File: 0.00.1a/api.php (View as HTML)

  1: <?php 
  2: /* -------------------------------------------------------------
  3: This file is part of FreeDESK
  4: 
  5: FreeDESK is (C) Copyright 2012 David Cutting
  6: 
  7: FreeDESK is free software: you can redistribute it and/or modify
  8: it under the terms of the GNU General Public License as published by
  9: the Free Software Foundation, either version 3 of the License, or
 10: (at your option) any later version.
 11: 
 12: FreeDESK is distributed in the hope that it will be useful,
 13: but WITHOUT ANY WARRANTY; without even the implied warranty of
 14: MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
 15: GNU General Public License for more details.
 16: 
 17: You should have received a copy of the GNU General Public License
 18: along with FreeDESK.  If not, see www.gnu.org/licenses
 19: 
 20: For more information see www.purplepixie.org/freedesk/
 21: -------------------------------------------------------------- */
 22: 
 23: ob_start();
 24: include("core/FreeDESK.php");
 25: $DESK = new FreeDESK("./");
 26: $DESK->Start();
 27: ob_end_clean();
 28: 
 29: header("Content-type: text/xml");
 30: header("Expires: Tue, 27 Jul 1997 01:00:00 GMT");
 31: header("Cache-Control: no-store, no-cache, must-revalidate");
 32: header("Cache-Control: post-check=0, pre-check=0", false);
 33: header("Pragma: no-cache");
 34: 
 35: if (!isset($_REQUEST['mode']))
 36: {
 37: 	$error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode");
 38: 	echo $error->XML(true);
 39: 	exit();
 40: }
 41: 
 42: if ($_REQUEST['mode']=="login")
 43: {
 44: 	//echo $_REQUEST['username'].$_REQUEST['password'];
 45: 	// TODO: Other Login Modes
 46: 	if ($DESK->ContextManager->Open(ContextType::User, "", $_REQUEST['username'], $_REQUEST['password']))
 47: 	{
 48: 		echo $DESK->ContextManager->Session->XML(true);
 49: 		exit();
 50: 	}
 51: 	else // Login failed
 52: 	{
 53: 		$error = new FreeDESK_Error(ErrorCode::FailedLogin, "Login Failed");
 54: 		echo $error->XML(true);
 55: 		exit();
 56: 	}
 57: }
 58: else if ($_REQUEST['mode']=="logout")
 59: {
 60: 	if ($DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
 61: 		$DESK->ContextManager->Destroy();
 62: 	$xml = new xmlCreate();
 63: 	$xml->charElement("logout","1");
 64: 	echo $xml->getXML(true);
 65: 	exit();
 66: }
 67: 
 68: if (!$DESK->ContextManager->Open(ContextType::User, $_REQUEST['sid']))
 69: {
 70: 	$error = new FreeDESK_Error(ErrorCode::SessionExpired, "Session Expired");
 71: 	echo $error->XML(true);
 72: 	exit();
 73: }
 74: 
 75: if ($_REQUEST['mode']=="requests_assigned")
 76: {
 77: 	$team = isset($_REQUEST['teamid']) ? $_REQUEST['teamid'] : 0;
 78: 	$user = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
 79: 	$sort = isset($_REQUEST['sort']) ? $_REQUEST['sort'] : "";
 80: 	$order = isset($_REQUEST['order']) && $_REQUEST['order']=="D" ? "DESC" : "ASC";
 81: 	$list = $DESK->RequestManager->FetchAssigned($team, $user, $sort, $order);
 82: 	echo xmlCreate::getHeader()."\n";
 83: 	echo "<request-list>\n";
 84: 	foreach($list as $item)
 85: 	{
 86: 		echo $item->XML(false)."\n";
 87: 	}
 88: 	echo "</request-list>\n";
 89: 	exit();
 90: }
 91: 
 92: if ($_REQUEST['mode']=="entity_search")
 93: {
 94: 	$entity = $DESK->DataDictionary->GetTable($_REQUEST['entity']);
 95: 	
 96: 	if ($entity === false || !$entity->editable)
 97: 	{
 98: 		//
 99: 	}
100: 	
101: 	if (!$DESK->ContextManager->Permission("entity_view.".$_REQUEST['entity']))
102: 	{
103: 		//
104: 	}
105: 
106: 	// ENTITY MANAGER
107: 	$q="SELECT * FROM ".$DESK->Database->Table($entity->entity);
108: 	
109: 	
110: 	$qb = new QueryBuilder();
111: 	$fieldcount = 0;
112: 	foreach($entity->fields as $key => $field)
113: 	{
114: 		if ($field->searchable && isset($_REQUEST[$key]) && ($_REQUEST[$key]!=""))
115: 		{
116: 			if ($fieldcount++ > 0)
117: 				$qb->AddOperation(QueryType::opAND);
118: 			
119: 			if ( ($field->type==DD_FieldType::Char || $field->type==DD_FieldType::Text)  &&
120: 					strpos($_REQUEST[$key], "%") !== true )
121: 				$qb->Add($key, QueryType::Like, $DESK->Database->SafeQuote($_REQUEST[$key]));
122: 			else
123: 				$qb->Add($key, QueryType::Equal, $DESK->Database->SafeQuote($_REQUEST[$key]));
124: 		}
125: 	}
126: 	
127: 
128: 	
129: 	if (isset($_REQUEST['start']))
130: 		$start=$_REQUEST['start'];
131: 	else
132: 		$start = 0;
133: 	
134: 	if (isset($_REQUEST['limit']))
135: 		$limit=$_REQUEST['limit'];
136: 	else
137: 		$limit = 30;
138: 
139: 
140: 	$wc = $DESK->Database->Clause($qb);
141: 	
142: 	if ($wc != "")
143: 		$q.=" WHERE ".$wc;
144: 	
145: 	$meta = array(
146: 		"start" => $start,
147: 		"limit" => $limit );
148: 	
149: 	$r=$DESK->Database->Query($q);
150: 	
151: 	$meta["count"]=$DESK->Database->NumRows($r);
152: 	
153: 	if ($meta["count"]>$limit)
154: 	{
155: 		$q.=" LIMIT ".$DESK->Database->Safe($start).",".$DESK->Database->Safe($limit);
156: 		$DESK->Database->Free($r);
157: 		$r=$DESK->Database->Query($q);
158: 	}
159: 	
160: 	$xml = new xmlCreate();
161: 	$xml->startElement("search-results");
162: 	$xml->startElement("meta");
163: 	foreach($meta as $key => $val)
164: 		$xml->charElement($key, $val);
165: 	$keyfield="";
166: 	foreach($entity->fields as $key => $field)
167: 	{
168: 		if ($field->keyfield)
169: 			$keyfield=$field->field;
170: 		$xml->startElement("field-data");
171: 		$xml->charElement("id",$field->field);
172: 		$xml->charElement("name",$field->name, 0, false, true);
173: 		$xml->endElement("field-data");
174: 	}
175: 	$xml->charElement("keyfield",$keyfield);
176: 	$xml->endElement("meta");
177: 	
178: 	while($row=$DESK->Database->FetchAssoc($r))
179: 	{
180: 		$xml->startElement("entity");
181: 		foreach($row as $key => $val)
182: 		{
183: 			$xml->charElement("field", $val, array("id"=>$key), false, true);
184: 		}
185: 		$xml->endElement("entity");
186: 	}
187: 	$DESK->Database->Free($r);
188: 	
189: 	$xml->endElement("search-results");
190: 	
191: 	echo $xml->getXML(true);
192: 	exit();
193: }
194: 	
195: else if ($_REQUEST['mode'] == "entity_save")
196: {
197: 	$entity = $_REQUEST['entity'];
198: 	$table = $DESK->DataDictionary->GetTable($entity);
199: 	
200: 	if ($entity === false)
201: 	{
202: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
203: 		echo $err->XML(true);
204: 		exit();
205: 	}
206: 	
207: 	$keyfield = $table->keyfield;
208: 	
209: 	$data = $DESK->EntityManager->Load($entity, $_REQUEST[$keyfield]);
210: 	
211: 	
212: 	if ($data === false)
213: 	{
214: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Loaded)");
215: 		echo $err->XML(true);
216: 		exit();
217: 	}
218: 	
219: 	foreach($table->fields as $id => $field)
220: 	{
221: 		if ($id != $keyfield)
222: 			if (isset($_REQUEST[$id]))
223: 				$data->Set($id, $_REQUEST[$id]);
224: 	}
225: 	
226: 	$result = $DESK->EntityManager->Save($data);
227: 	
228: 	if ($result)
229: 	{
230: 		$xml = new xmlCreate();
231: 		$xml->charElement("operation","1");
232: 		echo $xml->getXML(true);
233: 		exit();
234: 	}
235: 	else
236: 	{
237: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
238: 		echo $err->XML(true);
239: 		exit();
240: 	}
241: }
242: 
243: else if ($_REQUEST['mode'] == "entity_create")
244: {
245: 	$entity = $_REQUEST['entity'];
246: 	$table = $DESK->DataDictionary->GetTable($entity);
247: 	
248: 	if ($entity === false)
249: 	{
250: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Found)");
251: 		echo $err->XML(true);
252: 		exit();
253: 	}
254: 	
255: 	$data = $DESK->EntityManager->Create($entity);
256: 	
257: 	foreach($table->fields as $id => $field)
258: 	{
259: 		if ($id != $keyfield)
260: 			if (isset($_REQUEST[$id]))
261: 				$data->Set($id, $_REQUEST[$id]);
262: 	}
263: 	
264: 	$result = $DESK->EntityManager->Insert($data);
265: 	
266: 	if ($result)
267: 	{
268: 		$xml = new xmlCreate();
269: 		$xml->charElement("operation","1");
270: 		echo $xml->getXML(true);
271: 		exit();
272: 	}
273: 	else
274: 	{
275: 		$err = new FreeDESK_Error(ErrorCode::EntityError, "Entity Error (Not Saved)");
276: 		echo $err->XML(true);
277: 		exit();
278: 	}
279: }
280: 
281: else if ($_REQUEST['mode'] == "user_edit")
282: {
283: 	if (!$DESK->ContextManager->Permission("user_admin"))
284: 	{
285: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
286: 		echo $error->XML(true);
287: 		exit();
288: 	}
289: 	
290: 	$q = "UPDATE ".$DESK->Database->Table("user")." SET ";
291: 	
292: 	$q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']).",";
293: 	$q.=$DESK->Database->Field("realname")."=".$DESK->Database->SafeQuote($_REQUEST['realname']).",";
294: 	$q.=$DESK->Database->Field("email")."=".$DESK->Database->SafeQuote($_REQUEST['email']).",";
295: 	$q.=$DESK->Database->Field("permgroup")."=".$DESK->Database->SafeQuote($_REQUEST['permgroup']);
296: 	
297: 	$q.=" WHERE ".$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['original_username']);
298: 	
299: 	$DESK->Database->Query($q);
300: 	
301: 	if (isset($_REQUEST['password']) && $_REQUEST['password']!="")
302: 	{
303: 		$amb = new AuthMethodStandard($DESK);
304: 		$amb->SetPassword($_REQUEST['username'], $_REQUEST['password']);
305: 	}
306: 	
307: 	$q="DELETE FROM ".$DESK->Database->Table("teamuserlink")." WHERE ".$DESK->Database->Field("username")."="
308: 		.$DESK->Database->SafeQuote($_REQUEST['original_username']);
309: 	$DESK->Database->Query($q);
310: 	
311: 	if (isset($_REQUEST['team']))
312: 	{
313: 		foreach($_REQUEST['team'] as $team)
314: 		{
315: 			$q="INSERT INTO ".$DESK->Database->Table("teamuserlink")."(".$DESK->Database->Field("username").","
316: 				.$DESK->Database->Field("teamid").") VALUES(".$DESK->Database->SafeQuote($_REQUEST['username']).","
317: 				.$DESK->Database->Safe($team).")";
318: 			$DESK->Database->Query($q);
319: 		}
320: 	}
321: 	
322: 	$xml = new xmlCreate();
323: 	$xml->charElement("operation","1");
324: 	echo $xml->getXML(true);
325: 	exit();
326: }
327: 
328: else if ($_REQUEST['mode'] == "request_update")
329: {
330: 	// TODO: PERMISSIONS + PUBLIC
331: 	
332: 	$public=false;
333: 	if (isset($_REQUEST['public']) && $_REQUEST['public']==1)
334: 		$public=true;
335: 	
336: 	$req = $DESK->RequestManager->Fetch($_REQUEST['requestid']);
337: 	if ($req === false)
338: 	{
339: 		$error = new FreeDESK_Error(ErrorCode::UnknownRequest, "Unknown Request");
340: 		echo $error->XML(true);
341: 		exit();
342: 	}
343: 	
344: 	if (isset($_REQUEST['update']) && $_REQUEST['update']!="")
345: 		$req->Update($_REQUEST['update'], $public);
346: 	
347: 	if (isset($_REQUEST['status']) && $_REQUEST['status']!="" && $_REQUEST['status']!=" " && is_numeric($_REQUEST['status']))
348: 		$req->Status($_REQUEST['status'], $public);
349: 	
350: 	// TODO: ASSIGNMENT PERMISSION
351: 	if (isset($_REQUEST['assign']) && $_REQUEST['assign'] != "" && $_REQUEST['assign'] != " ") // Composite assignment
352: 	{
353: 		$team = 0;
354: 		$user = "";
355: 		
356: 		$assign = $_REQUEST['assign'];
357: 		
358: 		if (is_numeric($assign)) // just a team
359: 			$team = $assign;
360: 		else
361: 		{
362: 			$parts = explode("/",$assign);
363: 			$team = $parts[0];
364: 			if (isset($parts[1]))
365: 				$user=$parts[1];
366: 		}
367: 		
368: 		$req->Assign($team, $user, $public);
369: 	}
370: 	
371: 	
372: 	$xml = new xmlCreate();
373: 	$xml->charElement("operation","1");
374: 	echo $xml->getXML(true);
375: 	exit();
376: }
377: 
378: else if ($_REQUEST['mode'] == 'request_create')
379: {
380: 	if (isset($_REQUEST['class']))
381: 		$class = $_REQUEST['class'];
382: 	else
383: 		$class = "";
384: 	
385: 	// Request of required class
386: 	$req = $DESK->RequestManager->CreateById($class);
387: 	
388: 	// Assignment of request: TODO permissions for this!
389: 	$team=0;
390: 	$user="";
391: 	
392: 	if (isset($_REQUEST['assign']))
393: 	{
394: 		if (is_numeric($assign)) // just a team
395: 			$team = $assign;
396: 		else
397: 		{
398: 			$parts = explode("/",$assign);
399: 			$team = $parts[0];
400: 			if (isset($parts[1]))
401: 				$user=$parts[1];
402: 		}
403: 	}
404: 	
405: 	$id = $req->Create($_REQUEST['customer'], $_REQUEST['update'], $class, $_REQUEST['status'], $_REQUEST['priority'], 
406: 		$team, $user);
407: 	
408: 	$xml = new xmlCreate();
409: 	$xml->charElement("request", $id);
410: 	echo $xml->getXML(true);
411: 	exit();
412: }
413: 
414: else if ($_REQUEST['mode'] == 'permission_save')
415: {
416: 	if (!$DESK->ContextManager->Permission("user_admin"))
417: 	{
418: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
419: 		echo $error->XML(true);
420: 		exit();
421: 	}
422: 	
423: 	if ($_REQUEST['type'] == "user")
424: 	{
425: 		$type="user";
426: 		$usergroupid=$_REQUEST['username'];
427: 	}
428: 	else if ($_REQUEST['type'] == "group")
429: 	{
430: 		$type="group";
431: 		$usergroupid=$_REQUEST['groupid'];
432: 	}
433: 	else
434: 	{
435: 		$error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
436: 		echo $error->XML(true);
437: 		exit();
438: 	}
439: 	
440: 	$q="DELETE FROM ".$DESK->Database->Table("permissions")." WHERE ";
441: 	$q.=$DESK->Database->Field("permissiontype")."=".$DESK->Database->SafeQuote($type)." AND ";
442: 	$q.=$DESK->Database->Field("usergroupid")."=".$DESK->Database->SafeQuote($usergroupid);
443: 	
444: 	$DESK->Database->Query($q);
445: 	
446: 	$perms = $DESK->PermissionManager->PermissionList();
447: 	
448: 	foreach($perms as $perm => $def)
449: 	{
450: 		$htmlperm = str_replace(".","#",$perm);
451: 		if (isset($_REQUEST[$htmlperm]))
452: 		{
453: 			$DESK->LoggingEngine->Log($perm,$_REQUEST[$htmlperm],"hi");
454: 			$val=-1;
455: 			if ($_REQUEST[$htmlperm] == "1")
456: 				$val=1;
457: 			else if ($_REQUEST[$htmlperm] == "0")
458: 				$val=0;
459: 			
460: 			if ($val==1 || $val==0)
461: 			{
462: 				$q="INSERT INTO ".$DESK->Database->Table("permissions")."(";
463: 				$q.=$DESK->Database->Field("permissiontype").",".$DESK->Database->Field("permission").",";
464: 				$q.=$DESK->Database->Field("usergroupid").",".$DESK->Database->Field("allowed").") VALUES(";
465: 				$q.=$DESK->Database->SafeQuote($type).",".$DESK->Database->SafeQuote($perm).",";
466: 				$q.=$DESK->Database->SafeQuote($usergroupid).",".$DESK->Database->Safe($val).")";
467: 				
468: 				$DESK->Database->Query($q);
469: 			}
470: 		}
471: 	}
472: 	
473: 	
474: 	$xml = new xmlCreate();
475: 	$xml->charElement("operation","1");
476: 	echo $xml->getXML(true);
477: 	exit();
478: }
479: 
480: else if ($_REQUEST['mode'] == "create_user")
481: {
482: 	if (!$DESK->ContextManager->Permission("user_admin"))
483: 	{
484: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
485: 		echo $error->XML(true);
486: 		exit();
487: 	}
488: 
489: 	if ($_REQUEST['username'] != "")
490: 	{
491: 		$q="INSERT INTO ".$DESK->Database->Table("user")."(".$DESK->Database->Field("username").") VALUES(";
492: 		$q.=$DESK->Database->SafeQuote($_REQUEST['username']).")";
493: 		$DESK->Database->Query($q);
494: 	}
495: 	$xml = new xmlCreate();
496: 	$xml->charElement("operation","1");
497: 	echo $xml->getXML(true);
498: 	exit();	
499: }
500: 
501: else if ($_REQUEST['mode'] == "delete_user")
502: {
503: 	// TODO: Delete related data e.g. perms, links and reassign requests
504: 	if (!$DESK->ContextManager->Permission("user_admin"))
505: 	{
506: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
507: 		echo $error->XML(true);
508: 		exit();
509: 	}
510: 
511: 	if ($_REQUEST['username'] != "")
512: 	{
513: 		$q="DELETE FROM ".$DESK->Database->Table("user")." WHERE ";
514: 		$q.=$DESK->Database->Field("username")."=".$DESK->Database->SafeQuote($_REQUEST['username']);
515: 		$DESK->Database->Query($q);
516: 	}
517: 	$xml = new xmlCreate();
518: 	$xml->charElement("operation","1");
519: 	echo $xml->getXML(true);
520: 	exit();	
521: }
522: 
523: else if ($_REQUEST['mode'] == "permgroup_delete")
524: {
525: 	$id=$_REQUEST['permgroupid'];
526: 	if (!$DESK->ContextManager->Permission("user_admin"))
527: 	{
528: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
529: 		echo $error->XML(true);
530: 		exit();
531: 	}
532: 	
533: 	$DESK->PermissionManager->DeleteGroup($id);
534: 	
535: 	$xml = new xmlCreate();
536: 	$xml->charElement("operation","1");
537: 	echo $xml->getXML(true);
538: 	exit();	
539: }
540: 
541: else if ($_REQUEST['mode'] == "permgroup_create")
542: {
543: 	$name=$_REQUEST['groupname'];
544: 	if (!$DESK->ContextManager->Permission("user_admin"))
545: 	{
546: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
547: 		echo $error->XML(true);
548: 		exit();
549: 	}
550: 	
551: 	$DESK->PermissionManager->CreateGroup($name);
552: 	
553: 	$xml = new xmlCreate();
554: 	$xml->charElement("operation","1");
555: 	echo $xml->getXML(true);
556: 	exit();	
557: }
558: 
559: else if ($_REQUEST['mode'] == "team_create")
560: {
561: 	$name=$_REQUEST['teamname'];
562: 	if (!$DESK->ContextManager->Permission("user_admin"))
563: 	{
564: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
565: 		echo $error->XML(true);
566: 		exit();
567: 	}
568: 	
569: 	$DESK->RequestManager->CreateTeam($name);
570: 	
571: 	$xml = new xmlCreate();
572: 	$xml->charElement("operation","1");
573: 	echo $xml->getXML(true);
574: 	exit();	
575: }
576: 
577: else if ($_REQUEST['mode'] == "team_update")
578: {
579: 	$name=$_REQUEST['teamname'];
580: 	$id=$_REQUEST['id'];
581: 	if (!$DESK->ContextManager->Permission("user_admin"))
582: 	{
583: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
584: 		echo $error->XML(true);
585: 		exit();
586: 	}
587: 	
588: 	$DESK->RequestManager->UpdateTeam($id,$name);
589: 	
590: 	$xml = new xmlCreate();
591: 	$xml->charElement("operation","1");
592: 	echo $xml->getXML(true);
593: 	exit();	
594: }
595: 
596: else if ($_REQUEST['mode'] == "team_delete")
597: {
598: 	$id=$_REQUEST['id'];
599: 	if (!$DESK->ContextManager->Permission("user_admin"))
600: 	{
601: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
602: 		echo $error->XML(true);
603: 		exit();
604: 	}
605: 	
606: 	$DESK->RequestManager->DeleteTeam($id);
607: 	
608: 	$xml = new xmlCreate();
609: 	$xml->charElement("operation","1");
610: 	echo $xml->getXML(true);
611: 	exit();	
612: }
613: 
614: else if ($_REQUEST['mode'] == "status_create")
615: {
616: 	$name=$_REQUEST['name'];
617: 	if (!$DESK->ContextManager->Permission("user_admin"))
618: 	{
619: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
620: 		echo $error->XML(true);
621: 		exit();
622: 	}
623: 	
624: 	$DESK->RequestManager->CreateStatus($name);
625: 	
626: 	$xml = new xmlCreate();
627: 	$xml->charElement("operation","1");
628: 	echo $xml->getXML(true);
629: 	exit();	
630: }
631: 
632: else if ($_REQUEST['mode'] == "status_delete")
633: {
634: 	$id=$_REQUEST['id'];
635: 	if (!$DESK->ContextManager->Permission("user_admin"))
636: 	{
637: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
638: 		echo $error->XML(true);
639: 		exit();
640: 	}
641: 	
642: 	$DESK->RequestManager->DeleteStatus($id);
643: 	
644: 	$xml = new xmlCreate();
645: 	$xml->charElement("operation","1");
646: 	echo $xml->getXML(true);
647: 	exit();	
648: }
649: 
650: else if ($_REQUEST['mode'] == "status_update")
651: {
652: 	$id=$_REQUEST['id'];
653: 	$name=$_REQUEST['name'];
654: 	if (!$DESK->ContextManager->Permission("user_admin"))
655: 	{
656: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
657: 		echo $error->XML(true);
658: 		exit();
659: 	}
660: 	
661: 	$DESK->RequestManager->UpdateStatus($id,$name);
662: 	
663: 	$xml = new xmlCreate();
664: 	$xml->charElement("operation","1");
665: 	echo $xml->getXML(true);
666: 	exit();	
667: }
668: 
669: else if ($_REQUEST['mode'] == "plugin_install")
670: {
671: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
672: 	{
673: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
674: 		echo $error->XML(true);
675: 		exit();
676: 	}
677: 	
678: 	$plugin=$_REQUEST['plugin'];
679: 	
680: 	$DESK->PluginManager->InstallPIM($plugin);
681: 	
682: 	$xml = new xmlCreate();
683: 	$xml->charElement("operation","1");
684: 	echo $xml->getXML(true);
685: 	exit();
686: }
687: 
688: else if ($_REQUEST['mode'] == "plugin_activate")
689: {
690: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
691: 	{
692: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
693: 		echo $error->XML(true);
694: 		exit();
695: 	}
696: 	
697: 	$id=$_REQUEST['id'];
698: 	
699: 	$DESK->PluginManager->ActivatePIM($id, true);
700: 	
701: 	$xml = new xmlCreate();
702: 	$xml->charElement("operation","1");
703: 	echo $xml->getXML(true);
704: 	exit();
705: }
706: 
707: else if ($_REQUEST['mode'] == "plugin_deactivate")
708: {
709: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
710: 	{
711: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
712: 		echo $error->XML(true);
713: 		exit();
714: 	}
715: 	
716: 	$id=$_REQUEST['id'];
717: 	
718: 	$DESK->PluginManager->ActivatePIM($id, false);
719: 	
720: 	$xml = new xmlCreate();
721: 	$xml->charElement("operation","1");
722: 	echo $xml->getXML(true);
723: 	exit();
724: }
725: 
726: else if ($_REQUEST['mode'] == "plugin_uninstall")
727: {
728: 	if (!$DESK->ContextManager->Permission("sysadmin_plugins"))
729: 	{
730: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
731: 		echo $error->XML(true);
732: 		exit();
733: 	}
734: 	
735: 	$id=$_REQUEST['id'];
736: 	
737: 	$DESK->PluginManager->UninstallPIM($id);
738: 	
739: 	$xml = new xmlCreate();
740: 	$xml->charElement("operation","1");
741: 	echo $xml->getXML(true);
742: 	exit();
743: }
744: 
745: else if ($_REQUEST['mode'] == "sysvar_save")
746: {
747: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
748: 	{
749: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
750: 		echo $error->XML(true);
751: 		exit();
752: 	}
753: 	
754: 	$id = $_REQUEST['id'];
755: 	$value = $_REQUEST['value'];
756: 	
757: 	$DESK->Configuration->Set($id, $value, true);
758: 	
759: 	$xml = new xmlCreate();
760: 	$xml->charElement("operation","1");
761: 	echo $xml->getXML(true);
762: 	exit();
763: }
764: 
765: else if ($_REQUEST['mode'] == "sysvar_create")
766: {
767: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
768: 	{
769: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
770: 		echo $error->XML(true);
771: 		exit();
772: 	}
773: 	
774: 	$id = $_REQUEST['id'];
775: 	$value = $_REQUEST['value'];
776: 	
777: 	$DESK->Configuration->Set($id, $value, true);
778: 	
779: 	$xml = new xmlCreate();
780: 	$xml->charElement("operation","1");
781: 	echo $xml->getXML(true);
782: 	exit();
783: }
784: 
785: else if ($_REQUEST['mode'] == "sysvar_delete")
786: {
787: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
788: 	{
789: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
790: 		echo $error->XML(true);
791: 		exit();
792: 	}
793: 	
794: 	$id = $_REQUEST['id'];
795: 	$value = $_REQUEST['value'];
796: 	
797: 	$DESK->Configuration->Delete($id);
798: 	
799: 	$xml = new xmlCreate();
800: 	$xml->charElement("operation","1");
801: 	echo $xml->getXML(true);
802: 	exit();
803: }
804: 
805: else if ($_REQUEST['mode'] == "reqclass_save")
806: {
807: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
808: 	{
809: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
810: 		echo $error->XML(true);
811: 		exit();
812: 	}
813: 	
814: 	$id = $_REQUEST['id'];
815: 	$classname = isset($_REQUEST['classname']) ? $_REQUEST['classname'] : "";
816: 	$classclass = isset($_REQUEST['classclass']) ? $_REQUEST['classclass'] : "";
817: 	
818: 	$DESK->RequestManager->SaveRequestClass($classname, $classclass, $id);
819: 	
820: 	$xml = new xmlCreate();
821: 	$xml->charElement("operation","1");
822: 	echo $xml->getXML(true);
823: 	exit();
824: }
825: 
826: else if ($_REQUEST['mode'] == "reqclass_create")
827: {
828: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
829: 	{
830: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
831: 		echo $error->XML(true);
832: 		exit();
833: 	}
834: 	
835: 	$classname = isset($_REQUEST['classname']) ? $_REQUEST['classname'] : "";
836: 	$classclass = isset($_REQUEST['classclass']) ? $_REQUEST['classclass'] : "";
837: 	
838: 	$DESK->RequestManager->SaveRequestClass($classname, $classclass);
839: 	
840: 	$xml = new xmlCreate();
841: 	$xml->charElement("operation","1");
842: 	echo $xml->getXML(true);
843: 	exit();
844: }
845: 
846: else if ($_REQUEST['mode'] == "reqclass_delete")
847: {
848: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
849: 	{
850: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
851: 		echo $error->XML(true);
852: 		exit();
853: 	}
854: 	
855: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
856: 	
857: 	$DESK->RequestManager->DeleteRequestClass($id);
858: 	
859: 	$xml = new xmlCreate();
860: 	$xml->charElement("operation","1");
861: 	echo $xml->getXML(true);
862: 	exit();
863: }
864: 
865: else if ($_REQUEST['mode'] == "priority_save" || $_REQUEST['mode'] == "priority_create")
866: {
867: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
868: 	{
869: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
870: 		echo $error->XML(true);
871: 		exit();
872: 	}
873: 	
874: 	// name SLA schedule [id]
875: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
876: 	$name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
877: 	$sla = isset($_REQUEST['sla']) ? $_REQUEST['sla'] : 0;
878: 	$schedule = isset($_REQUEST['schedule']) ? $_REQUEST['schedule'] : 0;
879: 	
880: 	$DESK->RequestManager->SavePriority($name, $sla, $schedule, $id);
881: 	
882: 	$xml = new xmlCreate();
883: 	$xml->charElement("operation","1");
884: 	echo $xml->getXML(true);
885: 	exit();
886: }
887: 
888: else if ($_REQUEST['mode'] == "priority_delete")
889: {
890: 	if (!$DESK->ContextManager->Permission("sysadmin_advanced"))
891: 	{
892: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
893: 		echo $error->XML(true);
894: 		exit();
895: 	}
896: 	
897: 	
898: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
899: 	
900: 	$DESK->RequestManager->DeletePriority($id);
901: 	
902: 	$xml = new xmlCreate();
903: 	$xml->charElement("operation","1");
904: 	echo $xml->getXML(true);
905: 	exit();
906: }
907: 
908: else if ($_REQUEST['mode'] == "email_create")
909: {
910: 	if (!$DESK->ContextManager->Permission("email_accounts"))
911: 	{
912: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
913: 		echo $error->XML(true);
914: 		exit();
915: 	}
916: 	
917: 	
918: 	$name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
919: 	
920: 	$DESK->Email->SaveAccount($name, "", "", "", 50, 0, "", "", "");
921: 	
922: 	$xml = new xmlCreate();
923: 	$xml->charElement("operation","1");
924: 	echo $xml->getXML(true);
925: 	exit();
926: }
927: 
928: else if ($_REQUEST['mode'] == "email_delete")
929: {
930: 	if (!$DESK->ContextManager->Permission("email_accounts"))
931: 	{
932: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
933: 		echo $error->XML(true);
934: 		exit();
935: 	}
936: 	
937: 	
938: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
939: 	
940: 	$DESK->Email->DeleteAccount($id);
941: 	
942: 	$xml = new xmlCreate();
943: 	$xml->charElement("operation","1");
944: 	echo $xml->getXML(true);
945: 	exit();
946: }
947: 
948: else if ($_REQUEST['mode'] == "email_save")
949: {
950: 	if (!$DESK->ContextManager->Permission("email_accounts"))
951: 	{
952: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
953: 		echo $error->XML(true);
954: 		exit();
955: 	}
956: 	
957: 	
958: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
959: 	$name = isset($_REQUEST['name']) ? $_REQUEST['name'] : "";
960: 	$host = isset($_REQUEST['host']) ? $_REQUEST['host'] : "";
961: 	$from = isset($_REQUEST['from']) ? $_REQUEST['from'] : "";
962: 	$fromname = isset($_REQUEST['fromname']) ? $_REQUEST['fromname'] : "";
963: 	$wordwrap = isset($_REQUEST['wordwrap']) ? $_REQUEST['wordwrap'] : 0;
964: 	$auth = isset($_REQUEST['auth']) ? $_REQUEST['auth'] : 0;
965: 	$username = isset($_REQUEST['username']) ? $_REQUEST['username'] : "";
966: 	$password = isset($_REQUEST['password']) ? $_REQUEST['password'] : "";
967: 	$smtpsec = isset($_REQUEST['smtpsec']) ? $_REQUEST['smtpsec'] : "";
968: 	
969: 	$DESK->Email->SaveAccount($name, $host, $from, $fromname, $wordwrap, $auth, $username, $password, $smtpsec, $id);
970: 	
971: 	$xml = new xmlCreate();
972: 	$xml->charElement("operation","1");
973: 	echo $xml->getXML(true);
974: 	exit();
975: }
976: 
977: else if ($_REQUEST['mode'] == "email_test")
978: {
979: 	if (!$DESK->ContextManager->Permission("email_accounts"))
980: 	{
981: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
982: 		echo $error->XML(true);
983: 		exit();
984: 	}
985: 	
986: 	
987: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
988: 	$to = isset($_REQUEST['to']) ? $_REQUEST['to'] : "";
989: 	
990: 	$res = $DESK->Email->Send($id, $to, "FreeDESK Test", "FreeDESK Test Mail");
991: 	
992: 	if ($res)
993: 	{
994: 		$xml = new xmlCreate();
995: 		$xml->charElement("operation","1");
996: 		echo $xml->getXML(true);
997: 		exit();
998: 	}
999: 	else
1000: 	{
1001: 		$error = new FreeDESK_Error(ErrorCode::OperationFailed, "Operation Failed");
1002: 		echo $error->XML(true);
1003: 		exit();
1004: 	}
1005: }
1006: 
1007: else if ($_REQUEST['mode'] == "email_send")
1008: {
1009: 	// Just standard auth required
1010: 	
1011: 	
1012: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : 0;
1013: 	$to = isset($_REQUEST['to']) ? $_REQUEST['to'] : "";
1014: 	$subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : "";
1015: 	$body = isset($_REQUEST['body']) ? $_REQUEST['body'] : "";
1016: 	
1017: 	$res = $DESK->Email->Send($id, $to, $subject, $body);
1018: 	
1019: 	if ($res)
1020: 	{
1021: 		$xml = new xmlCreate();
1022: 		$xml->charElement("operation","1");
1023: 		echo $xml->getXML(true);
1024: 		exit();
1025: 	}
1026: 	else
1027: 	{
1028: 		$error = new FreeDESK_Error(ErrorCode::OperationFailed, "Operation Failed");
1029: 		echo $error->XML(true);
1030: 		exit();
1031: 	}
1032: }
1033: 
1034: else if ($_REQUEST['mode'] == "template_save")
1035: {
1036: 	if (!$DESK->ContextManager->Permission("email_templates"))
1037: 	{
1038: 		$error = new FreeDESK_Error(ErrorCode::Forbidden, "Permission Denied");
1039: 		echo $error->XML(true);
1040: 		exit();
1041: 	}
1042: 	
1043: 	
1044: 	$id = isset($_REQUEST['id']) ? $_REQUEST['id'] : "";
1045: 	$subject = isset($_REQUEST['subject']) ? $_REQUEST['subject'] : "";
1046: 	$body = isset($_REQUEST['body']) ? $_REQUEST['body'] : "";
1047: 	
1048: 	$DESK->Email->SaveTemplate($id, $subject, $body);
1049: 	
1050: 	$xml = new xmlCreate();
1051: 	$xml->charElement("operation","1");
1052: 	echo $xml->getXML(true);
1053: 	exit();
1054: 	
1055: }
1056: 
1057: if ($DESK->PluginManager->API($_REQUEST['mode']))
1058: 	exit();
1059: 
1060: $error = new FreeDESK_Error(ErrorCode::UnknownMode, "Unknown Mode ".$_REQUEST['mode']);
1061: echo $error->XML(true);
1062: exit();
1063: 
1064: ?>
1065: