Mibew/design
1
0
Fork 0
mirror of https://github.com/Mibew/design.git synced 2025-01-23 02:20:34 +03:00
Code Issues Actions Packages Projects Releases Wiki Activity

format code in operator/

Browse Source
This commit is contained in:
Evgeny Gryaznov 2011-02-26 15:06:19 +01:00
parent a90594235a
commit 0c58691731
29 changed files with 648 additions and 624 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

44
src/messenger/webim/operator/agent.php
View File

@ -29,47 +29,47 @@ require_once('../libs/expand.php');
$operator = check_login(); $operator = check_login();
loadsettings(); loadsettings();
if($settings['enablessl'] == "1" && $settings['forcessl'] == "1") { if ($settings['enablessl'] == "1" && $settings['forcessl'] == "1") {
if(!is_secure_request()) { if (!is_secure_request()) {
$requested = $_SERVER['PHP_SELF']; $requested = $_SERVER['PHP_SELF'];
if($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['QUERY_STRING']) { if ($_SERVER['REQUEST_METHOD'] == 'GET' && $_SERVER['QUERY_STRING']) {
header("Location: ".get_app_location(true,true)."/operator/agent.php?".$_SERVER['QUERY_STRING']); header("Location: " . get_app_location(true, true) . "/operator/agent.php?" . $_SERVER['QUERY_STRING']);
} else { } else {
die("only https connections are handled"); die("only https connections are handled");
} }
exit; exit;
} }
} }
$threadid = verifyparam( "thread", "/^\d{1,8}$/"); $threadid = verifyparam("thread", "/^\d{1,8}$/");
if( !isset($_GET['token']) ) { if (!isset($_GET['token'])) {
$remote_level = get_remote_level($_SERVER['HTTP_USER_AGENT']); $remote_level = get_remote_level($_SERVER['HTTP_USER_AGENT']);
if( $remote_level != "ajaxed" ) { if ($remote_level != "ajaxed") {
die("old browser is used, please update it"); die("old browser is used, please update it");
} }
$thread = thread_by_id($threadid); $thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) ) { if (!$thread || !isset($thread['ltoken'])) {
die("wrong thread"); die("wrong thread");
} }
$viewonly = verifyparam( "viewonly", "/^true$/", false); $viewonly = verifyparam("viewonly", "/^true$/", false);
$forcetake = verifyparam("force", "/^true$/", false); $forcetake = verifyparam("force", "/^true$/", false);
if( !$viewonly && $thread['istate'] == $state_chatting && $operator['operatorid'] != $thread['agentId'] ) { if (!$viewonly && $thread['istate'] == $state_chatting && $operator['operatorid'] != $thread['agentId']) {
if(!is_capable($can_takeover, $operator)) { if (!is_capable($can_takeover, $operator)) {
$errors = array("Cannot take over"); $errors = array("Cannot take over");
start_html_output(); start_html_output();
expand("../styles", getchatstyle(), "error.tpl"); expand("../styles", getchatstyle(), "error.tpl");
exit; exit;
} }
if( $forcetake == false ) { if ($forcetake == false) {
$page = array( $page = array(
'user' => topage($thread['userName']), 'agent' => topage($thread['agentName']), 'link' => $_SERVER['PHP_SELF']."?thread=$threadid&force=true" 'user' => topage($thread['userName']), 'agent' => topage($thread['agentName']), 'link' => $_SERVER['PHP_SELF'] . "?thread=$threadid&force=true"
); );
start_html_output(); start_html_output();
require('../view/confirm.php'); require('../view/confirm.php');
@ -78,8 +78,8 @@ if( !isset($_GET['token']) ) {
} }
if (!$viewonly) { if (!$viewonly) {
take_thread($thread,$operator); take_thread($thread, $operator);
} else if(!is_capable($can_viewthreads, $operator)) { } else if (!is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads"); $errors = array("Cannot view threads");
start_html_output(); start_html_output();
expand("../styles", getchatstyle(), "error.tpl"); expand("../styles", getchatstyle(), "error.tpl");
@ -91,14 +91,14 @@ if( !isset($_GET['token']) ) {
exit; exit;
} }
$token = verifyparam( "token", "/^\d{1,8}$/"); $token = verifyparam("token", "/^\d{1,8}$/");
$thread = thread_by_id($threadid); $thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) || $token != $thread['ltoken'] ) { if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread"); die("wrong thread");
} }
if($thread['agentId'] != $operator['operatorid'] && !is_capable($can_viewthreads, $operator)) { if ($thread['agentId'] != $operator['operatorid'] && !is_capable($can_viewthreads, $operator)) {
$errors = array("Cannot view threads"); $errors = array("Cannot view threads");
start_html_output(); start_html_output();
expand("../styles", getchatstyle(), "error.tpl"); expand("../styles", getchatstyle(), "error.tpl");
@ -109,9 +109,9 @@ setup_chatview_for_operator($thread, $operator);
start_html_output(); start_html_output();
$pparam = verifyparam( "act", "/^(redirect)$/", "default"); $pparam = verifyparam("act", "/^(redirect)$/", "default");
if( $pparam == "redirect" ) { if ($pparam == "redirect") {
setup_redirect_links($threadid,$token); setup_redirect_links($threadid, $token);
expand("../styles", getchatstyle(), "redirect.tpl"); expand("../styles", getchatstyle(), "redirect.tpl");
} else { } else {
expand("../styles", getchatstyle(), "chat.tpl"); expand("../styles", getchatstyle(), "chat.tpl");

2
src/messenger/webim/operator/autologin.php
View File

@ -25,7 +25,7 @@ require_once('../libs/operator.php');
$operator = check_login(false); $operator = check_login(false);
start_xml_output(); start_xml_output();
if($operator) { if ($operator) {
echo "<login><status>OK</status></login>"; echo "<login><status>OK</status></login>";
} else { } else {
echo "<login><status>FAILED</status></login>"; echo "<login><status>FAILED</status></login>";

76
src/messenger/webim/operator/avatar.php
View File

@ -25,57 +25,57 @@ require_once('../libs/operator_settings.php');
$operator = check_login(); $operator = check_login();
$opId = verifyparam( "op","/^\d{1,9}$/"); $opId = verifyparam("op", "/^\d{1,9}$/");
$page = array('opid' => $opId, 'avatar' => ''); $page = array('opid' => $opId, 'avatar' => '');
$errors = array(); $errors = array();
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator)) $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator); || is_capable($can_administrate, $operator);
$op = operator_by_id($opId); $op = operator_by_id($opId);
if( !$op ) { if (!$op) {
$errors[] = getlocal("no_such_operator"); $errors[] = getlocal("no_such_operator");
} else if( isset($_POST['op']) ) { } else if (isset($_POST['op'])) {
$avatar = $op['vcavatar']; $avatar = $op['vcavatar'];
if(!$canmodify) { if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify'); $errors[] = getlocal('page_agent.cannot_modify');
} else if( isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) { } else if (isset($_FILES['avatarFile']) && $_FILES['avatarFile']['name']) {
$valid_types = array("gif","jpg", "png", "tif"); $valid_types = array("gif", "jpg", "png", "tif");
$orig_filename = $_FILES['avatarFile']['name']; $orig_filename = $_FILES['avatarFile']['name'];
$tmp_file_name = $_FILES['avatarFile']['tmp_name']; $tmp_file_name = $_FILES['avatarFile']['tmp_name'];
$ext = strtolower(substr($orig_filename, 1 + strrpos($orig_filename, "."))); $ext = strtolower(substr($orig_filename, 1 + strrpos($orig_filename, ".")));
$new_file_name = "$opId.$ext"; $new_file_name = "$opId.$ext";
loadsettings(); loadsettings();
$file_size = $_FILES['avatarFile']['size']; $file_size = $_FILES['avatarFile']['size'];
if ($file_size == 0 || $file_size > $settings['max_uploaded_file_size']) { if ($file_size == 0 || $file_size > $settings['max_uploaded_file_size']) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.size.exceeded"); $errors[] = failed_uploading_file($orig_filename, "errors.file.size.exceeded");
} elseif(!in_array($ext, $valid_types)) { } elseif (!in_array($ext, $valid_types)) {
$errors[] = failed_uploading_file($orig_filename, "errors.invalid.file.type"); $errors[] = failed_uploading_file($orig_filename, "errors.invalid.file.type");
} else { } else {
$avatar_local_dir = "../images/avatar/"; $avatar_local_dir = "../images/avatar/";
$full_file_path = $avatar_local_dir.$new_file_name; $full_file_path = $avatar_local_dir . $new_file_name;
if (file_exists($full_file_path)) { if (file_exists($full_file_path)) {
unlink($full_file_path); unlink($full_file_path);
} }
if (!move_uploaded_file($_FILES['avatarFile']['tmp_name'], $full_file_path)) { if (!move_uploaded_file($_FILES['avatarFile']['tmp_name'], $full_file_path)) {
$errors[] = failed_uploading_file($orig_filename, "errors.file.move.error"); $errors[] = failed_uploading_file($orig_filename, "errors.file.move.error");
} else { } else {
$avatar = "$webimroot/images/avatar/$new_file_name"; $avatar = "$webimroot/images/avatar/$new_file_name";
} }
} }
} else { } else {
$errors[] = "No file selected"; $errors[] = "No file selected";
} }
if(count($errors) == 0) { if (count($errors) == 0) {
update_operator_avatar($op['operatorid'],$avatar); update_operator_avatar($op['operatorid'], $avatar);
if ($opId && $avatar && $_SESSION["${mysqlprefix}operator"] && $operator['operatorid'] == $opId) { if ($opId && $avatar && $_SESSION["${mysqlprefix}operator"] && $operator['operatorid'] == $opId) {
$_SESSION["${mysqlprefix}operator"]['vcavatar'] = $avatar; $_SESSION["${mysqlprefix}operator"]['vcavatar'] = $avatar;
@ -88,18 +88,18 @@ if( !$op ) {
} else { } else {
if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) { if (isset($_GET['delete']) && $_GET['delete'] == "true" && $canmodify) {
update_operator_avatar($op['operatorid'],''); update_operator_avatar($op['operatorid'], '');
header("Location: $webimroot/operator/avatar.php?op=$opId"); header("Location: $webimroot/operator/avatar.php?op=$opId");
exit; exit;
} }
$page['avatar'] = topage($op['vcavatar']); $page['avatar'] = topage($op['vcavatar']);
} }
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-"; $page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
$page['canmodify'] = $canmodify ? "1" : ""; $page['canmodify'] = $canmodify ? "1" : "";
prepare_menu($operator); prepare_menu($operator);
setup_operator_settings_tabs($opId,1); setup_operator_settings_tabs($opId, 1);
start_html_output(); start_html_output();
require('../view/avatar.php'); require('../view/avatar.php');
?> ?>

52
src/messenger/webim/operator/ban.php
View File

@ -31,55 +31,55 @@ $page['thread'] = '';
$page['threadid'] = ''; $page['threadid'] = '';
$errors = array(); $errors = array();
if( isset($_POST['address']) ) { if (isset($_POST['address'])) {
$banId = verifyparam( "banId", "/^(\d{1,9})?$/", ""); $banId = verifyparam("banId", "/^(\d{1,9})?$/", "");
$address = getparam("address"); $address = getparam("address");
$days = getparam("days"); $days = getparam("days");
$comment = getparam('comment'); $comment = getparam('comment');
$threadid = isset($_POST['threadid']) ? getparam('threadid') : ""; $threadid = isset($_POST['threadid']) ? getparam('threadid') : "";
if( !$address ) { if (!$address) {
$errors[] = no_field("form.field.address"); $errors[] = no_field("form.field.address");
} }
if( !preg_match( "/^\d+$/", $days )) { if (!preg_match("/^\d+$/", $days)) {
$errors[] = wrong_field("form.field.ban_days"); $errors[] = wrong_field("form.field.ban_days");
} }
if( !$comment ) { if (!$comment) {
$errors[] = no_field("form.field.ban_comment"); $errors[] = no_field("form.field.ban_comment");
} }
$link = connect(); $link = connect();
$existing_ban = ban_for_addr_($address,$link); $existing_ban = ban_for_addr_($address, $link);
mysql_close($link); mysql_close($link);
if( (!$banId && $existing_ban) || if ((!$banId && $existing_ban) ||
( $banId && $existing_ban && $banId != $existing_ban['banid']) ) { ($banId && $existing_ban && $banId != $existing_ban['banid'])) {
$errors[] = getlocal2("ban.error.duplicate",array($address,$existing_ban['banid'])); $errors[] = getlocal2("ban.error.duplicate", array($address, $existing_ban['banid']));
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
$link = connect(); $link = connect();
$utime = time() + $days * 24*60*60; $utime = time() + $days * 24 * 60 * 60;
if (!$banId) { if (!$banId) {
$query = sprintf( $query = sprintf(
"insert into ${mysqlprefix}chatban (dtmcreated,dtmtill,address,comment) values (CURRENT_TIMESTAMP,%s,'%s','%s')", "insert into ${mysqlprefix}chatban (dtmcreated,dtmtill,address,comment) values (CURRENT_TIMESTAMP,%s,'%s','%s')",
"FROM_UNIXTIME($utime)", "FROM_UNIXTIME($utime)",
mysql_real_escape_string($address,$link), mysql_real_escape_string($address, $link),
mysql_real_escape_string($comment,$link)); mysql_real_escape_string($comment, $link));
perform_query($query,$link); perform_query($query, $link);
} else { } else {
$query = sprintf( $query = sprintf(
"update ${mysqlprefix}chatban set dtmtill = %s,address = '%s',comment = '%s' where banid = $banId", "update ${mysqlprefix}chatban set dtmtill = %s,address = '%s',comment = '%s' where banid = $banId",
"FROM_UNIXTIME($utime)", "FROM_UNIXTIME($utime)",
mysql_real_escape_string($address,$link), mysql_real_escape_string($address, $link),
mysql_real_escape_string($comment,$link)); mysql_real_escape_string($comment, $link));
perform_query($query,$link); perform_query($query, $link);
} }
mysql_close($link); mysql_close($link);
if(!$threadid) { if (!$threadid) {
header("Location: $webimroot/operator/blocked.php"); header("Location: $webimroot/operator/blocked.php");
exit; exit;
} else { } else {
@ -93,24 +93,24 @@ if( isset($_POST['address']) ) {
$page['formcomment'] = topage($comment); $page['formcomment'] = topage($comment);
$page['threadid'] = $threadid; $page['threadid'] = $threadid;
} }
} else if(isset($_GET['id'])) { } else if (isset($_GET['id'])) {
$banId = verifyparam( 'id', "/^\d{1,9}$/"); $banId = verifyparam('id', "/^\d{1,9}$/");
$link = connect(); $link = connect();
$ban = select_one_row("select banid,(unix_timestamp(dtmtill)-unix_timestamp(CURRENT_TIMESTAMP)) as days,address,comment from ${mysqlprefix}chatban where banid = $banId", $link); $ban = select_one_row("select banid,(unix_timestamp(dtmtill)-unix_timestamp(CURRENT_TIMESTAMP)) as days,address,comment from ${mysqlprefix}chatban where banid = $banId", $link);
mysql_close($link); mysql_close($link);
if( $ban ) { if ($ban) {
$page['banId'] = topage($ban['banid']); $page['banId'] = topage($ban['banid']);
$page['formaddress'] = topage($ban['address']); $page['formaddress'] = topage($ban['address']);
$page['formdays'] = topage(round($ban['days']/86400)); $page['formdays'] = topage(round($ban['days'] / 86400));
$page['formcomment'] = topage($ban['comment']); $page['formcomment'] = topage($ban['comment']);
} else { } else {
$errors[] = "Wrong id"; $errors[] = "Wrong id";
} }
} else if(isset($_GET['thread'])) { } else if (isset($_GET['thread'])) {
$threadid = verifyparam( 'thread', "/^\d{1,9}$/"); $threadid = verifyparam('thread', "/^\d{1,9}$/");
$thread = thread_by_id($threadid); $thread = thread_by_id($threadid);
if( $thread ) { if ($thread) {
$page['thread'] = topage($thread['userName']); $page['thread'] = topage($thread['userName']);
$page['threadid'] = $threadid; $page['threadid'] = $threadid;
$page['formaddress'] = topage($thread['remote']); $page['formaddress'] = topage($thread['remote']);

10
src/messenger/webim/operator/blocked.php
View File

@ -32,22 +32,22 @@ setlocale(LC_TIME, getstring("time.locale"));
$link = connect(); $link = connect();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) { if (isset($_GET['act']) && $_GET['act'] == 'del') {
$banId = isset($_GET['id']) ? $_GET['id'] : ""; $banId = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $banId )) { if (!preg_match("/^\d+$/", $banId)) {
$errors[] = "Cannot delete: wrong argument"; $errors[] = "Cannot delete: wrong argument";
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
perform_query("delete from ${mysqlprefix}chatban where banid = $banId",$link); perform_query("delete from ${mysqlprefix}chatban where banid = $banId", $link);
header("Location: $webimroot/operator/blocked.php"); header("Location: $webimroot/operator/blocked.php");
exit; exit;
} }
} }
$result = mysql_query("select banid,unix_timestamp(dtmtill) as till,address,comment from ${mysqlprefix}chatban", $link) $result = mysql_query("select banid,unix_timestamp(dtmtill) as till,address,comment from ${mysqlprefix}chatban", $link)
or die(' Query failed: ' .mysql_error($link)); or die(' Query failed: ' . mysql_error($link));
$blockedList = array(); $blockedList = array();
while ($ban = mysql_fetch_array($result, MYSQL_ASSOC)) { while ($ban = mysql_fetch_array($result, MYSQL_ASSOC)) {

59
src/messenger/webim/operator/canned.php
View File

@ -31,33 +31,34 @@ loadsettings();
$errors = array(); $errors = array();
$page = array(); $page = array();
function load_canned_messages($locale, $groupid) { function load_canned_messages($locale, $groupid)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$query = "select id, vcvalue from ${mysqlprefix}chatresponses ". $query = "select id, vcvalue from ${mysqlprefix}chatresponses " .
"where locale = '".$locale."' AND (". "where locale = '" . $locale . "' AND (" .
($groupid ($groupid
? "groupid = $groupid" ? "groupid = $groupid"
: "groupid is NULL OR groupid = 0"). : "groupid is NULL OR groupid = 0") .
") order by vcvalue"; ") order by vcvalue";
$result = select_multi_assoc($query, $link); $result = select_multi_assoc($query, $link);
if(!$groupid && count($result) == 0) { if (!$groupid && count($result) == 0) {
foreach(explode("\n", getstring_('chat.predefined_answers', $locale)) as $answer) { foreach (explode("\n", getstring_('chat.predefined_answers', $locale)) as $answer) {
$result[] = array('id' => '', 'vcvalue' => $answer); $result[] = array('id' => '', 'vcvalue' => $answer);
} }
if(count($result) > 0) { if (count($result) > 0) {
$updatequery = "insert into ${mysqlprefix}chatresponses (vcvalue,locale,groupid) values "; $updatequery = "insert into ${mysqlprefix}chatresponses (vcvalue,locale,groupid) values ";
for($i=0;$i<count($result);$i++) { for ($i = 0; $i < count($result); $i++) {
if($i > 0) { if ($i > 0) {
$updatequery .= ", "; $updatequery .= ", ";
} }
$updatequery .= "('".mysql_real_escape_string($result[$i]['vcvalue'], $link)."','$locale', NULL)"; $updatequery .= "('" . mysql_real_escape_string($result[$i]['vcvalue'], $link) . "','$locale', NULL)";
} }
perform_query($updatequery, $link); perform_query($updatequery, $link);
$result = select_multi_assoc($query, $link); $result = select_multi_assoc($query, $link);
} }
} }
mysql_close($link); mysql_close($link);
return $result; return $result;
} }
@ -66,24 +67,24 @@ function load_canned_messages($locale, $groupid) {
$all_locales = get_available_locales(); $all_locales = get_available_locales();
$locales_with_label = array(); $locales_with_label = array();
foreach($all_locales as $id) { foreach ($all_locales as $id) {
$locales_with_label[] = array('id' => $id, 'name' => getlocal_($id,"names")); $locales_with_label[] = array('id' => $id, 'name' => getlocal_($id, "names"));
} }
$page['locales'] = $locales_with_label; $page['locales'] = $locales_with_label;
$lang = verifyparam("lang", "/^[\w-]{2,5}$/", ""); $lang = verifyparam("lang", "/^[\w-]{2,5}$/", "");
if( !$lang || !in_array($lang,$all_locales) ) { if (!$lang || !in_array($lang, $all_locales)) {
$lang = in_array($current_locale,$all_locales) ? $current_locale : $all_locales[0]; $lang = in_array($current_locale, $all_locales) ? $current_locale : $all_locales[0];
} }
# groups # groups
$groupid = ""; $groupid = "";
if($settings['enablegroups'] == '1') { if ($settings['enablegroups'] == '1') {
$groupid = verifyparam( "group", "/^\d{0,8}$/", ""); $groupid = verifyparam("group", "/^\d{0,8}$/", "");
if($groupid) { if ($groupid) {
$group = group_by_id($groupid); $group = group_by_id($groupid);
if(!$group) { if (!$group) {
$errors[] = getlocal("page.group.no_such"); $errors[] = getlocal("page.group.no_such");
$groupid = ""; $groupid = "";
} }
@ -94,23 +95,23 @@ if($settings['enablegroups'] == '1') {
mysql_close($link); mysql_close($link);
$page['groups'] = array(); $page['groups'] = array();
$page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group")); $page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group"));
foreach($allgroups as $g) { foreach ($allgroups as $g) {
$page['groups'][] = $g; $page['groups'][] = $g;
} }
} }
# delete # delete
if(isset($_GET['act']) && $_GET['act'] == 'delete') { if (isset($_GET['act']) && $_GET['act'] == 'delete') {
$key = isset($_GET['key']) ? $_GET['key'] : ""; $key = isset($_GET['key']) ? $_GET['key'] : "";
if( !preg_match( "/^\d+$/", $key )) { if (!preg_match("/^\d+$/", $key)) {
$errors[] = "Wrong key"; $errors[] = "Wrong key";
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
$link = connect(); $link = connect();
perform_query("delete from ${mysqlprefix}chatresponses where id = $key",$link); perform_query("delete from ${mysqlprefix}chatresponses where id = $key", $link);
mysql_close($link); mysql_close($link);
header("Location: $webimroot/operator/canned.php?lang=$lang&group=$groupid"); header("Location: $webimroot/operator/canned.php?lang=$lang&group=$groupid");
exit; exit;

41
src/messenger/webim/operator/cannededit.php
View File

@ -23,28 +23,31 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
require_once('../libs/pagination.php'); require_once('../libs/pagination.php');
function load_message($key) { function load_message($key)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$result = select_one_row("select vcvalue from ${mysqlprefix}chatresponses where id = $key", $link); $result = select_one_row("select vcvalue from ${mysqlprefix}chatresponses where id = $key", $link);
mysql_close($link); mysql_close($link);
return $result ? $result['vcvalue'] : null; return $result ? $result['vcvalue'] : null;
} }
function save_message($key,$message) { function save_message($key, $message)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
perform_query("update ${mysqlprefix}chatresponses set vcvalue = '".mysql_real_escape_string($message,$link)."' ". perform_query("update ${mysqlprefix}chatresponses set vcvalue = '" . mysql_real_escape_string($message, $link) . "' " .
"where id = $key", $link); "where id = $key", $link);
mysql_close($link); mysql_close($link);
} }
function add_message($locale,$groupid,$message) { function add_message($locale, $groupid, $message)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
perform_query("insert into ${mysqlprefix}chatresponses (locale,groupid,vcvalue) values ('$locale',". perform_query("insert into ${mysqlprefix}chatresponses (locale,groupid,vcvalue) values ('$locale'," .
($groupid ? "$groupid, " : "null, "). ($groupid ? "$groupid, " : "null, ") .
"'".mysql_real_escape_string($message,$link)."')", $link); "'" . mysql_real_escape_string($message, $link) . "')", $link);
mysql_close($link); mysql_close($link);
} }
@ -56,9 +59,9 @@ $stringid = verifyparam("key", "/^\d{0,9}$/", "");
$errors = array(); $errors = array();
$page = array(); $page = array();
if($stringid) { if ($stringid) {
$message = load_message($stringid); $message = load_message($stringid);
if(!$message) { if (!$message) {
$errors[] = getlocal("cannededit.no_such"); $errors[] = getlocal("cannededit.no_such");
$stringid = ""; $stringid = "";
} }
@ -66,19 +69,19 @@ if($stringid) {
$message = ""; $message = "";
$page['locale'] = verifyparam("lang", "/^[\w-]{2,5}$/", ""); $page['locale'] = verifyparam("lang", "/^[\w-]{2,5}$/", "");
$page['groupid'] = ""; $page['groupid'] = "";
if($settings['enablegroups'] == '1') { if ($settings['enablegroups'] == '1') {
$page['groupid'] = verifyparam( "group", "/^\d{0,8}$/"); $page['groupid'] = verifyparam("group", "/^\d{0,8}$/");
} }
} }
if(isset($_POST['message'])) { if (isset($_POST['message'])) {
$message = getparam('message'); $message = getparam('message');
if(!$message) { if (!$message) {
$errors[] = no_field("form.field.message"); $errors[] = no_field("form.field.message");
} }
if(count($errors) == 0) { if (count($errors) == 0) {
if($stringid) { if ($stringid) {
save_message($stringid, $message); save_message($stringid, $message);
} else { } else {
add_message($page['locale'], $page['groupid'], $message); add_message($page['locale'], $page['groupid'], $message);

28
src/messenger/webim/operator/features.php
View File

@ -29,30 +29,30 @@ $page = array('agentId' => '');
$errors = array(); $errors = array();
$options = array( $options = array(
'enableban', 'usercanchangename', 'enablegroups', 'enablestatistics', 'enableban', 'usercanchangename', 'enablegroups', 'enablestatistics',
'enablessl', 'forcessl', 'enablessl', 'forcessl',
'enablepresurvey', 'surveyaskmail', 'surveyaskgroup', 'surveyaskmessage', 'enablepresurvey', 'surveyaskmail', 'surveyaskgroup', 'surveyaskmessage',
'enablepopupnotification', 'showonlineoperators', 'enablepopupnotification', 'showonlineoperators',
'enablecaptcha'); 'enablecaptcha');
loadsettings(); loadsettings();
if($settings['featuresversion'] != $featuresversion) { if ($settings['featuresversion'] != $featuresversion) {
$settings['featuresversion'] = $featuresversion; $settings['featuresversion'] = $featuresversion;
update_settings(); update_settings();
} }
$params = array(); $params = array();
foreach($options as $opt) { foreach ($options as $opt) {
$params[$opt] = $settings[$opt]; $params[$opt] = $settings[$opt];
} }
if (isset($_POST['sent'])) { if (isset($_POST['sent'])) {
if (is_capable($can_administrate, $operator)) { if (is_capable($can_administrate, $operator)) {
foreach($options as $opt) { foreach ($options as $opt) {
$settings[$opt] = verifyparam($opt,"/^on$/", "") == "on" ? "1" : "0"; $settings[$opt] = verifyparam($opt, "/^on$/", "") == "on" ? "1" : "0";
} }
update_settings(); update_settings();
header("Location: $webimroot/operator/features.php?stored"); header("Location: $webimroot/operator/features.php?stored");
exit; exit;
} else { } else {
$errors[] = "Not an administrator"; $errors[] = "Not an administrator";
} }
@ -60,8 +60,8 @@ if (isset($_POST['sent'])) {
$page['canmodify'] = is_capable($can_administrate, $operator); $page['canmodify'] = is_capable($can_administrate, $operator);
$page['stored'] = isset($_GET['stored']); $page['stored'] = isset($_GET['stored']);
foreach($options as $opt) { foreach ($options as $opt) {
$page["form$opt"] = $params[$opt] == "1"; $page["form$opt"] = $params[$opt] == "1";
} }
prepare_menu($operator); prepare_menu($operator);

63
src/messenger/webim/operator/getcode.php
View File

@ -23,20 +23,21 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
require_once('../libs/groups.php'); require_once('../libs/groups.php');
function generate_button($title,$locale,$style,$group,$inner,$showhost,$forcesecure,$modsecurity) { function generate_button($title, $locale, $style, $group, $inner, $showhost, $forcesecure, $modsecurity)
$link = get_app_location($showhost,$forcesecure)."/client.php"; {
if($locale) $link = get_app_location($showhost, $forcesecure) . "/client.php";
if ($locale)
$link = append_query($link, "locale=$locale"); $link = append_query($link, "locale=$locale");
if($style) if ($style)
$link = append_query($link, "style=$style"); $link = append_query($link, "style=$style");
if($group) if ($group)
$link = append_query($link, "group=$group"); $link = append_query($link, "group=$group");
$modsecfix = $modsecurity ? ".replace('http://','').replace('https://','')" : ""; $modsecfix = $modsecurity ? ".replace('http://','').replace('https://','')" : "";
$jslink = append_query("'".$link,"url='+escape(document.location.href$modsecfix)+'&amp;referrer='+escape(document.referrer$modsecfix)"); $jslink = append_query("'" . $link, "url='+escape(document.location.href$modsecfix)+'&amp;referrer='+escape(document.referrer$modsecfix)");
$temp = get_popup($link, "$jslink", $temp = get_popup($link, "$jslink",
$inner, $title, "webim", "toolbar=0,scrollbars=0,location=0,status=1,menubar=0,width=640,height=480,resizable=1" ); $inner, $title, "webim", "toolbar=0,scrollbars=0,location=0,status=1,menubar=0,width=640,height=480,resizable=1");
return "<!-- webim button -->".$temp."<!-- / webim button -->"; return "<!-- webim button -->" . $temp . "<!-- / webim button -->";
} }
$operator = check_login(); $operator = check_login();
@ -44,14 +45,14 @@ loadsettings();
$imageLocales = array(); $imageLocales = array();
$allLocales = get_available_locales(); $allLocales = get_available_locales();
foreach($allLocales as $curr) { foreach ($allLocales as $curr) {
$imagesDir = "../locales/$curr/button"; $imagesDir = "../locales/$curr/button";
if($handle = @opendir($imagesDir)) { if ($handle = @opendir($imagesDir)) {
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {
if (preg_match("/^(\w+)_on.gif$/", $file, $matches) if (preg_match("/^(\w+)_on.gif$/", $file, $matches)
&& is_file("$imagesDir/".$matches[1]."_off.gif")) { && is_file("$imagesDir/" . $matches[1] . "_off.gif")) {
$image = $matches[1]; $image = $matches[1];
if( !isset($imageLocales[$image]) ) { if (!isset($imageLocales[$image])) {
$imageLocales[$image] = array(); $imageLocales[$image] = array();
} }
$imageLocales[$image][] = $curr; $imageLocales[$image][] = $curr;
@ -66,7 +67,7 @@ $image_locales = $imageLocales[$image];
$stylelist = array("" => getlocal("page.preview.style_default")); $stylelist = array("" => getlocal("page.preview.style_default"));
$stylesfolder = "../styles"; $stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) { if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) { if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[$file] = $file; $stylelist[$file] = $file;
@ -75,56 +76,56 @@ if($handle = opendir($stylesfolder)) {
closedir($handle); closedir($handle);
} }
$style = verifyparam("style","/^\w*$/", ""); $style = verifyparam("style", "/^\w*$/", "");
if($style && !in_array($style, $stylelist)) { if ($style && !in_array($style, $stylelist)) {
$style = ""; $style = "";
} }
$groupid = ""; $groupid = "";
if($settings['enablegroups'] == '1') { if ($settings['enablegroups'] == '1') {
$groupid = verifyparam( "group", "/^\d{0,8}$/", ""); $groupid = verifyparam("group", "/^\d{0,8}$/", "");
if($groupid) { if ($groupid) {
$group = group_by_id($groupid); $group = group_by_id($groupid);
if(!$group) { if (!$group) {
$errors[] = getlocal("page.group.no_such"); $errors[] = getlocal("page.group.no_such");
$groupid = ""; $groupid = "";
} }
} }
} }
$showhost = verifyparam("hostname","/^on$/", "") == "on"; $showhost = verifyparam("hostname", "/^on$/", "") == "on";
$forcesecure = verifyparam("secure","/^on$/", "") == "on"; $forcesecure = verifyparam("secure", "/^on$/", "") == "on";
$modsecurity = verifyparam("modsecurity","/^on$/", "") == "on"; $modsecurity = verifyparam("modsecurity", "/^on$/", "") == "on";
$lang = verifyparam("lang", "/^[\w-]{2,5}$/", ""); $lang = verifyparam("lang", "/^[\w-]{2,5}$/", "");
if( !$lang || !in_array($lang,$image_locales) ) if (!$lang || !in_array($lang, $image_locales))
$lang = in_array($current_locale,$image_locales) ? $current_locale : $image_locales[0]; $lang = in_array($current_locale, $image_locales) ? $current_locale : $image_locales[0];
$file = "../locales/${lang}/button/${image}_on.gif"; $file = "../locales/${lang}/button/${image}_on.gif";
$size = get_gifimage_size($file); $size = get_gifimage_size($file);
$imagehref = get_app_location($showhost,$forcesecure)."/b.php?i=$image&amp;lang=$lang"; $imagehref = get_app_location($showhost, $forcesecure) . "/b.php?i=$image&amp;lang=$lang";
if($groupid) { if ($groupid) {
$imagehref .= "&amp;group=$groupid"; $imagehref .= "&amp;group=$groupid";
} }
$message = get_image($imagehref,$size[0],$size[1]); $message = get_image($imagehref, $size[0], $size[1]);
$page = array(); $page = array();
$page['buttonCode'] = generate_button("",$lang,$style,$groupid,$message,$showhost,$forcesecure,$modsecurity); $page['buttonCode'] = generate_button("", $lang, $style, $groupid, $message, $showhost, $forcesecure, $modsecurity);
$page['availableImages'] = array_keys($imageLocales); $page['availableImages'] = array_keys($imageLocales);
$page['availableLocales'] = $image_locales; $page['availableLocales'] = $image_locales;
$page['availableStyles'] = $stylelist; $page['availableStyles'] = $stylelist;
if($settings['enablegroups'] == '1') { if ($settings['enablegroups'] == '1') {
$link = connect(); $link = connect();
$allgroups = get_all_groups($link); $allgroups = get_all_groups($link);
mysql_close($link); mysql_close($link);
$page['groups'] = array(); $page['groups'] = array();
$page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group")); $page['groups'][] = array('groupid' => '', 'vclocalname' => getlocal("page.gen_button.default_group"));
foreach($allgroups as $g) { foreach ($allgroups as $g) {
$page['groups'][] = $g; $page['groups'][] = $g;
} }
} }
$page['formgroup'] = $groupid; $page['formgroup'] = $groupid;
$page['formstyle'] = $style; $page['formstyle'] = $style;

61
src/messenger/webim/operator/group.php
View File

@ -29,35 +29,38 @@ $page = array('grid' => '');
$errors = array(); $errors = array();
$groupid = ''; $groupid = '';
function group_by_name($name) { function group_by_name($name)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$group = select_one_row( $group = select_one_row(
"select * from ${mysqlprefix}chatgroup where vclocalname = '".mysql_real_escape_string($name)."'", $link ); "select * from ${mysqlprefix}chatgroup where vclocalname = '" . mysql_real_escape_string($name) . "'", $link);
mysql_close($link); mysql_close($link);
return $group; return $group;
} }
function create_group($name,$descr,$commonname,$commondescr) { function create_group($name, $descr, $commonname, $commondescr)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$query = sprintf( $query = sprintf(
"insert into ${mysqlprefix}chatgroup (vclocalname,vclocaldescription,vccommonname,vccommondescription) values ('%s','%s','%s','%s')", "insert into ${mysqlprefix}chatgroup (vclocalname,vclocaldescription,vccommonname,vccommondescription) values ('%s','%s','%s','%s')",
mysql_real_escape_string($name), mysql_real_escape_string($name),
mysql_real_escape_string($descr), mysql_real_escape_string($descr),
mysql_real_escape_string($commonname), mysql_real_escape_string($commonname),
mysql_real_escape_string($commondescr)); mysql_real_escape_string($commondescr));
perform_query($query,$link); perform_query($query, $link);
$id = mysql_insert_id($link); $id = mysql_insert_id($link);
$newdep = select_one_row("select * from ${mysqlprefix}chatgroup where groupid = $id", $link ); $newdep = select_one_row("select * from ${mysqlprefix}chatgroup where groupid = $id", $link);
mysql_close($link); mysql_close($link);
return $newdep; return $newdep;
} }
function update_group($groupid,$name,$descr,$commonname,$commondescr) { function update_group($groupid, $name, $descr, $commonname, $commondescr)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$query = sprintf( $query = sprintf(
"update ${mysqlprefix}chatgroup set vclocalname = '%s', vclocaldescription = '%s', vccommonname = '%s', vccommondescription = '%s' where groupid = %s", "update ${mysqlprefix}chatgroup set vclocalname = '%s', vclocaldescription = '%s', vccommonname = '%s', vccommondescription = '%s' where groupid = %s",
@ -65,35 +68,35 @@ function update_group($groupid,$name,$descr,$commonname,$commondescr) {
mysql_real_escape_string($descr), mysql_real_escape_string($descr),
mysql_real_escape_string($commonname), mysql_real_escape_string($commonname),
mysql_real_escape_string($commondescr), mysql_real_escape_string($commondescr),
$groupid ); $groupid);
perform_query($query,$link); perform_query($query, $link);
mysql_close($link); mysql_close($link);
} }
if( isset($_POST['name'])) { if (isset($_POST['name'])) {
$groupid = verifyparam( "gid", "/^(\d{1,9})?$/", ""); $groupid = verifyparam("gid", "/^(\d{1,9})?$/", "");
$name = getparam('name'); $name = getparam('name');
$description = getparam('description'); $description = getparam('description');
$commonname = getparam('commonname'); $commonname = getparam('commonname');
$commondescription = getparam('commondescription'); $commondescription = getparam('commondescription');
if( !$name ) if (!$name)
$errors[] = no_field("form.field.groupname"); $errors[] = no_field("form.field.groupname");
$existing_group = group_by_name($name); $existing_group = group_by_name($name);
if( (!$groupid && $existing_group) || if ((!$groupid && $existing_group) ||
( $groupid && $existing_group && $groupid != $existing_group['groupid']) ) ($groupid && $existing_group && $groupid != $existing_group['groupid']))
$errors[] = getlocal("page.group.duplicate_name"); $errors[] = getlocal("page.group.duplicate_name");
if( count($errors) == 0 ) { if (count($errors) == 0) {
if (!$groupid) { if (!$groupid) {
$newdep = create_group($name,$description,$commonname,$commondescription); $newdep = create_group($name, $description, $commonname, $commondescription);
header("Location: $webimroot/operator/groupmembers.php?gid=".$newdep['groupid']); header("Location: $webimroot/operator/groupmembers.php?gid=" . $newdep['groupid']);
exit; exit;
} else { } else {
update_group($groupid,$name,$description,$commonname,$commondescription); update_group($groupid, $name, $description, $commonname, $commondescription);
header("Location: $webimroot/operator/group.php?gid=$groupid&stored"); header("Location: $webimroot/operator/group.php?gid=$groupid&stored");
exit; exit;
} }
@ -105,11 +108,11 @@ if( isset($_POST['name'])) {
$page['grid'] = topage($groupid); $page['grid'] = topage($groupid);
} }
} else if( isset($_GET['gid']) ) { } else if (isset($_GET['gid'])) {
$groupid = verifyparam( 'gid', "/^\d{1,9}$/"); $groupid = verifyparam('gid', "/^\d{1,9}$/");
$group = group_by_id($groupid); $group = group_by_id($groupid);
if( !$group ) { if (!$group) {
$errors[] = getlocal("page.group.no_such"); $errors[] = getlocal("page.group.no_such");
$page['grid'] = topage($groupid); $page['grid'] = topage($groupid);
} else { } else {

31
src/messenger/webim/operator/groupmembers.php
View File

@ -25,8 +25,9 @@ require_once('../libs/groups.php');
$operator = check_login(); $operator = check_login();
function get_group_members($groupid) { function get_group_members($groupid)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$query = "select operatorid from ${mysqlprefix}chatgroupoperator where groupid = $groupid"; $query = "select operatorid from ${mysqlprefix}chatgroupoperator where groupid = $groupid";
$result = select_multi_assoc($query, $link); $result = select_multi_assoc($query, $link);
@ -34,18 +35,20 @@ function get_group_members($groupid) {
return $result; return $result;
} }
function update_group_members($groupid,$newvalue) { function update_group_members($groupid, $newvalue)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid", $link); perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid", $link);
foreach($newvalue as $opid) { foreach ($newvalue as $opid) {
perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$opid)", $link); perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$opid)", $link);
} }
mysql_close($link); mysql_close($link);
} }
function get_operators() { function get_operators()
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$query = "select * from ${mysqlprefix}chatoperator order by vclogin"; $query = "select * from ${mysqlprefix}chatoperator order by vclogin";
@ -54,25 +57,25 @@ function get_operators() {
return $result; return $result;
} }
$groupid = verifyparam( "gid","/^\d{1,9}$/"); $groupid = verifyparam("gid", "/^\d{1,9}$/");
$page = array('groupid' => $groupid); $page = array('groupid' => $groupid);
$page['operators'] = get_operators(); $page['operators'] = get_operators();
$errors = array(); $errors = array();
$group = group_by_id($groupid); $group = group_by_id($groupid);
if( !$group ) { if (!$group) {
$errors[] = getlocal("page.group.no_such"); $errors[] = getlocal("page.group.no_such");
} else if( isset($_POST['gid']) ) { } else if (isset($_POST['gid'])) {
$new_members = array(); $new_members = array();
foreach($page['operators'] as $op) { foreach ($page['operators'] as $op) {
if( verifyparam("op".$op['operatorid'],"/^on$/", "") == "on") { if (verifyparam("op" . $op['operatorid'], "/^on$/", "") == "on") {
$new_members[] = $op['operatorid']; $new_members[] = $op['operatorid'];
} }
} }
update_group_members($groupid, $new_members); update_group_members($groupid, $new_members);
header("Location: $webimroot/operator/groupmembers.php?gid=$groupid&stored"); header("Location: $webimroot/operator/groupmembers.php?gid=$groupid&stored");
exit; exit;
@ -81,7 +84,7 @@ if( !$group ) {
$page['formop'] = array(); $page['formop'] = array();
$page['currentgroup'] = $group ? topage(htmlspecialchars($group['vclocalname'])) : ""; $page['currentgroup'] = $group ? topage(htmlspecialchars($group['vclocalname'])) : "";
foreach(get_group_members($groupid) as $rel) { foreach (get_group_members($groupid) as $rel) {
$page['formop'][] = $rel['operatorid']; $page['formop'][] = $rel['operatorid'];
} }

30
src/messenger/webim/operator/groups.php
View File

@ -24,37 +24,39 @@ require_once('../libs/operator.php');
$operator = check_login(); $operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) { if (isset($_GET['act']) && $_GET['act'] == 'del') {
$groupid = isset($_GET['gid']) ? $_GET['gid'] : ""; $groupid = isset($_GET['gid']) ? $_GET['gid'] : "";
if( !preg_match( "/^\d+$/", $groupid )) { if (!preg_match("/^\d+$/", $groupid)) {
$errors[] = "Cannot delete: wrong argument"; $errors[] = "Cannot delete: wrong argument";
} }
if( !is_capable($can_administrate, $operator)) { if (!is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to remove groups"; $errors[] = "You are not allowed to remove groups";
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
$link = connect(); $link = connect();
perform_query("delete from ${mysqlprefix}chatgroup where groupid = $groupid",$link); perform_query("delete from ${mysqlprefix}chatgroup where groupid = $groupid", $link);
perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid",$link); perform_query("delete from ${mysqlprefix}chatgroupoperator where groupid = $groupid", $link);
perform_query("update ${mysqlprefix}chatthread set groupid = 0 where groupid = $groupid",$link); perform_query("update ${mysqlprefix}chatthread set groupid = 0 where groupid = $groupid", $link);
mysql_close($link); mysql_close($link);
header("Location: $webimroot/operator/groups.php"); header("Location: $webimroot/operator/groups.php");
exit; exit;
} }
} }
function is_online($group) { function is_online($group)
{
global $settings; global $settings;
return $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] ? "1" : ""; return $group['ilastseen'] !== NULL && $group['ilastseen'] < $settings['online_timeout'] ? "1" : "";
} }
function is_away($group) { function is_away($group)
{
global $settings; global $settings;
return $group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] ? "1" : ""; return $group['ilastseenaway'] !== NULL && $group['ilastseenaway'] < $settings['online_timeout'] ? "1" : "";
} }

36
src/messenger/webim/operator/history.php
View File

@ -33,31 +33,31 @@ setlocale(LC_TIME, getstring("time.locale"));
$page = array(); $page = array();
$query = isset($_GET['q']) ? myiconv(getoutputenc(), $webim_encoding, $_GET['q']) : false; $query = isset($_GET['q']) ? myiconv(getoutputenc(), $webim_encoding, $_GET['q']) : false;
if($query !== false) { if ($query !== false) {
$link = connect(); $link = connect();
$result = mysql_query("select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname ". $result = mysql_query("select ${mysqlprefix}chatgroup.groupid as groupid, vclocalname " .
"from ${mysqlprefix}chatgroup order by vclocalname", $link); "from ${mysqlprefix}chatgroup order by vclocalname", $link);
$groupName = array(); $groupName = array();
while ($group = mysql_fetch_array($result, MYSQL_ASSOC)) { while ($group = mysql_fetch_array($result, MYSQL_ASSOC)) {
$groupName[$group['groupid']] = $group['vclocalname']; $groupName[$group['groupid']] = $group['vclocalname'];
} }
mysql_free_result($result); mysql_free_result($result);
$page['groupName'] = $groupName; $page['groupName'] = $groupName;
$escapedQuery = mysql_real_escape_string($query,$link); $escapedQuery = mysql_real_escape_string($query, $link);
select_with_pagintation("DISTINCT unix_timestamp(${mysqlprefix}chatthread.dtmcreated) as created, ". select_with_pagintation("DISTINCT unix_timestamp(${mysqlprefix}chatthread.dtmcreated) as created, " .
"unix_timestamp(${mysqlprefix}chatthread.dtmmodified) as modified, ${mysqlprefix}chatthread.threadid, ". "unix_timestamp(${mysqlprefix}chatthread.dtmmodified) as modified, ${mysqlprefix}chatthread.threadid, " .
"${mysqlprefix}chatthread.remote, ${mysqlprefix}chatthread.agentName, ${mysqlprefix}chatthread.userName, groupid, ". "${mysqlprefix}chatthread.remote, ${mysqlprefix}chatthread.agentName, ${mysqlprefix}chatthread.userName, groupid, " .
"messageCount as size", "messageCount as size",
"${mysqlprefix}chatthread, ${mysqlprefix}chatmessage", "${mysqlprefix}chatthread, ${mysqlprefix}chatmessage",
array( array(
"${mysqlprefix}chatmessage.threadid = ${mysqlprefix}chatthread.threadid", "${mysqlprefix}chatmessage.threadid = ${mysqlprefix}chatthread.threadid",
"((${mysqlprefix}chatthread.userName LIKE '%%$escapedQuery%%') or (${mysqlprefix}chatmessage.tmessage LIKE '%%$escapedQuery%%'))" "((${mysqlprefix}chatthread.userName LIKE '%%$escapedQuery%%') or (${mysqlprefix}chatmessage.tmessage LIKE '%%$escapedQuery%%'))"
), ),
"order by created DESC", "order by created DESC",
"DISTINCT ${mysqlprefix}chatthread.dtmcreated", $link); "DISTINCT ${mysqlprefix}chatthread.dtmcreated", $link);
mysql_close($link); mysql_close($link);
$page['formq'] = topage($query); $page['formq'] = topage($query);

10
src/messenger/webim/operator/login.php
View File

@ -23,21 +23,21 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
$errors = array(); $errors = array();
$page = array( 'formisRemember' => true, 'version' => $version); $page = array('formisRemember' => true, 'version' => $version);
if( isset($_POST['login']) && isset($_POST['password']) ) { if (isset($_POST['login']) && isset($_POST['password'])) {
$login = getparam('login'); $login = getparam('login');
$password = getparam('password'); $password = getparam('password');
$remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on"; $remember = isset($_POST['isRemember']) && $_POST['isRemember'] == "on";
$operator = operator_by_login( $login ); $operator = operator_by_login($login);
if( $operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password) ) { if ($operator && isset($operator['vcpassword']) && $operator['vcpassword'] == md5($password)) {
$target = isset($_SESSION['backpath']) $target = isset($_SESSION['backpath'])
? $_SESSION['backpath'] ? $_SESSION['backpath']
: "$webimroot/operator/index.php"; : "$webimroot/operator/index.php";
login_operator($operator,$remember); login_operator($operator, $remember);
header("Location: $target"); header("Location: $target");
exit; exit;
} else { } else {

54
src/messenger/webim/operator/operator.php
View File

@ -29,8 +29,8 @@ $page = array('opid' => '');
$errors = array(); $errors = array();
$opId = ''; $opId = '';
if( isset($_POST['login']) && isset($_POST['password']) ) { if (isset($_POST['login']) && isset($_POST['password'])) {
$opId = verifyparam( "opid", "/^(\d{1,9})?$/", ""); $opId = verifyparam("opid", "/^(\d{1,9})?$/", "");
$login = getparam('login'); $login = getparam('login');
$email = getparam('email'); $email = getparam('email');
$password = getparam('password'); $password = getparam('password');
@ -38,45 +38,45 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
$localname = getparam('name'); $localname = getparam('name');
$commonname = getparam('commonname'); $commonname = getparam('commonname');
if( !$localname ) if (!$localname)
$errors[] = no_field("form.field.agent_name"); $errors[] = no_field("form.field.agent_name");
if( !$commonname ) if (!$commonname)
$errors[] = no_field("form.field.agent_commonname"); $errors[] = no_field("form.field.agent_commonname");
if( !$login ) { if (!$login) {
$errors[] = no_field("form.field.login"); $errors[] = no_field("form.field.login");
} else if( !preg_match( "/^[\w_\.]+$/",$login) ) { } else if (!preg_match("/^[\w_\.]+$/", $login)) {
$errors[] = getlocal("page_agent.error.wrong_login"); $errors[] = getlocal("page_agent.error.wrong_login");
} }
if($email != '' && !is_valid_email($email)) if ($email != '' && !is_valid_email($email))
$errors[] = wrong_field("form.field.mail"); $errors[] = wrong_field("form.field.mail");
if( !$opId && !$password ) if (!$opId && !$password)
$errors[] = no_field("form.field.password"); $errors[] = no_field("form.field.password");
if( $password != $passwordConfirm ) if ($password != $passwordConfirm)
$errors[] = getlocal("my_settings.error.password_match"); $errors[] = getlocal("my_settings.error.password_match");
$existing_operator = operator_by_login($login); $existing_operator = operator_by_login($login);
if( (!$opId && $existing_operator) || if ((!$opId && $existing_operator) ||
( $opId && $existing_operator && $opId != $existing_operator['operatorid']) ) ($opId && $existing_operator && $opId != $existing_operator['operatorid']))
$errors[] = getlocal("page_agent.error.duplicate_login"); $errors[] = getlocal("page_agent.error.duplicate_login");
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator)) $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator); || is_capable($can_administrate, $operator);
if(!$canmodify) { if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify'); $errors[] = getlocal('page_agent.cannot_modify');
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
if (!$opId) { if (!$opId) {
$newop = create_operator($login,$email,$password,$localname,$commonname,""); $newop = create_operator($login, $email, $password, $localname, $commonname, "");
header("Location: $webimroot/operator/avatar.php?op=".$newop['operatorid']); header("Location: $webimroot/operator/avatar.php?op=" . $newop['operatorid']);
exit; exit;
} else { } else {
update_operator($opId,$login,$email,$password,$localname,$commonname); update_operator($opId, $login, $email, $password, $localname, $commonname);
header("Location: $webimroot/operator/operator.php?op=$opId&stored"); header("Location: $webimroot/operator/operator.php?op=$opId&stored");
exit; exit;
} }
@ -88,11 +88,11 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
$page['opid'] = topage($opId); $page['opid'] = topage($opId);
} }
} else if( isset($_GET['op']) ) { } else if (isset($_GET['op'])) {
$opId = verifyparam( 'op', "/^\d{1,9}$/"); $opId = verifyparam('op', "/^\d{1,9}$/");
$op = operator_by_id($opId); $op = operator_by_id($opId);
if( !$op ) { if (!$op) {
$errors[] = getlocal("no_such_operator"); $errors[] = getlocal("no_such_operator");
$page['opid'] = topage($opId); $page['opid'] = topage($opId);
} else { } else {
@ -104,18 +104,18 @@ if( isset($_POST['login']) && isset($_POST['password']) ) {
} }
} }
if(!$opId && !is_capable($can_administrate, $operator)) { if (!$opId && !is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to create operators"; $errors[] = "You are not allowed to create operators";
} }
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator)) $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator); || is_capable($can_administrate, $operator);
$page['stored'] = isset($_GET['stored']); $page['stored'] = isset($_GET['stored']);
$page['canmodify'] = $canmodify ? "1" : ""; $page['canmodify'] = $canmodify ? "1" : "";
prepare_menu($operator); prepare_menu($operator);
setup_operator_settings_tabs($opId,0); setup_operator_settings_tabs($opId, 0);
start_html_output(); start_html_output();
require('../view/agent.php'); require('../view/agent.php');
?> ?>

30
src/messenger/webim/operator/operators.php
View File

@ -24,36 +24,36 @@ require_once('../libs/operator.php');
$operator = check_login(); $operator = check_login();
if( isset($_GET['act']) && $_GET['act'] == 'del' ) { if (isset($_GET['act']) && $_GET['act'] == 'del') {
$operatorid = isset($_GET['id']) ? $_GET['id'] : ""; $operatorid = isset($_GET['id']) ? $_GET['id'] : "";
if( !preg_match( "/^\d+$/", $operatorid )) { if (!preg_match("/^\d+$/", $operatorid)) {
$errors[] = "Cannot delete: wrong argument"; $errors[] = "Cannot delete: wrong argument";
} }
if( !is_capable($can_administrate, $operator)) { if (!is_capable($can_administrate, $operator)) {
$errors[] = "You are not allowed to remove operators"; $errors[] = "You are not allowed to remove operators";
} }
if( $operatorid == $operator['operatorid']) { if ($operatorid == $operator['operatorid']) {
$errors[] = "Cannot remove self"; $errors[] = "Cannot remove self";
} }
if(count($errors) == 0) { if (count($errors) == 0) {
$op = operator_by_id($operatorid); $op = operator_by_id($operatorid);
if( !$op ) { if (!$op) {
$errors[] = getlocal("no_such_operator"); $errors[] = getlocal("no_such_operator");
} else if($op['vclogin'] == 'admin') { } else if ($op['vclogin'] == 'admin') {
$errors[] = 'Cannot remove operator "admin"'; $errors[] = 'Cannot remove operator "admin"';
} }
} }
if( count($errors) == 0 ) { if (count($errors) == 0) {
$link = connect(); $link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid",$link); perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid", $link);
perform_query("delete from ${mysqlprefix}chatoperator where operatorid = $operatorid",$link); perform_query("delete from ${mysqlprefix}chatoperator where operatorid = $operatorid", $link);
mysql_close($link); mysql_close($link);
header("Location: $webimroot/operator/operators.php"); header("Location: $webimroot/operator/operators.php");
exit; exit;
} }

37
src/messenger/webim/operator/opgroups.php
View File

@ -25,65 +25,66 @@ require_once('../libs/operator_settings.php');
$operator = check_login(); $operator = check_login();
function update_operator_groups($operatorid,$newvalue) { function update_operator_groups($operatorid, $newvalue)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid", $link); perform_query("delete from ${mysqlprefix}chatgroupoperator where operatorid = $operatorid", $link);
foreach($newvalue as $groupid) { foreach ($newvalue as $groupid) {
perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$operatorid)", $link); perform_query("insert into ${mysqlprefix}chatgroupoperator (groupid, operatorid) values ($groupid,$operatorid)", $link);
} }
mysql_close($link); mysql_close($link);
} }
$opId = verifyparam( "op","/^\d{1,9}$/"); $opId = verifyparam("op", "/^\d{1,9}$/");
$page = array('opid' => $opId); $page = array('opid' => $opId);
$link = connect(); $link = connect();
$page['groups'] = get_all_groups($link); $page['groups'] = get_all_groups($link);
mysql_close($link); mysql_close($link);
$errors = array(); $errors = array();
$canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator)) $canmodify = ($opId == $operator['operatorid'] && is_capable($can_modifyprofile, $operator))
|| is_capable($can_administrate, $operator); || is_capable($can_administrate, $operator);
$op = operator_by_id($opId); $op = operator_by_id($opId);
if( !$op ) { if (!$op) {
$errors[] = getlocal("no_such_operator"); $errors[] = getlocal("no_such_operator");
} else if( isset($_POST['op']) ) { } else if (isset($_POST['op'])) {
if(!$canmodify) { if (!$canmodify) {
$errors[] = getlocal('page_agent.cannot_modify'); $errors[] = getlocal('page_agent.cannot_modify');
} }
if(count($errors) == 0) { if (count($errors) == 0) {
$new_groups = array(); $new_groups = array();
foreach($page['groups'] as $group) { foreach ($page['groups'] as $group) {
if( verifyparam("group".$group['groupid'],"/^on$/", "") == "on") { if (verifyparam("group" . $group['groupid'], "/^on$/", "") == "on") {
$new_groups[] = $group['groupid']; $new_groups[] = $group['groupid'];
} }
} }
update_operator_groups($op['operatorid'],$new_groups); update_operator_groups($op['operatorid'], $new_groups);
header("Location: $webimroot/operator/opgroups.php?op=$opId&stored"); header("Location: $webimroot/operator/opgroups.php?op=$opId&stored");
exit; exit;
} }
} }
$page['formgroup'] = array(); $page['formgroup'] = array();
$page['currentop'] = $op ? topage(get_operator_name($op))." (".$op['vclogin'].")" : "-not found-"; $page['currentop'] = $op ? topage(get_operator_name($op)) . " (" . $op['vclogin'] . ")" : "-not found-";
$page['canmodify'] = $canmodify ? "1" : ""; $page['canmodify'] = $canmodify ? "1" : "";
if($op) { if ($op) {
foreach(get_operator_groupids($opId) as $rel) { foreach (get_operator_groupids($opId) as $rel) {
$page['formgroup'][] = $rel['groupid']; $page['formgroup'][] = $rel['groupid'];
} }
} }
$page['stored'] = isset($_GET['stored']); $page['stored'] = isset($_GET['stored']);
prepare_menu($operator); prepare_menu($operator);
setup_operator_settings_tabs($opId,2); setup_operator_settings_tabs($opId, 2);
start_html_output(); start_html_output();
require('../view/operator_groups.php'); require('../view/operator_groups.php');
?> ?>

64
src/messenger/webim/operator/performance.php
View File

@ -29,49 +29,49 @@ $page = array('agentId' => '');
$errors = array(); $errors = array();
$options = array( $options = array(
'online_timeout', 'updatefrequency_operator', 'updatefrequency_chat', 'online_timeout', 'updatefrequency_operator', 'updatefrequency_chat',
'updatefrequency_oldchat', 'max_connections_from_one_host'); 'updatefrequency_oldchat', 'max_connections_from_one_host');
loadsettings(); loadsettings();
$params = array(); $params = array();
foreach($options as $opt) { foreach ($options as $opt) {
$params[$opt] = $settings[$opt]; $params[$opt] = $settings[$opt];
} }
if (isset($_POST['onlinetimeout'])) { if (isset($_POST['onlinetimeout'])) {
$params['online_timeout'] = getparam('onlinetimeout'); $params['online_timeout'] = getparam('onlinetimeout');
if(!is_numeric($params['online_timeout'])) { if (!is_numeric($params['online_timeout'])) {
$errors[] = wrong_field("settings.onlinetimeout"); $errors[] = wrong_field("settings.onlinetimeout");
} }
$params['updatefrequency_operator'] = getparam('frequencyoperator'); $params['updatefrequency_operator'] = getparam('frequencyoperator');
if(!is_numeric($params['updatefrequency_operator'])) { if (!is_numeric($params['updatefrequency_operator'])) {
$errors[] = wrong_field("settings.frequencyoperator"); $errors[] = wrong_field("settings.frequencyoperator");
} }
$params['updatefrequency_chat'] = getparam('frequencychat'); $params['updatefrequency_chat'] = getparam('frequencychat');
if(!is_numeric($params['updatefrequency_chat'])) { if (!is_numeric($params['updatefrequency_chat'])) {
$errors[] = wrong_field("settings.frequencychat"); $errors[] = wrong_field("settings.frequencychat");
} }
$params['updatefrequency_oldchat'] = getparam('frequencyoldchat'); $params['updatefrequency_oldchat'] = getparam('frequencyoldchat');
if(!is_numeric($params['updatefrequency_oldchat'])) { if (!is_numeric($params['updatefrequency_oldchat'])) {
$errors[] = wrong_field("settings.frequencyoldchat"); $errors[] = wrong_field("settings.frequencyoldchat");
} }
$params['max_connections_from_one_host'] = getparam('onehostconnections'); $params['max_connections_from_one_host'] = getparam('onehostconnections');
if(!is_numeric($params['max_connections_from_one_host'])) { if (!is_numeric($params['max_connections_from_one_host'])) {
$errors[] = getlocal("settings.wrong.onehostconnections"); $errors[] = getlocal("settings.wrong.onehostconnections");
} }
if (count($errors) == 0) { if (count($errors) == 0) {
foreach($options as $opt) { foreach ($options as $opt) {
$settings[$opt] = $params[$opt]; $settings[$opt] = $params[$opt];
} }
update_settings(); update_settings();
header("Location: $webimroot/operator/performance.php?stored"); header("Location: $webimroot/operator/performance.php?stored");
exit; exit;
} }
} }
$page['formonlinetimeout'] = $params['online_timeout']; $page['formonlinetimeout'] = $params['online_timeout'];

46
src/messenger/webim/operator/redirect.php
View File

@ -27,30 +27,30 @@ require_once('../libs/groups.php');
$operator = check_login(); $operator = check_login();
$threadid = verifyparam( "thread", "/^\d{1,8}$/"); $threadid = verifyparam("thread", "/^\d{1,8}$/");
$token = verifyparam( "token", "/^\d{1,8}$/"); $token = verifyparam("token", "/^\d{1,8}$/");
$thread = thread_by_id($threadid); $thread = thread_by_id($threadid);
if( !$thread || !isset($thread['ltoken']) || $token != $thread['ltoken'] ) { if (!$thread || !isset($thread['ltoken']) || $token != $thread['ltoken']) {
die("wrong thread"); die("wrong thread");
} }
$page = array(); $page = array();
$errors = array(); $errors = array();
if(isset($_GET['nextGroup'])) { if (isset($_GET['nextGroup'])) {
$nextid = verifyparam( "nextGroup", "/^\d{1,8}$/"); $nextid = verifyparam("nextGroup", "/^\d{1,8}$/");
$nextGroup = group_by_id($nextid); $nextGroup = group_by_id($nextid);
if( $nextGroup ) { if ($nextGroup) {
$page['message'] = getlocal2("chat.redirected.group.content",array(topage(get_group_name($nextGroup)))); $page['message'] = getlocal2("chat.redirected.group.content", array(topage(get_group_name($nextGroup))));
if( $thread['istate'] == $state_chatting ) { if ($thread['istate'] == $state_chatting) {
$link = connect(); $link = connect();
commit_thread( $threadid, commit_thread($threadid,
array("istate" => $state_waiting, "nextagent" => 0, "groupid" => $nextid, "agentId" => 0, "agentName" => "''"), $link); array("istate" => $state_waiting, "nextagent" => 0, "groupid" => $nextid, "agentId" => 0, "agentName" => "''"), $link);
post_message_($thread['threadid'], $kind_events, post_message_($thread['threadid'], $kind_events,
getstring2_("chat.status.operator.redirect", getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)),$thread['locale']), $link); array(get_operator_name($operator)), $thread['locale']), $link);
mysql_close($link); mysql_close($link);
} else { } else {
$errors[] = getlocal("chat.redirect.cannot"); $errors[] = getlocal("chat.redirect.cannot");
@ -60,23 +60,23 @@ if(isset($_GET['nextGroup'])) {
} }
} else { } else {
$nextid = verifyparam( "nextAgent", "/^\d{1,8}$/"); $nextid = verifyparam("nextAgent", "/^\d{1,8}$/");
$nextOperator = operator_by_id($nextid); $nextOperator = operator_by_id($nextid);
if( $nextOperator ) { if ($nextOperator) {
$page['message'] = getlocal2("chat.redirected.content",array(topage(get_operator_name($nextOperator)))); $page['message'] = getlocal2("chat.redirected.content", array(topage(get_operator_name($nextOperator))));
if( $thread['istate'] == $state_chatting ) { if ($thread['istate'] == $state_chatting) {
$link = connect(); $link = connect();
$threadupdate = array("istate" => $state_waiting, "nextagent" => $nextid, "agentId" => 0); $threadupdate = array("istate" => $state_waiting, "nextagent" => $nextid, "agentId" => 0);
if($thread['groupid'] != 0) { if ($thread['groupid'] != 0) {
if(FALSE === select_one_row("select groupid from ${mysqlprefix}chatgroupoperator where operatorid = $nextid and groupid = ".$thread['groupid'], $link)) { if (FALSE === select_one_row("select groupid from ${mysqlprefix}chatgroupoperator where operatorid = $nextid and groupid = " . $thread['groupid'], $link)) {
$threadupdate['groupid'] = 0; $threadupdate['groupid'] = 0;
} }
} }
commit_thread( $threadid, $threadupdate, $link); commit_thread($threadid, $threadupdate, $link);
post_message_($thread['threadid'], $kind_events, post_message_($thread['threadid'], $kind_events,
getstring2_("chat.status.operator.redirect", getstring2_("chat.status.operator.redirect",
array(get_operator_name($operator)),$thread['locale']), $link); array(get_operator_name($operator)), $thread['locale']), $link);
mysql_close($link); mysql_close($link);
} else { } else {
$errors[] = getlocal("chat.redirect.cannot"); $errors[] = getlocal("chat.redirect.cannot");
@ -87,7 +87,7 @@ if(isset($_GET['nextGroup'])) {
} }
setup_logo(); setup_logo();
if( count($errors) > 0 ) { if (count($errors) > 0) {
expand("../styles", getchatstyle(), "error.tpl"); expand("../styles", getchatstyle(), "error.tpl");
} else { } else {
expand("../styles", getchatstyle(), "redirected.tpl"); expand("../styles", getchatstyle(), "redirected.tpl");

20
src/messenger/webim/operator/resetpwd.php
View File

@ -26,15 +26,15 @@ require_once('../libs/settings.php');
$errors = array(); $errors = array();
$page = array('version' => $version, 'showform' => true); $page = array('version' => $version, 'showform' => true);
$opId = verifyparam( "id", "/^\d{1,9}$/"); $opId = verifyparam("id", "/^\d{1,9}$/");
$token = verifyparam("token", "/^[\dabcdef]+$/"); $token = verifyparam("token", "/^[\dabcdef]+$/");
$operator = operator_by_id($opId); $operator = operator_by_id($opId);
if(!$operator) { if (!$operator) {
$errors[] = "No such operator"; $errors[] = "No such operator";
$page['showform'] = false; $page['showform'] = false;
} else if($token != $operator['vcrestoretoken']) { } else if ($token != $operator['vcrestoretoken']) {
$errors[] = "Wrong token"; $errors[] = "Wrong token";
$page['showform'] = false; $page['showform'] = false;
} }
@ -42,25 +42,25 @@ if(!$operator) {
if (count($errors) == 0 && isset($_POST['password'])) { if (count($errors) == 0 && isset($_POST['password'])) {
$password = getparam('password'); $password = getparam('password');
$passwordConfirm = getparam('passwordConfirm'); $passwordConfirm = getparam('passwordConfirm');
if( !$password ) if (!$password)
$errors[] = no_field("form.field.password"); $errors[] = no_field("form.field.password");
if( $password != $passwordConfirm ) if ($password != $passwordConfirm)
$errors[] = getlocal("my_settings.error.password_match"); $errors[] = getlocal("my_settings.error.password_match");
if (count($errors) == 0) { if (count($errors) == 0) {
$page['isdone'] = true; $page['isdone'] = true;
$link = connect(); $link = connect();
$query = "update ${mysqlprefix}chatoperator set vcpassword = '".md5($password)."', vcrestoretoken = '' where operatorid = ".$opId; $query = "update ${mysqlprefix}chatoperator set vcpassword = '" . md5($password) . "', vcrestoretoken = '' where operatorid = " . $opId;
perform_query($query, $link); perform_query($query, $link);
mysql_close($link); mysql_close($link);
start_html_output(); start_html_output();
require('../view/resetpwd.php'); require('../view/resetpwd.php');
exit; exit;
} }
} }
$page['id'] = $opId; $page['id'] = $opId;

24
src/messenger/webim/operator/restore.php
View File

@ -30,32 +30,32 @@ $loginoremail = "";
if (isset($_POST['loginoremail'])) { if (isset($_POST['loginoremail'])) {
$loginoremail = getparam("loginoremail"); $loginoremail = getparam("loginoremail");
$torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail); $torestore = is_valid_email($loginoremail) ? operator_by_email($loginoremail) : operator_by_login($loginoremail);
if(!$torestore) { if (!$torestore) {
$errors[] = getlocal("no_such_operator"); $errors[] = getlocal("no_such_operator");
} }
$email = $torestore['vcemail']; $email = $torestore['vcemail'];
if(count($errors) == 0 && !is_valid_email($email)) { if (count($errors) == 0 && !is_valid_email($email)) {
$errors[] = "Operator hasn't set his e-mail"; $errors[] = "Operator hasn't set his e-mail";
} }
if (count($errors) == 0) { if (count($errors) == 0) {
$token = md5((time() + microtime()).rand(0,99999999)); $token = md5((time() + microtime()) . rand(0, 99999999));
$link = connect(); $link = connect();
$query = "update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '$token' where operatorid = ".$torestore['operatorid']; $query = "update ${mysqlprefix}chatoperator set dtmrestore = CURRENT_TIMESTAMP, vcrestoretoken = '$token' where operatorid = " . $torestore['operatorid'];
perform_query($query, $link); perform_query($query, $link);
$href = get_app_location(true,false)."/operator/resetpwd.php?id=".$torestore['operatorid']."&token=$token"; $href = get_app_location(true, false) . "/operator/resetpwd.php?id=" . $torestore['operatorid'] . "&token=$token";
webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext",array(get_operator_name($torestore), $href)), $link); webim_mail($email, $email, getstring("restore.mailsubj"), getstring2("restore.mailtext", array(get_operator_name($torestore), $href)), $link);
mysql_close($link); mysql_close($link);
$page['isdone'] = true; $page['isdone'] = true;
require('../view/restore.php'); require('../view/restore.php');
exit; exit;
} }
} }
$page['formloginoremail'] = topage($loginoremail); $page['formloginoremail'] = topage($loginoremail);

64
src/messenger/webim/operator/settings.php
View File

@ -30,7 +30,7 @@ $errors = array();
$stylelist = array(); $stylelist = array();
$stylesfolder = "../styles"; $stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) { if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) { if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[] = $file; $stylelist[] = $file;
@ -40,57 +40,57 @@ if($handle = opendir($stylesfolder)) {
} }
$options = array( $options = array(
'email', 'title', 'logo', 'hosturl', 'usernamepattern', 'email', 'title', 'logo', 'hosturl', 'usernamepattern',
'chatstyle', 'chattitle', 'geolink', 'geolinkparams', 'sendmessagekey'); 'chatstyle', 'chattitle', 'geolink', 'geolinkparams', 'sendmessagekey');
loadsettings(); loadsettings();
$params = array(); $params = array();
foreach($options as $opt) { foreach ($options as $opt) {
$params[$opt] = $settings[$opt]; $params[$opt] = $settings[$opt];
} }
if (isset($_POST['email']) && isset($_POST['title']) && isset($_POST['logo'])) { if (isset($_POST['email']) && isset($_POST['title']) && isset($_POST['logo'])) {
$params['email'] = getparam('email'); $params['email'] = getparam('email');
$params['title'] = getparam('title'); $params['title'] = getparam('title');
$params['logo'] = getparam('logo'); $params['logo'] = getparam('logo');
$params['hosturl'] = getparam('hosturl'); $params['hosturl'] = getparam('hosturl');
$params['usernamepattern'] = getparam('usernamepattern'); $params['usernamepattern'] = getparam('usernamepattern');
$params['chattitle'] = getparam('chattitle'); $params['chattitle'] = getparam('chattitle');
$params['geolink'] = getparam('geolink'); $params['geolink'] = getparam('geolink');
$params['geolinkparams'] = getparam('geolinkparams'); $params['geolinkparams'] = getparam('geolinkparams');
$params['sendmessagekey'] = verifyparam('sendmessagekey', "/^c?enter$/"); $params['sendmessagekey'] = verifyparam('sendmessagekey', "/^c?enter$/");
$params['chatstyle'] = verifyparam("chatstyle","/^\w+$/", $params['chatstyle']); $params['chatstyle'] = verifyparam("chatstyle", "/^\w+$/", $params['chatstyle']);
if(!in_array($params['chatstyle'], $stylelist)) { if (!in_array($params['chatstyle'], $stylelist)) {
$params['chatstyle'] = $stylelist[0]; $params['chatstyle'] = $stylelist[0];
} }
if($params['email'] && !is_valid_email($params['email'])) { if ($params['email'] && !is_valid_email($params['email'])) {
$errors[] = getlocal("settings.wrong.email"); $errors[] = getlocal("settings.wrong.email");
} }
if($params['geolinkparams']) {
foreach(preg_split("/,/", $params['geolinkparams']) as $oneparam) {
if(!preg_match("/^\s*(toolbar|scrollbars|location|status|menubar|width|height|resizable)=\d{1,4}$/", $oneparam)) {
$errors[] = "Wrong link parameter: \"$oneparam\", should be one of 'toolbar, scrollbars, location, status, menubar, width, height or resizable'";
}
}
}
if (count($errors) == 0) { if ($params['geolinkparams']) {
foreach($options as $opt) { foreach (preg_split("/,/", $params['geolinkparams']) as $oneparam) {
if (!preg_match("/^\s*(toolbar|scrollbars|location|status|menubar|width|height|resizable)=\d{1,4}$/", $oneparam)) {
$errors[] = "Wrong link parameter: \"$oneparam\", should be one of 'toolbar, scrollbars, location, status, menubar, width, height or resizable'";
}
}
}
if (count($errors) == 0) {
foreach ($options as $opt) {
$settings[$opt] = $params[$opt]; $settings[$opt] = $params[$opt];
} }
update_settings(); update_settings();
header("Location: $webimroot/operator/settings.php?stored"); header("Location: $webimroot/operator/settings.php?stored");
exit; exit;
} }
} }
$page['formemail'] = topage($params['email']); $page['formemail'] = topage($params['email']);
$page['formtitle'] = topage($params['title']); $page['formtitle'] = topage($params['title']);
$page['formlogo'] = topage($params['logo']); $page['formlogo'] = topage($params['logo']);
$page['formhosturl'] = topage($params['hosturl']); $page['formhosturl'] = topage($params['hosturl']);
$page['formgeolink'] = topage($params['geolink']); $page['formgeolink'] = topage($params['geolink']);
$page['formgeolinkparams'] = topage($params['geolinkparams']); $page['formgeolinkparams'] = topage($params['geolinkparams']);
$page['formusernamepattern'] = topage($params['usernamepattern']); $page['formusernamepattern'] = topage($params['usernamepattern']);

54
src/messenger/webim/operator/statistics.php
View File

@ -29,55 +29,55 @@ setlocale(LC_TIME, getstring("time.locale"));
$page = array(); $page = array();
$page['operator'] = topage(get_operator_name($operator)); $page['operator'] = topage(get_operator_name($operator));
$page['availableDays'] = range(1,31); $page['availableDays'] = range(1, 31);
$page['availableMonth'] = get_month_selection(time()-400*24*60*60,time()+50*24*60*60 ); $page['availableMonth'] = get_month_selection(time() - 400 * 24 * 60 * 60, time() + 50 * 24 * 60 * 60);
$page['showresults'] = false; $page['showresults'] = false;
$errors = array(); $errors = array();
if(isset($_GET['startday'])) { if (isset($_GET['startday'])) {
$startday = verifyparam("startday","/^\d+$/"); $startday = verifyparam("startday", "/^\d+$/");
$startmonth = verifyparam("startmonth","/^\d{2}.\d{2}$/"); $startmonth = verifyparam("startmonth", "/^\d{2}.\d{2}$/");
$endday = verifyparam("endday","/^\d+$/"); $endday = verifyparam("endday", "/^\d+$/");
$endmonth = verifyparam("endmonth","/^\d{2}.\d{2}$/"); $endmonth = verifyparam("endmonth", "/^\d{2}.\d{2}$/");
$start = get_form_date($startday,$startmonth); $start = get_form_date($startday, $startmonth);
$end = get_form_date($endday, $endmonth)+24*60*60; $end = get_form_date($endday, $endmonth) + 24 * 60 * 60;
} else { } else {
$curr = getdate(time()); $curr = getdate(time());
if( $curr['mday'] < 7 ) { if ($curr['mday'] < 7) {
// previous month // previous month
if($curr['mon'] == 1) { if ($curr['mon'] == 1) {
$month = 12; $month = 12;
$year = $curr['year']-1; $year = $curr['year'] - 1;
} else { } else {
$month = $curr['mon']-1; $month = $curr['mon'] - 1;
$year = $curr['year']; $year = $curr['year'];
} }
$start = mktime(0,0,0,$month,1,$year); $start = mktime(0, 0, 0, $month, 1, $year);
$end = mktime(0,0,0,$month, date("t",$start),$year)+24*60*60; $end = mktime(0, 0, 0, $month, date("t", $start), $year) + 24 * 60 * 60;
} else { } else {
$start = mktime(0,0,0,$curr['mon'],1,$curr['year']); $start = mktime(0, 0, 0, $curr['mon'], 1, $curr['year']);
$end = time()+24*60*60; $end = time() + 24 * 60 * 60;
} }
} }
set_form_date($start, "start"); set_form_date($start, "start");
set_form_date($end-24*60*60, "end"); set_form_date($end - 24 * 60 * 60, "end");
if( $start > $end ) { if ($start > $end) {
$errors[] = getlocal("statistics.wrong.dates"); $errors[] = getlocal("statistics.wrong.dates");
} }
$link = connect(); $link = connect();
$page['reportByDate'] = select_multi_assoc("select DATE(dtmcreated) as date, COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users ". $page['reportByDate'] = select_multi_assoc("select DATE(dtmcreated) as date, COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users " .
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by DATE(dtmcreated) order by dtmcreated desc", $link); "from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by DATE(dtmcreated) order by dtmcreated desc", $link);
$page['reportByDateTotal'] = select_one_row("select COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users ". $page['reportByDateTotal'] = select_one_row("select COUNT(distinct threadid) as threads, SUM(${mysqlprefix}chatmessage.ikind = $kind_agent) as agents, SUM(${mysqlprefix}chatmessage.ikind = $kind_user) as users " .
"from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end", $link); "from ${mysqlprefix}chatmessage where unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end", $link);
$page['reportByAgent'] = select_multi_assoc("select vclocalename as name, COUNT(distinct threadid) as threads, SUM(ikind = $kind_agent) as msgs, AVG(CHAR_LENGTH(tmessage)) as avglen ". $page['reportByAgent'] = select_multi_assoc("select vclocalename as name, COUNT(distinct threadid) as threads, SUM(ikind = $kind_agent) as msgs, AVG(CHAR_LENGTH(tmessage)) as avglen " .
"from ${mysqlprefix}chatmessage, ${mysqlprefix}chatoperator ". "from ${mysqlprefix}chatmessage, ${mysqlprefix}chatoperator " .
"where agentId = operatorid AND unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by operatorid", $link); "where agentId = operatorid AND unix_timestamp(dtmcreated) >= $start AND unix_timestamp(dtmcreated) < $end group by operatorid", $link);
$page['showresults'] = count($errors) == 0; $page['showresults'] = count($errors) == 0;

52
src/messenger/webim/operator/themes.php
View File

@ -31,7 +31,7 @@ $operator = check_login();
$stylelist = array(); $stylelist = array();
$stylesfolder = "../styles"; $stylesfolder = "../styles";
if($handle = opendir($stylesfolder)) { if ($handle = opendir($stylesfolder)) {
while (false !== ($file = readdir($handle))) { while (false !== ($file = readdir($handle))) {
if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) { if (preg_match("/^\w+$/", $file) && is_dir("$stylesfolder/$file")) {
$stylelist[] = $file; $stylelist[] = $file;
@ -40,55 +40,55 @@ if($handle = opendir($stylesfolder)) {
closedir($handle); closedir($handle);
} }
$preview = verifyparam("preview","/^\w+$/", "default"); $preview = verifyparam("preview", "/^\w+$/", "default");
if(!in_array($preview, $stylelist)) { if (!in_array($preview, $stylelist)) {
$preview = $stylelist[0]; $preview = $stylelist[0];
} }
$show = verifyparam("show", "/^(chat|chatsimple|nochat|mail|mailsent|survey|leavemessage|leavemessagesent|redirect|redirected|agentchat|agentrochat|error)$/", ""); $show = verifyparam("show", "/^(chat|chatsimple|nochat|mail|mailsent|survey|leavemessage|leavemessagesent|redirect|redirected|agentchat|agentrochat|error)$/", "");
$showerrors = verifyparam("showerr", "/^on$/", "") == "on"; $showerrors = verifyparam("showerr", "/^on$/", "") == "on";
$errors = array(); $errors = array();
if($showerrors || $show == 'error') { if ($showerrors || $show == 'error') {
$errors[] = "Test error"; $errors[] = "Test error";
} }
if($show == 'chat' || $show == 'mail' || $show == 'leavemessage' || $show == 'leavemessagesent' || $show == 'chatsimple' || $show == 'nochat') { if ($show == 'chat' || $show == 'mail' || $show == 'leavemessage' || $show == 'leavemessagesent' || $show == 'chatsimple' || $show == 'nochat') {
setup_chatview_for_user(array('threadid' => 0,'userName' => getstring("chat.default.username"), 'ltoken' => 123), "ajaxed"); setup_chatview_for_user(array('threadid' => 0, 'userName' => getstring("chat.default.username"), 'ltoken' => 123), "ajaxed");
$page['mailLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=mail"; $page['mailLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=mail";
$page['info'] = ""; $page['info'] = "";
expand("../styles", "$preview", "$show.tpl"); expand("../styles", "$preview", "$show.tpl");
exit; exit;
} }
if($show == 'survey') { if ($show == 'survey') {
loadsettings(); loadsettings();
setup_survey("Visitor", "", "", "", "http://google.com"); setup_survey("Visitor", "", "", "", "http://google.com");
setup_logo(); setup_logo();
expand("../styles", "$preview", "$show.tpl"); expand("../styles", "$preview", "$show.tpl");
exit; exit;
} }
if($show == 'mailsent' || $show == 'error') { if ($show == 'mailsent' || $show == 'error') {
$page['email'] = "admin@yourdomain.com"; $page['email'] = "admin@yourdomain.com";
setup_logo(); setup_logo();
expand("../styles", "$preview", "$show.tpl"); expand("../styles", "$preview", "$show.tpl");
exit; exit;
} }
if($show == 'redirect' || $show == 'redirected' || $show == 'agentchat' || $show == 'agentrochat' ) { if ($show == 'redirect' || $show == 'redirected' || $show == 'agentchat' || $show == 'agentrochat') {
setup_chatview_for_operator( setup_chatview_for_operator(
array( array(
'threadid' => 0, 'threadid' => 0,
'userName' => getstring("chat.default.username"), 'userName' => getstring("chat.default.username"),
'remote' => "1.2.3.4", 'remote' => "1.2.3.4",
'agentId' => 1, 'agentId' => 1,
'userid' => 'visitor1', 'userid' => 'visitor1',
'locale' => $current_locale, 'locale' => $current_locale,
'ltoken' => $show=='agentrochat' ? 124 : 123), 'ltoken' => $show == 'agentrochat' ? 124 : 123),
array( array(
'operatorid' => ($show=='agentrochat' ? 2 : 1), 'operatorid' => ($show == 'agentrochat' ? 2 : 1),
)); ));
if($show=='redirect') { if ($show == 'redirect') {
setup_redirect_links( 0,$show=='agentrochat' ? 124 : 123); setup_redirect_links(0, $show == 'agentrochat' ? 124 : 123);
} elseif($show=='redirected') { } elseif ($show == 'redirected') {
$page['message'] = getlocal2("chat.redirected.content",array("Administrator")); $page['message'] = getlocal2("chat.redirected.content", array("Administrator"));
} }
$page['redirectLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=redirect"; $page['redirectLink'] = "$webimroot/operator/themes.php?preview=$preview&amp;show=redirect";
expand("../styles", "$preview", "$show.tpl"); expand("../styles", "$preview", "$show.tpl");
@ -126,12 +126,12 @@ $page['availableTemplates'] = array(
"agentchat", "agentrochat", "error", "agentchat", "agentrochat", "error",
"all"); "all");
$page['showlink'] = "$webimroot/operator/themes.php?preview=$preview&amp;".($showerrors?"showerr=on&amp;":"")."show="; $page['showlink'] = "$webimroot/operator/themes.php?preview=$preview&amp;" . ($showerrors ? "showerr=on&amp;" : "") . "show=";
$page['previewList'] = array(); $page['previewList'] = array();
foreach($templateList as $tpl) { foreach ($templateList as $tpl) {
if($tpl['id'] == $template || $template == 'all') { if ($tpl['id'] == $template || $template == 'all') {
$page['previewList'][] = $tpl; $page['previewList'][] = $tpl;
} }
} }

21
src/messenger/webim/operator/threadprocessor.php
View File

@ -31,23 +31,24 @@ $page = array();
loadsettings(); loadsettings();
setlocale(LC_TIME, getstring("time.locale")); setlocale(LC_TIME, getstring("time.locale"));
function thread_info($id) { function thread_info($id)
global $mysqlprefix; {
global $mysqlprefix;
$link = connect(); $link = connect();
$thread = select_one_row("select userName,agentName,remote,userAgent,". $thread = select_one_row("select userName,agentName,remote,userAgent," .
"unix_timestamp(dtmmodified) as modified, unix_timestamp(dtmcreated) as created,". "unix_timestamp(dtmmodified) as modified, unix_timestamp(dtmcreated) as created," .
"vclocalname as groupName ". "vclocalname as groupName " .
"from ${mysqlprefix}chatthread left join ${mysqlprefix}chatgroup on ${mysqlprefix}chatthread.groupid = ${mysqlprefix}chatgroup.groupid ". "from ${mysqlprefix}chatthread left join ${mysqlprefix}chatgroup on ${mysqlprefix}chatthread.groupid = ${mysqlprefix}chatgroup.groupid " .
"where threadid = ". $id, $link ); "where threadid = " . $id, $link);
mysql_close($link); mysql_close($link);
return $thread; return $thread;
} }
if( isset($_GET['threadid'])) { if (isset($_GET['threadid'])) {
$threadid = verifyparam( "threadid", "/^(\d{1,9})?$/", ""); $threadid = verifyparam("threadid", "/^(\d{1,9})?$/", "");
$lastid = -1; $lastid = -1;
$page['threadMessages'] = get_messages($threadid,"html",false,$lastid); $page['threadMessages'] = get_messages($threadid, "html", false, $lastid);
$page['thread'] = thread_info($threadid); $page['thread'] = thread_info($threadid);
} }

115
src/messenger/webim/operator/translate.php
View File

@ -23,27 +23,30 @@ require_once('../libs/common.php');
require_once('../libs/operator.php'); require_once('../libs/operator.php');
require_once('../libs/pagination.php'); require_once('../libs/pagination.php');
function compare_localization_by_l1($a, $b) { function compare_localization_by_l1($a, $b)
if ($a == $b) { {
return 0; if ($a == $b) {
} return 0;
return ($a['l1'] < $b['l1']) ? -1 : 1; }
return ($a['l1'] < $b['l1']) ? -1 : 1;
} }
function compare_localization_by_id($a, $b) { function compare_localization_by_id($a, $b)
if ($a == $b) { {
return 0; if ($a == $b) {
} return 0;
return ($a['id'] < $b['id']) ? -1 : 1; }
return ($a['id'] < $b['id']) ? -1 : 1;
} }
function load_idlist($name) { function load_idlist($name)
{
$result = array(); $result = array();
$fp = @fopen(dirname(__FILE__)."/../locales/names/$name", "r"); $fp = @fopen(dirname(__FILE__) . "/../locales/names/$name", "r");
if($fp !== FALSE) { if ($fp !== FALSE) {
while (!feof($fp)) { while (!feof($fp)) {
$line = trim(fgets($fp, 4096)); $line = trim(fgets($fp, 4096));
if($line && preg_match("/^[\w_\.]+$/", $line)) { if ($line && preg_match("/^[\w_\.]+$/", $line)) {
$result[] = $line; $result[] = $line;
} }
} }
@ -52,62 +55,64 @@ function load_idlist($name) {
return $result; return $result;
} }
function save_message($locale,$key,$value) { function save_message($locale, $key, $value)
{
global $webim_encoding; global $webim_encoding;
$result = ""; $result = "";
$added = false; $added = false;
$current_encoding = $webim_encoding; $current_encoding = $webim_encoding;
$fp = fopen(dirname(__FILE__)."/../locales/$locale/properties", "r"); $fp = fopen(dirname(__FILE__) . "/../locales/$locale/properties", "r");
while (!feof($fp)) { while (!feof($fp)) {
$line = fgets($fp, 4096); $line = fgets($fp, 4096);
$keyval = preg_split("/=/", $line, 2 ); $keyval = preg_split("/=/", $line, 2);
if( isset($keyval[1]) ) { if (isset($keyval[1])) {
if($keyval[0] == 'encoding') { if ($keyval[0] == 'encoding') {
$current_encoding = trim($keyval[1]); $current_encoding = trim($keyval[1]);
} else if(!$added && $keyval[0] == $key) { } else if (!$added && $keyval[0] == $key) {
$line = "$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n"; $line = "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n";
$added = true; $added = true;
} }
} }
$result .= $line; $result .= $line;
} }
fclose($fp); fclose($fp);
if(!$added) { if (!$added) {
$result .= "$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n"; $result .= "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n";
} }
$fp = @fopen(dirname(__FILE__)."/../locales/$locale/properties", "w"); $fp = @fopen(dirname(__FILE__) . "/../locales/$locale/properties", "w");
if($fp !== FALSE) { if ($fp !== FALSE) {
fwrite($fp, $result); fwrite($fp, $result);
fclose($fp); fclose($fp);
} else { } else {
die("cannot write /locales/$locale/properties, please check file permissions on your server"); die("cannot write /locales/$locale/properties, please check file permissions on your server");
} }
$fp = @fopen(dirname(__FILE__)."/../locales/$locale/properties.log", "a"); $fp = @fopen(dirname(__FILE__) . "/../locales/$locale/properties.log", "a");
if($fp !== FALSE) { if ($fp !== FALSE) {
$extAddr = $_SERVER['REMOTE_ADDR']; $extAddr = $_SERVER['REMOTE_ADDR'];
if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) && if (isset($_SERVER['HTTP_X_FORWARDED_FOR']) &&
$_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) { $_SERVER['HTTP_X_FORWARDED_FOR'] != $_SERVER['REMOTE_ADDR']) {
$extAddr = $_SERVER['REMOTE_ADDR'].' ('.$_SERVER['HTTP_X_FORWARDED_FOR'].')'; $extAddr = $_SERVER['REMOTE_ADDR'] . ' (' . $_SERVER['HTTP_X_FORWARDED_FOR'] . ')';
} }
$userbrowser = $_SERVER['HTTP_USER_AGENT']; $userbrowser = $_SERVER['HTTP_USER_AGENT'];
$remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $extAddr; $remoteHost = isset($_SERVER['REMOTE_HOST']) ? $_SERVER['REMOTE_HOST'] : $extAddr;
fwrite($fp,"# ".date(DATE_RFC822)." by $remoteHost using $userbrowser\n"); fwrite($fp, "# " . date(DATE_RFC822) . " by $remoteHost using $userbrowser\n");
fwrite($fp,"$key=".myiconv($webim_encoding, $current_encoding, str_replace("\r", "",str_replace("\n", "\\n",trim($value))))."\n"); fwrite($fp, "$key=" . myiconv($webim_encoding, $current_encoding, str_replace("\r", "", str_replace("\n", "\\n", trim($value)))) . "\n");
fclose($fp); fclose($fp);
} }
} }
function get_auxiliary($s) { function get_auxiliary($s)
{
$res = ""; $res = "";
if(preg_match_all("/<[^>]+?>|[:]|\{\d+\}|[Mm]ibew|[Ww]ebim/", $s, $matches, PREG_PATTERN_ORDER)) { if (preg_match_all("/<[^>]+?>|[:]|\{\d+\}|[Mm]ibew|[Ww]ebim/", $s, $matches, PREG_PATTERN_ORDER)) {
foreach ($matches[0] as $val) { foreach ($matches[0] as $val) {
if($val != "<br/>") { if ($val != "<br/>") {
$res .= $val; $res .= $val;
} }
} }
} }
if(substr(trim($s),-1) == "." || substr(trim($s),-1) == "?") { if (substr(trim($s), -1) == "." || substr(trim($s), -1) == "?") {
$res .= "."; $res .= ".";
} }
return $res; return $res;
@ -119,11 +124,11 @@ $source = verifyparam("source", "/^[\w-]{2,5}$/", $default_locale);
$target = verifyparam("target", "/^[\w-]{2,5}$/", $current_locale); $target = verifyparam("target", "/^[\w-]{2,5}$/", $current_locale);
$stringid = verifyparam("key", "/^[_\.\w]+$/", ""); $stringid = verifyparam("key", "/^[_\.\w]+$/", "");
if(!isset($messages[$source])) { if (!isset($messages[$source])) {
load_messages($source); load_messages($source);
} }
$lang1 = $messages[$source]; $lang1 = $messages[$source];
if(!isset($messages[$target])) { if (!isset($messages[$target])) {
load_messages($target); load_messages($target);
} }
$lang2 = $messages[$target]; $lang2 = $messages[$target];
@ -136,16 +141,16 @@ $page = array(
'title2' => isset($lang2["localeid"]) ? $lang2["localeid"] : $target 'title2' => isset($lang2["localeid"]) ? $lang2["localeid"] : $target
); );
if($stringid) { if ($stringid) {
$translation = isset($lang2[$stringid]) ? $lang2[$stringid] : ""; $translation = isset($lang2[$stringid]) ? $lang2[$stringid] : "";
if(isset($_POST['translation'])) { if (isset($_POST['translation'])) {
$translation = getparam('translation'); $translation = getparam('translation');
if(!$translation) { if (!$translation) {
$errors[] = no_field("form.field.translation"); $errors[] = no_field("form.field.translation");
} }
if(count($errors) == 0) { if (count($errors) == 0) {
save_message($target, $stringid, $translation); save_message($target, $stringid, $translation);
$page['saved'] = true; $page['saved'] = true;
@ -169,7 +174,7 @@ if($stringid) {
$localesList = array(); $localesList = array();
$allLocales = get_available_locales(); $allLocales = get_available_locales();
foreach($allLocales as $loc) { foreach ($allLocales as $loc) {
$localesList[] = array("id" => $loc, "name" => getlocal_("localeid", $loc)); $localesList[] = array("id" => $loc, "name" => getlocal_("localeid", $loc));
} }
@ -177,35 +182,35 @@ $show = verifyparam("show", "/^(all|s1|s2|s3)$/", "all");
$result = array(); $result = array();
$allkeys = array_keys($lang1); $allkeys = array_keys($lang1);
if($show == 's1') { if ($show == 's1') {
$allkeys = array_intersect($allkeys, load_idlist('level1')); $allkeys = array_intersect($allkeys, load_idlist('level1'));
} else if($show == 's2') { } else if ($show == 's2') {
$allkeys = array_intersect($allkeys, load_idlist('level2')); $allkeys = array_intersect($allkeys, load_idlist('level2'));
} else if($show == 's3') { } else if ($show == 's3') {
$allkeys = array_diff($allkeys, load_idlist('level1'), load_idlist('level2')); $allkeys = array_diff($allkeys, load_idlist('level1'), load_idlist('level2'));
} }
foreach($allkeys as $key) { foreach ($allkeys as $key) {
if($key != 'output_charset') { if ($key != 'output_charset') {
$tsource = htmlspecialchars($lang1[$key]); $tsource = htmlspecialchars($lang1[$key]);
if(isset($lang2[$key])) { if (isset($lang2[$key])) {
$value = htmlspecialchars($lang2[$key]); $value = htmlspecialchars($lang2[$key]);
if(get_auxiliary($lang2[$key]) != get_auxiliary($lang1[$key])) { if (get_auxiliary($lang2[$key]) != get_auxiliary($lang1[$key])) {
$value = "<font color=\"#6030c1\"><b>$value</b></font> <strong>(wrong formatting)</strong>"; $value = "<font color=\"#6030c1\"><b>$value</b></font> <strong>(wrong formatting)</strong>";
} }
} else { } else {
$value = "<font color=\"#c13030\"><b>absent</b></font>"; $value = "<font color=\"#c13030\"><b>absent</b></font>";
} }
$result[] = array( $result[] = array(
'id' => $key, 'id' => $key,
'l1' => $tsource, 'l1' => $tsource,
'l2' => $value ); 'l2' => $value);
} }
} }
$order = verifyparam("sort", "/^(id|l1)$/", "id"); $order = verifyparam("sort", "/^(id|l1)$/", "id");
usort($result, "compare_localization_by_$order"); usort($result, "compare_localization_by_$order");
setup_pagination($result,100); setup_pagination($result, 100);
$page['formtarget'] = $target; $page['formtarget'] = $target;
$page['formsource'] = $source; $page['formsource'] = $source;

121
src/messenger/webim/operator/update.php
View File

@ -26,9 +26,9 @@ require_once('../libs/operator.php');
require_once('../libs/groups.php'); require_once('../libs/groups.php');
$operator = get_logged_in(); $operator = get_logged_in();
if( !$operator ) { if (!$operator) {
start_xml_output(); start_xml_output();
echo "<error><descr>".myiconv($webim_encoding,"utf-8",escape_with_cdata(getstring("agent.not_logged_in")))."</descr></error>"; echo "<error><descr>" . myiconv($webim_encoding, "utf-8", escape_with_cdata(getstring("agent.not_logged_in"))) . "</descr></error>";
exit; exit;
} }
@ -49,110 +49,113 @@ $threadstate_key = array(
$state_loading => "chat.thread.state_loading" $state_loading => "chat.thread.state_loading"
); );
function thread_to_xml($thread,$link) { function thread_to_xml($thread, $link)
{
global $state_chatting, $threadstate_to_string, $threadstate_key, global $state_chatting, $threadstate_to_string, $threadstate_key,
$webim_encoding, $operator, $settings, $webim_encoding, $operator, $settings,
$can_viewthreads, $can_takeover, $mysqlprefix; $can_viewthreads, $can_takeover, $mysqlprefix;
$state = $threadstate_to_string[$thread['istate']]; $state = $threadstate_to_string[$thread['istate']];
$result = "<thread id=\"".$thread['threadid']."\" stateid=\"$state\""; $result = "<thread id=\"" . $thread['threadid'] . "\" stateid=\"$state\"";
if( $state == "closed" ) if ($state == "closed")
return $result."/>"; return $result . "/>";
$state = getstring($threadstate_key[$thread['istate']]); $state = getstring($threadstate_key[$thread['istate']]);
$nextagent = $thread['nextagent'] != 0 ? operator_by_id_($thread['nextagent'],$link) : null; $nextagent = $thread['nextagent'] != 0 ? operator_by_id_($thread['nextagent'], $link) : null;
$threadoperator = $nextagent ? get_operator_name($nextagent) $threadoperator = $nextagent ? get_operator_name($nextagent)
: ($thread['agentName'] ? $thread['agentName'] : "-"); : ($thread['agentName'] ? $thread['agentName'] : "-");
if($threadoperator == "-" && $thread['groupname']) { if ($threadoperator == "-" && $thread['groupname']) {
$threadoperator = "- ".$thread['groupname']." -"; $threadoperator = "- " . $thread['groupname'] . " -";
} }
if(!($thread['istate'] == $state_chatting && $thread['agentId'] != $operator['operatorid'] && !is_capable($can_takeover,$operator))) { if (!($thread['istate'] == $state_chatting && $thread['agentId'] != $operator['operatorid'] && !is_capable($can_takeover, $operator))) {
$result .= " canopen=\"true\""; $result .= " canopen=\"true\"";
} }
if ($thread['agentId'] != $operator['operatorid'] && $thread['nextagent'] != $operator['operatorid'] if ($thread['agentId'] != $operator['operatorid'] && $thread['nextagent'] != $operator['operatorid']
&& is_capable($can_viewthreads, $operator)) { && is_capable($can_viewthreads, $operator)) {
$result .= " canview=\"true\""; $result .= " canview=\"true\"";
} }
if ($settings['enableban'] == "1") { if ($settings['enableban'] == "1") {
$result .= " canban=\"true\""; $result .= " canban=\"true\"";
} }
$banForThread = $settings['enableban'] == "1" ? ban_for_addr_($thread['remote'],$link) : false; $banForThread = $settings['enableban'] == "1" ? ban_for_addr_($thread['remote'], $link) : false;
if($banForThread) { if ($banForThread) {
$result .= " ban=\"blocked\" banid=\"".$banForThread['banid']."\""; $result .= " ban=\"blocked\" banid=\"" . $banForThread['banid'] . "\"";
} }
$result .= " state=\"$state\" typing=\"".$thread['userTyping']."\">"; $result .= " state=\"$state\" typing=\"" . $thread['userTyping'] . "\">";
$result .="<name>"; $result .= "<name>";
if($banForThread) { if ($banForThread) {
$result .= htmlspecialchars(getstring('chat.client.spam.prefix')); $result .= htmlspecialchars(getstring('chat.client.spam.prefix'));
} }
$result .= htmlspecialchars(htmlspecialchars(get_user_name($thread['userName'],$thread['remote'], $thread['userid'])))."</name>"; $result .= htmlspecialchars(htmlspecialchars(get_user_name($thread['userName'], $thread['remote'], $thread['userid']))) . "</name>";
$result .= "<addr>".htmlspecialchars(get_user_addr($thread['remote']))."</addr>"; $result .= "<addr>" . htmlspecialchars(get_user_addr($thread['remote'])) . "</addr>";
$result .= "<agent>".htmlspecialchars(htmlspecialchars($threadoperator))."</agent>"; $result .= "<agent>" . htmlspecialchars(htmlspecialchars($threadoperator)) . "</agent>";
$result .= "<time>".$thread['unix_timestamp(dtmcreated)']."000</time>"; $result .= "<time>" . $thread['unix_timestamp(dtmcreated)'] . "000</time>";
$result .= "<modified>".$thread['unix_timestamp(dtmmodified)']."000</modified>"; $result .= "<modified>" . $thread['unix_timestamp(dtmmodified)'] . "000</modified>";
if($banForThread) { if ($banForThread) {
$result .= "<reason>".$banForThread['comment']."</reason>"; $result .= "<reason>" . $banForThread['comment'] . "</reason>";
} }
$userAgent = get_useragent_version($thread['userAgent']); $userAgent = get_useragent_version($thread['userAgent']);
$result .= "<useragent>".$userAgent."</useragent>"; $result .= "<useragent>" . $userAgent . "</useragent>";
if( $thread["shownmessageid"] != 0 ) { if ($thread["shownmessageid"] != 0) {
$query = "select tmessage from ${mysqlprefix}chatmessage where messageid = ".$thread["shownmessageid"]; $query = "select tmessage from ${mysqlprefix}chatmessage where messageid = " . $thread["shownmessageid"];
$line = select_one_row($query, $link); $line = select_one_row($query, $link);
if( $line ) { if ($line) {
$message = preg_replace("/[\r\n\t]+/", " ", $line["tmessage"]); $message = preg_replace("/[\r\n\t]+/", " ", $line["tmessage"]);
$result .= "<message>".htmlspecialchars(htmlspecialchars($message))."</message>"; $result .= "<message>" . htmlspecialchars(htmlspecialchars($message)) . "</message>";
} }
} }
$result .= "</thread>"; $result .= "</thread>";
return $result; return $result;
} }
function print_pending_threads($groupids,$since) { function print_pending_threads($groupids, $since)
{
global $webim_encoding, $settings, $state_closed, $state_left, $mysqlprefix; global $webim_encoding, $settings, $state_closed, $state_left, $mysqlprefix;
$link = connect(); $link = connect();
$revision = $since; $revision = $since;
$output = array(); $output = array();
$query = "select threadid, userName, agentName, unix_timestamp(dtmcreated), userTyping, ". $query = "select threadid, userName, agentName, unix_timestamp(dtmcreated), userTyping, " .
"unix_timestamp(dtmmodified), lrevision, istate, remote, nextagent, agentId, userid, shownmessageid, userAgent, (select vclocalname from ${mysqlprefix}chatgroup where ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatthread.groupid) as groupname ". "unix_timestamp(dtmmodified), lrevision, istate, remote, nextagent, agentId, userid, shownmessageid, userAgent, (select vclocalname from ${mysqlprefix}chatgroup where ${mysqlprefix}chatgroup.groupid = ${mysqlprefix}chatthread.groupid) as groupname " .
"from ${mysqlprefix}chatthread where lrevision > $since ". "from ${mysqlprefix}chatthread where lrevision > $since " .
($since <= 0 ($since <= 0
? "AND istate <> $state_closed AND istate <> $state_left " ? "AND istate <> $state_closed AND istate <> $state_left "
: ""). : "") .
($settings['enablegroups'] == '1' ($settings['enablegroups'] == '1'
? "AND (groupid is NULL".($groupids ? "AND (groupid is NULL" . ($groupids
? " OR groupid IN ($groupids)" ? " OR groupid IN ($groupids)"
: ""). : "") .
") " ") "
: ""). : "") .
"ORDER BY threadid"; "ORDER BY threadid";
$rows = select_multi_assoc($query, $link); $rows = select_multi_assoc($query, $link);
foreach ($rows as $row) { foreach ($rows as $row) {
$thread = thread_to_xml($row,$link); $thread = thread_to_xml($row, $link);
$output[] = $thread; $output[] = $thread;
if( $row['lrevision'] > $revision ) if ($row['lrevision'] > $revision)
$revision = $row['lrevision']; $revision = $row['lrevision'];
} }
mysql_close($link); mysql_close($link);
echo "<threads revision=\"$revision\" time=\"".time()."000\">"; echo "<threads revision=\"$revision\" time=\"" . time() . "000\">";
foreach( $output as $thr ) { foreach ($output as $thr) {
print myiconv($webim_encoding,"utf-8",$thr); print myiconv($webim_encoding, "utf-8", $thr);
} }
echo "</threads>"; echo "</threads>";
} }
function print_operators() { function print_operators()
{
echo "<operators>"; echo "<operators>";
$operators = operator_get_all(); $operators = operator_get_all();
foreach($operators as $operator) { foreach ($operators as $operator) {
if (!operator_is_online($operator)) if (!operator_is_online($operator))
continue; continue;
@ -161,16 +164,16 @@ function print_operators() {
echo "<operator name=\"$name\"$away/>"; echo "<operator name=\"$name\"$away/>";
} }
echo "</operators>"; echo "</operators>";
} }
$since = verifyparam( "since", "/^\d{1,9}$/", 0); $since = verifyparam("since", "/^\d{1,9}$/", 0);
$status = verifyparam( "status", "/^\d{1,2}$/", 0); $status = verifyparam("status", "/^\d{1,2}$/", 0);
$showonline = verifyparam( "showonline", "/^1$/", 0); $showonline = verifyparam("showonline", "/^1$/", 0);
$link = connect(); $link = connect();
loadsettings_($link); loadsettings_($link);
if(!isset($_SESSION['operatorgroups'])) { if (!isset($_SESSION['operatorgroups'])) {
$_SESSION["${mysqlprefix}operatorgroups"] = get_operator_groupslist($operator['operatorid'], $link); $_SESSION["${mysqlprefix}operatorgroups"] = get_operator_groupslist($operator['operatorid'], $link);
} }
mysql_close($link); mysql_close($link);
@ -178,10 +181,10 @@ $groupids = $_SESSION["${mysqlprefix}operatorgroups"];
start_xml_output(); start_xml_output();
echo '<update>'; echo '<update>';
if($showonline) { if ($showonline) {
print_operators(); print_operators();
} }
print_pending_threads($groupids,$since); print_pending_threads($groupids, $since);
echo '</update>'; echo '</update>';
notify_operator_alive($operator['operatorid'], $status); notify_operator_alive($operator['operatorid'], $status);
exit; exit;

4
src/messenger/webim/operator/updates.php
View File

@ -34,8 +34,8 @@ $page = array(
'version' => $version, 'version' => $version,
); );
foreach($default_extensions as $ext) { foreach ($default_extensions as $ext) {
if(!extension_loaded($ext)) { if (!extension_loaded($ext)) {
$page['phpVersion'] .= " $ext/absent"; $page['phpVersion'] .= " $ext/absent";
} else { } else {
$ver = phpversion($ext); $ver = phpversion($ext);

23
src/messenger/webim/operator/userhistory.php
View File

@ -33,23 +33,24 @@ $page = array();
setlocale(LC_TIME, getstring("time.locale")); setlocale(LC_TIME, getstring("time.locale"));
$userid = ""; $userid = "";
if( isset($_GET['userid'])) { if (isset($_GET['userid'])) {
$userid = verifyparam( "userid", "/^.{0,63}$/", ""); $userid = verifyparam("userid", "/^.{0,63}$/", "");
} }
function threads_by_userid($userid) { function threads_by_userid($userid)
global $mysqlprefix; {
global $mysqlprefix;
if ($userid == "") { if ($userid == "") {
return null; return null;
} }
$link = connect(); $link = connect();
$query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, ". $query = sprintf("select unix_timestamp(dtmcreated) as created, unix_timestamp(dtmmodified) as modified, " .
" threadid, remote, agentName, userName ". " threadid, remote, agentName, userName " .
"from ${mysqlprefix}chatthread ". "from ${mysqlprefix}chatthread " .
"where userid=\"$userid\" order by created DESC", $userid); "where userid=\"$userid\" order by created DESC", $userid);
$result = mysql_query($query, $link) or die(' Query failed: ' .mysql_error($link) /*.": ".$query*/); $result = mysql_query($query, $link) or die(' Query failed: ' . mysql_error($link) /*.": ".$query*/);
$foundThreads = array(); $foundThreads = array();
while ($thread = mysql_fetch_array($result, MYSQL_ASSOC)) { while ($thread = mysql_fetch_array($result, MYSQL_ASSOC)) {
@ -64,7 +65,7 @@ function threads_by_userid($userid) {
$found = threads_by_userid($userid); $found = threads_by_userid($userid);
prepare_menu($operator); prepare_menu($operator);
setup_pagination($found,6); setup_pagination($found, 6);
start_html_output(); start_html_output();
require('../view/userhistory.php'); require('../view/userhistory.php');
?> ?>