public function _ajax_get_view() { global $zendesk_support; $agents = Zendesk_Wordpress_Agents::get_instance(); if (isset($_REQUEST['view_id']) && is_numeric($_REQUEST['view_id']) && $agents->_is_agent()) { $requested_view = $_REQUEST['view_id']; // Is somebody trying to cheat? $dashboard_widget = Zendesk_Wordpress_Dashboard_Widget::get_instance(); if ($dashboard_widget->_get_current_user_dashboard_widget() != 'tickets-widget') { return; } $views = $zendesk_support->api->get_views(); if (!is_wp_error($views)) { foreach ($views as $view) { if ($view->id == $requested_view) { $zendesk_support->zendesk_user['default_view'] = array('id' => $view->id, 'title' => $view->title); update_user_meta($zendesk_support->user->ID, 'zendesk_user_options', $zendesk_support->zendesk_user); break; } } } // API requests based on the Zendesk role. $tickets = $zendesk_support->api->get_tickets_from_view((int) $zendesk_support->zendesk_user['default_view']['id']); // Empty the arrays if they are errors. if (is_wp_error($tickets)) { $tickets = array(); } $response = array('status' => 200, 'html' => Zendesk_Wordpress_Tickets::_get_tickets_widget_html($tickets)); } else { $response = array('status' => 403, 'error' => __('Access denied', 'zendesk')); } echo json_encode($response); die; }
public function _process_forms() { // Logout if (isset($_REQUEST['zendesk-logout']) && $this->zendesk_user) { $this->zendesk_user = false; delete_user_meta($this->user->ID, 'zendesk_user_options'); wp_redirect(admin_url('?zendesk-logout-success=true')); die; } // Display a logout success message if (isset($_REQUEST['zendesk-logout-success'])) { $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_login', __('You have successfully logged out of your Zendesk account.', 'zendesk'), 'confirm'); } // Change tickets view, probably never reached since an AJAX call // is more likely to respond to such a request. Lave this just in case. if (isset($_REQUEST['zendesk-tickets-change-view']) && is_numeric($_REQUEST['zendesk-tickets-change-view']) && $this->zendesk_user) { // Is somebody trying to cheat? $dashboard_widget = Zendesk_Wordpress_Dashboard_Widget::get_instance(); if ($dashboard_widget->_get_current_user_dashboard_widget() != 'tickets-widget') { $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_login', __('You are not allowed to view the tickets widget', 'zendesk'), 'alert'); return; } // Fire a request to catch all available views. $requested_view = (int) $_REQUEST['zendesk-tickets-change-view']; $views = $this->api->get_views(); if (!is_wp_error($views)) { // Loop through the views and update the user meta. foreach ($views as $view) { if ($view->id == $requested_view) { $this->zendesk_user['default_view'] = array('id' => $view->id, 'title' => $view->title); // Update and redirect. update_user_meta($this->user->ID, 'zendesk_user_options', $this->zendesk_user); wp_redirect(admin_url()); die; } } } else { // Views could not be fetched $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_tickets_widget', $views->get_error_message(), 'alert'); return; } } // Gather and validate some form data if (!isset($_POST['zendesk-form-submit'], $_POST['zendesk-form-context'], $_POST['zendesk-form-data'])) { return; } $context = $_POST['zendesk-form-context']; $form_data = $_POST['zendesk-form-data']; // Pick the right form processor switch ($context) { case 'login': if ($this->has_empty_fields($form_data)) { $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_login', __('All fields are required. Please try again.', 'zendesk'), 'alert'); return; } $username = $form_data['username']; $password = $form_data['password']; $auth = $this->api->authenticate($username, $password); if (!is_wp_error($auth)) { // Get the user views $views = $this->api->get_views(); if (!is_wp_error($views)) { $default_view = array_shift($views); } else { $default_view = new stdClass(); $default_view->id = 0; $default_view->title = __('My open requests', 'zendesk'); } // Since this is not a remote auth set remote_auth to // false. $this->zendesk_user = array('username' => $username, 'password' => $password, 'role' => $auth->role, 'default_view' => array('id' => $default_view->id, 'title' => $default_view->title)); $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_login', sprintf(__('Howdy, <strong>%s</strong>! You are now logged in to Zendesk.', 'zendesk'), $auth->name), 'confirm'); update_user_meta($this->user->ID, 'zendesk_user_options', $this->zendesk_user); } else { $notices = Zendesk_Wordpress_Notices::get_instance(); $notices->_add_notice('zendesk_login', $auth->get_error_message(), 'alert'); } break; case 'create-ticket': $notices = Zendesk_Wordpress_Notices::get_instance(); $agents = Zendesk_Wordpress_Agents::get_instance(); // Is somebody trying to cheat? $dashboard_widget = Zendesk_Wordpress_Dashboard_Widget::get_instance(); if ($dashboard_widget->_get_current_user_dashboard_widget() != 'contact-form') { $notices->_add_notice('zendesk_login', __('You are not allowed to view the contact form.', 'zendesk'), 'alert'); return; } if (!isset($form_data['summary'], $form_data['details'])) { $notices->_add_notice('zendesk_contact_form', __('All fields are required. Please try again.', 'zendesk'), 'alert'); return; } $summary = strip_tags(stripslashes(trim($form_data['summary']))); $details = strip_tags(stripslashes(trim($form_data['details']))); // Quick validation if (empty($summary) || empty($details)) { $notices->_add_notice('zendesk_contact_form', __('All fields are required. Please try again.', 'zendesk'), 'alert'); return; } // Either tickets.json or requests.json based on user role. if ($agents->_is_agent()) { // Agent requests $response = $this->api->create_ticket($summary, $details); } elseif (!$agents->_is_agent() && $this->zendesk_user) { // End-users request (logged in) $response = $this->api->create_request($summary, $details); } else { // Anonymous requests (if allowed in plugin settings) if ($this->settings['contact_form_anonymous'] && $agents->_is_agent($this->settings['contact_form_anonymous_user'])) { // Find the agent to fire anonymous requests $agent = $agents->_get_agent($this->settings['contact_form_anonymous_user']); // Make sure the agent is there and is an agent (again) if (!$agent) { $notices->_add_notice('zendesk_contact_form', __('Something went wrong. We could not use the agent to fire this request.', 'zendesk'), 'alert'); break; } // Awkwward! if ($agent['username'] == $this->user->user_email) { $notices->_add_notice('zendesk_contact_form', sprintf(__('Wow, you managed to fire a request "on behalf of" yourself! Why don\'t you <a href="%s">login first</a>?', 'zendesk'), admin_url('?zendesk-login-form=true')), 'alert'); break; } // Clone the current API settings and change the authentication pair $api = clone $this->api; $api->authenticate($agent['username'], $agent['password'], false); // Fire a new ticket using the current user's name and email, similar to comments to tickets thing. $response = $api->create_ticket($summary, $details, $this->user->display_name, $this->user->user_email); // Get rid of the cloned object unset($api); } } // Error handling if (!is_wp_error($response)) { $notices->_add_notice('zendesk_contact_form', __('Your request has been created successfully!', 'zendesk'), 'confirm'); } else { $notices->_add_notice('zendesk_contact_form', $response->get_error_message(), 'alert'); } break; } }