Example #1
0
/**
* This function is beign used to load info that's needed for the settings page.
* check if the person who wants to view this page is a mod/admin or the user to whom te settings belong himself, if this is not the case, he will be redirected to an error page.
* it will return a lot of information of that user, that's being used for loading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function settings()
{
    if (WebUsers::isLoggedIn()) {
        //in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
        if (isset($_GET['id'])) {
            if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
                //ERROR: No access!
                $_SESSION['error_code'] = "403";
                header("Cache-Control: max-age=1");
                header("Location: index.php?page=error");
                throw new SystemExit();
            } else {
                $webUser = new Webusers($_GET['id']);
                $result = $webUser->getInfo();
                if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
                    $result['changesOther'] = "TRUE";
                }
                $result['target_id'] = $_GET['id'];
                $result['current_mail'] = $webUser->getEmail();
                $result['target_username'] = $webUser->getUsername();
            }
        } else {
            $webUser = new Webusers($_SESSION['id']);
            $result = $webUser->getInfo();
            $result['target_id'] = $_SESSION['id'];
            $result['current_mail'] = $webUser->getEmail();
            $result['target_username'] = $webUser->getUsername();
        }
        //Sanitize Data
        $result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
        $result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
        $result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
        $result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
        $result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
        $result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
        $result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
        $result['country_array'] = getCountryArray();
        global $INGAME_WEBPATH;
        $result['ingame_webpath'] = $INGAME_WEBPATH;
        $dbl = new DBLayer("lib");
        $statement = $dbl->executeWithoutParams("SELECT * FROM settings");
        $rows = $statement->fetchAll();
        foreach ($rows as &$value) {
            $result[$value['Setting']] = $value['Value'];
        }
        return $result;
    } else {
        //ERROR: not logged in!
        header("Location: index.php");
        header("Cache-Control: max-age=1");
        throw new SystemExit();
    }
}
Example #2
0
function settings()
{
    if (WebUsers::isLoggedIn()) {
        //in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
        if (isset($_GET['id'])) {
            if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
                //ERROR: No access!
                $_SESSION['error_code'] = "403";
                header("Location: index.php?page=error");
                exit;
            } else {
                $webUser = new Webusers($_GET['id']);
                //$result = $webUser->getInfo();
                if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
                    $result['changesOther'] = "TRUE";
                }
                $result['target_id'] = $_GET['id'];
                $result['current_mail'] = $webUser->getEmail();
                $result['target_username'] = $webUser->getUsername();
            }
        } else {
            $webUser = new Webusers($_SESSION['id']);
            //$result = $webUser->getInfo();
            $result['target_id'] = $_SESSION['id'];
            $result['current_mail'] = $webUser->getEmail();
            $result['target_username'] = $webUser->getUsername();
        }
        //Sanitize Data
        $result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
        $result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
        //$result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
        //$result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
        //$result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
        //$result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
        //$result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
        //$result['country_array'] = getCountryArray();
        global $INGAME_WEBPATH;
        $result['ingame_webpath'] = $INGAME_WEBPATH;
        return $result;
    } else {
        //ERROR: not logged in!
        header("Location: index.php");
        exit;
    }
}
Example #3
0
     // Load AMS Library
     if ($continue) {
         try {
             require_once $AMS_LIB . '/libinclude.php';
         } catch (Exception $e) {
             printalert("danger", "Failed to include AMS <em>libinclude.php</em>");
             $continue = false;
         }
     }
     // Create AMS Admin user
     if ($continue) {
         $hashpass = crypt($_POST["amsAdminPassword"], Users::generateSALT());
         $params = array('Login' => $_POST["amsAdminUsername"], 'Password' => $hashpass, 'Email' => "localhost@localhost");
         try {
             $user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']);
             $result = Webusers::createUser($params, $user_id);
             Users::createPermissions(array($params['Login']));
             $dbl = new DBLayer("lib");
             $dbl->execute("UPDATE ticket_user SET Permission = 3 WHERE TUserId = :user_id", array('user_id' => $user_id));
             printalert("success", "AMS Admin account <em>" . htmlentities($_POST["amsAdminUsername"]) . "</em> created");
         } catch (PDOException $e) {
             printalert("danger", "Failed to create AMS Admin account");
             $continue = false;
         }
     }
 }
 if ($roleDomain) {
     // TODO: Register the domain with the nel database etc
 }
 if ($continue && $roleService) {
     if (file_put_contents("role_service", "1")) {
Example #4
0
/**
* This function is beign used to load info that's needed for the show_queue page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* if an action is set (this is done by $_GET['action']) it will try to execute it first, actions are: assign a ticket, unassign a ticket an create a queue.
* There are a few predefined queues which is the 'all tickets' queue, 'archive' queue, 'todo' queue, .. these are passed by $_GET['get'].
* if  $_GET['get'] = create; then it's a custom made queue, this will call the createQueue function which builds the query that we will later use to get the tickets.
* The tickets fetched will be returned and used in the template. Now why use POST and GET params here and have a createQueue function twice? Well the first time someone creates
* a queue the POST variables will be used, however after going to the next page it will use the GET params.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_queue()
{
    global $INGAME_WEBPATH;
    global $WEBPATH;
    //if logged in  & queue id is given
    if (WebUsers::isLoggedIn() && isset($_GET['get'])) {
        if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
            //the  queue you want to see.
            $result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING);
            $user_id = unserialize($_SESSION['ticket_user'])->getTUserId();
            $queueArray = array();
            $queue_handler = new Ticket_Queue_handler();
            //Pagination Base Links
            if (Helpers::check_if_game_client()) {
                $result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
            } else {
                $result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
            }
            //form url to keep the getters constant
            if (Helpers::check_if_game_client()) {
                $result['getURL'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
            } else {
                $result['getURL'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
            }
            if (isset($_GET['pagenum'])) {
                $result['getURL'] = $result['getURL'] . "&pagenum=" . $_GET['pagenum'];
            }
            if (isset($_GET['get']) && $_GET['get'] == "create" && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])) {
                $userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT);
                $groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT);
                $what = filter_var($_GET['what'], FILTER_SANITIZE_STRING);
                $how = filter_var($_GET['how'], FILTER_SANITIZE_STRING);
                $who = filter_var($_GET['who'], FILTER_SANITIZE_STRING);
                //create the custom queue
                $queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
                if (Helpers::check_if_game_client()) {
                    $result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
                } else {
                    $result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
                }
                $result['prev_created_userid'] = $userid;
                $result['prev_created_groupid'] = $groupid;
                $result['prev_created_what'] = $what;
                $result['prev_created_how'] = $how;
                $result['prev_created_who'] = $who;
                $result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
            }
            //if an action is set
            if (isset($_POST['action'])) {
                switch ($_POST['action']) {
                    case "assignTicket":
                        $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
                        $result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id);
                        break;
                    case "unAssignTicket":
                        $ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
                        $result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id);
                        break;
                    case "create_queue":
                        $userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT);
                        if (isset($_POST['groupid'])) {
                            $groupid = filter_var($_POST['groupid'], FILTER_SANITIZE_NUMBER_INT);
                        } else {
                            $groupid = 0;
                        }
                        $what = filter_var($_POST['what'], FILTER_SANITIZE_STRING);
                        $how = filter_var($_POST['how'], FILTER_SANITIZE_STRING);
                        $who = filter_var($_POST['who'], FILTER_SANITIZE_STRING);
                        //create the custom queue
                        $queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
                        if (Helpers::check_if_game_client()) {
                            $result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
                        } else {
                            $result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
                        }
                        $result['prev_created_userid'] = $userid;
                        $result['prev_created_groupid'] = $groupid;
                        $result['prev_created_what'] = $what;
                        $result['prev_created_how'] = $how;
                        $result['prev_created_who'] = $who;
                        $result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
                        break;
                }
            }
            $queueArray = $queue_handler->getTickets($result['queue_view'], $user_id);
            //pagination
            $result['links'] = $queue_handler->getPagination()->getLinks(5);
            $result['lastPage'] = $queue_handler->getPagination()->getLast();
            $result['currentPage'] = $queue_handler->getPagination()->getCurrent();
            //if queue_view is a valid parameter value
            if ($queueArray != "ERROR") {
                $result['tickets'] = Gui_Elements::make_table($queueArray, array("getTId", "getTitle", "getTimestamp", "getAuthor()->getExternId", "getTicket_Category()->getName", "getStatus", "getStatusText", "getAssigned", "getForwardedGroupName", "getForwardedGroupId"), array("tId", "title", "timestamp", "authorExtern", "category", "status", "statusText", "assigned", "forwardedGroupName", "forwardedGroupId"));
                $i = 0;
                foreach ($result['tickets'] as $ticket) {
                    $web_author = new WebUsers($ticket['authorExtern']);
                    $result['tickets'][$i]['author'] = $web_author->getUsername();
                    $web_assigned = new WebUsers($ticket['assigned']);
                    $result['tickets'][$i]['assignedText'] = $web_assigned->getUsername();
                    $result['tickets'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($ticket['timestamp']);
                    $i++;
                }
                $result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
                //Queue creator field info
                $result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName"), array("sGroupId", "name"));
                $result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
                $i = 0;
                foreach ($result['teamlist'] as $member) {
                    $web_teammember = new Webusers($member['externId']);
                    $result['teamlist'][$i]['name'] = $web_teammember->getUsername();
                    $i++;
                }
                global $INGAME_WEBPATH;
                $result['ingame_webpath'] = $INGAME_WEBPATH;
                return $result;
            } else {
                //ERROR: Doesn't exist!
                $_SESSION['error_code'] = "404";
                header("Cache-Control: max-age=1");
                header("Location: ams?page=error");
                throw new SystemExit();
            }
        } else {
            //ERROR: No access!
            $_SESSION['error_code'] = "403";
            header("Cache-Control: max-age=1");
            header("Location: index.php?page=error");
            throw new SystemExit();
        }
    } else {
        //ERROR: not logged in!
        header("Cache-Control: max-age=1");
        header("Location: index.php");
        throw new SystemExit();
    }
}
Example #5
0
/**
* This function is beign used to load info that's needed for the show_sgroup page.
* check if the person browsing this page is a mod/admin, if not he'll be redirected to an error page.
* if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
* A list of users that are member of the group will be returned, which can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_sgroup()
{
    global $INGAME_WEBPATH;
    global $WEBPATH;
    //if logged in
    if (WebUsers::isLoggedIn()) {
        if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
            if (isset($_GET['id'])) {
                //['target_id'] holds the id of the group!
                $result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
                //if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
                if (isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
                    $delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
                    $result['delete'] = Support_Group::deleteUserOfSupportGroup($delete_id, $result['target_id']);
                    header("Cache-Control: max-age=1");
                    if (Helpers::check_if_game_client()) {
                        header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
                    } else {
                        header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
                    }
                    throw new SystemExit();
                }
                if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
                    $result['isAdmin'] = "TRUE";
                }
                $group = Support_Group::getGroup($result['target_id']);
                $result['groupsname'] = $group->getName();
                $result['groupemail'] = $group->getGroupEmail();
                $result['imap_mailserver'] = $group->getIMAP_MailServer();
                $result['imap_username'] = $group->getIMAP_Username();
                $result['userlist'] = Gui_Elements::make_table(Support_Group::getAllUsersOfSupportGroup($result['target_id']), array("getTUserId", "getPermission", "getExternId"), array("tUserId", "permission", "externId"));
                $i = 0;
                foreach ($result['userlist'] as $user) {
                    $webuser = new Webusers($user['externId']);
                    $result['userlist'][$i]['name'] = $webuser->getUsername();
                    $i++;
                }
                global $INGAME_WEBPATH;
                $result['ingame_webpath'] = $INGAME_WEBPATH;
                $result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
                $i = 0;
                foreach ($result['teamlist'] as $member) {
                    $web_teammember = new Webusers($member['externId']);
                    if (!In_Support_Group::userExistsInSGroup($member['externId'], $result['target_id'])) {
                        $result['users'][$i]['name'] = $web_teammember->getUsername();
                    }
                    $i++;
                }
                return $result;
            } else {
                //ERROR: No page specified!
                $_SESSION['error_code'] = "404";
                header("Cache-Control: max-age=1");
                header("Location: ams?page=error");
                throw new SystemExit();
            }
        } else {
            //ERROR: No access!
            $_SESSION['error_code'] = "403";
            header("Cache-Control: max-age=1");
            header("Location: index.php?page=error");
            throw new SystemExit();
        }
    } else {
        //ERROR: not logged in!
        header("Cache-Control: max-age=1");
        header("Location: index.php");
        throw new SystemExit();
    }
}