/**
* This function is beign used to load info that's needed for the settings page.
* check if the person who wants to view this page is a mod/admin or the user to whom te settings belong himself, if this is not the case, he will be redirected to an error page.
* it will return a lot of information of that user, that's being used for loading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function settings()
{
if (WebUsers::isLoggedIn()) {
//in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
if (isset($_GET['id'])) {
if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
} else {
$webUser = new Webusers($_GET['id']);
$result = $webUser->getInfo();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
$result['changesOther'] = "TRUE";
}
$result['target_id'] = $_GET['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
} else {
$webUser = new Webusers($_SESSION['id']);
$result = $webUser->getInfo();
$result['target_id'] = $_SESSION['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
//Sanitize Data
$result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
$result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
$result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
$result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
$result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
$result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
$result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
$result['country_array'] = getCountryArray();
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
$dbl = new DBLayer("lib");
$statement = $dbl->executeWithoutParams("SELECT * FROM settings");
$rows = $statement->fetchAll();
foreach ($rows as &$value) {
$result[$value['Setting']] = $value['Value'];
}
return $result;
} else {
//ERROR: not logged in!
header("Location: index.php");
header("Cache-Control: max-age=1");
throw new SystemExit();
}
}
function settings()
{
if (WebUsers::isLoggedIn()) {
//in case id-GET param set it's value as target_id, if no id-param is given, ue the session id.
if (isset($_GET['id'])) {
if ($_GET['id'] != $_SESSION['id'] && !Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Location: index.php?page=error");
exit;
} else {
$webUser = new Webusers($_GET['id']);
//$result = $webUser->getInfo();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_GET['id'] != $_SESSION['id']) {
$result['changesOther'] = "TRUE";
}
$result['target_id'] = $_GET['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
} else {
$webUser = new Webusers($_SESSION['id']);
//$result = $webUser->getInfo();
$result['target_id'] = $_SESSION['id'];
$result['current_mail'] = $webUser->getEmail();
$result['target_username'] = $webUser->getUsername();
}
//Sanitize Data
$result['current_mail'] = filter_var($result['current_mail'], FILTER_SANITIZE_EMAIL);
$result['target_username'] = filter_var($result['target_username'], FILTER_SANITIZE_STRING);
//$result['FirstName'] = filter_var($result['FirstName'], FILTER_SANITIZE_STRING);
//$result['LastName'] = filter_var($result['LastName'], FILTER_SANITIZE_STRING);
//$result['Country'] = filter_var($result['Country'], FILTER_SANITIZE_STRING);
//$result['Gender'] = filter_var($result['Gender'], FILTER_SANITIZE_NUMBER_INT);
//$result['ReceiveMail'] = filter_var($result['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
//$result['country_array'] = getCountryArray();
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: not logged in!
header("Location: index.php");
exit;
}
}
// Load AMS Library
if ($continue) {
try {
require_once $AMS_LIB . '/libinclude.php';
} catch (Exception $e) {
printalert("danger", "Failed to include AMS <em>libinclude.php</em>");
$continue = false;
}
}
// Create AMS Admin user
if ($continue) {
$hashpass = crypt($_POST["amsAdminPassword"], Users::generateSALT());
$params = array('Login' => $_POST["amsAdminUsername"], 'Password' => $hashpass, 'Email' => "localhost@localhost");
try {
$user_id = WebUsers::createWebuser($params['Login'], $params['Password'], $params['Email']);
$result = Webusers::createUser($params, $user_id);
Users::createPermissions(array($params['Login']));
$dbl = new DBLayer("lib");
$dbl->execute("UPDATE ticket_user SET Permission = 3 WHERE TUserId = :user_id", array('user_id' => $user_id));
printalert("success", "AMS Admin account <em>" . htmlentities($_POST["amsAdminUsername"]) . "</em> created");
} catch (PDOException $e) {
printalert("danger", "Failed to create AMS Admin account");
$continue = false;
}
}
}
if ($roleDomain) {
// TODO: Register the domain with the nel database etc
}
if ($continue && $roleService) {
if (file_put_contents("role_service", "1")) {
/**
* This function is beign used to load info that's needed for the show_queue page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* if an action is set (this is done by $_GET['action']) it will try to execute it first, actions are: assign a ticket, unassign a ticket an create a queue.
* There are a few predefined queues which is the 'all tickets' queue, 'archive' queue, 'todo' queue, .. these are passed by $_GET['get'].
* if $_GET['get'] = create; then it's a custom made queue, this will call the createQueue function which builds the query that we will later use to get the tickets.
* The tickets fetched will be returned and used in the template. Now why use POST and GET params here and have a createQueue function twice? Well the first time someone creates
* a queue the POST variables will be used, however after going to the next page it will use the GET params.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_queue()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in & queue id is given
if (WebUsers::isLoggedIn() && isset($_GET['get'])) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//the queue you want to see.
$result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING);
$user_id = unserialize($_SESSION['ticket_user'])->getTUserId();
$queueArray = array();
$queue_handler = new Ticket_Queue_handler();
//Pagination Base Links
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
//form url to keep the getters constant
if (Helpers::check_if_game_client()) {
$result['getURL'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['getURL'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
if (isset($_GET['pagenum'])) {
$result['getURL'] = $result['getURL'] . "&pagenum=" . $_GET['pagenum'];
}
if (isset($_GET['get']) && $_GET['get'] == "create" && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])) {
$userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT);
$groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT);
$what = filter_var($_GET['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_GET['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_GET['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
//if an action is set
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case "assignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id);
break;
case "unAssignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id);
break;
case "create_queue":
$userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT);
if (isset($_POST['groupid'])) {
$groupid = filter_var($_POST['groupid'], FILTER_SANITIZE_NUMBER_INT);
} else {
$groupid = 0;
}
$what = filter_var($_POST['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_POST['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_POST['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
break;
}
}
$queueArray = $queue_handler->getTickets($result['queue_view'], $user_id);
//pagination
$result['links'] = $queue_handler->getPagination()->getLinks(5);
$result['lastPage'] = $queue_handler->getPagination()->getLast();
$result['currentPage'] = $queue_handler->getPagination()->getCurrent();
//if queue_view is a valid parameter value
if ($queueArray != "ERROR") {
$result['tickets'] = Gui_Elements::make_table($queueArray, array("getTId", "getTitle", "getTimestamp", "getAuthor()->getExternId", "getTicket_Category()->getName", "getStatus", "getStatusText", "getAssigned", "getForwardedGroupName", "getForwardedGroupId"), array("tId", "title", "timestamp", "authorExtern", "category", "status", "statusText", "assigned", "forwardedGroupName", "forwardedGroupId"));
$i = 0;
foreach ($result['tickets'] as $ticket) {
$web_author = new WebUsers($ticket['authorExtern']);
$result['tickets'][$i]['author'] = $web_author->getUsername();
$web_assigned = new WebUsers($ticket['assigned']);
$result['tickets'][$i]['assignedText'] = $web_assigned->getUsername();
$result['tickets'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($ticket['timestamp']);
$i++;
}
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
//Queue creator field info
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName"), array("sGroupId", "name"));
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
$i = 0;
foreach ($result['teamlist'] as $member) {
$web_teammember = new Webusers($member['externId']);
$result['teamlist'][$i]['name'] = $web_teammember->getUsername();
$i++;
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: Doesn't exist!
$_SESSION['error_code'] = "404";
header("Cache-Control: max-age=1");
header("Location: ams?page=error");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_sgroup page.
* check if the person browsing this page is a mod/admin, if not he'll be redirected to an error page.
* if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
* A list of users that are member of the group will be returned, which can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if (isset($_GET['id'])) {
//['target_id'] holds the id of the group!
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
//if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
if (isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
$result['delete'] = Support_Group::deleteUserOfSupportGroup($delete_id, $result['target_id']);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
} else {
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
}
throw new SystemExit();
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$group = Support_Group::getGroup($result['target_id']);
$result['groupsname'] = $group->getName();
$result['groupemail'] = $group->getGroupEmail();
$result['imap_mailserver'] = $group->getIMAP_MailServer();
$result['imap_username'] = $group->getIMAP_Username();
$result['userlist'] = Gui_Elements::make_table(Support_Group::getAllUsersOfSupportGroup($result['target_id']), array("getTUserId", "getPermission", "getExternId"), array("tUserId", "permission", "externId"));
$i = 0;
foreach ($result['userlist'] as $user) {
$webuser = new Webusers($user['externId']);
$result['userlist'][$i]['name'] = $webuser->getUsername();
$i++;
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
$i = 0;
foreach ($result['teamlist'] as $member) {
$web_teammember = new Webusers($member['externId']);
if (!In_Support_Group::userExistsInSGroup($member['externId'], $result['target_id'])) {
$result['users'][$i]['name'] = $web_teammember->getUsername();
}
$i++;
}
return $result;
} else {
//ERROR: No page specified!
$_SESSION['error_code'] = "404";
header("Cache-Control: max-age=1");
header("Location: ams?page=error");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}