function setManagement() { global $INTERNAL, $RESPONSE, $GROUPS; if (!DB_CONNECTION) { $res = testDataBase($CONFIG["gl_db_host"], $CONFIG["gl_db_user"], $CONFIG["gl_db_pass"], $CONFIG["gl_db_name"], $CONFIG["gl_db_prefix"]); if (!empty($res)) { $RESPONSE->SetValidationError(LOGIN_REPLY_DB, $res); } return; } if ($INTERNAL[CALLER_SYSTEM_ID]->Level == USER_LEVEL_ADMIN) { createFile(PATH_USERS . "internal.inc.php", base64_decode($_POST[POST_INTERN_FILE_INTERN]), true); createFile(PATH_GROUPS . "groups.inc.php", base64_decode($_POST[POST_INTERN_FILE_GROUPS]), true); getData(true, true, true, false); updatePredefinedMessages(); if (isset($_POST[POST_INTERN_EDIT_USER])) { $combos = explode(";", $_POST[POST_INTERN_EDIT_USER]); for ($i = 0; $i < count($combos); $i++) { if (strpos($combos[$i], ",") !== false) { $vals = explode(",", $combos[$i]); if (strlen($vals[1]) > 0) { $INTERNAL[$vals[0]]->ChangePassword($vals[1]); } $INTERNAL[$vals[0]]->SetPasswordChangeNeeded($vals[2] == 1); } } } $datafiles = getDirectory(PATH_USERS, ".htm", true); foreach ($datafiles as $datafile) { if (strpos($datafile, FILE_EXTENSION_PASSWORD) !== false || strpos($datafile, FILE_EXTENSION_CHANGE_PASSWORD) !== false) { $parts = explode(".", $datafile); if (!isset($INTERNAL[$parts[0]])) { @unlink(PATH_USERS . $datafile); } } } setIdle(0); $RESPONSE->SetStandardResponse(1, ""); } }
function setManagement($_prefix) { global $INTERNAL, $RESPONSE, $CONFIG, $GROUPS, $VISITOR; administrationLog("setManagement", "", CALLER_SYSTEM_ID); if (isValidated()) { if (isset($INTERNAL[CALLER_SYSTEM_ID]) && ($INTERNAL[CALLER_SYSTEM_ID]->Level == USER_LEVEL_ADMIN || is_array($INTERNAL[CALLER_SYSTEM_ID]->WebsitesUsers) && in_array($CONFIG["gl_host"], $INTERNAL[CALLER_SYSTEM_ID]->WebsitesUsers))) { $count = 0; while (isset($_POST["p_operators_" . $count . "_id"])) { if (!empty($_POST["p_operators_" . $count . "_delete"])) { queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_OPERATORS . "` WHERE `id`='" . DBManager::RealEscape($_POST["p_operators_" . $count . "_id"]) . "' LIMIT 1;"); } else { $did = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->AppDeviceId : ""; $abm = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->AppBackgroundMode : false; $aos = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->AppOS : ""; $lac = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->LastActive : 0; $fac = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->FirstActive : 0; $wcl = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->ClientWeb : 0; $acl = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->AppClient : 0; $sta = !empty($INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]) ? $INTERNAL[$_POST["p_operators_" . $count . "_system_id"]]->Status : 2; queryDB(true, "REPLACE INTO `" . $_prefix . DATABASE_OPERATORS . "` (`id`, `system_id`, `fullname`, `description`, `email`, `permissions`, `webspace`, `password`, `status`, `level`, `visitor_file_sizes`, `groups`, `groups_status`, `groups_hidden`,`reposts`, `languages`, `auto_accept_chats`, `login_ip_range`, `websites_users`, `websites_config`, `bot`, `wm`, `wmohca`,`first_active`,`last_active`,`sign_off`,`lweb`,`lapp`,`mobile_os`,`mobile_device_id`,`mobile_background`,`mobile_ex`,`max_chats`) VALUES ('" . DBManager::RealEscape($_POST["p_operators_" . $count . "_id"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_system_id"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_fullname"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_description"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_email"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_permissions"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_webspace"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_password"]) . "','" . $sta . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_level"]) . "','','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_groups"]) . "','','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_groups_hidden"]) . "','','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_languages"]) . "',0,'" . DBManager::RealEscape($_POST["p_operators_" . $count . "_lipr"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_websites_users"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_websites_config"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_bot"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_wm"]) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_wmohca"]) . "'," . $fac . "," . $lac . "," . (empty($_POST["p_operators_" . $count . "_deac"]) ? 0 : 2) . ",'" . DBManager::RealEscape($wcl ? 1 : 0) . "','" . DBManager::RealEscape($acl ? 1 : 0) . "','" . DBManager::RealEscape($aos) . "','" . DBManager::RealEscape($did) . "','" . DBManager::RealEscape($abm ? 1 : 0) . "','" . DBManager::RealEscape(@$_POST["p_operators_" . $count . "_mobile_ex"]) . "','" . DBManager::RealEscape(@$_POST["p_operators_" . $count . "_max_chats"]) . "');"); } if (!empty($_POST["p_operators_" . $count . "_pp"])) { queryDB(true, "DELETE FROM `" . DB_PREFIX . DATABASE_PROFILE_PICTURES . "` WHERE `webcam`='0' AND `internal_id`='" . DBManager::RealEscape($_POST["p_operators_" . $count . "_id"]) . "' LIMIT 1;"); queryDB(true, "INSERT INTO `" . DB_PREFIX . DATABASE_PROFILE_PICTURES . "` (`id` ,`internal_id`,`time` ,`webcam` ,`data`) VALUES ('" . DBManager::RealEscape(getId(32)) . "','" . DBManager::RealEscape($_POST["p_operators_" . $count . "_system_id"]) . "','" . DBManager::RealEscape(time()) . "',0,'" . DBManager::RealEscape($_POST["p_operators_" . $count . "_pp"]) . "');"); } $count++; } $count = 0; while (isset($_POST["p_groups_" . $count . "_id"])) { if (!empty($_POST["p_groups_" . $count . "_delete"])) { queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_GROUPS . "` WHERE `id`='" . DBManager::RealEscape($_POST["p_groups_" . $count . "_id"]) . "' LIMIT 1;"); } else { queryDB(true, "REPLACE INTO `" . $_prefix . DATABASE_GROUPS . "` (`id`, `dynamic`, `description`, `external`, `internal`, `created`, `email`, `standard`, `opening_hours`, `functions`, `chat_inputs_hidden`, `ticket_inputs_hidden`, `chat_inputs_required`, `ticket_inputs_required`, `chat_inputs_masked`, `ticket_inputs_masked`, `chat_inputs_cap`, `ticket_inputs_cap`, `max_chats`, `visitor_filters`, `chat_vouchers_required`, `pre_chat_html`, `post_chat_html`, `ticket_email_out`, `ticket_email_in`, `ticket_handle_unknown`, `chat_email_out`,`ticket_assignment`,`priorities`) VALUES ('" . DBManager::RealEscape($_POST["p_groups_" . $count . "_id"]) . "',0,'" . DBManager::RealEscape($_POST["p_groups_" . $count . "_description"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_external"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_internal"]) . "'," . time() . ",'" . DBManager::RealEscape($_POST["p_groups_" . $count . "_email"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_standard"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_opening_hours"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_functions"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_inputs_hidden"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_inputs_hidden"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_inputs_required"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_inputs_required"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_inputs_masked"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_inputs_masked"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_inputs_cap"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_inputs_cap"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_max_chats"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_visitor_filters"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_vouchers_required"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_pre_html"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_post_html"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_email_out"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_email_in"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_email_handling"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_chat_email_out"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_ticket_assign"]) . "','" . DBManager::RealEscape($_POST["p_groups_" . $count . "_priorities"]) . "');"); } $count++; } queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_OPERATOR_LOGINS . "`;"); $INTERNAL = $GROUPS = $VISITOR = null; initData(array("INTERNAL", "GROUPS", "VISITOR")); updatePredefinedMessages($_prefix); updateSignatures($_prefix); if (!empty($_POST["p_operators_0_id"])) { queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_AUTO_REPLIES . "` WHERE NOT EXISTS (SELECT * FROM `" . $_prefix . DATABASE_OPERATORS . "` WHERE `system_id` = `" . $_prefix . DATABASE_AUTO_REPLIES . "`.`owner_id`) AND NOT EXISTS (SELECT * FROM `" . $_prefix . DATABASE_GROUPS . "` WHERE `id` = `" . $_prefix . DATABASE_AUTO_REPLIES . "`.`owner_id`)"); queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_PROFILE_PICTURES . "` WHERE NOT EXISTS (SELECT * FROM `" . $_prefix . DATABASE_OPERATORS . "` WHERE `system_id` = `" . $_prefix . DATABASE_PROFILE_PICTURES . "`.`internal_id`);"); queryDB(true, "DELETE FROM `" . $_prefix . DATABASE_PROFILES . "` WHERE NOT EXISTS (SELECT * FROM `" . $_prefix . DATABASE_OPERATORS . "` WHERE `system_id` = `" . $_prefix . DATABASE_PROFILES . "`.`id`);"); if (isset($_POST[POST_INTERN_EDIT_USER])) { $combos = explode(";", $_POST[POST_INTERN_EDIT_USER]); for ($i = 0; $i < count($combos); $i++) { if (strpos($combos[$i], ",") !== false) { $vals = explode(",", $combos[$i]); if (strlen($vals[1]) > 0) { $INTERNAL[$vals[0]]->ChangePassword($vals[1], true); } if ($vals[2] == 1) { $INTERNAL[$vals[0]]->SetPasswordChangeNeeded(true); } } } } } setIdle(0); $RESPONSE->SetStandardResponse(1, ""); } } }