AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Fix Broken API due to incorrect named function https://forum.itflow.org/d/119-api-broken

This commit is contained in:
johnnyq 2023-03-14 18:59:43 -04:00
parent 37e21e963b
commit 3f028e8560
3 changed files with 18 additions and 11 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
api/v1/validate_api_key.php
View File

@ -17,8 +17,8 @@ header('Content-Type: application/json');
$_POST = json_decode(file_get_contents('php://input'), true);
// Get IP & UA
$ip = santizeInput(getIP());
$user_agent = santizeInput($_SERVER['HTTP_USER_AGENT']);
$ip = sanitizeInput(getIP());
$user_agent = sanitizeInput($_SERVER['HTTP_USER_AGENT']);
// Setup return array
$return_arr = array();
@ -56,15 +56,15 @@ if (!isset($_GET['api_key']) && !isset($_POST['api_key'])) {
// Set API key variable
if (isset($_GET['api_key'])) {
$api_key = santizeInput($_GET['api_key']);
$api_key = sanitizeInput($_GET['api_key']);
}
if (isset($_POST['api_key'])) {
$api_key = santizeInput($_POST['api_key']);
$api_key = sanitizeInput($_POST['api_key']);
}
// Validate API key
if (isset($api_key)) {
$api_key = santizeInput($api_key);
$api_key = sanitizeInput($api_key);
$sql = mysqli_query($mysqli, "SELECT * FROM api_keys WHERE api_key_secret = '$api_key' AND api_key_expire > NOW() LIMIT 1");

17
cron_ticket_email_parser.php
View File

@ -61,10 +61,11 @@ function addTicket($contact_id, $contact_name, $contact_email, $client_id, $date
mysqli_query($mysqli, "UPDATE settings SET config_ticket_next_number = $new_config_ticket_next_number WHERE company_id = 1");
// Prep ticket details
$message = nl2br(htmlentities(strip_tags($message)));
$message = trim(mysqli_real_escape_string($mysqli, "<i>Email from: $contact_email at $date:-</i> <br><br>$message"));
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message', ticket_priority = 'Low', ticket_status = 'Open', ticket_created_by = '0', ticket_contact_id = $contact_id, ticket_client_id = $client_id");
//$message = nl2br(htmlentities(strip_tags($message)));
$message = mysqli_real_escape_string($mysqli, nl2br($message));
$message = mysqli_real_escape_string($mysqli, "<i>Email from: $contact_email at $date:-</i> <br><br>$message");
mysqli_query($mysqli, "INSERT INTO tickets SET ticket_prefix = '$config_ticket_prefix', ticket_number = $ticket_number, ticket_subject = '$subject', ticket_details = '$message', ticket_priority = 'Low', ticket_status = 'Open', ticket_created_by = 0, ticket_contact_id = $contact_id, ticket_client_id = $client_id");
$id = mysqli_insert_id($mysqli);
// Logging
@ -234,8 +235,14 @@ if ($emails) {
$subject = sanitizeInput($parser->getHeader('subject'));
$date = trim(mysqli_real_escape_string($mysqli, htmlentities(strip_tags($parser->getHeader('date')))));
$message = $parser->getMessageBody('text');
//$message .= $parser->getMessageBody('htmlEmbedded');
//$text = "Some Text";
//$message = str_replace("</body>", "<p>{$text}</p></body>", $message);
// Check if we can identify a ticket number (in square brackets)

2
portal/tickets.php
View File

@ -45,7 +45,7 @@ $total_tickets = intval($row['total_tickets']);
<div class="row">
<div class="col-md-1 text-center">
<?php if (!empty($session_contact_photo)) { ?>
<img src="<?php echo "../uploads/clients/$session_company_id/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<img src="<?php echo "../uploads/clients/$session_client_id/$session_contact_photo"; ?>" alt="..." height="50" width="50" class="img-circle img-responsive">
<?php } else { ?>