException $e) {
//ERROR: LIB DB is not online!
print_r($e);
//header("Location: index.php");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to modify the email related to a support group.
* It will first check if the user who executed this function is an admin. If this is not the case the page will be redirected to an error page.
* the new email will be validated and in case it's valid we'll add it to the db. Before adding it, we will encrypt the password by using the MyCrypt class. Afterwards the password gets
* updated and the page redirected again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function modify_email_of_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if user is an admin
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
$sgroupid = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$group = Support_Group::getGroup($sgroupid);
$groupemail = filter_var($_POST['GroupEmail'], FILTER_SANITIZE_STRING);
if (Users::validEmail($groupemail) || $groupemail == "") {
$password = filter_var($_POST['IMAP_Password'], FILTER_SANITIZE_STRING);
$group->setGroupEmail($groupemail);
$group->setIMAP_MailServer(filter_var($_POST['IMAP_MailServer'], FILTER_SANITIZE_STRING));
$group->setIMAP_Username(filter_var($_POST['IMAP_Username'], FILTER_SANITIZE_STRING));
//encrypt password!
global $cfg;
$crypter = new MyCrypt($cfg['crypt']);
$enc_password = $crypter->encrypt($password);
$group->setIMAP_Password($enc_password);
$group->update();
$result['RESULT_OF_MODIFYING'] = "SUCCESS";
if ($password == "") {
$result['RESULT_OF_MODIFYING'] = "NO_PASSWORD";
}
} else {
$result['RESULT_OF_MODIFYING'] = "EMAIL_NOT_VALID";
}
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
//global $SITEBASE;
//require_once($SITEBASE . 'inc/show_sgroup.php');
//$result= array_merge($result, show_sgroup());
//helpers :: loadtemplate( 'show_sgroup', $result);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $sgroupid);
} else {
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $sgroupid);
}
throw new SystemExit();
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_reply page.
* check if the person is allowed to see the reply, if not he'll be redirected to an error page.
* data regarding to the reply will be returned by this function that will be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_reply()
{
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
$result['reply_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$reply = new Ticket_Reply();
$reply->load_With_TReplyId($result['reply_id']);
$ticket = new Ticket();
$ticket->load_With_TId($reply->getTicket());
//check if the user is allowed to see the reply
if ($ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() && !$reply->getHidden() || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$content = new Ticket_Content();
$content->load_With_TContentId($reply->getContent());
$author = new Ticket_User();
$author->load_With_TUserId($reply->getAuthor());
$result['hidden'] = $reply->getHidden();
$result['ticket_id'] = $reply->getTicket();
$result['reply_timestamp'] = $reply->getTimestamp();
$result['author_permission'] = $author->getPermission();
$result['reply_content'] = $content->getContent();
$result['author'] = $author->getExternId();
$webUser = new WebUsers($author->getExternId());
$result['authorName'] = $webUser->getUsername();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
protected function _testTicketUser(Ticket $ticket, $actor, $role, $notify, $alternateEmail)
{
if ($actor > 0) {
$user = new User();
$user->getFromDB($actor);
$this->assertFalse($user->isNewItem());
$ticketUser = new Ticket_User();
$ticketUser->getFromDBForItems($ticket, $user);
$this->assertFalse($ticketUser->isNewItem());
$this->assertEquals($role, $ticketUser->getField('type'));
$this->assertEquals($notify, $ticketUser->getField('use_notification'));
} else {
$ticketId = $ticket->getID();
$ticketUser = new Ticket_User();
$ticketUser->getFromDBByQuery("WHERE `tickets_id` = '{$ticketId}' AND `users_id` = '0' AND `alternative_email` = '{$alternateEmail}'");
$this->assertFalse($ticketUser->isNewItem());
$this->assertEquals($role, $ticketUser->getField('type'));
$this->assertEquals($notify, $ticketUser->getField('use_notification'));
}
}
/**
* This function is beign used to load info that's needed for the settings page.
* check if the person who wants to view this page is a mod/admin or the user to whom te settings belong himself, if this is not the case, he will be redirected to an error page.
* it will return a lot of information of that user, that's being used for loading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function settings()
{
if (WebUsers::isLoggedIn()) {
//in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
if (isset($_GET['id'])) {
if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
} else {
$webUser = new Webusers($_GET['id']);
$result = $webUser->getInfo();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
$result['changesOther'] = "TRUE";
}
$result['target_id'] = $_GET['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
} else {
$webUser = new Webusers($_SESSION['id']);
$result = $webUser->getInfo();
$result['target_id'] = $_SESSION['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
//Sanitize Data
$result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
$result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
$result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
$result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
$result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
$result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
$result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
$result['country_array'] = getCountryArray();
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
$dbl = new DBLayer("lib");
$statement = $dbl->executeWithoutParams("SELECT * FROM settings");
$rows = $statement->fetchAll();
foreach ($rows as &$value) {
$result[$value['Setting']] = $value['Value'];
}
return $result;
} else {
//ERROR: not logged in!
header("Location: index.php");
header("Cache-Control: max-age=1");
throw new SystemExit();
}
}
/**
* This function is beign used to add a user to a support group.
* It will first check if the user who executed this function is an admin. If the user exists it will try to add it to the supportgroup, in case it's not a mod or admin it will not
* add it to the group. if the executing user is not an admin or not logged in, the page will be redirected to the error page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user_to_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if the that executed the task is an admin.
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
$name = filter_var($_POST['Name'], FILTER_SANITIZE_STRING);
$id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$user_id = WebUsers::getId($name);
if ($user_id != "") {
//if the target user is a mod/admin
if (Ticket_User::constr_ExternId($user_id)->getPermission() > 1) {
//add it to the support group
$result['RESULT_OF_ADDING'] = Support_Group::addUserToSupportGroup($user_id, $id);
} else {
//return error message.
$result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN";
}
} else {
$result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING";
}
//$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
//$result['no_visible_elements'] = 'FALSE';
//$result['username'] = $_SESSION['user'];
//global $SITEBASE;
//require_once($SITEBASE . 'inc/show_sgroup.php');
//$result= array_merge($result, show_sgroup());
//helpers :: loadtemplate( 'show_sgroup', $result);
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $id);
}
throw new SystemExit();
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* returns the tickets that are related in someway defined by $input.
* The $input parameter should be a string that defines what kind of queue should be loaded. A new pagination object will be instantiated and will load 10 entries,
* related to the $_GET['pagenum'] variable.
* @param $input identifier that defines what queue to load.
* @param $user_id the id of the user that browses the queues, some queues can be depending on this.
* @return an array consisting of ticket objects, beware, the author & category of a ticket, are objects on their own (no integers are used this time).
*/
public function getTickets($input, $user_id)
{
switch ($input) {
case "all":
$this->queue->loadAllTickets();
break;
case "all_open":
$this->queue->loadAllOpenTickets();
break;
case "archive":
$this->queue->loadAllClosedTickets();
break;
case "not_assigned":
$this->queue->loadAllNotAssignedTickets();
break;
case "todo":
$this->queue->loadToDoTickets($user_id);
break;
case "create":
//set these with the createQueue function proceding the getTickets function
break;
default:
return "ERROR";
}
$this->pagination = new Pagination($this->queue->getQuery(), "lib", 10, "Ticket", $this->queue->getParams());
$elemArray = $this->pagination->getElements();
if (!empty($elemArray)) {
foreach ($elemArray as $element) {
$catInstance = new Ticket_Category();
$catInstance->load_With_TCategoryId($element->getTicket_Category());
$element->setTicket_Category($catInstance);
$userInstance = new Ticket_User();
$userInstance->load_With_TUserId($element->getAuthor());
$element->setAuthor($userInstance);
}
}
return $this->pagination->getElements();
}
/**
* This function is beign used to load info that's needed for the show_ticket_info page.
* check if the person browsing this page is a mod/admin or the ticket creator himself, if not he'll be redirected to an error page.
* not all tickets have this page related to it, only tickets created ingame will have additional information. The returned info will be used by the template to show the show_ticket_info page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_ticket_info()
{
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']);
if ($target_ticket->hasInfo() && ($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])))) {
$result['ticket_title'] = $target_ticket->getTitle();
$result['ticket_author'] = $target_ticket->getAuthor();
$ticket_info = new Ticket_Info();
$ticket_info->load_With_Ticket($result['ticket_id']);
$result['shard_id'] = $ticket_info->getShardId();
$result['user_position'] = $ticket_info->getUser_Position();
$result['view_position'] = $ticket_info->getView_Position();
$result['client_version'] = $ticket_info->getClient_Version();
$result['patch_version'] = $ticket_info->getPatch_Version();
$result['server_tick'] = $ticket_info->getServer_Tick();
$result['connect_state'] = $ticket_info->getConnect_State();
$result['local_address'] = $ticket_info->getLocal_Address();
$result['memory'] = $ticket_info->getMemory();
$result['os'] = $ticket_info->getOS();
$result['processor'] = $ticket_info->getProcessor();
$result['cpu_id'] = $ticket_info->getCPUId();
$result['cpu_mask'] = $ticket_info->getCPU_Mask();
$result['ht'] = $ticket_info->getHT();
$result['nel3d'] = $ticket_info->getNel3D();
$result['user_id'] = $ticket_info->getUser_Id();
global $IMAGELOC_WEBPATH;
$result['IMAGELOC_WEBPATH'] = $IMAGELOC_WEBPATH;
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to change the users receiveMail setting.
* It will first check if the user who executed this function is the person of whom the setting is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* it will check if the new value equals 1 or 0 and it will update the setting and redirect the page again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_receivemail()
{
try {
//if logged in
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
//check if the user who executed this function is the person of whom the setting is or if it's a mod/admin.
if (($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) && isset($_POST['ReceiveMail'])) {
$user_id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$receiveMail = filter_var($_POST['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
if ($receiveMail == 0 || $receiveMail == 1) {
WebUsers::setReceiveMail($user_id, $receiveMail);
}
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=settings&id=" . $user_id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=settings&id=" . $user_id);
}
throw new SystemExit();
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to add a new Support Group to the database.
* What it will do is check if the user who executed the function is an Admin, if so then it will filter all POST'ed data and use it to create a new Support_Group entry.
* if not logged in or not an admin, an appropriate redirection to an error page will take place.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if admin
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$name = filter_var($_POST['Name'], FILTER_SANITIZE_STRING);
$inner_tag = filter_var($_POST['Tag'], FILTER_SANITIZE_STRING);
$tag = "[" . $inner_tag . "]";
$inner_tag = filter_var($_POST['Tag'], FILTER_SANITIZE_STRING);
$groupemail = filter_var($_POST['GroupEmail'], FILTER_SANITIZE_STRING);
$imap_mailserver = filter_var($_POST['IMAP_MailServer'], FILTER_SANITIZE_STRING);
$imap_username = filter_var($_POST['IMAP_Username'], FILTER_SANITIZE_STRING);
$imap_password = filter_var($_POST['IMAP_Password'], FILTER_SANITIZE_STRING);
//create a new support group
$result['RESULT_OF_ADDING'] = Support_Group::createSupportGroup($name, $tag, $groupemail, $imap_mailserver, $imap_username, $imap_password);
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
global $SITEBASE;
require $SITEBASE . '/inc/sgroup_list.php';
$result = array_merge($result, sgroup_list());
return $result;
header("Cache-Control: max-age=1");
/*if (Helpers::check_if_game_client()) {
header("Location: ".$INGAME_WEBPATH."?page=sgroup_list");
}else{
header("Location: ".$WEBPATH."?page=sgroup_list");
}
exit;
*/
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
function settings()
{
if (WebUsers::isLoggedIn()) {
//in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
if (isset($_GET['id'])) {
if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Location: index.php?page=error");
exit;
} else {
$webUser = new Webusers($_GET['id']);
//$result = $webUser->getInfo();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
$result['changesOther'] = "TRUE";
}
$result['target_id'] = $_GET['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
} else {
$webUser = new Webusers($_SESSION['id']);
//$result = $webUser->getInfo();
$result['target_id'] = $_SESSION['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
//Sanitize Data
$result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
$result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
//$result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
//$result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
//$result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
//$result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
//$result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
//$result['country_array'] = getCountryArray();
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: not logged in!
header("Location: index.php");
exit;
}
}
/**
* This function is beign used to login a user.
* It will first check if the sent POST data returns a match with the DB, if it does, some session variables will be appointed to the user and he will be redirected to the index page again.
* If it didn't match, the template will be reloaded and a matching error message will be shown.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
try {
$login_value = filter_var($_POST['LoginValue'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['Password'], FILTER_SANITIZE_STRING);
//check if the filtered sent POST data returns a match with the DB
$result = WebUsers::checkLoginMatch($login_value, $password);
if ($result != "fail") {
//handle successful login
$_SESSION['user'] = $result['Login'];
$_SESSION['id'] = $result['UId'];
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
$user = new WebUsers($_SESSION['id']);
$_SESSION['Language'] = $user->getLanguage();
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH . $GETString);
} else {
header('Location: ' . $WEBPATH . $GETString);
}
throw new SystemExit();
} else {
//handle login failure
$result = array();
$result['login_error'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('login', $result);
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to change the permission of a ticket_user.
* It will first check if the user who executed this function is an admin. If this is not the case the page will be redirected to an error page.
* in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1), the change will be executed and the page will
* redirect to the users profile page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_permission()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
//check if user who executed this function is an admin
if (ticket_user::isAdmin(unserialize($_SESSION['ticket_user']))) {
//in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1)
if (isset($_GET['user_id']) && isset($_GET['value']) && $_GET['user_id'] != 1 && $_GET['value'] < 4) {
$user_id = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
$value = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
//execute change.
Ticket_User::change_permission(Ticket_User::constr_ExternId($user_id)->getTUserId(), $value);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
} else {
//ERROR: GET PARAMS not given or trying to change admin
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_user page.
* Users can only browse their own user page, while mods/admins can browse all user pages. The current settings of the user being browsed will be loaded, as also their created tickets
* and this info will be returned so it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_user()
{
//if logged in
if (WebUsers::isLoggedIn()) {
//Users can only browse their own user page, while mods/admins can browse all user pages
if (!isset($_GET['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id']) {
if (isset($_GET['id'])) {
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
} else {
$result['target_id'] = $_SESSION['id'];
}
$webUser = new WebUsers($result['target_id']);
$result['target_name'] = $webUser->getUsername();
$result['mail'] = $webUser->getEmail();
$info = $webUser->getInfo();
$result['firstName'] = $info['FirstName'];
$result['lastName'] = $info['LastName'];
$result['country'] = $info['Country'];
$result['gender'] = $info['Gender'];
$ticket_user = Ticket_User::constr_ExternId($result['target_id']);
$result['userPermission'] = $ticket_user->getPermission();
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId());
$result['ticketlist'] = Gui_Elements::make_table($ticketlist, array("getTId", "getTimestamp", "getTitle", "getStatus", "getStatusText", "getStatusText", "getCategoryName"), array("tId", "timestamp", "title", "status", "statustext", "statusText", "category"));
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* return all log entries related to a ticket.
* @param $ticket_id the id of the ticket of which we want all related log entries returned.
* @return an array of ticket_log objects, be aware that the author in the ticket_log object is a ticket_user object on its own (so not a simple integer).
*/
public static function getLogsOfTicket($ticket_id)
{
$dbl = new DBLayer("lib");
$statement = $dbl->execute("SELECT * FROM ticket_log INNER JOIN ticket_user ON ticket_log.Author = ticket_user.TUserId and ticket_log.Ticket=:id ORDER BY ticket_log.TLogId ASC", array('id' => $ticket_id));
$row = $statement->fetchAll();
$result = array();
foreach ($row as $log) {
$instanceAuthor = Ticket_User::constr_TUserId($log['Author']);
$instanceAuthor->setExternId($log['ExternId']);
$instanceAuthor->setPermission($log['Permission']);
$instanceLog = new self();
$instanceLog->setTLogId($log['TLogId']);
$instanceLog->setTimestamp($log['Timestamp']);
$instanceLog->setAuthor($instanceAuthor);
$instanceLog->setTicket($ticket_id);
$instanceLog->setQuery($log['Query']);
$result[] = $instanceLog;
}
return $result;
}
/**
* This function is beign used to load info that's needed for the sgroup_list page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* It will return all suppport groups information. Also if the $_GET['delete'] var is set and the user is an admin, he will delete a specific entry.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function sgroup_list()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//if delete GET var is set and user is admin, then delete the groups entry.
if (isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
$result['delete'] = Support_Group::deleteSupportGroup($delete_id);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=sgroup_list");
} else {
header("Location: " . $WEBPATH . "?page=sgroup_list");
}
throw new SystemExit();
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName", "getTag", "getGroupEmail"), array("sGroupId", "name", "tag", "groupemail"));
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
function cleanDBonPurge()
{
global $DB;
$query = "DELETE\n FROM `glpi_profiles_users`\n WHERE `users_id` = '" . $this->fields['id'] . "'";
$DB->query($query);
if ($this->fields['id'] > 0) {
// Security
$query = "DELETE\n FROM `glpi_displaypreferences`\n WHERE `users_id` = '" . $this->fields['id'] . "'";
$DB->query($query);
$query = "DELETE\n FROM `glpi_bookmarks_users`\n WHERE `users_id` = '" . $this->fields['id'] . "'";
$DB->query($query);
}
// Delete own reminders
$query = "DELETE\n FROM `glpi_reminders`\n WHERE `users_id` = '" . $this->fields['id'] . "'";
$DB->query($query);
// Delete private bookmark
$query = "DELETE\n FROM `glpi_bookmarks`\n WHERE `users_id` = '" . $this->fields['id'] . "'\n AND `is_private` = '1'";
$DB->query($query);
// Set no user to public bookmark
$query = "UPDATE `glpi_bookmarks`\n SET `users_id` = '0'\n WHERE `users_id` = '" . $this->fields['id'] . "'";
$DB->query($query);
// Set no user to consumables
$query = "UPDATE `glpi_consumables`\n SET `items_id` = '0'\n WHERE `items_id` = '" . $this->fields['id'] . "'\n AND `itemtype` = 'User'";
$DB->query($query);
$gu = new Group_User();
$gu->cleanDBonItemDelete($this->getType(), $this->fields['id']);
$tu = new Ticket_User();
$tu->cleanDBonItemDelete($this->getType(), $this->fields['id']);
$pu = new Problem_User();
$pu->cleanDBonItemDelete($this->getType(), $this->fields['id']);
$kiu = new KnowbaseItem_User();
$kiu->cleanDBonItemDelete($this->getType(), $this->fields['id']);
$ru = new Reminder_User();
$ru->cleanDBonItemDelete($this->getType(), $this->fields['id']);
$ue = new UserEmail();
$ue->deleteByCriteria(array('users_id' => $this->fields['id']));
// Ticket rules use various _users_id_*
Rule::cleanForItemAction($this, '_users_id%');
Rule::cleanForItemCriteria($this, '_users_id%');
}
/** function buildTicket - Builds,and returns, the major structure of the ticket to be entered.
*
* @param $i mail ID
* @param $options array of possible options
*
* @return ticket fields array
*/
function buildTicket($i, $options = array())
{
global $CFG_GLPI;
$play_rules = isset($options['play_rules']) && $options['play_rules'];
$head = $this->getHeaders($i);
// Get Header Info Return Array Of Headers
// **Key Are (subject,to,toOth,toNameOth,from,fromName)
$tkt = array();
$tkt['_blacklisted'] = false;
// For RuleTickets
$tkt['_mailgate'] = $options['mailgates_id'];
// Use mail date if it's defined
if ($this->fields['use_mail_date']) {
$tkt['date'] = $head['date'];
}
// Detect if it is a mail reply
$glpi_message_match = "/GLPI-([0-9]+)\\.[0-9]+\\.[0-9]+@\\w*/";
// Check if email not send by GLPI : if yes -> blacklist
if (!isset($head['message_id']) || preg_match($glpi_message_match, $head['message_id'], $match)) {
$tkt['_blacklisted'] = true;
return $tkt;
}
// manage blacklist
$blacklisted_emails = Blacklist::getEmails();
// Add name of the mailcollector as blacklisted
$blacklisted_emails[] = $this->fields['name'];
if (Toolbox::inArrayCaseCompare($head['from'], $blacklisted_emails)) {
$tkt['_blacklisted'] = true;
return $tkt;
}
// max size = 0 : no import attachments
if ($this->fields['filesize_max'] > 0) {
if (is_writable(GLPI_TMP_DIR)) {
$tkt['_filename'] = $this->getAttached($i, GLPI_TMP_DIR . "/", $this->fields['filesize_max']);
$tkt['_tag'] = $this->tags;
} else {
//TRANS: %s is a directory
Toolbox::logInFile('mailgate', sprintf(__('%s is not writable'), GLPI_TMP_DIR . "/"));
}
}
// Who is the user ?
$tkt['_users_id_requester'] = User::getOrImportByEmail($head['from']);
$tkt["_users_id_requester_notif"]['use_notification'] = 1;
// Set alternative email if user not found / used if anonymous mail creation is enable
if (!$tkt['_users_id_requester']) {
$tkt["_users_id_requester_notif"]['alternative_email'] = $head['from'];
}
// Add to and cc as additional observer if user found
if (count($head['ccs'])) {
foreach ($head['ccs'] as $cc) {
if ($cc != $head['from'] && !Toolbox::inArrayCaseCompare($cc, $blacklisted_emails) && ($tmp = User::getOrImportByEmail($cc)) > 0) {
$tkt['_additional_observers'][] = array('users_id' => $tmp, 'use_notification' => 1);
}
}
}
if (count($head['tos'])) {
foreach ($head['tos'] as $to) {
if ($to != $head['from'] && !Toolbox::inArrayCaseCompare($to, $blacklisted_emails) && ($tmp = User::getOrImportByEmail($to)) > 0) {
$tkt['_additional_observers'][] = array('users_id' => $tmp, 'use_notification' => 1);
}
}
}
// Auto_import
$tkt['_auto_import'] = 1;
// For followup : do not check users_id = login user
$tkt['_do_not_check_users_id'] = 1;
$body = $this->getBody($i);
// Do it before using charset variable
$head['subject'] = $this->decodeMimeString($head['subject']);
$tkt['_head'] = $head;
if (!empty($this->charset) && !$this->body_converted) {
$body = Toolbox::encodeInUtf8($body, $this->charset);
$this->body_converted = true;
}
if (!Toolbox::seems_utf8($body)) {
$tkt['content'] = Toolbox::encodeInUtf8($body);
} else {
$tkt['content'] = $body;
}
// See In-Reply-To field
if (isset($head['in_reply_to'])) {
if (preg_match($glpi_message_match, $head['in_reply_to'], $match)) {
$tkt['tickets_id'] = intval($match[1]);
}
}
// See in References
if (!isset($tkt['tickets_id']) && isset($head['references'])) {
if (preg_match($glpi_message_match, $head['references'], $match)) {
$tkt['tickets_id'] = intval($match[1]);
}
}
// See in title
if (!isset($tkt['tickets_id']) && preg_match('/\\[.+#(\\d+)\\]/', $head['subject'], $match)) {
$tkt['tickets_id'] = intval($match[1]);
}
$is_html = false;
//If files are present and content is html
if (isset($this->files) && count($this->files) && $tkt['content'] != strip_tags($tkt['content']) && !isset($tkt['tickets_id'])) {
$is_html = true;
$tkt['content'] = Ticket::convertContentForTicket($tkt['content'], array_merge($this->files, $this->altfiles), $this->tags);
}
$tkt['content'] = $this->cleanMailContent($tkt['content']);
if ($is_html && !isset($tkt['tickets_id'])) {
$tkt['content'] = nl2br($tkt['content']);
}
$tkt['_supplier_email'] = false;
// Found ticket link
if (isset($tkt['tickets_id'])) {
// it's a reply to a previous ticket
$job = new Ticket();
$tu = new Ticket_User();
$st = new Supplier_Ticket();
// Check if ticket exists and users_id exists in GLPI
/// TODO check if users_id have right to add a followup to the ticket
if ($job->getFromDB($tkt['tickets_id']) && $job->fields['status'] != CommonITILObject::CLOSED && ($CFG_GLPI['use_anonymous_followups'] || $tkt['_users_id_requester'] > 0 || $tu->isAlternateEmailForITILObject($tkt['tickets_id'], $head['from']) || ($tkt['_supplier_email'] = $st->isSupplierEmail($tkt['tickets_id'], $head['from'])))) {
if ($tkt['_supplier_email']) {
$tkt['content'] = sprintf(__('From %s'), $head['from']) . "\n\n" . $tkt['content'];
}
$content = explode("\n", $tkt['content']);
$tkt['content'] = "";
$to_keep = array();
// Move requester to author of followup :
$tkt['users_id'] = $tkt['_users_id_requester'];
$begin_strip = -1;
$end_strip = -1;
$begin_match = "/" . NotificationTargetTicket::HEADERTAG . ".*" . NotificationTargetTicket::HEADERTAG . "/";
$end_match = "/" . NotificationTargetTicket::FOOTERTAG . ".*" . NotificationTargetTicket::FOOTERTAG . "/";
foreach ($content as $ID => $val) {
// Get first tag for begin
if ($begin_strip < 0) {
if (preg_match($begin_match, $val)) {
$begin_strip = $ID;
}
}
// Get last tag for end
if ($begin_strip >= 0) {
if (preg_match($end_match, $val)) {
$end_strip = $ID;
continue;
}
}
}
if ($begin_strip >= 0) {
// Clean first and last lines
$content[$begin_strip] = preg_replace($begin_match, '', $content[$begin_strip]);
}
if ($end_strip >= 0) {
// Clean first and last lines
$content[$end_strip] = preg_replace($end_match, '', $content[$end_strip]);
}
if ($begin_strip >= 0) {
$length = count($content);
// Use end strip if set
if ($end_strip >= 0 && $end_strip < $length) {
$length = $end_strip;
}
for ($i = $begin_strip + 1; $i < $length; $i++) {
unset($content[$i]);
}
}
$to_keep = array();
// Aditional clean for thunderbird
foreach ($content as $ID => $val) {
if (!isset($val[0]) || $val[0] != '>') {
$to_keep[$ID] = $ID;
}
}
$tkt['content'] = "";
foreach ($to_keep as $ID) {
$tkt['content'] .= $content[$ID] . "\n";
}
// Do not play rules for followups : WRONG : play rules only for refuse options
//$play_rules = false;
} else {
// => to handle link in Ticket->post_addItem()
$tkt['_linkedto'] = $tkt['tickets_id'];
unset($tkt['tickets_id']);
}
}
// Add message from getAttached
if ($this->addtobody) {
$tkt['content'] .= $this->addtobody;
}
$tkt['name'] = $this->textCleaner($head['subject']);
if (!isset($tkt['tickets_id'])) {
// Which entity ?
//$tkt['entities_id']=$this->fields['entities_id'];
//$tkt['Subject']= $head['subject']; // not use for the moment
// Medium
$tkt['urgency'] = "3";
// No hardware associated
$tkt['itemtype'] = "";
// Mail request type
} else {
// Reopen if needed
$tkt['add_reopen'] = 1;
}
$tkt['requesttypes_id'] = RequestType::getDefault('mail');
if ($play_rules) {
$rule_options['ticket'] = $tkt;
$rule_options['headers'] = $head;
$rule_options['mailcollector'] = $options['mailgates_id'];
$rule_options['_users_id_requester'] = $tkt['_users_id_requester'];
$rulecollection = new RuleMailCollectorCollection();
$output = $rulecollection->processAllRules(array(), array(), $rule_options);
// New ticket : compute all
if (!isset($tkt['tickets_id'])) {
foreach ($output as $key => $value) {
$tkt[$key] = $value;
}
} else {
// Followup only copy refuse data
$tobecopied = array('_refuse_email_no_response', '_refuse_email_with_response');
foreach ($tobecopied as $val) {
if (isset($output[$val])) {
$tkt[$val] = $output[$val];
}
}
}
}
$tkt = Toolbox::addslashes_deep($tkt);
return $tkt;
}
function post_addItem()
{
global $LANG, $CFG_GLPI;
// Add document if needed
$this->addFiles($this->fields['id']);
if (isset($this->input["_followup"]) && is_array($this->input["_followup"]) && strlen($this->input["_followup"]['content']) > 0) {
$fup = new TicketFollowup();
$type = "new";
if (isset($this->fields["status"]) && $this->fields["status"] == "solved") {
$type = "solved";
}
$toadd = array("type" => $type, "tickets_id" => $this->fields['id']);
if (isset($this->input["_followup"]['content']) && strlen($this->input["_followup"]['content']) > 0) {
$toadd["content"] = $this->input["_followup"]['content'];
}
if (isset($this->input["_followup"]['is_private'])) {
$toadd["is_private"] = $this->input["_followup"]['is_private'];
}
$toadd['_no_notif'] = true;
$fup->add($toadd);
}
if (isset($this->input["plan"]) || isset($this->input["_hour"]) && isset($this->input["_minute"]) && isset($this->input["realtime"]) && $this->input["realtime"] > 0) {
$task = new TicketTask();
$type = "new";
if (isset($this->fields["status"]) && $this->fields["status"] == "solved") {
$type = "solved";
}
$toadd = array("type" => $type, "tickets_id" => $this->fields['id']);
if (isset($this->input["_hour"])) {
$toadd["hour"] = $this->input["_hour"];
}
if (isset($this->input["_minute"])) {
$toadd["minute"] = $this->input["_minute"];
}
if (isset($this->input["plan"])) {
$toadd["plan"] = $this->input["plan"];
}
$toadd['_no_notif'] = true;
$task->add($toadd);
}
$ticket_ticket = new Ticket_Ticket();
// From interface
if (isset($this->input['_link'])) {
$this->input['_link']['tickets_id_1'] = $this->fields['id'];
if ($ticket_ticket->can(-1, 'w', $this->input['_link'])) {
$ticket_ticket->add($this->input['_link']);
}
}
// From mailcollector : do not check rights
if (isset($this->input["_linkedto"])) {
$input2['tickets_id_1'] = $this->fields['id'];
$input2['tickets_id_2'] = $this->input["_linkedto"];
$input2['link'] = Ticket_Ticket::LINK_TO;
$ticket_ticket->add($input2);
}
// Manage SLA Level : add actions
if (isset($this->input["slas_id"]) && $this->input["slas_id"] > 0 && isset($this->input["slalevels_id"]) && $this->input["slalevels_id"] > 0) {
$sla = new SLA();
if ($sla->getFromDB($this->input["slas_id"])) {
// Add first level in working table
if ($this->input["slalevels_id"] > 0) {
$sla->addLevelToDo($this);
}
}
}
// Add user groups linked to tickets
$ticket_user = new Ticket_User();
$group_ticket = new Group_Ticket();
if (isset($this->input["_users_id_requester"]) && ($this->input["_users_id_requester"] > 0 || isset($this->input["_users_id_requester_notif"]['alternative_email']) && !empty($this->input["_users_id_requester_notif"]['alternative_email']))) {
$input2 = array('tickets_id' => $this->fields['id'], 'users_id' => $this->input["_users_id_requester"], 'type' => self::REQUESTER);
if (isset($this->input["_users_id_requester_notif"])) {
foreach ($this->input["_users_id_requester_notif"] as $key => $val) {
$input2[$key] = $val;
}
}
$ticket_user->add($input2);
}
if (isset($this->input["_users_id_observer"]) && ($this->input["_users_id_observer"] > 0 || isset($this->input["_users_id_observer_notif"]['alternative_email']) && !empty($this->input["_users_id_observer_notif"]['alternative_email']))) {
$input2 = array('tickets_id' => $this->fields['id'], 'users_id' => $this->input["_users_id_observer"], 'type' => self::OBSERVER);
if (isset($this->input["_users_id_observer_notif"])) {
foreach ($this->input["_users_id_observer_notif"] as $key => $val) {
$input2[$key] = $val;
}
}
$ticket_user->add($input2);
}
if (isset($this->input["_users_id_assign"]) && $this->input["_users_id_assign"] > 0) {
$input2 = array('tickets_id' => $this->fields['id'], 'users_id' => $this->input["_users_id_assign"], 'type' => self::ASSIGN);
if (isset($this->input["_users_id_assign_notif"])) {
foreach ($this->input["_users_id_assign_notif"] as $key => $val) {
$input2[$key] = $val;
}
}
$ticket_user->add($input2);
}
if (isset($this->input["_groups_id_requester"]) && $this->input["_groups_id_requester"] > 0) {
$group_ticket->add(array('tickets_id' => $this->fields['id'], 'groups_id' => $this->input["_groups_id_requester"], 'type' => self::REQUESTER));
}
if (isset($this->input["_groups_id_assign"]) && $this->input["_groups_id_assign"] > 0) {
$group_ticket->add(array('tickets_id' => $this->fields['id'], 'groups_id' => $this->input["_groups_id_assign"], 'type' => self::ASSIGN));
}
if (isset($this->input["_groups_id_observer"]) && $this->input["_groups_id_observer"] > 0) {
$group_ticket->add(array('tickets_id' => $this->fields['id'], 'groups_id' => $this->input["_groups_id_observer"], 'type' => self::OBSERVER));
}
// Additional actors : using default notification parameters
// Observers : for mailcollector
if (isset($this->input["_additional_observers"]) && is_array($this->input["_additional_observers"]) && count($this->input["_additional_observers"])) {
$input2 = array('tickets_id' => $this->fields['id'], 'type' => self::OBSERVER);
foreach ($this->input["_additional_observers"] as $tmp) {
if (isset($tmp['users_id'])) {
foreach ($tmp as $key => $val) {
$input2[$key] = $val;
}
$ticket_user->add($input2);
}
}
}
if (isset($this->input["_additional_assigns"]) && is_array($this->input["_additional_assigns"]) && count($this->input["_additional_assigns"])) {
$input2 = array('tickets_id' => $this->fields['id'], 'type' => self::ASSIGN);
foreach ($this->input["_additional_assigns"] as $tmp) {
if (isset($tmp['users_id'])) {
foreach ($tmp as $key => $val) {
$input2[$key] = $val;
}
$ticket_user->add($input2);
}
}
}
if (isset($this->input["_additional_requesters"]) && is_array($this->input["_additional_requesters"]) && count($this->input["_additional_requesters"])) {
$input2 = array('tickets_id' => $this->fields['id'], 'type' => self::REQUESTER);
foreach ($this->input["_additional_requesters"] as $tmp) {
if (isset($tmp['users_id'])) {
foreach ($tmp as $key => $val) {
$input2[$key] = $val;
}
$ticket_user->add($input2);
}
}
}
//Action for send_validation rule
if (isset($this->input["_add_validation"]) && $this->input["_add_validation"] > 0) {
$validation = new Ticketvalidation();
$values['tickets_id'] = $this->fields['id'];
$values['users_id_validate'] = $this->input["_add_validation"];
if ($validation->can(-1, 'w', $values)) {
$validation->add($values);
Event::log($this->fields['id'], "ticket", 4, "tracking", $_SESSION["glpiname"] . " " . $LANG['log'][21]);
}
}
// Processing Email
if ($CFG_GLPI["use_mailing"]) {
// Clean reload of the ticket
$this->getFromDB($this->fields['id']);
$type = "new";
if (isset($this->fields["status"]) && $this->fields["status"] == "solved") {
$type = "solved";
}
NotificationEvent::raiseEvent($type, $this);
}
if (isset($_SESSION['glpiis_ids_visible']) && !$_SESSION['glpiis_ids_visible']) {
addMessageAfterRedirect($LANG['help'][18] . " (" . $LANG['job'][38] . " " . "<a href='" . $CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $this->fields['id'] . "'>" . $this->fields['id'] . "</a>)");
}
}
if (isset($_POST['slt_delete'])) {
$track->check($_POST["id"], UPDATE);
$track->deleteSLT($_POST["id"], $_POST['type'], $_POST['delete_date']);
Event::log($_POST["id"], "ticket", 4, "tracking", sprintf(__('%s updates an item'), $_SESSION["glpiname"]));
Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $_POST["id"]);
} else {
if (isset($_POST['addme_observer'])) {
$ticket_user = new Ticket_User();
$track->check($_POST['tickets_id'], READ);
$input = array('tickets_id' => $_POST['tickets_id'], 'users_id' => Session::getLoginUserID(), 'use_notification' => 1, 'type' => CommonITILActor::OBSERVER);
$ticket_user->add($input);
Event::log($_POST['tickets_id'], "ticket", 4, "tracking", sprintf(__('%s adds an actor'), $_SESSION["glpiname"]));
Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $_POST['tickets_id']);
} else {
if (isset($_POST['addme_assign'])) {
$ticket_user = new Ticket_User();
$track->check($_POST['tickets_id'], READ);
$input = array('tickets_id' => $_POST['tickets_id'], 'users_id' => Session::getLoginUserID(), 'use_notification' => 1, 'type' => CommonITILActor::ASSIGN);
$ticket_user->add($input);
Event::log($_POST['tickets_id'], "ticket", 4, "tracking", sprintf(__('%s adds an actor'), $_SESSION["glpiname"]));
Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $_POST['tickets_id']);
} else {
if (isset($_REQUEST['delete_document'])) {
$document_item = new Document_Item();
$found_document_items = $document_item->find("itemtype = 'Ticket' " . " AND items_id = " . intval($_REQUEST['tickets_id']) . " AND documents_id = " . intval($_REQUEST['documents_id']));
foreach ($found_document_items as $item) {
$document_item->delete($item, true);
}
Html::back();
}
}
/**
* Handles an incomming email
* Read the content of one email by using imap's functionality. If a ticket id is found inside the message_id or else in the subject line, then a reply will be added
* (if the email is not being sent from the authors email address it won't be added though and a warning will be sent to both parties). If no ticket id is found, then a new
* ticket will be created.
* @param $mbox a mailbox object
* @param $i the email's id in the mailbox (integer)
* @param $group the group object that owns the inbox.
* @return a string based on the found ticket i and timestamp (will be used to store a copy of the email locally)
*/
function incoming_mail_handler($mbox, $i, $group)
{
global $MAIL_LOG_PATH;
$header = imap_header($mbox, $i);
$subject = self::decode_utf8($header->subject);
$entire_email = imap_fetchheader($mbox, $i) . imap_body($mbox, $i);
$subject = self::decode_utf8($header->subject);
$to = $header->to[0]->mailbox;
$from = $header->from[0]->mailbox . '@' . $header->from[0]->host;
$fromEmail = $header->from[0]->mailbox . '@' . $header->from[0]->host;
$txt = self::get_part($mbox, $i, "TEXT/PLAIN");
//$html = self::get_part($mbox, $i, "TEXT/HTML");
//get the id out of the email address of the person sending the email.
if ($from !== NULL && !is_numeric($from)) {
$from = Ticket_User::get_id_from_email($from);
}
//get ticket_id out of the message-id or else out of the subject line
$ticket_id = 0;
if (isset($header->references)) {
$pieces = explode(".", $header->references);
if ($pieces[0] == "<ams") {
$ticket_id = $pieces[2];
} else {
$ticket_id = self::get_ticket_id_from_subject($subject);
}
} else {
$ticket_id = self::get_ticket_id_from_subject($subject);
}
//if ticket id is found, that means it is a reply on an existing ticket
if ($ticket_id && is_numeric($ticket_id) && $ticket_id > 0) {
$ticket = new Ticket();
$ticket->load_With_TId($ticket_id);
//if email is sent from an existing email address in the db (else it will give an error while loading the user object)
if ($from != "FALSE") {
$user = new Ticket_User();
$user->load_With_TUserId($from);
//if user has access to it!
if ((Ticket_User::isMod($user) or $ticket->getAuthor() == $user->getTUserId()) and $txt != "") {
Ticket::createReply($txt, $user->getTUserId(), $ticket->getTId(), 0);
error_log("Email found that is a reply to a ticket at:" . $group->getGroupEmail() . "\n", 3, $MAIL_LOG_PATH);
} else {
//if user has no access to it
//Warn real ticket owner + person that send the mail
Mail_Handler::send_ticketing_mail($ticket->getAuthor(), $ticket, NULL, "WARNAUTHOR", $from);
Mail_Handler::send_ticketing_mail($from, $ticket, NULL, "WARNSENDER", NULL);
error_log("Email found that was a reply to a ticket, though send by another user to " . $group->getGroupEmail() . "\n", 3, $MAIL_LOG_PATH);
}
} else {
//if a reply to a ticket is being sent by a non-user!
//Warn real ticket owner + person that send the mail
Mail_Handler::send_ticketing_mail($ticket->getAuthor(), $ticket, NULL, "WARNAUTHOR", $fromEmail);
Mail_Handler::send_ticketing_mail($fromEmail, $ticket, NULL, "WARNUNKNOWNSENDER", NULL);
error_log("Email found that was a reply to a ticket, though send by an unknown email address to " . $group->getGroupEmail() . "\n", 3, $MAIL_LOG_PATH);
}
return $ticket_id . "." . time();
} else {
if ($from != "FALSE") {
//if ticket_id isn't found, create a new ticket!
//if an existing email address mailed the ticket
//if not default group, then forward it by giving the $group->getSGroupId's param
$newTicketId = Ticket::create_Ticket($subject, $txt, 1, $from, $from, $group->getSGroupId());
error_log("Email regarding new ticket found at:" . $group->getGroupEmail() . "\n", 3, $MAIL_LOG_PATH);
return $newTicketId . "." . time();
} else {
//if it's a email that has nothing to do with ticketing, return 0;
error_log("Email found that isn't a reply or new ticket, at:" . $group->getGroupEmail() . "\n", 3, $MAIL_LOG_PATH);
return 0;
}
}
}
/**
* This function is beign used to change the users password.
* It will first check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* If the executing user tries to change someone elses password, he doesn't has to fill in the previous password. The password will be validated first. If the checking was successful the password will be updated and the settings template will be reloaded. Errors made by invalid data will be shown
* also after reloading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_password()
{
try {
//if logged in
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
$adminChangesOther = false;
//if target_id is the same as session id or is admin
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the password is of the executing user himself
$target_username = $_SESSION['user'];
} else {
//if the password is of someone else.
$webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername();
//isAdmin is true when it's the admin, but the target_id != own id
$adminChangesOther = true;
$_POST["CurrentPass"] = "******";
}
$webUser = new WebUsers($_POST['target_id']);
$params = array('user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther);
$result = $webUser->check_change_password($params);
if ($result == "success") {
//edit stuff into db
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$succresult = settings();
$status = WebUsers::setPassword($target_username, $_POST["NewPass"]);
if ($status == 'ok') {
$succresult['SUCCESS_PASS'] = "******";
} else {
if ($status == 'shardoffline') {
$succresult['SUCCESS_PASS'] = "******";
}
}
$succresult['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$succresult['no_visible_elements'] = 'FALSE';
$succresult['username'] = $_SESSION['user'];
$succresult['target_id'] = $_POST['target_id'];
helpers::loadtemplate('settings', $succresult);
throw new SystemExit();
} else {
$result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING);
$result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING);
$result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING);
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
$result['target_id'] = $_POST['target_id'];
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$settings = settings();
$result = array_merge($result, $settings);
helpers::loadtemplate('settings', $result);
throw new SystemExit();
}
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
