* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
require_once '../libs/chat.php';
$operator = check_login();
$page = array();
setlocale(LC_TIME, getstring("time.locale"));
function notification_info($id)
{
global $mysqlprefix;
$link = connect();
$notification = select_one_row(db_build_select("id, locale, vckind, vcto, unix_timestamp(dtmcreated) as created, vcsubject, tmessage, refoperator", "{$mysqlprefix}chatnotification", array("id = {$id}"), ""), $link);
mysql_close($link);
return $notification;
}
$notificationid = verifyparam("id", "/^(\\d{1,9})\$/");
$page['notification'] = notification_info($notificationid);
prepare_menu($operator, false);
start_html_output();
require '../view/notification.php';
function verifyparam_groupid($paramid)
{
global $settings, $errors;
$groupid = "";
if ($settings['enablegroups'] == '1') {
$groupid = verifyparam($paramid, "/^\\d{0,10}\$/", "");
if ($groupid) {
$group = group_by_id($groupid);
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$groupid = "";
}
}
}
return $groupid;
}
function prepare_pagination($items_count, $default_items_per_page = 15)
{
global $page;
if ($items_count) {
$items_per_page = verifyparam("items", "/^\\d{1,3}\$/", $default_items_per_page);
if ($items_per_page < 2) {
$items_per_page = 2;
}
$total_pages = div($items_count + $items_per_page - 1, $items_per_page);
$curr_page = verifyparam("page", "/^\\d{1,6}\$/", 1);
if ($curr_page < 1) {
$curr_page = 1;
}
if ($curr_page > $total_pages) {
$curr_page = $total_pages;
}
$start_index = ($curr_page - 1) * $items_per_page;
$end_index = min($start_index + $items_per_page, $items_count);
$page['pagination'] = array("page" => $curr_page, "items" => $items_per_page, "total" => $total_pages, "count" => $items_count, "start" => $start_index, "end" => $end_index, "limit" => "LIMIT {$start_index}," . ($end_index - $start_index));
} else {
$page['pagination'] = true;
}
}
global $mibew_encoding;
echo "<operators>";
$operators = operator_get_all();
foreach ($operators as $operator) {
if (!operator_is_online($operator)) {
continue;
}
$name = myiconv($mibew_encoding, "utf-8", safe_htmlspecialchars(safe_htmlspecialchars($operator['vclocalename'])));
$away = operator_is_away($operator) ? " away=\"1\"" : "";
echo "<operator name=\"{$name}\"{$away}/>";
}
echo "</operators>";
}
$since = verifyparam("since", "/^\\d{1,10}\$/", 0);
$status = verifyparam("status", "/^\\d{1,2}\$/", 0);
$showonline = verifyparam("showonline", "/^1\$/", 0);
$link = connect();
loadsettings_($link);
if (!isset($_SESSION["{$mysqlprefix}operatorgroups"])) {
$_SESSION["{$mysqlprefix}operatorgroups"] = get_operator_groupslist($operator['operatorid'], $link);
}
close_old_threads($link);
mysql_close($link);
$groupids = $_SESSION["{$mysqlprefix}operatorgroups"];
start_xml_output();
echo '<update>';
if ($showonline) {
print_operators();
}
print_pending_threads($groupids, $since);
echo '</update>';
}
header("Location: {$webimroot}/operator/operator.php?op={$opId}&stored");
exit;
}
} else {
$page['formlogin'] = topage($login);
$page['formname'] = topage($localname);
$page['formemail'] = topage($email);
$page['formjabber'] = topage($jabber);
$page['formjabbernotify'] = $jabbernotify;
$page['formcommonname'] = topage($commonname);
$page['opid'] = topage($opId);
}
} else {
if (isset($_GET['op'])) {
$opId = verifyparam('op', "/^\\d{1,9}\$/");
$op = operator_by_id($opId);
if (!$op) {
$errors[] = getlocal("no_such_operator");
$page['opid'] = topage($opId);
} else {
$page['formlogin'] = topage($op['vclogin']);
$page['formname'] = topage($op['vclocalename']);
$page['formemail'] = topage($op['vcemail']);
$page['formjabber'] = topage($op['vcjabbername']);
$page['formjabbernotify'] = $op['inotify'] != 0;
$page['formcommonname'] = topage($op['vccommonname']);
$page['opid'] = topage($op['operatorid']);
}
}
}
loadsettings();
$stringid = verifyparam("key", "/^\\d{0,10}\$/", "");
$errors = array();
$page = array();
if ($stringid) {
$message = load_message($stringid);
if (!$message) {
$errors[] = getlocal("cannededit.no_such");
$stringid = "";
}
} else {
$message = "";
$page['locale'] = verifyparam("lang", "/^[\\w-]{2,5}\$/", "");
$page['groupid'] = "";
if ($settings['enablegroups'] == '1') {
$page['groupid'] = verifyparam("group", "/^\\d{0,10}\$/");
}
}
if (isset($_POST['message'])) {
$message = getparam('message');
if (!$message) {
$errors[] = no_field("form.field.message");
}
if (count($errors) == 0) {
if ($stringid) {
save_message($stringid, $message);
} else {
add_message($page['locale'], $page['groupid'], $message);
}
$page['saved'] = true;
prepare_menu($operator, false);
* the provisions of the GPL are applicable instead of those above. If you wish
* to allow use of your version of this file only under the terms of the GPL, and
* not to allow others to use your version of this file under the terms of the
* EPL, indicate your decision by deleting the provisions above and replace them
* with the notice and other provisions required by the GPL.
*
* Contributors:
* Evgeny Gryaznov - initial API and implementation
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
require_once '../libs/settings.php';
$errors = array();
$page = array('version' => $version, 'showform' => true);
$opId = verifyparam("id", "/^\\d{1,9}\$/");
$token = verifyparam("token", "/^[\\dabcdef]+\$/");
$operator = operator_by_id($opId);
if (!$operator) {
$errors[] = "No such operator";
$page['showform'] = false;
} else {
if ($token != $operator['vcrestoretoken']) {
$errors[] = "Wrong token";
$page['showform'] = false;
}
}
if (count($errors) == 0 && isset($_POST['password'])) {
$password = getparam('password');
$passwordConfirm = getparam('passwordConfirm');
if (!$password) {
$errors[] = no_field("form.field.password");
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
require_once 'dbinfo.php';
function runsql($query, $link)
{
$res = mysql_query($query, $link) or show_install_err(' Query failed: ' . mysql_error($link));
return $res;
}
$act = verifyparam("act", "/^(silentcreateall|createdb|ct|dt|addcolumns)\$/");
$link = @mysql_connect($mysqlhost, $mysqllogin, $mysqlpass) or show_install_err('Could not connect: ' . mysql_error());
if ($act == "silentcreateall") {
mysql_query("CREATE DATABASE {$mysqldb}", $link) or show_install_err(' Query failed: ' . mysql_error($link));
foreach ($dbtables as $id) {
create_table($id, $link);
}
} else {
if ($act == "createdb") {
mysql_query("CREATE DATABASE {$mysqldb}", $link) or show_install_err(' Query failed: ' . mysql_error($link));
} else {
mysql_select_db($mysqldb, $link) or show_install_err('Could not select database');
if ($force_charset_in_connection) {
mysql_query("SET character set {$dbencoding}", $link);
}
if ($act == "ct") {
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
require_once '../libs/chat.php';
require_once '../libs/userinfo.php';
require_once '../libs/pagination.php';
$operator = check_login();
loadsettings();
$page = array();
setlocale(LC_TIME, getstring("time.locale"));
$userid = "";
if (isset($_GET['userid'])) {
$userid = verifyparam("userid", "/^.{0,63}\$/", "");
}
function threads_by_userid($userid)
{
global $mysqlprefix;
if ($userid == "") {
return null;
}
$link = connect();
$query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, " . " threadid, remote, agentName, userName " . "from {$mysqlprefix}chatthread " . "where userid=\"{$userid}\" order by created DESC", $userid);
$result = mysql_query($query, $link) or die(' Query failed: ' . mysql_error($link));
$foundThreads = array();
while ($thread = mysql_fetch_array($result, MYSQL_ASSOC)) {
$foundThreads[] = $thread;
}
mysql_free_result($result);
} else {
if (isset($_GET['id'])) {
$banId = verifyparam('id', "/^\\d{1,10}\$/");
$link = connect();
$ban = select_one_row("select banid,(unix_timestamp(dtmtill)-unix_timestamp(CURRENT_TIMESTAMP)) as days,address,comment from {$mysqlprefix}chatban where banid = " . intval($banId), $link);
mysql_close($link);
if ($ban) {
$page['banId'] = topage($ban['banid']);
$page['formaddress'] = topage($ban['address']);
$page['formdays'] = topage(round($ban['days'] / 86400));
$page['formcomment'] = topage($ban['comment']);
} else {
$errors[] = "Wrong id";
}
} else {
if (isset($_GET['thread'])) {
$threadid = verifyparam('thread', "/^\\d{1,10}\$/");
$thread = thread_by_id($threadid);
if ($thread) {
$page['thread'] = topage($thread['userName']);
$page['threadid'] = $threadid;
$page['formaddress'] = topage($thread['remote']);
$page['formdays'] = 15;
}
}
}
}
prepare_menu($operator, false);
start_html_output();
require '../view/ban.php';
exit;
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once '../libs/common.php';
require_once '../libs/operator.php';
require_once '../libs/chat.php';
require_once '../libs/userinfo.php';
$operator = check_login();
$page = array();
loadsettings();
setlocale(LC_TIME, getstring("time.locale"));
function thread_info($id)
{
global $mysqlprefix;
$link = connect();
$thread = select_one_row("select userName,agentName,remote,userAgent," . "unix_timestamp(dtmmodified) as modified, unix_timestamp(dtmcreated) as created," . "vclocalname as groupName " . "from {$mysqlprefix}chatthread left join {$mysqlprefix}chatgroup on {$mysqlprefix}chatthread.groupid = {$mysqlprefix}chatgroup.groupid " . "where threadid = " . intval($id), $link);
mysql_close($link);
return $thread;
}
if (isset($_GET['threadid'])) {
$threadid = verifyparam("threadid", "/^(\\d{1,10})?\$/", "");
$lastid = -1;
$page['threadMessages'] = get_messages($threadid, "html", false, $lastid);
$page['thread'] = thread_info($threadid);
}
prepare_menu($operator, false);
start_html_output();
require '../view/thread_log.php';
$page = array('agentId' => '');
$errors = array();
$options = array('enableban', 'usercanchangename', 'enablegroups', 'enablestatistics', 'enablejabber', 'enablessl', 'forcessl', 'enablepresurvey', 'surveyaskmail', 'surveyaskgroup', 'surveyaskmessage', 'surveyaskcaptcha', 'enablepopupnotification', 'showonlineoperators', 'enablecaptcha');
loadsettings();
if ($settings['featuresversion'] != $featuresversion) {
$settings['featuresversion'] = $featuresversion;
update_settings();
}
$params = array();
foreach ($options as $opt) {
$params[$opt] = $settings[$opt];
}
if (isset($_POST['sent'])) {
if (is_capable($can_administrate, $operator)) {
foreach ($options as $opt) {
$settings[$opt] = verifyparam($opt, "/^on\$/", "") == "on" ? "1" : "0";
}
update_settings();
header("Location: {$mibewroot}/operator/features.php?stored");
exit;
} else {
$errors[] = "Not an administrator";
}
}
$page['canmodify'] = is_capable($can_administrate, $operator);
$page['stored'] = isset($_GET['stored']);
foreach ($options as $opt) {
$page["form{$opt}"] = $params[$opt] == "1";
}
prepare_menu($operator);
setup_settings_tabs(1);
} else {
update_group($groupid, $name, $description, $commonname, $commondescription, $email);
header("Location: {$webimroot}/operator/group.php?gid={$groupid}&stored");
exit;
}
} else {
$page['formname'] = topage($name);
$page['formdescription'] = topage($description);
$page['formcommonname'] = topage($commonname);
$page['formcommondescription'] = topage($commondescription);
$page['formemail'] = topage($email);
$page['grid'] = topage($groupid);
}
} else {
if (isset($_GET['gid'])) {
$groupid = verifyparam('gid', "/^\\d{1,9}\$/");
$group = group_by_id($groupid);
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$page['grid'] = topage($groupid);
} else {
$page['formname'] = topage($group['vclocalname']);
$page['formdescription'] = topage($group['vclocaldescription']);
$page['formcommonname'] = topage($group['vccommonname']);
$page['formcommondescription'] = topage($group['vccommondescription']);
$page['formemail'] = topage($group['vcemail']);
$page['grid'] = topage($group['groupid']);
}
}
}
$page['stored'] = isset($_GET['stored']);
}
if ($email) {
post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.email', array($email), true), $link);
}
if ($info) {
post_message_($thread['threadid'], $kind_for_agent, getstring2('chat.visitor.info', array($info), true), $link);
}
post_message_($thread['threadid'], $kind_user, $message, $link, $name);
mysql_close($link);
}
$groupid = "";
$groupname = "";
$group = NULL;
loadsettings();
if ($settings['enablegroups'] == '1') {
$groupid = verifyparam("group", "/^\\d{1,10}\$/", "");
if ($groupid) {
$group = group_by_id($groupid);
if (!$group) {
$groupid = "";
} else {
$groupname = get_group_name($group);
}
}
}
$email = getparam('email');
$visitor_name = getparam('name');
$message = getparam('message');
$info = getparam('info');
$referrer = urldecode(getparam("referrer"));
if (!$email) {
start_xml_output();
echo "<error><descr>{$message}</descr></error>";
exit;
}
ping_thread($thread, $isuser, $istyping);
if (!$isuser && $act != "rename") {
$operator = check_login();
check_for_reassign($thread, $operator);
}
if ($act == "refresh") {
$lastid = verifyparam("lastid", "/^\\d{1,10}\$/", -1);
print_thread_messages($thread, $token, $lastid, $isuser, $outformat, $isuser ? null : $operator['operatorid']);
exit;
} else {
if ($act == "post") {
$lastid = verifyparam("lastid", "/^\\d{1,10}\$/", -1);
$message = getrawparam('message');
$kind = $isuser ? $kind_user : $kind_agent;
$from = $isuser ? $thread['userName'] : $thread['agentName'];
if (!$isuser && $operator['operatorid'] != $thread['agentId']) {
show_error("cannot send");
}
$link = connect();
$postedid = post_message_($threadid, $kind, $message, $link, $from, null, $isuser ? null : $operator['operatorid']);
if ($isuser && $postedid && $thread["shownmessageid"] == 0) {
commit_thread($thread['threadid'], array('shownmessageid' => intval($postedid)), $link);
}
mysql_close($link);
print_thread_messages($thread, $token, $lastid, $isuser, $outformat, $isuser ? null : $operator['operatorid']);
exit;
} else {
mysql_close($link);
}
$opId = verifyparam("op", "/^\\d{1,9}\$/");
$page = array('opid' => $opId, 'canmodify' => is_capable($can_administrate, $operator) ? "1" : "");
$errors = array();
$op = operator_by_id($opId);
if (!$op) {
$errors[] = getlocal("no_such_operator");
} else {
if (isset($_POST['op'])) {
if (!is_capable($can_administrate, $operator)) {
$errors[] = getlocal('page_agent.cannot_modify');
}
$new_permissions = isset($op['iperm']) ? $op['iperm'] : 0;
foreach ($permission_ids as $perm => $id) {
if (verifyparam("permissions{$id}", "/^on\$/", "") == "on") {
$new_permissions |= 1 << $perm;
} else {
$new_permissions &= ~(1 << $perm);
}
}
if (count($errors) == 0) {
update_operator_permissions($op['operatorid'], $new_permissions);
if ($opId && $_SESSION["{$mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
$_SESSION["{$mysqlprefix}operator"]['iperm'] = $new_permissions;
}
header("Location: {$webimroot}/operator/permissions.php?op={$opId}&stored");
exit;
}
}
}
require_once '../libs/common.php';
require_once '../libs/chat.php';
require_once '../libs/operator.php';
$operator = check_login();
setlocale(LC_TIME, getstring("time.locale"));
$page = array();
$page['operator'] = topage(get_operator_name($operator));
$page['availableDays'] = range(1, 31);
$page['availableMonth'] = get_month_selection(time() - 400 * 24 * 60 * 60, time() + 50 * 24 * 60 * 60);
$page['showresults'] = false;
$errors = array();
if (isset($_GET['startday'])) {
$startday = verifyparam("startday", "/^\\d+\$/");
$startmonth = verifyparam("startmonth", "/^\\d{2}.\\d{2}\$/");
$endday = verifyparam("endday", "/^\\d+\$/");
$endmonth = verifyparam("endmonth", "/^\\d{2}.\\d{2}\$/");
$start = get_form_date($startday, $startmonth);
$end = get_form_date($endday, $endmonth) + 24 * 60 * 60;
} else {
$curr = getdate(time());
if ($curr['mday'] < 7) {
// previous month
if ($curr['mon'] == 1) {
$month = 12;
$year = $curr['year'] - 1;
} else {
$month = $curr['mon'] - 1;
$year = $curr['year'];
}
$start = mktime(0, 0, 0, $month, 1, $year);
$end = mktime(0, 0, 0, $month, date("t", $start), $year) + 24 * 60 * 60;
$page['groups'] = get_all_groups($link);
mysql_close($link);
$errors = array();
$canmodify = $opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator) || is_capable($can_administrate, $operator);
$op = operator_by_id($opId);
if (!$op) {
$errors[] = getlocal("no_such_operator");
} else {
if (isset($_POST['op'])) {
if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify');
}
if (count($errors) == 0) {
$new_groups = array();
foreach ($page['groups'] as $group) {
if (verifyparam("group" . $group['groupid'], "/^on\$/", "") == "on") {
$new_groups[] = $group['groupid'];
}
}
update_operator_groups($op['operatorid'], $new_groups);
header("Location: {$webimroot}/operator/opgroups.php?op={$opId}&stored");
exit;
}
}
}
$page['formgroup'] = array();
$page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
$page['canmodify'] = $canmodify ? "1" : "";
if ($op) {
foreach (get_operator_groupids($opId) as $rel) {
$page['formgroup'][] = $rel['groupid'];
$nextGroup = group_by_id($nextid);
if ($nextGroup) {
$page['message'] = getlocal2("chat.redirected.group.content", array(safe_htmlspecialchars(topage(get_group_name($nextGroup)))));
if ($thread['istate'] == $state_chatting) {
$link = connect();
commit_thread($threadid, array("istate" => intval($state_waiting), "nextagent" => 0, "groupid" => intval($nextid), "agentId" => 0, "agentName" => "''"), $link);
post_message_($thread['threadid'], $kind_events, getstring2_("chat.status.operator.redirect", array(get_operator_name($operator)), $thread['locale'], true), $link);
mysql_close($link);
} else {
$errors[] = getlocal("chat.redirect.cannot");
}
} else {
$errors[] = getlocal("chat.redirect.unknown_group");
}
} else {
$nextid = verifyparam("nextAgent", "/^\\d{1,10}\$/");
$nextOperator = operator_by_id($nextid);
if ($nextOperator) {
$page['message'] = getlocal2("chat.redirected.content", array(safe_htmlspecialchars(topage(get_operator_name($nextOperator)))));
if ($thread['istate'] == $state_chatting) {
$link = connect();
$threadupdate = array("istate" => intval($state_waiting), "nextagent" => intval($nextid), "agentId" => 0);
if ($thread['groupid'] != 0) {
if (FALSE === select_one_row("select groupid from {$mysqlprefix}chatgroupoperator where operatorid = " . intval($nextid) . " and groupid = " . intval($thread['groupid']), $link)) {
$threadupdate['groupid'] = 0;
}
}
commit_thread($threadid, $threadupdate, $link);
post_message_($thread['threadid'], $kind_events, getstring2_("chat.status.operator.redirect", array(get_operator_name($operator)), $thread['locale'], true), $link);
mysql_close($link);
} else {
$level = get_remote_level($_SERVER['HTTP_USER_AGENT']);
$chatstyle = verifyparam("style", "/^\\w+\$/", "");
header("Location: {$mibewroot}/client.php?thread={$threadid}&token={$token}&level={$level}" . ($chatstyle ? "&style={$chatstyle}" : ""));
exit;
}
$token = verifyparam("token", "/^\\d{1,10}\$/");
$threadid = verifyparam("thread", "/^\\d{1,10}\$/");
$level = verifyparam("level", "/^(ajaxed|simple|old)\$/");
// We have to check that the thread is owned by the user.
$is_own_thread = isset($_SESSION['own_threads']) && in_array($threadid, $_SESSION['own_threads']);
$thread = thread_by_id($threadid);
if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken'] || !$is_own_thread) {
die("wrong thread");
}
setup_chatview_for_user($thread, $level);
$pparam = verifyparam("act", "/^(mailthread)\$/", "default");
if ($pparam == "mailthread") {
expand("styles", getchatstyle(), "mail.tpl");
} else {
if ($level == "ajaxed") {
expand("styles", getchatstyle(), "chat.tpl");
} else {
if ($level == "simple") {
expand("styles", getchatstyle(), "chatsimple.tpl");
} else {
if ($level == "old") {
expand("styles", getchatstyle(), "nochat.tpl");
}
}
}
}
}
# locales
$all_locales = get_available_locales();
$locales_with_label = array();
foreach ($all_locales as $id) {
$locales_with_label[] = array('id' => $id, 'name' => getlocal_($id, "names"));
}
$page['locales'] = $locales_with_label;
$lang = verifyparam("lang", "/^[\\w-]{2,5}\$/", "");
if (!$lang || !in_array($lang, $all_locales)) {
$lang = in_array($current_locale, $all_locales) ? $current_locale : $all_locales[0];
}
# groups
$groupid = "";
if ($settings['enablegroups'] == '1') {
$groupid = verifyparam("group", "/^\\d{0,8}\$/", "");
if ($groupid) {
$group = group_by_id($groupid);
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$groupid = "";
}
}
$link = connect();
$allgroups = get_all_groups($link);
mysql_close($link);
$page['groups'] = array();
$page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group"));
foreach ($allgroups as $g) {
$page['groups'][] = $g;
}
$result = select_multi_assoc($query, $link);
mysql_close($link);
return $result;
}
$groupid = verifyparam("gid", "/^\\d{1,9}\$/");
$page = array('groupid' => $groupid);
$page['operators'] = get_operators();
$errors = array();
$group = group_by_id($groupid);
if (!$group) {
$errors[] = getlocal("page.group.no_such");
} else {
if (isset($_POST['gid'])) {
$new_members = array();
foreach ($page['operators'] as $op) {
if (verifyparam("op" . $op['operatorid'], "/^on\$/", "") == "on") {
$new_members[] = $op['operatorid'];
}
}
update_group_members($groupid, $new_members);
header("Location: {$webimroot}/operator/groupmembers.php?gid={$groupid}&stored");
exit;
}
}
$page['formop'] = array();
$page['currentgroup'] = $group ? topage(htmlspecialchars($group['vclocalname'])) : "";
foreach (get_group_members($groupid) as $rel) {
$page['formop'][] = $rel['operatorid'];
}
$page['stored'] = isset($_GET['stored']);
prepare_menu($operator);
function getchatstyle()
{
global $settings;
$chatstyle = verifyparam("style", "/^\\w+\$/", "");
if ($chatstyle) {
return $chatstyle;
}
loadsettings();
return $settings['chatstyle'];
}
$allkeys = array_diff($allkeys, load_idlist('level1'), load_idlist('level2'));
}
}
}
foreach ($allkeys as $key) {
if ($key != 'output_charset') {
$tsource = htmlspecialchars($lang1[$key]);
if (isset($lang2[$key])) {
$value = htmlspecialchars($lang2[$key]);
if (get_auxiliary($lang2[$key]) != get_auxiliary($lang1[$key])) {
$value = "<font color=\"#6030c1\"><b>{$value}</b></font> <strong>(wrong formatting)</strong>";
}
} else {
$value = "<font color=\"#c13030\"><b>absent</b></font>";
}
$result[] = array('id' => $key, 'l1' => $tsource, 'l2' => $value);
}
}
$order = verifyparam("sort", "/^(id|l1)\$/", "id");
usort($result, "compare_localization_by_{$order}");
setup_pagination($result, 100);
$page['formtarget'] = $target;
$page['formsource'] = $source;
$page['availableLocales'] = $localesList;
$page['availableOrders'] = array(array("id" => "id", "name" => getlocal("translate.sort.key")), array("id" => "l1", "name" => getlocal("translate.sort.lang")));
$page['formsort'] = $order;
$page['showOptions'] = array(array("id" => "all", "name" => getlocal("translate.show.all")), array("id" => "s1", "name" => getlocal("translate.show.forvisitor")), array("id" => "s2", "name" => getlocal("translate.show.foroperator")), array("id" => "s3", "name" => getlocal("translate.show.foradmin")));
$page['formshow'] = $show;
prepare_menu($operator);
start_html_output();
require '../view/translatelist.php';
if (!isset($imageLocales[$image])) {
$errors[] = "Unknown image: {$image}";
$avail = array_keys($imageLocales);
$image = $avail[0];
}
$image_locales = $imageLocales[$image];
$stylelist = get_style_list("../styles");
$style = verifyparam("style", "/^\\w*\$/", "");
if ($style && !in_array($style, $stylelist)) {
$style = "";
}
$groupid = verifyparam_groupid("group");
$showhost = verifyparam("hostname", "/^on\$/", "") == "on";
$forcesecure = verifyparam("secure", "/^on\$/", "") == "on";
$modsecurity = verifyparam("modsecurity", "/^on\$/", "") == "on";
$lang = verifyparam("lang", "/^[\\w-]{2,5}\$/", "");
if (!$lang || !in_array($lang, $image_locales)) {
$lang = in_array($current_locale, $image_locales) ? $current_locale : $image_locales[0];
}
$file = "../locales/{$lang}/button/{$image}_on.gif";
$size = get_gifimage_size($file);
$imagehref = get_app_location($showhost, $forcesecure) . "/b.php?i={$image}&lang={$lang}";
if ($groupid) {
$imagehref .= "&group={$groupid}";
}
$message = get_image($imagehref, $size[0], $size[1]);
$page = array();
$page['buttonCode'] = generate_button("", $lang, $style, $groupid, $message, $showhost, $forcesecure, $modsecurity);
$page['availableImages'] = array_keys($imageLocales);
$page['availableLocales'] = $image_locales;
$page['availableStyles'] = $stylelist;
loadsettings();
$params = array();
foreach ($options as $opt) {
$params[$opt] = $settings[$opt];
}
if (isset($_POST['email']) && isset($_POST['title']) && isset($_POST['logo'])) {
$params['email'] = getparam('email');
$params['title'] = getparam('title');
$params['logo'] = getparam('logo');
$params['hosturl'] = getparam('hosturl');
$params['usernamepattern'] = getparam('usernamepattern');
$params['chattitle'] = getparam('chattitle');
$params['geolink'] = getparam('geolink');
$params['geolinkparams'] = getparam('geolinkparams');
$params['sendmessagekey'] = verifyparam('sendmessagekey', "/^c?enter\$/");
$params['chatstyle'] = verifyparam("chatstyle", "/^\\w+\$/", $params['chatstyle']);
if (!in_array($params['chatstyle'], $stylelist)) {
$params['chatstyle'] = $stylelist[0];
}
if ($params['email'] && !is_valid_email($params['email'])) {
$errors[] = getlocal("settings.wrong.email");
}
if ($params['geolinkparams']) {
foreach (preg_split("/,/", $params['geolinkparams']) as $oneparam) {
if (!preg_match("/^\\s*(toolbar|scrollbars|location|status|menubar|width|height|resizable)=\\d{1,4}\$/", $oneparam)) {
$errors[] = "Wrong link parameter: \"{$oneparam}\", should be one of 'toolbar, scrollbars, location, status, menubar, width, height or resizable'";
}
}
}
if (count($errors) == 0) {
foreach ($options as $opt) {
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
require_once 'libs/common.php';
require_once 'libs/chat.php';
require_once 'libs/expand.php';
require_once 'libs/notify.php';
$errors = array();
$page = array();
$token = verifyparam("token", "/^\\d{1,8}\$/");
$threadid = verifyparam("thread", "/^\\d{1,8}\$/");
$thread = thread_by_id($threadid);
if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread");
}
$email = getparam('email');
$page['email'] = $email;
if (!$email) {
$errors[] = no_field("form.field.email");
} else {
if (!is_valid_email($email)) {
$errors[] = wrong_field("form.field.email");
}
}
if (count($errors) > 0) {
$page['formemail'] = $email;
die("Permission denied.");
}
setlocale(LC_TIME, getstring("time.locale"));
# locales
$all_locales = get_available_locales();
$locales_with_label = array(array('id' => '', 'name' => getlocal("notifications.locale.all")));
foreach ($all_locales as $id) {
$locales_with_label[] = array('id' => $id, 'name' => getlocal_($id, "names"));
}
$page['locales'] = $locales_with_label;
$lang = verifyparam("lang", "/^([\\w-]{2,5})?\$/", "");
if ($lang && !in_array($lang, $all_locales)) {
$lang = "";
}
# kind
$kind = verifyparam("kind", "/^(mail|xmpp)?\$/", "");
$page['allkinds'] = array('', 'mail', 'xmpp');
# fetch
$conditions = array();
if ($kind) {
$conditions[] = "vckind = '{$kind}'";
}
if ($lang) {
$conditions[] = "locale = '{$lang}'";
}
$link = connect();
select_with_pagintation("id, locale, vckind, vcto, unix_timestamp(dtmcreated) as created, vcsubject, tmessage, refoperator", "{$mysqlprefix}chatnotification", $conditions, "order by created desc", "", $link);
mysql_close($link);
$page['formlang'] = $lang;
$page['formkind'] = $kind;
prepare_menu($operator);
expand("../styles", "{$preview}", "{$show}.tpl");
exit;
}
if ($show == 'redirect' || $show == 'redirected' || $show == 'agentchat' || $show == 'agentrochat') {
setup_chatview_for_operator(array('threadid' => 0, 'userName' => getstring("chat.default.username"), 'remote' => "1.2.3.4", 'agentId' => 1, 'groupid' => 0, 'userid' => 'visitor1', 'locale' => $current_locale, 'ltoken' => $show == 'agentrochat' ? 124 : 123), array('operatorid' => $show == 'agentrochat' ? 2 : 1));
if ($show == 'redirect') {
setup_redirect_links(0, $show == 'agentrochat' ? 124 : 123);
} elseif ($show == 'redirected') {
$page['message'] = getlocal2("chat.redirected.content", array("Administrator"));
}
$page['redirectLink'] = "{$webimroot}/operator/themes.php?preview={$preview}&show=redirect";
expand("../styles", "{$preview}", "{$show}.tpl");
exit;
}
$templateList = array(array('label' => getlocal("page.preview.userchat"), 'id' => 'chat', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.chatsimple"), 'id' => 'chatsimple', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.nochat"), 'id' => 'nochat', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.survey"), 'id' => 'survey', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.leavemessage"), 'id' => 'leavemessage', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.leavemessagesent"), 'id' => 'leavemessagesent', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.mail"), 'id' => 'mail', 'h' => 254, 'w' => 603), array('label' => getlocal("page.preview.mailsent"), 'id' => 'mailsent', 'h' => 254, 'w' => 603), array('label' => getlocal("page.preview.redirect"), 'id' => 'redirect', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.redirected"), 'id' => 'redirected', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.agentchat"), 'id' => 'agentchat', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.agentrochat"), 'id' => 'agentrochat', 'h' => 480, 'w' => 640), array('label' => getlocal("page.preview.error"), 'id' => 'error', 'h' => 480, 'w' => 640));
$template = verifyparam("template", "/^\\w+\$/", "chat");
$page['formpreview'] = $preview;
$page['formtemplate'] = $template;
$page['canshowerrors'] = $template == 'leavemessage' || $template == 'mail' || $template == 'all';
$page['formshowerr'] = $showerrors;
$page['availablePreviews'] = $stylelist;
$page['availableTemplates'] = array("chat", "chatsimple", "nochat", "survey", "leavemessage", "leavemessagesent", "mail", "mailsent", "redirect", "redirected", "agentchat", "agentrochat", "error", "all");
$page['showlink'] = "{$webimroot}/operator/themes.php?preview={$preview}&" . ($showerrors ? "showerr=on&" : "") . "show=";
$page['previewList'] = array();
foreach ($templateList as $tpl) {
if ($tpl['id'] == $template || $template == 'all') {
$page['previewList'][] = $tpl;
}
}
prepare_menu($operator);
start_html_output();
if (!is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads");
start_html_output();
expand("../styles", getchatstyle(), "error.tpl");
exit;
}
}
$token = $thread['ltoken'];
header("Location: {$mibewroot}/operator/agent.php?thread=" . intval($threadid) . "&token=" . intval($token) . "&level=" . urlencode($remote_level));
exit;
}
$token = verifyparam("token", "/^\\d{1,10}\$/");
$thread = thread_by_id($threadid);
if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread");
}
if ($thread['agentId'] != $operator['operatorid'] && !is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads");
start_html_output();
expand("../styles", getchatstyle(), "error.tpl");
exit;
}
setup_chatview_for_operator($thread, $operator);
start_html_output();
$pparam = verifyparam("act", "/^(redirect)\$/", "default");
if ($pparam == "redirect") {
setup_redirect_links($threadid, $token);
expand("../styles", getchatstyle(), "redirect.tpl");
} else {
expand("../styles", getchatstyle(), "chat.tpl");
}