public function throwStoreResourceFailedException($message = 'Failed to store your requested resource.', Validator $validator = null) { if ($validator instanceof Validator) { throw new \Dingo\Api\Exception\StoreResourceFailedException($message, $validator->errors()); } else { throw new \Dingo\Api\Exception\StoreResourceFailedException($message); } }
/** * Validates a model * * @param array $data * @param boolean $isUpdate * @return boolean */ public function validate($data, $isUpdate = false) { if ($isUpdate) { $rules = static::$updateRules; } else { $rules = static::$createRules; } if (is_null($rules)) { throw new \Exception(new MessageBag(['Could not find ' . ($isUpdate ? 'update' : 'create') . ' rules for ' . get_class($this)])); } $this->validation = \Validator::make($data, $rules); if (!$this->validation->passes()) { throw new ValidationException(new MessageBag($this->validation->errors()->all())); } return true; }
public function update($args) { if (!Token::match(Input::get('_token'))) { return Redirect::back(); } $v = new Validator(); $v->validate(Input::all(), ['title' => 'required|min:3', 'body' => 'required']); if (!$v->passed()) { return Redirect::back(['key' => 'errors', 'values' => $v->errors()]); } $id = $args['id']; $post = $this->post->update($id, ['title' => Input::get('title'), 'body' => Input::get('body')]); if ($post) { Session::flash('success', 'Successfully updated a post.'); return Redirect::to('/'); } }
public function callAction() { $data = array_intersect_key($_POST, array_flip(array('phone', 'fio', 'formid'))); // Validate data $validator = new Validator($data); $validator->rule('empty', 'formid')->message('Некорректный идентификатор формы'); $validator->rule('required', 'phone')->message('Поле не заполнено'); $validator->rule('phone', 'phone')->message('Некорректный номер телефона'); if ($validator->validate()) { if (empty($data['fio'])) { $data['fio'] = 'Личный номер'; } unset($data['formid']); // Send to subscribers $mailers = MSCore::db()->getCol('SELECT mail FROM `' . PRFX . 'mailer` WHERE type = ' . self::TARGET_CALL . ' OR type = 0'); $data['date'] = date('Y-m-d H:i:s'); MSCore::db()->insert(PRFX . 'order_call', $data); if (is_array($mailers) && !empty($mailers)) { // Send email $sendMail = new SendMail(); $sendMail->init(); $sendMail->setSubject('Обратный звонок на ' . DOMAIN); $sendMail->setFrom('noreply@' . DOMAIN, 'Первая кровельная'); // Prepare body $message = template('email/call', array('data' => $data)); $sendMail->setMessage($message); foreach ($mailers as $_email) { $sendMail->setTo($_email); $sendMail->send(); } unset($sendMail); } $content = template('ajax/success/call'); $this->addData(array('content' => $content)); } else { $errors = $validator->errors(); foreach ($errors as $_name => $_error) { if (is_array($_error)) { $errors[$_name] = reset($_error); } } $this->errorAction(1001, 'Некорректно заполненные поля', array('errors' => $errors)); } }
public static function check($formData, $validatorRules) { self::$errors = array(); $formData = self::sanitizeInput($formData); self::$currentFormData = $formData; foreach ($formData as $formDataKey => $formDataValue) { if (isset($validatorRules[$formDataKey])) { $status = true; $rules = explode('|', $validatorRules[$formDataKey]); foreach ($rules as $rule) { $ruleElement = explode(":", $rule); $method = $ruleElement[0]; unset($ruleElement[0]); $ruleElement = array_values($ruleElement); $result = self::$method($formDataKey, $formDataValue, $ruleElement); $status = $status && $result; } } } }
$update_data .= "`{$field}` = '{$insert_data[$field]}'"; } if ($job_id) { // Update $where = " WHERE id = '{$job_id}' AND service_id = '{$service}'"; updateDB($update_data, $where, 'service_packages'); $return_data['type'] = 'update'; } else { // Insert $insert_data['service_id'] = $service; $job_id = insertDB($insert_data, 'service_packages'); $return_data['type'] = 'insert'; } $return_data['id'] = $job_id; $return_data['name'] = $insert_data['job']; $return_data['status'] = 1; $return_data['message'] = 'Job updated successfully'; } else { $messages = ''; foreach ($v->errors() as $k => $msgs) { foreach ($msgs as $msg) { $messages .= $msg . "<br>"; } } $return_data['message'] = $messages; } } else { $return_data['message'] = 'An error occured'; } echo json_encode($return_data); exit;
function updatePref($var, &$errors) { if (!$var || $errors) { return false; } $f = array(); $f['helpdesk_url'] = array('type' => 'string', 'required' => 1, 'error' => 'Helpdesk URL erforderlich'); //TODO: Add url validation $f['helpdesk_title'] = array('type' => 'string', 'required' => 1, 'error' => 'URL del centro de ayuda Requerida'); $f['default_dept_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Titulo Requerido'); $f['default_email_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Departamento por defecto Requerido'); $f['default_template_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Email pr defecto Requerido'); $f['staff_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Debes selecionar una Plantilla'); $f['client_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Introduzca el tiempo de inactividad en minutos'); $f['time_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de hora Requerido'); //TODO: Add date format validation $f['date_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de fecha Requerido'); $f['datetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de fecha y hora Requerido'); $f['daydatetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de fecha con dia y hora Requerido'); $f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Email valido Requerido'); $f['autolock_minutes'] = array('type' => 'int', 'required' => 1, 'error' => 'Introduzca tiempo de Bloqueo en minutos'); //TODO: check option fields for validity. //do the validation. $val = new Validator(); $val->setFields($f); if (!$val->validate($var)) { $errors = array_merge($errors, $val->errors()); } if ($var['ticket_alert_active'] && (!isset($var['ticket_alert_admin']) && !isset($var['ticket_alert_dept_manager']) && !isset($var['ticket_alert_dept_members']))) { $errors['ticket_alert_active'] = 'No ha selecionado un destinario'; } if ($var['message_alert_active'] && (!isset($var['message_alert_laststaff']) && !isset($var['message_alert_assigned']) && !isset($var['message_alert_dept_manager']))) { $errors['message_alert_active'] = 'No ha selecionado un destinario'; } if ($var['note_alert_active'] && (!isset($var['note_alert_laststaff']) && !isset($var['note_alert_assigned']) && !isset($var['note_alert_dept_manager']))) { $errors['note_alert_active'] = 'No ha selecionado un destinario'; } if ($var['strip_quoted_reply'] && !$var['reply_separator']) { $errors['reply_separator'] = 'Separador de respuesta Requerido (?)'; } if ($var['enable_captcha']) { if (!extension_loaded('gd')) { $errors['enable_captcha'] = 'La extensión GD es Requerida'; } elseif (!function_exists('imagepng')) { $errors['enable_captcha'] = 'PNG debe ser soportado para el Capcha'; } } if (!$errors['admin_email'] && Email::getIdByEmail($var['admin_email'])) { //Make sure admin email is not also a system email. $errors['admin_email'] = 'Esta cuenta de correo ya esta siendo utilizada como cuenta del Sistema'; } if ($errors) { return false; } //No go! //We are good to go...blanket update! $sql = 'UPDATE ' . CONFIG_TABLE . ' SET isonline=' . db_input($var['isonline']) . ',timezone_offset=' . db_input($var['timezone_offset']) . ',enable_daylight_saving=' . db_input(isset($var['enable_daylight_saving']) ? 1 : 0) . ',staff_ip_binding=' . db_input(isset($var['staff_ip_binding']) ? 1 : 0) . ',staff_max_logins=' . db_input($var['staff_max_logins']) . ',staff_login_timeout=' . db_input($var['staff_login_timeout']) . ',staff_session_timeout=' . db_input($var['staff_session_timeout']) . ',client_max_logins=' . db_input($var['client_max_logins']) . ',client_login_timeout=' . db_input($var['client_login_timeout']) . ',client_session_timeout=' . db_input($var['client_session_timeout']) . ',max_page_size=' . db_input($var['max_page_size']) . ',log_level=' . db_input($var['log_level']) . ',log_graceperiod=' . db_input($var['log_graceperiod']) . ',max_open_tickets=' . db_input($var['max_open_tickets']) . ',autolock_minutes=' . db_input($var['autolock_minutes']) . ',overdue_grace_period=' . db_input($var['overdue_grace_period']) . ',alert_email_id=' . db_input($var['alert_email_id']) . ',default_email_id=' . db_input($var['default_email_id']) . ',default_dept_id=' . db_input($var['default_dept_id']) . ',default_priority_id=' . db_input($var['default_priority_id']) . ',default_template_id=' . db_input($var['default_template_id']) . ',default_smtp_id=' . db_input($var['default_smtp_id']) . ',spoof_default_smtp=' . db_input($var['default_smtp'] && isset($var['spoof_default_smtp']) ? 1 : 0) . ',clickable_urls=' . db_input(isset($var['clickable_urls']) ? 1 : 0) . ',allow_priority_change=' . db_input(isset($var['allow_priority_change']) ? 1 : 0) . ',use_email_priority=' . db_input(isset($var['use_email_priority']) ? 1 : 0) . ',enable_captcha=' . db_input(isset($var['enable_captcha']) ? 1 : 0) . ',enable_auto_cron=' . db_input(isset($var['enable_auto_cron']) ? 1 : 0) . ',enable_mail_fetch=' . db_input(isset($var['enable_mail_fetch']) ? 1 : 0) . ',enable_email_piping=' . db_input(isset($var['enable_email_piping']) ? 1 : 0) . ',send_sql_errors=' . db_input(isset($var['send_sql_errors']) ? 1 : 0) . ',send_login_errors=' . db_input(isset($var['send_login_errors']) ? 1 : 0) . ',save_email_headers=' . db_input(isset($var['save_email_headers']) ? 1 : 0) . ',strip_quoted_reply=' . db_input(isset($var['strip_quoted_reply']) ? 1 : 0) . ',log_ticket_activity=' . db_input(isset($var['log_ticket_activity']) ? 1 : 0) . ',ticket_autoresponder=' . db_input($var['ticket_autoresponder']) . ',message_autoresponder=' . db_input($var['message_autoresponder']) . ',ticket_notice_active=' . db_input($var['ticket_notice_active']) . ',ticket_alert_active=' . db_input($var['ticket_alert_active']) . ',ticket_alert_admin=' . db_input(isset($var['ticket_alert_admin']) ? 1 : 0) . ',ticket_alert_dept_manager=' . db_input(isset($var['ticket_alert_dept_manager']) ? 1 : 0) . ',ticket_alert_dept_members=' . db_input(isset($var['ticket_alert_dept_members']) ? 1 : 0) . ',message_alert_active=' . db_input($var['message_alert_active']) . ',message_alert_laststaff=' . db_input(isset($var['message_alert_laststaff']) ? 1 : 0) . ',message_alert_assigned=' . db_input(isset($var['message_alert_assigned']) ? 1 : 0) . ',message_alert_dept_manager=' . db_input(isset($var['message_alert_dept_manager']) ? 1 : 0) . ',note_alert_active=' . db_input($var['note_alert_active']) . ',note_alert_laststaff=' . db_input(isset($var['note_alert_laststaff']) ? 1 : 0) . ',note_alert_assigned=' . db_input(isset($var['note_alert_assigned']) ? 1 : 0) . ',note_alert_dept_manager=' . db_input(isset($var['note_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_active=' . db_input($var['overdue_alert_active']) . ',overdue_alert_assigned=' . db_input(isset($var['overdue_alert_assigned']) ? 1 : 0) . ',overdue_alert_dept_manager=' . db_input(isset($var['overdue_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_dept_members=' . db_input(isset($var['overdue_alert_dept_members']) ? 1 : 0) . ',auto_assign_reopened_tickets=' . db_input(isset($var['auto_assign_reopened_tickets']) ? 1 : 0) . ',show_assigned_tickets=' . db_input(isset($var['show_assigned_tickets']) ? 1 : 0) . ',show_answered_tickets=' . db_input(isset($var['show_answered_tickets']) ? 1 : 0) . ',hide_staff_name=' . db_input(isset($var['hide_staff_name']) ? 1 : 0) . ',overlimit_notice_active=' . db_input($var['overlimit_notice_active']) . ',random_ticket_ids=' . db_input($var['random_ticket_ids']) . ',time_format=' . db_input($var['time_format']) . ',date_format=' . db_input($var['date_format']) . ',datetime_format=' . db_input($var['datetime_format']) . ',daydatetime_format=' . db_input($var['daydatetime_format']) . ',reply_separator=' . db_input(trim($var['reply_separator'])) . ',admin_email=' . db_input($var['admin_email']) . ',helpdesk_title=' . db_input($var['helpdesk_title']) . ',helpdesk_url=' . db_input($var['helpdesk_url']) . ' WHERE id=' . $this->getId(); //echo $sql; if (db_query($sql)) { if (db_affected_rows()) { //Something actually changed!!!! $this->reload(); //Reload the new info. require_once INCLUDE_DIR . 'class.cron.php'; Sys::purgeLogs(); //Cleanup the logs --- too bad if it was a mistaken config. Cron::TicketMonitor(); //Age & cleanup } return true; } return false; }
$errors = []; $spam = []; $validator = new Validator($_POST); $validator->check('nom', 'required'); $validator->check('prénom', 'required'); $validator->check('email', 'email'); $validator->check('email', 'required'); $validator->check('tel', 'tel'); $validator->check('description', 'required'); $validator->specialcheck('arbitraryfield', 'empty'); // for select $validator->check('pack', 'select', array_keys($pack)); $validator->check('event_type', 'select', array_keys($event)); $validator->check('background-your-choice', 'select', array_keys($backgroundchoice)); $validator->check('know_me', 'select', array_keys($know_me)); $errors = $validator->errors(); $spam = $validator->spam(); if (!empty($spam)) { $_SESSION['spam'] = $spam; // redirection header('Location:success.php'); } else { if (!empty($errors)) { $_SESSION['errors'] = $errors; $_SESSION['inputs'] = $_POST; // redirection header('Location:contact.php'); } else { $_SESSION['success'] = 1; $email_contact = "\r\nContact: " . $_POST['email'] . "\r\n"; $tel = "\r\nTel: " . $_POST['tel'] . "\r\n";
function update($var, &$errors) { $fields = array(); $fields['id'] = array('type' => 'int', 'required' => 1, 'error' => _('Internal Error')); $fields['name'] = array('type' => 'string', 'required' => 1, 'error' => _('Name required')); //Notices sent to user $fields['ticket_autoresp_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_autoresp_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['message_autoresp_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['message_autoresp_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['ticket_notice_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_notice_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['ticket_overlimit_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_overlimit_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['ticket_reply_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_reply_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); //Alerts sent to Staff $fields['ticket_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['message_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['message_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['note_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['note_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['assigned_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['assigned_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $fields['ticket_overdue_subj'] = array('type' => 'string', 'required' => 1, 'error' => _('Subject required')); $fields['ticket_overdue_body'] = array('type' => 'string', 'required' => 1, 'error' => _('Template message required')); $validate = new Validator($fields); if (!$validate->validate($var)) { $errors = array_merge($errors, $validate->errors()); } if (!$errors && $var['id'] && $var['id'] != $this->getId()) { $errors['err'] = 'Internal error. Try again'; } if (!$errors['name'] && ($tid = Template::getIdByName($var['name'])) && $tid != $this->getId()) { $errors['name'] = 'Name already in use'; } if (!$errors) { $sql = 'UPDATE ' . EMAIL_TEMPLATE_TABLE . ' SET updated=NOW() ' . ',name=' . db_input(Format::striptags($var['name'])) . ',notes=' . db_input(Format::striptags($var['notes'])) . ',ticket_autoresp_subj=' . db_input(Format::striptags($var['ticket_autoresp_subj'])) . ',ticket_autoresp_body=' . db_input(Format::striptags($var['ticket_autoresp_body'])) . ',message_autoresp_subj=' . db_input(Format::striptags($var['message_autoresp_subj'])) . ',message_autoresp_body=' . db_input(Format::striptags($var['message_autoresp_body'])) . ',ticket_notice_subj=' . db_input(Format::striptags($var['ticket_notice_subj'])) . ',ticket_notice_body=' . db_input(Format::striptags($var['ticket_notice_body'])) . ',ticket_alert_subj=' . db_input(Format::striptags($var['ticket_alert_subj'])) . ',ticket_alert_body=' . db_input(Format::striptags($var['ticket_alert_body'])) . ',message_alert_subj=' . db_input(Format::striptags($var['message_alert_subj'])) . ',message_alert_body=' . db_input(Format::striptags($var['message_alert_body'])) . ',note_alert_subj=' . db_input(Format::striptags($var['note_alert_subj'])) . ',note_alert_body=' . db_input(Format::striptags($var['note_alert_body'])) . ',assigned_alert_subj=' . db_input(Format::striptags($var['assigned_alert_subj'])) . ',assigned_alert_body=' . db_input(Format::striptags($var['assigned_alert_body'])) . ',ticket_overdue_subj=' . db_input(Format::striptags($var['ticket_overdue_subj'])) . ',ticket_overdue_body=' . db_input(Format::striptags($var['ticket_overdue_body'])) . ',ticket_overlimit_subj=' . db_input(Format::striptags($var['ticket_overlimit_subj'])) . ',ticket_overlimit_body=' . db_input(Format::striptags($var['ticket_overlimit_body'])) . ',ticket_reply_subj=' . db_input(Format::striptags($var['ticket_reply_subj'])) . ',ticket_reply_body=' . db_input(Format::striptags($var['ticket_reply_body'])) . ' WHERE tpl_id=' . db_input($this->getId()); if (!db_query($sql) || !db_affected_rows()) { $errors['err'] = _('Unable to update. Internal error occured'); } } return $errors ? false : true; }
protected function formatValidationErrors(Validator $validator) { return $validator->errors()->getMessages(); }
/** * {@inheritdoc} */ protected function formatErrors(Validator $validator) { return response()->json(['fail' => true, 'messages' => $validator->errors()->all()], 400); }
function updatePref($var, &$errors) { if (!$var || $errors) { return false; } $f = array(); $f['helpdesk_url'] = array('type' => 'string', 'required' => 1, 'error' => 'Helpdesk URl required'); //TODO: Add url validation $f['helpdesk_title'] = array('type' => 'string', 'required' => 1, 'error' => 'Helpdesk title required'); $f['default_dept_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Default Dept. required'); $f['default_email_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Default email required'); $f['default_template_id'] = array('type' => 'int', 'required' => 1, 'error' => 'You must select template.'); $f['staff_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter idle time in minutes'); $f['client_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter idle time in minutes'); $f['time_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Time format required'); //TODO: Add date format validation $f['date_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Date format required'); $f['datetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Datetime format required'); $f['daydatetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Day, Datetime format required'); $f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['autolock_minutes'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter lock time in minutes'); //TODO: check option fields for validity. //do the validation. $val = new Validator(); $val->setFields($f); if (!$val->validate($var)) { $errors = array_merge($errors, $val->errors()); } if ($var['ticket_alert_active'] && (!isset($var['ticket_alert_admin']) && !isset($var['ticket_alert_dept_manager']) && !isset($var['ticket_alert_dept_members']))) { $errors['ticket_alert_active'] = 'No target recipient(s) selected'; } if ($var['message_alert_active'] && (!isset($var['message_alert_laststaff']) && !isset($var['message_alert_assigned']) && !isset($var['message_alert_dept_manager']))) { $errors['message_alert_active'] = 'No target recipient(s) selected'; } if ($var['note_alert_active'] && (!isset($var['note_alert_laststaff']) && !isset($var['note_alert_assigned']) && !isset($var['note_alert_dept_manager']))) { $errors['note_alert_active'] = 'No target recipient(s) selected'; } if ($var['strip_quoted_reply'] && !$var['reply_separator']) { $errors['reply_separator'] = 'Reply separator required (?)'; } if ($var['enable_captcha']) { if (!extension_loaded('gd')) { $errors['enable_captcha'] = 'The GD extension required'; } elseif (!function_exists('imagepng')) { $errors['enable_captcha'] = 'PNG support required for Image Captcha'; } } if (!$errors['admin_email'] && Email::getIdByEmail($var['admin_email'])) { //Make sure admin email is not also a system email. $errors['admin_email'] = 'Email already setup as system email'; } if ($errors) { return false; } //No go! //We are good to go...blanket update! $sql = 'UPDATE ' . CONFIG_TABLE . ' SET isonline=' . db_input($var['isonline']) . ',timezone_offset=' . db_input($var['timezone_offset']) . ',enable_daylight_saving=' . db_input(isset($var['enable_daylight_saving']) ? 1 : 0) . ',staff_ip_binding=' . db_input(isset($var['staff_ip_binding']) ? 1 : 0) . ',staff_max_logins=' . db_input($var['staff_max_logins']) . ',staff_login_timeout=' . db_input($var['staff_login_timeout']) . ',staff_session_timeout=' . db_input($var['staff_session_timeout']) . ',client_max_logins=' . db_input($var['client_max_logins']) . ',client_login_timeout=' . db_input($var['client_login_timeout']) . ',client_session_timeout=' . db_input($var['client_session_timeout']) . ',max_page_size=' . db_input($var['max_page_size']) . ',log_level=' . db_input($var['log_level']) . ',log_graceperiod=' . db_input($var['log_graceperiod']) . ',max_open_tickets=' . db_input($var['max_open_tickets']) . ',autolock_minutes=' . db_input($var['autolock_minutes']) . ',overdue_grace_period=' . db_input($var['overdue_grace_period']) . ',alert_email_id=' . db_input($var['alert_email_id']) . ',default_email_id=' . db_input($var['default_email_id']) . ',default_dept_id=' . db_input($var['default_dept_id']) . ',default_priority_id=' . db_input($var['default_priority_id']) . ',default_template_id=' . db_input($var['default_template_id']) . ',default_smtp_id=' . db_input($var['default_smtp_id']) . ',spoof_default_smtp=' . db_input($var['default_smtp'] && isset($var['spoof_default_smtp']) ? 1 : 0) . ',clickable_urls=' . db_input(isset($var['clickable_urls']) ? 1 : 0) . ',allow_priority_change=' . db_input(isset($var['allow_priority_change']) ? 1 : 0) . ',use_email_priority=' . db_input(isset($var['use_email_priority']) ? 1 : 0) . ',enable_captcha=' . db_input(isset($var['enable_captcha']) ? 1 : 0) . ',enable_auto_cron=' . db_input(isset($var['enable_auto_cron']) ? 1 : 0) . ',enable_mail_fetch=' . db_input(isset($var['enable_mail_fetch']) ? 1 : 0) . ',enable_email_piping=' . db_input(isset($var['enable_email_piping']) ? 1 : 0) . ',send_sql_errors=' . db_input(isset($var['send_sql_errors']) ? 1 : 0) . ',send_login_errors=' . db_input(isset($var['send_login_errors']) ? 1 : 0) . ',save_email_headers=' . db_input(isset($var['save_email_headers']) ? 1 : 0) . ',strip_quoted_reply=' . db_input(isset($var['strip_quoted_reply']) ? 1 : 0) . ',log_ticket_activity=' . db_input(isset($var['log_ticket_activity']) ? 1 : 0) . ',ticket_autoresponder=' . db_input($var['ticket_autoresponder']) . ',message_autoresponder=' . db_input($var['message_autoresponder']) . ',ticket_notice_active=' . db_input($var['ticket_notice_active']) . ',ticket_alert_active=' . db_input($var['ticket_alert_active']) . ',ticket_alert_admin=' . db_input(isset($var['ticket_alert_admin']) ? 1 : 0) . ',ticket_alert_dept_manager=' . db_input(isset($var['ticket_alert_dept_manager']) ? 1 : 0) . ',ticket_alert_dept_members=' . db_input(isset($var['ticket_alert_dept_members']) ? 1 : 0) . ',message_alert_active=' . db_input($var['message_alert_active']) . ',message_alert_laststaff=' . db_input(isset($var['message_alert_laststaff']) ? 1 : 0) . ',message_alert_assigned=' . db_input(isset($var['message_alert_assigned']) ? 1 : 0) . ',message_alert_dept_manager=' . db_input(isset($var['message_alert_dept_manager']) ? 1 : 0) . ',note_alert_active=' . db_input($var['note_alert_active']) . ',note_alert_laststaff=' . db_input(isset($var['note_alert_laststaff']) ? 1 : 0) . ',note_alert_assigned=' . db_input(isset($var['note_alert_assigned']) ? 1 : 0) . ',note_alert_dept_manager=' . db_input(isset($var['note_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_active=' . db_input($var['overdue_alert_active']) . ',overdue_alert_assigned=' . db_input(isset($var['overdue_alert_assigned']) ? 1 : 0) . ',overdue_alert_dept_manager=' . db_input(isset($var['overdue_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_dept_members=' . db_input(isset($var['overdue_alert_dept_members']) ? 1 : 0) . ',auto_assign_reopened_tickets=' . db_input(isset($var['auto_assign_reopened_tickets']) ? 1 : 0) . ',show_assigned_tickets=' . db_input(isset($var['show_assigned_tickets']) ? 1 : 0) . ',show_answered_tickets=' . db_input(isset($var['show_answered_tickets']) ? 1 : 0) . ',hide_staff_name=' . db_input(isset($var['hide_staff_name']) ? 1 : 0) . ',overlimit_notice_active=' . db_input($var['overlimit_notice_active']) . ',random_ticket_ids=' . db_input($var['random_ticket_ids']) . ',time_format=' . db_input($var['time_format']) . ',date_format=' . db_input($var['date_format']) . ',datetime_format=' . db_input($var['datetime_format']) . ',daydatetime_format=' . db_input($var['daydatetime_format']) . ',reply_separator=' . db_input(trim($var['reply_separator'])) . ',admin_email=' . db_input($var['admin_email']) . ',helpdesk_title=' . db_input($var['helpdesk_title']) . ',helpdesk_url=' . db_input($var['helpdesk_url']) . ' WHERE id=' . $this->getId(); //echo $sql; if (db_query($sql)) { if (db_affected_rows()) { //Something actually changed!!!! $this->reload(); //Reload the new info. require_once INCLUDE_DIR . 'class.cron.php'; Sys::purgeLogs(); //Cleanup the logs --- too bad if it was a mistaken config. Cron::TicketMonitor(); //Age & cleanup } return true; } return false; }
function process($fields, $vars, &$errors) { $val = new Validator(); $val->setFields($fields); if (!$val->validate($vars)) { $errors = array_merge($errors, $val->errors()); } return !$errors; }
function create($var, &$errors, $origin, $autorespond = true, $alertstaff = true) { global $cfg, $thisclient, $_FILES; $id = 0; $fields = array(); $fields['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required'); $fields['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $fields['subject'] = array('type' => 'string', 'required' => 1, 'error' => 'Subject required'); $fields['message'] = array('type' => 'text', 'required' => 1, 'error' => 'Message required'); if (strcasecmp($origin, 'web') == 0) { //Help topic only applicable on web tickets. $fields['topicId'] = array('type' => 'int', 'required' => 1, 'error' => 'Select help topic'); } elseif (strcasecmp($origin, 'staff') == 0) { //tickets created by staff...e.g on callins. $fields['deptId'] = array('type' => 'int', 'required' => 1, 'error' => 'Dept. required'); $fields['source'] = array('type' => 'string', 'required' => 1, 'error' => 'Indicate source'); } else { //Incoming emails (PIPE or POP. $fields['emailId'] = array('type' => 'int', 'required' => 1, 'error' => 'Email unknown'); } $fields['pri'] = array('type' => 'int', 'required' => 0, 'error' => 'Invalid Priority'); $fields['phone'] = array('type' => 'phone', 'required' => 0, 'error' => 'Phone # required'); $validate = new Validator($fields); if (!$validate->validate($var)) { $errors = array_merge($errors, $validate->errors()); } //Make sure the email is not banned if (!$errors && BanList::isbanned($var['email'])) { $errors['err'] = 'Ticket denied Error #403'; } if (!$errors && $thisclient && strcasecmp($thisclient->getEmail(), $var['email'])) { $errors['email'] = 'Email mismatch.'; } //check attachment..if any is set ...only set on webbased tickets.. if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments()) { if (!$cfg->canUploadFileType($_FILES['attachment']['name'])) { $errors['attachment'] = 'Invalid file type [ ' . $_FILES['attachment']['name'] . ' ]'; } elseif ($_FILES['attachment']['size'] > $cfg->getMaxFileSize()) { $errors['attachment'] = 'File is too big. Max ' . $cfg->getMaxFileSize() . ' bytes allowed'; } } //check ticket limits..if limit set is >0 //TODO: Base ticket limits on SLA... if ($var['email'] && !$errors && $cfg->getMaxOpenTickets() > 0) { $openTickets = Ticket::getOpenTicketsByEmail($var['email']); if ($openTickets >= $cfg->getMaxOpenTickets()) { $errors['err'] = "You've reached the maximum open tickets allowed."; //Send the notice only once (when the limit is reached) incase of autoresponders at client end. if ($cfg->getMaxOpenTickets() == $openTickets && $cfg->sendOverlimitNotice()) { $sql = 'SELECT ticket_overlimit_subj,ticket_overlimit_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($cfg->getDefaultTemplateId()); $resp = db_query($sql); if (db_num_rows($resp) && (list($subj, $body) = db_fetch_row($resp))) { $body = str_replace("%name", $var['name'], $body); $body = str_replace("%email", $var['email'], $body); $body = str_replace("%url", $cfg->getBaseUrl(), $body); Misc::sendmail($var['email'], $subj, $body, $cfg->getNoReplyEmail()); } } //Alert admin...this might be spammy (no option to disable)...but it is helpful..I think. $msg = 'Support ticket request denied for ' . $var['email'] . "\n" . 'Open ticket:' . $openTickets . "\n" . 'Max Allowed:' . $cfg->getMaxOpenTickets() . "\n"; Misc::alertAdmin('Overlimit Notice', $msg); } } //Any error above is fatal. if ($errors) { return 0; } // OK...just do it. $deptId = $var['deptId']; //pre-selected Dept if any. $priorityId = $var['pri']; $source = ucfirst($var['source']); // Intenal mapping magic...see if we need to overwrite anything if (isset($var['topicId']) && !$var['deptId']) { //Ticket created via web by user if ($var['topicId'] && ($topic = new Topic($var['topicId'])) && $topic->getId()) { $deptId = $topic->getDeptId(); $priorityId = $priorityId ? $priorityId : $topic->getPriorityId(); $autorespond = $topic->autoRespond(); } $topic = null; $source = 'Web'; } elseif ($var['emailId'] && !$var['deptId']) { //Emailed Tickets $email = new Email($var['emailId']); if ($email && $email->getId()) { $deptId = $email->getDeptId(); $autorespond = $email->autoRespond(); $priorityId = $priorityId ? $priorityId : $email->getPriorityId(); } $email = null; $source = 'Email'; } elseif ($var['deptId']) { //Opened by staff. $deptId = $var['deptId']; $source = ucfirst($var['source']); } //Last minute checks $priorityId = $priorityId ? $priorityId : $cfg->getDefaultPriorityId(); $deptId = $deptId ? $deptId : $cfg->getDefaultDeptId(); $ipaddress = $var['ip'] ? $var['ip'] : $_SERVER['REMOTE_ADDR']; //We are ready son...hold on to the rails. $extId = Ticket::genExtRandID(); $sql = 'INSERT INTO ' . TICKET_TABLE . ' SET created=NOW() ' . ',ticketID=' . db_input($extId) . ',dept_id=' . db_input($deptId) . ',priority_id=' . db_input($priorityId) . ',email=' . db_input($var['email']) . ',name=' . db_input(Format::striptags($var['name'])) . ',subject=' . db_input(Format::striptags($var['subject'])) . ',phone=' . db_input($var['phone']) . ',ip_address=' . db_input($ipaddress) . ',source=' . db_input($source); //echo $sql; $ticket = null; //return $ticket; if (db_query($sql) && ($id = db_insert_id())) { if (!$cfg->useRandomIds()) { //Sequential ticketIDs support really..really suck arse. $extId = $id; //To make things really easy we are going to use autoincrement ticket_id. db_query('UPDATE ' . TICKET_TABLE . ' SET ticketID=' . db_input($extId) . ' WHERE ticket_id=' . $id); //TODO: RETHING what happens if this fails?? [At the moment on failure random ID is used...making stuff usable] } //Load newly created ticket. $ticket = new Ticket($id); //post the message. $msgid = $ticket->postMessage($var['message'], $var['header'], $source, true); //TODO: recover from postMessage error?? //Upload attachments...web based. if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments() && $msgid) { if (!$cfg->allowAttachmentsOnlogin() || $cfg->allowAttachmentsOnlogin() && ($thisclient && $thisclient->isValid())) { $ticket->uploadAttachment($_FILES['attachment'], $msgid, 'M'); //TODO: recover from upload issues? } } $dept = $ticket->getDept(); //SEND OUT NEW TICKET AUTORESP && ALERTS. //New Ticket AutoResponse.. if ($autorespond && $cfg->autoRespONNewTicket() && $dept->autoRespONNewTicket()) { $sql = 'SELECT ticket_autoresp_subj,ticket_autoresp_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($cfg->getDefaultTemplateId()); $resp = db_query($sql); if ($resp && (list($subj, $body) = db_fetch_row($resp))) { $subj = str_replace("%ticket", $ticket->getExtId(), $subj); $body = str_replace("%ticket", $ticket->getExtId(), $body); $body = str_replace("%name", $ticket->getName(), $body); $body = str_replace("%email", $ticket->getEmail(), $body); $body = str_replace("%url", $cfg->getBaseUrl(), $body); $body = str_replace("%signature", $dept ? $dept->getSignature() : '', $body); $email = $from = $fromName = null; if (!$dept->noreplyAutoResp() && ($email = $dept->getEmail())) { $from = $email->getEmail(); $fromName = $email->getName(); //Reply separator tag. if ($cfg->stripQuotedReply() && ($tag = $cfg->getReplySeparator())) { $body = "\n{$tag}\n\n" . $body; } } else { $from = $cfg->getNoReplyEmail(); } Misc::sendmail($ticket->getEmail(), $subj, $body, $from, $fromName); } } //If enabled...send alert to staff (New Ticket Alert) if ($alertstaff && $cfg->alertONNewTicket() && is_object($ticket)) { $sql = 'SELECT ticket_alert_subj,ticket_alert_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($cfg->getDefaultTemplateId()); $resp = db_query($sql); if ($resp && (list($subj, $body) = db_fetch_row($resp))) { $body = str_replace("%ticket", $ticket->getExtId(), $body); $body = str_replace("%name", $ticket->getName(), $body); $body = str_replace("%email", $ticket->getEmail(), $body); $body = str_replace("%subject", $ticket->getSubject(), $body); $body = str_replace("%dept", $dept ? $dept->getName() : '', $body); $body = str_replace("%message", $var['message'], $body); $body = str_replace("%url", $cfg->getBaseUrl(), $body); $sentlist = array(); //Admin Alert. if ($cfg->alertAdminONNewTicket()) { $alert = str_replace("%staff", 'Admin', $body); Misc::sendmail($cfg->getAdminEmail(), $subj, $alert, $cfg->getAlertEmail()); $sentlist[] = $cfg->getAdminEmail(); } //get the list $recipients = array(); //Dept. Manager if ($cfg->alertDeptManagerONNewTicket()) { $recipients[] = $dept->getManager(); } //Staff members if ($cfg->alertDeptMembersONNewTicket()) { $sql = 'SELECT staff_id FROM ' . STAFF_TABLE . ' WHERE onvacation=0 AND dept_id=' . db_input($dept->getId()); if (($users = db_query($sql)) && db_num_rows($users)) { while (list($id) = db_fetch_row($users)) { $recipients[] = new Staff($id); } } } //Ok...we are ready to go...baby! foreach ($recipients as $k => $staff) { if (!$staff || !is_object($staff) || !$staff->isAvailable()) { continue; } if (in_array($staff->getEmail(), $sentlist)) { continue; } //avoid duplicate emails. $alert = str_replace("%staff", $staff->getFirstName(), $body); Misc::sendmail($staff->getEmail(), $subj, $alert, $cfg->getAlertEmail()); $sentlist[] = $staff->getEmail(); } } } } return $ticket; }
function updatePref($var, &$errors) { if (!$var || $errors) { return false; } $f = array(); $f['helpdesk_url'] = array('type' => 'string', 'required' => 1, 'error' => 'Helpdesk URl required'); //TODO: Add url validation $f['helpdesk_title'] = array('type' => 'string', 'required' => 1, 'error' => 'Helpdesk title required'); $f['default_dept'] = array('type' => 'int', 'required' => 1, 'error' => 'Default Dept. required'); $f['default_email'] = array('type' => 'int', 'required' => 1, 'error' => 'Default email required'); $f['default_template'] = array('type' => 'int', 'required' => 1, 'error' => 'You must select template.'); $f['staff_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter idle time in minutes'); $f['client_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter idle time in minutes'); $f['time_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Time format required'); //TODO: Add date format validation $f['date_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Date format required'); $f['datetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Datetime format required'); $f['daydatetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Day, Datetime format required'); $f['noreply_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['alert_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['autolock_minutes'] = array('type' => 'int', 'required' => 1, 'error' => 'Enter lock time in minutes'); //TODO: check option fields for validity. //do the validation. $val = new Validator(); $val->setFields($f); if (!$val->validate($var)) { $errors = array_merge($errors, $val->errors()); } if ($_POST['ticket_alert_active'] && (!isset($_POST['ticket_alert_admin']) && !isset($_POST['ticket_alert_dept_manager']) && !isset($_POST['ticket_alert_dept_members']))) { $errors['ticket_alert_active'] = 'No target recipient(s) selected'; } if ($_POST['message_alert_active'] && (!isset($_POST['message_alert_laststaff']) && !isset($_POST['message_alert_assigned']) && !isset($_POST['message_alert_dept_manager']))) { $errors['message_alert_active'] = 'No target recipient(s) selected'; } if ($_POST['strip_quoted_reply'] && !$_POST['reply_separator']) { $errors['reply_separator'] = 'Reply separator required (?)'; } if ($errors) { return false; } //No go! //We are good to go...blanket update! $sql = 'UPDATE ' . CONFIG_TABLE . ' SET isonline=' . db_input($var['isonline']) . ',timezone_offset=' . db_input($var['timezone_offset']) . ',enable_daylight_saving=' . db_input(isset($var['enable_daylight_saving']) ? 1 : 0) . ',staff_session_timeout=' . db_input($var['staff_session_timeout']) . ',client_session_timeout=' . db_input($var['client_session_timeout']) . ',max_page_size=' . db_input($var['max_page_size']) . ',max_open_tickets=' . db_input($var['max_open_tickets']) . ',autolock_minutes=' . db_input($var['autolock_minutes']) . ',overdue_grace_period=' . db_input($var['overdue_grace_period']) . ',default_email=' . db_input($var['default_email']) . ',default_dept=' . db_input($var['default_dept']) . ',default_priority=' . db_input($var['default_priority']) . ',default_template=' . db_input($var['default_template']) . ',clickable_urls=' . db_input(isset($var['clickable_urls']) ? 1 : 0) . ',allow_priority_change=' . db_input(isset($var['allow_priority_change']) ? 1 : 0) . ',use_email_priority=' . db_input(isset($var['use_email_priority']) ? 1 : 0) . ',enable_auto_cron=' . db_input(isset($var['enable_auto_cron']) ? 1 : 0) . ',enable_pop3_fetch=' . db_input(isset($var['enable_pop3_fetch']) ? 1 : 0) . ',enable_email_piping=' . db_input(isset($var['enable_email_piping']) ? 1 : 0) . ',send_sql_errors=' . db_input(isset($var['send_sql_errors']) ? 1 : 0) . ',send_mailparse_errors=' . db_input(isset($var['send_mailparse_errors']) ? 1 : 0) . ',send_login_errors=' . db_input(isset($var['send_login_errors']) ? 1 : 0) . ',save_email_headers=' . db_input(isset($var['save_email_headers']) ? 1 : 0) . ',strip_quoted_reply=' . db_input(isset($var['strip_quoted_reply']) ? 1 : 0) . ',email_attachments=' . db_input(isset($var['email_attachments']) ? 1 : 0) . ',ticket_autoresponder=' . db_input($var['ticket_autoresponder']) . ',message_autoresponder=' . db_input($var['message_autoresponder']) . ',ticket_alert_active=' . db_input($var['ticket_alert_active']) . ',ticket_alert_admin=' . db_input(isset($var['ticket_alert_admin']) ? 1 : 0) . ',ticket_alert_dept_manager=' . db_input(isset($var['ticket_alert_dept_manager']) ? 1 : 0) . ',ticket_alert_dept_members=' . db_input(isset($var['ticket_alert_dept_members']) ? 1 : 0) . ',message_alert_active=' . db_input($var['message_alert_active']) . ',message_alert_laststaff=' . db_input(isset($var['message_alert_laststaff']) ? 1 : 0) . ',message_alert_assigned=' . db_input(isset($var['message_alert_assigned']) ? 1 : 0) . ',message_alert_dept_manager=' . db_input(isset($var['message_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_active=' . db_input($var['overdue_alert_active']) . ',overdue_alert_assigned=' . db_input(isset($var['overdue_alert_assigned']) ? 1 : 0) . ',overdue_alert_dept_manager=' . db_input(isset($var['overdue_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_dept_members=' . db_input(isset($var['overdue_alert_dept_members']) ? 1 : 0) . ',auto_assign_reopened_tickets=' . db_input(isset($var['auto_assign_reopened_tickets']) ? 1 : 0) . ',show_assigned_tickets=' . db_input(isset($var['show_assigned_tickets']) ? 1 : 0) . ',overlimit_notice_active=' . db_input(isset($var['overlimit_notice_active']) ? 1 : 0) . ',random_ticket_ids=' . db_input($var['random_ticket_ids']) . ',time_format=' . db_input($var['time_format']) . ',date_format=' . db_input($var['date_format']) . ',datetime_format=' . db_input($var['datetime_format']) . ',daydatetime_format=' . db_input($var['daydatetime_format']) . ',reply_separator=' . db_input($var['reply_separator']) . ',noreply_email=' . db_input($var['noreply_email']) . ',alert_email=' . db_input($var['alert_email']) . ',admin_email=' . db_input($var['admin_email']) . ',helpdesk_title=' . db_input($var['helpdesk_title']) . ',helpdesk_url=' . db_input($var['helpdesk_url']) . ' WHERE id=' . $this->getId(); //echo $sql; return db_query($sql) ? TRUE : FALSE; }
/** * Adds a nested validator. * * Nesting validators allows you to define validators for array * types. For example, nested validators are ideal when you want to validate many * similar sub-documents or complex array types. * * This method assumes that the sub-document has a 1:N relationship with the parent. * * The providers of the parent validator will be synced into the nested validator, when * errors are checked. This ensures that any validation rule providers connected * in the parent will have the same values in the nested validator when rules are evaluated. * * @param Validator $validator The nested validator. * @return $this */ public function each(Validator $validator) { $this->add(function ($value) use($validator) { if (!is_array($value)) { return false; } $errors = []; foreach ($value as $i => $row) { $check = $validator->errors($row); if (!empty($check)) { $errors[$i] = $check; } } return empty($errors) ? true : $errors; }); }
function update($var, &$errors) { $fields = array(); $fields['id'] = array('type' => 'int', 'required' => 1, 'error' => 'Error Interno'); $fields['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Nombre requerido'); //Notices sent to user $fields['ticket_autoresp_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_autoresp_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido'); $fields['message_autoresp_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['message_autoresp_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido'); $fields['ticket_notice_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_notice_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['ticket_overlimit_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_overlimit_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['ticket_reply_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_reply_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); //Alerts sent to Staff $fields['ticket_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['message_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['message_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['note_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['note_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['assigned_alert_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['assigned_alert_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $fields['ticket_overdue_subj'] = array('type' => 'string', 'required' => 1, 'error' => 'Asunto requerido'); $fields['ticket_overdue_body'] = array('type' => 'string', 'required' => 1, 'error' => 'Mensaje de plantilla requerido erforderlich'); $validate = new Validator($fields); if (!$validate->validate($var)) { $errors = array_merge($errors, $validate->errors()); } if (!$errors && $var['id'] && $var['id'] != $this->getId()) { $errors['err'] = 'Error interno. Inténtelo de nuevo'; } if (!$errors['name'] && ($tid = Template::getIdByName($var['name'])) && $tid != $this->getId()) { $errors['name'] = 'Este nombre ya esta en uso'; } if (!$errors) { $sql = 'UPDATE ' . EMAIL_TEMPLATE_TABLE . ' SET updated=NOW() ' . ',name=' . db_input(Format::striptags($var['name'])) . ',notes=' . db_input(Format::striptags($var['notes'])) . ',ticket_autoresp_subj=' . db_input(Format::striptags($var['ticket_autoresp_subj'])) . ',ticket_autoresp_body=' . db_input(Format::striptags($var['ticket_autoresp_body'])) . ',message_autoresp_subj=' . db_input(Format::striptags($var['message_autoresp_subj'])) . ',message_autoresp_body=' . db_input(Format::striptags($var['message_autoresp_body'])) . ',ticket_notice_subj=' . db_input(Format::striptags($var['ticket_notice_subj'])) . ',ticket_notice_body=' . db_input(Format::striptags($var['ticket_notice_body'])) . ',ticket_alert_subj=' . db_input(Format::striptags($var['ticket_alert_subj'])) . ',ticket_alert_body=' . db_input(Format::striptags($var['ticket_alert_body'])) . ',message_alert_subj=' . db_input(Format::striptags($var['message_alert_subj'])) . ',message_alert_body=' . db_input(Format::striptags($var['message_alert_body'])) . ',note_alert_subj=' . db_input(Format::striptags($var['note_alert_subj'])) . ',note_alert_body=' . db_input(Format::striptags($var['note_alert_body'])) . ',assigned_alert_subj=' . db_input(Format::striptags($var['assigned_alert_subj'])) . ',assigned_alert_body=' . db_input(Format::striptags($var['assigned_alert_body'])) . ',ticket_overdue_subj=' . db_input(Format::striptags($var['ticket_overdue_subj'])) . ',ticket_overdue_body=' . db_input(Format::striptags($var['ticket_overdue_body'])) . ',ticket_overlimit_subj=' . db_input(Format::striptags($var['ticket_overlimit_subj'])) . ',ticket_overlimit_body=' . db_input(Format::striptags($var['ticket_overlimit_body'])) . ',ticket_reply_subj=' . db_input(Format::striptags($var['ticket_reply_subj'])) . ',ticket_reply_body=' . db_input(Format::striptags($var['ticket_reply_body'])) . ' WHERE tpl_id=' . db_input($this->getId()); if (!db_query($sql) || !db_affected_rows()) { $errors['err'] = 'No se puede actualizar. Error interno'; } } return $errors ? false : true; }
public function orderAction() { if (isset($_POST)) { $data = []; try { if (!isset($_POST['name'])) { throw new Exception('name'); } $data['name'] = htmlspecialchars($_POST['name']); if (!isset($_POST['phone'])) { throw new Exception('phone'); } $data['phone'] = htmlspecialchars($_POST['phone']); if (!isset($_POST['comment'])) { throw new Exception('comment'); } $data['comment'] = htmlspecialchars($_POST['comment']); if (!isset($_POST['path'])) { throw new Exception('path'); } $data['path'] = htmlspecialchars($_POST['path']); if (!isset($_POST['address'])) { throw new Exception('honeyPot'); } $honeyPot = htmlspecialchars($_POST['address']); $data['honeyPot'] = $honeyPot; // Проверка на бота if ($honeyPot != '') { $this->errorAction(1001, 'Custom system error', ['honeyPot' => 'honeyPot']); } // Валидация $v = new Validator(['name' => $data['name'], 'phone' => $data['phone'], 'comment' => $data['comment']]); $v->rule('required', 'comment')->message('comment!'); $v->rule('required', 'name')->message('name!'); $v->rule('regex', 'name', '/^([a-zа-я\\s\\-]+)$/iu')->message('name!!'); $v->rule('required', 'phone')->message('phone!'); $v->rule('phone', 'phone')->message('phone!!'); if ($v->validate()) { if (!empty($data['path'])) { $query = new MSTable('{www}'); $query->setFields(['title_page']); $query->setFilter('path_id = ' . $data['path']); $data['path'] = $query->getItem(); $data['path'] = $data['path']['title_page']; } // Проверяем есть ли файл в наличии $type = 'modal'; if (isset($_SESSION['uploaded'][$type]['directory'])) { $path = $_SESSION['uploaded'][$type]['directory']; unset($_SESSION['uploaded'][$type]['directory']); } $title = "Заявка с сайта " . DOMAIN; $msg = template('email/order', $data); if (isset($path)) { $files = str_replace('\\', '/', $path); $from = "noreply@" . DOMAIN; // Помещаем в базу MSCore::db()->insert(PRFX . 'mails', ['subject' => $title, 'files' => $files, 'text' => $msg, 'from' => $from]); $msg = template('email/order', $data + ['files' => $files]); } else { $mail = new SendMail(); $mail->init(); $mail->setEncoding("utf8"); $mail->setEncType("base64"); $mail->setSubject($title); $mail->setMessage($msg); $mail->setFrom("noreply@" . DOMAIN, "apstroy"); $emails = MSCore::db()->getCol('SELECT `mail` FROM `' . PRFX . 'mailer`'); foreach ($emails as $email) { $mail->setTo($email); $mail->send(); } } $sql = "\n INSERT INTO mp_list(`title`,`text`)\n VALUES('" . $title . "','" . $msg . "');\n "; MSCore::db()->execute($sql); $this->addData(['succes' => 'Ok']); $this->successAction(); } else { $errors = $v->errors(); foreach ($errors as $_name => $_error) { if (is_array($_error)) { $errors[$_name] = reset($_error); } } $this->errorAction(1001, 'Custom system error', ['data' => $data, 'error' => $errors]); } } catch (Exception $exception) { $error = $exception->getMessage(); $this->errorAction(1001, 'Custom system error', ['error' => $error, 'postArgument' => 'noPostArgument']); } } }
function create($var, &$errors, $origin, $autorespond = true, $alertstaff = true) { global $cfg, $thisclient, $_FILES; /* Coders never code so fully and joyfully as when they do it for free - Peter Rotich */ $id = 0; $fields = array(); $fields['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required'); $fields['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $fields['subject'] = array('type' => 'string', 'required' => 1, 'error' => 'Subject required'); $fields['message'] = array('type' => 'text', 'required' => 1, 'error' => 'Message required'); if (strcasecmp($origin, 'web') == 0) { //Help topic only applicable on web tickets. $fields['topicId'] = array('type' => 'int', 'required' => 1, 'error' => 'Select help topic'); } elseif (strcasecmp($origin, 'staff') == 0) { //tickets created by staff...e.g on callins. $fields['deptId'] = array('type' => 'int', 'required' => 1, 'error' => 'Dept. required'); $fields['source'] = array('type' => 'string', 'required' => 1, 'error' => 'Indicate source'); $fields['duedate'] = array('type' => 'date', 'required' => 0, 'error' => 'Invalid date - must be MM/DD/YY'); } else { //Incoming emails $fields['emailId'] = array('type' => 'int', 'required' => 1, 'error' => 'Email unknown'); } $fields['pri'] = array('type' => 'int', 'required' => 0, 'error' => 'Invalid Priority'); $fields['phone'] = array('type' => 'phone', 'required' => 0, 'error' => 'Valid phone # required'); $validate = new Validator($fields); if (!$validate->validate($var)) { $errors = array_merge($errors, $validate->errors()); } //Make sure the email is not banned if (!$errors && BanList::isbanned($var['email'])) { $errors['err'] = 'Ticket denied. Error #403'; //We don't want to tell the user the real reason...Psssst. Sys::log(LOG_WARNING, 'Ticket denied', 'Banned email - ' . $var['email']); //We need to let admin know which email got banned. } if (!$errors && $thisclient && strcasecmp($thisclient->getEmail(), $var['email'])) { $errors['email'] = 'Email mismatch.'; } //Make sure phone extension is valid if ($var['phone_ext']) { if (!is_numeric($var['phone_ext']) && !$errors['phone']) { $errors['phone'] = 'Invalid phone ext.'; } elseif (!$var['phone']) { //make sure they just didn't enter ext without phone # $errors['phone'] = 'Phone number required'; } } //Make sure the due date is valid if ($var['duedate']) { if (!$var['time'] || strpos($var['time'], ':') === false) { $errors['time'] = 'Select time'; } elseif (strtotime($var['duedate'] . ' ' . $var['time']) === false) { $errors['duedate'] = 'Invalid duedate'; } elseif (strtotime($var['duedate'] . ' ' . $var['time']) <= time()) { $errors['duedate'] = 'Due date must be in the future'; } } //check attachment..if any is set ...only set on webbased tickets.. if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments()) { if (!$cfg->canUploadFileType($_FILES['attachment']['name'])) { $errors['attachment'] = 'Invalid file type [ ' . Format::htmlchars($_FILES['attachment']['name']) . ' ]'; } elseif ($_FILES['attachment']['size'] > $cfg->getMaxFileSize()) { $errors['attachment'] = 'File is too big. Max ' . $cfg->getMaxFileSize() . ' bytes allowed'; } } //check ticket limits..if limit set is >0 //TODO: Base ticket limits on SLA... if ($var['email'] && !$errors && $cfg->getMaxOpenTickets() > 0 && strcasecmp($origin, 'staff')) { $openTickets = Ticket::getOpenTicketsByEmail($var['email']); if ($openTickets >= $cfg->getMaxOpenTickets()) { $errors['err'] = "You've reached the maximum open tickets allowed."; //Send the notice only once (when the limit is reached) incase of autoresponders at client end. if ($cfg->getMaxOpenTickets() == $openTickets && $cfg->sendOverlimitNotice()) { if ($var['deptId']) { $dept = new Dept($var['deptId']); } if (!$dept || !($tplId = $dept->getTemplateId())) { $tplId = $cfg->getDefaultTemplateId(); } $sql = 'SELECT ticket_overlimit_subj,ticket_overlimit_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($tplId); $resp = db_query($sql); if (db_num_rows($resp) && (list($subj, $body) = db_fetch_row($resp))) { $body = str_replace("%name", $var['name'], $body); $body = str_replace("%email", $var['email'], $body); $body = str_replace("%url", $cfg->getBaseUrl(), $body); $body = str_replace('%signature', $dept && $dept->isPublic() ? $dept->getSignature() : '', $body); if (!$dept || !($email = $dept->getAutoRespEmail())) { $email = $cfg->getDefaultEmail(); } if ($email) { $email->send($var['email'], $subj, $body); } } //Alert admin...this might be spammy (no option to disable)...but it is helpful..I think. $msg = 'Support ticket request denied for ' . $var['email'] . "\n" . 'Open ticket:' . $openTickets . "\n" . 'Max Allowed:' . $cfg->getMaxOpenTickets() . "\n\nNotice only sent once"; Sys::alertAdmin('Overlimit Notice', $msg); } } } //Any error above is fatal. if ($errors) { return 0; } // OK...just do it. $deptId = $var['deptId']; //pre-selected Dept if any. $priorityId = $var['pri']; $source = ucfirst($var['source']); $topic = NULL; // Intenal mapping magic...see if we need to overwrite anything if (isset($var['topicId'])) { //Ticket created via web by user/or staff if ($var['topicId'] && ($topic = new Topic($var['topicId'])) && $topic->getId()) { $deptId = $deptId ? $deptId : $topic->getDeptId(); $priorityId = $priorityId ? $priorityId : $topic->getPriorityId(); $topicDesc = $topic->getName(); if ($autorespond) { $autorespond = $topic->autoRespond(); } } $source = $var['source'] ? $var['source'] : 'Web'; } elseif ($var['emailId'] && !$var['deptId']) { //Emailed Tickets $email = new Email($var['emailId']); if ($email && $email->getId()) { $deptId = $email->getDeptId(); $priorityId = $priorityId ? $priorityId : $email->getPriorityId(); if ($autorespond) { $autorespond = $email->autoRespond(); } } $email = null; $source = 'Email'; } elseif ($var['deptId']) { //Opened by staff. $deptId = $var['deptId']; $source = ucfirst($var['source']); } //Don't auto respond to mailer daemons. if (strpos(strtolower($var['email']), 'mailer-daemon@') !== false || strpos(strtolower($var['email']), 'postmaster@') !== false) { $autorespond = false; } //Last minute checks $priorityId = $priorityId ? $priorityId : $cfg->getDefaultPriorityId(); $deptId = $deptId ? $deptId : $cfg->getDefaultDeptId(); $topicId = $var['topicId'] ? $var['topicId'] : 0; $ipaddress = $var['ip'] ? $var['ip'] : $_SERVER['REMOTE_ADDR']; //We are ready son...hold on to the rails. $extId = Ticket::genExtRandID(); $sql = 'INSERT INTO ' . TICKET_TABLE . ' SET created=NOW() ' . ',ticketID=' . db_input($extId) . ',dept_id=' . db_input($deptId) . ',topic_id=' . db_input($topicId) . ',priority_id=' . db_input($priorityId) . ',email=' . db_input($var['email']) . ',name=' . db_input(Format::striptags($var['name'])) . ',subject=' . db_input(Format::striptags($var['subject'])) . ',helptopic=' . db_input(Format::striptags($topicDesc)) . ',phone="' . db_input($var['phone'], false) . '"' . ',phone_ext=' . db_input($var['phone_ext'] ? $var['phone_ext'] : '') . ',ip_address=' . db_input($ipaddress) . ',source=' . db_input($source); //Make sure the origin is staff - avoid firebug hack! if ($var['duedate'] && !strcasecmp($origin, 'staff')) { $sql .= ',duedate=' . db_input(date('Y-m-d G:i', Misc::dbtime($var['duedate'] . ' ' . $var['time']))); } //echo $sql; $ticket = null; //return $ticket; if (db_query($sql) && ($id = db_insert_id())) { if (!$cfg->useRandomIds()) { //Sequential ticketIDs support really..really suck arse. $extId = $id; //To make things really easy we are going to use autoincrement ticket_id. db_query('UPDATE ' . TICKET_TABLE . ' SET ticketID=' . db_input($extId) . ' WHERE ticket_id=' . $id); //TODO: RETHING what happens if this fails?? [At the moment on failure random ID is used...making stuff usable] } //Load newly created ticket. $ticket = new Ticket($id); //post the message. $msgid = $ticket->postMessage($var['message'], $source, $var['mid'], $var['header'], true); //TODO: recover from postMessage error?? //Upload attachments...web based. if ($_FILES['attachment']['name'] && $cfg->allowOnlineAttachments() && $msgid) { if (!$cfg->allowAttachmentsOnlogin() || $cfg->allowAttachmentsOnlogin() && ($thisclient && $thisclient->isValid())) { $ticket->uploadAttachment($_FILES['attachment'], $msgid, 'M'); //TODO: recover from upload issues? } } $dept = $ticket->getDept(); if (!$dept || !($tplId = $dept->getTemplateId())) { $tplId = $cfg->getDefaultTemplateId(); } //Overwrite auto responder if the FROM email is one of the internal emails...loop control. if ($autorespond && Email::getIdByEmail($ticket->getEmail())) { $autorespond = false; } //SEND OUT NEW TICKET AUTORESP && ALERTS. //New Ticket AutoResponse.. if ($autorespond && $cfg->autoRespONNewTicket() && $dept->autoRespONNewTicket()) { $sql = 'SELECT ticket_autoresp_subj,ticket_autoresp_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($tplId); if (($resp = db_query($sql)) && db_num_rows($resp) && (list($subj, $body) = db_fetch_row($resp))) { $body = $ticket->replaceTemplateVars($body); $subj = $ticket->replaceTemplateVars($subj); $body = str_replace('%message', $var['issue'] ? $var['issue'] : $var['message'], $body); $body = str_replace('%signature', $dept && $dept->isPublic() ? $dept->getSignature() : '', $body); if (!$dept || !($email = $dept->getAutoRespEmail())) { $email = $cfg->getDefaultEmail(); } if ($email) { //Reply separator tag. if ($cfg->stripQuotedReply() && ($tag = $cfg->getReplySeparator())) { $body = "\n{$tag}\n\n" . $body; } $email->send($ticket->getEmail(), $subj, $body); } } else { Sys::log(LOG_WARNING, 'Template Fetch Error', "Unable to fetch autoresponse template #{$tplId}"); } } //If enabled...send alert to staff (New Ticket Alert) if ($alertstaff && $cfg->alertONNewTicket() && is_object($ticket)) { $sql = 'SELECT ticket_alert_subj,ticket_alert_body FROM ' . EMAIL_TEMPLATE_TABLE . ' WHERE cfg_id=' . db_input($cfg->getId()) . ' AND tpl_id=' . db_input($tplId); if (($resp = db_query($sql)) && db_num_rows($resp) && (list($subj, $body) = db_fetch_row($resp))) { $body = $ticket->replaceTemplateVars($body); $subj = $ticket->replaceTemplateVars($subj); $body = str_replace('%message', $var['issue'] ? $var['issue'] : $var['message'], $body); if (!($email = $cfg->getAlertEmail())) { $email = $cfg->getDefaultEmail(); } if ($email && $email->getId()) { $sentlist = array(); //Admin Alert. if ($cfg->alertAdminONNewTicket()) { $alert = str_replace("%staff", 'Admin', $body); $email->send($cfg->getAdminEmail(), $subj, $alert); $sentlist[] = $cfg->getAdminEmail(); } //get the list $recipients = array(); //Dept. Manager if ($cfg->alertDeptManagerONNewTicket()) { $recipients[] = $dept->getManager(); } //Staff members if ($cfg->alertDeptMembersONNewTicket()) { $sql = 'SELECT staff_id FROM ' . STAFF_TABLE . ' WHERE onvacation=0 AND dept_id=' . db_input($dept->getId()); if (($users = db_query($sql)) && db_num_rows($users)) { while (list($id) = db_fetch_row($users)) { $recipients[] = new Staff($id); } } } foreach ($recipients as $k => $staff) { if (!$staff || !is_object($staff) || !$staff->isAvailable()) { continue; } if (in_array($staff->getEmail(), $sentlist)) { continue; } //avoid duplicate emails. $alert = str_replace("%staff", $staff->getFirstName(), $body); $email->send($staff->getEmail(), $subj, $alert); $sentlist[] = $staff->getEmail(); } } } else { Sys::log(LOG_WARNING, 'Template Fetch Error', "Unable to fetch 'new ticket' alert template #{$tplId}"); } } } return $ticket; }
$this->addRuleMessage('unique', 'That {field} is already taken.'); } /** * Check if a value already exists in a database table. * * @param mixed $value * @param array $input * @param array $args * * @return bool */ public function validate_unique($value, $input, $args) { $table = $args[0]; $column = $args[1]; $value = trim($value); $exists = $this->db->prepare("\n SELECT count(*) as count\n FROM {$table}\n WHERE {$column} = :value\n "); $exists->execute(['value' => $value]); return !(bool) $exists->fetchObject()->count; } } //-- Any other file // Some database dependency $db = new PDO('mysql:dbname=project;host=localhost', 'root', 'root'); $v = new Validator($db); $v->validate(['username' => ['alex', 'required|alpha|min(3)|max(20)|unique(users, username)'], 'email' => ['*****@*****.**', 'required|email|unique(users, email)']]); if ($v->passes()) { // Passed } else { var_dump($v->errors()->all()); }
$msg = _('Ticket Assigned to') . ' ' . ($staff ? $staff->getName() : _('staff')); //Remove all the locks and go back to index page. TicketLock::removeStaffLocks($thisuser->getId(), $ticket->getId()); $page = 'tickets.inc.php'; $ticket = null; } elseif (!$errors['err']) { $errors['err'] = _('Unable to assign the ticket'); } break; case 'postnote': $fields = array(); $fields['title'] = array('type' => 'string', 'required' => 1, 'error' => _('Title required')); $fields['note'] = array('type' => 'string', 'required' => 1, 'error' => _('Note message required')); $params = new Validator($fields); if (!$params->validate($_POST)) { $errors = array_merge($errors, $params->errors()); } if (!$errors && $ticket->postNote($_POST['title'], $_POST['note'])) { $msg = _('Internal note posted'); if (isset($_POST['ticket_status']) && $_POST['ticket_status']) { if ($ticket->setStatus($_POST['ticket_status']) && $ticket->reload()) { $msg .= ' ' . _('and status set to') . ' ' . ($ticket->isClosed() ? _('closed') : _('open')); if ($ticket->isClosed()) { $page = $ticket = null; } //Going back to main listing. } } } elseif (!$errors['err']) { $errors['err'] = _('Error(s) occured. Unable to post the note.'); }
function update($var, &$errors) { global $cfg, $thisstaff; $fields = array(); $fields['name'] = array('type' => 'string', 'required' => 1, 'error' => 'Name required'); $fields['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Email is required'); $fields['note'] = array('type' => 'text', 'required' => 1, 'error' => 'Reason for the update required'); $fields['subject'] = array('type' => 'string', 'required' => 1, 'error' => 'Subject required'); $fields['topicId'] = array('type' => 'int', 'required' => 0, 'error' => 'Invalid Selection'); $fields['pri'] = array('type' => 'int', 'required' => 0, 'error' => 'Invalid Priority'); $fields['phone'] = array('type' => 'phone', 'required' => 0, 'error' => 'Valid phone # required'); $fields['duedate'] = array('type' => 'date', 'required' => 0, 'error' => 'Invalid date - must be MM/DD/YY'); $params = new Validator($fields); if (!$params->validate($var)) { $errors = array_merge($errors, $params->errors()); } if ($var['duedate']) { if ($this->isClosed()) { $errors['duedate'] = 'Duedate can NOT be set on a closed ticket'; } elseif (!$var['time'] || strpos($var['time'], ':') === false) { $errors['time'] = 'Select time'; } elseif (strtotime($var['duedate'] . ' ' . $var['time']) === false) { $errors['duedate'] = 'Invalid duedate'; } elseif (strtotime($var['duedate'] . ' ' . $var['time']) <= time()) { $errors['duedate'] = 'Due date must be in the future'; } } //Make sure phone extension is valid if ($var['phone_ext']) { if (!is_numeric($var['phone_ext']) && !$errors['phone']) { $errors['phone'] = 'Invalid phone ext.'; } elseif (!$var['phone']) { //make sure they just didn't enter ext without phone # $errors['phone'] = 'Phone number required'; } } $cleartopic = false; $topicDesc = ''; if ($var['topicId'] && ($topic = new Topic($var['topicId'])) && $topic->getId()) { $topicDesc = $topic->getName(); } elseif (!$var['topicId'] && $this->getTopicId()) { $topicDesc = ''; $cleartopic = true; } if (!$errors) { $sql = 'UPDATE ' . TICKET_TABLE . ' SET updated=NOW() ' . ',email=' . db_input($var['email']) . ',name=' . db_input(Format::striptags($var['name'])) . ',subject=' . db_input(Format::striptags($var['subject'])) . ',phone="' . db_input($var['phone'], false) . '"' . ',phone_ext=' . db_input($var['phone_ext'] ? $var['phone_ext'] : NULL) . ',priority_id=' . db_input($var['pri']) . ',topic_id=' . db_input($var['topicId']) . ',duedate=' . ($var['duedate'] ? db_input(date('Y-m-d G:i', Misc::dbtime($var['duedate'] . ' ' . $var['time']))) : 'NULL'); if ($var['duedate']) { //We are setting new duedate... $sql .= ',isoverdue=0'; } if ($topicDesc || $cleartopic) { //we're overwriting previous topic. $sql .= ',helptopic=' . db_input($topicDesc); } $sql .= ' WHERE ticket_id=' . db_input($this->getId()); //echo $sql; if (db_query($sql)) { $this->postNote('Ticket Updated', $var['note']); $this->reload(); return true; } } return false; }
function updatePref($var, &$errors) { if (!$var || $errors) { return false; } $f = array(); $f['helpdesk_url'] = array('type' => 'string', 'required' => 1, 'error' => 'Assistência técnica URlnecessário'); //TODO: Add url validation $f['helpdesk_title'] = array('type' => 'string', 'required' => 1, 'error' => 'Título da Assistência Técnica exigido'); $f['default_dept_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Departamento Padrão necessário'); $f['default_email_id'] = array('type' => 'int', 'required' => 1, 'error' => 'E-mail padrão exigido'); $f['default_template_id'] = array('type' => 'int', 'required' => 1, 'error' => 'Você deve selecionar modelo.'); $f['staff_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Digite tempo inativo em minutos'); $f['client_session_timeout'] = array('type' => 'int', 'required' => 1, 'error' => 'Digite tempo inativo em minutos'); $f['time_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de tempo necessário'); //TODO: Add date format validation $f['date_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato da data requerida'); $f['datetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato de data e hora necessária'); $f['daydatetime_format'] = array('type' => 'string', 'required' => 1, 'error' => 'Formato dia, data e hora necessária'); $f['admin_email'] = array('type' => 'email', 'required' => 1, 'error' => 'E-mail válido necessário'); $f['autolock_minutes'] = array('type' => 'int', 'required' => 1, 'error' => 'Digite o tempo de bloqueio em minutos'); //TODO: check option fields for validity. //do the validation. $val = new Validator(); $val->setFields($f); if (!$val->validate($var)) { $errors = array_merge($errors, $val->errors()); } if ($var['ticket_alert_active'] && (!isset($var['ticket_alert_admin']) && !isset($var['ticket_alert_dept_manager']) && !isset($var['ticket_alert_dept_members']))) { $errors['ticket_alert_active'] = 'Sem destinatário(s) selecionado'; } if ($var['message_alert_active'] && (!isset($var['message_alert_laststaff']) && !isset($var['message_alert_assigned']) && !isset($var['message_alert_dept_manager']))) { $errors['message_alert_active'] = 'Sem destinatário(s) selecionado'; } if ($var['note_alert_active'] && (!isset($var['note_alert_laststaff']) && !isset($var['note_alert_assigned']) && !isset($var['note_alert_dept_manager']))) { $errors['note_alert_active'] = 'Sem destinatário(s) selecionado'; } if ($var['strip_quoted_reply'] && !$var['reply_separator']) { $errors['reply_separator'] = 'Separador de resposta necessário (?)'; } if ($var['enable_captcha']) { if (!extension_loaded('gd')) { $errors['enable_captcha'] = 'Extensão GD necessária'; } elseif (!function_exists('imagepng')) { $errors['enable_captcha'] = 'Suporte PNG necessário para a imagem captcha'; } } if (!$errors['admin_email'] && Email::getIdByEmail($var['admin_email'])) { //Make sure admin email is not also a system email. $errors['admin_email'] = 'E-mail já está configurado como e-mail do sistema'; } if ($errors) { return false; } //No go! //We are good to go...blanket update! $sql = 'UPDATE ' . CONFIG_TABLE . ' SET isonline=' . db_input($var['isonline']) . ',timezone_offset=' . db_input($var['timezone_offset']) . ',enable_daylight_saving=' . db_input(isset($var['enable_daylight_saving']) ? 1 : 0) . ',staff_ip_binding=' . db_input(isset($var['staff_ip_binding']) ? 1 : 0) . ',staff_max_logins=' . db_input($var['staff_max_logins']) . ',staff_login_timeout=' . db_input($var['staff_login_timeout']) . ',staff_session_timeout=' . db_input($var['staff_session_timeout']) . ',client_max_logins=' . db_input($var['client_max_logins']) . ',client_login_timeout=' . db_input($var['client_login_timeout']) . ',client_session_timeout=' . db_input($var['client_session_timeout']) . ',max_page_size=' . db_input($var['max_page_size']) . ',log_level=' . db_input($var['log_level']) . ',log_graceperiod=' . db_input($var['log_graceperiod']) . ',max_open_tickets=' . db_input($var['max_open_tickets']) . ',autolock_minutes=' . db_input($var['autolock_minutes']) . ',overdue_grace_period=' . db_input($var['overdue_grace_period']) . ',alert_email_id=' . db_input($var['alert_email_id']) . ',default_email_id=' . db_input($var['default_email_id']) . ',default_dept_id=' . db_input($var['default_dept_id']) . ',default_priority_id=' . db_input($var['default_priority_id']) . ',default_template_id=' . db_input($var['default_template_id']) . ',default_smtp_id=' . db_input($var['default_smtp_id']) . ',spoof_default_smtp=' . db_input($var['default_smtp'] && isset($var['spoof_default_smtp']) ? 1 : 0) . ',clickable_urls=' . db_input(isset($var['clickable_urls']) ? 1 : 0) . ',allow_priority_change=' . db_input(isset($var['allow_priority_change']) ? 1 : 0) . ',use_email_priority=' . db_input(isset($var['use_email_priority']) ? 1 : 0) . ',enable_captcha=' . db_input(isset($var['enable_captcha']) ? 1 : 0) . ',enable_auto_cron=' . db_input(isset($var['enable_auto_cron']) ? 1 : 0) . ',enable_mail_fetch=' . db_input(isset($var['enable_mail_fetch']) ? 1 : 0) . ',enable_email_piping=' . db_input(isset($var['enable_email_piping']) ? 1 : 0) . ',send_sql_errors=' . db_input(isset($var['send_sql_errors']) ? 1 : 0) . ',send_login_errors=' . db_input(isset($var['send_login_errors']) ? 1 : 0) . ',save_email_headers=' . db_input(isset($var['save_email_headers']) ? 1 : 0) . ',strip_quoted_reply=' . db_input(isset($var['strip_quoted_reply']) ? 1 : 0) . ',log_ticket_activity=' . db_input(isset($var['log_ticket_activity']) ? 1 : 0) . ',ticket_autoresponder=' . db_input($var['ticket_autoresponder']) . ',message_autoresponder=' . db_input($var['message_autoresponder']) . ',ticket_notice_active=' . db_input($var['ticket_notice_active']) . ',ticket_alert_active=' . db_input($var['ticket_alert_active']) . ',ticket_alert_admin=' . db_input(isset($var['ticket_alert_admin']) ? 1 : 0) . ',ticket_alert_dept_manager=' . db_input(isset($var['ticket_alert_dept_manager']) ? 1 : 0) . ',ticket_alert_dept_members=' . db_input(isset($var['ticket_alert_dept_members']) ? 1 : 0) . ',message_alert_active=' . db_input($var['message_alert_active']) . ',message_alert_laststaff=' . db_input(isset($var['message_alert_laststaff']) ? 1 : 0) . ',message_alert_assigned=' . db_input(isset($var['message_alert_assigned']) ? 1 : 0) . ',message_alert_dept_manager=' . db_input(isset($var['message_alert_dept_manager']) ? 1 : 0) . ',note_alert_active=' . db_input($var['note_alert_active']) . ',note_alert_laststaff=' . db_input(isset($var['note_alert_laststaff']) ? 1 : 0) . ',note_alert_assigned=' . db_input(isset($var['note_alert_assigned']) ? 1 : 0) . ',note_alert_dept_manager=' . db_input(isset($var['note_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_active=' . db_input($var['overdue_alert_active']) . ',overdue_alert_assigned=' . db_input(isset($var['overdue_alert_assigned']) ? 1 : 0) . ',overdue_alert_dept_manager=' . db_input(isset($var['overdue_alert_dept_manager']) ? 1 : 0) . ',overdue_alert_dept_members=' . db_input(isset($var['overdue_alert_dept_members']) ? 1 : 0) . ',auto_assign_reopened_tickets=' . db_input(isset($var['auto_assign_reopened_tickets']) ? 1 : 0) . ',show_assigned_tickets=' . db_input(isset($var['show_assigned_tickets']) ? 1 : 0) . ',show_answered_tickets=' . db_input(isset($var['show_answered_tickets']) ? 1 : 0) . ',hide_staff_name=' . db_input(isset($var['hide_staff_name']) ? 1 : 0) . ',overlimit_notice_active=' . db_input($var['overlimit_notice_active']) . ',random_ticket_ids=' . db_input($var['random_ticket_ids']) . ',time_format=' . db_input($var['time_format']) . ',date_format=' . db_input($var['date_format']) . ',datetime_format=' . db_input($var['datetime_format']) . ',daydatetime_format=' . db_input($var['daydatetime_format']) . ',reply_separator=' . db_input(trim($var['reply_separator'])) . ',admin_email=' . db_input($var['admin_email']) . ',helpdesk_title=' . db_input($var['helpdesk_title']) . ',helpdesk_url=' . db_input($var['helpdesk_url']) . ' WHERE id=' . $this->getId(); //echo $sql; if (db_query($sql)) { if (db_affected_rows()) { //Something actually changed!!!! $this->reload(); //Reload the new info. require_once INCLUDE_DIR . 'class.cron.php'; Sys::purgeLogs(); //Cleanup the logs --- too bad if it was a mistaken config. Cron::TicketMonitor(); //Age & cleanup } return true; } return false; }
<?php require_once 'app/init.php'; if (!empty($_POST)) { $email = $_POST['email']; $username = $_POST['username']; $password = $_POST['password']; $validator = new Validator($database, $errorHandler); $validation = $validator->check($_POST, ['email' => ['required' => true, 'maxlength' => 255, 'unique' => 'tblTeamMembers', 'email' => true], 'username' => ['required' => true, 'minlength' => 3, 'unique' => 'tblTeamMembers'], 'password' => ['required' => true, 'minlength' => 5]]); if ($validation->fails()) { echo '<pre>', print_r($validator->errors()->all(), true), '</pre>'; } else { $created = $auth->create(['Email_Address' => $email, 'Login_Name' => $username, 'Web_Password' => $password]); if ($created) { header('Location:index.php'); } //echo $hash->make($password); //echo $hash->make($_POST['password']); } } ?> <!DOCTYPE html> <html> <head> <meta charset="utf-8"> <title>Sign In</title> </head> <body> <form action="signup.php" method="post">
Add user */ Route::get('admin/users/add', function () { $vars['messages'] = Notify::read(); $vars['token'] = Csrf::token(); $vars['statuses'] = array('inactive' => __('global.inactive'), 'active' => __('global.active')); $vars['roles'] = array('administrator' => __('global.administrator'), 'editor' => __('global.editor'), 'user' => __('global.user')); return View::create('users/add', $vars)->partial('header', 'partials/header')->partial('footer', 'partials/footer'); }); Route::post('admin/users/add', function () { $input = Input::get(array('username', 'email', 'real_name', 'password', 'bio', 'status', 'role')); $validator = new Validator($input); $validator->check('username')->is_max(3, __('users.username_missing', 2)); $validator->check('email')->is_email(__('users.email_missing')); $validator->check('password')->is_max(6, __('users.password_too_short', 6)); if ($errors = $validator->errors()) { Input::flash(); Notify::error($errors); return Response::redirect('admin/users/add'); } $input['password'] = Hash::make($input['password']); User::create($input); Notify::success(__('users.created')); return Response::redirect('admin/users'); }); /* Delete user */ Route::get('admin/users/delete/(:num)', function ($id) { $self = Auth::user(); if ($self->id == $id) {
$f = array(); $f['title'] = array('type' => 'string', 'required' => 1, 'error' => 'Title required'); $f['url'] = array('type' => 'url', 'required' => 1, 'error' => 'URL required.'); $f['sysemail'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['username'] = array('type' => 'username', 'required' => 1, 'error' => 'Username required'); $f['password'] = array('type' => 'password', 'required' => 1, 'error' => 'Password required'); $f['password2'] = array('type' => 'password', 'required' => 1, 'error' => 'Confirm password'); $f['email'] = array('type' => 'email', 'required' => 1, 'error' => 'Valid email required'); $f['dbhost'] = array('type' => 'string', 'required' => 1, 'error' => 'Hostname required'); $f['dbname'] = array('type' => 'string', 'required' => 1, 'error' => 'Database name required'); $f['dbuser'] = array('type' => 'string', 'required' => 1, 'error' => 'Username required'); $f['dbpass'] = array('type' => 'string', 'required' => 1, 'error' => 'password required'); $f['prefix'] = array('type' => 'string', 'required' => 1, 'error' => 'Table prefix required'); $validate = new Validator($f); if (!$validate->validate($_POST)) { $errors = array_merge($errors, $validate->errors()); } if ($_POST['sysemail'] && $_POST['email'] && !strcasecmp($_POST['sysemail'], $_POST['email'])) { $errors['email'] = 'Conflicts with system email above'; } if (!$errors && strcasecmp($_POST['password'], $_POST['password2'])) { $errors['password2'] = 'passwords to not match!'; } //Check table prefix underscore required at the end! if ($_POST['prefix'] && substr($_POST['prefix'], -1) != '_') { $errors['prefix'] = 'Bad prefix. Must have underscore (_) at the end. e.g \'ost_\''; } //Connect to the DB if (!$errors && !db_connect($_POST['dbhost'], $_POST['dbuser'], $_POST['dbpass'])) { $errors['mysql'] = 'Unable to connect to MySQL server. Possibly invalid login info. <br>'; }
/** * Get error message of a field * * @param $fieldKey * @return mixed */ public static function error($fieldKey, $template = NULL) { if (!session_id()) { session_start(); } if (isset($_SESSION[SESSION_DATA_KEY])) { if (count($_SESSION[SESSION_DATA_KEY]) > 0) { self::$errors = $_SESSION[SESSION_DATA_KEY]; unset($_SESSION[SESSION_DATA_KEY]); } } if (isset(self::$errors[$fieldKey])) { $message = self::$errors[$fieldKey]; if (!is_null($template)) { $message = str_ireplace(":message", $message, $template); } return $message; } return ''; }
public function callAction() { if (isset($_POST)) { $data = []; try { if (!isset($_POST['name'])) { throw new Exception('name'); } $data['name'] = htmlspecialchars($_POST['name']); if (!isset($_POST['phone'])) { throw new Exception('phone'); } $data['phone'] = htmlspecialchars($_POST['phone']); if (!isset($_POST['email'])) { throw new Exception('email'); } $data['email'] = htmlspecialchars($_POST['email']); if (!isset($_POST['comment'])) { throw new Exception('comment'); } $data['comment'] = htmlspecialchars($_POST['comment']); if (!isset($_POST['address'])) { throw new Exception('honeyPot'); } $honeyPot = htmlspecialchars($_POST['address']); $data['honeyPot'] = $honeyPot; // Проверка на бота if ($honeyPot != '') { $this->errorAction(1001, 'Custom system error', ['honeyPot' => 'honeyPot']); } // Валидация $v = new Validator(['name' => $data['name'], 'phone' => $data['phone'], 'email' => $data['email'], 'comment' => $data['comment']]); $v->rule('required', 'comment')->message('comment!'); $v->rule('required', 'name')->message('name!'); $v->rule('regex', 'name', '/^([a-zа-я\\s\\-]+)$/iu')->message('name!!'); $v->rule('required', 'phone')->message('phone!'); $v->rule('phone', 'phone')->message('phone!!'); $v->rule('required', 'email')->message('email!'); $v->rule('email', 'email')->message('email!!'); if ($v->validate()) { $msg = template('email/call', $data); $title = "Вопрос с сайта " . DOMAIN; $mail = new SendMail(); $mail->init(); $mail->setEncoding("utf8"); $mail->setEncType("base64"); $mail->setSubject($title); $mail->setMessage($msg); $mail->setFrom("noreply@" . DOMAIN, "eko"); $emails = MSCore::db()->getCol('SELECT `mail` FROM `' . PRFX . 'mailer`'); foreach ($emails as $email) { $mail->setTo($email); $mail->send(); } $sql = "\n INSERT INTO mp_list(`title`,`text`)\n VALUES('" . $title . "','" . $msg . "');\n "; MSCore::db()->execute($sql); $this->addData(['succes' => 'Ok']); $this->successAction(); } else { $errors = $v->errors(); foreach ($errors as $_name => $_error) { if (is_array($_error)) { $errors[$_name] = reset($_error); } } $this->errorAction(1001, 'Custom system error', ['data' => $data, 'error' => $errors]); } } catch (Exception $exception) { $error = $exception->getMessage(); $this->errorAction(1001, 'Custom system error', ['error' => $error, 'postArgument' => 'noPostArgument']); } } }