/**
* This function is beign used to load info that's needed for the show_reply page.
* check if the person is allowed to see the reply, if not he'll be redirected to an error page.
* data regarding to the reply will be returned by this function that will be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_reply()
{
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
$result['reply_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$reply = new Ticket_Reply();
$reply->load_With_TReplyId($result['reply_id']);
$ticket = new Ticket();
$ticket->load_With_TId($reply->getTicket());
//check if the user is allowed to see the reply
if ($ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() && !$reply->getHidden() || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$content = new Ticket_Content();
$content->load_With_TContentId($reply->getContent());
$author = new Ticket_User();
$author->load_With_TUserId($reply->getAuthor());
$result['hidden'] = $reply->getHidden();
$result['ticket_id'] = $reply->getTicket();
$result['reply_timestamp'] = $reply->getTimestamp();
$result['author_permission'] = $author->getPermission();
$result['reply_content'] = $content->getContent();
$result['author'] = $author->getExternId();
$webUser = new WebUsers($author->getExternId());
$result['authorName'] = $webUser->getUsername();
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_user page.
* Users can only browse their own user page, while mods/admins can browse all user pages. The current settings of the user being browsed will be loaded, as also their created tickets
* and this info will be returned so it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_user()
{
//if logged in
if (WebUsers::isLoggedIn()) {
//Users can only browse their own user page, while mods/admins can browse all user pages
if (!isset($_GET['id']) || Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) || $_GET['id'] == $_SESSION['id']) {
if (isset($_GET['id'])) {
$result['target_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
} else {
$result['target_id'] = $_SESSION['id'];
}
$webUser = new WebUsers($result['target_id']);
$result['target_name'] = $webUser->getUsername();
$result['mail'] = $webUser->getEmail();
$info = $webUser->getInfo();
$result['firstName'] = $info['FirstName'];
$result['lastName'] = $info['LastName'];
$result['country'] = $info['Country'];
$result['gender'] = $info['Gender'];
$ticket_user = Ticket_User::constr_ExternId($result['target_id']);
$result['userPermission'] = $ticket_user->getPermission();
if (Ticket_User::isAdmin(unserialize($_SESSION['ticket_user']))) {
$result['isAdmin'] = "TRUE";
}
$ticketlist = Ticket::getTicketsOf($ticket_user->getTUserId());
$result['ticketlist'] = Gui_Elements::make_table($ticketlist, array("getTId", "getTimestamp", "getTitle", "getStatus", "getStatusText", "getStatusText", "getCategoryName"), array("tId", "timestamp", "title", "status", "statustext", "statusText", "category"));
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
function forgot_password()
{
$email = filter_var($_POST["Email"], FILTER_SANITIZE_EMAIL);
$target_id = WebUsers::getIdFromEmail($email);
if ($target_id == "FALSE") {
//the email address doesn't exist.
$result['prevEmail'] = $email;
$result['EMAIL_ERROR'] = 'TRUE';
$result['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('forgot_password', $result);
throw new SystemExit();
}
$webUser = new WebUsers($target_id);
$target_username = $webUser->getUsername();
$target_hashedPass = $webUser->getHashedPass();
$hashed_key = hash('sha512', $target_hashedPass);
if (isset($_COOKIE['Language'])) {
$lang = $_COOKIE['Language'];
} else {
global $DEFAULT_LANGUAGE;
$lang = $DEFAULT_LANGUAGE;
}
global $AMS_TRANS;
$variables = parse_ini_file($AMS_TRANS . '/' . $lang . '.ini', true);
$mailText = array();
foreach ($variables['email'] as $key => $value) {
$mailText[$key] = $value;
}
//create the reset url
global $WEBPATH;
$resetURL = $WEBPATH . "?page=reset_password&user="******"&email=" . $email . "&key=" . $hashed_key;
//set email stuff
$recipient = $email;
$subject = $mailText['email_subject_forgot_password'];
$body = $mailText['email_body_forgot_password_header'] . $resetURL . $mailText['email_body_forgot_password_footer'];
Mail_Handler::send_mail($recipient, $subject, $body, NULL);
$result['EMAIL_SUCCESS'] = 'TRUE';
$result['prevEmail'] = $email;
$result['no_visible_elements'] = 'TRUE';
helpers::loadtemplate('forgot_password', $result);
throw new SystemExit();
}
/**
* return the attachments list
* @param $ticket_id the id of the ticket.
* @return a ticket_reply object.
*/
public static function getAttachments($ticket_id)
{
$dbl = new DBLayer("lib");
$statement = $dbl->select("`ticket_attachments`", array('ticket_TId' => $ticket_id), "`ticket_TId` =:ticket_TId ORDER BY Timestamp DESC");
$fetchall = $statement->fetchall();
$base = 0;
foreach ($fetchall as &$value) {
$webUser = new WebUsers($value['Uploader']);
$fetchall[$base]['Username'] = $webUser->getUsername();
$bytes = $fetchall[$base]['Filesize'];
$precision = 2;
$units = array('B', 'KB', 'MB', 'GB', 'TB');
$bytes = max($bytes, 0);
$pow = floor(($bytes ? log($bytes) : 0) / log(1024));
$pow = min($pow, count($units) - 1);
$bytes /= pow(1024, $pow);
$fetchall[$base]['Filesize'] = round($bytes, $precision) . ' ' . $units[$pow];
$base++;
}
return $fetchall;
}
/**
* This function is beign used to load info that's needed for the show_ticket_log page.
* This page shows the logs related to a ticket: who created the ticket, who replied on it, who viewed it, assigned or forwarded it.
* Only mods/admins are able to browse the log though. The found information is returned so it can be used by the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_ticket_log()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
//only allow admins to browse the log!
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']);
$result['ticket_title'] = $target_ticket->getTitle();
//return all logs related to a ticket.
$ticket_logs = Ticket_Log::getLogsOfTicket($result['ticket_id']);
$log_action_array = Ticket_Log::getActionTextArray();
//fetch information about each returned ticket in a format that is usable for the template
$result['ticket_logs'] = Gui_Elements::make_table($ticket_logs, array("getTLogId", "getTimestamp", "getAuthor()->getExternId", "getAction", "getArgument()"), array("tLogId", "timestamp", "authorExtern", "action", "argument"));
$i = 0;
//for each ticket add action specific informaton to the to-be-shown text: uses the query_backpart
foreach ($result['ticket_logs'] as $log) {
$webUser = new WebUsers($log['authorExtern']);
$author = $webUser->getUsername();
$result['ticket_logs'][$i]['author'] = $author;
$query_backpart = "";
if ($log['action'] == 2) {
$webUser2 = new WebUsers($log['argument']);
$query_backpart = $webUser2->getUsername();
} else {
if ($log['action'] == 4) {
if (Helpers::check_if_game_client()) {
$query_backpart = "<a href='" . $INGAME_WEBPATH . "?page=show_reply&id=" . $log['argument'] . "'>ID#" . $log['argument'] . "</a>";
} else {
$query_backpart = "<a href='" . $WEBPATH . "?page=show_reply&id=" . $log['argument'] . "'>ID#" . $log['argument'] . "</a>";
}
} else {
if ($log['action'] == 5) {
$statusArray = Ticket::getStatusArray();
$query_backpart = $statusArray[$log['argument']];
} else {
if ($log['action'] == 6) {
$priorityArray = Ticket::getPriorityArray();
$query_backpart = $priorityArray[$log['argument']];
} else {
if ($log['action'] == 8) {
if (Helpers::check_if_game_client()) {
$query_backpart = "<a href='" . $INGAME_WEBPATH . "?page=show_sgroupy&id=" . $log['argument'] . "'>" . Support_Group::getGroup($log['argument'])->getName() . "</a>";
} else {
$query_backpart = "<a href='" . $WEBPATH . "?page=show_sgroupy&id=" . $log['argument'] . "'>" . Support_Group::getGroup($log['argument'])->getName() . "</a>";
}
}
}
}
}
}
$result['ticket_logs'][$i]['query'] = $author . " " . $log_action_array[$log['action']] . " " . $query_backpart;
$result['ticket_logs'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($log['timestamp']);
$i++;
}
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to change the users password.
* It will first check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* If the executing user tries to change someone elses password, he doesn't has to fill in the previous password. The password will be validated first. If the checking was successful the password will be updated and the settings template will be reloaded. Errors made by invalid data will be shown
* also after reloading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_password()
{
try {
//if logged in
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
$adminChangesOther = false;
//if target_id is the same as session id or is admin
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the password is of the executing user himself
$target_username = $_SESSION['user'];
} else {
//if the password is of someone else.
$webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername();
//isAdmin is true when it's the admin, but the target_id != own id
$adminChangesOther = true;
$_POST["CurrentPass"] = "******";
}
$webUser = new WebUsers($_POST['target_id']);
$params = array('user' => $target_username, 'CurrentPass' => $_POST["CurrentPass"], 'NewPass' => $_POST["NewPass"], 'ConfirmNewPass' => $_POST["ConfirmNewPass"], 'adminChangesOther' => $adminChangesOther);
$result = $webUser->check_change_password($params);
if ($result == "success") {
//edit stuff into db
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$succresult = settings();
$status = WebUsers::setPassword($target_username, $_POST["NewPass"]);
if ($status == 'ok') {
$succresult['SUCCESS_PASS'] = "******";
} else {
if ($status == 'shardoffline') {
$succresult['SUCCESS_PASS'] = "******";
}
}
$succresult['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$succresult['no_visible_elements'] = 'FALSE';
$succresult['username'] = $_SESSION['user'];
$succresult['target_id'] = $_POST['target_id'];
helpers::loadtemplate('settings', $succresult);
throw new SystemExit();
} else {
$result['prevCurrentPass'] = filter_var($_POST["CurrentPass"], FILTER_SANITIZE_STRING);
$result['prevNewPass'] = filter_var($_POST["NewPass"], FILTER_SANITIZE_STRING);
$result['prevConfirmNewPass'] = filter_var($_POST["ConfirmNewPass"], FILTER_SANITIZE_STRING);
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
$result['target_id'] = $_POST['target_id'];
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$settings = settings();
$result = array_merge($result, $settings);
helpers::loadtemplate('settings', $result);
throw new SystemExit();
}
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_ticket page.
* check if the person browsing this page is a mod/admin or the ticket creator himself, if not he'll be redirected to an error page.
* if the $_GET['action'] var is set and the user executing is a mod/admin, it will try to execute the action. The actions here are: forwarding of a ticket,
* assigning a ticket and unassigning a ticket. This function returns a lot of information that will be used by the template to show the ticket. Mods/admins will be able to
* also see hidden replies to a ticket.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_ticket()
{
//if logged in
if (WebUsers::isLoggedIn() && isset($_GET['id'])) {
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
$result['ticket_id'] = filter_var($_GET['id'], FILTER_SANITIZE_NUMBER_INT);
$target_ticket = new Ticket();
$target_ticket->load_With_TId($result['ticket_id']);
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case "forward":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$group_id = filter_var($_POST['group'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::forwardTicket($result['user_id'], $ticket_id, $group_id);
break;
case "assignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::assignTicket($result['user_id'], $ticket_id);
break;
case "unAssignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($result['user_id'], $ticket_id);
break;
}
}
}
if ($target_ticket->getAuthor() == unserialize($_SESSION['ticket_user'])->getTUserId() || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$show_as_admin = false;
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$show_as_admin = true;
}
$entire_ticket = Ticket::getEntireTicket($result['ticket_id'], $show_as_admin);
Ticket_Log::createLogEntry($result['ticket_id'], unserialize($_SESSION['ticket_user'])->getTUserId(), 3);
$result['ticket_tId'] = $entire_ticket['ticket_obj']->getTId();
$result['ticket_forwardedGroupName'] = $entire_ticket['ticket_obj']->getForwardedGroupName();
$result['ticket_forwardedGroupId'] = $entire_ticket['ticket_obj']->getForwardedGroupId();
$result['ticket_title'] = $entire_ticket['ticket_obj']->getTitle();
$result['ticket_timestamp'] = $entire_ticket['ticket_obj']->getTimestamp();
$result['ticket_status'] = $entire_ticket['ticket_obj']->getStatus();
$result['ticket_author'] = $entire_ticket['ticket_obj']->getAuthor();
$result['ticket_prioritytext'] = $entire_ticket['ticket_obj']->getPriorityText();
$result['ticket_priorities'] = Ticket::getPriorityArray();
$result['ticket_priority'] = $entire_ticket['ticket_obj']->getPriority();
$result['ticket_statustext'] = $entire_ticket['ticket_obj']->getStatusText();
$result['ticket_lastupdate'] = Gui_Elements::time_elapsed_string(Ticket::getLatestReply($result['ticket_id'])->getTimestamp());
$result['ticket_category'] = $entire_ticket['ticket_obj']->getCategoryName();
$webUser = new WebUsers(Assigned::getUserAssignedToTicket($result['ticket_tId']));
$result['ticket_assignedToText'] = $webUser->getUsername();
$result['ticket_assignedTo'] = Assigned::getUserAssignedToTicket($result['ticket_tId']);
$result['ticket_replies'] = Gui_Elements::make_table($entire_ticket['reply_array'], array("getTReplyId", "getContent()->getContent", "getTimestamp", "getAuthor()->getExternId", "getAuthor()->getPermission", "getHidden"), array("tReplyId", "replyContent", "timestamp", "authorExtern", "permission", "hidden"));
$i = 0;
global $FILE_WEB_PATH;
$result['FILE_WEB_PATH'] = $FILE_WEB_PATH;
global $BASE_WEBPATH;
$result['BASE_WEBPATH'] = $BASE_WEBPATH;
foreach ($result['ticket_replies'] as $reply) {
$webReplyUser = new WebUsers($reply['authorExtern']);
$result['ticket_replies'][$i]['author'] = $webReplyUser->getUsername();
$i++;
}
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
$result['isMod'] = "TRUE";
$result['statusList'] = Ticket::getStatusArray();
$result['sGroups'] = Gui_Elements::make_table_with_key_is_id(Support_Group::getAllSupportGroups(), array("getName"), "getSGroupId");
}
$result['hasInfo'] = $target_ticket->hasInfo();
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
//get attachments
$result['ticket_attachments'] = Ticket::getAttachments($result['ticket_id']);
return $result;
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* This function is beign used to change the users emailaddress info.
* It will first check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* The emailaddress will be validated first. If the checking was successful the email will be updated and the settings template will be reloaded. Errors made by invalid data will be shown
* also after reloading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_mail()
{
try {
//if logged in
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
//check if the user who executed this function is the person of whom the emailaddress is or if it's a mod/admin.
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the email is of the executing user himself
$target_username = $_SESSION['user'];
} else {
//if its from someone else.
$webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername();
}
$webUser = new WebUsers($_POST['target_id']);
//check if emailaddress is valid.
$reply = $webUser->checkEmail($_POST['NewEmail']);
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$result = settings();
if ($reply != "success") {
$result['EMAIL_ERROR'] = 'TRUE';
} else {
$result['EMAIL_ERROR'] = 'FALSE';
}
$result['prevNewEmail'] = filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL);
if ($reply == "success") {
//if validation was successful, update the emailaddress
$status = WebUsers::setEmail($target_username, filter_var($_POST["NewEmail"], FILTER_SANITIZE_EMAIL));
if ($status == 'ok') {
$result['SUCCESS_MAIL'] = "OK";
} else {
if ($status == 'shardoffline') {
$result['SUCCESS_MAIL'] = "SHARDOFF";
}
}
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
$result['target_id'] = $_POST['target_id'];
if (isset($_GET['id'])) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_POST['target_id'] != $_SESSION['id']) {
$result['isMod'] = "TRUE";
}
}
helpers::loadtemplate('settings', $result);
throw new SystemExit();
} else {
$result['EMAIL'] = $reply;
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['no_visible_elements'] = 'FALSE';
$result['username'] = $_SESSION['user'];
$result['target_id'] = $_POST['target_id'];
if (isset($_GET['id'])) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user'])) && $_POST['target_id'] != $_SESSION['id']) {
$result['isMod'] = "TRUE";
}
}
$result['CEMAIL_ERROR'] = true;
helpers::loadtemplate('settings', $result);
throw new SystemExit();
}
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correctly
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
/**
* This function is beign used to load info that's needed for the show_queue page.
* check if the person who wants to view this page is a mod/admin, if this is not the case, he will be redirected to an error page.
* if an action is set (this is done by $_GET['action']) it will try to execute it first, actions are: assign a ticket, unassign a ticket an create a queue.
* There are a few predefined queues which is the 'all tickets' queue, 'archive' queue, 'todo' queue, .. these are passed by $_GET['get'].
* if $_GET['get'] = create; then it's a custom made queue, this will call the createQueue function which builds the query that we will later use to get the tickets.
* The tickets fetched will be returned and used in the template. Now why use POST and GET params here and have a createQueue function twice? Well the first time someone creates
* a queue the POST variables will be used, however after going to the next page it will use the GET params.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function show_queue()
{
global $INGAME_WEBPATH;
global $WEBPATH;
//if logged in & queue id is given
if (WebUsers::isLoggedIn() && isset($_GET['get'])) {
if (Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
//the queue you want to see.
$result['queue_view'] = filter_var($_GET['get'], FILTER_SANITIZE_STRING);
$user_id = unserialize($_SESSION['ticket_user'])->getTUserId();
$queueArray = array();
$queue_handler = new Ticket_Queue_handler();
//Pagination Base Links
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
//form url to keep the getters constant
if (Helpers::check_if_game_client()) {
$result['getURL'] = $INGAME_WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
} else {
$result['getURL'] = $WEBPATH . "?page=show_queue&get=" . $result['queue_view'];
}
if (isset($_GET['pagenum'])) {
$result['getURL'] = $result['getURL'] . "&pagenum=" . $_GET['pagenum'];
}
if (isset($_GET['get']) && $_GET['get'] == "create" && isset($_GET['userid']) && isset($_GET['groupid']) && isset($_GET['what']) && isset($_GET['how']) && isset($_GET['who'])) {
$userid = filter_var($_GET['userid'], FILTER_SANITIZE_NUMBER_INT);
$groupid = filter_var($_GET['groupid'], FILTER_SANITIZE_NUMBER_INT);
$what = filter_var($_GET['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_GET['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_GET['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
//if an action is set
if (isset($_POST['action'])) {
switch ($_POST['action']) {
case "assignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::assignTicket($user_id, $ticket_id);
break;
case "unAssignTicket":
$ticket_id = filter_var($_POST['ticket_id'], FILTER_SANITIZE_NUMBER_INT);
$result['ACTION_RESULT'] = Ticket::unAssignTicket($user_id, $ticket_id);
break;
case "create_queue":
$userid = filter_var($_POST['userid'], FILTER_SANITIZE_NUMBER_INT);
if (isset($_POST['groupid'])) {
$groupid = filter_var($_POST['groupid'], FILTER_SANITIZE_NUMBER_INT);
} else {
$groupid = 0;
}
$what = filter_var($_POST['what'], FILTER_SANITIZE_STRING);
$how = filter_var($_POST['how'], FILTER_SANITIZE_STRING);
$who = filter_var($_POST['who'], FILTER_SANITIZE_STRING);
//create the custom queue
$queue_handler->CreateQueue($userid, $groupid, $what, $how, $who);
if (Helpers::check_if_game_client()) {
$result['pagination_base_link'] = $INGAME_WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
} else {
$result['pagination_base_link'] = $WEBPATH . "?page=show_queue&get=create&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
}
$result['prev_created_userid'] = $userid;
$result['prev_created_groupid'] = $groupid;
$result['prev_created_what'] = $what;
$result['prev_created_how'] = $how;
$result['prev_created_who'] = $who;
$result['getURL'] = $result['getURL'] . "&userid=" . $userid . "&groupid=" . $groupid . "&what=" . $what . "&how=" . $how . "&who=" . $who;
break;
}
}
$queueArray = $queue_handler->getTickets($result['queue_view'], $user_id);
//pagination
$result['links'] = $queue_handler->getPagination()->getLinks(5);
$result['lastPage'] = $queue_handler->getPagination()->getLast();
$result['currentPage'] = $queue_handler->getPagination()->getCurrent();
//if queue_view is a valid parameter value
if ($queueArray != "ERROR") {
$result['tickets'] = Gui_Elements::make_table($queueArray, array("getTId", "getTitle", "getTimestamp", "getAuthor()->getExternId", "getTicket_Category()->getName", "getStatus", "getStatusText", "getAssigned", "getForwardedGroupName", "getForwardedGroupId"), array("tId", "title", "timestamp", "authorExtern", "category", "status", "statusText", "assigned", "forwardedGroupName", "forwardedGroupId"));
$i = 0;
foreach ($result['tickets'] as $ticket) {
$web_author = new WebUsers($ticket['authorExtern']);
$result['tickets'][$i]['author'] = $web_author->getUsername();
$web_assigned = new WebUsers($ticket['assigned']);
$result['tickets'][$i]['assignedText'] = $web_assigned->getUsername();
$result['tickets'][$i]['timestamp_elapsed'] = Gui_Elements::time_elapsed_string($ticket['timestamp']);
$i++;
}
$result['user_id'] = unserialize($_SESSION['ticket_user'])->getTUserId();
//Queue creator field info
$result['grouplist'] = Gui_Elements::make_table(Support_Group::getGroups(), array("getSGroupId", "getName"), array("sGroupId", "name"));
$result['teamlist'] = Gui_Elements::make_table(Ticket_User::getModsAndAdmins(), array("getTUserId", "getExternId"), array("tUserId", "externId"));
$i = 0;
foreach ($result['teamlist'] as $member) {
$web_teammember = new Webusers($member['externId']);
$result['teamlist'][$i]['name'] = $web_teammember->getUsername();
$i++;
}
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
return $result;
} else {
//ERROR: Doesn't exist!
$_SESSION['error_code'] = "404";
header("Cache-Control: max-age=1");
header("Location: ams?page=error");
throw new SystemExit();
}
} else {
//ERROR: No access!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: not logged in!
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
}
/**
* return the username of a ticket_user.
* @param $id the TUserId of the entry.
* @return string containing username of that user.
*/
public static function get_username_from_id($id)
{
$user = new Ticket_User();
$user->load_With_TUserId($id);
$webUser = new WebUsers($user->getExternId());
return $webUser->getUsername();
}
/**
* This function is beign used to change the users personal info.
* It will first check if the user who executed this function is the person of whom the information is or if it's a mod/admin. If this is not the case the page will be redirected to an error page.
* afterwards the current info will be loaded, which will be used to determine what to update. After updating the information, the settings template will be reloaded. Errors made by invalid data will be shown
* also after reloading the template.
* @author Daan Janssens, mentored by Matthew Lagoe
*/
function change_info()
{
try {
//if logged in
if (WebUsers::isLoggedIn()) {
if (isset($_POST['target_id'])) {
// check if the user who executed this function is the person of whom the information is or if it's a mod/admin.
if ($_POST['target_id'] == $_SESSION['id'] || Ticket_User::isMod(unserialize($_SESSION['ticket_user']))) {
if ($_POST['target_id'] == $_SESSION['id']) {
//if the info is of the executing user himself
$target_username = $_SESSION['user'];
} else {
//if the info is from someone else.
$webUser = new WebUsers($_POST['target_id']);
$target_username = $webUser->getUsername();
}
$webUser = new WebUsers($_POST['target_id']);
//use current info to check for changes
$current_info = $webUser->getInfo();
$current_info['FirstName'] = filter_var($current_info['FirstName'], FILTER_SANITIZE_STRING);
$current_info['LastName'] = filter_var($current_info['LastName'], FILTER_SANITIZE_STRING);
$current_info['Country'] = filter_var($current_info['Country'], FILTER_SANITIZE_STRING);
$current_info['Gender'] = filter_var($current_info['Gender'], FILTER_SANITIZE_NUMBER_INT);
$updated = false;
$values = array();
$values['user'] = $target_username;
//make the query that will update the data.
$query = "UPDATE ams_user SET ";
if ($_POST['FirstName'] != "" && $_POST['FirstName'] != $current_info['FirstName']) {
$query = $query . "FirstName = :fName ";
$updated = true;
$values['fName'] = filter_var($_POST['FirstName'], FILTER_SANITIZE_STRING);
}
if ($_POST['LastName'] != "" && $_POST['LastName'] != $current_info['LastName']) {
if ($updated) {
$query = $query . ", LastName = :lName ";
} else {
$query = $query . "LastName = :lName ";
}
$updated = true;
$values['lName'] = filter_var($_POST['LastName'], FILTER_SANITIZE_STRING);
}
if ($_POST['Country'] != "AA" && $_POST['Country'] != $current_info['Country']) {
if ($updated) {
$query = $query . ", Country = :country ";
} else {
$query = $query . "Country = :country ";
}
$updated = true;
$values['country'] = filter_var($_POST['Country'], FILTER_SANITIZE_STRING);
}
if ($_POST['Gender'] != $current_info['Gender']) {
if ($updated) {
$query = $query . ", Gender = :gender ";
} else {
$query = $query . "Gender = :gender ";
}
$updated = true;
$values['gender'] = filter_var($_POST['Gender'], FILTER_SANITIZE_NUMBER_INT);
}
//finish the query!
$query = $query . "WHERE Login = :user";
//if some field is update then:
if ($updated) {
//execute the query in the web DB.
$dbw = new DBLayer("web");
$dbw->execute($query, $values);
}
//reload the settings inc function before recalling the settings template.
global $SITEBASE;
require_once $SITEBASE . '/inc/settings.php';
$result = settings();
if ($updated) {
$result['info_updated'] = "OK";
}
$result['permission'] = unserialize($_SESSION['ticket_user'])->getPermission();
$result['username'] = $_SESSION['user'];
$result['no_visible_elements'] = 'FALSE';
$result['target_id'] = $_POST['target_id'];
global $INGAME_WEBPATH;
$result['ingame_webpath'] = $INGAME_WEBPATH;
helpers::loadtemplate('settings', $result);
throw new SystemExit();
} else {
//ERROR: permission denied!
$_SESSION['error_code'] = "403";
header("Cache-Control: max-age=1");
header("Location: index.php?page=error");
throw new SystemExit();
}
} else {
//ERROR: The form was not filled in correclty
header("Cache-Control: max-age=1");
header("Location: index.php?page=settings");
throw new SystemExit();
}
} else {
//ERROR: user is not logged in
header("Cache-Control: max-age=1");
header("Location: index.php");
throw new SystemExit();
}
} catch (PDOException $e) {
//go to error page or something, because can't access website db
print_r($e);
throw new SystemExit();
}
}
