function required_parameters_check($parameters_required)
{
global $data_in, $result;
// Проверка наличия обязательных параметров
$required_error_parameters = array();
if (!empty($parameters_required) || count($parameters_required)) {
foreach ($parameters_required as $parameter_name) {
// Если параметр не пришел - заносим в массив его как ошибочный
if (empty($data_in[$parameter_name])) {
$required_error_parameters[] = $parameter_name;
}
}
if (!empty($required_error_parameters)) {
api_exit('Отсутствуют обязательные параметры: ' . implode(', ', $required_error_parameters));
}
}
}
case EX_NOINPUT:
default:
Http::response(416, $code, 'text/plain');
}
}
exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
//Upto 10 consecutive errors allowed...before a 5 minute timeout.
//One more error during timeout and timeout starts a new clock
if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 50) {
// timeout!
api_exit(EX_NOPERM, 'Host in Timeout');
}
//Check IP
$ip = $_SERVER['REMOTE_ADDR'];
if (!Validator::is_ip($ip) || !$cfg->isKnownHost($ip)) {
//unknown IP
api_exit(EX_NOPERM, 'Unknown remote host [' . $ip . ']');
}
//For added security...check API pass phrase.
$key = $_SERVER['HTTP_USER_AGENT'];
//pulling all tricks.
if (empty($key) || strcasecmp($key, md5($cfg->getAPIKey()))) {
api_exit(EX_NOPERM, 'Invalid API Key [' . $key . ']');
}
//At this point we know the remote host/IP is allowed.
$_SESSION['api']['errors'] = 0;
//clear errors for the session.
}
break;
case EX_NOPERM:
Http::response(403, $code, 'text/plain');
break;
case EX_DATAERR:
case EX_NOINPUT:
default:
Http::response(416, $code, 'text/plain');
}
}
exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
$ip = $_SERVER['REMOTE_ADDR'];
$key = $_SERVER['HTTP_USER_AGENT'];
//pulling all tricks.
//Upto 10 consecutive errors allowed...before a 5 minute timeout.
//One more error during timeout and timeout starts a new clock
if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 60) {
// timeout!
api_exit(EX_NOPERM, "Remote host [{$ip}] in timeout - error #" . $_SESSION['api']['errors']);
}
//Check API key & ip
if (!Validator::is_ip($ip) || !Api::validate($key, $ip)) {
api_exit(EX_NOPERM, 'Unknown remote host [' . $ip . '] or invalid API key [' . $key . ']');
}
//At this point we know the remote host/IP is allowed.
$_SESSION['api']['errors'] = 0;
//clear errors for the session.
}
<?php require_once '../../admin/functions.php'; $req = get_param(); list($db_name, $table_name, $data, $apikey) = null_exit($req, 'db_name', 'table_name', 'data', 'apikey'); api_exit($db_name, $table_name, $apikey); items_exit($data, 'ident', 'facility', 'priority', 'title'); $output = append_new_data($db_name, $table_name, $data); unset($output['listview']); jsonp_nocache_exit($output);
$ticket = new Ticket(Ticket::getIdByExtId($extid));
//Allow mismatched emails?? For now hell NO.
if (!is_object($ticket) || strcasecmp($ticket->getEmail(), $var['email'])) {
$ticket = null;
}
}
$errors = array();
$msgid = 0;
if (!$ticket) {
//New tickets...
$ticket = Ticket::create($var, $errors, 'email');
if (!is_object($ticket) || $errors) {
api_exit(EX_DATAERR, 'Ticket create Failed ' . implode("\n", $errors) . "\n\n");
}
$msgid = $ticket->getLastMsgId();
} else {
//post message....postMessage does the cleanup.
if (!($msgid = $ticket->postMessage($var['message'], 'Email', $var['mid'], $var['header']))) {
api_exit(EX_DATAERR, 'Unable to post message');
}
}
//Ticket created...save attachments if enabled.
if ($cfg->allowEmailAttachments() && ($attachments = $parser->getAttachments())) {
foreach ($attachments as $attachment) {
if ($attachment['filename'] && $ost->isFileTypeAllowed($attachment['filename'])) {
$ticket->saveAttachment(array('name' => $attachment['filename'], 'data' => $attachment['body']), $msgid, 'M');
}
}
}
api_exit(EX_SUCCESS);
break;
case EX_NOPERM:
Http::response(403, $code, 'text/plain');
break;
case EX_DATAERR:
case EX_NOINPUT:
default:
Http::response(416, $code, 'text/plain');
}
}
exit($code);
}
//Remote hosts need authorization.
if ($remotehost) {
$ip = $_SERVER['REMOTE_ADDR'];
$key = $_SERVER['HTTP_USER_AGENT'];
//pulling all tricks.
//Upto 10 consecutive errors allowed...before a 5 minute timeout.
//One more error during timeout and timeout starts a new clock
if ($_SESSION['api']['errors'] > 10 && time() - $_SESSION['api']['time'] <= 5 * 60) {
// timeout!
api_exit(EX_NOPERM, "Error de tiempo de espera [{$ip}] en el Host Remoto #" . $_SESSION['api']['errors']);
}
//Check API key & ip
if (!Validator::is_ip($ip) || !Api::validate($key, $ip)) {
api_exit(EX_NOPERM, 'Host Remoto Desconocido [' . $ip . '] o clave Api invalida[' . $key . ']');
}
//At this point we know the remote host/IP is allowed.
$_SESSION['api']['errors'] = 0;
//clear errors for the session.
}