public static function lsCheckSession($userid, $convid) { global $lsdb; $result = $lsdb->query('SELECT id FROM ' . DB_PREFIX . 'jrc_sessions WHERE userid = "' . smartsql($userid) . '" AND convid = "' . smartsql($convid) . '" AND ended <= 600 LIMIT 1'); if ($lsdb->affected_rows == 0) { return true; } }
function ls_row_exist($id, $table) { global $lsdb; $result = $lsdb->query('SELECT id FROM ' . $table . ' WHERE id = "' . smartsql($id) . '" LIMIT 1'); if ($lsdb->affected_rows > 0) { return true; } }
public static function lsCheckSession($userid, $convid) { $chat_ended = time() + 600; global $lsdb; $result = $lsdb->query('SELECT id FROM ' . DB_PREFIX . 'sessions WHERE userid = "' . smartsql($userid) . '" AND id = "' . smartsql($convid) . '" AND ended <= ' . $chat_ended . ' LIMIT 1'); if ($lsdb->affected_rows == 0) { return true; } }
responses = ' . $defaults['ls_responses'] . ', files = ' . $defaults['ls_files'] . ', operatorchat = ' . $defaults['ls_chat'] . ', operatorlist = ' . $defaults['ls_chatlist'] . ', sound = ' . $defaults['ls_sound'] . ', ringing = ' . $defaults['ls_ringing'] . ', emailnot = ' . $defaults['ls_emailnot'] . ', language = "' . $defaults['ls_lang'] . '", invitationmsg = "' . $defaults['ls_inv'] . '", ' . $insert . ' email = "' . filter_var($defaults['ls_email'], FILTER_SANITIZE_EMAIL) . '" WHERE id = ' . $page2); } else { $result = $lsdb->query('UPDATE ' . $lstable . ' SET username = "******", name = "' . smartsql(trim($defaults['ls_name'])) . '", language = "' . $defaults['ls_lang'] . '", invitationmsg = "' . $defaults['ls_inv'] . '", tw_days = "' . $tw_days . '", tw_time_from = "' . $defaults['jak_timefrom'] . ':' . $defaults['jak_timefromm'] . ':00", tw_time_to = "' . $defaults['jak_timeto'] . ':' . $defaults['jak_timetom'] . ':00", phonenumber = "' . $defaults['ls_phone'] . '", dnotify = "' . $defaults['ls_dnotify'] . '", sound = ' . $defaults['ls_sound'] . ', ringing = ' . $defaults['ls_ringing'] . ', ' . $insert . ' email = "' . filter_var($defaults['ls_email'], FILTER_SANITIZE_EMAIL) . '" WHERE id = ' . $page2); } if (!$result) { ls_redirect(BASE_URL . 'index.php?p=error&sp=mysql');
<?php /*======================================================================*\ || #################################################################### || || # Rhino 2.5 # || || # ---------------------------------------------------------------- # || || # Copyright 2014 Rhino All Rights Reserved. # || || # This file may not be redistributed in whole or significant part. # || || # ---------------- Rhino IS NOT FREE SOFTWARE ---------------- # || || # http://www.livesupportrhino.com # || || #################################################################### || \*======================================================================*/ // Start the session session_start(); if (!file_exists('../../config.php')) { die('ajax/[response.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['idhash'])) { die("Nothing to see here"); } if (!is_numeric($_POST['id'])) { die("There is no such message!"); } $result = $lsdb->query('SELECT message FROM ' . DB_PREFIX . 'jrc_responses WHERE id = "' . smartsql($_POST['id']) . '"'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); echo json_encode(array('status' => 1, "html" => $row['message'])); }
protected function process($user, $message) { global $socket_url; global $final_url; global $lsdb; // What we have to do $obj = json_decode($message, true); if ($obj['user_area'] == 'admin') { $result = $lsdb->query('SELECT id FROM ' . DB_PREFIX . 'user WHERE idhash = "' . smartsql($obj['ohash']) . '"'); if ($lsdb->affected_rows == 1) { $row = $result->fetch_assoc(); if (!is_numeric($obj['uid'])) { $obj['uid'] = $row['id']; } if ($obj['oplang'] && file_exists($final_url . 'operator/lang/' . $obj['oplang'] . '.ini')) { $tl = parse_ini_file($final_url . 'operator/lang/' . $obj['oplang'] . '.ini', true); } elseif (!$BT_LANGUAGE && file_exists($final_url . 'lang/' . LS_LANG . '.ini')) { $tl = parse_ini_file($final_url . 'operator/lang/' . LS_LANG . '.ini', true); } else { $tl = parse_ini_file($final_url . 'operator/lang/en.ini', true); } // Get the special lang var once for the time define('LS_DAY', $tl['general']['g74']); define('LS_HOUR', $tl['general']['g75']); define('LS_MINUTE', $tl['general']['g76']); define('LS_MULTITIME', $tl['general']['g77']); define('LS_AGO', $tl['general']['g78']); switch ($obj['job']) { case 'check_status': // Now only get the department for the user if ($obj['odep'] && is_numeric($obj['odep'])) { $sqluo = ' AND depid = ' . smartsql($obj['odep']); $sqlw = 'department = ' . smartsql($obj['odep']) . ' AND status = 1 AND operatorid = 0 OR '; $sqlwc = 't1.department = ' . smartsql($obj['odep']) . ' AND t1.status = 1 AND t1.operatorid = 0 OR '; } if ($obj['odep']) { $sqluo = ' AND depid IN(' . smartsql($obj['odep']) . ')'; $sqlw = 'department IN(' . smartsql($obj['odep']) . ') AND status = 1 AND operatorid = 0 OR '; $sqlwc = 't1.department IN(' . smartsql($obj['odep']) . ') AND t1.status = 1 AND t1.operatorid = 0 OR '; } if ($obj['odep'] == 0) { $sqluo = ' AND depid >= 0'; $sqlw = 'department >= 0 AND status = 1 AND operatorid = 0 OR '; $sqlwc = 't1.department >= 0 AND t1.status = 1 AND t1.operatorid = 0 OR '; } $useronline = false; if ($obj['advanceduo']) { $result = $lsdb->query('SELECT t1.id, t1.referrer, t1.firstreferrer, t1.agent, t1.hits, t1.ip, t1.lasttime, t1.time, t1.proactive, t1.readtime, t2.initiated, t2.ended FROM ' . DB_PREFIX . 'buttonstats AS t1 LEFT JOIN ' . DB_PREFIX . 'sessions AS t2 ON (t1.session = t2.session) WHERE t1.lasttime > (NOW() - INTERVAL 5 MINUTE)' . $sqluo . ' AND (opid = 0 OR opid = "' . smartsql($obj['uid']) . '") GROUP BY t1.session ORDER BY t1.lasttime DESC LIMIT 50'); if ($lsdb->affected_rows > 0) { $useronline = '<table class="table table-striped"><thead><th>' . $tl["general"]["g169"] . '</th><th>' . $tl["general"]["g170"] . '</th><th>' . $tl["general"]["g171"] . '</th><th>' . $tl["general"]["g172"] . '</th><th>' . $tl["general"]["g11"] . '</th><th>' . $tl["general"]["g173"] . '</th><th>' . $tl["general"]["g174"] . '</th></thead>'; while ($row = $result->fetch_assoc()) { // Convert time to minutes and hours $row['lasttime'] = LS_base::lsTimesince($row['lasttime'], LS_DATEFORMAT, LS_TIMEFORMAT); $row['time'] = LS_base::lsTimesince($row['time'], LS_DATEFORMAT, LS_TIMEFORMAT); if ($row['proactive'] != 0) { $icon = '<span class="glyphicon glyphicon-bell"></span>'; $uclass = ' class="warning"'; } else { $icon = '<span class="glyphicon glyphicon-user"></span>'; $uclass = ''; } $button = '<a href="javascript:void(0)" id="usero-' . $row['id'] . '" class="btn btn-default btn-xs rhino-online-user">' . $icon . '</a>'; if ($row['readtime'] == 1) { $uclass = ' class="danger"'; } if ($row['readtime'] == 2) { $uclass = ' class="success"'; } if ($row['initiated'] && $row['ended'] == 0) { $button = '<span class="glyphicon glyphicon-comment"></span>'; } $useronline .= '<tr' . $uclass . '><td>' . $row['referrer'] . '</td><td>' . $row['firstreferrer'] . '</td><td>' . $row['agent'] . '</td><td>' . $row['hits'] . '</td><td>' . $row['ip'] . '</td><td>' . $row['time'] . '</td><td>' . $row['lasttime'] . '</td><td>' . $button . '</td></tr>'; } $useronline .= '</table>'; } } else { $result = $lsdb->query('SELECT t1.id, t1.referrer, t1.proactive, t1.readtime, t1.agent, t1.ip, t2.initiated, t2.ended FROM ' . DB_PREFIX . 'buttonstats t1 LEFT JOIN ' . DB_PREFIX . 'sessions AS t2 ON (t1.session = t2.session) WHERE t1.lasttime > (NOW() - INTERVAL 5 MINUTE)' . $sqluo . ' AND (opid = 0 OR opid = "' . smartsql($obj['uid']) . '") GROUP BY t1.session ORDER BY t1.lasttime DESC LIMIT 5'); if ($lsdb->affected_rows > 0) { $useronline = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { if ($row['proactive'] != 0) { $icon = '<span class="glyphicon glyphicon-bell"></span>'; $uclass = ' list-group-item-warning'; } else { $icon = '<span class="glyphicon glyphicon-user"></span>'; $uclass = ''; } $button = '<div class="pull-right"><a href="javascript:void(0)" id="usero-' . $row['id'] . '" class="btn btn-default btn-xs rhino-online-user" title="' . $row['agent'] . '/' . $row['ip'] . '">' . $icon . '</a></div>'; if ($row['readtime'] == 1) { $uclass = ' list-group-item-danger'; } if ($row['readtime'] == 2) { $uclass = ' list-group-item-success'; } if ($row['initiated'] && $row['ended'] == 0) { $button = '<div class="pull-right"><a href="javascript:void(0)" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-comment"></span></a></div>'; } $useronline .= '<li class="list-group-item' . $uclass . '" title="' . $row['referrer'] . '">' . ls_cut_text($row["referrer"], 35, '...') . $button . '</li>'; } $useronline .= '</ul>'; } } $oponline = false; if ($obj['olist']) { $result = $lsdb->query('SELECT id, username, name, operatorchat FROM ' . DB_PREFIX . 'user WHERE available = 1 AND id != "' . smartsql($obj['uid']) . '" LIMIT 20'); if ($lsdb->affected_rows > 0) { $oponline = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { $opchat = ''; if ($obj['opcheck'] && $row['operatorchat']) { $opchat = ' <a href="javascript:void(0)" class="btn btn-info btn-xs rhino-oponline" data-user="******"><span class="glyphicon glyphicon-user"></span></a>'; } $oponline .= '<li class="list-group-item">' . $row['name'] . ' <span class="pull-right"><a href="index.php?p=uonline&sp=opstat&ssp=' . $row['id'] . '" data-toggle="modal" data-target="#generalModal" class="btn btn-info btn-xs"><span class="glyphicon glyphicon-stats"></span></a>' . $opchat . '</span></li>'; } $oponline .= '</ul>'; } } elseif (!$obj['olist'] && $obj['opcheck']) { $result = $lsdb->query('SELECT id, username, name FROM ' . DB_PREFIX . 'user WHERE available = 1 AND operatorchat = 1 AND id != "' . smartsql($obj['uid']) . '" LIMIT 20'); if ($lsdb->affected_rows > 0) { $oponline = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { $oponline .= '<li class="list-group-item">' . $row['name'] . ' <span class="pull-right"><a href="javascript:void(0)" class="btn btn-info btn-xs rhino-oponline" data-user="******"><span class="glyphicon glyphicon-user"></span></a></span></li>'; } $oponline .= '</ul>'; } } // Check if there is a new client, message or a transfer is awaiting for approval. $result = $lsdb->query('SELECT id, operatorid, answered, updated, transferid, transfermsg FROM ' . DB_PREFIX . 'sessions WHERE ' . $sqlw . 'operatorid = ' . smartsql($obj['uid']) . ' AND status = 1 OR department = 0 AND status = 1 AND operatorid = 0 OR transferid = ' . smartsql($obj['uid']) . ' AND status = 1'); if ($lsdb->affected_rows > 0) { while ($row = $result->fetch_assoc()) { // We have a transfer, need to display it! if ($row['transferid'] == $obj['uid']) { if ($row["transfermsg"]) { $split_transfer_msg = explode(':#:', $row["transfermsg"]); } // Display underneath the button $transfer_msg = '<div class="alert alert-danger"><span class="pull-right"><a href="javascript:void(0)" class="btn btn-xs btn-danger" onclick="acceptTransfer(0, ' . $row['transferid'] . ', ' . $row['id'] . ');"><span class="glyphicon glyphicon-remove"></span></a> <a href="javascript:void(0)" class="btn btn-xs btn-success" onclick="acceptTransfer(1, ' . $row['transferid'] . ', ' . $row['id'] . ');"><span class="glyphicon glyphicon-ok"></span></a></span><p>' . $tl['general']['g110'] . ' ' . $tl['general']['g12'] . ': ' . $split_transfer_msg[0] . '</p><p>' . $split_transfer_msg[1] . '</p></div>'; $transferid = $row['transferid']; } $newConv = 0; $scrollNow = 0; // check for new conversations if ($row['operatorid'] == 0) { $newConv = 1; } if ($row['operatorid'] > 0 && $row['updated'] > $row['answered']) { $newConv = 2; } if ($row['updated'] > time() - 6) { $scrollNow = 1; } } } else { $newConv = 0; $scrollNow = 0; $transferid = 0; $transfer_msg = 0; } // Only go for it if we want to if ($obj['convlist'] == 1) { // Now let's get the conversation list // remove timeout- prevents session duplication $timeout_remove = 43200; $new = array(); $updated = array(); $current = array(); $closed = array(); $count = 0; $result = $lsdb->query('SELECT t1.*, t2.title AS dep_title FROM ' . DB_PREFIX . 'sessions AS t1 LEFT JOIN ' . DB_PREFIX . 'departments AS t2 ON (t1.department = t2.id) WHERE ' . $sqlwc . 'operatorid = ' . smartsql($obj['uid']) . ' AND t1.status = 1 OR t1.department = 0 AND t1.status = 1 AND t1.operatorid = 0 OR t1.transferid = ' . smartsql($obj['uid']) . ' AND t1.status = 1 AND t1.operatorid != ' . smartsql($obj['uid']) . ' ORDER BY answered ASC'); if ($lsdb->affected_rows > 0) { while ($row = $result->fetch_assoc()) { if ($row['status']) { if (time() - $row['initiated'] > $timeout_remove && $row['answered'] == 0) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "System", message = "' . smartsql($tl['general']['g72']) . '", convid = "' . $row['id'] . '", time = NOW(), class = "notice"'); } elseif ($row['u_status'] && time() - $row['u_status'] > 30) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "System", message = "' . $row['name'] . ' ' . smartsql($tl['general']['g168']) . '", convid = "' . $row['id'] . '", time = NOW(), class = "notice"'); } elseif ($row['answered'] > $row['updated']) { if (time() - $row['u_status'] > 600) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "System", message = "' . smartsql($tl['general']['g72']) . '", convid = "' . $row['id'] . '", time = NOW(), class = "notice"'); } } // Get all available chats if ($row['updated'] > $row['answered']) { if ($row['operatorid'] == 0 && $row['answered'] == 0) { $new[$count]["name"] = $row['name']; $new[$count]["convid"] = $row['id']; $new[$count]["countrycode"] = $row['countrycode']; $new[$count]["referrer"] = $row['referrer']; $new[$count]["department"] = $row['dep_title']; $new[$count]["ip"] = $row['ip']; if ($row['u_typing']) { $new[$count]["typing"] = ' <span class="glyphicon glyphicon-pencil"></span>'; } } else { $updated[$count]["name"] = $row['name']; $updated[$count]["convid"] = $row['id']; $updated[$count]["countrycode"] = $row['countrycode']; $updated[$count]["referrer"] = $row['creferrer'] ? $row['creferrer'] : $row['referrer']; $updated[$count]["department"] = $row['dep_title']; $updated[$count]["updated"] = LS_base::lsTimesince($row['updated'], LS_DATEFORMAT, LS_TIMEFORMAT); if ($row['u_typing']) { $updated[$count]["typing"] = ' <span class="glyphicon glyphicon-pencil"></span>'; } } } elseif ($row['updated'] == 0 && $row['answered'] == 0) { $new[$count]["name"] = $row['name']; $new[$count]["convid"] = $row['id']; $new[$count]["countrycode"] = $row['countrycode']; $new[$count]["referrer"] = $row['referrer']; $new[$count]["department"] = $row['dep_title']; $new[$count]["ip"] = $row['ip']; if ($row['u_typing']) { $new[$count]["typing"] = ' <span class="glyphicon glyphicon-pencil"></span>'; } } else { $current[$count]["name"] = $row['name']; $current[$count]["convid"] = $row['id']; $current[$count]["countrycode"] = $row['countrycode']; $current[$count]["referrer"] = $row['creferrer'] ? $row['creferrer'] : $row['referrer']; $current[$count]["department"] = $row['dep_title']; $current[$count]["updated"] = LS_base::lsTimesince($row['answered'], LS_DATEFORMAT, LS_TIMEFORMAT); if ($row['u_typing']) { $current[$count]["typing"] = ' <span class="glyphicon glyphicon-pencil"></span>'; } } } $transfer_name = ''; // We have a transfer, need to display it! if ($row['transferid'] == $obj['uid']) { if ($row["transfermsg"]) { $split_transfer_msg = explode(':#:', $row["transfermsg"]); } // Display underneath the button $transfer_name = '<p>' . $tl['general']['g110'] . ' ' . $tl['general']['g12'] . ': ' . $split_transfer_msg[0] . '</p>'; } if ($row['transferid'] != 0 && $row['transferid'] != $obj['uid']) { $transfer_name = '<p>' . $tl['general']['g117'] . '</p>'; } if (!$row['status']) { if (time() - $row['ended'] > 300 && !$row['hide']) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET hide = 1 WHERE id = "' . $row['id'] . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "System", message = "' . smartsql($tl['general']['g73']) . '", convid = "' . $row['id'] . '", class = "notice"'); } else { if (!$row['hide']) { $closed[$count]["name"] = $row['name']; $closed[$count]["convid"] = $row['id']; } } } if ($row['hide']) { if (time() - $row['ended'] > $timeout_remove) { $lsdb->query('DELETE FROM ' . DB_PREFIX . 'transcript WHERE convid = "' . $row['id'] . '"'); $lsdb->query('DELETE FROM ' . DB_PREFIX . 'sessions WHERE id = "' . $row['id'] . '"'); } } $count = $count + 1; } shuffle($new); shuffle($updated); shuffle($current); sort($new); sort($updated); sort($current); $newTotal = count($new); $updatedTotal = count($updated); $currentTotal = count($current); if ($newTotal + $updatedTotal + $currentTotal == 0) { $this->send($user, json_encode(array("job" => "check_status", 'status' => 0, "html" => ""))); } for ($i = 0; $i < $newTotal; $i++) { $convlist .= '<div class="panel panel-success">'; $convlist .= '<div class="panel-heading"><img src="img/country/' . $new[$i]['countrycode'] . '.gif" /> <a href="javascript:void(0)" class="alert-link">' . $new[$i]["name"] . $new[$i]["typing"] . '</a> <div class="pull-right"><a href="javascript:void(0)" onclick="if(confirm(\'' . $tl["general"]["g203"] . '\')){ls.activeConv = ' . $new[$i]["convid"] . ';denyChat(ls.activeConv, ' . $obj['uid'] . ');}" class="btn btn-danger btn-xs"><span class="glyphicon glyphicon-ban-circle"></span></a> <a href="javascript:void(0)" onclick="ls.activeConv = ' . $new[$i]["convid"] . ';takeChat(ls.activeConv, ' . $obj['uid'] . ');" class="btn btn-success btn-xs"><span class="glyphicon glyphicon-comment"></span></a></div></div><div class="panel-body">'; $convlist .= $tl["general"]["g120"] . $new[$i]["department"] . '<br />' . $tl["general"]["g156"] . $new[$i]["referrer"] . '<br /><strong>' . $tl["general"]["g11"] . '</strong>: ' . $new[$i]["ip"]; $convlist .= '</div></div>'; } for ($i = 0; $i < $updatedTotal; $i++) { $convlist .= '<div class="panel panel-warning" onclick="activeConversation=true;loadchat=true;scrollchat=true;ls.activeConv=' . $updated[$i]["convid"] . ';getInfo(ls.activeConv);getInput(ls.activeConv);">'; $convlist .= '<div class="panel-heading"><img src="img/country/' . $updated[$i]['countrycode'] . '.gif" /> <a href="javascript:void(0)" class="alert-link">' . $updated[$i]["name"] . $updated[$i]["typing"] . '</a> <span class="badge pull-right">' . $updated[$i]['updated'] . '</span></div><div class="panel-body">'; $convlist .= $transfer_name; $convlist .= $tl["general"]["g120"] . $updated[$i]["department"] . '<br />' . $tl["general"]["g156"] . $updated[$i]["referrer"]; $convlist .= '</div></div>'; } for ($i = 0; $i < $currentTotal; $i++) { $convlist .= '<div class="panel panel-info" onclick="activeConversation=true;loadchat=true;scrollchat=true;ls.activeConv=' . $current[$i]["convid"] . ';getInfo(ls.activeConv);getInput(ls.activeConv);">'; $convlist .= '<div class="panel-heading"><img src="img/country/' . $current[$i]['countrycode'] . '.gif" /> <a href="javascript:void(0)">' . $current[$i]["name"] . $current[$i]["typing"] . '</a> <span class="badge pull-right">' . $current[$i]['updated'] . '</span></div><div class="panel-body">'; $convlist .= $transfer_name; $convlist .= $tl["general"]["g120"] . $current[$i]["department"] . '<br />' . $tl["general"]["g156"] . $current[$i]["referrer"]; $convlist .= '</div></div>'; } } else { $convlist = ''; } } else { $convlist = ''; } $this->send($user, json_encode(array("job" => "check_status", "useronline" => $useronline, "oponline" => $oponline, 'newc' => $newConv, 'scrollnow' => $scrollNow, 'tid' => $transferid, 'tmsg' => $transfer_msg, "conversation" => $convlist, "noconv" => $tl['general']['g79']))); break; case 'receive_messages': if (!is_numeric($obj['conv'])) { $chatmsg = ''; $statusmsg = false; $chatended = false; } else { $result = $lsdb->query('SELECT id, class, name, message, time FROM ' . DB_PREFIX . 'transcript WHERE convid = "' . smartsql($obj['conv']) . '" ORDER BY time ASC'); if ($lsdb->affected_rows > 0) { $chatmsg = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { $chatended = false; if ($row['class'] == "notice") { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said"><strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; } elseif ($row['class'] == "ended") { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said"><strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; $chatended = true; } else { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said">' . LS_base::lsTimesince($row['time'], LS_DATEFORMAT, LS_TIMEFORMAT) . ' - <strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; } } $chatmsg .= "</ul>"; $statusmsg = true; } } $this->send($user, json_encode(array("job" => "receive_messages", 'status' => $statusmsg, 'chatended' => $chatended, 'chat' => $chatmsg))); break; case 'send_message': if ($obj['conv'] == "open" || !is_numeric($obj['id']) && !is_numeric($obj['uid'])) { $this->send($user, json_encode(array("job" => "send_message", 'status' => 0, "html" => $tl['general']['g79']))); } else { $message = trim($obj['msg']); if (empty($message)) { $this->send($user, json_encode(array("job" => "send_message", 'status' => 0, "html" => $tl['error']['e1']))); } else { $result = $lsdb->query('SELECT * FROM ' . DB_PREFIX . 'sessions WHERE id = "' . smartsql($obj['id']) . '"'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); define('BASE_URL_IMG', str_replace($socket_url, SOCKET_SUBFOLDER_IF, BASE_URL)); $message = strip_tags($message); $message = filter_var($message, FILTER_SANITIZE_STRING); $message = trim($message); $message = replace_urls(nl2br($message)); if (LS_SMILIES) { require_once $final_url . 'class/class.smileyparser.php'; // More dirty custom work and smiley parser $smileyparser = new LS_smiley(); $message = $smileyparser->parseSmileytext($message); } if ($row['status'] == "closed" && !$row['hide']) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 1, updated = "' . $row['updated'] . '" WHERE id = "' . $obj['id'] . '"'); } if (!$row['hide']) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['oname']) . '", message = "' . smartsql($message) . '", user = "******", convid = "' . $obj['id'] . '", time = NOW(), class = "admin"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET answered = "' . time() . '", o_typing = 0 WHERE id = "' . $obj['id'] . '"'); $this->send($user, json_encode(array("job" => "send_message", 'status' => 1, 'conv' => $row['id']))); } elseif ($row['hide']) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['oname']) . '", message = "' . smartsql($tl['general']['g64']) . '", convid = "' . $obj['id'] . '", class = "notice"'); $this->send($user, json_encode(array("job" => "send_message", 'status' => 1, 'conv' => $row['id']))); } else { $this->send($user, json_encode(array("job" => "send_message", 'status' => 0, "html" => $tl['error']['e1']))); } } } } break; case 'op_typing': if (is_numeric($obj['conv'])) { if ($obj['status'] == 1) { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET o_typing = 1 WHERE id = "' . smartsql($obj['conv']) . '"'); } else { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET o_typing = 0 WHERE id = "' . smartsql($obj['conv']) . '"'); } if ($result) { $this->send($user, json_encode(array('job' => 'op_typing', 'tid' => 1))); } else { $this->send($user, json_encode(array('job' => 'op_typing', 'tid' => 0))); } } else { $this->send($user, json_encode(array('job' => 'op_typing', "tid" => 0))); } break; default: } } // User Area } else { // Import the language file if ($BT_LANGUAGE && file_exists($final_url . 'lang/' . $BT_LANGUAGE . '.ini')) { $tl = parse_ini_file($final_url . 'lang/' . $BT_LANGUAGE . '.ini', true); $lang = $BT_LANGUAGE; } elseif (!$BT_LANGUAGE && file_exists($final_url . 'lang/' . LS_LANG . '.ini')) { $tl = parse_ini_file($final_url . 'lang/' . LS_LANG . '.ini', true); $lang = LS_LANG; } else { $tl = parse_ini_file($final_url . 'lang/en.ini', true); $lang = 'en'; } global $LV_DEPARTMENTS; // Get the user session id $rlbid = $obj['sessid']; // Get the proactive cookie $cookproactive = "run"; if ($obj['proact'] == 1) { $cookproactive = "donotrun"; } // Check if user is chatting... $result = $lsdb->query('SELECT id, userid FROM ' . DB_PREFIX . 'sessions WHERE session = "' . smartsql($rlbid) . '" AND status = 1 LIMIT 1'); if ($lsdb->affected_rows == 1) { $row = $result->fetch_assoc(); $usrid = $row['userid']; $usr_status = true; } else { $usrid = 0; $usr_status = false; } switch ($obj['job']) { case 'check_slide_up': // Get the department $dep = ''; if (is_numeric($obj['did'])) { $dep = '&dep=' . $obj['did']; } if (is_numeric($obj['opid'])) { $dep .= '&opid=' . $obj['opid']; } // Now let's check if we want to hide the chat when offline $chi = false; $onoff = online_operators($LV_DEPARTMENTS, $obj['did'], $obj['opid']) ? true : false; if ($obj['chi'] == 1) { $chi = !$onoff; } if ($usr_status) { $this->send($user, json_encode(array("job" => "check_slide_up", "status" => true, "onoff" => $onoff, "chi" => $chi, "form" => '<iframe seamless="seamless" class="jrc_ichat" scrolling="no" frameborder="0" src="' . str_replace($socket_url, SOCKET_SUBFOLDER_IF, BASE_URL) . '/index.php?p=chat&slide=1&lang=' . $lang . $dep . '"></iframe>'))); } else { if ($onoff) { $this->send($user, json_encode(array("job" => "check_slide_up", "status" => false, "onoff" => $onoff, "chi" => $chi, "form" => '<iframe seamless="seamless" class="jrc_ichat" scrolling="no" frameborder="0" src="' . str_replace($socket_url, SOCKET_SUBFOLDER_IF, BASE_URL) . '/index.php?p=start&slide=1&lang=' . $lang . $dep . '"></iframe>'))); } else { $this->send($user, json_encode(array("job" => "check_slide_up", "status" => false, "onoff" => $onoff, "chi" => $chi, "form" => '<iframe seamless="seamless" class="jrc_ichat" scrolling="no" frameborder="0" src="' . str_replace($socket_url, SOCKET_SUBFOLDER_IF, BASE_URL) . '/index.php?p=contact&slide=1&lang=' . $lang . $dep . '"></iframe>'))); } } break; case 'check_proactive': $proactive = true; $lvs_departments = true; $newConv = 0; $newMSG = ''; if ($obj['slide']) { $lvs_departments = online_operators($LV_DEPARTMENTS, $obj['did'], $obj['opid']) ? true : false; } if ($usr_status) { // Update the status for better user handling $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET u_status = "' . time() . '" WHERE session = "' . smartsql($rlbid) . '" AND status != "closed"'); $result = $lsdb->query('SELECT id FROM ' . DB_PREFIX . 'sessions AS t1 WHERE session = "' . smartsql($rlbid) . '" AND (answered > updated) AND status != "closed"'); if ($lsdb->affected_rows > 0) { $newConv = 1; $newMSG = $tl["general"]["g22"]; } } if ($lvs_departments) { if ($cookproactive == "run") { // Check if we have an auto proactive $result = $lsdb->query('SELECT t1.message, t1.showalert, t1.wayin, t1.wayout FROM ' . DB_PREFIX . 'autoproactive AS t1 LEFT JOIN ' . DB_PREFIX . 'buttonstats AS t2 ON (t1.path = t2.referrer) WHERE t2.readtime = 0 AND t2.session = "' . smartsql($rlbid) . '" AND t2.hits >= t1.visitedsites AND UNIX_TIMESTAMP(t2.lasttime) <= (UNIX_TIMESTAMP() - t1.timeonsite)'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); $proactive = false; $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'buttonstats SET proactive = 999, message = "' . smartsql($row['message']) . '", readtime = 0 WHERE session = "' . smartsql($rlbid) . '"'); $this->send($user, json_encode(array('job' => 'check_proactive', 'proactive' => true, "offline" => false, 'message' => $row['message'], 'showalert' => $row['showalert'], 'wayin' => $row['wayin'], 'wayout' => $row['wayout'], "newmsg" => $newConv, "newmsghtml" => $newMSG))); } } if ($proactive) { // Check if we have an manual proactive $result = $lsdb->query('SELECT message FROM ' . DB_PREFIX . 'buttonstats WHERE proactive = 1 AND session = "' . smartsql($rlbid) . '" AND readtime = 0'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); $this->send($user, json_encode(array('job' => 'check_proactive', 'proactive' => true, "offline" => false, 'message' => $row['message'], 'showalert' => LS_PRO_ALERT, 'wayin' => LS_PRO_WAYIN, 'wayout' => LS_PRO_WAYOUT, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } else { $this->send($user, json_encode(array('job' => 'check_proactive', 'proactive' => false, "offline" => false, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } } } else { $this->send($user, json_encode(array('job' => 'check_proactive', 'proactive' => false, "offline" => true, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } break; case 'receive_messages': if (is_numeric($obj['sid']) && $obj['uid'] == $usrid) { // Get the special lang var once for the time define('LS_DAY', $tl['general']['g17']); define('LS_HOUR', $tl['general']['g18']); define('LS_MINUTE', $tl['general']['g19']); define('LS_MULTITIME', $tl['general']['g20']); define('LS_AGO', $tl['general']['g21']); $result = $lsdb->query('SELECT * FROM ' . DB_PREFIX . 'transcript WHERE convid = "' . smartsql($obj['sid']) . '" AND plevel = 1 ORDER BY time ASC'); if ($lsdb->affected_rows > 0) { $chat = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { $chat .= '<li class="list-group-item ' . $row['class'] . '"><span class="response_sum">' . LS_base::lsTimesince($row['time'], LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $row['name'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($row['message']) . '</li>'; } $chat .= "</ul>"; $this->send($user, json_encode(array('job' => 'receive_messages', "status" => 1, "html" => $chat))); } } else { $this->send($user, json_encode(array('job' => 'receive_messages', "status" => 0, "html" => ""))); } break; case 'check_chat_status': if (is_numeric($obj['sid']) && $obj['uid'] == $usrid) { $otyping = false; $knockknock = false; $opern = $tl['general']['g59']; $result = $lsdb->query('SELECT t1.id, t1.operatorid, t1.initiated, t1.answered, t1.updated, t1.sendfiles, t1.o_typing, t1.msg_status, t1.denied, t2.name, t2.picture FROM ' . DB_PREFIX . 'sessions AS t1 LEFT JOIN ' . DB_PREFIX . 'user AS t2 ON(t1.operatorid = t2. id) WHERE userid = "' . smartsql($obj['uid']) . '"'); if ($lsdb->affected_rows > 0) { $newConv = 0; $scrollNow = 0; $operatorid = 0; $showinput = 0; $row = $result->fetch_assoc(); // Get the knock knock if ($row['knockknock'] == 1) { $knockknock = $tl["general"]["g22"]; } // Update the status for better user handling $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET u_status = "' . time() . '", knockknock = 0 WHERE id = "' . $row['id'] . '"'); if ($row['denied'] == 1) { $result = $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['una']) . '", message = "' . smartsql($tl['general']['g57']) . '", user = "******", convid = "' . $row['id'] . '", time = NOW(), class = "ended"'); $this->send($user, json_encode(array('job' => 'check_chat_status', 'redirect_c' => true))); } if ($row['answered'] == 0 && $row['msg_status'] == 0 && $row['initiated'] < time() - 60) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($tl["general"]["g56"]) . '", message = "' . smartsql($tl["general"]["g69"]) . '", convid = "' . $row['id'] . '", time = NOW(), class = "admin"'); // update db that we sent the waiting message $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET msg_status = 1 WHERE id = "' . $row['id'] . '"'); $newConv = 1; $scrollNow = 1; } if ($row['answered'] == 0 && $row['msg_status'] == 1 && $row['initiated'] < time() - 180) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($tl["general"]["g56"]) . '", message = "' . smartsql($tl["general"]["g70"]) . '", convid = "' . $row['id'] . '", time = NOW(), class = "admin"'); // update db that we sent the waiting message $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET msg_status = 2 WHERE id = "' . $row['id'] . '"'); $newConv = 1; $scrollNow = 1; } if ($row['answered'] == 0 && $row['msg_status'] == 2 && $row['initiated'] < time() - 480 && LS_WAIT_MESSAGE3 == 1) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, fcontact = 1, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $result = $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['una']) . '", message = "' . smartsql($tl['general']['g57']) . '", user = "******", convid = "' . $row['id'] . '", time = NOW(), class = "ended"'); $this->send($user, json_encode(array('job' => 'check_chat_status', 'redirect_c' => true))); } // Check the rest if ($row['answered'] > $row['updated']) { $newConv = 1; } if ($row['answered'] > time() - 6) { $scrollNow = 1; } if ($row['operatorid']) { $operatorid = 1; } if ($row['o_typing']) { $otyping = str_replace("%s", $row['name'], $tl["general"]["g37"]); } if ($row['name']) { $opern = $tl["general"]["g52"] . ': ' . $row['name']; } if ($row['answered'] != 0) { $showinput = 1; } $this->send($user, json_encode(array('job' => 'check_chat_status', 'redirect_c' => false, 'knockknock' => $knockknock, 'operator' => $operatorid, 'newmsg' => $newConv, 'scrollnow' => $scrollNow, 'files' => $row['sendfiles'], 'typing' => $otyping, 'oname' => $opern, 'opicture' => $row['picture'], 'showinput' => $showinput))); } else { $this->send($user, json_encode(array('job' => 'check_chat_status', 'redirect_c' => false, 'knockknock' => $knockknock, 'operator' => 0, 'newmsg' => 0, 'scrollnow' => 0, 'files' => 0, 'typing' => $otyping, 'oname' => false, 'opicture' => false, 'showinput' => false))); } } else { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $this->send($user, json_encode(array('job' => 'check_chat_status', "redirect_c" => false))); } break; case 'send_message': if (is_numeric($obj['sid']) && $obj['uid'] == $usrid) { $message = strip_tags($obj['msg']); if ($message) { $result = $lsdb->query('SELECT * FROM ' . DB_PREFIX . 'sessions WHERE userid = "' . smartsql($obj['uid']) . '"'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); define('BASE_URL_IMG', str_replace($socket_url, SOCKET_SUBFOLDER_IF, BASE_URL)); $message = filter_var($message, FILTER_SANITIZE_STRING); $message = trim($message); $message = nl2br(replace_urls($message)); if (LS_SMILIES) { require_once $final_url . 'class/class.smileyparser.php'; // More dirty custom work and smiley parser $smileyparser = new LS_smiley(); $message = $smileyparser->parseSmileytext($message); } if ($row['status'] && $message != "") { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['una']) . '", message = "' . smartsql($message) . '", user = "******", convid = "' . smartsql($obj['sid']) . '", time = NOW(), class = "user"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET updated = "' . time() . '", u_typing = 0 WHERE userid = "' . smartsql($obj['uid']) . '"'); $this->send($user, json_encode(array('job' => 'send_message', "status" => 1, "msg" => '<li class="list-group-item user"><span class="response_sum">' . LS_base::lsTimesince(time(), LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $obj['una'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($message) . '</li>'))); } elseif (!$row['status'] && !$row['hide']) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['una']) . '", message = "' . smartsql($message) . '", user = "******", convid = "' . smartsql($obj['sid']) . '", time = NOW(), class = "user"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET updated = "' . time() . '", ended = 0, status = 1, u_typing = 0 WHERE userid = "' . smartsql($obj['uid']) . '"'); $this->send($user, json_encode(array('job' => 'send_message', "status" => 1, "msg" => '<li class="list-group-item user"><span class="response_sum">' . LS_base::lsTimesince(time(), LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $obj['una'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($message) . '</li>'))); } elseif (!$row['status']) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($obj['una']) . '", message = "' . smartsql($tl['general']['g13']) . '", user = "******", convid = "' . smartsql($obj['sid']) . '", time = NOW(), class = "notice"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET updated = "' . time() . '", ended = 0, u_typing = 0 WHERE userid = "' . smartsql($obj['uid']) . '"'); $this->send($user, json_encode(array('job' => 'send_message', "status" => 1, "msg" => '<li class="list-group-item notice"><span class="response_sum">' . LS_base::lsTimesince(time(), LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $obj['una'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($tl['general']['g13']) . '</li>'))); } else { $this->send($user, json_encode(array('job' => 'send_message', "status" => 0, "msg" => $tl['error']['e2']))); } } } else { $this->send($user, json_encode(array('job' => 'send_message', "status" => 0, "msg" => $tl['error']['e2']))); } } else { $this->send($user, json_encode(array('job' => 'send_message', "status" => 0, "msg" => $tl['error']['e2']))); } break; case 'usr_typing': if (is_numeric($obj['sid']) && $obj['uid'] == $usrid) { if ($obj['status'] == 1) { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET u_typing = 1 WHERE id = "' . smartsql($obj['sid']) . '"'); } else { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET u_typing = 0 WHERE id = "' . smartsql($obj['sid']) . '"'); } if ($result) { $this->send($user, json_encode(array('job' => 'usr_typing', 'tid' => 1))); } else { $this->send($user, json_encode(array('job' => 'usr_typing', 'tid' => 0))); } } else { $this->send($user, json_encode(array('job' => 'usr_typing', "tid" => 0))); } break; default: } } }
<?php /*======================================================================*\ || #################################################################### || || # Rhino Socket 2.0 # || || # ---------------------------------------------------------------- # || || # Copyright 2014 Rhino All Rights Reserved. # || || # This file may not be redistributed in whole or significant part. # || || # ---------------- Rhino IS NOT FREE SOFTWARE ---------------- # || || # http://www.livesupportrhino.com # || || #################################################################### || \*======================================================================*/ if (!file_exists('../../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['lc_idhash'])) { die("Nothing to see here"); } if (!is_numeric($_POST['id'])) { die("There is no such user!"); } $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'user SET lastactivity = "' . time() . '" WHERE id = "' . smartsql($_POST['id']) . '"');
session_start(); if (!file_exists('../config.php')) { die('ajax/[retrieve.php] config.php not exist'); } require_once '../config.php'; // Import the language file if (file_exists(APP_PATH . 'lang/' . LS_LANG . '.ini')) { $tl = parse_ini_file(APP_PATH . 'lang/' . LS_LANG . '.ini', true); } else { $tl = parse_ini_file(APP_PATH . 'lang/en.ini', true); } // Get the special lang var once for the time define('LS_DAY', $tl['general']['g17']); define('LS_HOUR', $tl['general']['g18']); define('LS_MINUTE', $tl['general']['g19']); define('LS_MULTITIME', $tl['general']['g20']); define('LS_AGO', $tl['general']['g21']); if (!$_SERVER['HTTP_X_REQUESTED_WITH'] || !isset($_SESSION['jrc_userid'])) { die(json_encode(array("status" => 0, "html" => ""))); } if (is_numeric($_POST['id']) && $_SESSION['jrc_userid'] == $_POST['userid']) { $result = $lsdb->query('SELECT * FROM ' . DB_PREFIX . 'jrc_transcript WHERE convid = "' . smartsql($_POST['id']) . '" ORDER BY time ASC'); if ($lsdb->affected_rows > 0) { $chat = '<ul>'; while ($row = $result->fetch_assoc()) { $chat .= '<li class="' . $row['class'] . '"><span class="response_sum">' . LS_base::lsTimesince($row['time'], LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $row['name'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($row['message']) . '</li>'; } $chat .= "</ul>"; echo json_encode(array("status" => 1, "html" => $chat)); } }
$result = $lsdb->query($sql); } if (!$result) { ls_redirect(BASE_URL . 'index.php?p=error&sp=mysql'); } else { ls_redirect(BASE_URL . 'index.php?p=success'); } } if (isset($defaults['search'])) { if (strlen($defaults['jakSH']) < 3) { $errors['e'] = $tl['search']['s']; } if (count($errors) > 0) { $errors = $errors; } else { $searchword = smartsql(strip_tags($defaults['jakSH'])); if (!ls_get_access("leads_all", $lsuser->getVar("permissions"), LS_SUPERADMINACCESS)) { $sqlw = 't1.operatorid = "' . LS_USERID_RHINO . '" AND '; } // The Query $result = $lsdb->query('SELECT t1.id, t1.operatorname as username, t1.name, t1.email, t1.department, t1.operatorid, t1.ip, t1.initiated, t1.fcontact, t1.notes, t1.countrycode, t1.country, t1.city, t3.title FROM ' . $lstable . ' AS t1 LEFT JOIN ' . $lstable1 . ' AS t2 ON (t1.id = t2.convid) LEFT JOIN ' . DB_PREFIX . 'departments AS t3 ON (t1.department = t3.id) WHERE ' . $sqlw . '(t1.name like "%' . $searchword . '%" OR t1.email like "%' . $searchword . '%" OR t2.message like "%' . $searchword . '%") GROUP BY t1.id ORDER BY t1.initiated DESC LIMIT 10'); while ($row = $result->fetch_assoc()) { $allLeads[] = $row; } // Ouput all leads, well with paginate of course if (is_array($allLeads)) { $LEADS_ALL = $allLeads; $searchstatus = true; } else { $errors['e1'] = $tl['search']['s2']; $errors = $errors;
break; default: if ($_SERVER['REQUEST_METHOD'] == 'POST') { $defaults = $_POST; if (isset($_POST['insert_department'])) { if (empty($defaults['title'])) { $errors['e'] = $tl['error']['e2']; } if ($defaults['email'] != '' && !filter_var($defaults['email'], FILTER_VALIDATE_EMAIL)) { $errors['e1'] = $tl['error']['e3']; } if (count($errors) == 0) { $result = $lsdb->query('INSERT INTO ' . $lstable . ' SET title = "' . smartsql($defaults['title']) . '", description = "' . smartsql($defaults['description']) . '", email = "' . smartsql($defaults['email']) . '", dorder = 2, time = NOW()'); if (!$result) { ls_redirect(BASE_URL . 'index.php?p=error&sp=mysql'); } else { // Now let us delete the define cache file $cachestufffile = '../' . LS_CACHE_DIRECTORY . '/stuff.php'; if (file_exists($cachestufffile)) { unlink($cachestufffile); } ls_redirect(BASE_URL . 'index.php?p=success'); } // Output the errors } else { $errors = $errors;
if (!file_exists('../../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['idhash'])) { die("Nothing to see here"); } if (file_exists(APP_PATH . 'operator/lang/' . LS_LANG . '.ini')) { $tl = parse_ini_file(APP_PATH . 'operator/lang/' . LS_LANG . '.ini', true); } else { trigger_error('Translation file not found'); } if (!is_numeric($_POST['id'])) { die(json_encode(array('status' => 1, "html" => $tl['general']['g79']))); } $result = $lsdb->query('SELECT name, email, convid, initiated FROM ' . DB_PREFIX . 'jrc_sessions WHERE convID = "' . smartsql($_POST['id']) . '"'); if ($lsdb->affected_rows > 0) { $row = $result->fetch_assoc(); $ts = $row['initiated']; $ts = strftime("%X %P", $ts); $userinfo = '<table class="table table-bordered"> <tr> <th>' . $tl['user']['u'] . '</th> <th>' . $tl['user']['u1'] . '</th> <th>' . $tl['general']['g61'] . '</th> </tr><tr> <td>' . $row['name'] . '</td> <td>' . $row['email'] . '</td> <td><a data-toggle="modal" href="ajax/delconv.php?id=' . $row['convid'] . '" data-target="#inchatModal">' . $tl['general']['g62'] . '</a></td> </tr> </table>';
message = "' . smartsql($message) . '", user = "******", convid = "' . smartsql($_POST['conv']) . '", time = NOW(), class = "user"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET updated = "' . time() . '", ended = 0, status = 1, u_typing = 0 WHERE userid = "' . smartsql($_POST['userid']) . '"'); die(json_encode(array("status" => 1, "html" => '<li class="list-group-item user"><span class="response_sum">' . LS_base::lsTimesince(time(), LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $_POST['name'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($message) . '</li>'))); } elseif (!$row['status']) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($_POST['name']) . '", message = "' . smartsql($tl['general']['g13']) . '", user = "******", convid = "' . smartsql($_POST['conv']) . '", time = NOW(), class = "notice"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET updated = "' . time() . '", ended = 0, u_typing = 0 WHERE userid = "' . smartsql($_POST['userid']) . '"'); die(json_encode(array("status" => 1, "html" => '<li class="list-group-item notice"><span class="response_sum">' . LS_base::lsTimesince(time(), LS_DATEFORMAT, LS_TIMEFORMAT) . ' ' . $_POST['name'] . ' ' . $tl['general']['g14'] . ' :</span><br />' . stripcslashes($tl['general']['g13']) . '</li>'))); } else { die(json_encode(array("status" => 0, "html" => $tl['error']['e2']))); } } }
} if (!is_numeric($_GET['id'])) { die("There is no such user!"); } $sqlw = ''; // Now only get the department for the user if ($_SESSION['usr_department'] && is_numeric($_SESSION['usr_department'])) { $sqlw = 'department = ' . smartsql($_SESSION['usr_department']) . ' AND status = 1 AND operatorid = 0 OR '; } if ($_SESSION['usr_department']) { $sqlw = 'department IN(' . smartsql($_SESSION['usr_department']) . ') AND status = 1 AND operatorid = 0 OR '; } if ($_SESSION['usr_department'] == 0) { $sqlw = 'department >= 0 AND status = 1 AND operatorid = 0 OR '; } $result = $lsdb->query('SELECT id, operatorid, answered, updated, transferid, transfermsg FROM ' . DB_PREFIX . 'sessions WHERE ' . $sqlw . 'operatorid = ' . smartsql($_GET['id']) . ' AND status = 1 OR department = 0 AND status = 1 AND operatorid = 0 OR transferid = ' . smartsql($_GET['id']) . ' AND status = 1'); if ($lsdb->affected_rows > 0) { while ($row = $result->fetch_assoc()) { // We have a transfer, need to display it! if ($row['transferid'] == $_GET['id']) { if ($row["transfermsg"]) { $split_transfer_msg = explode(':#:', $row["transfermsg"]); } // Display underneath the button $transfer_msg = '<p>' . $split_transfer_msg[1] . ' <a href="javascript:void(0)" onclick="acceptTransfer(0, ' . $row['transferid'] . ', ' . $row['id'] . ');"><span class="glyphicon glyphicon-remove"></span></a> <a href="javascript:void(0)" onclick="acceptTransfer(1, ' . $row['transferid'] . ', ' . $row['id'] . ');"><span class="glyphicon glyphicon-ok"></span></a></p>'; $transferid = $row['transferid']; } $newConv = 0; // check for new conversations if ($row['operatorid'] == 0) { $newConv = 1;
public static function lsWriteloginlog($username, $url, $ip, $agent, $success) { global $lsdb; if ($success == 1) { $lsdb->query('UPDATE ' . DB_PREFIX . 'loginlog SET access = 1 WHERE ip = "' . smartsql($ip) . '" AND time = NOW()'); } else { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'loginlog SET name = "' . smartsql($username) . '", fromwhere = "' . smartsql($url) . '", ip = "' . smartsql($ip) . '", usragent = "' . smartsql($agent) . '", time = NOW(), access = 0'); } }
} // add entry to sql $result = $lsdb->query('INSERT INTO ' . DB_PREFIX . 'jrc_sessions SET userid = "' . smartsql($userid) . '", name = "' . smartsql($_SESSION['jrc_name']) . '", email = "' . smartsql($_SESSION['guest_email']) . '", initiated = "' . time() . '", status = 1, contact = ' . $contactme); if ($result) { $cid = $lsdb->ls_last_id(); $_SESSION['jrc_convid'] = $cid; $lsdb->query('UPDATE ' . DB_PREFIX . 'jrc_sessions SET convid = "' . $cid . '" WHERE userid = "' . smartsql($_SESSION['jrc_userid']) . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'jrc_transcript SET name = "Admin", message = "' . smartsql(LS_WELCOME_MESSAGE) . '", convid = "' . $cid . '", time = NOW(), class = "admin"'); } // Redirect page $gochat = LS_rewrite::lsParseurl('chat', '', '', '', ''); /* Outputtng the error messages */ if ($_SERVER['HTTP_X_REQUESTED_WITH']) { header('Cache-Control: no-cache'); echo json_encode(array('login' => 1, 'link' => $gochat)); exit; } ls_redirect($gochat); } }
if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['insert_response'])) { $defaults = $_POST; if (empty($_FILES['uploadedfile']['name'])) { $errors['e'] = $tl['error']['e13']; } if (empty($defaults['name'])) { $errors['e1'] = $tl['error']['e7']; } if (count($errors) == 0) { $target_path = '../' . LS_FILES_DIRECTORY . '/' . $_FILES['uploadedfile']['name']; $db_path = LS_FILES_DIRECTORY . '/' . $_FILES['uploadedfile']['name']; if (move_uploaded_file($_FILES['uploadedfile']['tmp_name'], $target_path)) { $result = $lsdb->query('INSERT INTO ' . $lstable . ' SET path = "' . $db_path . '", name = "' . smartsql($defaults['name']) . '", description = "' . smartsql($defaults['description']) . '"'); } if (!$result) { ls_redirect(BASE_URL . 'index.php?p=error&sp=mysql'); } else { // Now let us delete the stuff cache file $cachestufffile = '../' . LS_CACHE_DIRECTORY . '/stuff.php'; if (file_exists($cachestufffile)) { unlink($cachestufffile); } ls_redirect(BASE_URL . 'index.php?p=success'); } // Output the errors } else { $errors = $errors; }
<?php /*======================================================================*\ || #################################################################### || || # Rhino Socket 2.0 # || || # ---------------------------------------------------------------- # || || # Copyright 2014 Rhino All Rights Reserved. # || || # This file may not be redistributed in whole or significant part. # || || # ---------------- Rhino IS NOT FREE SOFTWARE ---------------- # || || # http://www.livesupportrhino.com # || || #################################################################### || \*======================================================================*/ $JAK_CALL_ADMIN_USER = true; if (!file_exists('../../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['lc_idhash'])) { die("Nothing to see here"); } if (is_numeric($_POST['id']) && is_numeric($_POST['userid'])) { // Now cancel the chat $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET denied = 1, deniedoid = "' . smartsql($_POST['userid']) . '", status = 0, ended = "' . time() . '" WHERE id = "' . smartsql($_POST['id']) . '"'); if ($result) { echo json_encode(array('cid' => $_POST['id'])); } } else { echo json_encode(array('cid' => 0)); }
} break; case 'truncate': if (!LS_SUPERADMINACCESS) { ls_redirect(BASE_URL); } $result = $lsdb->query('TRUNCATE ' . $lstable); if (!$result) { ls_redirect(BASE_URL . 'index.php?p=error&sp=mysql'); } else { ls_redirect(BASE_URL . 'index.php?p=success'); } break; default: // Now only get the department for the user if ($_SESSION['usr_department'] && is_numeric($_SESSION['usr_department'])) { $sqluo = ' WHERE depid = ' . smartsql($_SESSION['usr_department']); } if ($_SESSION['usr_department']) { $sqluo = ' WHERE depid IN(' . smartsql($_SESSION['usr_department']) . ')'; } if ($_SESSION['usr_department'] == 0) { $sqluo = ' WHERE depid >= 0'; } $total = $lsdb->query('SELECT COUNT(*) as totalAll FROM ' . $lstable . $sqluo); $rowt = $total->fetch_assoc(); //break total records into pages $total_pages = ceil($rowt['totalAll'] / 20); // Call the template $template = 'uonline.php'; }
} if ($row['answered'] == 0 && $_SESSION['chat_wait'] == "sent" && $row['initiated'] < time() - 180) { $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($tl["general"]["g56"]) . '", message = "' . smartsql($tl["general"]["g70"]) . '", convid = "' . $row['id'] . '", time = NOW(), class = "admin"'); $_SESSION['chat_wait'] = 'sent2'; } if ($row['answered'] == 0 && $_SESSION['chat_wait'] == "sent2" && $row['initiated'] < time() - 480 && LS_WAIT_MESSAGE3 == 1) { $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET status = 0, fcontact = 1, ended = "' . time() . '" WHERE id = "' . $row['id'] . '"'); $result = $lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . smartsql($_SESSION['jrc_name']) . '", message = "' . smartsql($tl['general']['g57']) . '", user = "******", convid = "' . $row['id'] . '", time = NOW(), class = "ended"'); die(json_encode(array('redirect_c' => true))); } $newConv = 0; $scrollNow = 0; $operatorid = 0; $showinput = 0; if ($row['answered'] > $row['updated']) { $newConv = 1; } if ($row['answered'] > time() - 6) { $scrollNow = 1; }
exit(json_encode(array('proactive' => true, 'offline' => false, 'message' => $row['message'], 'showalert' => LS_PRO_ALERT, 'wayin' => LS_PRO_WAYIN, 'wayout' => LS_PRO_WAYOUT, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } else { exit(json_encode(array('proactive' => false, 'offline' => false, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } } } else { exit(json_encode(array('proactive' => false, 'offline' => true, "newmsg" => $newConv, "newmsghtml" => $newMSG))); } break; case 'close': setcookie("proactive", 1, time() + 86400 * 3, LS_COOKIE_PATH); $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'buttonstats SET readtime = 1 WHERE session = "' . smartsql($_SESSION['rlbid']) . '" AND readtime = 0'); if ($result) { exit(json_encode(array('proactive' => true))); } else { exit(json_encode(array('proactive' => false))); } break; case 'open': setcookie("proactive", 1, time() + 86400 * 3, LS_COOKIE_PATH); $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'buttonstats SET readtime = 2 WHERE session = "' . smartsql($_SESSION['rlbid']) . '" AND readtime = 0'); if ($result) { $web_url = str_replace('include/', '', BASE_URL); exit(json_encode(array('openchat' => true, 'url' => $web_url, 'windowname' => LS_TITLE, "form" => '<iframe seamless="seamless" class="jrc_ichat" frameborder="0" src="' . str_replace('include/', '', BASE_URL) . 'index.php?p=start&lang=' . $lang . '&slide=' . $_POST['slide'] . $dep . '"></iframe>'))); } else { exit(json_encode(array('openchat' => false))); } break; default: exit(json_encode(array('proactive' => false, 'offline' => true))); }
|| # ---------------- Rhino IS NOT FREE SOFTWARE ---------------- # || || # http://www.livesupportrhino.com # || || #################################################################### || \*======================================================================*/ // Start the session session_start(); if (!file_exists('../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH']) { die("Nothing to see here"); } if (!isset($_POST['id']) && !isset($_SESSION['jrc_userid'])) { die("There is no such user!"); } $result = $lsdb->query('SELECT answered, updated, o_typing FROM ' . DB_PREFIX . 'jrc_sessions WHERE status = 1 AND userid = "' . smartsql($_POST['id']) . '"'); $row = $result->fetch_assoc(); if ($lsdb->affected_rows > 0) { $newConv = 0; $showinput = 0; if ($row['answered'] > $row['updated']) { $newConv = 1; } if ($row['answered'] != 0) { $showinput = 1; } echo json_encode(array('newmsg' => $newConv, 'typing' => $row['o_typing'], 'showinput' => $showinput)); } else { echo json_encode(array('newmsg' => 0, 'typing' => $row['o_typing'], 'showinput' => $showinput)); }
// Now let us delete the define cache file $cachestufffile = '../' . LS_CACHE_DIRECTORY . '/stuff.php'; if (file_exists($cachestufffile)) { unlink($cachestufffile); } ls_redirect(BASE_URL . 'index.php?p=success'); } // Output the errors } else { $errors = $errors; } } $RESPONSES_ALL = ls_get_page_info($lstable, '', ''); if ($_SERVER['REQUEST_METHOD'] == 'POST' && isset($_POST['insert_lic'])) { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'setting SET value = CASE varname WHEN "o_number" THEN "' . smartsql($_POST['license']) . '" END WHERE varname IN ("o_number")'); // Now let us delete the define cache file $cachedefinefile = '../' . LS_CACHE_DIRECTORY . '/define.php'; if (file_exists($cachedefinefile)) { unlink($cachedefinefile); } ls_redirect(BASE_URL . 'index.php?p=success'); } $pos = strpos(LS_O_NUMBER, 'O-'); if ($pos === false) { $email_body = 'URL: ' . BASE_URL . '<br />Email: ' . LS_EMAIL . '<br />License: ' . LS_O_NUMBER; // Send the email to the customer $mail = new PHPMailer(); // defaults to using php "mail()"
// Get the name from the user for the welcome message $LS_WELCOME_NAME = $lsuser->getVar("name"); } else { define('LS_OPERATORACCESS', false); } // Now get the forgot password link into the right shape $P_FORGOT_PASS_ADMIN = LS_rewrite::lsParseurl($tl['login']['l12'], '', '', '', ''); // Delete the conversation if whish so if (isset($_POST['delete_conv'])) { // check to see if conversation is to be stored $result = $lsdb->query('SELECT convid, name, email, contact FROM ' . DB_PREFIX . 'jrc_sessions WHERE convid = "' . $_POST['id'] . '"'); $row = $result->fetch_assoc(); $lsdb->query('UPDATE ' . DB_PREFIX . 'jrc_sessions SET status = 0, ended = "' . time() . '", hide = 1 WHERE convid = "' . $row['convid'] . '"'); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'jrc_transcript SET name = "' . $lsuser->getVar("name") . '", message = "' . smartsql($tl['general']['g63']) . '", user = "******"username") . '", convid = "' . $row['convid'] . '", time = NOW(), class = "notice"'); } $checkp = 0; if (!isset($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = ''; } // home if ($page == '') { #show login page only if the admin is not logged in #else show homepage if (!LS_USERID_RHINO) { require_once 'login.php';
if (DB_USER && DB_PASS) { $lsdb = new ls_mysql(DB_HOST, DB_USER, DB_PASS, DB_NAME, DB_PORT); $lsdb->set_charset("utf8"); } // The new password encrypt with hash_hmac $passcrypt = hash_hmac('sha256', $_POST['pass'], DB_PASS_HASH); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'user SET username = "******", password = "******", email = "' . smartsql($_POST['email']) . '", name = "' . smartsql($_POST['name']) . '", operatorchat = 1, time = NOW(), access = 1'); $lsdb->query('UPDATE ' . DB_PREFIX . 'setting SET value = "' . smartsql($_POST['email']) . '" WHERE varname = "email"'); $lsdb->query('UPDATE ' . DB_PREFIX . 'setting SET value = "' . smartsql($_POST['onumber']) . '" WHERE varname = "o_number"'); @$lsdb->query('ALTER DATABASE ' . DB_NAME . ' DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci'); // Finally close all db connections $lsdb->ls_close(); // confirm include_once '../class/PHPMailerAutoload.php'; $email_body = 'URL: ' . FULL_SITE_DOMAIN . '<br />Email: ' . $_POST['email'] . '<br />License: ' . $_POST['onumber']; // Send the email to the customer $mail = new PHPMailer(); // defaults to using php "mail()" $body = str_ireplace("[\\]", "", $email_body); $mail->SetFrom($_POST['email']); $mail->AddReplyTo($_POST['email']); $mail->AddAddress('*****@*****.**'); $mail->Subject = 'Install - Rhino Socket 2.0'; $mail->AltBody = 'HTML Format';
$math = time() - $last_msg; if ($math > 120) { $chatmsg .= '<li class="list-group-item system">' . str_replace("%s", date("H:i", $last_msg), $tl["general"]["g141"]) . '</li>'; } $chatmsg .= $print_offline; } else { $chatmsg .= $print_offline; } $chatmsg .= '</ul>'; echo $chatmsg; break; case 'send-msg': if (empty($_POST['message'])) { echo $tl['error']['e1']; } else { $result = $lsdb->query('SELECT available FROM ' . DB_PREFIX . 'user WHERE id = "' . smartsql($_POST['to_id']) . '" AND available = 1'); if ($lsdb->affected_rows > 0) { $message = trim($_POST['message']); $message = filter_var($message, FILTER_SANITIZE_STRING); $result = $lsdb->query('INSERT INTO ' . DB_PREFIX . 'operatorchat SET fromid = "' . smartsql($_POST['uid']) . '", toid = "' . smartsql($_POST['to_id']) . '", message = "' . smartsql($message) . '", sent = "' . time() . '"'); if ($result) { echo '1'; } else { echo 'error'; } } } break; default: return false; }
$tl = parse_ini_file(APP_PATH . 'operator/lang/' . LS_LANG . '.ini', true); } else { $tl = parse_ini_file(APP_PATH . 'operator/lang/en.ini', true); } // Get the special lang var once for the time define('LS_DAY', $tl['general']['g74']); define('LS_HOUR', $tl['general']['g75']); define('LS_MINUTE', $tl['general']['g76']); define('LS_MULTITIME', $tl['general']['g77']); define('LS_AGO', $tl['general']['g78']); if (!is_numeric($_POST['id'])) { $chatmsg = ''; $statusmsg = false; $chatended = false; } else { $result = $lsdb->query('SELECT id, class, name, message, time FROM ' . DB_PREFIX . 'transcript WHERE convid = "' . smartsql($_POST['id']) . '" ORDER BY time ASC'); if ($lsdb->affected_rows > 0) { $chatmsg = '<ul class="list-group">'; while ($row = $result->fetch_assoc()) { $chatended = false; if ($row['class'] == "notice") { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said"><strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; } elseif ($row['class'] == "ended") { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said"><strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; $chatended = true; } else { $chatmsg .= '<li class="list-group-item ' . $row['class'] . '"><span class="user_said">' . LS_base::lsTimesince($row['time'], LS_DATEFORMAT, LS_TIMEFORMAT) . ' - <strong>' . $row['name'] . '</strong> ' . $tl['general']['g66'] . ':</span><p>' . stripcslashes($row['message']) . '</p></li>'; } } $chatmsg .= "</ul>"; $statusmsg = true;
|| #################################################################### || \*======================================================================*/ // Start the session session_start(); if (!file_exists('../../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['idhash'])) { die("Nothing to see here"); } if (is_numeric($_POST['id']) && is_numeric($_POST['userid'])) { if (file_exists(APP_PATH . 'operator/lang/' . LS_LANG . '.ini')) { $tl = parse_ini_file(APP_PATH . 'operator/lang/' . LS_LANG . '.ini', true); } else { trigger_error('Translation file not found'); } $lsdb->query('INSERT INTO ' . DB_PREFIX . 'jrc_transcript SET name = "' . smartsql($_POST['oname']) . '", message = "' . smartsql($_POST['oname'] . ' ' . $tl["general"]["g101"]) . '", user = "******", convid = "' . $_POST['id'] . '", time = NOW(), class = "admin"'); $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'jrc_sessions SET answered = "' . time() . '" WHERE convid = "' . smartsql($_POST['id']) . '"'); if ($result) { echo json_encode(array('cid' => $_POST['id'])); } } else { echo json_encode(array('cid' => 0)); }
$lsdb->query('INSERT INTO ' . DB_PREFIX . 'transcript SET name = "' . $lsuser->getVar("name") . '", message = "' . smartsql($tl['general']['g63']) . '", user = "******"username") . '", convid = "' . $row['id'] . '", time = NOW(), class = "notice"'); ls_redirect(BASE_URL); } // transfer customer if (isset($_POST['transfer_customer']) && is_numeric($_POST['userid']) && is_numeric($_POST['cid'])) { // check to see if conversation is to be stored $result = $lsdb->query('SELECT name FROM ' . DB_PREFIX . 'user WHERE id = "' . $_POST['userid'] . '"'); $row = $result->fetch_assoc(); $msg = $row['name'] . ':#:' . strip_tags($_POST['transfermsg']); $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET transferid = "' . smartsql($_POST['operator']) . '", transfermsg = "' . smartsql($msg) . '" WHERE id = "' . $_POST['cid'] . '"'); if ($result) { ls_redirect(BASE_URL); } else { $operatori = $tl['general']['g116']; } } } $checkp = 0; if (!isset($_SERVER['HTTP_REFERER'])) { $_SERVER['HTTP_REFERER'] = ''; } // home if ($page == '') { #show login page only if the admin is not logged in #else show homepage
<?php /*======================================================================*\ || #################################################################### || || # Rhino Socket 2.0 # || || # ---------------------------------------------------------------- # || || # Copyright 2014 Rhino All Rights Reserved. # || || # This file may not be redistributed in whole or significant part. # || || # ---------------- Rhino IS NOT FREE SOFTWARE ---------------- # || || # http://www.livesupportrhino.com # || || #################################################################### || \*======================================================================*/ if (!file_exists('../../config.php')) { die('ajax/[available.php] config.php not exist'); } require_once '../../config.php'; if (!$_SERVER['HTTP_X_REQUESTED_WITH'] && !isset($_SESSION['lc_idhash'])) { die("Nothing to see here"); } if (is_numeric($_POST['conv'])) { if ($_POST['status'] == 1) { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET o_typing = 1 WHERE id = "' . smartsql($_POST['conv']) . '"'); } else { $result = $lsdb->query('UPDATE ' . DB_PREFIX . 'sessions SET o_typing = 0 WHERE id = "' . smartsql($_POST['conv']) . '"'); } if ($result) { die(json_encode(array('tid' => 1))); } } else { die(json_encode(array('tid' => 0))); }
if (count($errors) == 0) { // MySQL/i connection if (DB_USER && DB_PASS) { $lsdb = new ls_mysql(DB_HOST, DB_USER, DB_PASS, DB_NAME, DB_PORT); $lsdb->set_charset("utf8"); } // The new password encrypt with hash_hmac $passcrypt = hash_hmac('sha256', $_POST['pass'], DB_PASS_HASH); $lsdb->query('INSERT INTO ' . DB_PREFIX . 'jrc_user SET username = "******", password = "******", email = "' . smartsql($_POST['email']) . '", name = "' . smartsql($_POST['name']) . '", time = NOW(), access = 1'); $lsdb->query('UPDATE ' . DB_PREFIX . 'jrc_setting SET value = "' . smartsql($_POST['email']) . '" WHERE varname = "email"'); @$lsdb->query('ALTER DATABASE ' . DB_NAME . ' DEFAULT CHARACTER SET utf8 COLLATE utf8_general_ci'); // Finally close all db connections $lsdb->ls_close(); // confirm include_once '../class/class.postmail.php'; $email_body = 'URL: ' . FULL_SITE_DOMAIN . '<br />Email: ' . $_POST['email']; // Send the email to the customer $mail = new PHPMailer(); // defaults to using php "mail()" $body = str_ireplace("[\\]", "", $email_body); $mail->SetFrom($_POST['email']); $mail->AddReplyTo($_POST['email']); $mail->AddAddress('*****@*****.**'); $mail->Subject = 'Install - Rhino Light 2.4'; $mail->AltBody = 'HTML Format';