function getTeamLead()
{
if (!$this->lead && $this->getLeadId()) {
$this->lead = Staff::lookup($this->getLeadId());
}
return $this->lead;
}
function getStaff()
{
if (!isset($this->_staff) && $this->staff_id) {
$this->_staff = Staff::lookup($this->staff_id);
}
return $this->_staff;
}
function getMembers()
{
if (!$this->members && $this->getNumUsers()) {
$sql = 'SELECT staff_id FROM ' . STAFF_TABLE . ' WHERE group_id=' . db_input($this->getId()) . ' ORDER BY lastname, firstname';
if (($res = db_query($sql)) && db_num_rows($res)) {
while (list($id) = db_fetch_row($res)) {
if ($staff = Staff::lookup($id)) {
$this->members[] = $staff;
}
}
}
}
return $this->members;
}
function create($vars, &$errors)
{
if (($id = self::save(0, $vars, $errors)) && ($staff = Staff::lookup($id))) {
if ($vars['teams']) {
$staff->updateTeams($vars['teams']);
}
if ($vars['welcome_email']) {
$staff->sendResetEmail('registration-staff', false);
}
Signal::send('model.created', $staff);
}
return $id;
}
break;
case 'newpasswd':
// TODO: Compare passwords
$tpl = 'pwreset.login.php';
$errors = array();
if ($staff = StaffAuthenticationBackend::processSignOn($errors)) {
$info = array('page' => 'index.php');
Http::redirect($info['page']);
} elseif (isset($errors['msg'])) {
$msg = $errors['msg'];
}
break;
}
} elseif ($_GET['token']) {
$msg = 'Please enter your username or email';
$_config = new Config('pwreset');
if (($id = $_config->get($_GET['token'])) && ($staff = Staff::lookup($id))) {
// TODO: Detect staff confirmation (for welcome email)
$tpl = 'pwreset.login.php';
} else {
header('Location: index.php');
}
} elseif ($cfg->allowPasswordReset()) {
$msg = 'Enter your username or email address below';
} else {
$_SESSION['_staff']['auth']['msg'] = 'Password resets are disabled';
return header('Location: index.php');
}
define("OSTSCPINC", TRUE);
//Make includes happy!
include_once INCLUDE_DIR . 'staff/' . $tpl;
foreach ($userInfoArray as $fields) {
// echo json_encode(array($fields['username'],$fields['firstname'],$fields['lastname'],$fields['isadmin'],$fields['onvacation'],$fields['created'],$fields['lastlogin'],Staff::getStaffTeams($fields['staff_id'])));
fprintf($fp, chr(0xEF).chr(0xBB).chr(0xBF));
// fputcsv($fp,$fields);
$teams = Staff::getStaffTeams($fields['staff_id']);
// logErrors(json_encode(Team::getActiveTeams()));
// echo $teams;
html_entity_decode(mb_convert_encoding(stripslashes($teams), "HTML-ENTITIES", 'UTF-8'));
try {
$resultArray = array($fields['username'],$fields['firstname'],$fields['lastname'],booleanToString($fields['isadmin']),$fields['created'],$fields['lastlogin']);
foreach ($teamsArray as $key=>$value) {
// logErrors("team id: ".$key);
if($team = Team::lookup(intval($key)))
{
logErrors(json_encode($team->getName()));
array_push($resultArray,booleanToString($team->hasMember(Staff::lookup(intval($fields['staff_id'])))));
}
}
// logErrors(json_encode($resultArray));
fputcsv($fp,$resultArray);
// fputcsv($fp, array_merge(array($fields['username'],$fields['firstname'],$fields['lastname'],$fields['isadmin'],$fields['onvacation'],$fields['created'],$fields['lastlogin']),null));
} catch (Exception $e) {
logErrors('Caught exception: ', $e->getMessage(), "\n");
}
}
}
fclose($fp);
function getStaffStats($staff)
{
global $cfg;
/* Unknown or invalid staff */
if (!$staff || !is_object($staff) && !($staff = Staff::lookup($staff)) || !$staff->isStaff()) {
return null;
}
$sql = 'SELECT count(open.ticket_id) as open, count(answered.ticket_id) as answered ' . ' ,count(overdue.ticket_id) as overdue, count(assigned.ticket_id) as assigned, count(closed.ticket_id) as closed ' . ' FROM ' . TICKET_TABLE . ' ticket ' . ' LEFT JOIN ' . TICKET_TABLE . ' open
ON (open.ticket_id=ticket.ticket_id AND open.status=\'open\' AND open.isanswered=0) ' . ' LEFT JOIN ' . TICKET_TABLE . ' answered
ON (answered.ticket_id=ticket.ticket_id AND answered.status=\'open\' AND answered.isanswered=1) ' . ' LEFT JOIN ' . TICKET_TABLE . ' overdue
ON (overdue.ticket_id=ticket.ticket_id AND overdue.status=\'open\' AND overdue.isoverdue=1) ' . ' LEFT JOIN ' . TICKET_TABLE . ' assigned
ON (assigned.ticket_id=ticket.ticket_id AND assigned.status=\'open\' AND assigned.staff_id=' . db_input($staff->getId()) . ')' . ' LEFT JOIN ' . TICKET_TABLE . ' closed
ON (closed.ticket_id=ticket.ticket_id AND closed.status=\'closed\' AND closed.staff_id=' . db_input($staff->getId()) . ')' . ' WHERE (ticket.dept_id IN(' . implode(',', $staff->getDepts()) . ') OR ticket.staff_id=' . db_input($staff->getId());
if ($teams = $staff->getTeams()) {
$sql .= ' OR ticket.team_id IN(' . implode(',', array_filter($teams)) . ')';
}
$sql .= ')';
if (!$cfg || !($cfg->showAssignedTickets() || $staff->showAssignedTickets())) {
$sql .= ' AND (ticket.staff_id=0 OR ticket.staff_id=' . db_input($staff->getId()) . ') ';
}
return db_fetch_array(db_query($sql));
}
$errors = array();
if ($staff = StaffAuthenticationBackend::processSignOn($errors)) {
$info = array('page' => 'index.php');
Http::redirect($info['page']);
}
elseif (isset($errors['msg'])) {
$msg = $errors['msg'];
}
break;
}
}
elseif ($_GET['token']) {
$msg = __('Please enter your username or email');
$_config = new Config('pwreset');
if (($id = $_config->get($_GET['token']))
&& ($staff = Staff::lookup($id)))
// TODO: Detect staff confirmation (for welcome email)
$tpl = 'pwreset.login.php';
else
header('Location: index.php');
}
elseif ($cfg->allowPasswordReset()) {
$msg = __('Enter your username or email address below');
}
else {
$_SESSION['_staff']['auth']['msg']=__('Password resets are disabled');
return header('Location: index.php');
}
define("OSTSCPINC",TRUE); //Make includes happy!
include_once(INCLUDE_DIR.'staff/'. $tpl);
function update($vars, &$errors)
{
$valid = true;
$forms = $this->getForms($vars);
foreach ($forms as $cd) {
if (!$cd->isValid()) {
$valid = false;
}
if ($cd->get('type') == 'O' && ($form = $cd->getForm($vars)) && ($f = $form->getField('name')) && $f->getClean() && ($o = Organization::lookup(array('name' => $f->getClean()))) && $o->id != $this->getId()) {
$valid = false;
$f->addError('Organization with the same name already exists');
}
}
if ($vars['domain']) {
foreach (explode(',', $vars['domain']) as $d) {
if (!Validator::is_email('t@' . trim($d))) {
$errors['domain'] = 'Enter a valid email domain, like domain.com';
}
}
}
if ($vars['manager']) {
switch ($vars['manager'][0]) {
case 's':
if ($staff = Staff::lookup(substr($vars['manager'], 1))) {
break;
}
case 't':
if ($vars['manager'][0] == 't' && ($team = Team::lookup(substr($vars['manager'], 1)))) {
break;
}
default:
$errors['manager'] = 'Select a staff member or team from the list';
}
}
if (!$valid || $errors) {
return false;
}
foreach ($this->getDynamicData() as $cd) {
if (($f = $cd->getForm()) && $f->get('type') == 'O' && ($name = $f->getField('name'))) {
$this->name = $name->getClean();
$this->save();
}
$cd->save();
}
// Set flags
foreach (array('collab-all-flag' => Organization::COLLAB_ALL_MEMBERS, 'collab-pc-flag' => Organization::COLLAB_PRIMARY_CONTACT, 'assign-am-flag' => Organization::ASSIGN_AGENT_MANAGER) as $ck => $flag) {
if ($vars[$ck]) {
$this->setStatus($flag);
} else {
$this->clearStatus($flag);
}
}
// Set staff and primary contacts
$this->set('domain', $vars['domain']);
$this->set('manager', $vars['manager'] ?: '');
if ($vars['contacts'] && is_array($vars['contacts'])) {
foreach ($this->allMembers() as $u) {
$u->setPrimaryContact(array_search($u->id, $vars['contacts']) !== false);
$u->save();
}
}
return $this->save();
}
break;
case 'disable':
$sql = 'UPDATE ' . STAFF_TABLE . ' SET isactive=0 ' . ' WHERE staff_id IN (' . implode(',', db_input($_POST['ids'])) . ') AND staff_id!=' . db_input($thisstaff->getId());
if (db_query($sql) && ($num = db_affected_rows())) {
if ($num == $count) {
$msg = sprintf('Successfully disabled %s', _N('selected agent', 'selected agents', $count));
} else {
$warn = sprintf(__('%1$d of %2$d %3$s disabled'), $num, $count, _N('selected agent', 'selected agents', $count));
}
} else {
$errors['err'] = sprintf(__('Unable to disable %s'), _N('selected agent', 'selected agents', $count));
}
break;
case 'delete':
foreach ($_POST['ids'] as $k => $v) {
if ($v != $thisstaff->getId() && ($s = Staff::lookup($v)) && $s->delete()) {
$i++;
}
}
if ($i && $i == $count) {
$msg = sprintf(__('Successfully deleted %s'), _N('selected agent', 'selected agents', $count));
} elseif ($i > 0) {
$warn = sprintf(__('%1$d of %2$d %3$s deleted'), $i, $count, _N('selected agent', 'selected agents', $count));
} elseif (!$errors['err']) {
$errors['err'] = sprintf(__('Unable to delete %s'), _N('selected agent', 'selected agents', $count));
}
break;
default:
$errors['err'] = __('Unknown action - get technical help.');
}
}
function create($vars, &$errors)
{
if (($id = self::save(0, $vars, $errors)) && $vars['teams'] && ($staff = Staff::lookup($id))) {
$staff->updateTeams($vars['teams']);
Signal::send('model.created', $staff);
}
return $id;
}
profile.php
Staff's profile handle
Peter Rotich <*****@*****.**>
Copyright (c) 2006-2012 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
require_once 'staff.inc.php';
$msg = '';
$staff = Staff::lookup($thisstaff->getId());
if ($_POST && $_POST['id'] != $thisstaff->getId()) {
//Check dummy ID used on the form.
$errors['err'] = 'Internal Error. Action Denied';
}
if (!$errors && $_POST) {
//Handle post
if (!$staff) {
$errors['err'] = 'Unknown or invalid staff';
} elseif ($staff->updateProfile($_POST, $errors)) {
$msg = 'Profile updated successfully';
$thisstaff->reload();
$staff->reload();
$_SESSION['TZ_OFFSET'] = $thisstaff->getTZoffset();
$_SESSION['daylight'] = $thisstaff->observeDaylight();
} elseif (!$errors['err']) {
staff.php
Evertything about staff members.
Peter Rotich <*****@*****.**>
Copyright (c) 2006-2013 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/
require 'admin.inc.php';
$staff = null;
if ($_REQUEST['id'] && !($staff = Staff::lookup($_REQUEST['id']))) {
$errors['err'] = sprintf(__('%s: Unknown or invalid ID.'), __('agent'));
}
if ($_POST) {
$mysqli = new mysqli("localhost", "osticket", "0571ck37", "osticket1911");
/* check connection */
if (mysqli_connect_errno()) {
printf("Connect failed: %s\n", mysqli_connect_error());
exit;
}
$count = 0;
foreach ($_POST as $key => $value) {
if ($count == 0) {
$count++;
} else {
if ($count == 1) {
function add($vars, &$errors)
{
if (!$vars || !is_array($vars) || !$vars['ticketId']) {
$errors['err'] = __('Missing or invalid data');
} elseif (!$vars['response']) {
$errors['response'] = __('Response content is required');
}
if ($errors) {
return false;
}
$vars['type'] = 'R';
$vars['body'] = $vars['response'];
if (!$vars['pid'] && $vars['msgId']) {
$vars['pid'] = $vars['msgId'];
}
if (!$vars['poster'] && $vars['staffId'] && ($staff = Staff::lookup($vars['staffId']))) {
$vars['poster'] = (string) $staff->getName();
}
return ThreadEntry::add($vars);
}
/**
* postEmail
*
* After some security and sanity checks, attaches the body and subject
* of the message in reply to this thread item
*
* Parameters:
* mailinfo - (array) of information about the email, with at least the
* following keys
* - mid - (string) email message-id
* - name - (string) personal name of email originator
* - email - (string<email>) originating email address
* - subject - (string) email subject line (decoded)
* - body - (string) email message body (decoded)
*/
function postEmail($mailinfo)
{
// +==================+===================+=============+
// | Orig Thread-Type | Reply Thread-Type | Requires |
// +==================+===================+=============+
// | * | Message (M) | From: Owner |
// | * | Note (N) | From: Staff |
// | Response (R) | Message (M) | |
// | Message (M) | Response (R) | From: Staff |
// +------------------+-------------------+-------------+
if (!($ticket = $this->getTicket())) {
// Kind of hard to continue a discussion without a ticket ...
return false;
} elseif ($this->getEmailMessageId() == $mailinfo['mid']) {
// Reporting success so the email can be moved or deleted.
return true;
}
$vars = array('mid' => $mailinfo['mid'], 'header' => $mailinfo['header'], 'ticketId' => $ticket->getId(), 'poster' => $mailinfo['name'], 'origin' => 'Email', 'source' => 'Email', 'ip' => '', 'reply_to' => $this);
if (isset($mailinfo['attachments'])) {
$vars['attachments'] = $mailinfo['attachments'];
}
$body = $mailinfo['message'];
// Disambiguate if the user happens also to be a staff member of the
// system. The current ticket owner should _always_ post messages
// instead of notes or responses
if (strcasecmp($mailinfo['email'], $ticket->getEmail()) == 0) {
$vars['message'] = $body;
return $ticket->postMessage($vars, 'Email');
} elseif ($staff_id = Staff::getIdByEmail($mailinfo['email'])) {
$vars['staffId'] = $staff_id;
$poster = Staff::lookup($staff_id);
$errors = array();
$vars['note'] = $body;
return $ticket->postNote($vars, $errors, $poster);
} elseif (Email::getIdByEmail($mailinfo['email'])) {
// Don't process the email -- it came FROM this system
return true;
} else {
$vars['message'] = sprintf("Received From: %s\n\n%s", $mailinfo['email'], $body);
return $ticket->postMessage($vars, 'Email');
}
// Currently impossible, but indicate that this thread object could
// not append the incoming email.
return false;
}
function getStaffStats($staff)
{
global $cfg;
/* Unknown or invalid staff */
if (!$staff || !is_object($staff) && !($staff = Staff::lookup($staff)) || !$staff->isStaff()) {
return null;
}
$where = array('(ticket.staff_id=' . db_input($staff->getId()) . ' AND
status.state="open")');
$where2 = '';
if ($teams = $staff->getTeams()) {
$where[] = ' ( ticket.team_id IN(' . implode(',', db_input(array_filter($teams))) . ') AND status.state="open")';
}
if (!$staff->showAssignedOnly() && ($depts = $staff->getDepts())) {
//Staff with limited access just see Assigned tickets.
$where[] = 'ticket.dept_id IN(' . implode(',', db_input($depts)) . ') ';
}
if (!$cfg || !($cfg->showAssignedTickets() || $staff->showAssignedTickets())) {
$where2 = ' AND ticket.staff_id=0 ';
}
$where = implode(' OR ', $where);
if ($where) {
$where = 'AND ( ' . $where . ' ) ';
}
$sql = 'SELECT \'open\', count( ticket.ticket_id ) AS tickets ' . 'FROM ' . TICKET_TABLE . ' ticket ' . 'INNER JOIN ' . TICKET_STATUS_TABLE . ' status
ON (ticket.status_id=status.id
AND status.state=\'open\') ' . 'WHERE ticket.isanswered = 0 ' . $where . $where2 . 'UNION SELECT \'answered\', count( ticket.ticket_id ) AS tickets ' . 'FROM ' . TICKET_TABLE . ' ticket ' . 'INNER JOIN ' . TICKET_STATUS_TABLE . ' status
ON (ticket.status_id=status.id
AND status.state=\'open\') ' . 'WHERE ticket.isanswered = 1 ' . $where . 'UNION SELECT \'overdue\', count( ticket.ticket_id ) AS tickets ' . 'FROM ' . TICKET_TABLE . ' ticket ' . 'INNER JOIN ' . TICKET_STATUS_TABLE . ' status
ON (ticket.status_id=status.id
AND status.state=\'open\') ' . 'WHERE ticket.isoverdue =1 ' . $where . 'UNION SELECT \'assigned\', count( ticket.ticket_id ) AS tickets ' . 'FROM ' . TICKET_TABLE . ' ticket ' . 'INNER JOIN ' . TICKET_STATUS_TABLE . ' status
ON (ticket.status_id=status.id
AND status.state=\'open\') ' . 'WHERE ticket.staff_id = ' . db_input($staff->getId()) . ' ' . $where . 'UNION SELECT \'closed\', count( ticket.ticket_id ) AS tickets ' . 'FROM ' . TICKET_TABLE . ' ticket ' . 'INNER JOIN ' . TICKET_STATUS_TABLE . ' status
ON (ticket.status_id=status.id
AND status.state=\'closed\' ) ' . 'WHERE 1 ' . $where;
$res = db_query($sql);
$stats = array();
while ($row = db_fetch_row($res)) {
$stats[$row[0]] = $row[1];
}
return $stats;
}
function getManager()
{
if (!$this->manager && $this->getManagerId()) {
$this->manager = Staff::lookup($this->getManagerId());
}
return $this->manager;
}
function create($vars, &$errors)
{
if (($id = self::save(0, $vars, $errors)) && $vars['teams'] && ($self = Staff::lookup($id))) {
$staff->updateTeams($vars['teams']);
}
return $id;
}
