AS1024
/
itflow
mirror of https://github.com/itflow-org/itflow
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

fix conflitct

This commit is contained in:
Hugo Sampaio 2025-02-10 10:31:03 -03:00
parent 00a9c53fc4
commit eac46d0da0
1 changed files with 167 additions and 9 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

176
ajax.php
View File

@ -15,6 +15,7 @@ require_once "plugins/totp/totp.php";
* Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
*/
if (isset($_GET['certificate_fetch_parse_json_details'])) {
enforceUserPermission('module_support');
// PHP doesn't appreciate attempting SSL sockets to non-existent domains
if (empty($_GET['domain'])) {
@ -43,7 +44,7 @@ if (isset($_GET['certificate_fetch_parse_json_details'])) {
* Looks up info for a given certificate ID from the database, used to dynamically populate modal fields
*/
if (isset($_GET['certificate_get_json_details'])) {
validateTechRole();
enforceUserPermission('module_support');
$certificate_id = intval($_GET['certificate_id']);
$client_id = intval($_GET['client_id']);
@ -109,7 +110,7 @@ if (isset($_GET['domain_get_json_details'])) {
* Looks up info on the ticket number provided, used to populate the ticket merge modal
*/
if (isset($_GET['merge_ticket_get_json_details'])) {
validateTechRole();
enforceUserPermission('module_support');
$merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
@ -134,7 +135,7 @@ if (isset($_GET['merge_ticket_get_json_details'])) {
* Looks up info for a given network ID from the database, used to dynamically populate modal fields
*/
if (isset($_GET['network_get_json_details'])) {
validateTechRole();
enforceUserPermission('module_support');
$network_id = intval($_GET['network_id']);
$client_id = intval($_GET['client_id']);
@ -159,6 +160,8 @@ if (isset($_GET['network_get_json_details'])) {
}
if (isset($_POST['client_set_notes'])) {
enforceUserPermission('module_client', 2);
$client_id = intval($_POST['client_id']);
$notes = sanitizeInput($_POST['notes']);
@ -171,6 +174,8 @@ if (isset($_POST['client_set_notes'])) {
}
if (isset($_POST['contact_set_notes'])) {
enforceUserPermission('module_client', 2);
$contact_id = intval($_POST['contact_id']);
$notes = sanitizeInput($_POST['notes']);
@ -191,6 +196,8 @@ if (isset($_POST['contact_set_notes'])) {
}
if (isset($_POST['asset_set_notes'])) {
enforceUserPermission('module_support', 2);
$asset_id = intval($_POST['asset_id']);
$notes = sanitizeInput($_POST['notes']);
@ -211,7 +218,7 @@ if (isset($_POST['asset_set_notes'])) {
}
/*
* Collision Detection/Avoidance
* Ticketing Collision Detection/Avoidance
* Called upon loading a ticket, and every 2 mins thereafter
* Is used in conjunction with ticket_query_views to show who is currently viewing a ticket
*/
@ -222,7 +229,7 @@ if (isset($_GET['ticket_add_view'])) {
}
/*
* Collision Detection/Avoidance
* Ticketing Collision Detection/Avoidance
* Returns formatted text of the agents currently viewing a ticket
* Called upon loading a ticket, and every 2 mins thereafter
*/
@ -255,7 +262,7 @@ if (isset($_GET['ticket_query_views'])) {
* Generates public/guest links for sharing logins/docs
*/
if (isset($_GET['share_generate_link'])) {
validateTechRole();
enforceUserPermission('module_support', 2);
$item_encrypted_username = ''; // Default empty
$item_encrypted_credential = ''; // Default empty
@ -375,7 +382,7 @@ if (isset($_GET['share_generate_link'])) {
* Looks up info for a given recurring (was scheduled) ticket ID from the database, used to dynamically populate modal edit fields
*/
if (isset($_GET['recurring_ticket_get_json_details'])) {
validateTechRole();
enforceUserPermission('module_support');
$client_id = intval($_GET['client_id']);
$ticket_id = intval($_GET['ticket_id']);
@ -426,6 +433,8 @@ if (isset($_GET['recurring_ticket_get_json_details'])) {
* Looks up info for a given quote ID from the database, used to dynamically populate modal fields
*/
if (isset($_GET['quote_get_json_details'])) {
enforceUserPermission('module_sales');
$quote_id = intval($_GET['quote_id']);
// Get quote details
@ -462,6 +471,7 @@ if (isset($_GET['quote_get_json_details'])) {
* Returns sorted list of active clients
*/
if (isset($_GET['get_active_clients'])) {
enforceUserPermission('module_client');
$client_sql = mysqli_query(
$mysqli,
@ -481,6 +491,8 @@ if (isset($_GET['get_active_clients'])) {
* Returns ordered list of active contacts for a specified client
*/
if (isset($_GET['get_client_contacts'])) {
enforceUserPermission('module_client');
$client_id = intval($_GET['client_id']);
$contact_sql = mysqli_query(
@ -502,7 +514,7 @@ if (isset($_GET['get_client_contacts'])) {
* When provided with a login ID, checks permissions and returns the 6-digit code
*/
if (isset($_GET['get_totp_token_via_id'])) {
validateTechRole();
enforceUserPermission('module_credential');
$login_id = intval($_GET['login_id']);
@ -530,6 +542,152 @@ if (isset($_GET['get_readable_pass'])) {
echo json_encode(GenerateReadablePassword(4));
}
/*
* ITFlow - POST request handler for client tickets
*/
if (isset($_POST['update_kanban_status_position'])) {
// Update multiple ticket status kanban orders
enforceUserPermission('module_support', 2);
$positions = $_POST['positions'];
foreach ($positions as $position) {
$status_id = intval($position['status_id']);
$kanban = intval($position['status_kanban']);
mysqli_query($mysqli, "UPDATE ticket_statuses SET ticket_status_order = $kanban WHERE ticket_status_id = $status_id");
}
// return a response
echo json_encode(['status' => 'success']);
exit;
}
if (isset($_POST['update_kanban_ticket'])) {
// Update ticket kanban order and status
enforceUserPermission('module_support', 2);
// all tickets on the column
$positions = $_POST['positions'];
foreach ($positions as $position) {
$ticket_id = intval($position['ticket_id']);
$kanban = intval($position['ticket_order']); // ticket kanban position
$status = intval($position['ticket_status']); // ticket statuses
$oldStatus = intval($position['ticket_oldStatus']); // ticket old status if moved
$statuses['Closed'] = 5;
$statuses['Resolved'] = 4;
// Continue if status is null / Closed
if ($status === null || $status === $statuses['Closed']) {
continue;
}
if ($oldStatus === false) {
// if ticket was not moved, just uptdate the order on kanban
mysqli_query($mysqli, "UPDATE tickets SET ticket_order = $kanban WHERE ticket_id = $ticket_id");
customAction('ticket_update', $ticket_id);
} else {
// If the ticket was moved from a resolved status to another status, we need to update ticket_resolved_at
if ($oldStatus === $statuses['Resolved']) {
mysqli_query($mysqli, "UPDATE tickets SET ticket_order = $kanban, ticket_status = $status, ticket_resolved_at = NULL WHERE ticket_id = $ticket_id");
customAction('ticket_update', $ticket_id);
} elseif ($status === $statuses['Resolved']) {
// If the ticket was moved to a resolved status, we need to update ticket_resolved_at
mysqli_query($mysqli, "UPDATE tickets SET ticket_order = $kanban, ticket_status = $status, ticket_resolved_at = NOW() WHERE ticket_id = $ticket_id");
customAction('ticket_update', $ticket_id);
// Client notification email
if (!empty($config_smtp_host) && $config_ticket_client_general_notifications == 1) {
// Get details
$ticket_sql = mysqli_query($mysqli, "SELECT contact_name, contact_email, ticket_prefix, ticket_number, ticket_subject, ticket_status_name, ticket_assigned_to, ticket_url_key, ticket_client_id FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id
LEFT JOIN ticket_statuses ON ticket_status = ticket_status_id
WHERE ticket_id = $ticket_id
");
$row = mysqli_fetch_array($ticket_sql);
$contact_name = sanitizeInput($row['contact_name']);
$contact_email = sanitizeInput($row['contact_email']);
$ticket_prefix = sanitizeInput($row['ticket_prefix']);
$ticket_number = intval($row['ticket_number']);
$ticket_subject = sanitizeInput($row['ticket_subject']);
$client_id = intval($row['ticket_client_id']);
$ticket_assigned_to = intval($row['ticket_assigned_to']);
$ticket_status = sanitizeInput($row['ticket_status_name']);
$url_key = sanitizeInput($row['ticket_url_key']);
// Sanitize Config vars from get_settings.php
$config_ticket_from_name = sanitizeInput($config_ticket_from_name);
$config_ticket_from_email = sanitizeInput($config_ticket_from_email);
$config_base_url = sanitizeInput($config_base_url);
// Get Company Info
$sql = mysqli_query($mysqli, "SELECT company_name, company_phone FROM companies WHERE company_id = 1");
$row = mysqli_fetch_array($sql);
$company_name = sanitizeInput($row['company_name']);
$company_phone = sanitizeInput(formatPhoneNumber($row['company_phone']));
// EMAIL
$subject = "Ticket resolved - [$ticket_prefix$ticket_number] - $ticket_subject | (pending closure)";
$body = "<i style=\'color: #808080\'>##- Please type your reply above this line -##</i><br><br>Hello $contact_name,<br><br>Your ticket regarding $ticket_subject has been marked as solved and is pending closure.<br><br>If your request/issue is resolved, you can simply ignore this email. If you need further assistance, please reply or <a href=\'https://$config_base_url/guest/guest_view_ticket.php?ticket_id=$ticket_id&url_key=$url_key\'>re-open</a> to let us know! <br><br>Ticket: $ticket_prefix$ticket_number<br>Subject: $ticket_subject<br>Status: $ticket_status<br>Portal: <a href=\'https://$config_base_url/guest/guest_view_ticket.php?ticket_id=$ticket_id&url_key=$url_key\'>View ticket</a><br><br>--<br>$company_name - Support<br>$config_ticket_from_email<br>$company_phone";
// Check email valid
if (filter_var($contact_email, FILTER_VALIDATE_EMAIL)) {
$data = [];
// Email Ticket Contact
// Queue Mail
$data[] = [
'from' => $config_ticket_from_email,
'from_name' => $config_ticket_from_name,
'recipient' => $contact_email,
'recipient_name' => $contact_name,
'subject' => $subject,
'body' => $body
];
}
// Also Email all the watchers
$sql_watchers = mysqli_query($mysqli, "SELECT watcher_email FROM ticket_watchers WHERE watcher_ticket_id = $ticket_id");
$body .= "<br><br>----------------------------------------<br>YOU ARE A COLLABORATOR ON THIS TICKET";
while ($row = mysqli_fetch_array($sql_watchers)) {
$watcher_email = sanitizeInput($row['watcher_email']);
// Queue Mail
$data[] = [
'from' => $config_ticket_from_email,
'from_name' => $config_ticket_from_name,
'recipient' => $watcher_email,
'recipient_name' => $watcher_email,
'subject' => $subject,
'body' => $body
];
}
addToMailQueue($data);
}
//End Mail IF
} else {
// If the ticket was moved from any status to another status
mysqli_query($mysqli, "UPDATE tickets SET ticket_order = $kanban, ticket_status = $status WHERE ticket_id = $ticket_id");
customAction('ticket_update', $ticket_id);
}
}
}
// return a response
echo json_encode(['status' => 'success','payload' => $positions]);
exit;
}
if (isset($_POST['update_ticket_tasks_order'])) {
// Update multiple ticket tasks order
enforceUserPermission('module_support', 2);
@ -537,7 +695,7 @@ if (isset($_POST['update_ticket_tasks_order'])) {
$positions = $_POST['positions'];
$ticket_id = intval($_POST['ticket_id']);
foreach ($positions as $position) {
foreach ($positions as $position) {
$id = intval($position['id']);
$order = intval($position['order']);