File: 0.00.0a/api.php (View as HTML)

  1: <?php 
  2: /* -------------------------------------------------------------
  3: This file is part of FreeDESK
  4: 
  5: FreeDESK is (C) Copyright 2012 David Cutting
  6: 
  7: FreeDESK is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeDESK is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeDESK.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freedesk/
 21: -------------------------------------------------------------- */
 22: 
 23: ob_start();
 24: include("core/FreeDESK.php");
 25: $DESK = new FreeDESK("./");
 26: $DESK->Start();
 27: ob_end_clean();
 28: 
 29: header("Content-type: text/xml");
 30: header("Expires: Tue, 27 Jul 1997 01:00:00 GMT");
 31: header("Cache-Control: no-store, no-cache, must-revalidate");
 32: header("Cache-Control: post-check=0, pre-check=0", false);
 33: header("Pragma: no-cache");
 34: 
 35: if (!isset($_REQUEST['mode']))
 36: {
 37: 	$error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode");
 38: 	echo $error->XML(true);
 39: 	exit();
 40: }
 41: 
 42: if ($_REQUEST['mode']=="login")
 43: {
 44: 	//echo $_REQUEST['username'].$_REQUEST['password'];
 45: 	// TODO: Other Login Modes
 46: 	if ($DESK->ContextManager->Open(ContextType::User, "", $_REQUEST['username'], $_REQUEST['password']))
 47: 	{
 48: 		echo $DESK->ContextManager->Session->XML(true);
 49: 		exit();
 50: 	}
 51: 	else // Login failed
 52: 	{
 53: 		$error = new FreeDESK_Error(ErrorCode::FailedLogin, "Login Failed");
 54: 		echo $error->XML(true);
 55: 		exit();
 56: 	}
 57: }
 58: else if ($_REQUEST['mode']=="logout")
 59: {
 60: 	if ($DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
 61: 		$DESK->ContextManager->Destroy();
 62: 	$xml = new xmlCreate();
 63: 	$xml->charElement("logout","1");
 64: 	echo $xml->getXML(true);
 65: 	exit();
 66: }
 67: 
 68: if (!$DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
 69: {
 70: 	$error = new FreeDESK_Error(ErrorCode::SessionExpired, "Session Expired");
 71: 	echo $error->XML(true);
 72: 	exit();
 73: }
 74: 
 75: if ($_REQUEST['mode']=="requests_assigned")
 76: {
 77: 	$team = isset($_REQUEST['teamid']) ? $_REQUEST['teamid'] : 0;
 78: 	$user = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
 79: 	$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : "";
 80: 	$order = isset($_REQUEST['order']) && $_REQUEST['order']=="D" ? "DESC" : "ASC";
 81: 	$list = $DESK->RequestManager->FetchAssigned($team, $user, $sort, $order);
 82: 	echo xmlCreate::getHeader()."\n";
 83: 	echo "<request-list>\n";
 84: 	foreach($list as $item)
 85: 	{
 86: 		echo $item->XML(false)."\n";
 87: 	}
 88: 	echo "</request-list>\n";
 89: 	exit();
 90: }
 91: 
 92: if ($_REQUEST['mode']=="entity_search")
 93: {
 94: 	$entity = $DESK->DataDictionary->GetTable($_REQUEST['entity']);
 95: 	
 96: 	if ($entity === false || !$entity->editable)
 97: 	{
 98: 		//
 99: 	}
100: 	
101: 	if (!$DESK->ContextManager->Permission("entity_view.".$_REQUEST['entity']))
102: 	{
103: 		//
104: 	}
105: 
106: 	// ENTITY MANAGER
107: 	$q="SELECT * FROM ".$DESK->Database->Table($entity->entity);
108: 	
109: 	
110: 	$qb = new QueryBuilder();
111: 	$fieldcount = 0;
112: 	foreach($entity->fields as $key => $field)
113: 	{
114: 		if ($field->searchable && isset($_REQUEST[$key]) && ($_REQUEST[$key]!=""))
115: 		{
116: 			if ($fieldcount++ > 0)
117: 				$qb->AddOperation(QueryType::opAND);
118: 			
119: 			if ( ($field->type==DD_FieldType::Char || $field->type==DD_FieldType::Text)  &&
120: 					strpos($_REQUEST[$key], "%") !== true )
121: 				$qb->Add($key, QueryType::Like, $DESK->Database->SafeQuote($_REQUEST[$key]));
122: 			else
123: 				$qb->Add($key, QueryType::Equal, $DESK->Database->SafeQuote($_REQUEST[$key]));
124: 		}
125: 	}
126: 	
127: 
128: 	
129: 	if (isset($_REQUEST['start']))
130: 		$start=$_REQUEST['start'];
131: 	else
132: 		$start = 0;
133: 	
134: 	if (isset($_REQUEST['limit']))
135: 		$limit=$_REQUEST['limit'];
136: 	else
137: 		$limit = 30;
138: 
139: 
140: 	$wc = $DESK->Database->Clause($qb);
141: 	
142: 	if ($wc != "")
143: 		$q.=" WHERE ".$wc;
144: 	
145: 	$meta = array(
146: 		"start" => $start,
147: 		"limit" => $limit );
148: 	
149: 	$r=$DESK->Database->Query($q);
150: 	
151: 	$meta["count"]=$DESK->Database->NumRows($r);
152: 	
153: 	if ($meta["count"]>$limit)
154: 	{
155: 		$q.=" LIMIT ".$DESK->Database->Safe($start).",".$DESK->Database->Safe($limit);
156: 		$DESK->Database->Free($r);
157: 		$r=$DESK->Database->Query($q);
158: 	}
159: 	
160: 	$xml = new xmlCreate();
161: 	$xml->startElement("search-results");
162: 	$xml->startElement("meta");
163: 	foreach($meta as $key => $val)
164: 		$xml->charElement($key, $val);
165: 	$keyfield="";
166: 	foreach($entity->fields as $key => $field)
167: 	{
168: 		if ($field->keyfield)
169: 			$keyfield=$field->field;
170: 		$xml->startElement("field-data");
171: 		$xml->charElement("id",$field->field);
172: 		$xml->charElement("name",$field->name, 0, false, true);
173: 		$xml->endElement("field-data");
174: 	}
175: 	$xml->charElement("keyfield",$keyfield);
176: 	$xml->endElement("meta");
177: 	
178: 	while($row=$DESK->Database->FetchAssoc($r))
179: 	{
180: 		$xml->startElement("entity");
181: 		foreach($row as $key => $val)
182: 		{
183: 			$xml->charElement("field", $val, array("id"=>$key), false, true);
184: 		}
185: 		$xml->endElement("entity");
186: 	}
187: 	$DESK->Database->Free($r);
188: 	
189: 	$xml->endElement("search-results");
190: 	
191: 	echo $xml->getXML(true);
192: 	exit();
193: }
194: 	
195: else if ($_REQUEST['mode'] == "entity_save")
196: {
197: 	$entity = $_REQUEST['entity'];
198: 	$table = $DESK->DataDictionary->GetTable($entity);
199: 	
200: 	if ($entity === false)
201: 	{
202: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
203: 		echo $err->XML(true);
204: 		exit();
205: 	}
206: 	
207: 	$keyfield = $table->keyfield;
208: 	
209: 	$data = $DESK->EntityManager->Load($entity, $_REQUEST[$keyfield]);
210: 	
211: 	
212: 	if ($data === false)
213: 	{
214: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Loaded)");
215: 		echo $err->XML(true);
216: 		exit();
217: 	}
218: 	
219: 	foreach($table->fields as $id => $field)
220: 	{
221: 		if ($id != $keyfield)
222: 			if (isset($_REQUEST[$id]))
223: 				$data->Set($id, $_REQUEST[$id]);
224: 	}
225: 	
226: 	$result = $DESK->EntityManager->Save($data);
227: 	
228: 	if ($result)
229: 	{
230: 		$xml = new xmlCreate();
231: 		$xml->charElement("operation","1");
232: 		echo $xml->getXML(true);
233: 		exit();
234: 	}
235: 	else
236: 	{
237: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
238: 		echo $err->XML(true);
239: 		exit();
240: 	}
241: }
242: 
243: else if ($_REQUEST['mode'] == "entity_create")
244: {
245: 	$entity = $_REQUEST['entity'];
246: 	$table = $DESK->DataDictionary->GetTable($entity);
247: 	
248: 	if ($entity === false)
249: 	{
250: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
251: 		echo $err->XML(true);
252: 		exit();
253: 	}
254: 	
255: 	$data = $DESK->EntityManager->Create($entity);
256: 	
257: 	foreach($table->fields as $id => $field)
258: 	{
259: 		if ($id != $keyfield)
260: 			if (isset($_REQUEST[$id]))
261: 				$data->Set($id, $_REQUEST[$id]);
262: 	}
263: 	
264: 	$result = $DESK->EntityManager->Insert($data);
265: 	
266: 	if ($result)
267: 	{
268: 		$xml = new xmlCreate();
269: 		$xml->charElement("operation","1");
270: 		echo $xml->getXML(true);
271: 		exit();
272: 	}
273: 	else
274: 	{
275: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
276: 		echo $err->XML(true);
277: 		exit();
278: 	}
279: }
280: 
281: else if ($_REQUEST['mode'] == "user_edit")
282: {
283: 	if (!$DESK->ContextManager->Permission("user_admin"))
284: 	{
285: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
286: 		echo $error->XML(true);
287: 		exit();
288: 	}
289: 	
290: 	$q = "UPDATE ".$DESK->Database->Table("user")." SET ";
291: 	
292: 	$q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']).",";
293: 	$q.=$DESK->Database->Field("realname")."=".$DESK->Database->SafeQuote($_REQUEST['realname']).",";
294: 	$q.=$DESK->Database->Field("email")."=".$DESK->Database->SafeQuote($_REQUEST['email']).",";
295: 	$q.=$DESK->Database->Field("permgroup")."=".$DESK->Database->SafeQuote($_REQUEST['permgroup']);
296: 	
297: 	$q.=" WHERE ".$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['original_username']);
298: 	
299: 	$DESK->Database->Query($q);
300: 	
301: 	if (isset($_REQUEST['password']) && $_REQUEST['password']!="")
302: 	{
303: 		$amb = new AuthMethodStandard($DESK);
304: 		$amb->SetPassword($_REQUEST['username'], $_REQUEST['password']);
305: 	}
306: 	
307: 	$q="DELETE FROM ".$DESK->Database->Table("teamuserlink")." WHERE ".$DESK->Database->Field("username")."="
308: 		.$DESK->Database->SafeQuote($_REQUEST['original_username']);
309: 	$DESK->Database->Query($q);
310: 	
311: 	if (isset($_REQUEST['team']))
312: 	{
313: 		foreach($_REQUEST['team'] as $team)
314: 		{
315: 			$q="INSERT INTO ".$DESK->Database->Table("teamuserlink")."(".$DESK->Database->Field("username").","
316: 				.$DESK->Database->Field("teamid").") VALUES(".$DESK->Database->SafeQuote($_REQUEST['username']).","
317: 				.$DESK->Database->Safe($team).")";
318: 			$DESK->Database->Query($q);
319: 		}
320: 	}
321: 	
322: 	$xml = new xmlCreate();
323: 	$xml->charElement("operation","1");
324: 	echo $xml->getXML(true);
325: 	exit();
326: }
327: 
328: else if ($_REQUEST['mode'] == "request_update")
329: {
330: 	// TODO: PERMISSIONS + PUBLIC
331: 	
332: 	$public=false;
333: 	if (isset($_REQUEST['public']) && $_REQUEST['public']==1)
334: 		$public=true;
335: 	
336: 	$req = $DESK->RequestManager->Fetch($_REQUEST['requestid']);
337: 	if ($req === false)
338: 	{
339: 		$error = new FreeDESK_Error(ErrorCode::UnknownRequest, "Unknown Request");
340: 		echo $error->XML(true);
341: 		exit();
342: 	}
343: 	
344: 	if (isset($_REQUEST['update']) && $_REQUEST['update']!="")
345: 		$req->Update($_REQUEST['update'], $public);
346: 	
347: 	if (isset($_REQUEST['status']) && $_REQUEST['status']!="" && $_REQUEST['status']!=" " && is_numeric($_REQUEST['status']))
348: 		$req->Status($_REQUEST['status'], $public);
349: 	
350: 	// TODO: ASSIGNMENT PERMISSION
351: 	if (isset($_REQUEST['assign']) && $_REQUEST['assign'] != "" && $_REQUEST['assign'] != " ") // Composite assignment
352: 	{
353: 		$team = 0;
354: 		$user = "";
355: 		
356: 		$assign = $_REQUEST['assign'];
357: 		
358: 		if (is_numeric($assign)) // just a team
359: 			$team = $assign;
360: 		else
361: 		{
362: 			$parts = explode("/",$assign);
363: 			$team = $parts[0];
364: 			if (isset($parts[1]))
365: 				$user=$parts[1];
366: 		}
367: 		
368: 		$req->Assign($team, $user, $public);
369: 	}
370: 	
371: 	
372: 	$xml = new xmlCreate();
373: 	$xml->charElement("operation","1");
374: 	echo $xml->getXML(true);
375: 	exit();
376: }
377: 
378: else if ($_REQUEST['mode'] == 'request_create')
379: {
380: 	if (isset($_REQUEST['class']))
381: 		$class = $_REQUEST['class'];
382: 	else
383: 		$class = "";
384: 	
385: 	// Request of required class
386: 	$req = $DESK->RequestManager->CreateById($class);
387: 	
388: 	// Assignment of request: TODO permissions for this!
389: 	$team=0;
390: 	$user="";
391: 	
392: 	if (isset($_REQUEST['assign']))
393: 	{
394: 		if (is_numeric($assign)) // just a team
395: 			$team = $assign;
396: 		else
397: 		{
398: 			$parts = explode("/",$assign);
399: 			$team = $parts[0];
400: 			if (isset($parts[1]))
401: 				$user=$parts[1];
402: 		}
403: 	}
404: 	
405: 	$id = $req->Create($_REQUEST['customer'], $_REQUEST['update'], $class, $_REQUEST['status'], 
406: 		$team, $user);
407: 	
408: 	$xml = new xmlCreate();
409: 	$xml->charElement("request", $id);
410: 	echo $xml->getXML(true);
411: 	exit();
412: }
413: 
414: else if ($_REQUEST['mode'] == 'permission_save')
415: {
416: 	if (!$DESK->ContextManager->Permission("user_admin"))
417: 	{
418: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
419: 		echo $error->XML(true);
420: 		exit();
421: 	}
422: 	
423: 	if ($_REQUEST['type'] == "user")
424: 	{
425: 		$type="user";
426: 		$usergroupid=$_REQUEST['username'];
427: 	}
428: 	else if ($_REQUEST['type'] == "group")
429: 	{
430: 		$type="group";
431: 		$usergroupid=$_REQUEST['groupid'];
432: 	}
433: 	else
434: 	{
435: 		$error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
436: 		echo $error->XML(true);
437: 		exit();
438: 	}
439: 	
440: 	$q="DELETE FROM ".$DESK->Database->Table("permissions")." WHERE ";
441: 	$q.=$DESK->Database->Field("permissiontype")."=".$DESK->Database->SafeQuote($type)." AND ";
442: 	$q.=$DESK->Database->Field("usergroupid")."=".$DESK->Database->SafeQuote($usergroupid);
443: 	
444: 	$DESK->Database->Query($q);
445: 	
446: 	$perms = $DESK->PermissionManager->PermissionList();
447: 	
448: 	foreach($perms as $perm => $def)
449: 	{
450: 		$htmlperm = str_replace(".","#",$perm);
451: 		if (isset($_REQUEST[$htmlperm]))
452: 		{
453: 			$DESK->LoggingEngine->Log($perm,$_REQUEST[$htmlperm],"hi");
454: 			$val=-1;
455: 			if ($_REQUEST[$htmlperm] == "1")
456: 				$val=1;
457: 			else if ($_REQUEST[$htmlperm] == "0")
458: 				$val=0;
459: 			
460: 			if ($val==1 || $val==0)
461: 			{
462: 				$q="INSERT INTO ".$DESK->Database->Table("permissions")."(";
463: 				$q.=$DESK->Database->Field("permissiontype").",".$DESK->Database->Field("permission").",";
464: 				$q.=$DESK->Database->Field("usergroupid").",".$DESK->Database->Field("allowed").") VALUES(";
465: 				$q.=$DESK->Database->SafeQuote($type).",".$DESK->Database->SafeQuote($perm).",";
466: 				$q.=$DESK->Database->SafeQuote($usergroupid).",".$DESK->Database->Safe($val).")";
467: 				
468: 				$DESK->Database->Query($q);
469: 			}
470: 		}
471: 	}
472: 	
473: 	
474: 	$xml = new xmlCreate();
475: 	$xml->charElement("operation","1");
476: 	echo $xml->getXML(true);
477: 	exit();
478: }
479: 
480: else if ($_REQUEST['mode'] == "create_user")
481: {
482: 	if (!$DESK->ContextManager->Permission("user_admin"))
483: 	{
484: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
485: 		echo $error->XML(true);
486: 		exit();
487: 	}
488: 
489: 	if ($_REQUEST['username'] != "")
490: 	{
491: 		$q="INSERT INTO ".$DESK->Database->Table("user")."(".$DESK->Database->Field("username").") VALUES(";
492: 		$q.=$DESK->Database->SafeQuote($_REQUEST['username']).")";
493: 		$DESK->Database->Query($q);
494: 	}
495: 	$xml = new xmlCreate();
496: 	$xml->charElement("operation","1");
497: 	echo $xml->getXML(true);
498: 	exit();	
499: }
500: 
501: else if ($_REQUEST['mode'] == "delete_user")
502: {
503: 	// TODO: Delete related data e.g. perms, links and reassign requests
504: 	if (!$DESK->ContextManager->Permission("user_admin"))
505: 	{
506: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
507: 		echo $error->XML(true);
508: 		exit();
509: 	}
510: 
511: 	if ($_REQUEST['username'] != "")
512: 	{
513: 		$q="DELETE FROM ".$DESK->Database->Table("user")." WHERE ";
514: 		$q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']);
515: 		$DESK->Database->Query($q);
516: 	}
517: 	$xml = new xmlCreate();
518: 	$xml->charElement("operation","1");
519: 	echo $xml->getXML(true);
520: 	exit();	
521: }
522: 
523: else if ($_REQUEST['mode'] == "permgroup_delete")
524: {
525: 	$id=$_REQUEST['permgroupid'];
526: 	if (!$DESK->ContextManager->Permission("user_admin"))
527: 	{
528: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
529: 		echo $error->XML(true);
530: 		exit();
531: 	}
532: 	
533: 	$DESK->PermissionManager->DeleteGroup($id);
534: 	
535: 	$xml = new xmlCreate();
536: 	$xml->charElement("operation","1");
537: 	echo $xml->getXML(true);
538: 	exit();	
539: }
540: 
541: else if ($_REQUEST['mode'] == "permgroup_create")
542: {
543: 	$name=$_REQUEST['groupname'];
544: 	if (!$DESK->ContextManager->Permission("user_admin"))
545: 	{
546: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
547: 		echo $error->XML(true);
548: 		exit();
549: 	}
550: 	
551: 	$DESK->PermissionManager->CreateGroup($name);
552: 	
553: 	$xml = new xmlCreate();
554: 	$xml->charElement("operation","1");
555: 	echo $xml->getXML(true);
556: 	exit();	
557: }
558: 
559: else if ($_REQUEST['mode'] == "team_create")
560: {
561: 	$name=$_REQUEST['teamname'];
562: 	if (!$DESK->ContextManager->Permission("user_admin"))
563: 	{
564: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
565: 		echo $error->XML(true);
566: 		exit();
567: 	}
568: 	
569: 	$DESK->RequestManager->CreateTeam($name);
570: 	
571: 	$xml = new xmlCreate();
572: 	$xml->charElement("operation","1");
573: 	echo $xml->getXML(true);
574: 	exit();	
575: }
576: 
577: else if ($_REQUEST['mode'] == "team_update")
578: {
579: 	$name=$_REQUEST['teamname'];
580: 	$id=$_REQUEST['id'];
581: 	if (!$DESK->ContextManager->Permission("user_admin"))
582: 	{
583: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
584: 		echo $error->XML(true);
585: 		exit();
586: 	}
587: 	
588: 	$DESK->RequestManager->UpdateTeam($id,$name);
589: 	
590: 	$xml = new xmlCreate();
591: 	$xml->charElement("operation","1");
592: 	echo $xml->getXML(true);
593: 	exit();	
594: }
595: 
596: else if ($_REQUEST['mode'] == "team_delete")
597: {
598: 	$id=$_REQUEST['id'];
599: 	if (!$DESK->ContextManager->Permission("user_admin"))
600: 	{
601: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
602: 		echo $error->XML(true);
603: 		exit();
604: 	}
605: 	
606: 	$DESK->RequestManager->DeleteTeam($id);
607: 	
608: 	$xml = new xmlCreate();
609: 	$xml->charElement("operation","1");
610: 	echo $xml->getXML(true);
611: 	exit();	
612: }
613: 
614: else if ($_REQUEST['mode'] == "status_create")
615: {
616: 	$name=$_REQUEST['name'];
617: 	if (!$DESK->ContextManager->Permission("user_admin"))
618: 	{
619: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
620: 		echo $error->XML(true);
621: 		exit();
622: 	}
623: 	
624: 	$DESK->RequestManager->CreateStatus($name);
625: 	
626: 	$xml = new xmlCreate();
627: 	$xml->charElement("operation","1");
628: 	echo $xml->getXML(true);
629: 	exit();	
630: }
631: 
632: else if ($_REQUEST['mode'] == "status_delete")
633: {
634: 	$id=$_REQUEST['id'];
635: 	if (!$DESK->ContextManager->Permission("user_admin"))
636: 	{
637: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
638: 		echo $error->XML(true);
639: 		exit();
640: 	}
641: 	
642: 	$DESK->RequestManager->DeleteStatus($id);
643: 	
644: 	$xml = new xmlCreate();
645: 	$xml->charElement("operation","1");
646: 	echo $xml->getXML(true);
647: 	exit();	
648: }
649: 
650: else if ($_REQUEST['mode'] == "status_update")
651: {
652: 	$id=$_REQUEST['id'];
653: 	$name=$_REQUEST['name'];
654: 	if (!$DESK->ContextManager->Permission("user_admin"))
655: 	{
656: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
657: 		echo $error->XML(true);
658: 		exit();
659: 	}
660: 	
661: 	$DESK->RequestManager->UpdateStatus($id,$name);
662: 	
663: 	$xml = new xmlCreate();
664: 	$xml->charElement("operation","1");
665: 	echo $xml->getXML(true);
666: 	exit();	
667: }
668: 
669: else if ($_REQUEST['mode'] == "plugin_install")
670: {
671: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
672: 	{
673: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
674: 		echo $error->XML(true);
675: 		exit();
676: 	}
677: 	
678: 	$plugin=$_REQUEST['plugin'];
679: 	
680: 	$DESK->PluginManager->InstallPIM($plugin);
681: 	
682: 	$xml = new xmlCreate();
683: 	$xml->charElement("operation","1");
684: 	echo $xml->getXML(true);
685: 	exit();
686: }
687: 
688: else if ($_REQUEST['mode'] == "plugin_activate")
689: {
690: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
691: 	{
692: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
693: 		echo $error->XML(true);
694: 		exit();
695: 	}
696: 	
697: 	$id=$_REQUEST['id'];
698: 	
699: 	$DESK->PluginManager->ActivatePIM($id, true);
700: 	
701: 	$xml = new xmlCreate();
702: 	$xml->charElement("operation","1");
703: 	echo $xml->getXML(true);
704: 	exit();
705: }
706: 
707: else if ($_REQUEST['mode'] == "plugin_deactivate")
708: {
709: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
710: 	{
711: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
712: 		echo $error->XML(true);
713: 		exit();
714: 	}
715: 	
716: 	$id=$_REQUEST['id'];
717: 	
718: 	$DESK->PluginManager->ActivatePIM($id, false);
719: 	
720: 	$xml = new xmlCreate();
721: 	$xml->charElement("operation","1");
722: 	echo $xml->getXML(true);
723: 	exit();
724: }
725: 
726: else if ($_REQUEST['mode'] == "plugin_uninstall")
727: {
728: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
729: 	{
730: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
731: 		echo $error->XML(true);
732: 		exit();
733: 	}
734: 	
735: 	$id=$_REQUEST['id'];
736: 	
737: 	$DESK->PluginManager->UninstallPIM($id);
738: 	
739: 	$xml = new xmlCreate();
740: 	$xml->charElement("operation","1");
741: 	echo $xml->getXML(true);
742: 	exit();
743: }
744: 
745: else if ($_REQUEST['mode'] == "sysvar_save")
746: {
747: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
748: 	{
749: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
750: 		echo $error->XML(true);
751: 		exit();
752: 	}
753: 	
754: 	$id = $_REQUEST['id'];
755: 	$value = $_REQUEST['value'];
756: 	
757: 	$DESK->Configuration->Set($id, $value, true);
758: 	
759: 	$xml = new xmlCreate();
760: 	$xml->charElement("operation","1");
761: 	echo $xml->getXML(true);
762: 	exit();
763: }
764: 
765: else if ($_REQUEST['mode'] == "sysvar_create")
766: {
767: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
768: 	{
769: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
770: 		echo $error->XML(true);
771: 		exit();
772: 	}
773: 	
774: 	$id = $_REQUEST['id'];
775: 	$value = $_REQUEST['value'];
776: 	
777: 	$DESK->Configuration->Set($id, $value, true);
778: 	
779: 	$xml = new xmlCreate();
780: 	$xml->charElement("operation","1");
781: 	echo $xml->getXML(true);
782: 	exit();
783: }
784: 
785: else if ($_REQUEST['mode'] == "sysvar_delete")
786: {
787: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
788: 	{
789: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
790: 		echo $error->XML(true);
791: 		exit();
792: 	}
793: 	
794: 	$id = $_REQUEST['id'];
795: 	$value = $_REQUEST['value'];
796: 	
797: 	$DESK->Configuration->Delete($id);
798: 	
799: 	$xml = new xmlCreate();
800: 	$xml->charElement("operation","1");
801: 	echo $xml->getXML(true);
802: 	exit();
803: }
804: 
805: 
806: if ($DESK->PluginManager->API($_REQUEST['mode']))
807: 	exit();
808: 
809: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
810: echo $error->XML(true);
811: exit();
812: 
813: ?>
814: