/**
* This function is beign used to load info that's needed for the login page.
* it will try to auto-login, this can only be used while ingame, the web browser sends additional cookie information that's also stored in the open_ring db.
* We will compare the values and if they match, the user will be automatically logged in!
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (helpers::check_if_game_client()) {
//check if you are logged in ingame, this should auto login
$result = Helpers::check_login_ingame();
if ($result) {
//handle successful login
$_SESSION['user'] = $result['name'];
$_SESSION['id'] = WebUsers::getId($result['name']);
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH);
} else {
header('Location: ' . $WEBPATH);
}
throw new SystemExit();
}
}
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
$pageElements['getstring'] = $GETString;
return $pageElements;
}
/**
* This function is beign used to reply on a ticket.
* It will first check if the user who executed this function is a mod/admin or the topic creator himself. If this is not the case the page will be redirected to an error page.
* in case the isset($_POST['hidden'] is set and the user is a mod, the message will be hidden for the topic starter. The reply will be created. If $_POST['ChangeStatus']) & $_POST['ChangePriority'] is set
* it will try to update the status and priority. Afterwards the page is being redirecte to the ticket again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function reply_on_ticket()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn() && isset($_POST['ticket_id'])) {
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($ticket_id);
//check if the user who executed this function is a mod/admin or the topic creator himself.
if ($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
try {
$author = unserialize($_SESSION['ticket_user'])->getTUserId();
if (isset($_POST['Content'])) {
$content = $_POST['Content'];
} else {
$content = "";
}
$hidden = 0;
if (isset($_POST['hidden']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$hidden = 1;
}
//create the reply
Ticket::createReply($content, $author, $ticket_id, $hidden);
//try to update the status & priority in case these are set.
if (isset($_POST['ChangeStatus']) && isset($_POST['ChangePriority']) && Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$newStatus = filter_var($_POST['ChangeStatus'], FILTER_SANITIZE_NUMBER_INT);
$newPriority = filter_var($_POST['ChangePriority'], FILTER_SANITIZE_NUMBER_INT);
Ticket::updateTicketStatusAndPriority($ticket_id, $newStatus, $newPriority, $author);
}
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_ticket&id=" . $ticket_id);
} else {
header("Location: " . $WEBPATH . "?page=show_ticket&id=" . $ticket_id);
}
throw new SystemExit();
} catch (PDOException $e) {
//ERROR: LIB DB is not online!
print_r($e);
//header("Location: index.php");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to modify the email related to a support group.
* It will first check if the user who executed this function is an admin. If this is not the case the page will be redirected to an error page.
* the new email will be validated and in case it's valid we'll add it to the db. Before adding it, we will encrypt the password by using the MyCrypt class. Afterwards the password gets
* updated and the page redirected again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function modify_email_of_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if user is an admin
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
$sgroupid = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$group = Support_Group::getGroup($sgroupid);
$groupemail = filter_var($_POST['GroupEmail'], FILTER_SANITIZE_STRING);
if (Users::validEmail($groupemail) || $groupemail == "") {
$password = filter_var($_POST['IMAP_Password'], FILTER_SANITIZE_STRING);
$group->setGroupEmail($groupemail);
$group->setIMAP_MailServer(filter_var($_POST['IMAP_MailServer'], FILTER_SANITIZE_STRING));
$group->setIMAP_Username(filter_var($_POST['IMAP_Username'], FILTER_SANITIZE_STRING));
//encrypt password!
global $cfg;
$crypter = new MyCrypt($cfg['crypt']);
$enc_password = $crypter->encrypt($password);
$group->setIMAP_Password($enc_password);
$group->update();
$result['RESULT_OF_MODIFYING'] = "SUCCESS";
if ($password == "") {
$result['RESULT_OF_MODIFYING'] = "NO_PASSWORD";
}
} else {
$result['RESULT_OF_MODIFYING'] = "EMAIL_NOT_VALID";
}
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
//global $SITEBASE;
//require_once($SITEBASE . 'inc/show_sgroup.php');
//$result= array_merge($result, show_sgroup());
//helpers :: loadtemplate( 'show_sgroup', $result);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $sgroupid);
} else {
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $sgroupid);
}
throw new SystemExit();
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to add a new user to the www database.
* it will first check if the sent $_POST variables are valid for registering, if one or more rules are broken (eg the username is too short) the template will be reloaded
* but this time with the appropriate error messages. If the checking was successful it will call the write_user() function (located in this same file). That function will create
* a new www user and matching ticket_user. It will also push the newly created user to the shard. In case the shard is offline, the new user will be temporary stored in the ams_querycache,
* waiting for the sync cron job to update it.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user()
{
global $INGAME_WEBPATH;
$params = array('Username' => $_POST["Username"], 'Password' => $_POST["Password"], 'ConfirmPass' => $_POST["ConfirmPass"], 'Email' => $_POST["Email"]);
$webUser = new WebUsers();
//check if the POST variables are valid, before actual registering
$result = $webUser->check_Register($params);
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
// if all are good then create user
if ($result == "success") {
$edit = array('name' => $_POST["Username"], 'pass' => $_POST["Password"], 'mail' => $_POST["Email"], 'init' => $_POST["Email"], 'unhashpass' => $_POST["Password"], 'status' => 1, 'access' => $_SERVER['REQUEST_TIME']);
$status = write_user($edit);
if (Helpers::check_if_game_client()) {
//if registering ingame then we have to set the header and dont need to reload the template.
header('Location: email_sent.php');
throw new SystemExit();
}
$pageElements = settings();
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$pageElements['SUCCESS_ADD'] = $status;
if (isset($_GET['page']) && $_GET['page'] == "settings") {
helpers::loadtemplate('settings', $pageElements);
} else {
$pageElements['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('register_feedback', $pageElements);
}
throw new SystemExit();
} elseif (isset($_GET['page']) && $_GET['page'] == "settings") {
$pageElements = array_merge(settings(), $result);
// pass error and reload template accordingly
$pageElements['prevUsername'] = $_POST["Username"];
$pageElements['prevPassword'] = $_POST["Password"];
$pageElements['prevConfirmPass'] = $_POST["ConfirmPass"];
$pageElements['prevEmail'] = $_POST["Email"];
$pageElements['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$pageElements['do'] = "add_user";
helpers::loadtemplate('settings', $pageElements);
throw new SystemExit();
} else {
// pass error and reload template accordingly
$result['prevUsername'] = $_POST["Username"];
$result['prevPassword'] = $_POST["Password"];
$result['prevConfirmPass'] = $_POST["ConfirmPass"];
$result['prevEmail'] = $_POST["Email"];
$result['no_visible_elements'] = 'TRUE';
$pageElements['ingame_webpath'] = $INGAME_WEBPATH;
helpers::loadtemplate('register', $result);
throw new SystemExit();
}
}
/**
* This function is beign used to add a user to a support group.
* It will first check if the user who executed this function is an admin. If the user exists it will try to add it to the supportgroup, in case it's not a mod or admin it will not
* add it to the group. if the executing user is not an admin or not logged in, the page will be redirected to the error page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function add_user_to_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
//check if the that executed the task is an admin.
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user'])) && isset($_POST['target_id'])) {
$name = filter_var($_POST['Name'], FILTER_SANITIZE_STRING);
$id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$user_id = WebUsers::getId($name);
if ($user_id != "") {
//if the target user is a mod/admin
if (Ticket_User::constr_ExternId($user_id)->getPermission() > 1) {
//add it to the support group
$result['RESULT_OF_ADDING'] = Support_Group::addUserToSupportGroup($user_id, $id);
} else {
//return error message.
$result['RESULT_OF_ADDING'] = "NOT_MOD_OR_ADMIN";
}
} else {
$result['RESULT_OF_ADDING'] = "USER_NOT_EXISTING";
}
//$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
//$result['no_visible_elements'] = 'FALSE';
//$result['username'] = $_SESSION['user'];
//global $SITEBASE;
//require_once($SITEBASE . 'inc/show_sgroup.php');
//$result= array_merge($result, show_sgroup());
//helpers :: loadtemplate( 'show_sgroup', $result);
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $id);
}
throw new SystemExit();
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to change the users receiveMail setting.
* It will first check if the user who executed this function is the person of whom the setting is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* it will check if the new value equals 1 or 0 and it will update the setting and redirect the page again.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_receivemail()
{
try {
//if logged in
global $INGAME_WEBPATH;
global $WEBPATH;
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
//check if the user who executed this function is the person of whom the setting is or if it's a mod/admin.
if (($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) && isset($_POST['ReceiveMail'])) {
$user_id = filter_var($_POST['target_id'], FILTER_SANITIZE_NUMBER_INT);
$receiveMail = filter_var($_POST['ReceiveMail'], FILTER_SANITIZE_NUMBER_INT);
if ($receiveMail == 0 || $receiveMail == 1) {
WebUsers::setReceiveMail($user_id, $receiveMail);
}
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=settings&id=" . $user_id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=settings&id=" . $user_id);
}
throw new SystemExit();
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to login a user.
* It will first check if the sent POST data returns a match with the DB, if it does, some session variables will be appointed to the user and he will be redirected to the index page again.
* If it didn't match, the template will be reloaded and a matching error message will be shown.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function login()
{
global $INGAME_WEBPATH;
global $WEBPATH;
try {
$login_value = filter_var($_POST['LoginValue'], FILTER_SANITIZE_STRING);
$password = filter_var($_POST['Password'], FILTER_SANITIZE_STRING);
//check if the filtered sent POST data returns a match with the DB
$result = WebUsers::checkLoginMatch($login_value, $password);
if ($result != "fail") {
//handle successful login
$_SESSION['user'] = $result['Login'];
$_SESSION['id'] = $result['UId'];
$_SESSION['ticket_user'] = serialize(Ticket_User::constr_ExternId($_SESSION['id']));
$user = new WebUsers($_SESSION['id']);
$_SESSION['Language'] = $user->getLanguage();
$GETString = "";
foreach ($_GET as $key => $value) {
$GETString = $GETString . $key . '=' . $value . "&";
}
if ($GETString != "") {
$GETString = '?' . $GETString;
}
//go back to the index page.
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header('Location: ' . $INGAME_WEBPATH . $GETString);
} else {
header('Location: ' . $WEBPATH . $GETString);
}
throw new SystemExit();
} else {
//handle login failure
$result = array();
$result['login_error'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('login', $result);
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to change the permission of a ticket_user.
* It will first check if the user who executed this function is an admin. If this is not the case the page will be redirected to an error page.
* in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1), the change will be executed and the page will
* redirect to the users profile page.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_permission()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
//check if user who executed this function is an admin
if (ticket_user::isAdmin(unserialize($_SESSION['ticket_user']))) {
//in case the $_GET['value'] is smaller than 4 and the user whoes permission is being changed is different from the admin(id 1)
if (isset($_GET['user_id']) && isset($_GET['value']) && $_GET['user_id'] != 1 && $_GET['value'] < 4) {
$user_id = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
$value = filter_var($_GET['value'], FILTER_SANITIZE_NUMBER_INT);
//execute change.
Ticket_User::change_permission(Ticket_User::constr_ExternId($user_id)->getTUserId(), $value);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
} else {
//ERROR: GET PARAMS not given or trying to change admin
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_user&id=" . $user_id);
} else {
header("Location: " . $WEBPATH . "?page=show_user&id=" . $user_id);
}
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the createticket page.
* the $_GET['user_id'] identifies for which user you try to create a ticket. A normal user can only create a ticket for himself, a mod/admin however can also create tickets for other users.
* It will also load all categories and return these, they will be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function createticket()
{
//if logged in
if (WebUsers::isLoggedIn()) {
//in case user_id-GET param set it's value as target_id, if no user_id-param is given, use the session id.
if (isset($_GET['user_id'])) {
//check if you are a mod/admin or you try to create a ticket for your own, if this is not the case redirect to error page
if ($_GET['user_id'] != $_SESSION['id'] && !ticket_user::isMod(unserialize($_SESSION['ticket_user']))) {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
} else {
//if user_id is given, then set it as the target_id
$result['target_id'] = filter_var($_GET['user_id'], FILTER_SANITIZE_NUMBER_INT);
}
} else {
//set session_id as target_id
$result['target_id'] = $_SESSION['id'];
}
if (Helpers::check_if_game_client()) {
//get all additional info, which is needed for adding the extra info page
$result[] = $_GET;
$result['ingame'] = true;
}
//create array of category id & names
$catArray = Ticket_Category::getAllCategories();
$result['category'] = Gui_Elements::make_table_with_key_is_id($catArray, array("getName"), "getTCategoryId");
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
$result['TITLE_ERROR'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the sgroup_list page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* It will return all suppport groups information. Also if the $_GET['delete'] var is set and the user is an admin, he will delete a specific entry.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function sgroup_list()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//if delete GET var is set and user is admin, then delete the groups entry.
if (isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
$result['delete'] = Support_Group::deleteSupportGroup($delete_id);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=sgroup_list");
} else {
header("Location: " . $WEBPATH . "?page=sgroup_list");
}
throw new SystemExit();
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName", "getTag", "getGroupEmail"), array("sGroupId", "name", "tag", "groupemail"));
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* function that creates a new ticket.
* A new ticket will be created, in case the extra_info != 0 and the http request came from ingame, then a ticket_info page will be created.
* A log entry will be written, depending on the $real_authors value. In case the for_support_group parameter is set, the ticket will be forwarded immediately.
* Also the mail handler will create a new email that will be sent to the author to notify him that his ticket is freshly created.
* @param $title the title we want to give to the ticket.
* @param $content the content we want to give to the starting post of the ticket.
* @param $category the id of the category that should be related to the ticket.
* @param $author the person who's id will be stored in the database as creator of the ticket.
* @param $real_author should be the same id, or a moderator/admin who creates a ticket for another user (this is used for logging purposes).
* @param $for_support_group in case you directly want to forward the ticket after creating it. (default value = 0 = don't forward)
* @param $extra_info used for creating an ticket_info page related to the ticket, this only happens when the ticket is made ingame.
* @return the created tickets id.
*/
public static function create_Ticket($title, $content, $category, $author, $real_author, $for_support_group = 0, $extra_info = 0)
{
//create the new ticket!
$ticket = new Ticket();
$values = array("Title" => $title, "Timestamp" => 0, "Status" => 1, "Queue" => 0, "Ticket_Category" => $category, "Author" => $author, "Priority" => 0);
$ticket->set($values);
$ticket->create();
$ticket_id = $ticket->getTId();
//if ingame then add an extra info
if (Helpers::check_if_game_client() && $extra_info != 0) {
$extra_info['Ticket'] = $ticket_id;
Ticket_Info::create_Ticket_Info($extra_info);
}
//write a log entry
if ($author == $real_author) {
Ticket_Log::createLogEntry($ticket_id, $author, 1);
} else {
Ticket_Log::createLogEntry($ticket_id, $real_author, 2, $author);
}
Ticket_Reply::createReply($content, $author, $ticket_id, 0, $author);
//forwards the ticket directly after creation to the supposed support group
if ($for_support_group) {
Ticket::forwardTicket(0, $ticket_id, $for_support_group);
}
//send email that new ticket has been created
Mail_Handler::send_ticketing_mail($ticket->getAuthor(), $ticket, $content, "NEW", $ticket->getForwardedGroupId());
return $ticket_id;
}
/**
* This function is beign used to load info that's needed for the show_ticket_log page.
* This page shows the logs related to a ticket: who created the ticket, who replied on it, who viewed it, assigned or forwarded it.
* Only mods/admins are able to browse the log though. The found information is returned so it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_ticket_log()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
//only allow admins to browse the log!
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']);
$result['ticket_title'] = $target_ticket->getTitle();
//return all logs related to a ticket.
$ticket_logs = Ticket_Log::getLogsOfTicket($result['ticket_id']);
$log_action_array = Ticket_Log::getActionTextArray();
//fetch information about each returned ticket in a format that is usable for the template
$result['ticket_logs'] = Gui_Elements::make_table($ticket_logs, array("getTLogId", "getTimestamp", "getAuthor()->getExternId", "getAction", "getArgument()"), array("tLogId", "timestamp", "authorExtern", "action", "argument"));
$i = 0;
//for each ticket add action specific informaton to the to-be-shown text: uses the query_backpart
foreach ($result['ticket_logs'] as $log) {
$webUser = new WebUsers($log['authorExtern']);
$author = $webUser->getUsername();
$result['ticket_logs'][$i]['author'] = $author;
$query_backpart = "";
if ($log['action'] == 2) {
$webUser2 = new WebUsers($log['argument']);
$query_backpart = $webUser2->getUsername();
} else {
if ($log['action'] == 4) {
if (Helpers::check_if_game_client()) {
$query_backpart = "<a href='" . $INGAME_WEBPATH . "?page=show_reply&id=" . $log['argument'] . "'>ID#" . $log['argument'] . "</a>";
} else {
$query_backpart = "<a href='" . $WEBPATH . "?page=show_reply&id=" . $log['argument'] . "'>ID#" . $log['argument'] . "</a>";
}
} else {
if ($log['action'] == 5) {
$statusArray = Ticket::getStatusArray();
$query_backpart = $statusArray[$log['argument']];
} else {
if ($log['action'] == 6) {
$priorityArray = Ticket::getPriorityArray();
$query_backpart = $priorityArray[$log['argument']];
} else {
if ($log['action'] == 8) {
if (Helpers::check_if_game_client()) {
$query_backpart = "<a href='" . $INGAME_WEBPATH . "?page=show_sgroupy&id=" . $log['argument'] . "'>" . Support_Group::getGroup($log['argument'])->getName() . "</a>";
} else {
$query_backpart = "<a href='" . $WEBPATH . "?page=show_sgroupy&id=" . $log['argument'] . "'>" . Support_Group::getGroup($log['argument'])->getName() . "</a>";
}
}
}
}
}
}
$result['ticket_logs'][$i]['query'] = $author . " " . $log_action_array[$log['action']] . " " . $query_backpart;
$result['ticket_logs'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($log['timestamp']);
$i++;
}
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_queue page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* if an action is set (this is done by $_GET['action']) it will try to execute it first, actions are: assign a ticket, unassign a ticket an create a queue.
* There are a few predefined queues which is the 'all tickets' queue, 'archive' queue, 'todo' queue, .. these are passed by $_GET['get'].
* if $_GET['get'] = create; then it's a custom made queue, this will call the createQueue function which builds the query that we will later use to get the tickets.
* The tickets fetched will be returned and used in the template. Now why use POST and GET params here and have a createQueue function twice? Well the first time someone creates
* a queue the POST variables will be used, however after going to the next page it will use the GET params.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_queue()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in & queue id is given
if (WebUsers::isLoggedIn() && isset($_GET['get'])) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//the queue you want to see.
$result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING);
$user_id = unserialize($_SESSION['ticket_user'])->getTUserId();
$queueArray = array();
$queue_handler = new Ticket_Queue_handler();
//Pagination Base Links
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
//form url to keep the getters constant
if (Helpers::check_if_game_client()) {
$result['getURL'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['getURL'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
if (isset($_GET['pagenum'])) {
$result['getURL'] = $result['getURL'] . "&pagenum=" . $_GET['pagenum'];
}
if (isset($_GET['get']) && $_GET['get'] == "create" && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])) {
$userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT);
$groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT);
$what = filter_var($_GET['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_GET['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_GET['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
//if an action is set
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case "assignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id);
break;
case "unAssignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id);
break;
case "create_queue":
$userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT);
if (isset($_POST['groupid'])) {
$groupid = filter_var($_POST['groupid'], FILTER_SANITIZE_NUMBER_INT);
} else {
$groupid = 0;
}
$what = filter_var($_POST['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_POST['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_POST['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
break;
}
}
$queueArray = $queue_handler->getTickets($result['queue_view'], $user_id);
//pagination
$result['links'] = $queue_handler->getPagination()->getLinks(5);
$result['lastPage'] = $queue_handler->getPagination()->getLast();
$result['currentPage'] = $queue_handler->getPagination()->getCurrent();
//if queue_view is a valid parameter value
if ($queueArray != "ERROR") {
$result['tickets'] = Gui_Elements::make_table($queueArray, array("getTId", "getTitle", "getTimestamp", "getAuthor()->getExternId", "getTicket_Category()->getName", "getStatus", "getStatusText", "getAssigned", "getForwardedGroupName", "getForwardedGroupId"), array("tId", "title", "timestamp", "authorExtern", "category", "status", "statusText", "assigned", "forwardedGroupName", "forwardedGroupId"));
$i = 0;
foreach ($result['tickets'] as $ticket) {
$web_author = new WebUsers($ticket['authorExtern']);
$result['tickets'][$i]['author'] = $web_author->getUsername();
$web_assigned = new WebUsers($ticket['assigned']);
$result['tickets'][$i]['assignedText'] = $web_assigned->getUsername();
$result['tickets'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($ticket['timestamp']);
$i++;
}
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
//Queue creator field info
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName"), array("sGroupId", "name"));
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
$i = 0;
foreach ($result['teamlist'] as $member) {
$web_teammember = new Webusers($member['externId']);
$result['teamlist'][$i]['name'] = $web_teammember->getUsername();
$i++;
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: Doesn't exist!
$_SESSION['error_code'] = "404";
header("Cache-Control: max-age=1");
header("Location: ams?page=error");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_sgroup page.
* check if the person browsing this page is a mod/admin, if not he'll be redirected to an error page.
* if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
* A list of users that are member of the group will be returned, which can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_sgroup()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn()) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if (isset($_GET['id'])) {
//['target_id'] holds the id of the group!
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
//if the $_GET['delete'] var is set and the user executing is an admin, an entry will be deleted out of the support group.
if (isset($_GET['delete']) && Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$delete_id = filter_var($_GET['delete'], FILTER_SANITIZE_NUMBER_INT);
$result['delete'] = Support_Group::deleteUserOfSupportGroup($delete_id, $result['target_id']);
header("Cache-Control: max-age=1");
if (Helpers::check_if_game_client()) {
header("Location: " . $INGAME_WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
} else {
header("Location: " . $WEBPATH . "?page=show_sgroup&id=" . $result['target_id']);
}
throw new SystemExit();
}
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$group = Support_Group::getGroup($result['target_id']);
$result['groupsname'] = $group->getName();
$result['groupemail'] = $group->getGroupEmail();
$result['imap_mailserver'] = $group->getIMAP_MailServer();
$result['imap_username'] = $group->getIMAP_Username();
$result['userlist'] = Gui_Elements::make_table(Support_Group::getAllUsersOfSupportGroup($result['target_id']), array("getTUserId", "getPermission", "getExternId"), array("tUserId", "permission", "externId"));
$i = 0;
foreach ($result['userlist'] as $user) {
$webuser = new Webusers($user['externId']);
$result['userlist'][$i]['name'] = $webuser->getUsername();
$i++;
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
$i = 0;
foreach ($result['teamlist'] as $member) {
$web_teammember = new Webusers($member['externId']);
if (!In_Support_Group::userExistsInSGroup($member['externId'], $result['target_id'])) {
$result['users'][$i]['name'] = $web_teammember->getUsername();
}
$i++;
}
return $result;
} else {
//ERROR: No page specified!
$_SESSION['error_code'] = "404";
header("Cache-Control: max-age=1");
header("Location: ams?page=error");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to create a new ticket.
* It will first check if the user who executed this function is the person of whom the setting is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* next it will filter the POST data and it will try to create the new ticket. Afterwards a redirecion to the ticket will occur.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function create_ticket()
{
//if logged in
global $INGAME_WEBPATH;
global $WEBPATH;
$return = array();
$error = false;
if (WebUsers::isLoggedIn() && isset($_SESSION['ticket_user'])) {
if (strlen(preg_replace('/\\s\\s+/', ' ', $_POST['Title'])) < 2) {
$return = array_merge($_POST, $return);
$return['no_visible_elements'] = 'FALSE';
$catArray = Ticket_Category::getAllCategories();
$return['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, array("getName"), "getTCategoryId");
$return['TITLE_ERROR_MESSAGE'] = "Title must not be blank!";
$return['TITLE_ERROR'] = true;
$error = true;
}
if (strlen(preg_replace('/\\s\\s+/', ' ', $_POST['Content'])) < 2) {
$return = array_merge($_POST, $return);
$return['no_visible_elements'] = 'FALSE';
$catArray = Ticket_Category::getAllCategories();
$return['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$return['category'] = Gui_Elements::make_table_with_key_is_id($catArray, array("getName"), "getTCategoryId");
$return['CONTENT_ERROR_MESSAGE'] = "Content must not be blank!";
$return['CONTENT_ERROR'] = true;
$error = true;
}
if ($error) {
helpers::loadTemplate('createticket', $return);
throw new SystemExit();
}
if (isset($_POST['target_id'])) {
//if target_id is the same as session id or is admin
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$category = filter_var($_POST['Category'], FILTER_SANITIZE_NUMBER_INT);
$title = filter_var($_POST['Title'], FILTER_SANITIZE_STRING);
$content = filter_var($_POST['Content'], FILTER_SANITIZE_STRING);
try {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the ticket is being made for the executing user himself
$author = unserialize($_SESSION['ticket_user'])->getTUserId();
} else {
//if a mod tries to make a ticket for someone else
$author = Ticket_User::constr_ExternId($_POST['target_id'])->getTUserId();
}
//create the ticket & return the id of the newly created ticket.
$ticket_id = Ticket::create_Ticket($title, $content, $category, $author, unserialize($_SESSION['ticket_user'])->getTUserId(), 0, $_POST);
//redirect to the new ticket.
if (Helpers::check_if_game_client()) {
header("Cache-Control: max-age=1");
header("Location: " . $INGAME_WEBPATH . "?page=show_ticket&id=" . $ticket_id);
} else {
header("Cache-Control: max-age=1");
header("Location: " . $WEBPATH . "?page=show_ticket&id=" . $ticket_id);
throw new SystemExit();
}
} catch (PDOException $e) {
//ERROR: LIB DB is not online!
print_r($e);
throw new SystemExit();
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=createticket");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
break;
case 'reset_password':
$page = 'reset_password';
break;
case 'error':
$page = 'error';
break;
default:
$page = 'login';
break;
}
}
}
// check if ingame & page= register
// this is needed because the ingame register can't send a hidden $_POST["function"]
if (Helpers::check_if_game_client() && $page == "register") {
require "func/add_user.php";
$return = add_user();
}
// perform an action in case one is specified
// else check if a php page is included in the inc folder, else just set page to the get param
if (isset($_POST["function"])) {
require "func/" . $_POST["function"] . ".php";
$return = $_POST["function"]();
} else {
if (isset($_GET["action"])) {
require "func/" . $_GET["action"] . ".php";
$return = $_GET["action"]();
} else {
$filename = 'inc/' . $page . '.php';
//check if this is a file
