Mibew/design
1
0
Fork 0
mirror of https://github.com/Mibew/design.git synced 2025-01-22 18:10:33 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

format code in operator/

Browse Source
This commit is contained in:
Evgeny Gryaznov 2011-02-26 15:06:19 +01:00
parent a90594235a
commit 0c58691731
29 changed files with 648 additions and 624 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/messenger/webim/operator/agent.php
View File

@ -29,47 +29,47 @@ require_once('../libs/expand.php');
$operator = check_login();
loadsettings();
if($settings['enablessl'] == "1" && $settings['forcessl'] == "1") {
if(!is_secure_request()) {
if ($settings['enablessl'] == "1" && $settings['forcessl'] == "1") {
if (!is_secure_request()) {
$requested = $_SERVER['PHP_SELF'];
if($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['QUERY_STRING']) {
header("Location: ".get_app_location(true,true)."/operator/agent.php?".$_SERVER['QUERY_STRING']);
if ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['QUERY_STRING']) {
header("Location: " . get_app_location(true, true) . "/operator/agent.php?" . $_SERVER['QUERY_STRING']);
} else {
die("only https connections are handled");
}
}
exit;
}
}
$threadid = verifyparam( "thread", "/^\d{1,8}$/");
$threadid = verifyparam("thread", "/^\d{1,8}$/");
if( !isset($_GET['token']) ) {
if (!isset($_GET['token'])) {
$remote_level = get_remote_level($_SERVER['HTTP_USER_AGENT']);
if( $remote_level != "ajaxed" ) {
if ($remote_level != "ajaxed") {
die("old browser is used, please update it");
}
$thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) ) {
if (!$thread || !isset($thread['ltoken'])) {
die("wrong thread");
}
$viewonly = verifyparam( "viewonly", "/^true$/", false);
$viewonly = verifyparam("viewonly", "/^true$/", false);
$forcetake = verifyparam("force", "/^true$/", false);
if( !$viewonly && $thread['istate'] == $state_chatting && $operator['operatorid'] != $thread['agentId'] ) {
if (!$viewonly && $thread['istate'] == $state_chatting && $operator['operatorid'] != $thread['agentId']) {
if(!is_capable($can_takeover, $operator)) {
if (!is_capable($can_takeover, $operator)) {
$errors = array("Cannot take over");
start_html_output();
expand("../styles", getchatstyle(), "error.tpl");
exit;
}
if( $forcetake == false ) {
if ($forcetake == false) {
$page = array(
'user' => topage($thread['userName']), 'agent' => topage($thread['agentName']), 'link' => $_SERVER['PHP_SELF']."?thread=$threadid&force=true"
'user' => topage($thread['userName']), 'agent' => topage($thread['agentName']), 'link' => $_SERVER['PHP_SELF'] . "?thread=$threadid&force=true"
);
start_html_output();
require('../view/confirm.php');
@ -78,8 +78,8 @@ if( !isset($_GET['token']) ) {
}
if (!$viewonly) {
take_thread($thread,$operator);
} else if(!is_capable($can_viewthreads, $operator)) {
take_thread($thread, $operator);
} else if (!is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads");
start_html_output();
expand("../styles", getchatstyle(), "error.tpl");
@ -91,14 +91,14 @@ if( !isset($_GET['token']) ) {
exit;
}
$token = verifyparam( "token", "/^\d{1,8}$/");
$token = verifyparam("token", "/^\d{1,8}$/");
$thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) || $token != $thread['ltoken'] ) {
if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread");
}
if($thread['agentId'] != $operator['operatorid'] && !is_capable($can_viewthreads, $operator)) {
if ($thread['agentId'] != $operator['operatorid'] && !is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads");
start_html_output();
expand("../styles", getchatstyle(), "error.tpl");
@ -109,9 +109,9 @@ setup_chatview_for_operator($thread, $operator);
start_html_output();
$pparam = verifyparam( "act", "/^(redirect)$/", "default");
if( $pparam == "redirect" ) {
setup_redirect_links($threadid,$token);
$pparam = verifyparam("act", "/^(redirect)$/", "default");
if ($pparam == "redirect") {
setup_redirect_links($threadid, $token);
expand("../styles", getchatstyle(), "redirect.tpl");
} else {
expand("../styles", getchatstyle(), "chat.tpl");

2
src/messenger/webim/operator/autologin.php
View File

@ -25,7 +25,7 @@ require_once('../libs/operator.php');
$operator = check_login(false);
start_xml_output();
if($operator) {
if ($operator) {
echo "<login><status>OK</status></login>";
} else {
echo "<login><status>FAILED</status></login>";

76
src/messenger/webim/operator/avatar.php
View File

@ -25,57 +25,57 @@ require_once('../libs/operator_settings.php');
$operator = check_login();
$opId = verifyparam( "op","/^\d{1,9}$/");
$opId = verifyparam("op", "/^\d{1,9}$/");
$page = array('opid' => $opId, 'avatar' => '');
$errors = array();
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$op = operator_by_id($opId);
if( !$op ) {
if (!$op) {
$errors[] = getlocal("no_such_operator");
} else if( isset($_POST['op']) ) {
} else if (isset($_POST['op'])) {
$avatar = $op['vcavatar'];
if(!$canmodify) {
if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify');
} else if( isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) {
$valid_types = array("gif","jpg", "png", "tif");
} else if (isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) {
$valid_types = array("gif", "jpg", "png", "tif");
$orig_filename = $_FILES['avatarFile']['name'];
$tmp_file_name = $_FILES['avatarFile']['tmp_name'];
$orig_filename = $_FILES['avatarFile']['name'];
$tmp_file_name = $_FILES['avatarFile']['tmp_name'];
$ext = strtolower(substr($orig_filename, 1 + strrpos($orig_filename, ".")));
$new_file_name = "$opId.$ext";
loadsettings();
$ext = strtolower(substr($orig_filename, 1 + strrpos($orig_filename, ".")));
$new_file_name = "$opId.$ext";
loadsettings();
$file_size = $_FILES['avatarFile']['size'];
if ($file_size == 0 || $file_size > $settings['max_uploaded_file_size']) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.size.exceeded");
} elseif(!in_array($ext, $valid_types)) {
$errors[] = failed_uploading_file($orig_filename, "errors.invalid.file.type");
} else {
$avatar_local_dir = "../images/avatar/";
$full_file_path = $avatar_local_dir.$new_file_name;
if (file_exists($full_file_path)) {
unlink($full_file_path);
}
if (!move_uploaded_file($_FILES['avatarFile']['tmp_name'], $full_file_path)) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.move.error");
} else {
$avatar = "$webimroot/images/avatar/$new_file_name";
}
}
} else {
$errors[] = "No file selected";
}
$file_size = $_FILES['avatarFile']['size'];
if ($file_size == 0 || $file_size > $settings['max_uploaded_file_size']) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.size.exceeded");
} elseif (!in_array($ext, $valid_types)) {
$errors[] = failed_uploading_file($orig_filename, "errors.invalid.file.type");
} else {
$avatar_local_dir = "../images/avatar/";
$full_file_path = $avatar_local_dir . $new_file_name;
if (file_exists($full_file_path)) {
unlink($full_file_path);
}
if (!move_uploaded_file($_FILES['avatarFile']['tmp_name'], $full_file_path)) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.move.error");
} else {
$avatar = "$webimroot/images/avatar/$new_file_name";
}
}
} else {
$errors[] = "No file selected";
}
if(count($errors) == 0) {
update_operator_avatar($op['operatorid'],$avatar);
if (count($errors) == 0) {
update_operator_avatar($op['operatorid'], $avatar);
if ($opId && $avatar && $_SESSION["${mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
$_SESSION["${mysqlprefix}operator"]['vcavatar'] = $avatar;
@ -88,18 +88,18 @@ if( !$op ) {
} else {
if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) {
update_operator_avatar($op['operatorid'],'');
update_operator_avatar($op['operatorid'], '');
header("Location: $webimroot/operator/avatar.php?op=$opId");
exit;
}
$page['avatar'] = topage($op['vcavatar']);
}
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-";
$page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
$page['canmodify'] = $canmodify ? "1" : "";
prepare_menu($operator);
setup_operator_settings_tabs($opId,1);
setup_operator_settings_tabs($opId, 1);
start_html_output();
require('../view/avatar.php');
?>

52
src/messenger/webim/operator/ban.php
View File

@ -31,55 +31,55 @@ $page['thread'] = '';
$page['threadid'] = '';
$errors = array();
if( isset($_POST['address']) ) {
$banId = verifyparam( "banId", "/^(\d{1,9})?$/", "");
if (isset($_POST['address'])) {
$banId = verifyparam("banId", "/^(\d{1,9})?$/", "");
$address = getparam("address");
$days = getparam("days");
$comment = getparam('comment');
$threadid = isset($_POST['threadid']) ? getparam('threadid') : "";
if( !$address ) {
if (!$address) {
$errors[] = no_field("form.field.address");
}
if( !preg_match( "/^\d+$/", $days )) {
if (!preg_match("/^\d+$/", $days)) {
$errors[] = wrong_field("form.field.ban_days");
}
if( !$comment ) {
if (!$comment) {
$errors[] = no_field("form.field.ban_comment");
}
$link = connect();
$existing_ban = ban_for_addr_($address,$link);
$existing_ban = ban_for_addr_($address, $link);
mysql_close($link);
if( (!$banId && $existing_ban) ||
( $banId && $existing_ban && $banId != $existing_ban['banid']) ) {
$errors[] = getlocal2("ban.error.duplicate",array($address,$existing_ban['banid']));
if ((!$banId && $existing_ban) ||
($banId && $existing_ban && $banId != $existing_ban['banid'])) {
$errors[] = getlocal2("ban.error.duplicate", array($address, $existing_ban['banid']));
}
if( count($errors) == 0 ) {
if (count($errors) == 0) {
$link = connect();
$utime = time() + $days * 24*60*60;
$utime = time() + $days * 24 * 60 * 60;
if (!$banId) {
$query = sprintf(
"insert into ${mysqlprefix}chatban (dtmcreated,dtmtill,address,comment) values (CURRENT_TIMESTAMP,%s,'%s','%s')",
"FROM_UNIXTIME($utime)",
mysql_real_escape_string($address,$link),
mysql_real_escape_string($comment,$link));
perform_query($query,$link);
mysql_real_escape_string($address, $link),
mysql_real_escape_string($comment, $link));
perform_query($query, $link);
} else {
$query = sprintf(
"update ${mysqlprefix}chatban set dtmtill = %s,address = '%s',comment = '%s' where banid = $banId",
"FROM_UNIXTIME($utime)",
mysql_real_escape_string($address,$link),
mysql_real_escape_string($comment,$link));
perform_query($query,$link);
}
mysql_real_escape_string($address, $link),
mysql_real_escape_string($comment, $link));
perform_query($query, $link);
}
mysql_close($link);
if(!$threadid) {
if (!$threadid) {
header("Location: $webimroot/operator/blocked.php");
exit;
} else {
@ -93,24 +93,24 @@ if( isset($_POST['address']) ) {
$page['formcomment'] = topage($comment);
$page['threadid'] = $threadid;
}
} else if(isset($_GET['id'])) {
$banId = verifyparam( 'id', "/^\d{1,9}$/");
} else if (isset($_GET['id'])) {
$banId = verifyparam('id', "/^\d{1,9}$/");
$link = connect();
$ban = select_one_row("select banid,(unix_timestamp(dtmtill)-unix_timestamp(CURRENT_TIMESTAMP)) as days,address,comment from ${mysqlprefix}chatban where banid = $banId", $link);
mysql_close($link);
if( $ban ) {
if ($ban) {
$page['banId'] = topage($ban['banid']);
$page['formaddress'] = topage($ban['address']);
$page['formdays'] = topage(round($ban['days']/86400));
$page['formdays'] = topage(round($ban['days'] / 86400));
$page['formcomment'] = topage($ban['comment']);
} else {
$errors[] = "Wrong id";
}
} else if(isset($_GET['thread'])) {
$threadid = verifyparam( 'thread', "/^\d{1,9}$/");
} else if (isset($_GET['thread'])) {
$threadid = verifyparam('thread', "/^\d{1,9}$/");
$thread = thread_by_id($threadid);
if( $thread ) {
if ($thread) {
$page['thread'] = topage($thread['userName']);
$page['threadid'] = $threadid;
$page['formaddress'] = topage($thread['remote']);

10
src/messenger/webim/operator/blocked.php
View File

@ -32,22 +32,22 @@ setlocale(LC_TIME, getstring("time.locale"));
$link = connect();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
if (isset($_GET['act']) && $_GET['act'] == 'del') {
$banId = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $banId )) {
if (!preg_match("/^\d+$/", $banId)) {
$errors[] = "Cannot delete: wrong argument";
}
if( count($errors) == 0 ) {
perform_query("delete from ${mysqlprefix}chatban where banid = $banId",$link);
if (count($errors) == 0) {
perform_query("delete from ${mysqlprefix}chatban where banid = $banId", $link);
header("Location: $webimroot/operator/blocked.php");
exit;
}
}
$result = mysql_query("select banid,unix_timestamp(dtmtill) as till,address,comment from ${mysqlprefix}chatban", $link)
or die(' Query failed: ' .mysql_error($link));
or die(' Query failed: ' . mysql_error($link));
$blockedList = array();
while ($ban = mysql_fetch_array($result, MYSQL_ASSOC)) {

59
src/messenger/webim/operator/canned.php
View File

@ -31,33 +31,34 @@ loadsettings();
$errors = array();
$page = array();
function load_canned_messages($locale, $groupid) {
global $mysqlprefix;
function load_canned_messages($locale, $groupid)
{
global $mysqlprefix;
$link = connect();
$query = "select id, vcvalue from ${mysqlprefix}chatresponses ".
"where locale = '".$locale."' AND (".
($groupid
? "groupid = $groupid"
: "groupid is NULL OR groupid = 0").
$query = "select id, vcvalue from ${mysqlprefix}chatresponses " .
"where locale = '" . $locale . "' AND (" .
($groupid
? "groupid = $groupid"
: "groupid is NULL OR groupid = 0") .
") order by vcvalue";
$result = select_multi_assoc($query, $link);
if(!$groupid && count($result) == 0) {
foreach(explode("\n", getstring_('chat.predefined_answers', $locale)) as $answer) {
if (!$groupid && count($result) == 0) {
foreach (explode("\n", getstring_('chat.predefined_answers', $locale)) as $answer) {
$result[] = array('id' => '', 'vcvalue' => $answer);
}
if(count($result) > 0) {
if (count($result) > 0) {
$updatequery = "insert into ${mysqlprefix}chatresponses (vcvalue,locale,groupid) values ";
for($i=0;$i<count($result);$i++) {
if($i > 0) {
for ($i = 0; $i < count($result); $i++) {
if ($i > 0) {
$updatequery .= ", ";
}
$updatequery .= "('".mysql_real_escape_string($result[$i]['vcvalue'], $link)."','$locale', NULL)";
$updatequery .= "('" . mysql_real_escape_string($result[$i]['vcvalue'], $link) . "','$locale', NULL)";
}
perform_query($updatequery, $link);
$result = select_multi_assoc($query, $link);
}
}
}
mysql_close($link);
return $result;
}
@ -66,24 +67,24 @@ function load_canned_messages($locale, $groupid) {
$all_locales = get_available_locales();
$locales_with_label = array();
foreach($all_locales as $id) {
$locales_with_label[] = array('id' => $id, 'name' => getlocal_($id,"names"));
foreach ($all_locales as $id) {
$locales_with_label[] = array('id' => $id, 'name' => getlocal_($id, "names"));
}
$page['locales'] = $locales_with_label;
$lang = verifyparam("lang", "/^[\w-]{2,5}$/", "");
if( !$lang || !in_array($lang,$all_locales) ) {
$lang = in_array($current_locale,$all_locales) ? $current_locale : $all_locales[0];
if (!$lang || !in_array($lang, $all_locales)) {
$lang = in_array($current_locale, $all_locales) ? $current_locale : $all_locales[0];
}
# groups
$groupid = "";
if($settings['enablegroups'] == '1') {
$groupid = verifyparam( "group", "/^\d{0,8}$/", "");
if($groupid) {
if ($settings['enablegroups'] == '1') {
$groupid = verifyparam("group", "/^\d{0,8}$/", "");
if ($groupid) {
$group = group_by_id($groupid);
if(!$group) {
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$groupid = "";
}
@ -94,23 +95,23 @@ if($settings['enablegroups'] == '1') {
mysql_close($link);
$page['groups'] = array();
$page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group"));
foreach($allgroups as $g) {
foreach ($allgroups as $g) {
$page['groups'][] = $g;
}
}
}
# delete
if(isset($_GET['act']) && $_GET['act'] == 'delete') {
if (isset($_GET['act']) && $_GET['act'] == 'delete') {
$key = isset($_GET['key']) ? $_GET['key'] : "";
if( !preg_match( "/^\d+$/", $key )) {
if (!preg_match("/^\d+$/", $key)) {
$errors[] = "Wrong key";
}
if( count($errors) == 0 ) {
if (count($errors) == 0) {
$link = connect();
perform_query("delete from ${mysqlprefix}chatresponses where id = $key",$link);
perform_query("delete from ${mysqlprefix}chatresponses where id = $key", $link);
mysql_close($link);
header("Location: $webimroot/operator/canned.php?lang=$lang&group=$groupid");
exit;

41
src/messenger/webim/operator/cannededit.php
View File

@ -23,28 +23,31 @@ require_once('../libs/common.php');
require_once('../libs/operator.php');
require_once('../libs/pagination.php');
function load_message($key) {
global $mysqlprefix;
function load_message($key)
{
global $mysqlprefix;
$link = connect();
$result = select_one_row("select vcvalue from ${mysqlprefix}chatresponses where id = $key", $link);
mysql_close($link);
return $result ? $result['vcvalue'] : null;
}
function save_message($key,$message) {
global $mysqlprefix;
function save_message($key, $message)
{
global $mysqlprefix;
$link = connect();
perform_query("update ${mysqlprefix}chatresponses set vcvalue = '".mysql_real_escape_string($message,$link)."' ".
"where id = $key", $link);
perform_query("update ${mysqlprefix}chatresponses set vcvalue = '" . mysql_real_escape_string($message, $link) . "' " .
"where id = $key", $link);
mysql_close($link);
}
function add_message($locale,$groupid,$message) {
global $mysqlprefix;
function add_message($locale, $groupid, $message)
{
global $mysqlprefix;
$link = connect();
perform_query("insert into ${mysqlprefix}chatresponses (locale,groupid,vcvalue) values ('$locale',".
($groupid ? "$groupid, " : "null, ").
"'".mysql_real_escape_string($message,$link)."')", $link);
perform_query("insert into ${mysqlprefix}chatresponses (locale,groupid,vcvalue) values ('$locale'," .
($groupid ? "$groupid, " : "null, ") .
"'" . mysql_real_escape_string($message, $link) . "')", $link);
mysql_close($link);
}
@ -56,9 +59,9 @@ $stringid = verifyparam("key", "/^\d{0,9}$/", "");
$errors = array();
$page = array();
if($stringid) {
if ($stringid) {
$message = load_message($stringid);
if(!$message) {
if (!$message) {
$errors[] = getlocal("cannededit.no_such");
$stringid = "";
}
@ -66,19 +69,19 @@ if($stringid) {
$message = "";
$page['locale'] = verifyparam("lang", "/^[\w-]{2,5}$/", "");
$page['groupid'] = "";
if($settings['enablegroups'] == '1') {
$page['groupid'] = verifyparam( "group", "/^\d{0,8}$/");
if ($settings['enablegroups'] == '1') {
$page['groupid'] = verifyparam("group", "/^\d{0,8}$/");
}
}
if(isset($_POST['message'])) {
if (isset($_POST['message'])) {
$message = getparam('message');
if(!$message) {
if (!$message) {
$errors[] = no_field("form.field.message");
}
if(count($errors) == 0) {
if($stringid) {
if (count($errors) == 0) {
if ($stringid) {
save_message($stringid, $message);
} else {
add_message($page['locale'], $page['groupid'], $message);

28
src/messenger/webim/operator/features.php
View File

@ -29,30 +29,30 @@ $page = array('agentId' => '');
$errors = array();
$options = array(
'enableban', 'usercanchangename', 'enablegroups', 'enablestatistics',
'enablessl', 'forcessl',
'enablepresurvey', 'surveyaskmail', 'surveyaskgroup', 'surveyaskmessage',
'enablepopupnotification', 'showonlineoperators',
'enablecaptcha');
'enableban', 'usercanchangename', 'enablegroups', 'enablestatistics',
'enablessl', 'forcessl',
'enablepresurvey', 'surveyaskmail', 'surveyaskgroup', 'surveyaskmessage',
'enablepopupnotification', 'showonlineoperators',
'enablecaptcha');
loadsettings();
if($settings['featuresversion'] != $featuresversion) {
if ($settings['featuresversion'] != $featuresversion) {
$settings['featuresversion'] = $featuresversion;
update_settings();
}
$params = array();
foreach($options as $opt) {
foreach ($options as $opt) {
$params[$opt] = $settings[$opt];
}
if (isset($_POST['sent'])) {
if (is_capable($can_administrate, $operator)) {
foreach($options as $opt) {
$settings[$opt] = verifyparam($opt,"/^on$/", "") == "on" ? "1" : "0";
foreach ($options as $opt) {
$settings[$opt] = verifyparam($opt, "/^on$/", "") == "on" ? "1" : "0";
}
update_settings();
header("Location: $webimroot/operator/features.php?stored");
exit;
update_settings();
header("Location: $webimroot/operator/features.php?stored");
exit;
} else {
$errors[] = "Not an administrator";
}
@ -60,8 +60,8 @@ if (isset($_POST['sent'])) {
$page['canmodify'] = is_capable($can_administrate, $operator);
$page['stored'] = isset($_GET['stored']);
foreach($options as $opt) {
$page["form$opt"] = $params[$opt] == "1";
foreach ($options as $opt) {
$page["form$opt"] = $params[$opt] == "1";
}
prepare_menu($operator);

63
src/messenger/webim/operator/getcode.php
View File

@ -23,20 +23,21 @@ require_once('../libs/common.php');
require_once('../libs/operator.php');
require_once('../libs/groups.php');
function generate_button($title,$locale,$style,$group,$inner,$showhost,$forcesecure,$modsecurity) {
$link = get_app_location($showhost,$forcesecure)."/client.php";
if($locale)
function generate_button($title, $locale, $style, $group, $inner, $showhost, $forcesecure, $modsecurity)
{
$link = get_app_location($showhost, $forcesecure) . "/client.php";
if ($locale)
$link = append_query($link, "locale=$locale");
if($style)
if ($style)
$link = append_query($link, "style=$style");
if($group)
if ($group)
$link = append_query($link, "group=$group");
$modsecfix = $modsecurity ? ".replace('http://','').replace('https://','')" : "";
$jslink = append_query("'".$link,"url='+escape(document.location.href$modsecfix)+'&amp;referrer='+escape(document.referrer$modsecfix)");
$jslink = append_query("'" . $link, "url='+escape(document.location.href$modsecfix)+'&amp;referrer='+escape(document.referrer$modsecfix)");
$temp = get_popup($link, "$jslink",
$inner, $title, "webim", "toolbar=0,scrollbars=0,location=0,status=1,menubar=0,width=640,height=480,resizable=1" );
return "<!-- webim button -->".$temp."<!-- / webim button -->";
$inner, $title, "webim", "toolbar=0,scrollbars=0,location=0,status=1,menubar=0,width=640,height=480,resizable=1");
return "<!-- webim button -->" . $temp . "<!-- / webim button -->";
}
$operator = check_login();
@ -44,14 +45,14 @@ loadsettings();
$imageLocales = array();
$allLocales = get_available_locales();
foreach($allLocales as $curr) {
foreach ($allLocales as $curr) {
$imagesDir = "../locales/$curr/button";
if($handle = @opendir($imagesDir)) {
if ($handle = @opendir($imagesDir)) {
while (false !== ($file = readdir($handle))) {
if (preg_match("/^(\w+)_on.gif$/", $file, $matches)
&& is_file("$imagesDir/".$matches[1]."_off.gif")) {
&& is_file("$imagesDir/" . $matches[1] . "_off.gif")) {
$image = $matches[1];
if( !isset($imageLocales[$image]) ) {
if (!isset($imageLocales[$image])) {
$imageLocales[$image] = array();
}
$imageLocales[$image][] = $curr;
@ -66,7 +67,7 @@ $image_locales = $imageLocales[$image];
$stylelist = array("" => getlocal("page.preview.style_default"));
$stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) {
if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[$file] = $file;
@ -75,56 +76,56 @@ if($handle = opendir($stylesfolder)) {
closedir($handle);
}
$style = verifyparam("style","/^\w*$/", "");
if($style && !in_array($style, $stylelist)) {
$style = verifyparam("style", "/^\w*$/", "");
if ($style && !in_array($style, $stylelist)) {
$style = "";
}
$groupid = "";
if($settings['enablegroups'] == '1') {
$groupid = verifyparam( "group", "/^\d{0,8}$/", "");
if($groupid) {
if ($settings['enablegroups'] == '1') {
$groupid = verifyparam("group", "/^\d{0,8}$/", "");
if ($groupid) {
$group = group_by_id($groupid);
if(!$group) {
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$groupid = "";
}
}
}
$showhost = verifyparam("hostname","/^on$/", "") == "on";
$forcesecure = verifyparam("secure","/^on$/", "") == "on";
$modsecurity = verifyparam("modsecurity","/^on$/", "") == "on";
$showhost = verifyparam("hostname", "/^on$/", "") == "on";
$forcesecure = verifyparam("secure", "/^on$/", "") == "on";
$modsecurity = verifyparam("modsecurity", "/^on$/", "") == "on";
$lang = verifyparam("lang", "/^[\w-]{2,5}$/", "");
if( !$lang || !in_array($lang,$image_locales) )
$lang = in_array($current_locale,$image_locales) ? $current_locale : $image_locales[0];
if (!$lang || !in_array($lang, $image_locales))
$lang = in_array($current_locale, $image_locales) ? $current_locale : $image_locales[0];
$file = "../locales/${lang}/button/${image}_on.gif";
$size = get_gifimage_size($file);
$imagehref = get_app_location($showhost,$forcesecure)."/b.php?i=$image&amp;lang=$lang";
if($groupid) {
$imagehref = get_app_location($showhost, $forcesecure) . "/b.php?i=$image&amp;lang=$lang";
if ($groupid) {
$imagehref .= "&amp;group=$groupid";
}
$message = get_image($imagehref,$size[0],$size[1]);
$message = get_image($imagehref, $size[0], $size[1]);
$page = array();
$page['buttonCode'] = generate_button("",$lang,$style,$groupid,$message,$showhost,$forcesecure,$modsecurity);
$page['buttonCode'] = generate_button("", $lang, $style, $groupid, $message, $showhost, $forcesecure, $modsecurity);
$page['availableImages'] = array_keys($imageLocales);
$page['availableLocales'] = $image_locales;
$page['availableStyles'] = $stylelist;
if($settings['enablegroups'] == '1') {
if ($settings['enablegroups'] == '1') {
$link = connect();
$allgroups = get_all_groups($link);
mysql_close($link);
$page['groups'] = array();
$page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group"));
foreach($allgroups as $g) {
foreach ($allgroups as $g) {
$page['groups'][] = $g;
}
}
}
$page['formgroup'] = $groupid;
$page['formstyle'] = $style;

61
src/messenger/webim/operator/group.php
View File

@ -29,35 +29,38 @@ $page = array('grid' => '');
$errors = array();
$groupid = '';
function group_by_name($name) {
global $mysqlprefix;
function group_by_name($name)
{
global $mysqlprefix;
$link = connect();
$group = select_one_row(
"select * from ${mysqlprefix}chatgroup where vclocalname = '".mysql_real_escape_string($name)."'", $link );
"select * from ${mysqlprefix}chatgroup where vclocalname = '" . mysql_real_escape_string($name) . "'", $link);
mysql_close($link);
return $group;
}
function create_group($name,$descr,$commonname,$commondescr) {
global $mysqlprefix;
function create_group($name, $descr, $commonname, $commondescr)
{
global $mysqlprefix;
$link = connect();
$query = sprintf(
"insert into ${mysqlprefix}chatgroup (vclocalname,vclocaldescription,vccommonname,vccommondescription) values ('%s','%s','%s','%s')",
mysql_real_escape_string($name),
mysql_real_escape_string($descr),
mysql_real_escape_string($commonname),
mysql_real_escape_string($commondescr));
perform_query($query,$link);
mysql_real_escape_string($name),
mysql_real_escape_string($descr),
mysql_real_escape_string($commonname),
mysql_real_escape_string($commondescr));
perform_query($query, $link);
$id = mysql_insert_id($link);
$newdep = select_one_row("select * from ${mysqlprefix}chatgroup where groupid = $id", $link );
$newdep = select_one_row("select * from ${mysqlprefix}chatgroup where groupid = $id", $link);
mysql_close($link);
return $newdep;
}
function update_group($groupid,$name,$descr,$commonname,$commondescr) {
global $mysqlprefix;
function update_group($groupid, $name, $descr, $commonname, $commondescr)
{
global $mysqlprefix;
$link = connect();
$query = sprintf(
"update ${mysqlprefix}chatgroup set vclocalname = '%s', vclocaldescription = '%s', vccommonname = '%s', vccommondescription = '%s' where groupid = %s",
@ -65,35 +68,35 @@ function update_group($groupid,$name,$descr,$commonname,$commondescr) {
mysql_real_escape_string($descr),
mysql_real_escape_string($commonname),
mysql_real_escape_string($commondescr),
$groupid );
$groupid);
perform_query($query,$link);
perform_query($query, $link);
mysql_close($link);
}
if( isset($_POST['name'])) {
$groupid = verifyparam( "gid", "/^(\d{1,9})?$/", "");
if (isset($_POST['name'])) {
$groupid = verifyparam("gid", "/^(\d{1,9})?$/", "");
$name = getparam('name');
$description = getparam('description');
$commonname = getparam('commonname');
$commondescription = getparam('commondescription');
if( !$name )
if (!$name)
$errors[] = no_field("form.field.groupname");
$existing_group = group_by_name($name);
if( (!$groupid && $existing_group) ||
( $groupid && $existing_group && $groupid != $existing_group['groupid']) )
if ((!$groupid && $existing_group) ||
($groupid && $existing_group && $groupid != $existing_group['groupid']))
$errors[] = getlocal("page.group.duplicate_name");
if( count($errors) == 0 ) {
if (count($errors) == 0) {
if (!$groupid) {
$newdep = create_group($name,$description,$commonname,$commondescription);
header("Location: $webimroot/operator/groupmembers.php?gid=".$newdep['groupid']);
$newdep = create_group($name, $description, $commonname, $commondescription);
header("Location: $webimroot/operator/groupmembers.php?gid=" . $newdep['groupid']);
exit;
} else {
update_group($groupid,$name,$description,$commonname,$commondescription);
update_group($groupid, $name, $description, $commonname, $commondescription);
header("Location: $webimroot/operator/group.php?gid=$groupid&stored");
exit;
}
@ -105,11 +108,11 @@ if( isset($_POST['name'])) {
$page['grid'] = topage($groupid);
}
} else if( isset($_GET['gid']) ) {
$groupid = verifyparam( 'gid', "/^\d{1,9}$/");
} else if (isset($_GET['gid'])) {
$groupid = verifyparam('gid', "/^\d{1,9}$/");
$group = group_by_id($groupid);
if( !$group ) {
if (!$group) {
$errors[] = getlocal("page.group.no_such");
$page['grid'] = topage($groupid);
} else {

31
src/messenger/webim/operator/groupmembers.php
View File

@ -25,8 +25,9 @@ require_once('../libs/groups.php');
$operator = check_login();
function get_group_members($groupid) {
global $mysqlprefix;
function get_group_members($groupid)
{
global $mysqlprefix;
$link = connect();
$query = "select operatorid from ${mysqlprefix}chatgroupoperator where groupid = $groupid";
$result = select_multi_assoc($query, $link);
@ -34,18 +35,20 @@ function get_group_members($groupid) {
return $result;
}
function update_group_members($groupid,$newvalue) {
global $mysqlprefix;
function update_group_members($groupid, $newvalue)
{
global $mysqlprefix;
$link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid", $link);
foreach($newvalue as $opid) {
foreach ($newvalue as $opid) {
perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$opid)", $link);
}
mysql_close($link);
}
function get_operators() {
global $mysqlprefix;
function get_operators()
{
global $mysqlprefix;
$link = connect();
$query = "select * from ${mysqlprefix}chatoperator order by vclogin";
@ -54,25 +57,25 @@ function get_operators() {
return $result;
}
$groupid = verifyparam( "gid","/^\d{1,9}$/");
$groupid = verifyparam("gid", "/^\d{1,9}$/");
$page = array('groupid' => $groupid);
$page['operators'] = get_operators();
$errors = array();
$group = group_by_id($groupid);
if( !$group ) {
if (!$group) {
$errors[] = getlocal("page.group.no_such");
} else if( isset($_POST['gid']) ) {
} else if (isset($_POST['gid'])) {
$new_members = array();
foreach($page['operators'] as $op) {
if( verifyparam("op".$op['operatorid'],"/^on$/", "") == "on") {
foreach ($page['operators'] as $op) {
if (verifyparam("op" . $op['operatorid'], "/^on$/", "") == "on") {
$new_members[] = $op['operatorid'];
}
}
update_group_members($groupid, $new_members);
header("Location: $webimroot/operator/groupmembers.php?gid=$groupid&stored");
exit;
@ -81,7 +84,7 @@ if( !$group ) {
$page['formop'] = array();
$page['currentgroup'] = $group ? topage(htmlspecialchars($group['vclocalname'])) : "";
foreach(get_group_members($groupid) as $rel) {
foreach (get_group_members($groupid) as $rel) {
$page['formop'][] = $rel['operatorid'];
}

30
src/messenger/webim/operator/groups.php
View File

@ -24,37 +24,39 @@ require_once('../libs/operator.php');
$operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
if (isset($_GET['act']) && $_GET['act'] == 'del') {
$groupid = isset($_GET['gid']) ? $_GET['gid'] : "";
if( !preg_match( "/^\d+$/", $groupid )) {
if (!preg_match("/^\d+$/", $groupid)) {
$errors[] = "Cannot delete: wrong argument";
}
if( !is_capable($can_administrate, $operator)) {
if (!is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to remove groups";
}
if( count($errors) == 0 ) {
if (count($errors) == 0) {
$link = connect();
perform_query("delete from ${mysqlprefix}chatgroup where groupid = $groupid",$link);
perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid",$link);
perform_query("update ${mysqlprefix}chatthread set groupid = 0 where groupid = $groupid",$link);
perform_query("delete from ${mysqlprefix}chatgroup where groupid = $groupid", $link);
perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid", $link);
perform_query("update ${mysqlprefix}chatthread set groupid = 0 where groupid = $groupid", $link);
mysql_close($link);
header("Location: $webimroot/operator/groups.php");
exit;
}
}
function is_online($group) {
function is_online($group)
{
global $settings;
return $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] ? "1" : "";
return $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] ? "1" : "";
}
function is_away($group) {
function is_away($group)
{
global $settings;
return $group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] ? "1" : "";
return $group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] ? "1" : "";
}

36
src/messenger/webim/operator/history.php
View File

@ -33,31 +33,31 @@ setlocale(LC_TIME, getstring("time.locale"));
$page = array();
$query = isset($_GET['q']) ? myiconv(getoutputenc(), $webim_encoding, $_GET['q']) : false;
if($query !== false) {
if ($query !== false) {
$link = connect();
$result = mysql_query("select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname ".
"from ${mysqlprefix}chatgroup order by vclocalname", $link);
$result = mysql_query("select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname " .
"from ${mysqlprefix}chatgroup order by vclocalname", $link);
$groupName = array();
while ($group = mysql_fetch_array($result, MYSQL_ASSOC)) {
$groupName[$group['groupid']] = $group['vclocalname'];
}
mysql_free_result($result);
$page['groupName'] = $groupName;
$escapedQuery = mysql_real_escape_string($query,$link);
select_with_pagintation("DISTINCT unix_timestamp(${mysqlprefix}chatthread.dtmcreated) as created, ".
"unix_timestamp(${mysqlprefix}chatthread.dtmmodified) as modified, ${mysqlprefix}chatthread.threadid, ".
"${mysqlprefix}chatthread.remote, ${mysqlprefix}chatthread.agentName, ${mysqlprefix}chatthread.userName, groupid, ".
"messageCount as size",
"${mysqlprefix}chatthread, ${mysqlprefix}chatmessage",
array(
"${mysqlprefix}chatmessage.threadid = ${mysqlprefix}chatthread.threadid",
"((${mysqlprefix}chatthread.userName LIKE '%%$escapedQuery%%') or (${mysqlprefix}chatmessage.tmessage LIKE '%%$escapedQuery%%'))"
),
"order by created DESC",
"DISTINCT ${mysqlprefix}chatthread.dtmcreated", $link);
$escapedQuery = mysql_real_escape_string($query, $link);
select_with_pagintation("DISTINCT unix_timestamp(${mysqlprefix}chatthread.dtmcreated) as created, " .
"unix_timestamp(${mysqlprefix}chatthread.dtmmodified) as modified, ${mysqlprefix}chatthread.threadid, " .
"${mysqlprefix}chatthread.remote, ${mysqlprefix}chatthread.agentName, ${mysqlprefix}chatthread.userName, groupid, " .
"messageCount as size",
"${mysqlprefix}chatthread, ${mysqlprefix}chatmessage",
array(
"${mysqlprefix}chatmessage.threadid = ${mysqlprefix}chatthread.threadid",
"((${mysqlprefix}chatthread.userName LIKE '%%$escapedQuery%%') or (${mysqlprefix}chatmessage.tmessage LIKE '%%$escapedQuery%%'))"
),
"order by created DESC",
"DISTINCT ${mysqlprefix}chatthread.dtmcreated", $link);
mysql_close($link);
$page['formq'] = topage($query);

10
src/messenger/webim/operator/login.php
View File

@ -23,21 +23,21 @@ require_once('../libs/common.php');
require_once('../libs/operator.php');
$errors = array();
$page = array( 'formisRemember' => true, 'version' => $version);
$page = array('formisRemember' => true, 'version' => $version);
if( isset($_POST['login']) && isset($_POST['password']) ) {
if (isset($_POST['login']) && isset($_POST['password'])) {
$login = getparam('login');
$password = getparam('password');
$remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on";
$operator = operator_by_login( $login );
if( $operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password) ) {
$operator = operator_by_login($login);
if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password)) {
$target = isset($_SESSION['backpath'])
? $_SESSION['backpath']
: "$webimroot/operator/index.php";
login_operator($operator,$remember);
login_operator($operator, $remember);
header("Location: $target");
exit;
} else {

54
src/messenger/webim/operator/operator.php
View File

@ -29,8 +29,8 @@ $page = array('opid' => '');
$errors = array();
$opId = '';
if( isset($_POST['login']) && isset($_POST['password']) ) {
$opId = verifyparam( "opid", "/^(\d{1,9})?$/", "");
if (isset($_POST['login']) && isset($_POST['password'])) {
$opId = verifyparam("opid", "/^(\d{1,9})?$/", "");
$login = getparam('login');
$email = getparam('email');
$password = getparam('password');
@ -38,45 +38,45 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
$localname = getparam('name');
$commonname = getparam('commonname');
if( !$localname )
if (!$localname)
$errors[] = no_field("form.field.agent_name");
if( !$commonname )
if (!$commonname)
$errors[] = no_field("form.field.agent_commonname");
if( !$login ) {
if (!$login) {
$errors[] = no_field("form.field.login");
} else if( !preg_match( "/^[\w_\.]+$/",$login) ) {
} else if (!preg_match("/^[\w_\.]+$/", $login)) {
$errors[] = getlocal("page_agent.error.wrong_login");
}
if($email != '' && !is_valid_email($email))
if ($email != '' && !is_valid_email($email))
$errors[] = wrong_field("form.field.mail");
if( !$opId && !$password )
if (!$opId && !$password)
$errors[] = no_field("form.field.password");
if( $password != $passwordConfirm )
if ($password != $passwordConfirm)
$errors[] = getlocal("my_settings.error.password_match");
$existing_operator = operator_by_login($login);
if( (!$opId && $existing_operator) ||
( $opId && $existing_operator && $opId != $existing_operator['operatorid']) )
if ((!$opId && $existing_operator) ||
($opId && $existing_operator && $opId != $existing_operator['operatorid']))
$errors[] = getlocal("page_agent.error.duplicate_login");
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
if(!$canmodify) {
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify');
}
if( count($errors) == 0 ) {
if (count($errors) == 0) {
if (!$opId) {
$newop = create_operator($login,$email,$password,$localname,$commonname,"");
header("Location: $webimroot/operator/avatar.php?op=".$newop['operatorid']);
$newop = create_operator($login, $email, $password, $localname, $commonname, "");
header("Location: $webimroot/operator/avatar.php?op=" . $newop['operatorid']);
exit;
} else {
update_operator($opId,$login,$email,$password,$localname,$commonname);
update_operator($opId, $login, $email, $password, $localname, $commonname);
header("Location: $webimroot/operator/operator.php?op=$opId&stored");
exit;
}
@ -88,11 +88,11 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
$page['opid'] = topage($opId);
}
} else if( isset($_GET['op']) ) {
$opId = verifyparam( 'op', "/^\d{1,9}$/");
} else if (isset($_GET['op'])) {
$opId = verifyparam('op', "/^\d{1,9}$/");
$op = operator_by_id($opId);
if( !$op ) {
if (!$op) {
$errors[] = getlocal("no_such_operator");
$page['opid'] = topage($opId);
} else {
@ -104,18 +104,18 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
}
}
if(!$opId && !is_capable($can_administrate, $operator)) {
if (!$opId && !is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to create operators";
}
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$page['stored'] = isset($_GET['stored']);
$page['canmodify'] = $canmodify ? "1" : "";
prepare_menu($operator);
setup_operator_settings_tabs($opId,0);
setup_operator_settings_tabs($opId, 0);
start_html_output();
require('../view/agent.php');
?>

30
src/messenger/webim/operator/operators.php
View File

@ -24,36 +24,36 @@ require_once('../libs/operator.php');
$operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) {
if (isset($_GET['act']) && $_GET['act'] == 'del') {
$operatorid = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $operatorid )) {
if (!preg_match("/^\d+$/", $operatorid)) {
$errors[] = "Cannot delete: wrong argument";
}
if( !is_capable($can_administrate, $operator)) {
if (!is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to remove operators";
}
if( $operatorid == $operator['operatorid']) {
if ($operatorid == $operator['operatorid']) {
$errors[] = "Cannot remove self";
}
if(count($errors) == 0) {
if (count($errors) == 0) {
$op = operator_by_id($operatorid);
if( !$op ) {
if (!$op) {
$errors[] = getlocal("no_such_operator");
} else if($op['vclogin'] == 'admin') {
$errors[] = 'Cannot remove operator "admin"';
}
} else if ($op['vclogin'] == 'admin') {
$errors[] = 'Cannot remove operator "admin"';
}
}
if( count($errors) == 0 ) {
if (count($errors) == 0) {
$link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid",$link);
perform_query("delete from ${mysqlprefix}chatoperator where operatorid = $operatorid",$link);
perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid", $link);
perform_query("delete from ${mysqlprefix}chatoperator where operatorid = $operatorid", $link);
mysql_close($link);
header("Location: $webimroot/operator/operators.php");
exit;
}

37
src/messenger/webim/operator/opgroups.php
View File

@ -25,65 +25,66 @@ require_once('../libs/operator_settings.php');
$operator = check_login();
function update_operator_groups($operatorid,$newvalue) {
global $mysqlprefix;
function update_operator_groups($operatorid, $newvalue)
{
global $mysqlprefix;
$link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid", $link);
foreach($newvalue as $groupid) {
foreach ($newvalue as $groupid) {
perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$operatorid)", $link);
}
mysql_close($link);
}
$opId = verifyparam( "op","/^\d{1,9}$/");
$opId = verifyparam("op", "/^\d{1,9}$/");
$page = array('opid' => $opId);
$link = connect();
$page['groups'] = get_all_groups($link);
mysql_close($link);
$errors = array();
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator);
$op = operator_by_id($opId);
if( !$op ) {
if (!$op) {
$errors[] = getlocal("no_such_operator");
} else if( isset($_POST['op']) ) {
} else if (isset($_POST['op'])) {
if(!$canmodify) {
if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify');
}
if(count($errors) == 0) {
if (count($errors) == 0) {
$new_groups = array();
foreach($page['groups'] as $group) {
if( verifyparam("group".$group['groupid'],"/^on$/", "") == "on") {
foreach ($page['groups'] as $group) {
if (verifyparam("group" . $group['groupid'], "/^on$/", "") == "on") {
$new_groups[] = $group['groupid'];
}
}
update_operator_groups($op['operatorid'],$new_groups);
update_operator_groups($op['operatorid'], $new_groups);
header("Location: $webimroot/operator/opgroups.php?op=$opId&stored");
exit;
}
}
$page['formgroup'] = array();
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-";
$page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
$page['canmodify'] = $canmodify ? "1" : "";
if($op) {
foreach(get_operator_groupids($opId) as $rel) {
if ($op) {
foreach (get_operator_groupids($opId) as $rel) {
$page['formgroup'][] = $rel['groupid'];
}
}
$page['stored'] = isset($_GET['stored']);
prepare_menu($operator);
setup_operator_settings_tabs($opId,2);
setup_operator_settings_tabs($opId, 2);
start_html_output();
require('../view/operator_groups.php');
?>

64
src/messenger/webim/operator/performance.php
View File

@ -29,49 +29,49 @@ $page = array('agentId' => '');
$errors = array();
$options = array(
'online_timeout', 'updatefrequency_operator', 'updatefrequency_chat',
'updatefrequency_oldchat', 'max_connections_from_one_host');
'online_timeout', 'updatefrequency_operator', 'updatefrequency_chat',
'updatefrequency_oldchat', 'max_connections_from_one_host');
loadsettings();
$params = array();
foreach($options as $opt) {
foreach ($options as $opt) {
$params[$opt] = $settings[$opt];
}
if (isset($_POST['onlinetimeout'])) {
$params['online_timeout'] = getparam('onlinetimeout');
if(!is_numeric($params['online_timeout'])) {
$errors[] = wrong_field("settings.onlinetimeout");
}
$params['updatefrequency_operator'] = getparam('frequencyoperator');
if(!is_numeric($params['updatefrequency_operator'])) {
$errors[] = wrong_field("settings.frequencyoperator");
}
$params['updatefrequency_chat'] = getparam('frequencychat');
if(!is_numeric($params['updatefrequency_chat'])) {
$errors[] = wrong_field("settings.frequencychat");
}
$params['updatefrequency_oldchat'] = getparam('frequencyoldchat');
if(!is_numeric($params['updatefrequency_oldchat'])) {
$errors[] = wrong_field("settings.frequencyoldchat");
}
$params['online_timeout'] = getparam('onlinetimeout');
if (!is_numeric($params['online_timeout'])) {
$errors[] = wrong_field("settings.onlinetimeout");
}
$params['updatefrequency_operator'] = getparam('frequencyoperator');
if (!is_numeric($params['updatefrequency_operator'])) {
$errors[] = wrong_field("settings.frequencyoperator");
}
$params['updatefrequency_chat'] = getparam('frequencychat');
if (!is_numeric($params['updatefrequency_chat'])) {
$errors[] = wrong_field("settings.frequencychat");
}
$params['updatefrequency_oldchat'] = getparam('frequencyoldchat');
if (!is_numeric($params['updatefrequency_oldchat'])) {
$errors[] = wrong_field("settings.frequencyoldchat");
}
$params['max_connections_from_one_host'] = getparam('onehostconnections');
if(!is_numeric($params['max_connections_from_one_host'])) {
$errors[] = getlocal("settings.wrong.onehostconnections");
}
if (count($errors) == 0) {
foreach($options as $opt) {
if (!is_numeric($params['max_connections_from_one_host'])) {
$errors[] = getlocal("settings.wrong.onehostconnections");
}
if (count($errors) == 0) {
foreach ($options as $opt) {
$settings[$opt] = $params[$opt];
}
update_settings();
header("Location: $webimroot/operator/performance.php?stored");
exit;
}
update_settings();
header("Location: $webimroot/operator/performance.php?stored");
exit;
}
}
$page['formonlinetimeout'] = $params['online_timeout'];

46
src/messenger/webim/operator/redirect.php
View File

@ -27,30 +27,30 @@ require_once('../libs/groups.php');
$operator = check_login();
$threadid = verifyparam( "thread", "/^\d{1,8}$/");
$token = verifyparam( "token", "/^\d{1,8}$/");
$threadid = verifyparam("thread", "/^\d{1,8}$/");
$token = verifyparam("token", "/^\d{1,8}$/");
$thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) || $token != $thread['ltoken'] ) {
if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread");
}
$page = array();
$errors = array();
if(isset($_GET['nextGroup'])) {
$nextid = verifyparam( "nextGroup", "/^\d{1,8}$/");
if (isset($_GET['nextGroup'])) {
$nextid = verifyparam("nextGroup", "/^\d{1,8}$/");
$nextGroup = group_by_id($nextid);
if( $nextGroup ) {
$page['message'] = getlocal2("chat.redirected.group.content",array(topage(get_group_name($nextGroup))));
if( $thread['istate'] == $state_chatting ) {
if ($nextGroup) {
$page['message'] = getlocal2("chat.redirected.group.content", array(topage(get_group_name($nextGroup))));
if ($thread['istate'] == $state_chatting) {
$link = connect();
commit_thread( $threadid,
array("istate" => $state_waiting, "nextagent" => 0, "groupid" => $nextid, "agentId" => 0, "agentName" => "''"), $link);
commit_thread($threadid,
array("istate" => $state_waiting, "nextagent" => 0, "groupid" => $nextid, "agentId" => 0, "agentName" => "''"), $link);
post_message_($thread['threadid'], $kind_events,
getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)),$thread['locale']), $link);
getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)), $thread['locale']), $link);
mysql_close($link);
} else {
$errors[] = getlocal("chat.redirect.cannot");
@ -60,23 +60,23 @@ if(isset($_GET['nextGroup'])) {
}
} else {
$nextid = verifyparam( "nextAgent", "/^\d{1,8}$/");
$nextid = verifyparam("nextAgent", "/^\d{1,8}$/");
$nextOperator = operator_by_id($nextid);
if( $nextOperator ) {
$page['message'] = getlocal2("chat.redirected.content",array(topage(get_operator_name($nextOperator))));
if( $thread['istate'] == $state_chatting ) {
if ($nextOperator) {
$page['message'] = getlocal2("chat.redirected.content", array(topage(get_operator_name($nextOperator))));
if ($thread['istate'] == $state_chatting) {
$link = connect();
$threadupdate = array("istate" => $state_waiting, "nextagent" => $nextid, "agentId" => 0);
if($thread['groupid'] != 0) {
if(FALSE === select_one_row("select groupid from ${mysqlprefix}chatgroupoperator where operatorid = $nextid and groupid = ".$thread['groupid'], $link)) {
if ($thread['groupid'] != 0) {
if (FALSE === select_one_row("select groupid from ${mysqlprefix}chatgroupoperator where operatorid = $nextid and groupid = " . $thread['groupid'], $link)) {
$threadupdate['groupid'] = 0;
}
}
commit_thread( $threadid, $threadupdate, $link);
commit_thread($threadid, $threadupdate, $link);
post_message_($thread['threadid'], $kind_events,
getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)),$thread['locale']), $link);
getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)), $thread['locale']), $link);
mysql_close($link);
} else {
$errors[] = getlocal("chat.redirect.cannot");
@ -87,7 +87,7 @@ if(isset($_GET['nextGroup'])) {
}
setup_logo();
if( count($errors) > 0 ) {
if (count($errors) > 0) {
expand("../styles", getchatstyle(), "error.tpl");
} else {
expand("../styles", getchatstyle(), "redirected.tpl");

20
src/messenger/webim/operator/resetpwd.php
View File

@ -26,15 +26,15 @@ require_once('../libs/settings.php');
$errors = array();
$page = array('version' => $version, 'showform' => true);
$opId = verifyparam( "id", "/^\d{1,9}$/");
$opId = verifyparam("id", "/^\d{1,9}$/");
$token = verifyparam("token", "/^[\dabcdef]+$/");
$operator = operator_by_id($opId);
if(!$operator) {
if (!$operator) {
$errors[] = "No such operator";
$page['showform'] = false;
} else if($token != $operator['vcrestoretoken']) {
} else if ($token != $operator['vcrestoretoken']) {
$errors[] = "Wrong token";
$page['showform'] = false;
}
@ -42,25 +42,25 @@ if(!$operator) {
if (count($errors) == 0 && isset($_POST['password'])) {
$password = getparam('password');
$passwordConfirm = getparam('passwordConfirm');
if( !$password )
if (!$password)
$errors[] = no_field("form.field.password");
if( $password != $passwordConfirm )
if ($password != $passwordConfirm)
$errors[] = getlocal("my_settings.error.password_match");
if (count($errors) == 0) {
$page['isdone'] = true;
$link = connect();
$query = "update ${mysqlprefix}chatoperator set vcpassword = '".md5($password)."', vcrestoretoken = '' where operatorid = ".$opId;
$query = "update ${mysqlprefix}chatoperator set vcpassword = '" . md5($password) . "', vcrestoretoken = '' where operatorid = " . $opId;
perform_query($query, $link);
mysql_close($link);
start_html_output();
require('../view/resetpwd.php');
exit;
}
}
}
$page['id'] = $opId;

24
src/messenger/webim/operator/restore.php
View File

@ -30,32 +30,32 @@ $loginoremail = "";
if (isset($_POST['loginoremail'])) {
$loginoremail = getparam("loginoremail");
$torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail);
if(!$torestore) {
if (!$torestore) {
$errors[] = getlocal("no_such_operator");
}
$email = $torestore['vcemail'];
if(count($errors) == 0 && !is_valid_email($email)) {
if (count($errors) == 0 && !is_valid_email($email)) {
$errors[] = "Operator hasn't set his e-mail";
}
if (count($errors) == 0) {
$token = md5((time() + microtime()).rand(0,99999999));
$token = md5((time() + microtime()) . rand(0, 99999999));
$link = connect();
$query = "update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '$token' where operatorid = ".$torestore['operatorid'];
$query = "update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '$token' where operatorid = " . $torestore['operatorid'];
perform_query($query, $link);
$href = get_app_location(true,false)."/operator/resetpwd.php?id=".$torestore['operatorid']."&token=$token";
webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext",array(get_operator_name($torestore), $href)), $link);
$href = get_app_location(true, false) . "/operator/resetpwd.php?id=" . $torestore['operatorid'] . "&token=$token";
webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext", array(get_operator_name($torestore), $href)), $link);
mysql_close($link);
$page['isdone'] = true;
require('../view/restore.php');
exit;
}
}
}
$page['formloginoremail'] = topage($loginoremail);

64
src/messenger/webim/operator/settings.php
View File

@ -30,7 +30,7 @@ $errors = array();
$stylelist = array();
$stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) {
if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[] = $file;
@ -40,57 +40,57 @@ if($handle = opendir($stylesfolder)) {
}
$options = array(
'email', 'title', 'logo', 'hosturl', 'usernamepattern',
'chatstyle', 'chattitle', 'geolink', 'geolinkparams', 'sendmessagekey');
'email', 'title', 'logo', 'hosturl', 'usernamepattern',
'chatstyle', 'chattitle', 'geolink', 'geolinkparams', 'sendmessagekey');
loadsettings();
$params = array();
foreach($options as $opt) {
foreach ($options as $opt) {
$params[$opt] = $settings[$opt];
}
if (isset($_POST['email']) && isset($_POST['title']) && isset($_POST['logo'])) {
$params['email'] = getparam('email');
$params['title'] = getparam('title');
$params['logo'] = getparam('logo');
$params['hosturl'] = getparam('hosturl');
$params['usernamepattern'] = getparam('usernamepattern');
$params['chattitle'] = getparam('chattitle');
$params['geolink'] = getparam('geolink');
$params['email'] = getparam('email');
$params['title'] = getparam('title');
$params['logo'] = getparam('logo');
$params['hosturl'] = getparam('hosturl');
$params['usernamepattern'] = getparam('usernamepattern');
$params['chattitle'] = getparam('chattitle');
$params['geolink'] = getparam('geolink');
$params['geolinkparams'] = getparam('geolinkparams');
$params['sendmessagekey'] = verifyparam('sendmessagekey', "/^c?enter$/");
$params['chatstyle'] = verifyparam("chatstyle","/^\w+$/", $params['chatstyle']);
if(!in_array($params['chatstyle'], $stylelist)) {
$params['chatstyle'] = verifyparam("chatstyle", "/^\w+$/", $params['chatstyle']);
if (!in_array($params['chatstyle'], $stylelist)) {
$params['chatstyle'] = $stylelist[0];
}
if($params['email'] && !is_valid_email($params['email'])) {
$errors[] = getlocal("settings.wrong.email");
}
if($params['geolinkparams']) {
foreach(preg_split("/,/", $params['geolinkparams']) as $oneparam) {
if(!preg_match("/^\s*(toolbar|scrollbars|location|status|menubar|width|height|resizable)=\d{1,4}$/", $oneparam)) {
$errors[] = "Wrong link parameter: \"$oneparam\", should be one of 'toolbar, scrollbars, location, status, menubar, width, height or resizable'";
}
}
}
if ($params['email'] && !is_valid_email($params['email'])) {
$errors[] = getlocal("settings.wrong.email");
}
if (count($errors) == 0) {
foreach($options as $opt) {
if ($params['geolinkparams']) {
foreach (preg_split("/,/", $params['geolinkparams']) as $oneparam) {
if (!preg_match("/^\s*(toolbar|scrollbars|location|status|menubar|width|height|resizable)=\d{1,4}$/", $oneparam)) {
$errors[] = "Wrong link parameter: \"$oneparam\", should be one of 'toolbar, scrollbars, location, status, menubar, width, height or resizable'";
}
}
}
if (count($errors) == 0) {
foreach ($options as $opt) {
$settings[$opt] = $params[$opt];
}
update_settings();
header("Location: $webimroot/operator/settings.php?stored");
exit;
}
update_settings();
header("Location: $webimroot/operator/settings.php?stored");
exit;
}
}
$page['formemail'] = topage($params['email']);
$page['formtitle'] = topage($params['title']);
$page['formlogo'] = topage($params['logo']);
$page['formhosturl'] = topage($params['hosturl']);
$page['formlogo'] = topage($params['logo']);
$page['formhosturl'] = topage($params['hosturl']);
$page['formgeolink'] = topage($params['geolink']);
$page['formgeolinkparams'] = topage($params['geolinkparams']);
$page['formusernamepattern'] = topage($params['usernamepattern']);

54
src/messenger/webim/operator/statistics.php
View File

@ -29,55 +29,55 @@ setlocale(LC_TIME, getstring("time.locale"));
$page = array();
$page['operator'] = topage(get_operator_name($operator));
$page['availableDays'] = range(1,31);
$page['availableMonth'] = get_month_selection(time()-400*24*60*60,time()+50*24*60*60 );
$page['availableDays'] = range(1, 31);
$page['availableMonth'] = get_month_selection(time() - 400 * 24 * 60 * 60, time() + 50 * 24 * 60 * 60);
$page['showresults'] = false;
$errors = array();
if(isset($_GET['startday'])) {
$startday = verifyparam("startday","/^\d+$/");
$startmonth = verifyparam("startmonth","/^\d{2}.\d{2}$/");
$endday = verifyparam("endday","/^\d+$/");
$endmonth = verifyparam("endmonth","/^\d{2}.\d{2}$/");
$start = get_form_date($startday,$startmonth);
$end = get_form_date($endday, $endmonth)+24*60*60;
if (isset($_GET['startday'])) {
$startday = verifyparam("startday", "/^\d+$/");
$startmonth = verifyparam("startmonth", "/^\d{2}.\d{2}$/");
$endday = verifyparam("endday", "/^\d+$/");
$endmonth = verifyparam("endmonth", "/^\d{2}.\d{2}$/");
$start = get_form_date($startday, $startmonth);
$end = get_form_date($endday, $endmonth) + 24 * 60 * 60;
} else {
$curr = getdate(time());
if( $curr['mday'] < 7 ) {
if ($curr['mday'] < 7) {
// previous month
if($curr['mon'] == 1) {
$month = 12;
$year = $curr['year']-1;
if ($curr['mon'] == 1) {
$month = 12;
$year = $curr['year'] - 1;
} else {
$month = $curr['mon']-1;
$month = $curr['mon'] - 1;
$year = $curr['year'];
}
$start = mktime(0,0,0,$month,1,$year);
$end = mktime(0,0,0,$month, date("t",$start),$year)+24*60*60;
$start = mktime(0, 0, 0, $month, 1, $year);
$end = mktime(0, 0, 0, $month, date("t", $start), $year) + 24 * 60 * 60;
} else {
$start = mktime(0,0,0,$curr['mon'],1,$curr['year']);
$end = time()+24*60*60;
$start = mktime(0, 0, 0, $curr['mon'], 1, $curr['year']);
$end = time() + 24 * 60 * 60;
}
}
set_form_date($start, "start");
set_form_date($end-24*60*60, "end");
set_form_date($end - 24 * 60 * 60, "end");
if( $start > $end ) {
if ($start > $end) {
$errors[] = getlocal("statistics.wrong.dates");
}
$link = connect();
$page['reportByDate'] = select_multi_assoc("select DATE(dtmcreated) as date, COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users ".
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by DATE(dtmcreated) order by dtmcreated desc", $link);
$page['reportByDate'] = select_multi_assoc("select DATE(dtmcreated) as date, COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users " .
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by DATE(dtmcreated) order by dtmcreated desc", $link);
$page['reportByDateTotal'] = select_one_row("select COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users ".
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end", $link);
$page['reportByDateTotal'] = select_one_row("select COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users " .
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end", $link);
$page['reportByAgent'] = select_multi_assoc("select vclocalename as name, COUNT(distinct threadid) as threads, SUM(ikind = $kind_agent) as msgs, AVG(CHAR_LENGTH(tmessage)) as avglen ".
"from ${mysqlprefix}chatmessage, ${mysqlprefix}chatoperator ".
"where agentId = operatorid AND unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by operatorid", $link);
$page['reportByAgent'] = select_multi_assoc("select vclocalename as name, COUNT(distinct threadid) as threads, SUM(ikind = $kind_agent) as msgs, AVG(CHAR_LENGTH(tmessage)) as avglen " .
"from ${mysqlprefix}chatmessage, ${mysqlprefix}chatoperator " .
"where agentId = operatorid AND unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by operatorid", $link);
$page['showresults'] = count($errors) == 0;

52
src/messenger/webim/operator/themes.php
View File

@ -31,7 +31,7 @@ $operator = check_login();
$stylelist = array();
$stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) {
if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[] = $file;
@ -40,55 +40,55 @@ if($handle = opendir($stylesfolder)) {
closedir($handle);
}
$preview = verifyparam("preview","/^\w+$/", "default");
if(!in_array($preview, $stylelist)) {
$preview = verifyparam("preview", "/^\w+$/", "default");
if (!in_array($preview, $stylelist)) {
$preview = $stylelist[0];
}
$show = verifyparam("show", "/^(chat|chatsimple|nochat|mail|mailsent|survey|leavemessage|leavemessagesent|redirect|redirected|agentchat|agentrochat|error)$/", "");
$showerrors = verifyparam("showerr", "/^on$/", "") == "on";
$errors = array();
if($showerrors || $show == 'error') {
if ($showerrors || $show == 'error') {
$errors[] = "Test error";
}
if($show == 'chat' || $show == 'mail' || $show == 'leavemessage' || $show == 'leavemessagesent' || $show == 'chatsimple' || $show == 'nochat') {
setup_chatview_for_user(array('threadid' => 0,'userName' => getstring("chat.default.username"), 'ltoken' => 123), "ajaxed");
if ($show == 'chat' || $show == 'mail' || $show == 'leavemessage' || $show == 'leavemessagesent' || $show == 'chatsimple' || $show == 'nochat') {
setup_chatview_for_user(array('threadid' => 0, 'userName' => getstring("chat.default.username"), 'ltoken' => 123), "ajaxed");
$page['mailLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=mail";
$page['info'] = "";
expand("../styles", "$preview", "$show.tpl");
exit;
}
if($show == 'survey') {
if ($show == 'survey') {
loadsettings();
setup_survey("Visitor", "", "", "", "http://google.com");
setup_logo();
expand("../styles", "$preview", "$show.tpl");
exit;
}
if($show == 'mailsent' || $show == 'error') {
if ($show == 'mailsent' || $show == 'error') {
$page['email'] = "admin@yourdomain.com";
setup_logo();
expand("../styles", "$preview", "$show.tpl");
exit;
}
if($show == 'redirect' || $show == 'redirected' || $show == 'agentchat' || $show == 'agentrochat' ) {
if ($show == 'redirect' || $show == 'redirected' || $show == 'agentchat' || $show == 'agentrochat') {
setup_chatview_for_operator(
array(
'threadid' => 0,
'userName' => getstring("chat.default.username"),
'remote' => "1.2.3.4",
'agentId' => 1,
'userid' => 'visitor1',
'locale' => $current_locale,
'ltoken' => $show=='agentrochat' ? 124 : 123),
'threadid' => 0,
'userName' => getstring("chat.default.username"),
'remote' => "1.2.3.4",
'agentId' => 1,
'userid' => 'visitor1',
'locale' => $current_locale,
'ltoken' => $show == 'agentrochat' ? 124 : 123),
array(
'operatorid' => ($show=='agentrochat' ? 2 : 1),
));
if($show=='redirect') {
setup_redirect_links( 0,$show=='agentrochat' ? 124 : 123);
} elseif($show=='redirected') {
$page['message'] = getlocal2("chat.redirected.content",array("Administrator"));
'operatorid' => ($show == 'agentrochat' ? 2 : 1),
));
if ($show == 'redirect') {
setup_redirect_links(0, $show == 'agentrochat' ? 124 : 123);
} elseif ($show == 'redirected') {
$page['message'] = getlocal2("chat.redirected.content", array("Administrator"));
}
$page['redirectLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=redirect";
expand("../styles", "$preview", "$show.tpl");
@ -126,12 +126,12 @@ $page['availableTemplates'] = array(
"agentchat", "agentrochat", "error",
"all");
$page['showlink'] = "$webimroot/operator/themes.php?preview=$preview&amp;".($showerrors?"showerr=on&amp;":"")."show=";
$page['showlink'] = "$webimroot/operator/themes.php?preview=$preview&amp;" . ($showerrors ? "showerr=on&amp;" : "") . "show=";
$page['previewList'] = array();
foreach($templateList as $tpl) {
if($tpl['id'] == $template || $template == 'all') {
$page['previewList'][] = $tpl;
foreach ($templateList as $tpl) {
if ($tpl['id'] == $template || $template == 'all') {
$page['previewList'][] = $tpl;
}
}

21
src/messenger/webim/operator/threadprocessor.php
View File

@ -31,23 +31,24 @@ $page = array();
loadsettings();
setlocale(LC_TIME, getstring("time.locale"));
function thread_info($id) {
global $mysqlprefix;
function thread_info($id)
{
global $mysqlprefix;
$link = connect();
$thread = select_one_row("select userName,agentName,remote,userAgent,".
"unix_timestamp(dtmmodified) as modified, unix_timestamp(dtmcreated) as created,".
"vclocalname as groupName ".
"from ${mysqlprefix}chatthread left join ${mysqlprefix}chatgroup on ${mysqlprefix}chatthread.groupid = ${mysqlprefix}chatgroup.groupid ".
"where threadid = ". $id, $link );
$thread = select_one_row("select userName,agentName,remote,userAgent," .
"unix_timestamp(dtmmodified) as modified, unix_timestamp(dtmcreated) as created," .
"vclocalname as groupName " .
"from ${mysqlprefix}chatthread left join ${mysqlprefix}chatgroup on ${mysqlprefix}chatthread.groupid = ${mysqlprefix}chatgroup.groupid " .
"where threadid = " . $id, $link);
mysql_close($link);
return $thread;
}
if( isset($_GET['threadid'])) {
$threadid = verifyparam( "threadid", "/^(\d{1,9})?$/", "");
if (isset($_GET['threadid'])) {
$threadid = verifyparam("threadid", "/^(\d{1,9})?$/", "");
$lastid = -1;
$page['threadMessages'] = get_messages($threadid,"html",false,$lastid);
$page['threadMessages'] = get_messages($threadid, "html", false, $lastid);
$page['thread'] = thread_info($threadid);
}

115
src/messenger/webim/operator/translate.php
View File

@ -23,27 +23,30 @@ require_once('../libs/common.php');
require_once('../libs/operator.php');
require_once('../libs/pagination.php');
function compare_localization_by_l1($a, $b) {
if ($a == $b) {
return 0;
}
return ($a['l1'] < $b['l1']) ? -1 : 1;
function compare_localization_by_l1($a, $b)
{
if ($a == $b) {
return 0;
}
return ($a['l1'] < $b['l1']) ? -1 : 1;
}
function compare_localization_by_id($a, $b) {
if ($a == $b) {
return 0;
}
return ($a['id'] < $b['id']) ? -1 : 1;
function compare_localization_by_id($a, $b)
{
if ($a == $b) {
return 0;
}
return ($a['id'] < $b['id']) ? -1 : 1;
}
function load_idlist($name) {
function load_idlist($name)
{
$result = array();
$fp = @fopen(dirname(__FILE__)."/../locales/names/$name", "r");
if($fp !== FALSE) {
$fp = @fopen(dirname(__FILE__) . "/../locales/names/$name", "r");
if ($fp !== FALSE) {
while (!feof($fp)) {
$line = trim(fgets($fp, 4096));
if($line && preg_match("/^[\w_\.]+$/", $line)) {
if ($line && preg_match("/^[\w_\.]+$/", $line)) {
$result[] = $line;
}
}
@ -52,62 +55,64 @@ function load_idlist($name) {
return $result;
}
function save_message($locale,$key,$value) {
function save_message($locale, $key, $value)
{
global $webim_encoding;
$result = "";
$added = false;
$current_encoding = $webim_encoding;
$fp = fopen(dirname(__FILE__)."/../locales/$locale/properties", "r");
$fp = fopen(dirname(__FILE__) . "/../locales/$locale/properties", "r");
while (!feof($fp)) {
$line = fgets($fp, 4096);
$keyval = preg_split("/=/", $line, 2 );
if( isset($keyval[1]) ) {
if($keyval[0] == 'encoding') {
$keyval = preg_split("/=/", $line, 2);
if (isset($keyval[1])) {
if ($keyval[0] == 'encoding') {
$current_encoding = trim($keyval[1]);
} else if(!$added && $keyval[0] == $key) {
$line = "$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n";
} else if (!$added && $keyval[0] == $key) {
$line = "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n";
$added = true;
}
}
$result .= $line;
}
fclose($fp);
if(!$added) {
$result .= "$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n";
if (!$added) {
$result .= "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n";
}
$fp = @fopen(dirname(__FILE__)."/../locales/$locale/properties", "w");
if($fp !== FALSE) {
$fp = @fopen(dirname(__FILE__) . "/../locales/$locale/properties", "w");
if ($fp !== FALSE) {
fwrite($fp, $result);
fclose($fp);
} else {
die("cannot write /locales/$locale/properties, please check file permissions on your server");
}
$fp = @fopen(dirname(__FILE__)."/../locales/$locale/properties.log", "a");
if($fp !== FALSE) {
$fp = @fopen(dirname(__FILE__) . "/../locales/$locale/properties.log", "a");
if ($fp !== FALSE) {
$extAddr = $_SERVER['REMOTE_ADDR'];
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) &&
$_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) {
$extAddr = $_SERVER['REMOTE_ADDR'].' ('.$_SERVER['HTTP_X_FORWARDED_FOR'].')';
$_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) {
$extAddr = $_SERVER['REMOTE_ADDR'] . ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')';
}
$userbrowser = $_SERVER['HTTP_USER_AGENT'];
$remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $extAddr;
fwrite($fp,"# ".date(DATE_RFC822)." by $remoteHost using $userbrowser\n");
fwrite($fp,"$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n");
fwrite($fp, "# " . date(DATE_RFC822) . " by $remoteHost using $userbrowser\n");
fwrite($fp, "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n");
fclose($fp);
}
}
function get_auxiliary($s) {
function get_auxiliary($s)
{
$res = "";
if(preg_match_all("/<[^>]+?>|[:]|\{\d+\}|[Mm]ibew|[Ww]ebim/", $s, $matches, PREG_PATTERN_ORDER)) {
if (preg_match_all("/<[^>]+?>|[:]|\{\d+\}|[Mm]ibew|[Ww]ebim/", $s, $matches, PREG_PATTERN_ORDER)) {
foreach ($matches[0] as $val) {
if($val != "<br/>") {
if ($val != "<br/>") {
$res .= $val;
}
}
}
}
if(substr(trim($s),-1) == "." || substr(trim($s),-1) == "?") {
if (substr(trim($s), -1) == "." || substr(trim($s), -1) == "?") {
$res .= ".";
}
return $res;
@ -119,11 +124,11 @@ $source = verifyparam("source", "/^[\w-]{2,5}$/", $default_locale);
$target = verifyparam("target", "/^[\w-]{2,5}$/", $current_locale);
$stringid = verifyparam("key", "/^[_\.\w]+$/", "");
if(!isset($messages[$source])) {
if (!isset($messages[$source])) {
load_messages($source);
}
$lang1 = $messages[$source];
if(!isset($messages[$target])) {
if (!isset($messages[$target])) {
load_messages($target);
}
$lang2 = $messages[$target];
@ -136,16 +141,16 @@ $page = array(
'title2' => isset($lang2["localeid"]) ? $lang2["localeid"] : $target
);
if($stringid) {
if ($stringid) {
$translation = isset($lang2[$stringid]) ? $lang2[$stringid] : "";
if(isset($_POST['translation'])) {
if (isset($_POST['translation'])) {
$translation = getparam('translation');
if(!$translation) {
if (!$translation) {
$errors[] = no_field("form.field.translation");
}
if(count($errors) == 0) {
if (count($errors) == 0) {
save_message($target, $stringid, $translation);
$page['saved'] = true;
@ -169,7 +174,7 @@ if($stringid) {
$localesList = array();
$allLocales = get_available_locales();
foreach($allLocales as $loc) {
foreach ($allLocales as $loc) {
$localesList[] = array("id" => $loc, "name" => getlocal_("localeid", $loc));
}
@ -177,35 +182,35 @@ $show = verifyparam("show", "/^(all|s1|s2|s3)$/", "all");
$result = array();
$allkeys = array_keys($lang1);
if($show == 's1') {
if ($show == 's1') {
$allkeys = array_intersect($allkeys, load_idlist('level1'));
} else if($show == 's2') {
} else if ($show == 's2') {
$allkeys = array_intersect($allkeys, load_idlist('level2'));
} else if($show == 's3') {
} else if ($show == 's3') {
$allkeys = array_diff($allkeys, load_idlist('level1'), load_idlist('level2'));
}
foreach($allkeys as $key) {
if($key != 'output_charset') {
foreach ($allkeys as $key) {
if ($key != 'output_charset') {
$tsource = htmlspecialchars($lang1[$key]);
if(isset($lang2[$key])) {
if (isset($lang2[$key])) {
$value = htmlspecialchars($lang2[$key]);
if(get_auxiliary($lang2[$key]) != get_auxiliary($lang1[$key])) {
if (get_auxiliary($lang2[$key]) != get_auxiliary($lang1[$key])) {
$value = "<font color=\"#6030c1\"><b>$value</b></font> <strong>(wrong formatting)</strong>";
}
} else {
$value = "<font color=\"#c13030\"><b>absent</b></font>";
$value = "<font color=\"#c13030\"><b>absent</b></font>";
}
$result[] = array(
'id' => $key,
'l1' => $tsource,
'l2' => $value );
'id' => $key,
'l1' => $tsource,
'l2' => $value);
}
}
$order = verifyparam("sort", "/^(id|l1)$/", "id");
usort($result, "compare_localization_by_$order");
setup_pagination($result,100);
setup_pagination($result, 100);
$page['formtarget'] = $target;
$page['formsource'] = $source;

121
src/messenger/webim/operator/update.php
View File

@ -26,9 +26,9 @@ require_once('../libs/operator.php');
require_once('../libs/groups.php');
$operator = get_logged_in();
if( !$operator ) {
if (!$operator) {
start_xml_output();
echo "<error><descr>".myiconv($webim_encoding,"utf-8",escape_with_cdata(getstring("agent.not_logged_in")))."</descr></error>";
echo "<error><descr>" . myiconv($webim_encoding, "utf-8", escape_with_cdata(getstring("agent.not_logged_in"))) . "</descr></error>";
exit;
}
@ -49,110 +49,113 @@ $threadstate_key = array(
$state_loading => "chat.thread.state_loading"
);
function thread_to_xml($thread,$link) {
function thread_to_xml($thread, $link)
{
global $state_chatting, $threadstate_to_string, $threadstate_key,
$webim_encoding, $operator, $settings,
$can_viewthreads, $can_takeover, $mysqlprefix;
$webim_encoding, $operator, $settings,
$can_viewthreads, $can_takeover, $mysqlprefix;
$state = $threadstate_to_string[$thread['istate']];
$result = "<thread id=\"".$thread['threadid']."\" stateid=\"$state\"";
if( $state == "closed" )
return $result."/>";
$result = "<thread id=\"" . $thread['threadid'] . "\" stateid=\"$state\"";
if ($state == "closed")
return $result . "/>";
$state = getstring($threadstate_key[$thread['istate']]);
$nextagent = $thread['nextagent'] != 0 ? operator_by_id_($thread['nextagent'],$link) : null;
$nextagent = $thread['nextagent'] != 0 ? operator_by_id_($thread['nextagent'], $link) : null;
$threadoperator = $nextagent ? get_operator_name($nextagent)
: ($thread['agentName'] ? $thread['agentName'] : "-");
if($threadoperator == "-" && $thread['groupname']) {
$threadoperator = "- ".$thread['groupname']." -";
: ($thread['agentName'] ? $thread['agentName'] : "-");
if ($threadoperator == "-" && $thread['groupname']) {
$threadoperator = "- " . $thread['groupname'] . " -";
}
if(!($thread['istate'] == $state_chatting && $thread['agentId'] != $operator['operatorid'] && !is_capable($can_takeover,$operator))) {
if (!($thread['istate'] == $state_chatting && $thread['agentId'] != $operator['operatorid'] && !is_capable($can_takeover, $operator))) {
$result .= " canopen=\"true\"";
}
if ($thread['agentId'] != $operator['operatorid'] && $thread['nextagent'] != $operator['operatorid']
&& is_capable($can_viewthreads, $operator)) {
&& is_capable($can_viewthreads, $operator)) {
$result .= " canview=\"true\"";
}
if ($settings['enableban'] == "1") {
$result .= " canban=\"true\"";
}
$banForThread = $settings['enableban'] == "1" ? ban_for_addr_($thread['remote'],$link) : false;
if($banForThread) {
$result .= " ban=\"blocked\" banid=\"".$banForThread['banid']."\"";
$banForThread = $settings['enableban'] == "1" ? ban_for_addr_($thread['remote'], $link) : false;
if ($banForThread) {
$result .= " ban=\"blocked\" banid=\"" . $banForThread['banid'] . "\"";
}
$result .= " state=\"$state\" typing=\"".$thread['userTyping']."\">";
$result .="<name>";
if($banForThread) {
$result .= " state=\"$state\" typing=\"" . $thread['userTyping'] . "\">";
$result .= "<name>";
if ($banForThread) {
$result .= htmlspecialchars(getstring('chat.client.spam.prefix'));
}
$result .= htmlspecialchars(htmlspecialchars(get_user_name($thread['userName'],$thread['remote'], $thread['userid'])))."</name>";
$result .= "<addr>".htmlspecialchars(get_user_addr($thread['remote']))."</addr>";
$result .= "<agent>".htmlspecialchars(htmlspecialchars($threadoperator))."</agent>";
$result .= "<time>".$thread['unix_timestamp(dtmcreated)']."000</time>";
$result .= "<modified>".$thread['unix_timestamp(dtmmodified)']."000</modified>";
$result .= htmlspecialchars(htmlspecialchars(get_user_name($thread['userName'], $thread['remote'], $thread['userid']))) . "</name>";
$result .= "<addr>" . htmlspecialchars(get_user_addr($thread['remote'])) . "</addr>";
$result .= "<agent>" . htmlspecialchars(htmlspecialchars($threadoperator)) . "</agent>";
$result .= "<time>" . $thread['unix_timestamp(dtmcreated)'] . "000</time>";
$result .= "<modified>" . $thread['unix_timestamp(dtmmodified)'] . "000</modified>";
if($banForThread) {
$result .= "<reason>".$banForThread['comment']."</reason>";
if ($banForThread) {
$result .= "<reason>" . $banForThread['comment'] . "</reason>";
}
$userAgent = get_useragent_version($thread['userAgent']);
$result .= "<useragent>".$userAgent."</useragent>";
if( $thread["shownmessageid"] != 0 ) {
$query = "select tmessage from ${mysqlprefix}chatmessage where messageid = ".$thread["shownmessageid"];
$result .= "<useragent>" . $userAgent . "</useragent>";
if ($thread["shownmessageid"] != 0) {
$query = "select tmessage from ${mysqlprefix}chatmessage where messageid = " . $thread["shownmessageid"];
$line = select_one_row($query, $link);
if( $line ) {
if ($line) {
$message = preg_replace("/[\r\n\t]+/", " ", $line["tmessage"]);
$result .= "<message>".htmlspecialchars(htmlspecialchars($message))."</message>";
$result .= "<message>" . htmlspecialchars(htmlspecialchars($message)) . "</message>";
}
}
$result .= "</thread>";
return $result;
}
function print_pending_threads($groupids,$since) {
function print_pending_threads($groupids, $since)
{
global $webim_encoding, $settings, $state_closed, $state_left, $mysqlprefix;
$link = connect();
$revision = $since;
$output = array();
$query = "select threadid, userName, agentName, unix_timestamp(dtmcreated), userTyping, ".
"unix_timestamp(dtmmodified), lrevision, istate, remote, nextagent, agentId, userid, shownmessageid, userAgent, (select vclocalname from ${mysqlprefix}chatgroup where ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatthread.groupid) as groupname ".
"from ${mysqlprefix}chatthread where lrevision > $since ".
($since <= 0
? "AND istate <> $state_closed AND istate <> $state_left "
: "").
$query = "select threadid, userName, agentName, unix_timestamp(dtmcreated), userTyping, " .
"unix_timestamp(dtmmodified), lrevision, istate, remote, nextagent, agentId, userid, shownmessageid, userAgent, (select vclocalname from ${mysqlprefix}chatgroup where ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatthread.groupid) as groupname " .
"from ${mysqlprefix}chatthread where lrevision > $since " .
($since <= 0
? "AND istate <> $state_closed AND istate <> $state_left "
: "") .
($settings['enablegroups'] == '1'
? "AND (groupid is NULL".($groupids
? " OR groupid IN ($groupids)"
: "").
") "
: "").
? "AND (groupid is NULL" . ($groupids
? " OR groupid IN ($groupids)"
: "") .
") "
: "") .
"ORDER BY threadid";
$rows = select_multi_assoc($query, $link);
foreach ($rows as $row) {
$thread = thread_to_xml($row,$link);
$thread = thread_to_xml($row, $link);
$output[] = $thread;
if( $row['lrevision'] > $revision )
if ($row['lrevision'] > $revision)
$revision = $row['lrevision'];
}
mysql_close($link);
echo "<threads revision=\"$revision\" time=\"".time()."000\">";
foreach( $output as $thr ) {
print myiconv($webim_encoding,"utf-8",$thr);
echo "<threads revision=\"$revision\" time=\"" . time() . "000\">";
foreach ($output as $thr) {
print myiconv($webim_encoding, "utf-8", $thr);
}
echo "</threads>";
}
function print_operators() {
function print_operators()
{
echo "<operators>";
$operators = operator_get_all();
foreach($operators as $operator) {
foreach ($operators as $operator) {
if (!operator_is_online($operator))
continue;
@ -161,16 +164,16 @@ function print_operators() {
echo "<operator name=\"$name\"$away/>";
}
echo "</operators>";
echo "</operators>";
}
$since = verifyparam( "since", "/^\d{1,9}$/", 0);
$status = verifyparam( "status", "/^\d{1,2}$/", 0);
$showonline = verifyparam( "showonline", "/^1$/", 0);
$since = verifyparam("since", "/^\d{1,9}$/", 0);
$status = verifyparam("status", "/^\d{1,2}$/", 0);
$showonline = verifyparam("showonline", "/^1$/", 0);
$link = connect();
loadsettings_($link);
if(!isset($_SESSION['operatorgroups'])) {
if (!isset($_SESSION['operatorgroups'])) {
$_SESSION["${mysqlprefix}operatorgroups"] = get_operator_groupslist($operator['operatorid'], $link);
}
mysql_close($link);
@ -178,10 +181,10 @@ $groupids = $_SESSION["${mysqlprefix}operatorgroups"];
start_xml_output();
echo '<update>';
if($showonline) {
if ($showonline) {
print_operators();
}
print_pending_threads($groupids,$since);
print_pending_threads($groupids, $since);
echo '</update>';
notify_operator_alive($operator['operatorid'], $status);
exit;

4
src/messenger/webim/operator/updates.php
View File

@ -34,8 +34,8 @@ $page = array(
'version' => $version,
);
foreach($default_extensions as $ext) {
if(!extension_loaded($ext)) {
foreach ($default_extensions as $ext) {
if (!extension_loaded($ext)) {
$page['phpVersion'] .= " $ext/absent";
} else {
$ver = phpversion($ext);

23
src/messenger/webim/operator/userhistory.php
View File

@ -33,23 +33,24 @@ $page = array();
setlocale(LC_TIME, getstring("time.locale"));
$userid = "";
if( isset($_GET['userid'])) {
$userid = verifyparam( "userid", "/^.{0,63}$/", "");
if (isset($_GET['userid'])) {
$userid = verifyparam("userid", "/^.{0,63}$/", "");
}
function threads_by_userid($userid) {
global $mysqlprefix;
function threads_by_userid($userid)
{
global $mysqlprefix;
if ($userid == "") {
return null;
return null;
}
$link = connect();
$query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, ".
" threadid, remote, agentName, userName ".
"from ${mysqlprefix}chatthread ".
"where userid=\"$userid\" order by created DESC", $userid);
$query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, " .
" threadid, remote, agentName, userName " .
"from ${mysqlprefix}chatthread " .
"where userid=\"$userid\" order by created DESC", $userid);
$result = mysql_query($query, $link) or die(' Query failed: ' .mysql_error($link) /*.": ".$query*/);
$result = mysql_query($query, $link) or die(' Query failed: ' . mysql_error($link) /*.": ".$query*/);
$foundThreads = array();
while ($thread = mysql_fetch_array($result, MYSQL_ASSOC)) {
@ -64,7 +65,7 @@ function threads_by_userid($userid) {
$found = threads_by_userid($userid);
prepare_menu($operator);
setup_pagination($found,6);
setup_pagination($found, 6);
start_html_output();
require('../view/userhistory.php');
?>