* Handles various ajax requests
*
* @copyright Copyright (C) 2010-2012 Combodo SARL
* @license http://opensource.org/licenses/AGPL-3.0
*/
require_once '../../approot.inc.php';
require_once APPROOT . '/application/application.inc.php';
require_once APPROOT . '/application/webpage.class.inc.php';
require_once APPROOT . '/application/ajaxwebpage.class.inc.php';
try {
require_once APPROOT . '/application/startup.inc.php';
// require_once(APPROOT.'/application/user.preferences.class.inc.php');
require_once APPROOT . '/application/loginwebpage.class.inc.php';
LoginWebPage::DoLogin(false, true);
// Check user rights and prompt if needed
$oPage = new ajax_page("");
$oPage->no_cache();
$sOperation = utils::ReadParam('operation', '');
switch ($sOperation) {
case 'add':
$aResult = array('error' => '', 'att_id' => 0, 'preview' => 'false', 'msg' => '');
$sObjClass = stripslashes(utils::ReadParam('obj_class', '', false, 'class'));
$sTempId = utils::ReadParam('temp_id', '');
if (empty($sObjClass)) {
$aResult['error'] = "Missing argument 'obj_class'";
} elseif (empty($sTempId)) {
$aResult['error'] = "Missing argument 'temp_id'";
} else {
try {
$oDoc = utils::ReadPostedDocument('file');
$oAttachment = MetaModel::NewObject('Attachment');
*/
require_once '../approot.inc.php';
require_once APPROOT . '/application/application.inc.php';
require_once APPROOT . '/application/webpage.class.inc.php';
require_once APPROOT . '/application/ajaxwebpage.class.inc.php';
require_once APPROOT . '/application/wizardhelper.class.inc.php';
require_once APPROOT . '/application/ui.linkswidget.class.inc.php';
require_once APPROOT . '/application/ui.extkeywidget.class.inc.php';
require_once APPROOT . '/application/datatable.class.inc.php';
try {
require_once APPROOT . '/application/startup.inc.php';
require_once APPROOT . '/application/user.preferences.class.inc.php';
require_once APPROOT . '/application/loginwebpage.class.inc.php';
LoginWebPage::DoLogin(false, true);
// Check user rights and prompt if needed
$oPage = new ajax_page("");
$oPage->no_cache();
$operation = utils::ReadParam('operation', '');
$sFilter = stripslashes(utils::ReadParam('filter', '', false, 'raw_data'));
$sEncoding = utils::ReadParam('encoding', 'serialize');
$sClass = utils::ReadParam('class', 'MissingAjaxParam', false, 'class');
$sStyle = utils::ReadParam('style', 'list');
switch ($operation) {
case 'datatable':
case 'pagination':
$oPage->SetContentType('text/html');
$extraParams = utils::ReadParam('extra_param', '', false, 'raw_data');
$aExtraParams = array();
if (is_array($extraParams)) {
$aExtraParams = $extraParams;
} else {
function InteractiveShell($sExpression, $sQueryId, $sFormat, $sFileName, $sMode)
{
if ($sMode == 'dialog') {
$oP = new ajax_page('');
$oP->add('<div id="interactive_export_dlg">');
$sExportBtnLabel = json_encode(Dict::S('UI:Button:Export'));
$sJSTitle = json_encode(htmlentities(utils::ReadParam('dialog_title', '', false, 'raw_data'), ENT_QUOTES, 'UTF-8'));
$oP->add_ready_script(<<<EOF
\t\t\$('#interactive_export_dlg').dialog({
\t\t\tautoOpen: true,
\t\t\tmodal: true,
\t\t\twidth: '80%',
\t\t\ttitle: {$sJSTitle},
\t\t\tclose: function() { \$('#export-form').attr('data-state', 'cancelled'); \$(this).remove(); },
\t\t\tbuttons: [
\t\t\t\t{text: {$sExportBtnLabel}, id: 'export-dlg-submit', click: function() {} }
\t\t\t]
\t\t});
\t\t\t
\t\tsetTimeout(function() { \$('#interactive_export_dlg').dialog('option', { position: { my: "center", at: "center", of: window }}); \$('#export-btn').hide(); ExportInitButton('#export-dlg-submit'); }, 100);
EOF
);
} else {
$oP = new iTopWebPage('iTop Export');
}
if ($sExpression === null) {
// No expression supplied, let's check if phrasebook entry is given
if ($sQueryId !== null) {
$oSearch = DBObjectSearch::FromOQL('SELECT QueryOQL WHERE id = :query_id', array('query_id' => $sQueryId));
$oQueries = new DBObjectSet($oSearch);
if ($oQueries->Count() > 0) {
$oQuery = $oQueries->Fetch();
$sExpression = $oQuery->Get('oql');
$sFields = trim($oQuery->Get('fields'));
} else {
ReportErrorAndExit("Invalid query phrasebook identifier: '{$sQueryId}'");
}
} else {
if (utils::IsModeCLI()) {
Usage();
ReportErrorAndExit("No expression or query phrasebook identifier supplied.");
} else {
// form to enter an OQL query or pick a query phrasebook identifier
DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat);
$oP->output();
exit;
}
}
}
if ($sFormat !== null) {
$oExporter = BulkExport::FindExporter($sFormat);
if ($oExporter === null) {
$aSupportedFormats = BulkExport::FindSupportedFormats();
ReportErrorAndExit("Invalid output format: '{$sFormat}'. The supported formats are: " . implode(', ', array_keys($aSupportedFormats)));
} else {
DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat);
}
} else {
DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat);
}
if ($sMode == 'dialog') {
$oP->add('</div>');
}
$oP->output();
}
$aHeaders = array(0 => explode(',', $sResult));
// comma is the default separator
$writer->writeSheet($aHeaders, $sClassDisplayName, array());
$oPage->add($writer->writeToString());
break;
case 'csv':
default:
$oPage = new CSVPage("");
$oPage->add_header("Content-type: text/csv; charset=utf-8");
$oPage->add_header("Content-disposition: attachment; filename=\"{$sClassDisplayName}.csv\"");
$oPage->no_cache();
$oPage->add($sResult);
}
} else {
$oPage = new ajax_page("");
$oPage->no_cache();
$oPage->add('<p style="text-align:center">');
$oPage->add('<div style="display:inline-block;margin:0.5em;"><a style="text-decoration:none" href="' . utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.csvimport.php?operation=get_csv_template&disposition=attachment&class_name=' . $sClassName . '"><img border="0" src="../images/csv.png"><br/>' . $sClassDisplayName . '.csv</a></div>');
$oPage->add('<div style="display:inline-block;margin:0.5em;"><a style="text-decoration:none" href="' . utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.csvimport.php?operation=get_csv_template&disposition=attachment&format=xlsx&class_name=' . $sClassName . '"><img border="0" src="../images/xlsx.png"><br/>' . $sClassDisplayName . '.xlsx</a></div>');
$oPage->add('</p>');
$oPage->add('<p><textarea rows="5" cols="100">' . $sResult . '</textarea></p>');
}
} else {
$oPage = new ajax_page("Class {$sClassName} is not a valid class !");
}
break;
}
$oPage->output();
} catch (Exception $e) {
IssueLog::Error($e->getMessage());
}
$oXmlNode->AppendChild($oLinks);
}
}
function BuildIconPath($sIconPath)
{
return $sIconPath;
}
require_once APPROOT . '/application/startup.inc.php';
require_once APPROOT . '/application/loginwebpage.class.inc.php';
// For developping the Navigator from within Flash
//session_start();
//$_SESSION['auth_user'] = '******';
//UserRights::Login($_SESSION['auth_user']); // Set the user's language
LoginWebPage::DoLogin();
// Check user rights and prompt if needed
$oPage = new ajax_page("");
$oPage->no_cache();
$sClass = utils::ReadParam('class', 'Contact', false, 'class');
$id = utils::ReadParam('id', 1);
$sRelation = utils::ReadParam('relation', 'impacts');
$aValidRelations = MetaModel::EnumRelations();
$sFormat = utils::ReadParam('format', 'xml');
$sExcludedClasses = utils::ReadParam('exclude', '', false, 'raw_data');
$aExcludedClasses = explode(',', $sExcludedClasses);
if (!in_array($sRelation, $aValidRelations)) {
// Not a valid relation, use the default one instead
$sRelation = 'impacts';
}
try {
if ($id != 0) {
switch ($sFormat) {
require_once APPROOT . '/application/application.inc.php';
require_once APPROOT . '/application/itopwebpage.class.inc.php';
require_once APPROOT . '/application/wizardhelper.class.inc.php';
require_once APPROOT . '/application/startup.inc.php';
$oAppContext = new ApplicationContext();
$currentOrganization = utils::ReadParam('org_id', '');
$operation = utils::ReadParam('operation', '');
require_once APPROOT . '/application/loginwebpage.class.inc.php';
require_once APPROOT . '/application/ajaxwebpage.class.inc.php';
$bPortal = utils::ReadParam('portal', false);
$sUrl = utils::GetAbsoluteUrlAppRoot();
if ($operation == 'do_logoff') {
// Reload the same dummy page to let the "calling" page execute its 'onunload' method before performing the actual logoff.
// Note the redirection MUST NOT be made via an HTTP "header" since onunload is called only when the actual content of the DOM
// is replaced by some other content. So the "bouncing" page must provide some content (in our case a script making the redirection).
$oPage = new ajax_page('');
$oPage->add_script("window.location.href='{$sUrl}pages/logoff.php?portal={$bPortal}'");
$oPage->output();
exit;
}
if ($bPortal) {
$sUrl .= 'portal/';
} else {
$sUrl .= 'pages/UI.php';
}
if (isset($_SESSION['auth_user'])) {
$sAuthUser = $_SESSION['auth_user'];
UserRights::Login($sAuthUser);
// Set the user's language
}
$sLoginMode = isset($_SESSION['login_mode']) ? $_SESSION['login_mode'] : '';
$oPage->add_ready_script(<<<EOF
\t\$("#restore_token").val('{$sToken}');
EOF
);
} else {
$oPage->p(Dict::S('bkp-restore-running'));
}
$oPage->output();
break;
case 'restore_exec':
require_once APPROOT . "setup/runtimeenv.class.inc.php";
require_once APPROOT . '/application/utils.inc.php';
require_once APPROOT . '/setup/backup.class.inc.php';
require_once dirname(__FILE__) . '/dbrestore.class.inc.php';
IssueLog::Enable(APPROOT . 'log/error.log');
$oPage = new ajax_page("");
$oPage->no_cache();
$oPage->SetContentType('text/html');
if (utils::GetConfig()->Get('demo_mode')) {
$oPage->add("<div data-error-stimulus=\"Error\">Sorry, iTop is in <b>demonstration mode</b>: the feature is disabled.</div>");
} else {
$sEnvironment = utils::ReadParam('environment', 'production', false, 'raw_data');
$oRestoreMutex = new iTopMutex('restore.' . $sEnvironment);
IssueLog::Info("Backup Restore - Acquiring the LOCK 'restore.{$sEnvironment}'");
$oRestoreMutex->Lock();
IssueLog::Info('Backup Restore - LOCK acquired, executing...');
try {
set_time_limit(0);
// Get the file and destroy the token (single usage)
$sToken = utils::ReadParam('token', '', false, 'raw_data');
$sTokenFile = APPROOT . '/data/restore.' . $sToken . '.tok';
// Integration within MS-Excel web queries + HTTPS + IIS:
// MS-IIS set these header values with no-cache... while Excel fails to do the job if using HTTPS
// Then the fix is to force the reset of header values Pragma and Cache-control
header("Pragma:", true);
header("Cache-control:", true);
$sFields = implode(',', $aFields);
$oP->add_style('table br {mso-data-placement:same-cell;}');
// Trick for Excel: keep line breaks inside the same cell !
cmdbAbstractObject::DisplaySetAsHTMLSpreadsheet($oP, $oSet, array('fields' => $sFields, 'fields_advanced' => $bFieldsAdvanced, 'localize_values' => $bLocalize));
break;
case 'xml':
$oP = new XMLPage("iTop - Export", true);
cmdbAbstractObject::DisplaySetAsXML($oP, $oSet, array('localize_values' => $bLocalize));
break;
case 'xlsx':
$oP = new ajax_page('');
$oExporter = new ExcelExporter();
$oExporter->SetObjectList($oFilter);
// Run the export by chunk of 1000 objects to limit memory usage
$oExporter->SetChunkSize(1000);
do {
$aStatus = $oExporter->Run();
// process one chunk
} while ($aStatus['code'] != 'done' && $aStatus['code'] != 'error');
if ($aStatus['code'] == 'done') {
$oP->SetContentType('application/vnd.openxmlformats-officedocument.spreadsheetml.sheet');
$oP->SetContentDisposition('attachment', $oFilter->GetClass() . '.xlsx');
$oP->add(file_get_contents($oExporter->GetExcelFilePath()));
$oExporter->Cleanup();
} else {
$oP->add('Error, xlsx export failed: ' . $aStatus['message']);
* Result structure that is specific to the hardcoded verb 'list_operations'
*/
class RestResultListOperations extends RestResult
{
public $version;
public $operations;
public function AddOperation($sVerb, $sDescription, $sServiceProviderClass)
{
$this->operations[] = array('verb' => $sVerb, 'description' => $sDescription, 'extension' => $sServiceProviderClass);
}
}
////////////////////////////////////////////////////////////////////////////////
//
// Main
//
$oP = new ajax_page('rest');
$sVersion = utils::ReadParam('version', null, false, 'raw_data');
$sOperation = utils::ReadParam('operation', null);
$sJsonString = utils::ReadParam('json_data', null, false, 'raw_data');
$sProvider = '';
try {
utils::UseParamFile();
$iRet = LoginWebPage::DoLogin(false, false, LoginWebPage::EXIT_RETURN);
// Starting with iTop 2.2.0 portal users are no longer allowed to access the REST/JSON API
if ($iRet != LoginWebPage::EXIT_CODE_OK) {
switch ($iRet) {
case LoginWebPage::EXIT_CODE_MISSINGLOGIN:
throw new Exception("Missing parameter 'auth_user'", RestResult::MISSING_AUTH_USER);
break;
case LoginWebPage::EXIT_CODE_MISSINGPASSWORD:
throw new Exception("Missing parameter 'auth_pwd'", RestResult::MISSING_AUTH_PWD);
/**
* Helper to download the file directly from the browser
*/
public function DownloadBackup($sFile)
{
$oP = new ajax_page('backup');
$oP->SetContentType("multipart/x-zip");
$oP->SetContentDisposition('inline', basename($sFile));
$oP->add(file_get_contents($sFile));
$oP->output();
}
* Result structure that is specific to the hardcoded verb 'list_operations'
*/
class RestResultListOperations extends RestResult
{
public $version;
public $operations;
public function AddOperation($sVerb, $sDescription, $sServiceProviderClass)
{
$this->operations[] = array('verb' => $sVerb, 'description' => $sDescription, 'extension' => $sServiceProviderClass);
}
}
////////////////////////////////////////////////////////////////////////////////
//
// Main
//
$oP = new ajax_page('rest');
try {
utils::UseParamFile();
$iRet = LoginWebPage::DoLogin(false, true, LoginWebPage::EXIT_RETURN);
if ($iRet != LoginWebPage::EXIT_CODE_OK) {
switch ($iRet) {
case LoginWebPage::EXIT_CODE_MISSINGLOGIN:
throw new Exception("Missing parameter 'auth_user'", RestResult::MISSING_AUTH_USER);
break;
case LoginWebPage::EXIT_CODE_MISSINGPASSWORD:
throw new Exception("Missing parameter 'auth_pwd'", RestResult::MISSING_AUTH_PWD);
break;
case LoginWebPage::EXIT_CODE_WRONGCREDENTIALS:
throw new Exception("Invalid login", RestResult::UNAUTHORIZED);
break;
case LoginWebPage::EXIT_CODE_PORTALUSERNOTAUTHORIZED:
$sHtml = "<div class=\"page_header\">\n";
$sHtml .= "<table class=\"section\"><tr><td>" . MetaModel::GetClassIcon($sListClass, true, 'width: 24px; height: 24px;') . " " . Dict::Format('UI:RelationGroupNumber_N', 1 + $idx) . "</td></tr></table>\n";
$sHtml .= "</div>\n";
$oPage->add($sHtml);
cmdbAbstractObject::DisplaySet($oPage, $oSet);
$oPage->p('');
// Some space
}
}
}
if ($operation == 'relation_attachment') {
$sObjClass = utils::ReadParam('obj_class', '', false, 'class');
$iObjKey = (int) utils::ReadParam('obj_key', 0, false, 'integer');
// Save the generated PDF as an attachment
$sPDF = $oPage->get_pdf();
$oPage = new ajax_page('');
$oAttachment = new Attachment();
$oAttachment->Set('item_class', $sObjClass);
$oAttachment->Set('item_id', $iObjKey);
$oDoc = new ormDocument($sPDF, 'application/pdf', $sTitle . '.pdf');
$oAttachment->Set('contents', $oDoc);
$iAttachmentId = $oAttachment->DBInsert();
$aRet = array('status' => 'ok', 'att_id' => $iAttachmentId);
$oPage->add(json_encode($aRet));
}
break;
case 'relation_json':
require_once APPROOT . 'core/simplegraph.class.inc.php';
require_once APPROOT . 'core/relationgraph.class.inc.php';
require_once APPROOT . 'core/displayablegraph.class.inc.php';
$sRelation = utils::ReadParam('relation', 'impacts');
*/
$sOperation = Utils::ReadParam('operation', '');
try {
switch ($sOperation) {
case 'async_action':
ini_set('max_execution_time', max(240, ini_get('max_execution_time')));
// While running the setup it is desirable to see any error that may happen
ini_set('display_errors', true);
ini_set('display_startup_errors', true);
require_once APPROOT . '/setup/wizardcontroller.class.inc.php';
require_once APPROOT . '/setup/wizardsteps.class.inc.php';
$sClass = utils::ReadParam('step_class', '');
$sState = utils::ReadParam('step_state', '');
$sActionCode = utils::ReadParam('code', '');
$aParams = utils::ReadParam('params', array(), false, 'raw_data');
$oPage = new ajax_page('');
$oDummyController = new WizardController('');
if (is_subclass_of($sClass, 'WizardStep')) {
$oStep = new $sClass($oDummyController, $sState);
$sConfigFile = utils::GetConfigFilePath();
if (file_exists($sConfigFile) && !is_writable($sConfigFile) && $oStep->RequiresWritableConfig()) {
$oPage->error("<b>Error:</b> the configuration file '" . $sConfigFile . "' already exists and cannot be overwritten.");
$oPage->p("The wizard cannot modify the configuration file for you. If you want to upgrade " . ITOP_APPLICATION . ", make sure that the file '<b>" . realpath($sConfigFile) . "</b>' can be modified by the web server.");
$oPage->output();
} else {
$oStep->AsyncAction($oPage, $sActionCode, $aParams);
}
}
$oPage->output();
break;
default:
$sHtml = "<div class=\"page_header\">\n";
$sHtml .= "<table class=\"section\"><tr><td>" . MetaModel::GetClassIcon($sListClass, true, 'width: 24px; height: 24px;') . " " . Dict::Format('UI:RelationGroupNumber_N', 1 + $idx) . "</td></tr></table>\n";
$sHtml .= "</div>\n";
$oPage->add($sHtml);
cmdbAbstractObject::DisplaySet($oPage, $oSet);
$oPage->p('');
// Some space
}
}
}
if ($operation == 'relation_attachment') {
$sObjClass = utils::ReadParam('obj_class', '', false, 'class');
$iObjKey = (int) utils::ReadParam('obj_key', 0, false, 'integer');
// Save the generated PDF as an attachment
$sPDF = $oPage->get_pdf();
$oPage = new ajax_page('');
$oAttachment = new Attachment();
$oAttachment->Set('item_class', $sObjClass);
$oAttachment->Set('item_id', $iObjKey);
$oDoc = new ormDocument($sPDF, 'application/pdf', $sTitle . '.pdf');
$oAttachment->Set('contents', $oDoc);
$iAttachmentId = $oAttachment->DBInsert();
$aRet = array('status' => 'ok', 'att_id' => $iAttachmentId);
$oPage->add(json_encode($aRet));
}
break;
case 'relation_json':
require_once APPROOT . 'core/simplegraph.class.inc.php';
require_once APPROOT . 'core/relationgraph.class.inc.php';
require_once APPROOT . 'core/displayablegraph.class.inc.php';
$sRelation = utils::ReadParam('relation', 'impacts');
