Viewing File api.php of 0.00.0a
|
1: <?php 2: /* ------------------------------------------------------------- 3: This file is part of FreeDESK 4: 5: FreeDESK is (C) Copyright 2012 David Cutting 6: 7: FreeDESK is free software: you can redistribute it and/or modify 8: it under the terms of the GNU General Public License as published by 9: the Free Software Foundation, either version 3 of the License, or 10: (at your option) any later version. 11: 12: FreeDESK is distributed in the hope that it will be useful, 13: but WITHOUT ANY WARRANTY; without even the implied warranty of 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the 15: GNU General Public License for more details. 16: 17: You should have received a copy of the GNU General Public License 18: along with FreeDESK. If not, see www.gnu.org/licenses 19: 20: For more information see www.purplepixie.org/freedesk/ 21: -------------------------------------------------------------- */ 22: 23: ob_start(); 24: include("core/FreeDESK.php"); 25: $DESK = new FreeDESK("./"); 26: $DESK->Start(); 27: ob_end_clean(); 28: 29: header("Content-type: text/xml"); 30: header("Expires: Tue, 27 Jul 1997 01:00:00 GMT"); 31: header("Cache-Control: no-store, no-cache, must-revalidate"); 32: header("Cache-Control: post-check=0, pre-check=0", false); 33: header("Pragma: no-cache"); 34: 35: if (!isset($_REQUEST['mode'])) 36: { 37: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode"); 38: echo $error->XML(true); 39: exit(); 40: } 41: 42: if ($_REQUEST['mode']=="login") 43: { 44: //echo $_REQUEST['username'].$_REQUEST['password']; 45: // TODO: Other Login Modes 46: if ($DESK->ContextManager->Open(ContextType::User, "", $_REQUEST['username'], $_REQUEST['password'])) 47: { 48: echo $DESK->ContextManager->Session->XML(true); 49: exit(); 50: } 51: else // Login failed 52: { 53: $error = new FreeDESK_Error(ErrorCode::FailedLogin, "Login Failed"); 54: echo $error->XML(true); 55: exit(); 56: } 57: } 58: else if ($_REQUEST['mode']=="logout") 59: { 60: if ($DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid'])) 61: $DESK->ContextManager->Destroy(); 62: $xml = new xmlCreate(); 63: $xml->charElement("logout","1"); 64: echo $xml->getXML(true); 65: exit(); 66: } 67: 68: if (!$DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid'])) 69: { 70: $error = new FreeDESK_Error(ErrorCode::SessionExpired, "Session Expired"); 71: echo $error->XML(true); 72: exit(); 73: } 74: 75: if ($_REQUEST['mode']=="requests_assigned") 76: { 77: $team = isset($_REQUEST['teamid']) ? $_REQUEST['teamid'] : 0; 78: $user = isset($_REQUEST['username']) ? $_REQUEST['username'] : ""; 79: $sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : ""; 80: $order = isset($_REQUEST['order']) && $_REQUEST['order']=="D" ? "DESC" : "ASC"; 81: $list = $DESK->RequestManager->FetchAssigned($team, $user, $sort, $order); 82: echo xmlCreate::getHeader()."\n"; 83: echo "<request-list>\n"; 84: foreach($list as $item) 85: { 86: echo $item->XML(false)."\n"; 87: } 88: echo "</request-list>\n"; 89: exit(); 90: } 91: 92: if ($_REQUEST['mode']=="entity_search") 93: { 94: $entity = $DESK->DataDictionary->GetTable($_REQUEST['entity']); 95: 96: if ($entity === false || !$entity->editable) 97: { 98: // 99: } 100: 101: if (!$DESK->ContextManager->Permission("entity_view.".$_REQUEST['entity'])) 102: { 103: // 104: } 105: 106: // ENTITY MANAGER 107: $q="SELECT * FROM ".$DESK->Database->Table($entity->entity); 108: 109: 110: $qb = new QueryBuilder(); 111: $fieldcount = 0; 112: foreach($entity->fields as $key => $field) 113: { 114: if ($field->searchable && isset($_REQUEST[$key]) && ($_REQUEST[$key]!="")) 115: { 116: if ($fieldcount++ > 0) 117: $qb->AddOperation(QueryType::opAND); 118: 119: if ( ($field->type==DD_FieldType::Char || $field->type==DD_FieldType::Text) && 120: strpos($_REQUEST[$key], "%") !== true ) 121: $qb->Add($key, QueryType::Like, $DESK->Database->SafeQuote($_REQUEST[$key])); 122: else 123: $qb->Add($key, QueryType::Equal, $DESK->Database->SafeQuote($_REQUEST[$key])); 124: } 125: } 126: 127: 128: 129: if (isset($_REQUEST['start'])) 130: $start=$_REQUEST['start']; 131: else 132: $start = 0; 133: 134: if (isset($_REQUEST['limit'])) 135: $limit=$_REQUEST['limit']; 136: else 137: $limit = 30; 138: 139: 140: $wc = $DESK->Database->Clause($qb); 141: 142: if ($wc != "") 143: $q.=" WHERE ".$wc; 144: 145: $meta = array( 146: "start" => $start, 147: "limit" => $limit ); 148: 149: $r=$DESK->Database->Query($q); 150: 151: $meta["count"]=$DESK->Database->NumRows($r); 152: 153: if ($meta["count"]>$limit) 154: { 155: $q.=" LIMIT ".$DESK->Database->Safe($start).",".$DESK->Database->Safe($limit); 156: $DESK->Database->Free($r); 157: $r=$DESK->Database->Query($q); 158: } 159: 160: $xml = new xmlCreate(); 161: $xml->startElement("search-results"); 162: $xml->startElement("meta"); 163: foreach($meta as $key => $val) 164: $xml->charElement($key, $val); 165: $keyfield=""; 166: foreach($entity->fields as $key => $field) 167: { 168: if ($field->keyfield) 169: $keyfield=$field->field; 170: $xml->startElement("field-data"); 171: $xml->charElement("id",$field->field); 172: $xml->charElement("name",$field->name, 0, false, true); 173: $xml->endElement("field-data"); 174: } 175: $xml->charElement("keyfield",$keyfield); 176: $xml->endElement("meta"); 177: 178: while($row=$DESK->Database->FetchAssoc($r)) 179: { 180: $xml->startElement("entity"); 181: foreach($row as $key => $val) 182: { 183: $xml->charElement("field", $val, array("id"=>$key), false, true); 184: } 185: $xml->endElement("entity"); 186: } 187: $DESK->Database->Free($r); 188: 189: $xml->endElement("search-results"); 190: 191: echo $xml->getXML(true); 192: exit(); 193: } 194: 195: else if ($_REQUEST['mode'] == "entity_save") 196: { 197: $entity = $_REQUEST['entity']; 198: $table = $DESK->DataDictionary->GetTable($entity); 199: 200: if ($entity === false) 201: { 202: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)"); 203: echo $err->XML(true); 204: exit(); 205: } 206: 207: $keyfield = $table->keyfield; 208: 209: $data = $DESK->EntityManager->Load($entity, $_REQUEST[$keyfield]); 210: 211: 212: if ($data === false) 213: { 214: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Loaded)"); 215: echo $err->XML(true); 216: exit(); 217: } 218: 219: foreach($table->fields as $id => $field) 220: { 221: if ($id != $keyfield) 222: if (isset($_REQUEST[$id])) 223: $data->Set($id, $_REQUEST[$id]); 224: } 225: 226: $result = $DESK->EntityManager->Save($data); 227: 228: if ($result) 229: { 230: $xml = new xmlCreate(); 231: $xml->charElement("operation","1"); 232: echo $xml->getXML(true); 233: exit(); 234: } 235: else 236: { 237: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)"); 238: echo $err->XML(true); 239: exit(); 240: } 241: } 242: 243: else if ($_REQUEST['mode'] == "entity_create") 244: { 245: $entity = $_REQUEST['entity']; 246: $table = $DESK->DataDictionary->GetTable($entity); 247: 248: if ($entity === false) 249: { 250: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)"); 251: echo $err->XML(true); 252: exit(); 253: } 254: 255: $data = $DESK->EntityManager->Create($entity); 256: 257: foreach($table->fields as $id => $field) 258: { 259: if ($id != $keyfield) 260: if (isset($_REQUEST[$id])) 261: $data->Set($id, $_REQUEST[$id]); 262: } 263: 264: $result = $DESK->EntityManager->Insert($data); 265: 266: if ($result) 267: { 268: $xml = new xmlCreate(); 269: $xml->charElement("operation","1"); 270: echo $xml->getXML(true); 271: exit(); 272: } 273: else 274: { 275: $err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)"); 276: echo $err->XML(true); 277: exit(); 278: } 279: } 280: 281: else if ($_REQUEST['mode'] == "user_edit") 282: { 283: if (!$DESK->ContextManager->Permission("user_admin")) 284: { 285: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 286: echo $error->XML(true); 287: exit(); 288: } 289: 290: $q = "UPDATE ".$DESK->Database->Table("user")." SET "; 291: 292: $q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']).","; 293: $q.=$DESK->Database->Field("realname")."=".$DESK->Database->SafeQuote($_REQUEST['realname']).","; 294: $q.=$DESK->Database->Field("email")."=".$DESK->Database->SafeQuote($_REQUEST['email']).","; 295: $q.=$DESK->Database->Field("permgroup")."=".$DESK->Database->SafeQuote($_REQUEST['permgroup']); 296: 297: $q.=" WHERE ".$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['original_username']); 298: 299: $DESK->Database->Query($q); 300: 301: if (isset($_REQUEST['password']) && $_REQUEST['password']!="") 302: { 303: $amb = new AuthMethodStandard($DESK); 304: $amb->SetPassword($_REQUEST['username'], $_REQUEST['password']); 305: } 306: 307: $q="DELETE FROM ".$DESK->Database->Table("teamuserlink")." WHERE ".$DESK->Database->Field("username")."=" 308: .$DESK->Database->SafeQuote($_REQUEST['original_username']); 309: $DESK->Database->Query($q); 310: 311: if (isset($_REQUEST['team'])) 312: { 313: foreach($_REQUEST['team'] as $team) 314: { 315: $q="INSERT INTO ".$DESK->Database->Table("teamuserlink")."(".$DESK->Database->Field("username")."," 316: .$DESK->Database->Field("teamid").") VALUES(".$DESK->Database->SafeQuote($_REQUEST['username'])."," 317: .$DESK->Database->Safe($team).")"; 318: $DESK->Database->Query($q); 319: } 320: } 321: 322: $xml = new xmlCreate(); 323: $xml->charElement("operation","1"); 324: echo $xml->getXML(true); 325: exit(); 326: } 327: 328: else if ($_REQUEST['mode'] == "request_update") 329: { 330: // TODO: PERMISSIONS + PUBLIC 331: 332: $public=false; 333: if (isset($_REQUEST['public']) && $_REQUEST['public']==1) 334: $public=true; 335: 336: $req = $DESK->RequestManager->Fetch($_REQUEST['requestid']); 337: if ($req === false) 338: { 339: $error = new FreeDESK_Error(ErrorCode::UnknownRequest, "Unknown Request"); 340: echo $error->XML(true); 341: exit(); 342: } 343: 344: if (isset($_REQUEST['update']) && $_REQUEST['update']!="") 345: $req->Update($_REQUEST['update'], $public); 346: 347: if (isset($_REQUEST['status']) && $_REQUEST['status']!="" && $_REQUEST['status']!=" " && is_numeric($_REQUEST['status'])) 348: $req->Status($_REQUEST['status'], $public); 349: 350: // TODO: ASSIGNMENT PERMISSION 351: if (isset($_REQUEST['assign']) && $_REQUEST['assign'] != "" && $_REQUEST['assign'] != " ") // Composite assignment 352: { 353: $team = 0; 354: $user = ""; 355: 356: $assign = $_REQUEST['assign']; 357: 358: if (is_numeric($assign)) // just a team 359: $team = $assign; 360: else 361: { 362: $parts = explode("/",$assign); 363: $team = $parts[0]; 364: if (isset($parts[1])) 365: $user=$parts[1]; 366: } 367: 368: $req->Assign($team, $user, $public); 369: } 370: 371: 372: $xml = new xmlCreate(); 373: $xml->charElement("operation","1"); 374: echo $xml->getXML(true); 375: exit(); 376: } 377: 378: else if ($_REQUEST['mode'] == 'request_create') 379: { 380: if (isset($_REQUEST['class'])) 381: $class = $_REQUEST['class']; 382: else 383: $class = ""; 384: 385: // Request of required class 386: $req = $DESK->RequestManager->CreateById($class); 387: 388: // Assignment of request: TODO permissions for this! 389: $team=0; 390: $user=""; 391: 392: if (isset($_REQUEST['assign'])) 393: { 394: if (is_numeric($assign)) // just a team 395: $team = $assign; 396: else 397: { 398: $parts = explode("/",$assign); 399: $team = $parts[0]; 400: if (isset($parts[1])) 401: $user=$parts[1]; 402: } 403: } 404: 405: $id = $req->Create($_REQUEST['customer'], $_REQUEST['update'], $class, $_REQUEST['status'], 406: $team, $user); 407: 408: $xml = new xmlCreate(); 409: $xml->charElement("request", $id); 410: echo $xml->getXML(true); 411: exit(); 412: } 413: 414: else if ($_REQUEST['mode'] == 'permission_save') 415: { 416: if (!$DESK->ContextManager->Permission("user_admin")) 417: { 418: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 419: echo $error->XML(true); 420: exit(); 421: } 422: 423: if ($_REQUEST['type'] == "user") 424: { 425: $type="user"; 426: $usergroupid=$_REQUEST['username']; 427: } 428: else if ($_REQUEST['type'] == "group") 429: { 430: $type="group"; 431: $usergroupid=$_REQUEST['groupid']; 432: } 433: else 434: { 435: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']); 436: echo $error->XML(true); 437: exit(); 438: } 439: 440: $q="DELETE FROM ".$DESK->Database->Table("permissions")." WHERE "; 441: $q.=$DESK->Database->Field("permissiontype")."=".$DESK->Database->SafeQuote($type)." AND "; 442: $q.=$DESK->Database->Field("usergroupid")."=".$DESK->Database->SafeQuote($usergroupid); 443: 444: $DESK->Database->Query($q); 445: 446: $perms = $DESK->PermissionManager->PermissionList(); 447: 448: foreach($perms as $perm => $def) 449: { 450: $htmlperm = str_replace(".","#",$perm); 451: if (isset($_REQUEST[$htmlperm])) 452: { 453: $DESK->LoggingEngine->Log($perm,$_REQUEST[$htmlperm],"hi"); 454: $val=-1; 455: if ($_REQUEST[$htmlperm] == "1") 456: $val=1; 457: else if ($_REQUEST[$htmlperm] == "0") 458: $val=0; 459: 460: if ($val==1 || $val==0) 461: { 462: $q="INSERT INTO ".$DESK->Database->Table("permissions")."("; 463: $q.=$DESK->Database->Field("permissiontype").",".$DESK->Database->Field("permission").","; 464: $q.=$DESK->Database->Field("usergroupid").",".$DESK->Database->Field("allowed").") VALUES("; 465: $q.=$DESK->Database->SafeQuote($type).",".$DESK->Database->SafeQuote($perm).","; 466: $q.=$DESK->Database->SafeQuote($usergroupid).",".$DESK->Database->Safe($val).")"; 467: 468: $DESK->Database->Query($q); 469: } 470: } 471: } 472: 473: 474: $xml = new xmlCreate(); 475: $xml->charElement("operation","1"); 476: echo $xml->getXML(true); 477: exit(); 478: } 479: 480: else if ($_REQUEST['mode'] == "create_user") 481: { 482: if (!$DESK->ContextManager->Permission("user_admin")) 483: { 484: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 485: echo $error->XML(true); 486: exit(); 487: } 488: 489: if ($_REQUEST['username'] != "") 490: { 491: $q="INSERT INTO ".$DESK->Database->Table("user")."(".$DESK->Database->Field("username").") VALUES("; 492: $q.=$DESK->Database->SafeQuote($_REQUEST['username']).")"; 493: $DESK->Database->Query($q); 494: } 495: $xml = new xmlCreate(); 496: $xml->charElement("operation","1"); 497: echo $xml->getXML(true); 498: exit(); 499: } 500: 501: else if ($_REQUEST['mode'] == "delete_user") 502: { 503: // TODO: Delete related data e.g. perms, links and reassign requests 504: if (!$DESK->ContextManager->Permission("user_admin")) 505: { 506: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 507: echo $error->XML(true); 508: exit(); 509: } 510: 511: if ($_REQUEST['username'] != "") 512: { 513: $q="DELETE FROM ".$DESK->Database->Table("user")." WHERE "; 514: $q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']); 515: $DESK->Database->Query($q); 516: } 517: $xml = new xmlCreate(); 518: $xml->charElement("operation","1"); 519: echo $xml->getXML(true); 520: exit(); 521: } 522: 523: else if ($_REQUEST['mode'] == "permgroup_delete") 524: { 525: $id=$_REQUEST['permgroupid']; 526: if (!$DESK->ContextManager->Permission("user_admin")) 527: { 528: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 529: echo $error->XML(true); 530: exit(); 531: } 532: 533: $DESK->PermissionManager->DeleteGroup($id); 534: 535: $xml = new xmlCreate(); 536: $xml->charElement("operation","1"); 537: echo $xml->getXML(true); 538: exit(); 539: } 540: 541: else if ($_REQUEST['mode'] == "permgroup_create") 542: { 543: $name=$_REQUEST['groupname']; 544: if (!$DESK->ContextManager->Permission("user_admin")) 545: { 546: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 547: echo $error->XML(true); 548: exit(); 549: } 550: 551: $DESK->PermissionManager->CreateGroup($name); 552: 553: $xml = new xmlCreate(); 554: $xml->charElement("operation","1"); 555: echo $xml->getXML(true); 556: exit(); 557: } 558: 559: else if ($_REQUEST['mode'] == "team_create") 560: { 561: $name=$_REQUEST['teamname']; 562: if (!$DESK->ContextManager->Permission("user_admin")) 563: { 564: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 565: echo $error->XML(true); 566: exit(); 567: } 568: 569: $DESK->RequestManager->CreateTeam($name); 570: 571: $xml = new xmlCreate(); 572: $xml->charElement("operation","1"); 573: echo $xml->getXML(true); 574: exit(); 575: } 576: 577: else if ($_REQUEST['mode'] == "team_update") 578: { 579: $name=$_REQUEST['teamname']; 580: $id=$_REQUEST['id']; 581: if (!$DESK->ContextManager->Permission("user_admin")) 582: { 583: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 584: echo $error->XML(true); 585: exit(); 586: } 587: 588: $DESK->RequestManager->UpdateTeam($id,$name); 589: 590: $xml = new xmlCreate(); 591: $xml->charElement("operation","1"); 592: echo $xml->getXML(true); 593: exit(); 594: } 595: 596: else if ($_REQUEST['mode'] == "team_delete") 597: { 598: $id=$_REQUEST['id']; 599: if (!$DESK->ContextManager->Permission("user_admin")) 600: { 601: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 602: echo $error->XML(true); 603: exit(); 604: } 605: 606: $DESK->RequestManager->DeleteTeam($id); 607: 608: $xml = new xmlCreate(); 609: $xml->charElement("operation","1"); 610: echo $xml->getXML(true); 611: exit(); 612: } 613: 614: else if ($_REQUEST['mode'] == "status_create") 615: { 616: $name=$_REQUEST['name']; 617: if (!$DESK->ContextManager->Permission("user_admin")) 618: { 619: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 620: echo $error->XML(true); 621: exit(); 622: } 623: 624: $DESK->RequestManager->CreateStatus($name); 625: 626: $xml = new xmlCreate(); 627: $xml->charElement("operation","1"); 628: echo $xml->getXML(true); 629: exit(); 630: } 631: 632: else if ($_REQUEST['mode'] == "status_delete") 633: { 634: $id=$_REQUEST['id']; 635: if (!$DESK->ContextManager->Permission("user_admin")) 636: { 637: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 638: echo $error->XML(true); 639: exit(); 640: } 641: 642: $DESK->RequestManager->DeleteStatus($id); 643: 644: $xml = new xmlCreate(); 645: $xml->charElement("operation","1"); 646: echo $xml->getXML(true); 647: exit(); 648: } 649: 650: else if ($_REQUEST['mode'] == "status_update") 651: { 652: $id=$_REQUEST['id']; 653: $name=$_REQUEST['name']; 654: if (!$DESK->ContextManager->Permission("user_admin")) 655: { 656: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 657: echo $error->XML(true); 658: exit(); 659: } 660: 661: $DESK->RequestManager->UpdateStatus($id,$name); 662: 663: $xml = new xmlCreate(); 664: $xml->charElement("operation","1"); 665: echo $xml->getXML(true); 666: exit(); 667: } 668: 669: else if ($_REQUEST['mode'] == "plugin_install") 670: { 671: if (!$DESK->ContextManager->Permission("sysadmin_plugins")) 672: { 673: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 674: echo $error->XML(true); 675: exit(); 676: } 677: 678: $plugin=$_REQUEST['plugin']; 679: 680: $DESK->PluginManager->InstallPIM($plugin); 681: 682: $xml = new xmlCreate(); 683: $xml->charElement("operation","1"); 684: echo $xml->getXML(true); 685: exit(); 686: } 687: 688: else if ($_REQUEST['mode'] == "plugin_activate") 689: { 690: if (!$DESK->ContextManager->Permission("sysadmin_plugins")) 691: { 692: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 693: echo $error->XML(true); 694: exit(); 695: } 696: 697: $id=$_REQUEST['id']; 698: 699: $DESK->PluginManager->ActivatePIM($id, true); 700: 701: $xml = new xmlCreate(); 702: $xml->charElement("operation","1"); 703: echo $xml->getXML(true); 704: exit(); 705: } 706: 707: else if ($_REQUEST['mode'] == "plugin_deactivate") 708: { 709: if (!$DESK->ContextManager->Permission("sysadmin_plugins")) 710: { 711: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 712: echo $error->XML(true); 713: exit(); 714: } 715: 716: $id=$_REQUEST['id']; 717: 718: $DESK->PluginManager->ActivatePIM($id, false); 719: 720: $xml = new xmlCreate(); 721: $xml->charElement("operation","1"); 722: echo $xml->getXML(true); 723: exit(); 724: } 725: 726: else if ($_REQUEST['mode'] == "plugin_uninstall") 727: { 728: if (!$DESK->ContextManager->Permission("sysadmin_plugins")) 729: { 730: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 731: echo $error->XML(true); 732: exit(); 733: } 734: 735: $id=$_REQUEST['id']; 736: 737: $DESK->PluginManager->UninstallPIM($id); 738: 739: $xml = new xmlCreate(); 740: $xml->charElement("operation","1"); 741: echo $xml->getXML(true); 742: exit(); 743: } 744: 745: else if ($_REQUEST['mode'] == "sysvar_save") 746: { 747: if (!$DESK->ContextManager->Permission("sysadmin_advanced")) 748: { 749: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 750: echo $error->XML(true); 751: exit(); 752: } 753: 754: $id = $_REQUEST['id']; 755: $value = $_REQUEST['value']; 756: 757: $DESK->Configuration->Set($id, $value, true); 758: 759: $xml = new xmlCreate(); 760: $xml->charElement("operation","1"); 761: echo $xml->getXML(true); 762: exit(); 763: } 764: 765: else if ($_REQUEST['mode'] == "sysvar_create") 766: { 767: if (!$DESK->ContextManager->Permission("sysadmin_advanced")) 768: { 769: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 770: echo $error->XML(true); 771: exit(); 772: } 773: 774: $id = $_REQUEST['id']; 775: $value = $_REQUEST['value']; 776: 777: $DESK->Configuration->Set($id, $value, true); 778: 779: $xml = new xmlCreate(); 780: $xml->charElement("operation","1"); 781: echo $xml->getXML(true); 782: exit(); 783: } 784: 785: else if ($_REQUEST['mode'] == "sysvar_delete") 786: { 787: if (!$DESK->ContextManager->Permission("sysadmin_advanced")) 788: { 789: $error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied"); 790: echo $error->XML(true); 791: exit(); 792: } 793: 794: $id = $_REQUEST['id']; 795: $value = $_REQUEST['value']; 796: 797: $DESK->Configuration->Delete($id); 798: 799: $xml = new xmlCreate(); 800: $xml->charElement("operation","1"); 801: echo $xml->getXML(true); 802: exit(); 803: } 804: 805: 806: if ($DESK->PluginManager->API($_REQUEST['mode'])) 807: exit(); 808: 809: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']); 810: echo $error->XML(true); 811: exit(); 812: 813: ?> 814: