function reset_user_password($key = null) { if (!empty($this->data)) { $user = $this->Ticket->findUser($this->data['Ticket']['email']); $hasTicket = $this->Ticket->find('first', array('conditions' => array('Ticket.email' => $user['User']['email']))); //pr($hasTicket); //die; if (!empty($user) && empty($hasTicket)) { App::import('Helper', 'Time'); $time = new TimeHelper(); $key = Security::hash(String::uuid(), 'sha1', true); $this->data['Ticket']['key'] = $key; $this->data['Ticket']['creation_date'] = $time->format('Y-m-d H:i:s', time()); $url = Router::url(array('controller' => 'tickets', 'action' => 'reset_user_password'), true) . '/' . $key; //pr($url); //die; //ko se ticket shrani v bazo se poslje email (email element: lost_password_notification.ctp) useru, ki je ticket odprl if ($this->Ticket->save($this->data)) { $this->set('url', $url); $this->MyEmail->sendResetPasswordEmail($user['User']['email']); $this->Session->setFlash('notification email has been sent to you with reset data'); } } elseif (!empty($hasTicket)) { if ($this->Ticket->checkTicketDateValidity($hasTicket)) { $this->Session->setFlash('We had already sent you a link to your email address! Go get it, lazy ass!'); } else { $this->Session->setFlash('Your ticket regarding lost password has been deleted due to expiration! Try submitting again'); } } //se prozi kadar user klikne link, ki vsebuje generiran key, v svojem mailu in ga redirecta sem } elseif (isset($key) && !empty($key)) { $result = $this->Ticket->find('first', array('conditions' => array('Ticket.key' => $key))); $this->Ticket->checkTicketDateValidity($result); if (!empty($result)) { $user = $this->Ticket->findUser($result['Ticket']['email']); $this->set('userId', $user['User']['id']); $this->set('key', $key); $this->Ticket->delete($result['Ticket']['id']); //$this->redirect(array('controller' => 'users', 'action' => 'changeUserPassword/uid:'.$user['User']['id'])); } } else { $this->Session->setFlash('Please provide your email!'); } }
function del($ticket = null) { $this->garbage(); if ($ticket) { $ticketObj = new Ticket(); $data = $ticketObj->findByHash($ticket); if (is_array($data) && is_array($data['Ticket'])) { return $data = $ticketObj->delete($data['Ticket']['id']); } } return false; }
function archiveTicket($id) { $ticket = new Ticket($id); $tid = $ticket->getExtId(); // Delete orphan tickets. $owner = $ticket->getOwner(); if (!$owner) { $ticket->delete(); return; } $o_name = $owner->getName(); $threads = $ticket->getThreadEntries(array('M', 'R', 'N')); $out = ["id" => $tid, "department" => $ticket->getDeptName(), "subject" => $ticket->getSubject(), "opened" => $ticket->getOpenDate(), "closed" => $ticket->getCloseDate(), "owner" => (isset($o_name->name) ? $o_name->name : '') . " <" . $owner->getEmail() . ">", "thread" => []]; $date = date("Y-m-d", strtotime($out["opened"])); $path = TICKET_PATH . "/" . $date . "/"; if (!@file_exists($path)) { @mkdir($path); } // Individual messages. foreach ($threads as $th) { $out["thread"][] = ["id" => $th["id"], "staff_id" => $th["staff_id"], "thread_type" => $th["thread_type"], "poster" => $th["poster"], "title" => $th["title"], "body" => $th["body"], "created" => $th["created"], "updated" => $th["updated"], "attachments" => intval($th["attachments"])]; // Process attachments. if ($th["attachments"] != 0) { $entry = $ticket->getThreadEntry($th['id']); $attachments = $entry->getAttachments(); foreach ($attachments as $a) { $file = Attachment::lookup($a["attach_id"])->getFile(); $ext = $ext = strtolower(substr(strrchr($file->getName(), '.'), 1)); $fname = $tid . "_" . $th["id"] . "." . $ext; @file_put_contents(ATTACHMENT_PATH . "/" . $fname, $file->getData()); } } } // write the ticket to disk file_put_contents($path . $tid, json_encode($out, JSON_PRETTY_PRINT)); // delete the ticket from the db $ticket->delete(); }
/** * Transfer tickets * * @param $itemtype type of transfered item * @param $ID original ID of the ticket * @param $newID new ID of the ticket **/ function transferTickets($itemtype, $ID, $newID) { global $DB; $job = new Ticket(); $query = "SELECT *\n FROM `glpi_tickets`\n WHERE `items_id` = '{$ID}'\n AND `itemtype` = '{$itemtype}'"; if ($result = $DB->query($query)) { if ($DB->numrows($result) != 0) { switch ($this->options['keep_ticket']) { // Transfer case 2: // Same Item / Copy Item -> update entity while ($data = $DB->fetch_array($result)) { $input = $this->transferTicketAdditionalInformations($data); $input['id'] = $data['id']; $input['entities_id'] = $this->to; $input['items_id'] = $newID; $input['itemtype'] = $itemtype; $job->update($input); $this->addToAlreadyTransfer('Ticket', $data['id'], $data['id']); $this->transferTicketTaskCategory($input['id'], $input['id']); } break; // Clean ref : keep ticket but clean link // Clean ref : keep ticket but clean link case 1: // Same Item / Copy Item : keep and clean ref while ($data = $DB->fetch_array($result)) { $job->update(array('id' => $data['id'], 'itemtype' => 0, 'items_id' => 0)); $this->addToAlreadyTransfer('Ticket', $data['id'], $data['id']); } break; // Delete // Delete case 0: // Same item -> delete if ($ID == $newID) { while ($data = $DB->fetch_array($result)) { $job->delete(array('id' => $data['id'])); } } // Copy Item : nothing to do break; } } } }
$note = _('Ticket flagged as overdue by') . ' ' . $thisuser->getName(); foreach ($_POST['tids'] as $k => $v) { $t = new Ticket($v); if ($t && !$t->isoverdue()) { if ($t->markOverdue()) { $i++; $t->logActivity(_('Ticket Marked Overdue'), $note, false, 'System'); } } } $msg = "{$i} " . _("of") . " {$count} " . _("selected tickets marked overdue"); } elseif (isset($_POST['delete'])) { $i = 0; foreach ($_POST['tids'] as $k => $v) { $t = new Ticket($v); if ($t && @$t->delete()) { $i++; } } $msg = "{$i} " . _("of") . " {$count} " . _("selected tickets deleted"); } } break; case 'open': $ticket = null; //TODO: check if the user is allowed to create a ticket. if ($ticket = Ticket::create_by_staff($_POST, $errors)) { $ticket->reload(); $msg = _('Ticket created successfully'); if ($thisuser->canAccessDept($ticket->getDeptId()) || $ticket->getStaffId() == $thisuser->getId()) { //View the sucker
$track->update($_POST); Event::log($_POST["id"], "ticket", 4, "tracking", sprintf(__('%s updates an item'), $_SESSION["glpiname"])); if ($track->can($_POST["id"], READ)) { $toadd = ''; // Copy solution to KB redirect to KB if (isset($_POST['_sol_to_kb']) && $_POST['_sol_to_kb']) { $toadd = "&_sol_to_kb=1"; } Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $_POST["id"] . $toadd); } Session::addMessageAfterRedirect(__('You have been redirected because you no longer have access to this ticket'), true, ERROR); Html::redirect($CFG_GLPI["root_doc"] . "/front/ticket.php"); } else { if (isset($_POST['delete'])) { $track->check($_POST['id'], DELETE); if ($track->delete($_POST)) { Event::log($_POST["id"], "ticket", 4, "tracking", sprintf(__('%s deletes an item'), $_SESSION["glpiname"])); } $track->redirectToList(); } else { if (isset($_POST['purge'])) { $track->check($_POST['id'], PURGE); if ($track->delete($_POST, 1)) { Event::log($_POST["id"], "ticket", 4, "tracking", sprintf(__('%s purges an item'), $_SESSION["glpiname"])); } $track->redirectToList(); } else { if (isset($_POST["restore"])) { $track->check($_POST['id'], DELETE); if ($track->restore($_POST)) { Event::log($_POST["id"], "ticket", 4, "tracking", sprintf(__('%s restores an item'), $_SESSION["glpiname"]));
/** * Delete ticket * @param int $idTicket Id of ticket to delete * @return int <0 if KO, >0 if OK */ public static function DeleteTicket($idTicket = 0) { global $db; $object = new Ticket($db); $db->begin; $res = $object->delete($idTicket); if ($res == 1) { $reslines = DeleteTicketLines($id); if ($reslines == 1) { $db->commit(); } else { $db->rollback(); $res = -1; } } else { $db->rollback; } return $res; }
$track->update($_POST); Event::log($_POST["id"], "ticket", 4, "tracking", $_SESSION["glpiname"] . " " . $LANG['log'][21]); // Copy solution to KB redirect to KB if (isset($_POST['_sol_to_kb']) && $_POST['_sol_to_kb']) { glpi_header($CFG_GLPI["root_doc"] . "/front/knowbaseitem.form.php?id=new&tickets_id=" . $_POST["id"]); } else { if ($track->can($_POST["id"], 'r')) { glpi_header($CFG_GLPI["root_doc"] . "/front/ticket.form.php?id=" . $_POST["id"]); } addMessageAfterRedirect($LANG['job'][26], true, ERROR); glpi_header($CFG_GLPI["root_doc"] . "/front/ticket.php"); } } else { if (isset($_POST['delete'])) { $track->check($_POST['id'], 'd'); $track->delete($_POST); Event::log($_POST["id"], "ticket", 4, "tracking", $_SESSION["glpiname"] . " " . $LANG['log'][22]); $track->redirectToList(); /* } else if (isset($_POST['add']) || isset($_POST['add_close']) || isset($_POST['add_reopen'])) { checkSeveralRightsOr(array('add_followups' => '1', 'global_add_followups' => '1', 'show_assign_ticket' => '1')); $newID = $fup->add($_POST); Event::log($_POST["tickets_id"], "ticket", 4, "tracking", $_SESSION["glpiname"]." ".$LANG['log'][20]." $newID."); glpi_header($CFG_GLPI["root_doc"]."/front/ticket.form.php?id=". $_POST["tickets_id"]."&glpi_tab=1&itemtype=Ticket"); */ } else { if (isset($_POST['sla_delete'])) {
/** * Clean data in the tables which have linked the deleted item * Clear 1/N Relation * * @return nothing **/ function cleanRelationData() { global $DB, $CFG_GLPI; $RELATION = getDbRelations(); if (isset($RELATION[$this->getTable()])) { $newval = isset($this->input['_replace_by']) ? $this->input['_replace_by'] : 0; foreach ($RELATION[$this->getTable()] as $tablename => $field) { if ($tablename[0] != '_') { if (!is_array($field)) { $query = "UPDATE `{$tablename}`\n SET `{$field}` = '{$newval}'\n WHERE `{$field}` = '" . $this->fields['id'] . "'"; $DB->query($query); } else { foreach ($field as $f) { $query = "UPDATE `{$tablename}`\n SET `{$f}` = '{$newval}'\n WHERE `{$f}` = '" . $this->fields['id'] . "'"; $DB->query($query); } } } } } // Clean ticket open against the item if (in_array($this->getType(), $CFG_GLPI["ticket_types"])) { $job = new Ticket(); $query = "SELECT *\n FROM `glpi_tickets`\n WHERE `items_id` = '" . $this->fields['id'] . "'\n AND `itemtype`='" . $this->getType() . "'"; $result = $DB->query($query); if ($DB->numrows($result)) { while ($data = $DB->fetch_array($result)) { if ($CFG_GLPI["keep_tickets_on_delete"] == 1) { $job->update(array('id' => $data["id"], 'items_id' => 0, 'itemtype' => '')); } else { $job->delete(array("id" => $data["id"])); } } } } }
/** * @group api * * This function test https://github.com/glpi-project/glpi/issues/1103 * A post-only user could retrieve tickets of others users when requesting itemtype * without first letter in uppercase **/ public function testgetItemsForPostonly() { // init session for postonly $res = $this->doHttpRequest('GET', 'initSession/', ['auth' => ['post-only', 'postonly']]); $body = $res->getBody(); $data = json_decode($body, true); // create a ticket for another user (glpi - super-admin) $ticket = new Ticket(); $tickets_id = $ticket->add(array('name' => 'test post-only', 'content' => 'test post-only', '_users_id_requester' => 2)); // try to access this ticket with post-only try { $res = $this->doHttpRequest('GET', "ticket/{$tickets_id}", ['headers' => ['Session-Token' => $data['session_token']]]); $this->assertGreaterThanOrEqual(400, $res->getStatusCode()); } catch (ClientException $e) { $response = $e->getResponse(); $this->assertEquals(401, $this->last_error->getStatusCode()); } // try to access ticket list (we should get empty return) $res = $this->doHttpRequest('GET', 'ticket/', ['headers' => ['Session-Token' => $data['session_token']]]); $this->assertNotEquals(null, $res, $this->last_error); $this->assertEquals(200, $res->getStatusCode()); $body = $res->getBody(); $data = json_decode($body, true); $this->assertEquals(0, count($data)); // delete ticket $ticket->delete(array('id' => $tickets_id), true); }
/** * Clean data in the tables which have linked the deleted item * Clear 1/N Relation * * @return nothing **/ function cleanRelationData() { global $DB, $CFG_GLPI; $RELATION = getDbRelations(); if (isset($RELATION[$this->getTable()])) { $newval = isset($this->input['_replace_by']) ? $this->input['_replace_by'] : 0; foreach ($RELATION[$this->getTable()] as $tablename => $field) { if ($tablename[0] != '_') { $itemtype = getItemTypeForTable($tablename); // Code factorization : we transform the singleton to an array if (!is_array($field)) { $field = array($field); } foreach ($field as $f) { foreach ($DB->request($tablename, array($f => $this->getID())) as $data) { // Be carefull : we must use getIndexName because self::update rely on that ! if ($object = getItemForItemtype($itemtype)) { $idName = $object->getIndexName(); // And we must ensure that the index name is not the same as the field // we try to modify. Otherwise we will loose this element because all // will be set to $newval ... if ($idName != $f) { $object->update(array($idName => $data[$idName], $f => $newval, '_disablenotif' => true)); // Disable notifs } } } } } } } // Clean ticket open against the item if (in_array($this->getType(), $CFG_GLPI["ticket_types"])) { $job = new Ticket(); $itemsticket = new Item_Ticket(); $query = "SELECT *\n FROM `glpi_items_tickets`\n WHERE `items_id` = '" . $this->fields['id'] . "'\n AND `itemtype`='" . $this->getType() . "'"; $result = $DB->query($query); if ($DB->numrows($result)) { while ($data = $DB->fetch_assoc($result)) { $cnt = countElementsInTable('glpi_items_tickets', "`tickets_id`='" . $data['tickets_id'] . "'"); $job->getFromDB($data['tickets_id']); if ($cnt == 1) { if ($CFG_GLPI["keep_tickets_on_delete"] == 1) { $itemsticket->delete(array("id" => $data["id"])); } else { $job->delete(array("id" => $data["tickets_id"])); } } else { $itemsticket->delete(array("id" => $data["id"])); } } } } }
public function destroy_ticket() { if (!isset($_POST['ticket_id'])) { error(__("Error"), __("No ticket ID specified.", "progress")); } $ticket = new Ticket($_POST['ticket_id']); if ($ticket->no_results) { error(__("Error"), __("Invalid ticket ID specified.", "progress")); } if (!$ticket->deletable()) { show_403(__("Access Denied"), __("You do not have sufficient privileges to delete this ticket.", "progress")); } Ticket::delete($ticket->id); Flash::notice(__("Ticket deleted.", "progress"), $ticket->milestone->url()); }
/** * method Delete() * Delete a record */ function Delete($param) { try { $key = $param['key']; // get the parameter $key TTransaction::open('atividade'); // open a transaction with database $object = new Ticket($key, FALSE); // instantiates the Active Record $object->delete(); // deletes the object from the database TTransaction::close(); // close the transaction $this->onReload($param); // reload the listing new TMessage('info', TAdiantiCoreTranslator::translate('Record deleted')); // success message } catch (Exception $e) { new TMessage('error', '<b>Error</b> ' . $e->getMessage()); // shows the exception error message TTransaction::rollback(); // undo all pending operations } }
$i=0; $note='Ticket flagged as overdue by '.$thisuser->getName(); foreach($_POST['tids'] as $k=>$v) { $t = new Ticket($v); if($t && !$t->isoverdue()) if($t->markOverdue()) { $i++; $t->logActivity('Ticket Marked Overdue',$note,false,'System'); } } $msg="$i of $count selected tickets marked overdue"; }elseif(isset($_POST['delete'])){ $i=0; foreach($_POST['tids'] as $k=>$v) { $t = new Ticket($v); if($t && @$t->delete()) $i++; } $msg="$i of $count selected tickets deleted"; } } break; case 'open': $ticket=null; //TODO: check if the user is allowed to create a ticet. if(($ticket=Ticket::create_by_staff($_POST,$errors))) { $ticket->reload(); $msg='Ticket created successfully'; if($thisuser->canAccessDept($ticket->getDeptId()) || $ticket->getStaffId()==$thisuser->getId()) { //View the sucker $page='viewticket.inc.php'; }else {
/** * Create a close cash in database * @param data array of data ($user id, amount real, teoric and dif) * @return int <0 if KO, >0 if OK */ function Create($data) { global $db, $conf, $mysoc; $error = 0; // Clean parameters dol_syslog("CloseCash::Create user="******"INSERT INTO " . MAIN_DB_PREFIX . "pos_control_cash ("; $sql .= " entity"; $sql .= ", ref"; $sql .= ", fk_cash"; $sql .= ", fk_user"; $sql .= ", amount_real"; $sql .= ", amount_teor"; $sql .= ", amount_diff"; $sql .= ", type_control"; $sql .= ", date_c"; $sql .= ")"; $sql .= " VALUES ("; $sql .= $conf->entity; $sql .= ", '" . $this->getNextNumRef($mysoc) . "'"; $sql .= ", '" . $this->terminal . "'"; $sql .= ", " . $data['userid']; $sql .= ", " . $data['amount_reel']; $sql .= ", " . $data['amount_teoric']; $sql .= ", " . $data['amount_diff']; $sql .= ", " . $data['type_control']; $sql .= ", " . $db->idate($now); $sql .= ")"; dol_syslog("CloseCash::Create sql=" . $sql); $resql = $this->db->query($sql); if ($resql) { $closeid = $this->db->last_insert_id(MAIN_DB_PREFIX . "pos_control_cash"); $this->db->commit(); if ($data['type_control'] == 1) { dol_include_once("/pos/class/ticket.class.php"); $this->setTicketClosedbyCash($closeid, $date_close); $this->setFactureClosedbyCash($closeid); $ticket = new Ticket($this->db); $res = $ticket->delete(); if (!$res) { $error++; } } } else { $error++; $this->error = $this->db->error(); dol_syslog("CloseCash::create error " . $this->error . " sql=" . $sql, LOG_ERR); $this->db->rollback(); } if ($error > 0) { return $error; } else { return $closeid; } }