* Handles various ajax requests * * @copyright Copyright (C) 2010-2012 Combodo SARL * @license http://opensource.org/licenses/AGPL-3.0 */ require_once '../../approot.inc.php'; require_once APPROOT . '/application/application.inc.php'; require_once APPROOT . '/application/webpage.class.inc.php'; require_once APPROOT . '/application/ajaxwebpage.class.inc.php'; try { require_once APPROOT . '/application/startup.inc.php'; // require_once(APPROOT.'/application/user.preferences.class.inc.php'); require_once APPROOT . '/application/loginwebpage.class.inc.php'; LoginWebPage::DoLogin(false, true); // Check user rights and prompt if needed $oPage = new ajax_page(""); $oPage->no_cache(); $sOperation = utils::ReadParam('operation', ''); switch ($sOperation) { case 'add': $aResult = array('error' => '', 'att_id' => 0, 'preview' => 'false', 'msg' => ''); $sObjClass = stripslashes(utils::ReadParam('obj_class', '', false, 'class')); $sTempId = utils::ReadParam('temp_id', ''); if (empty($sObjClass)) { $aResult['error'] = "Missing argument 'obj_class'"; } elseif (empty($sTempId)) { $aResult['error'] = "Missing argument 'temp_id'"; } else { try { $oDoc = utils::ReadPostedDocument('file'); $oAttachment = MetaModel::NewObject('Attachment');
*/ require_once '../approot.inc.php'; require_once APPROOT . '/application/application.inc.php'; require_once APPROOT . '/application/webpage.class.inc.php'; require_once APPROOT . '/application/ajaxwebpage.class.inc.php'; require_once APPROOT . '/application/wizardhelper.class.inc.php'; require_once APPROOT . '/application/ui.linkswidget.class.inc.php'; require_once APPROOT . '/application/ui.extkeywidget.class.inc.php'; require_once APPROOT . '/application/datatable.class.inc.php'; try { require_once APPROOT . '/application/startup.inc.php'; require_once APPROOT . '/application/user.preferences.class.inc.php'; require_once APPROOT . '/application/loginwebpage.class.inc.php'; LoginWebPage::DoLogin(false, true); // Check user rights and prompt if needed $oPage = new ajax_page(""); $oPage->no_cache(); $operation = utils::ReadParam('operation', ''); $sFilter = stripslashes(utils::ReadParam('filter', '', false, 'raw_data')); $sEncoding = utils::ReadParam('encoding', 'serialize'); $sClass = utils::ReadParam('class', 'MissingAjaxParam', false, 'class'); $sStyle = utils::ReadParam('style', 'list'); switch ($operation) { case 'datatable': case 'pagination': $oPage->SetContentType('text/html'); $extraParams = utils::ReadParam('extra_param', '', false, 'raw_data'); $aExtraParams = array(); if (is_array($extraParams)) { $aExtraParams = $extraParams; } else {
function InteractiveShell($sExpression, $sQueryId, $sFormat, $sFileName, $sMode) { if ($sMode == 'dialog') { $oP = new ajax_page(''); $oP->add('<div id="interactive_export_dlg">'); $sExportBtnLabel = json_encode(Dict::S('UI:Button:Export')); $sJSTitle = json_encode(htmlentities(utils::ReadParam('dialog_title', '', false, 'raw_data'), ENT_QUOTES, 'UTF-8')); $oP->add_ready_script(<<<EOF \t\t\$('#interactive_export_dlg').dialog({ \t\t\tautoOpen: true, \t\t\tmodal: true, \t\t\twidth: '80%', \t\t\ttitle: {$sJSTitle}, \t\t\tclose: function() { \$('#export-form').attr('data-state', 'cancelled'); \$(this).remove(); }, \t\t\tbuttons: [ \t\t\t\t{text: {$sExportBtnLabel}, id: 'export-dlg-submit', click: function() {} } \t\t\t] \t\t}); \t\t\t \t\tsetTimeout(function() { \$('#interactive_export_dlg').dialog('option', { position: { my: "center", at: "center", of: window }}); \$('#export-btn').hide(); ExportInitButton('#export-dlg-submit'); }, 100); EOF ); } else { $oP = new iTopWebPage('iTop Export'); } if ($sExpression === null) { // No expression supplied, let's check if phrasebook entry is given if ($sQueryId !== null) { $oSearch = DBObjectSearch::FromOQL('SELECT QueryOQL WHERE id = :query_id', array('query_id' => $sQueryId)); $oQueries = new DBObjectSet($oSearch); if ($oQueries->Count() > 0) { $oQuery = $oQueries->Fetch(); $sExpression = $oQuery->Get('oql'); $sFields = trim($oQuery->Get('fields')); } else { ReportErrorAndExit("Invalid query phrasebook identifier: '{$sQueryId}'"); } } else { if (utils::IsModeCLI()) { Usage(); ReportErrorAndExit("No expression or query phrasebook identifier supplied."); } else { // form to enter an OQL query or pick a query phrasebook identifier DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat); $oP->output(); exit; } } } if ($sFormat !== null) { $oExporter = BulkExport::FindExporter($sFormat); if ($oExporter === null) { $aSupportedFormats = BulkExport::FindSupportedFormats(); ReportErrorAndExit("Invalid output format: '{$sFormat}'. The supported formats are: " . implode(', ', array_keys($aSupportedFormats))); } else { DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat); } } else { DisplayForm($oP, utils::GetAbsoluteUrlAppRoot() . 'webservices/export-v2.php', $sExpression, $sQueryId, $sFormat); } if ($sMode == 'dialog') { $oP->add('</div>'); } $oP->output(); }
$aHeaders = array(0 => explode(',', $sResult)); // comma is the default separator $writer->writeSheet($aHeaders, $sClassDisplayName, array()); $oPage->add($writer->writeToString()); break; case 'csv': default: $oPage = new CSVPage(""); $oPage->add_header("Content-type: text/csv; charset=utf-8"); $oPage->add_header("Content-disposition: attachment; filename=\"{$sClassDisplayName}.csv\""); $oPage->no_cache(); $oPage->add($sResult); } } else { $oPage = new ajax_page(""); $oPage->no_cache(); $oPage->add('<p style="text-align:center">'); $oPage->add('<div style="display:inline-block;margin:0.5em;"><a style="text-decoration:none" href="' . utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.csvimport.php?operation=get_csv_template&disposition=attachment&class_name=' . $sClassName . '"><img border="0" src="../images/csv.png"><br/>' . $sClassDisplayName . '.csv</a></div>'); $oPage->add('<div style="display:inline-block;margin:0.5em;"><a style="text-decoration:none" href="' . utils::GetAbsoluteUrlAppRoot() . 'pages/ajax.csvimport.php?operation=get_csv_template&disposition=attachment&format=xlsx&class_name=' . $sClassName . '"><img border="0" src="../images/xlsx.png"><br/>' . $sClassDisplayName . '.xlsx</a></div>'); $oPage->add('</p>'); $oPage->add('<p><textarea rows="5" cols="100">' . $sResult . '</textarea></p>'); } } else { $oPage = new ajax_page("Class {$sClassName} is not a valid class !"); } break; } $oPage->output(); } catch (Exception $e) { IssueLog::Error($e->getMessage()); }
$oXmlNode->AppendChild($oLinks); } } function BuildIconPath($sIconPath) { return $sIconPath; } require_once APPROOT . '/application/startup.inc.php'; require_once APPROOT . '/application/loginwebpage.class.inc.php'; // For developping the Navigator from within Flash //session_start(); //$_SESSION['auth_user'] = '******'; //UserRights::Login($_SESSION['auth_user']); // Set the user's language LoginWebPage::DoLogin(); // Check user rights and prompt if needed $oPage = new ajax_page(""); $oPage->no_cache(); $sClass = utils::ReadParam('class', 'Contact', false, 'class'); $id = utils::ReadParam('id', 1); $sRelation = utils::ReadParam('relation', 'impacts'); $aValidRelations = MetaModel::EnumRelations(); $sFormat = utils::ReadParam('format', 'xml'); $sExcludedClasses = utils::ReadParam('exclude', '', false, 'raw_data'); $aExcludedClasses = explode(',', $sExcludedClasses); if (!in_array($sRelation, $aValidRelations)) { // Not a valid relation, use the default one instead $sRelation = 'impacts'; } try { if ($id != 0) { switch ($sFormat) {
require_once APPROOT . '/application/application.inc.php'; require_once APPROOT . '/application/itopwebpage.class.inc.php'; require_once APPROOT . '/application/wizardhelper.class.inc.php'; require_once APPROOT . '/application/startup.inc.php'; $oAppContext = new ApplicationContext(); $currentOrganization = utils::ReadParam('org_id', ''); $operation = utils::ReadParam('operation', ''); require_once APPROOT . '/application/loginwebpage.class.inc.php'; require_once APPROOT . '/application/ajaxwebpage.class.inc.php'; $bPortal = utils::ReadParam('portal', false); $sUrl = utils::GetAbsoluteUrlAppRoot(); if ($operation == 'do_logoff') { // Reload the same dummy page to let the "calling" page execute its 'onunload' method before performing the actual logoff. // Note the redirection MUST NOT be made via an HTTP "header" since onunload is called only when the actual content of the DOM // is replaced by some other content. So the "bouncing" page must provide some content (in our case a script making the redirection). $oPage = new ajax_page(''); $oPage->add_script("window.location.href='{$sUrl}pages/logoff.php?portal={$bPortal}'"); $oPage->output(); exit; } if ($bPortal) { $sUrl .= 'portal/'; } else { $sUrl .= 'pages/UI.php'; } if (isset($_SESSION['auth_user'])) { $sAuthUser = $_SESSION['auth_user']; UserRights::Login($sAuthUser); // Set the user's language } $sLoginMode = isset($_SESSION['login_mode']) ? $_SESSION['login_mode'] : '';
$oPage->add_ready_script(<<<EOF \t\$("#restore_token").val('{$sToken}'); EOF ); } else { $oPage->p(Dict::S('bkp-restore-running')); } $oPage->output(); break; case 'restore_exec': require_once APPROOT . "setup/runtimeenv.class.inc.php"; require_once APPROOT . '/application/utils.inc.php'; require_once APPROOT . '/setup/backup.class.inc.php'; require_once dirname(__FILE__) . '/dbrestore.class.inc.php'; IssueLog::Enable(APPROOT . 'log/error.log'); $oPage = new ajax_page(""); $oPage->no_cache(); $oPage->SetContentType('text/html'); if (utils::GetConfig()->Get('demo_mode')) { $oPage->add("<div data-error-stimulus=\"Error\">Sorry, iTop is in <b>demonstration mode</b>: the feature is disabled.</div>"); } else { $sEnvironment = utils::ReadParam('environment', 'production', false, 'raw_data'); $oRestoreMutex = new iTopMutex('restore.' . $sEnvironment); IssueLog::Info("Backup Restore - Acquiring the LOCK 'restore.{$sEnvironment}'"); $oRestoreMutex->Lock(); IssueLog::Info('Backup Restore - LOCK acquired, executing...'); try { set_time_limit(0); // Get the file and destroy the token (single usage) $sToken = utils::ReadParam('token', '', false, 'raw_data'); $sTokenFile = APPROOT . '/data/restore.' . $sToken . '.tok';
// Integration within MS-Excel web queries + HTTPS + IIS: // MS-IIS set these header values with no-cache... while Excel fails to do the job if using HTTPS // Then the fix is to force the reset of header values Pragma and Cache-control header("Pragma:", true); header("Cache-control:", true); $sFields = implode(',', $aFields); $oP->add_style('table br {mso-data-placement:same-cell;}'); // Trick for Excel: keep line breaks inside the same cell ! cmdbAbstractObject::DisplaySetAsHTMLSpreadsheet($oP, $oSet, array('fields' => $sFields, 'fields_advanced' => $bFieldsAdvanced, 'localize_values' => $bLocalize)); break; case 'xml': $oP = new XMLPage("iTop - Export", true); cmdbAbstractObject::DisplaySetAsXML($oP, $oSet, array('localize_values' => $bLocalize)); break; case 'xlsx': $oP = new ajax_page(''); $oExporter = new ExcelExporter(); $oExporter->SetObjectList($oFilter); // Run the export by chunk of 1000 objects to limit memory usage $oExporter->SetChunkSize(1000); do { $aStatus = $oExporter->Run(); // process one chunk } while ($aStatus['code'] != 'done' && $aStatus['code'] != 'error'); if ($aStatus['code'] == 'done') { $oP->SetContentType('application/vnd.openxmlformats-officedocument.spreadsheetml.sheet'); $oP->SetContentDisposition('attachment', $oFilter->GetClass() . '.xlsx'); $oP->add(file_get_contents($oExporter->GetExcelFilePath())); $oExporter->Cleanup(); } else { $oP->add('Error, xlsx export failed: ' . $aStatus['message']);
* Result structure that is specific to the hardcoded verb 'list_operations' */ class RestResultListOperations extends RestResult { public $version; public $operations; public function AddOperation($sVerb, $sDescription, $sServiceProviderClass) { $this->operations[] = array('verb' => $sVerb, 'description' => $sDescription, 'extension' => $sServiceProviderClass); } } //////////////////////////////////////////////////////////////////////////////// // // Main // $oP = new ajax_page('rest'); $sVersion = utils::ReadParam('version', null, false, 'raw_data'); $sOperation = utils::ReadParam('operation', null); $sJsonString = utils::ReadParam('json_data', null, false, 'raw_data'); $sProvider = ''; try { utils::UseParamFile(); $iRet = LoginWebPage::DoLogin(false, false, LoginWebPage::EXIT_RETURN); // Starting with iTop 2.2.0 portal users are no longer allowed to access the REST/JSON API if ($iRet != LoginWebPage::EXIT_CODE_OK) { switch ($iRet) { case LoginWebPage::EXIT_CODE_MISSINGLOGIN: throw new Exception("Missing parameter 'auth_user'", RestResult::MISSING_AUTH_USER); break; case LoginWebPage::EXIT_CODE_MISSINGPASSWORD: throw new Exception("Missing parameter 'auth_pwd'", RestResult::MISSING_AUTH_PWD);
/** * Helper to download the file directly from the browser */ public function DownloadBackup($sFile) { $oP = new ajax_page('backup'); $oP->SetContentType("multipart/x-zip"); $oP->SetContentDisposition('inline', basename($sFile)); $oP->add(file_get_contents($sFile)); $oP->output(); }
* Result structure that is specific to the hardcoded verb 'list_operations' */ class RestResultListOperations extends RestResult { public $version; public $operations; public function AddOperation($sVerb, $sDescription, $sServiceProviderClass) { $this->operations[] = array('verb' => $sVerb, 'description' => $sDescription, 'extension' => $sServiceProviderClass); } } //////////////////////////////////////////////////////////////////////////////// // // Main // $oP = new ajax_page('rest'); try { utils::UseParamFile(); $iRet = LoginWebPage::DoLogin(false, true, LoginWebPage::EXIT_RETURN); if ($iRet != LoginWebPage::EXIT_CODE_OK) { switch ($iRet) { case LoginWebPage::EXIT_CODE_MISSINGLOGIN: throw new Exception("Missing parameter 'auth_user'", RestResult::MISSING_AUTH_USER); break; case LoginWebPage::EXIT_CODE_MISSINGPASSWORD: throw new Exception("Missing parameter 'auth_pwd'", RestResult::MISSING_AUTH_PWD); break; case LoginWebPage::EXIT_CODE_WRONGCREDENTIALS: throw new Exception("Invalid login", RestResult::UNAUTHORIZED); break; case LoginWebPage::EXIT_CODE_PORTALUSERNOTAUTHORIZED:
$sHtml = "<div class=\"page_header\">\n"; $sHtml .= "<table class=\"section\"><tr><td>" . MetaModel::GetClassIcon($sListClass, true, 'width: 24px; height: 24px;') . " " . Dict::Format('UI:RelationGroupNumber_N', 1 + $idx) . "</td></tr></table>\n"; $sHtml .= "</div>\n"; $oPage->add($sHtml); cmdbAbstractObject::DisplaySet($oPage, $oSet); $oPage->p(''); // Some space } } } if ($operation == 'relation_attachment') { $sObjClass = utils::ReadParam('obj_class', '', false, 'class'); $iObjKey = (int) utils::ReadParam('obj_key', 0, false, 'integer'); // Save the generated PDF as an attachment $sPDF = $oPage->get_pdf(); $oPage = new ajax_page(''); $oAttachment = new Attachment(); $oAttachment->Set('item_class', $sObjClass); $oAttachment->Set('item_id', $iObjKey); $oDoc = new ormDocument($sPDF, 'application/pdf', $sTitle . '.pdf'); $oAttachment->Set('contents', $oDoc); $iAttachmentId = $oAttachment->DBInsert(); $aRet = array('status' => 'ok', 'att_id' => $iAttachmentId); $oPage->add(json_encode($aRet)); } break; case 'relation_json': require_once APPROOT . 'core/simplegraph.class.inc.php'; require_once APPROOT . 'core/relationgraph.class.inc.php'; require_once APPROOT . 'core/displayablegraph.class.inc.php'; $sRelation = utils::ReadParam('relation', 'impacts');
*/ $sOperation = Utils::ReadParam('operation', ''); try { switch ($sOperation) { case 'async_action': ini_set('max_execution_time', max(240, ini_get('max_execution_time'))); // While running the setup it is desirable to see any error that may happen ini_set('display_errors', true); ini_set('display_startup_errors', true); require_once APPROOT . '/setup/wizardcontroller.class.inc.php'; require_once APPROOT . '/setup/wizardsteps.class.inc.php'; $sClass = utils::ReadParam('step_class', ''); $sState = utils::ReadParam('step_state', ''); $sActionCode = utils::ReadParam('code', ''); $aParams = utils::ReadParam('params', array(), false, 'raw_data'); $oPage = new ajax_page(''); $oDummyController = new WizardController(''); if (is_subclass_of($sClass, 'WizardStep')) { $oStep = new $sClass($oDummyController, $sState); $sConfigFile = utils::GetConfigFilePath(); if (file_exists($sConfigFile) && !is_writable($sConfigFile) && $oStep->RequiresWritableConfig()) { $oPage->error("<b>Error:</b> the configuration file '" . $sConfigFile . "' already exists and cannot be overwritten."); $oPage->p("The wizard cannot modify the configuration file for you. If you want to upgrade " . ITOP_APPLICATION . ", make sure that the file '<b>" . realpath($sConfigFile) . "</b>' can be modified by the web server."); $oPage->output(); } else { $oStep->AsyncAction($oPage, $sActionCode, $aParams); } } $oPage->output(); break; default: