$_cat_parent = "";
$c["mark"] = $_mark = checkRequest("mark");
if ($_mark) {
$c['current_mark'] = getMark($_mark);
}
$c["group"] = $_group = checkRequest("group");
if ($_group) {
$c['current_group'] = getGroup($_group);
}
$_group_parent = "";
$c["model"] = $_model = checkRequest("model");
if ($_model) {
$c['current_model'] = getModel($_model);
}
$c["modification"] = $_modification = checkRequest("modification");
if (checkRequest("update_catalog") == true) {
$xml = simplexml_load_file($_SERVER["DOCUMENT_ROOT"] . "/tools/autoru_catalog/catalog.xml");
$all_categories = $xml->categories->rec;
$all_marks = $xml->marks->rec;
$all_groups = $xml->groups->rec;
$all_models = $xml->models->rec;
$all_modifications = $xml->modifications->rec;
$all_tech_names = $xml->tech_names->rec;
$all_tech_values = $xml->tech_values->rec;
foreach ($all_categories as $category) {
$id = (int) $category->id;
$name = mysql_real_escape_string(urldecode($category->name));
$parent = (int) $category->parent_id;
$categories_sql_arr[$id] = trim("('{$id}', '{$name}', '{$parent}')");
}
foreach ($all_marks as $mark) {
if (empty($emailDest)) {
return 'No email sent.';
}
return False;
}
if (php_sapi_name() === 'cli') {
return;
}
global $config;
if ($error = checkConfiguration()) {
echo $error;
exit;
}
$idData = $_REQUEST["data"];
$emailDest = $_REQUEST["email"];
if ($error = checkRequest($idData, $emailDest)) {
echo $error;
exit;
}
$book = Book::getBookByDataId($idData);
$data = $book->getDataById($idData);
if (filesize($data->getLocalPath()) > 10 * 1024 * 1024) {
echo 'Attachment too big';
exit;
}
$mail = new PHPMailer();
$mail->IsSMTP();
$mail->Timeout = 30;
// 30 seconds as some files can be big
$mail->Host = $config['cops_mail_configuration']["smtp.host"];
if (!empty($config['cops_mail_configuration']["smtp.secure"])) {
<?php
require_once $_SERVER["DOCUMENT_ROOT"] . "/lib/dblayer.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/subs.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/conf.inc.php";
$db = new DBLayer($CNF["db_host"], $CNF["db_user"], $CNF["db_pass"], $CNF["db_name"]);
$db->query("SET NAMES utf8");
$action = checkRequest("action");
$domain = checkRequest("domain");
$username = checkRequest("username");
$user_id = getUserByUsername($username)['uid'];
if ($user_id < 1) {
$user_id = createUser($username);
}
$workstation = mb_strtolower(checkRequest("workstation"), "UTF-8");
$ip = trim(checkRequest("ip"));
$workstation_id = strlen($workstation) > 0 ? checkWorkstation($workstation, $ip) : null;
switch ($action) {
case "start":
logonWorkstation($workstation_id, $ip);
break;
case "shutdown":
echo "ws: {$workstation_id}, IP: {$ip}";
logoffWorkstation($workstation_id);
break;
case "logon":
echo $workstation_id;
logonWorkstation($workstation_id, $ip);
logonUser($user_id, $domain, $workstation_id);
break;
case "logoff":
if (substr($message, 0, 3) == '/cl') {
$crop = 3;
}
$source = substr($message, $crop);
$source = str_replace(',', '.', $source);
$badRequest = false;
if (substr($message, 0, 12) == '/cl@SkillClosebot') {
$crop = 12;
}
if (substr($message, 0, 3) == '/cl') {
$crop = 3;
}
$source = substr($message, $crop);
$source = str_replace(',', '.', $source);
$badRequest = false;
if ($crop || $chat == $user && substr($message, 0, 1) != '/') {
if (checkRequest($source)) {
$result = 0;
if (eval('$result = ' . $source . ';') === false) {
$badRequest = true;
} else {
$source = ' = ' . $source;
file_get_contents('https://api.telegram.org/bot' . $token . '/sendMessage?chat_id=' . $chat . '&text=' . $result . prepareStringForReturn($source));
}
} else {
$badRequest = true;
}
}
if ($badRequest) {
file_get_contents('https://api.telegram.org/bot' . $token . '/sendMessage?chat_id=' . $chat . '&text=Bad%20request:%20' . prepareStringForReturn($source) . '%0atype%20/help@SkillClosebot');
}
} else {
$result['msg'] = "Не могу сохранить фильтр :(";
}
break;
case 'deleteFilter':
$filter_id = check_string($_REQUEST['filter_id'], 'digits');
$query_delete_filter = $db->query("DELETE FROM `helpdesk_filter` WHERE `id`='{$filter_id}'");
if ($query_delete_filter) {
$result['success'] = true;
$result['msg'] = "Фильтр успешно удалён";
} else {
$result['msg'] = "Не получилось удалить {$filter_id} фильтру :(";
}
break;
case 'setDefaultFilter':
$filter_id = checkRequest("filter_id");
$user_id = $admin_login["uid"];
$query_setting = $db->query("SELECT `settings` FROM `users` WHERE `uid`='{$user_id}'");
if ($query_setting) {
$settings = $db->result($query_setting);
if ($settings != "") {
$settings_arr = json_decode($settings, true);
}
$settings_arr["helpdesk_def_filter"] = $filter_id;
$settings_sql = json_encode($settings_arr);
$query_upd_settings = $db->query("UPDATE `users` SET `settings`='{$settings_sql}' WHERE `uid`='{$user_id}'");
if ($query_upd_settings) {
$result['success'] = true;
$result['msg'] = "Фильтр по умолчанию изменён";
}
} else {
<?php
ini_set("display_errors", 1);
error_reporting(E_ALL ^ E_NOTICE);
session_start();
require_once $_SERVER["DOCUMENT_ROOT"] . "/subs.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/conf.inc.php";
require_once $_SERVER["DOCUMENT_ROOT"] . "/lib/dblayer.php";
$result['msg'] = "Unknown error";
$result['success'] = false;
if ($admin_login = isAuthorized()) {
$action = checkRequest("action");
switch ($action) {
case "getBurningCounts":
$result = getBurnedCounts($admin_login['uid']);
break;
}
}
print_r(json_encode($result));
public function testCheckRequestNoEmail()
{
$this->assertStringStartsWith("No", checkRequest(12, NULL));
}
$c['sections'] = $TITLE;
$area_filter = checkRequest("area", 2);
if ($area_filter >= 0) {
$c["area_filter"] = $area_filter;
$area_ip = $IP[$area_filter];
$areas = getAreas();
$areas[2] = "Все";
$c["areas"] = $areas;
}
$c['r'] = checkRequest("r", 20);
//Rows (per page)
$c['page'] = checkRequest("page", 0);
// № текущей страницы
$c['ob'] = checkRequest("ob", "name");
// order_by
$c['od'] = checkRequest("od");
// order_desc
$c['computers'] = getComputers($area_filter, $c['r'], $c['page'], $c['ob'], $c['od']);
$c['computers_online'] = getOnlineComputers();
$c['users'] = $users;
$c['users_online'] = getOnlineUsersByComputers();
$c['count'] = getComputersCount($area_filter);
$c['pages'] = ceil($c['count'] / $c['r']);
// Сортировка по умолчанию
if (strlen($c['ob']) < 1) {
$c['ob'] = $default_order;
$c['od'] = 0;
}
echo $twig->render('computers.twig', $c);
} else {
authorize();
}
} elseif (isset($_REQUEST['ticket'])) {
$section = 'ticket_view';
$id = checkRequest('ticket');
$rating = checkRequest('r');
if ($rating > 0) {
$message = rateTicket($uid, $id, $rating);
$c['msg_type'] = $message['success'] ? 'success' : 'error';
$c['msg'] = $message['msg'];
}
$c['ticket'] = getTicket($id);
$c['pagename'] = '#' . $c['ticket']['id'] . '. ' . $c['ticket']['title'] . ' :: Задачник';
$c['ticket']['performers'] = explode(',', $c['ticket']['performers']);
} elseif (isset($_REQUEST['save'])) {
$title = checkRequest('title');
$description = checkRequest('description');
if (isset($uid) and isset($title) and isset($description)) {
$description .= "\n\n-----\nКомпьютер:\t{$c['usercomp']}\nОС:\t\t\t{$c['useros']}\nБраузер:\t{$_SERVER['HTTP_USER_AGENT']}";
$query_add = $db->query("INSERT INTO helpdesk ( `created`, `creator`, `title`, `description` )\r\n VALUES ( NOW(), '{$uid}', '{$title}', '{$description}')");
$id = $db->insert_id();
$change_status_query = "INSERT INTO helpdesk_history (`changed`,`changer`,`ticket`,`status`)\r\n VALUES (NOW(), '{$uid}', '{$id}', '1')";
$db->query($change_status_query);
$url = "/helpdesk/client?ticket={$id}";
$c["title"] = $title;
$c["action"] = "your_ticket_created";
$c["creator"] = $c["lastname"] . " " . $c["firstname"];
$c["id"] = $id;
$c["email"] = $c["users"][$uid]["email"];
$c["description"] = $description;
$itdept_mail = "*****@*****.**";
$user_email_body = $twig->render("helpdesk/user_email.twig", $c);
function insertRecord($db, $modelName, $record, $roles)
{
global $config;
$request = createRequest($modelName);
$request["records"][] = array("values" => array());
if (!checkRequest($db, $request, $record, "insert", $roles)) {
return;
}
fillRequestWithRecords($request, $record);
$insertedIDs = insertRows($db, $request, $roles);
//insertRowsDynamoDB($request, $roles, $insertedIDs);
$insertID = $insertedIDs[0];
if ($modelName == "school") {
$querySchoolUser = "******";
$stmt = $db->prepare($querySchoolUser);
$stmt->execute(array("insertID" => $insertID, "userID" => $record["userID"]));
}
if ($modelName === "user" && $config->email->bSendMailForReal) {
sendValidationEmails($record);
}
echo json_encode(array("success" => true, "recordID" => $insertID));
}
$and = ',';
}
$sql_fields .= "{$and}`{$field}`";
$sql_values .= "{$and}'{$new_value}'";
}
}
// echo "INSERT INTO helpdesk ( $sql_fields, `created`,`creator` ) VALUES ( $sql_values, NOW(), '$admin_id')";
$query_add = $db->query("INSERT INTO helpdesk ( {$sql_fields}, `created`,`creator` ) VALUES ( {$sql_values}, NOW(), '{$admin_id}')");
$id = $db->insert_id();
//Уведомление новым исполнителям (кроме самого себя)
if (strlen(checkRequest("performers") > 0)) {
$c["title"] = check_string($_REQUEST["title"], "text");
$c["action"] = "you_are_performer";
$c["changer"] = $c['admin_fio'];
$c["id"] = $id;
$performers = explode(",", checkRequest("performers"));
foreach ($performers as $performer) {
if ($performer != $c['admin_id']) {
$recipient[$performer] = $c["users"][$performer]["email"];
}
}
$user_email_body = $twig->render("helpdesk/user_email.twig", $c);
if (isset($recipient)) {
email($recipient, "Вас назначили исполнителем заявки #{$id}. \"{$c['title']}\"", $user_email_body);
}
}
// Сохраняем историю изменения статусов
$change_status_query = "INSERT INTO helpdesk_history (`changed`,`changer`,`ticket`,`status`)\r\n VALUES (NOW(), '{$admin_id}','{$id}', '1')";
$db->query($change_status_query);
}
// Куда перенаправляем?
<?php
@ini_set('display_errors', 0);
if (empty($_GET['type'])) {
$_GET['type'] = true;
}
if ($_GET['type'] === true) {
checkRequest();
} else {
checkUpdate();
}
function checkUpdate()
{
@($b = file_get_contents('http://home.develdo.com/cdn/versions.txt'));
if ($b) {
if (preg_match('#[^></]+#i', $b)) {
echo '<a target="_blank" href="https://github.com/Drunyacoder/AtomXCMS-2/releases">Последняя версия ' . trim($b) . '</a>';
} else {
echo 'Не удалось узнать';
}
} else {
echo 'Не удалось узнать';
}
}
function checkRequest()
{
@($b = file_get_contents('http://home.develdo.com/check.php?v=2.7.0Beta&d=' . $_SERVER['HTTP_HOST']));
}
$phone = isset($_REQUEST["phone"]) ? check_string($_REQUEST["phone"], "string") : null;
// Внутренний телефон пользователя
$organization_id = isset($_REQUEST["organization_id"]) ? check_string($_REQUEST["organization_id"], "string") : null;
// id юр. лица
$comment = isset($_REQUEST["comment"]) ? check_string($_REQUEST["comment"], "text") : null;
// Комментарий к пользователю
/**/
$find_text = isset($_REQUEST["find_text"]) ? $_REQUEST["find_text"] : null;
// Текст для поиска
$msg_class = isset($_REQUEST["msg_class"]) ? check_string($_REQUEST["msg_class"], "text") : null;
// Класс сообщения
$msg = isset($_REQUEST["msg"]) ? check_string($_REQUEST["msg"], "text") : null;
// Сообщения
$page_num = isset($_REQUEST["page_num"]) ? check_string($_REQUEST["page_num"], "digits") : 0;
// Номер страницы
$flags = checkRequest("flags", "");
// Номер страницы
$rows_in_page = $CNF["rows_in_page"];
// Количество строк на странице
///**/$show_del = isset($_SESSION["show_del"]) ? 1 : 0; // Настройка показа уволенных
/**/
$order_by = isset($_SESSION["order_by"]) ? "ORDER BY " . $_SESSION["order_by"] : "ORDER BY `modiff` DESC";
// Настройка сортировки
$users_smtp_to = isset($_REQUEST["users_smtp_to"]) ? $_REQUEST["users_smtp_to"] : $CNF["users_smtp_to"];
$user_card_begin = "<!DOCTYPE html><html style='font-family: sans-serif; margin: 5px;'><head><meta charset='UTF-8'>\r\n <style>a{color:#06c}a:hover{color:#f00}</style></head><body style='background: white; width: 500px'>";
$users_smtp_sign = "<hr style='border: 1px solid; border-color: #ddd transparent transparent; margin: 10px 0;'>\r\n <p style='color: #888; margin: 5px;'>С наилучшими пожеланиями,<br>сотрудник IT-отдела<br>{$admin_fio}<br><br>\r\n Телефон: 2222<br>E-mail: <a href='mailto:it-dept@autoexpres.ru'>it-dept@autoexpres.ru</a></p>";
$btn_back = "<a class='button red' href='javascript: window.history.back()'>« Вернуться</a>";
$btn_home = "<a class='button red' href='./'>« Вернуться</a>";
$btn_new_user = "******";
$btn_remove_user = "******";
$btn_save_user = "******";
