$html = str_replace("<!--function_ticket-->", To::BoolString(empty($_GET["nct"])), $html);
$html = str_replace("<!--function_chat-->", To::BoolString(empty($_GET["hfc"])), $html);
$html = str_replace("<!--function_knowledgebase-->", To::BoolString(empty($_GET["hfk"]) && !empty(Server::$Configuration->File["gl_knba"])), $html);
$html = str_replace("<!--hide_group_select_chat-->", To::BoolString(Communication::GetParameter("hcgs", 0, $nu, FILTER_VALIDATE_INT) == "1" || !empty($_GET[GET_EXTERN_DYNAMIC_GROUP])), $html);
$html = str_replace("<!--hide_group_select_ticket-->", To::BoolString(Communication::GetParameter("htgs", 0, $nu, FILTER_VALIDATE_INT) == "1"), $html);
$html = str_replace("<!--require_group_selection-->", To::BoolString(Communication::GetParameter("rgs", 0, $nu, FILTER_VALIDATE_INT) == "1"), $html);
$html = str_replace("<!--offline_message_pop-->", To::BoolString(!empty(Server::$Configuration->File["gl_om_pop_up"]) || empty(Server::$Configuration->File["gl_om_mode"])), $html);
$html = str_replace("<!--dynamic_group-->", !empty(VisitorChat::$DynamicGroup) ? base64_encode(Server::$Groups[VisitorChat::$DynamicGroup]->Descriptions["EN"]) : "", $html);
} else {
if ($_GET[GET_EXTERN_TEMPLATE] == "lz_chat_frame_lgin") {
$html = IOStruct::GetFile(PATH_FRAMES . $_GET[GET_EXTERN_TEMPLATE] . ".tpl");
$html = isset(Server::$Configuration->File["gl_site_name"]) ? str_replace("<!--config_name-->", Server::$Configuration->File["gl_site_name"], $html) : str_replace("<!--config_name-->", "LiveZilla", $html);
$html = getChatLoginInputs($html, MAX_INPUT_LENGTH);
$html = str_replace("<!--alert-->", getAlertTemplate(), $html);
$html = str_replace("<!--com_chats-->", getChatVoucherTemplate(), $html);
$html = str_replace("<!--ssl_secured-->", Communication::GetScheme() == SCHEME_HTTP_SECURE && !empty(Server::$Configuration->File["gl_sssl"]) ? "" : "display:none;", $html);
$html = str_replace("<!--bgc-->", $color = Communication::ReadParameter("epc", "#73be28"), $html);
$html = str_replace("<!--color-->", Colors::TransformHEX($color, 30), $html);
} else {
if ($_GET[GET_EXTERN_TEMPLATE] == "lz_chat_frame_chat") {
$html = IOStruct::GetFile(PATH_FRAMES . $_GET[GET_EXTERN_TEMPLATE] . ".tpl");
$html = str_replace("<!--alert-->", getAlertTemplate(), $html);
$tlanguages = "";
if (strlen(Server::$Configuration->File["gl_otrs"]) > 1) {
$mylang = LocalizationManager::GetBrowserLocalization();
$tlanguages = getLanguageSelects(LocalizationManager::GetBrowserLocalization());
}
$html = str_replace("<!--languages-->", $tlanguages, $html);
Server::InitDataBlock(array("GROUPS"));
$groupid = $_POST["intgroup"];
if (!empty($groupid) && isset(Server::$Groups[$groupid])) {
define("IN_LIVEZILLA", true);
if (!defined("LIVEZILLA_PATH")) {
define("LIVEZILLA_PATH", "./");
}
header("Content-Type: text/html; charset=UTF-8");
require LIVEZILLA_PATH . "_definitions/definitions.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.protocol.inc.php";
require LIVEZILLA_PATH . "_lib/functions.global.inc.php";
require LIVEZILLA_PATH . "_definitions/definitions.dynamic.inc.php";
require LIVEZILLA_PATH . "_lib/functions.index.inc.php";
CacheManager::Flush();
LocalizationManager::AutoLoad();
@set_error_handler("handleError");
Server::InitDataProvider();
Server::DefineURL("index.php");
$scheme = Communication::GetScheme();
$html = IOStruct::GetFile(TEMPLATE_HTML_INDEX);
$errorbox = null;
$errors['write'] = getFolderPermissions();
$errors['php_version'] = getPhpVersion();
$errors['mysql'] = getMySQL();
$errors['disabled'] = getDisabledFunctions();
if (!empty($errors['write']) || !empty($errors['php_version']) || !empty($errors['mysql']) || !empty($errors['disabled'])) {
$errorbox = IOStruct::GetFile(TEMPLATE_HTML_INDEX_ERRORS);
$errorbox = str_replace("<!--write_access-->", $errors['write'], $errorbox);
if (strlen($errors['write']) > 0 && !empty($errors['php_version'])) {
$errors['php_version'] = "<br><br>" . $errors['php_version'];
}
if ((strlen($errors['write']) > 0 || !empty($errors['php_version'])) && !empty($errors['mysql'])) {
$errors['mysql'] = "<br><br>" . $errors['mysql'];
}
static function DefineURL($_file)
{
if (!empty($_SERVER['REQUEST_URI']) && !empty(Server::$Configuration->File["gl_root"])) {
$parts = parse_url($_SERVER['REQUEST_URI']);
$host = Server::$Configuration->File["gl_host"];
$path = @$parts["path"];
} else {
$host = @$_SERVER["HTTP_HOST"];
$path = $_SERVER["PHP_SELF"];
}
if (!empty($path) && !endsWith(strtolower($path), strtolower($_file)) && strpos(strtolower($path), strtolower($_file)) !== false) {
exit("err 888383");
}
define("LIVEZILLA_DOMAIN", Communication::GetScheme() . $host);
define("LIVEZILLA_URL", LIVEZILLA_DOMAIN . str_replace($_file, "", htmlentities($path, ENT_QUOTES, "UTF-8")));
}
static function Validate($_basic = false)
{
if (!empty(Server::$Configuration->File["gl_rhts"]) && Communication::GetScheme() != SCHEME_HTTP_SECURE) {
define("AUTH_RESULT", LOGIN_REPLY_HTTPS);
} else {
if (DB_CONNECTION || SERVERSETUP) {
if (!empty($_POST[POST_INTERN_AUTHENTICATION_USER])) {
foreach (Server::$Operators as $sysId => $operator) {
if (strtolower($operator->UserId) == strtolower($_POST[POST_INTERN_AUTHENTICATION_USER])) {
if (!$operator->IsBot && $operator->ValidateLoginAttempt()) {
if (!empty(CacheManager::$ActiveManager)) {
$operator->LoadUnCacheables();
}
if ($operator->ValidateLoginAuthentication()) {
define("CALLER_SYSTEM_ID", $sysId);
if ($_basic) {
define("VALIDATED", true);
return;
}
if (!empty($_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID])) {
if (empty($_POST["p_db_no_req"]) && !DB_CONNECTION) {
define("AUTH_RESULT", LOGIN_REPLY_DB);
break;
}
if (!LOGIN && !SERVERSETUP) {
if ($operator->Deactivated) {
define("AUTH_RESULT", LOGIN_REPLY_ACCOUNT_DEACTIVATED);
break;
}
if (!$operator->ClientWeb && $operator->LastActive < time() - Server::$Configuration->File["timeout_clients"] && $_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID] == $operator->ClientSystemId) {
define("AUTH_RESULT", LOGIN_REPLY_SESSION_TIMEOUT);
break;
}
if ($operator->SignOffRequest || !empty($_POST["p_app_device_id"]) && $operator->AppDeviceId != "LOGIN" && $operator->AppDeviceId != $_POST["p_app_device_id"]) {
$operator->SignOff(false);
define("AUTH_RESULT", LOGIN_REPLY_SIGN_OFF_REQUEST);
break;
}
if (!empty($operator->ClientSystemId) && !empty($_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID]) && $_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID] != $operator->ClientSystemId) {
define("AUTH_RESULT", LOGIN_REPLY_BAD_COMBINATION);
break;
}
} else {
if (LOGIN && !SERVERSETUP) {
$operator->AppClient = !empty($_POST["p_app"]);
$operator->ClientWeb = !empty($_POST["p_web"]);
if ($operator->ClientWeb) {
UserGroup::RemoveFromAllDynamicGroups($sysId);
}
if (($operator->AppClient || $operator->ClientWeb) && $operator->GetPermission(45, PERMISSION_FULL) == PERMISSION_NONE) {
define("AUTH_RESULT", LOGIN_REPLY_NO_MOBILE_ACCESS);
break;
} else {
if ($operator->Deactivated) {
define("AUTH_RESULT", LOGIN_REPLY_ACCOUNT_DEACTIVATED);
break;
} else {
if ($operator->SignOffRequest) {
$operator->SignOff(false);
define("AUTH_RESULT", LOGIN_REPLY_SIGN_OFF_REQUEST);
break;
} else {
if (empty($_POST[POST_INTERN_IGNORE_SIGNED_ON]) && $operator->LastActive > time() - Server::$Configuration->File["timeout_clients"] && !empty($operator->ClientSystemId) && $_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID] != $operator->ClientSystemId) {
define("AUTH_RESULT", LOGIN_REPLY_ALREADY_ONLINE);
break;
} else {
if ($operator->PasswordChangeRequest && empty($_POST[POST_INTERN_NEW_PASSWORD])) {
define("AUTH_RESULT", LOGIN_REPLY_CHANGE_PASS);
break;
}
}
}
}
}
} else {
if (SERVERSETUP && $operator->Level != USER_LEVEL_ADMIN) {
if (!(in_array(Server::$Configuration->File["gl_host"], $operator->WebsitesUsers) && !empty($_POST[POST_INTERN_GET_MANAGEMENT])) && !(in_array(Server::$Configuration->File["gl_host"], $operator->WebsitesConfig) && empty($_POST[POST_INTERN_GET_MANAGEMENT]))) {
define("AUTH_RESULT", LOGIN_REPLY_NOADMIN);
break;
}
}
}
}
define("VALIDATED", true);
if (isset($_POST[POST_INTERN_NEW_PASSWORD])) {
$operator->ChangePassword($_POST[POST_INTERN_NEW_PASSWORD]);
Server::$Response->Authentications = "<val userid=\"" . base64_encode(CALLER_SYSTEM_ID) . "\" />\r\n";
}
if (Is::Defined("VALIDATED_FULL_LOGIN") && Is::Defined("LOGIN") && !Is::Defined("SERVERSETUP") && !Is::Defined("MANAGEMENT")) {
$operator->ValidateUpdateSession(getId(32), $_POST[POST_INTERN_AUTHENTICATION_CLIENT_SYSTEM_ID]);
} else {
if (LOGOFF) {
$operator->ValidateUpdateSession("", "");
}
}
define("AUTH_RESULT", LOGIN_REPLY_SUCCEEDED);
break;
}
} else {
$operator->DeleteLoginAttempts();
if (!empty($_POST[POST_INTERN_AUTHENTICATION_PASSWORD])) {
$operator->SaveLoginAttempt(md5($_POST[POST_INTERN_AUTHENTICATION_PASSWORD]));
}
break;
}
}
}
}
}
} else {
define("AUTH_RESULT", LOGIN_REPLY_DB);
}
}
if (OperatorRequest::IsValidated() && LOGIN) {
Server::$Operators[CALLER_SYSTEM_ID]->IP = Communication::GetIP();
Server::$Operators[CALLER_SYSTEM_ID]->FirstActive = time();
Server::$Operators[CALLER_SYSTEM_ID]->VisitorFileSizes = array();
Server::$Operators[CALLER_SYSTEM_ID]->VisitorStaticReload = array();
$isex = !empty(Server::$Operators[CALLER_SYSTEM_ID]->Groups) && Server::$Groups[Server::$Operators[CALLER_SYSTEM_ID]->Groups[0]]->IsExternal;
Server::$Response->Login = Server::$Operators[CALLER_SYSTEM_ID]->GetLoginReply($isex, SystemTime::GetTimeDifference($_POST[POST_INTERN_CLIENT_TIME]));
}
if (!defined("AUTH_RESULT")) {
define("AUTH_RESULT", LOGIN_REPLY_BAD_COMBINATION);
}
}
