3 | 4 | Welcome to the unofficial OSTicket API!
5 | The purpose of this API is to help the community and leverage the use of OSTicket.
6 | For more info, check our documentation: https://bmsvieira.gitbook.io/osticket-api/ 7 |
2 |
3 |
4 | Welcome to the unofficial OSTicket API!
5 | The purpose of this API is to help the community and leverage the use of OSTicket.
6 | For more info, check our documentation: https://bmsvieira.gitbook.io/osticket-api/
7 |
10 | Feel free to contribute by open a pull request! 11 |
MySQL error no {$mysqli->connect_errno} : {$mysqli->connect_error}
"; 13 | exit(); 14 | } 15 | return $mysqli; 16 | } 17 | } 18 | 19 | ?> -------------------------------------------------------------------------------- /ost_wbs/config.php: -------------------------------------------------------------------------------- 1 | 28 | -------------------------------------------------------------------------------- /LICENSE: -------------------------------------------------------------------------------- 1 | MIT License 2 | 3 | Copyright (c) 2021 BMSVieira 4 | 5 | Permission is hereby granted, free of charge, to any person obtaining a copy 6 | of this software and associated documentation files (the "Software"), to deal 7 | in the Software without restriction, including without limitation the rights 8 | to use, copy, modify, merge, publish, distribute, sublicense, and/or sell 9 | copies of the Software, and to permit persons to whom the Software is 10 | furnished to do so, subject to the following conditions: 11 | 12 | The above copyright notice and this permission notice shall be included in all 13 | copies or substantial portions of the Software. 14 | 15 | THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR 16 | IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY, 17 | FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE 18 | AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER 19 | LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM, 20 | OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE 21 | SOFTWARE. 22 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.key.php: -------------------------------------------------------------------------------- 1 | key = false; 9 | $this->cancreate = false; 10 | $this->isactive = false; 11 | $this->countR = false; 12 | } 13 | 14 | function OAuth($key) 15 | { 16 | 17 | if($key) $this->key = $key; 18 | if(strlen($key) != 32) { throw new Exception("Incorrect API Format"); } 19 | 20 | // Connect Database 21 | $Dbobj = new DBConnection(); 22 | $mysqli = $Dbobj->getDBConnect(); 23 | 24 | // Check API Key 25 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."api_key WHERE apiKey = ?"); 26 | $stmt->bind_param('s', $key); 27 | $stmt->execute(); 28 | 29 | $result = $stmt->get_result(); 30 | $row = $result->fetch_assoc(); 31 | 32 | $this->farray = $row; 33 | $this->countR = $result->num_rows; 34 | 35 | // If exists 36 | if(!$this->countR) 37 | throw new Exception("No API Key found."); 38 | // Check IPAddress 39 | if(!$row["isactive"] || APIKEY_RESTRICT && $row["ipaddr"] != $_SERVER['REMOTE_ADDR']) 40 | throw new Exception("API key not found/active or source IP not authorized"); 41 | 42 | define('CANCREATE', $this->farray["can_create_tickets"]); // Can create 43 | define('CANEXECUTE', $this->farray["can_exec_cron"]); // Can execute 44 | 45 | } 46 | 47 | function cancreate() 48 | { 49 | return $this->farray["can_create_tickets"]; 50 | } 51 | 52 | function isactive() 53 | { 54 | return $this->farray["isactive"]; 55 | } 56 | 57 | function ippaddr() 58 | { 59 | return $this->farray["ippaddr"]; 60 | } 61 | 62 | } 63 | 64 | // Init API Key verification 65 | $apiAuth = new apiKey; 66 | $apiAuth->OAuth($key["apikey"]); 67 | 68 | ?> -------------------------------------------------------------------------------- /ost_wbs/index.php: -------------------------------------------------------------------------------- 1 | $headers["apikey"]); 32 | 33 | // Body 34 | $requestBody = json_decode(file_get_contents('php://input'), true); 35 | 36 | // Request Data 37 | $classe = ucfirst($requestBody['query']); 38 | $method = $requestBody['condition']; 39 | 40 | // Sort & Parameters 41 | if (isset($requestBody['sort'])) { $sort = $requestBody['sort']; } else { $sort = null; } 42 | if (isset($requestBody['parameters'])) { $parameters = $requestBody['parameters']; } else { $parameters = null; } 43 | 44 | // Final Parameters 45 | $fparams = array("sort" => $sort, "parameters" => $parameters); 46 | 47 | try { 48 | 49 | // Check API Key 50 | require_once 'classes/class.key.php'; 51 | 52 | if(class_exists($classe)) 53 | { 54 | if(method_exists($classe, $method)) 55 | { 56 | // Start track execution time 57 | $time_start = microtime(true); 58 | 59 | // Call classe and method 60 | $return = call_user_func_array(array(new $classe, $method), array($fparams)); 61 | 62 | // End track execution time 63 | $time_end = microtime(true); 64 | $execution_time = ($time_end - $time_start); 65 | 66 | if(WRITE_SYSTEMLOG) 67 | helper::syslog($classe, $method, json_encode($return)); 68 | 69 | // Return values 70 | return json_encode(array('status' => 'Success', 'time' => $execution_time, 'data' => $return)); 71 | 72 | } else { 73 | return json_encode(array('status' => 'Error', 'message' => 'Condition not found.')); 74 | } 75 | 76 | } else { 77 | return json_encode(array('status' => 'Error', 'message' => 'Query not found.')); 78 | } 79 | 80 | 81 | } catch (Exception $e) 82 | { 83 | return json_encode(array('status' => 'Error', 'data' => $e->getMessage())); 84 | } 85 | } 86 | } 87 | 88 | // On request, do this 89 | if(isset($_REQUEST)){ echo OSTicketAPI::open($_REQUEST); } 90 | 91 | ?> 92 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.topics.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 18 | 19 | // Query 20 | $getTopics = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."help_topic WHERE ispublic = 1 AND topic_pid = 0 ORDER BY sort ASC"); 21 | 22 | // Array that stores all results 23 | $result = array(); 24 | $numRows = $getTopics->num_rows; 25 | 26 | // Fetch data 27 | while($PrintTopics = $getTopics->fetch_object()) 28 | { 29 | 30 | array_push($result, 31 | array( 32 | 'id'=>$PrintTopics->topic_id, 33 | 'parent'=>$PrintTopics->topic_pid, 34 | 'ispublic'=>$PrintTopics->ispublic, 35 | 'sort'=>$PrintTopics->sort, 36 | 'topic'=>utf8_encode($PrintTopics->topic), 37 | 'notes'=>$PrintTopics->notes, 38 | 'created'=>$PrintTopics->created, 39 | 'updated'=>$PrintTopics->updated 40 | )); 41 | 42 | } 43 | 44 | // Check if there are some results in the array 45 | if(!$result){ 46 | throw new Exception("No items found."); 47 | } 48 | 49 | // build return array 50 | $returnArray = array('total' => $numRows, 'topics' => $result); 51 | 52 | // Return values 53 | return $returnArray; 54 | } 55 | 56 | public function specific($parameters) 57 | { 58 | // Check Request method 59 | $validRequests = array("GET"); 60 | Helper::validRequest($validRequests); 61 | 62 | // Connect Database 63 | $Dbobj = new DBConnection(); 64 | $mysqli = $Dbobj->getDBConnect(); 65 | 66 | switch ($parameters["sort"]) { 67 | // Sorte by Date 68 | case "id": 69 | 70 | $tID = $parameters["parameters"]["id"]; 71 | // Query 72 | $getTopics = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."help_topic WHERE ispublic = 1 AND topic_id = " . $tID . " LIMIT 1"); 73 | 74 | break; 75 | case "name": 76 | 77 | $tName = Helper::remove_accents($parameters["parameters"]["name"]); 78 | // Query 79 | $getTopics = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."help_topic WHERE ispublic = 1 AND topic LIKE '%" . $tName . "%' LIMIT 1"); 80 | 81 | break; 82 | default: 83 | throw new Exception("Unknown Parameter."); 84 | break; 85 | } 86 | 87 | // Array that stores all results 88 | $result = array(); 89 | $numRows = $getTopics->num_rows; 90 | 91 | // Fetch data 92 | while($PrintTopics = $getTopics->fetch_object()) 93 | { 94 | 95 | array_push($result, 96 | array( 97 | 'id'=>$PrintTopics->topic_id, 98 | 'parent'=>$PrintTopics->topic_pid, 99 | 'ispublic'=>$PrintTopics->ispublic, 100 | 'sort'=>$PrintTopics->sort, 101 | 'topic'=>utf8_encode($PrintTopics->topic), 102 | 'notes'=>$PrintTopics->notes, 103 | 'created'=>$PrintTopics->created, 104 | 'updated'=>$PrintTopics->updated 105 | )); 106 | 107 | } 108 | 109 | // Check if there are some results in the array 110 | if(!$result){ 111 | throw new Exception("No items found."); 112 | } 113 | 114 | // build return array 115 | $returnArray = array('total' => $numRows, 'topic' => $result[0]); 116 | 117 | // Return values 118 | return $returnArray; 119 | } 120 | 121 | } 122 | 123 | ?> 124 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.faq.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 18 | 19 | // Query 20 | $getCategories = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."faq_category WHERE ispublic = 1"); 21 | 22 | // Array that stores all results 23 | $result = array(); 24 | $numRows = $getCategories->num_rows; 25 | 26 | // Fetch data 27 | while($PrintCategories = $getCategories->fetch_object()) 28 | { 29 | 30 | array_push($result, 31 | array( 32 | 'id'=>$PrintCategories->category_id, 33 | 'parent'=>$PrintCategories->category_pid, 34 | 'ispublic'=>$PrintCategories->ispublic, 35 | 'name'=>utf8_encode($PrintCategories->name), 36 | 'description'=>$PrintCategories->description, 37 | 'notes'=>$PrintCategories->notes, 38 | 'created'=>$PrintCategories->created, 39 | 'updated'=>$PrintCategories->updated 40 | )); 41 | 42 | } 43 | 44 | foreach ($result as $key=>$category) { 45 | 46 | if ($result[$key]['faqs'] = $this->specific(['parameters'=>["id"=>$category['id']]],TRUE) ) 47 | { 48 | 49 | } else { 50 | $result[$key]['faqs'] = NULL; 51 | 52 | } 53 | 54 | $i = 0; 55 | if ($category['parent']) { 56 | 57 | $parentArrayID = $this->getCategoryID($category['parent'],$result); 58 | $result[$parentArrayID]['children'][] = $result[$key]; 59 | $result[$parentArrayID]['children']['count'] = ++$i; 60 | --$numRows; 61 | unset($result[$key]); 62 | 63 | } else { 64 | 65 | $result[$key]['children']['count'] = 0; 66 | 67 | } 68 | 69 | } 70 | 71 | // Check if there are some results in the array 72 | if(!$result){ 73 | throw new Exception("No items found."); 74 | } 75 | 76 | // build return array 77 | $returnArray = array('total' => $numRows, 'categories' => $result); 78 | 79 | // Return values 80 | return $returnArray; 81 | } 82 | 83 | public function specific($parameters,$exception = FALSE) 84 | { 85 | // Escape Parameters 86 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 87 | 88 | // Check Request method 89 | $validRequests = array("GET"); 90 | Helper::validRequest($validRequests); 91 | 92 | // Connect Database 93 | $Dbobj = new DBConnection(); 94 | $mysqli = $Dbobj->getDBConnect(); 95 | $cID = $parameters["parameters"]["id"]; 96 | 97 | // Query 98 | $getFaq = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."faq WHERE category_id = " . $cID . " AND ispublished = 1"); 99 | 100 | // Array that stores all results 101 | $result = array(); 102 | $numRows = $getFaq->num_rows; 103 | 104 | // Fetch data 105 | while($PrintFaq = $getFaq->fetch_object()) 106 | { 107 | array_push($result, 108 | array( 109 | 'id'=>$PrintFaq->faq_id, 110 | 'category'=>$PrintFaq->category_id, 111 | 'ispublished'=>$PrintFaq->ispublished, 112 | 'question'=>utf8_encode($PrintFaq->question), 113 | 'answer'=>$PrintFaq->answer, 114 | 'keywords'=>$PrintFaq->keywords, 115 | 'notes'=>$PrintFaq->notes, 116 | 'created'=>$PrintFaq->created, 117 | 'updated'=>$PrintFaq->updated 118 | )); 119 | 120 | } 121 | 122 | // Check if there are some results in the array 123 | if(!$result && !$exception) { 124 | throw new Exception("No items found."); 125 | } 126 | 127 | // build return array 128 | $returnArray = array('total' => $numRows, 'faq' => $result); 129 | 130 | // Return values 131 | return $returnArray; 132 | } 133 | 134 | private function getCategoryID($id, $results) 135 | { 136 | if (!is_array($results)){ 137 | 138 | throw new Exception("Invalid type."); 139 | 140 | } 141 | foreach ($results as $key=>$result) 142 | { 143 | if($result['id'] == $id) { 144 | 145 | return $key; 146 | 147 | } 148 | } 149 | 150 | throw new Exception("Error creating category structure."); 151 | } 152 | 153 | } 154 | 155 | ?> 156 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.department.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 16 | 17 | switch ($parameters["sort"]) { 18 | // Sorte by Date 19 | case "creationDate": 20 | 21 | // Get Start&End Date 22 | $startDate = $parameters['parameters']['start_date']; 23 | $endDate = $parameters['parameters']['end_date']; 24 | 25 | // Query 26 | $getDepartment = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."department WHERE ".TABLE_PREFIX."department.created >= '$startDate' and ".TABLE_PREFIX."department.created <= '$endDate'"); 27 | 28 | break; 29 | case "name": 30 | $getDepartment = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."department WHERE " . TABLE_PREFIX . "department.pid IS NULL AND " . TABLE_PREFIX . "department.ispublic = 1 ORDER BY " . TABLE_PREFIX . "department.name ASC"); 31 | break; 32 | default: 33 | throw new Exception("Unknown Parameter."); 34 | break; 35 | } 36 | 37 | // Array that stores all results 38 | $result = array(); 39 | $numRows = $getDepartment->num_rows; 40 | 41 | // Fetch data 42 | while($printDepartment = $getDepartment->fetch_object()) 43 | { 44 | array_push($result, 45 | array( 46 | 'department_id'=>$printDepartment->id, 47 | 'name'=>utf8_encode($printDepartment->name), 48 | 'created'=>$printDepartment->created 49 | )); 50 | 51 | } 52 | 53 | // Check if there are some results in the array 54 | if(!$result){ 55 | throw new Exception("No items found."); 56 | } 57 | 58 | // build return array 59 | $returnArray = array('total' => $numRows, 'departments' => $result); 60 | 61 | // Return values 62 | return $returnArray; 63 | } 64 | 65 | public function specific($parameters) 66 | { 67 | // Escape Parameters 68 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 69 | 70 | // Check Request method 71 | $validRequests = array("GET"); 72 | Helper::validRequest($validRequests); 73 | 74 | // Connect Database 75 | $Dbobj = new DBConnection(); 76 | $mysqli = $Dbobj->getDBConnect(); 77 | $depID = $parameters["parameters"]["id"]; 78 | 79 | // set query 80 | $getDepartment = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."department WHERE ".TABLE_PREFIX."department.id = '$depID'"); 81 | 82 | // Array that stores all results 83 | $result = array(); 84 | $numRows = $getDepartment->num_rows; 85 | 86 | // Fetch data 87 | while($printDepartment = $getDepartment->fetch_object()) 88 | { 89 | array_push($result, 90 | array( 91 | 'department_id'=>$printDepartment->id, 92 | 'name'=>utf8_encode($printDepartment->name), 93 | 'created'=>$printDepartment->created 94 | )); 95 | } 96 | 97 | // Check if there are some results in the array 98 | if(!$result){ 99 | throw new Exception("No items found."); 100 | } 101 | 102 | // build return array 103 | $returnArray = array('total' => $numRows, 'departments' => $result); 104 | 105 | // Return values 106 | return $returnArray; 107 | } 108 | 109 | public function add($parameters) 110 | { 111 | 112 | // Check Permission 113 | Helper::checkPermission(); 114 | 115 | // Check Request method 116 | $validRequests = array("POST", "PUT"); 117 | Helper::validRequest($validRequests); 118 | 119 | // Expected parameters 120 | $expectedParameters = array("name", "signature", "flags"); 121 | 122 | // Check if all paremeters are correct 123 | Helper::checkRequest($parameters, $expectedParameters); 124 | 125 | // Check if row already exists 126 | if($this->checkExists('name', $parameters["parameters"]['name'])) { throw new Exception("Item Already exists"); } 127 | 128 | // Prepare query 129 | $paramOrder = ""; 130 | $valuesOrder = ""; 131 | 132 | foreach ($parameters["parameters"] as $key => $value) { 133 | 134 | // Parameters order 135 | $paramOrder = $paramOrder.",".$key; 136 | // Values order 137 | if(is_numeric($value)) { $valuesOrder = $valuesOrder.",".$value.""; } else { $valuesOrder = $valuesOrder.",'".$value."'";} 138 | } 139 | 140 | // Remove first comma 141 | $paramOrder = substr($paramOrder, 1); 142 | $valuesOrder = substr($valuesOrder, 1); 143 | 144 | // final Query 145 | $addQuery = "INSERT INTO ".TABLE_PREFIX."department "; 146 | $addQuery .= "(".$paramOrder.", created, updated)"; 147 | $addQuery .= "VALUES(".$valuesOrder.", now(), now())"; 148 | 149 | // Send query to be executed 150 | return $this->execQuery($addQuery); 151 | 152 | } 153 | private function checkExists($field, $value) 154 | { 155 | 156 | // Connect Database 157 | $Dbobj = new DBConnection(); 158 | $mysqli = $Dbobj->getDBConnect(); 159 | 160 | // Check if already exists 161 | $checkExists = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."department WHERE ".TABLE_PREFIX."department.".$field." = '".$value."'"); 162 | $numRows = $checkExists->num_rows; 163 | 164 | return $numRows; 165 | 166 | } 167 | 168 | private function execQuery($string) 169 | { 170 | // Connect Database 171 | $Dbobj = new DBConnection(); 172 | $mysqli = $Dbobj->getDBConnect(); 173 | 174 | // Check if already exists 175 | $insertRecord = $mysqli->query($string); 176 | 177 | if($insertRecord) 178 | { 179 | return "Success! Row 1 affected."; 180 | } else { 181 | throw new Exception("Something went wrong."); 182 | } 183 | } 184 | } 185 | ?> 186 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.tasks.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 16 | 17 | switch ($parameters["sort"]) { 18 | // Sorte by Date 19 | case "creationDate": 20 | 21 | // Get Start&End Date 22 | $startDate = $parameters['parameters']['start_date']; 23 | $endDate = $parameters['parameters']['end_date']; 24 | $ticketId = $parameters['parameters']['ticket_id']; 25 | 26 | // Query 27 | $getTask = $mysqli->query("select 28 | ".TABLE_PREFIX."task.id, 29 | ".TABLE_PREFIX."task__cdata.task_id, 30 | ".TABLE_PREFIX."task.id, 31 | ".TABLE_PREFIX."thread.object_id, 32 | ".TABLE_PREFIX."thread.id, 33 | ".TABLE_PREFIX."thread_entry.thread_id, 34 | ".TABLE_PREFIX."task.created, 35 | ".TABLE_PREFIX."task.object_id, 36 | ".TABLE_PREFIX."task.object_type, 37 | ".TABLE_PREFIX."thread.object_type, 38 | ".TABLE_PREFIX."task__cdata.title as title, 39 | ".TABLE_PREFIX."thread_entry.body as body 40 | FROM ".TABLE_PREFIX."task 41 | LEFT JOIN ".TABLE_PREFIX."task__cdata ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."task__cdata.task_id 42 | LEFT JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."thread.object_id 43 | LEFT JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id 44 | WHERE ".TABLE_PREFIX."task.created >= '".$startDate."' 45 | AND ".TABLE_PREFIX."task.created <= '".$endDate."' 46 | AND ".TABLE_PREFIX."task.object_id = ".$ticketId." 47 | AND ".TABLE_PREFIX."task.object_type = 'T' 48 | AND ".TABLE_PREFIX."thread.object_type = 'A'"); 49 | 50 | break; 51 | case "byTicket": 52 | 53 | // Get TicketID 54 | $ticketId = $parameters['parameters']['ticket_id']; 55 | 56 | // Query 57 | $getTask = $mysqli->query("select 58 | ".TABLE_PREFIX."task.id, 59 | ".TABLE_PREFIX."task__cdata.task_id, 60 | ".TABLE_PREFIX."task.id, 61 | ".TABLE_PREFIX."thread.object_id, 62 | ".TABLE_PREFIX."thread.id, 63 | ".TABLE_PREFIX."thread_entry.thread_id, 64 | ".TABLE_PREFIX."task.created, 65 | ".TABLE_PREFIX."task.object_id, 66 | ".TABLE_PREFIX."task.object_type, 67 | ".TABLE_PREFIX."thread.object_type, 68 | ".TABLE_PREFIX."task__cdata.title as title, 69 | ".TABLE_PREFIX."thread_entry.body as body 70 | FROM ".TABLE_PREFIX."task 71 | LEFT JOIN ".TABLE_PREFIX."task__cdata ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."task__cdata.task_id 72 | LEFT JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."thread.object_id 73 | LEFT JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id 74 | WHERE ".TABLE_PREFIX."task.object_id = ".$ticketId." 75 | AND ".TABLE_PREFIX."task.object_type = 'T' 76 | AND ".TABLE_PREFIX."thread.object_type = 'A'"); 77 | 78 | break; 79 | default: 80 | throw new Exception("Unknown Parameter."); 81 | break; 82 | } 83 | 84 | // Array that stores all results 85 | $result = array(); 86 | $numRows = $getTask->num_rows; 87 | 88 | // Fetch data 89 | while($printTask = $getTask->fetch_object()) 90 | { 91 | array_push($result, 92 | array( 93 | 'task_id'=>$printTask->id, 94 | 'title'=>utf8_encode($printTask->title), 95 | 'description'=>utf8_encode($printTask->body), 96 | 'created'=>$printTask->created 97 | )); 98 | 99 | } 100 | 101 | // Check if there are some results in the array 102 | if(!$result){ 103 | throw new Exception("No items found."); 104 | } 105 | 106 | // build return array 107 | $returnArray = array('total' => $numRows, 'tasks' => $result); 108 | 109 | // Return values 110 | return $returnArray; 111 | } 112 | 113 | public function specific($parameters) 114 | { 115 | // Escape Parameters 116 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 117 | 118 | // Check Request method 119 | $validRequests = array("GET"); 120 | Helper::validRequest($validRequests); 121 | 122 | // Connect Database 123 | $Dbobj = new DBConnection(); 124 | $mysqli = $Dbobj->getDBConnect(); 125 | $taskID = $parameters["parameters"]["id"]; 126 | 127 | // set query 128 | $getTask = $mysqli->query("select 129 | 130 | ".TABLE_PREFIX."task__cdata.task_id, 131 | ".TABLE_PREFIX."thread.object_id, 132 | ".TABLE_PREFIX."thread.id, 133 | ".TABLE_PREFIX."task.id, 134 | ".TABLE_PREFIX."thread_entry.thread_id, 135 | ".TABLE_PREFIX."task.created, 136 | ".TABLE_PREFIX."task.object_id, 137 | ".TABLE_PREFIX."task.object_type, 138 | ".TABLE_PREFIX."thread.object_type, 139 | ".TABLE_PREFIX."task__cdata.title as title, 140 | ".TABLE_PREFIX."thread_entry.body as body 141 | FROM ".TABLE_PREFIX."task 142 | INNER JOIN ".TABLE_PREFIX."task__cdata ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."task__cdata.task_id 143 | INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."task.id = ".TABLE_PREFIX."thread.object_id 144 | INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id 145 | AND ".TABLE_PREFIX."task.id = ".$taskID." 146 | AND ".TABLE_PREFIX."task.object_type = 'T' 147 | AND ".TABLE_PREFIX."thread.object_type = 'A'"); 148 | 149 | // Array that stores all results 150 | $result = array(); 151 | $numRows = $getTask->num_rows; 152 | 153 | // Fetch data 154 | while($printTask = $getTask->fetch_object()) 155 | { 156 | array_push($result, 157 | array( 158 | 'task_id'=>$printTask->id, 159 | 'title'=>utf8_encode($printTask->title), 160 | 'description'=>utf8_encode($printTask->body), 161 | 'created'=>$printTask->created 162 | )); 163 | } 164 | 165 | // Check if there are some results in the array 166 | if(!$result){ 167 | throw new Exception("No items found."); 168 | } 169 | 170 | // build return array 171 | $returnArray = array('total' => $numRows, 'tasks' => $result); 172 | 173 | // Return values 174 | return $returnArray; 175 | } 176 | 177 | } 178 | ?> 179 | -------------------------------------------------------------------------------- /ost_wbs/classes/class.sla.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 16 | 17 | switch ($parameters["sort"]) { 18 | // Sorte by Date 19 | case "creationDate": 20 | 21 | // Get Start&End Date 22 | $startDate = $parameters['parameters']['start_date']; 23 | $endDate = $parameters['parameters']['end_date']; 24 | 25 | // Query 26 | $getSla = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."sla WHERE ".TABLE_PREFIX."sla.created >= '$startDate' and ".TABLE_PREFIX."sla.created <= '$endDate'"); 27 | 28 | break; 29 | default: 30 | throw new Exception("Unknown Parameter."); 31 | break; 32 | } 33 | 34 | // Array that stores all results 35 | $result = array(); 36 | $numRows = $getSla->num_rows; 37 | 38 | // Fetch data 39 | while($printSla = $getSla->fetch_object()) 40 | { 41 | array_push($result, 42 | array( 43 | 'sla_id'=>$printSla->id, 44 | 'flags'=>$printSla->flags, 45 | 'grace_period'=>$printSla->grace_period, 46 | 'name'=>utf8_encode($printSla->name), 47 | 'notes'=>utf8_encode($printSla->notes), 48 | 'created'=>$printSla->created 49 | )); 50 | } 51 | 52 | // Check if there are some results in the array 53 | if(!$result){ 54 | throw new Exception("No items found."); 55 | } 56 | 57 | // build return array 58 | $returnArray = array('total' => $numRows, 'sla' => $result); 59 | 60 | // Return values 61 | return $returnArray; 62 | } 63 | 64 | public function specific($parameters) 65 | { 66 | // Escape Parameters 67 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 68 | 69 | // Connect Database 70 | $Dbobj = new DBConnection(); 71 | $mysqli = $Dbobj->getDBConnect(); 72 | $uID = $parameters["parameters"]["id"]; 73 | 74 | // set query 75 | $getSla = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."sla WHERE ".TABLE_PREFIX."sla.id = '$uID'"); 76 | 77 | // Array that stores all results 78 | $result = array(); 79 | $numRows = $getSla->num_rows; 80 | 81 | // Fetch data 82 | while($printSla = $getSla->fetch_object()) 83 | { 84 | array_push($result, 85 | array( 86 | 'sla_id'=>$printSla->id, 87 | 'flags'=>$printSla->flags, 88 | 'grace_period'=>$printSla->grace_period, 89 | 'name'=>utf8_encode($printSla->name), 90 | 'notes'=>utf8_encode($printSla->notes), 91 | 'created'=>$printSla->created 92 | )); 93 | } 94 | 95 | // Check if there are some results in the array 96 | if(!$result){ 97 | throw new Exception("No items found."); 98 | } 99 | 100 | // build return array 101 | $returnArray = array('total' => $numRows, 'sla' => $result); 102 | 103 | // Return values 104 | return $returnArray; 105 | } 106 | 107 | 108 | public function add($parameters) 109 | { 110 | 111 | // Check Permission 112 | Helper::checkPermission(); 113 | 114 | // Check Request method 115 | $validRequests = array("POST", "PUT"); 116 | Helper::validRequest($validRequests); 117 | 118 | // Expected parameters 119 | $expectedParameters = array("name", "flags", "grace_period", "schedule_id", "notes"); 120 | 121 | // Check if all paremeters are correct 122 | Helper::checkRequest($parameters, $expectedParameters); 123 | 124 | // Check if row already exists 125 | if($this->checkExists('name', $parameters["parameters"]['name'], "sla")) { throw new Exception("Item Already exists"); } 126 | 127 | // Prepare query 128 | $paramOrder = ""; 129 | $valuesOrder = ""; 130 | 131 | foreach ($parameters["parameters"] as $key => $value) { 132 | 133 | // Parameters order 134 | $paramOrder = $paramOrder.",".$key; 135 | // Values order 136 | if(is_numeric($value)) { $valuesOrder = $valuesOrder.",".$value.""; } else { $valuesOrder = $valuesOrder.",'".$value."'";} 137 | } 138 | 139 | // Remove first comma 140 | $paramOrder = substr($paramOrder, 1); 141 | $valuesOrder = substr($valuesOrder, 1); 142 | 143 | // final Query 144 | $addQuery = "INSERT INTO ".TABLE_PREFIX."sla "; 145 | $addQuery .= "(".$paramOrder.", created, updated)"; 146 | $addQuery .= "VALUES(".$valuesOrder.", now(), now())"; 147 | 148 | // Send query to be executed 149 | return $this->execQuery($addQuery); 150 | 151 | } 152 | 153 | public function delete($parameters) 154 | { 155 | 156 | // Check Permission 157 | Helper::checkPermission(); 158 | 159 | // Check Request method 160 | $validRequests = array("DELETE"); 161 | Helper::validRequest($validRequests); 162 | 163 | // Expected parameters 164 | $expectedParameters = array("id"); 165 | 166 | // Check if all paremeters are correct 167 | Helper::checkRequest($parameters, $expectedParameters); 168 | 169 | // Prepare query 170 | $paramOrder = ""; 171 | $valuesOrder = ""; 172 | 173 | if($this->checkExists('id', $parameters["parameters"]['id'], "sla") == 0) { throw new Exception("Item does not exist."); } 174 | 175 | foreach ($parameters["parameters"] as $key => $value) { 176 | 177 | // Parameters order 178 | $paramOrder = $paramOrder.",".$key; 179 | // Values order 180 | if(is_numeric($value)) { $valuesOrder = $valuesOrder.",".$value.""; } else { $valuesOrder = $valuesOrder.",'".$value."'";} 181 | } 182 | 183 | // Remove first comma 184 | $paramOrder = substr($paramOrder, 1); 185 | $valuesOrder = substr($valuesOrder, 1); 186 | 187 | // final Query 188 | $addQuery = "DELETE FROM ".TABLE_PREFIX."sla "; 189 | $addQuery .= "WHERE id= ".$valuesOrder; 190 | 191 | // Send query to be executed 192 | return $this->execQuery($addQuery); 193 | 194 | } 195 | 196 | private function checkExists($field, $value, $table) 197 | { 198 | // Connect Database 199 | $Dbobj = new DBConnection(); 200 | $mysqli = $Dbobj->getDBConnect(); 201 | 202 | // Check if already exists 203 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."".$table." WHERE ".$field." = ?"); 204 | $stmt->bind_param('s', $value); 205 | $stmt->execute(); 206 | 207 | $result = $stmt->get_result(); 208 | $numRows = $result->num_rows; 209 | 210 | return $numRows; 211 | } 212 | 213 | private function execQuery($string) 214 | { 215 | // Connect Database 216 | $Dbobj = new DBConnection(); 217 | $mysqli = $Dbobj->getDBConnect(); 218 | 219 | // Check if already exists 220 | $insertRecord = $mysqli->query($string); 221 | 222 | if($insertRecord) 223 | { 224 | return "Success! Row 1 affected."; 225 | } else { 226 | throw new Exception("Something went wrong."); 227 | } 228 | } 229 | 230 | } 231 | ?> -------------------------------------------------------------------------------- /ost_wbs/classes/class.user.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 16 | 17 | switch ($parameters["sort"]) { 18 | // Sorte by Date 19 | case "creationDate": 20 | 21 | // Get Start&End Date 22 | $startDate = $parameters['parameters']['start_date']; 23 | $endDate = $parameters['parameters']['end_date']; 24 | 25 | // Query 26 | $getUser = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."user WHERE ".TABLE_PREFIX."user.created >= '$startDate' and ".TABLE_PREFIX."user.created <= '$endDate'"); 27 | 28 | break; 29 | default: 30 | throw new Exception("Unknown Parameter."); 31 | break; 32 | } 33 | 34 | // Array that stores all results 35 | $result = array(); 36 | $numRows = $getUser->num_rows; 37 | 38 | // Fetch data 39 | while($PrintUsers = $getUser->fetch_object()) 40 | { 41 | array_push($result, 42 | array( 43 | 'user_id'=>$PrintUsers->id, 44 | 'name'=>utf8_encode($PrintUsers->name), 45 | 'created'=>$PrintUsers->created 46 | )); 47 | 48 | } 49 | 50 | // Check if there are some results in the array 51 | if(!$result){ 52 | throw new Exception("No items found."); 53 | } 54 | 55 | // build return array 56 | $returnArray = array('total' => $numRows, 'users' => $result); 57 | 58 | // Return values 59 | return $returnArray; 60 | } 61 | 62 | public function specific($parameters) 63 | { 64 | // Escape Parameters 65 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 66 | 67 | // Check Request method 68 | $validRequests = array("GET"); 69 | Helper::validRequest($validRequests); 70 | 71 | // Connect Database 72 | $Dbobj = new DBConnection(); 73 | $mysqli = $Dbobj->getDBConnect(); 74 | 75 | 76 | switch ($parameters["sort"]) { 77 | 78 | // Sorte by ID 79 | case "id": 80 | 81 | // Get ID 82 | $uID = $parameters["parameters"]["id"]; 83 | // set query 84 | $getUser = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."user WHERE ".TABLE_PREFIX."user.id = '$uID'"); 85 | 86 | break; 87 | // Sorte by Email 88 | case "email": 89 | 90 | // Get Email 91 | $uEmail = $parameters["parameters"]["email"]; 92 | // set query 93 | $getUser = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."user INNER JOIN ".TABLE_PREFIX."user_email ON ".TABLE_PREFIX."user.id = ".TABLE_PREFIX."user_email.user_id WHERE ".TABLE_PREFIX."user_email.address = '$uEmail'"); 94 | 95 | break; 96 | default: 97 | throw new Exception("Unknown Parameter."); 98 | break; 99 | } 100 | 101 | 102 | // Array that stores all results 103 | $result = array(); 104 | $numRows = $getUser->num_rows; 105 | 106 | // Fetch data 107 | while($PrintUsers = $getUser->fetch_object()) 108 | { 109 | array_push($result, 110 | array( 111 | 'user_id'=>$PrintUsers->id, 112 | 'name'=>utf8_encode($PrintUsers->name), 113 | 'created'=>$PrintUsers->created 114 | )); 115 | } 116 | 117 | // Check if there are some results in the array 118 | if(!$result){ 119 | throw new Exception("No items found."); 120 | } 121 | 122 | // build return array 123 | $returnArray = array('total' => $numRows, 'users' => $result); 124 | 125 | // Return values 126 | return $returnArray; 127 | } 128 | 129 | public function add($parameters) 130 | { 131 | 132 | // Check Permission 133 | Helper::checkPermission(); 134 | 135 | // Check Request method 136 | $validRequests = array("POST", "PUT"); 137 | Helper::validRequest($validRequests); 138 | 139 | // Expected parameters 140 | $expectedParameters = array("name", "email", "password", "timezone", "phone", "org_id", "default_email_id", "status"); 141 | 142 | // Check if all paremeters are correct 143 | Helper::checkRequest($parameters, $expectedParameters); 144 | 145 | // Escape parameters 146 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 147 | 148 | // Prepare query 149 | if($this->checkExists('address', $parameters["parameters"]['email'], "user_email") > 0) { throw new Exception("This email is already being used by a user."); } 150 | 151 | // table - 'user' 152 | $user = 'insert into '.TABLE_PREFIX.'user ('; 153 | $user .= 'org_id,'; 154 | $user .= 'default_email_id,'; 155 | $user .= 'status,'; 156 | $user .= 'name,'; 157 | $user .= 'created,'; 158 | $user .= 'updated) VALUES ('; 159 | $user .= ''.$parameters["parameters"]["org_id"].','; 160 | $user .= ''.$parameters["parameters"]["default_email_id"].','; 161 | $user .= ''.$parameters["parameters"]["status"].','; 162 | $user .= '"'.$parameters["parameters"]["name"].'",'; 163 | $user .= 'now(),'; 164 | $user .= 'now())'; 165 | 166 | // Send query to be executed 167 | $this->execQuery($user); 168 | 169 | // Get inserted user ID 170 | $last_user_id = Helper::get_last_id("user", "id"); 171 | 172 | // table - 'user__cdata' 173 | $user__cdata = 'insert into '.TABLE_PREFIX.'user__cdata ('; 174 | $user__cdata .= 'user_id,'; 175 | $user__cdata .= 'email,'; 176 | $user__cdata .= 'name,'; 177 | $user__cdata .= 'phone) VALUES ('; 178 | $user__cdata .= ''.$last_user_id.','; 179 | $user__cdata .= '"'.$parameters["parameters"]["email"].'",'; 180 | $user__cdata .= '"'.$parameters["parameters"]["name"].'",'; 181 | $user__cdata .= ''.$parameters["parameters"]["phone"].')'; 182 | 183 | // Send query to be executed 184 | $this->execQuery($user__cdata); 185 | 186 | // table - 'user_email' 187 | $user_email = 'insert into '.TABLE_PREFIX.'user_email ('; 188 | $user_email .= 'user_id,'; 189 | $user_email .= 'address) VALUES ('; 190 | $user_email .= ''.$last_user_id.','; 191 | $user_email .= '"'.$parameters["parameters"]["email"].'")'; 192 | 193 | // Send query to be executed 194 | $this->execQuery($user_email); 195 | 196 | // table - 'ost_user_account' 197 | $user_account = 'insert into '.TABLE_PREFIX.'user_account ('; 198 | $user_account .= 'user_id,'; 199 | $user_account .= 'status,'; 200 | $user_account .= 'timezone,'; 201 | $user_account .= 'passwd,'; 202 | $user_account .= 'registered) VALUES ('; 203 | $user_account .= ''.$last_user_id.', '; 204 | $user_account .= '1, '; 205 | $user_account .= '"'.$parameters["parameters"]["timezone"].'", '; 206 | $user_account .= '"'.$parameters["parameters"]["password"].'", '; 207 | $user_account .= 'now())'; 208 | 209 | // Send query to be executed 210 | return $this->execQuery($user_account); 211 | 212 | } 213 | 214 | private function checkExists($field, $value, $table) 215 | { 216 | // Connect Database 217 | $Dbobj = new DBConnection(); 218 | $mysqli = $Dbobj->getDBConnect(); 219 | 220 | // Check if already exists 221 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."".$table." WHERE ".$field." = ?"); 222 | $stmt->bind_param('s', $value); 223 | $stmt->execute(); 224 | 225 | $result = $stmt->get_result(); 226 | $numRows = $result->num_rows; 227 | 228 | return $numRows; 229 | } 230 | 231 | 232 | private function execQuery($string) 233 | { 234 | // Connect Database 235 | $Dbobj = new DBConnection(); 236 | $mysqli = $Dbobj->getDBConnect(); 237 | 238 | // Run query 239 | $insertRecord = $mysqli->query($string); 240 | 241 | if($insertRecord){ 242 | 243 | // Get inserted user ID 244 | $last_user_id = Helper::get_last_id("user", "id"); 245 | return $last_user_id; 246 | 247 | } else { 248 | throw new Exception("Something went wrong."); 249 | } 250 | } 251 | } 252 | ?> -------------------------------------------------------------------------------- /ost_wbs/classes/class.helper.php: -------------------------------------------------------------------------------- 1 | getDBConnect(); 58 | 59 | // Check if already exists 60 | $stmt = $mysqli->prepare("INSERT INTO ".TABLE_PREFIX."syslog (log_type, title, log, ip_address, created, updated, logger) VALUES (?, ?, ?, ?, ?, ?, '')"); 61 | $stmt->bind_param('ssssss', $logtype, $title, $log, $ipaddress, $created, $updated); 62 | 63 | $logtype = "Debug"; 64 | $title = "OSTicket API: ".$classe." - ".$method; 65 | $log = $return; 66 | $ipaddress = $_SERVER['SERVER_ADDR']; 67 | $created = date("Y-m-d H:i:s"); 68 | $updated = date("Y-m-d H:i:s"); 69 | 70 | $stmt->execute(); 71 | } 72 | 73 | // Get last ID 74 | static function get_last_id($table, $field) 75 | { 76 | // Connect Database 77 | $Dbobj = new DBConnection(); 78 | $mysqli = $Dbobj->getDBConnect(); 79 | 80 | // Get last inserted ID 81 | $getLastId = $mysqli->query("SELECT ".$field." FROM ".TABLE_PREFIX."".$table." ORDER BY ".$field." DESC LIMIT 1"); 82 | $printLastId = $getLastId->fetch_object(); 83 | 84 | return $printLastId->$field; 85 | } 86 | 87 | // Escape parameters 88 | static function escapeParameters($parameters) 89 | { 90 | // Connect Database 91 | $Dbobj = new DBConnection(); 92 | $mysqli = $Dbobj->getDBConnect(); 93 | 94 | if($parameters) 95 | foreach($parameters as $key=>$value) { 96 | $parameters[$key] = mysqli_real_escape_string($mysqli, $parameters[$key]); 97 | } 98 | 99 | return $parameters; 100 | } 101 | 102 | // Check parameters 103 | static function checkRequest($parameters, $expectedParameters) 104 | { 105 | 106 | // Error array 107 | $errors = array(); 108 | 109 | // Check if parameters is an array 110 | if(gettype($parameters["parameters"]) == 'array'){ 111 | 112 | // Check for empty fields 113 | foreach ($expectedParameters as $key => $value) { 114 | if(empty($parameters["parameters"][$value])) { 115 | array_push($errors,"Empty or Incorrect fields were given."); 116 | } 117 | } 118 | 119 | // Check for unkown or unexpected fields 120 | foreach ($parameters["parameters"] as $key => $value) { 121 | if (!in_array($key, $expectedParameters)) { 122 | array_push($errors,"Unexpectec fields given."); 123 | } 124 | } 125 | 126 | // If no errors, continue 127 | if(count($errors) > 0){ 128 | throw new Exception("Empty or Incorrect fields were given, read documentation for more info."); 129 | } 130 | 131 | } else { 132 | throw new Exception("Parameters must be an array."); 133 | } 134 | 135 | } 136 | 137 | // Function to remove 138 | static function remove_accents($string) { 139 | if ( !preg_match('/[\x80-\xff]/', $string) ) 140 | return $string; 141 | 142 | $chars = array( 143 | // Decompositions for Latin-1 Supplement 144 | chr(195).chr(128) => 'A', chr(195).chr(129) => 'A', 145 | chr(195).chr(130) => 'A', chr(195).chr(131) => 'A', 146 | chr(195).chr(132) => 'A', chr(195).chr(133) => 'A', 147 | chr(195).chr(135) => 'C', chr(195).chr(136) => 'E', 148 | chr(195).chr(137) => 'E', chr(195).chr(138) => 'E', 149 | chr(195).chr(139) => 'E', chr(195).chr(140) => 'I', 150 | chr(195).chr(141) => 'I', chr(195).chr(142) => 'I', 151 | chr(195).chr(143) => 'I', chr(195).chr(145) => 'N', 152 | chr(195).chr(146) => 'O', chr(195).chr(147) => 'O', 153 | chr(195).chr(148) => 'O', chr(195).chr(149) => 'O', 154 | chr(195).chr(150) => 'O', chr(195).chr(153) => 'U', 155 | chr(195).chr(154) => 'U', chr(195).chr(155) => 'U', 156 | chr(195).chr(156) => 'U', chr(195).chr(157) => 'Y', 157 | chr(195).chr(159) => 's', chr(195).chr(160) => 'a', 158 | chr(195).chr(161) => 'a', chr(195).chr(162) => 'a', 159 | chr(195).chr(163) => 'a', chr(195).chr(164) => 'a', 160 | chr(195).chr(165) => 'a', chr(195).chr(167) => 'c', 161 | chr(195).chr(168) => 'e', chr(195).chr(169) => 'e', 162 | chr(195).chr(170) => 'e', chr(195).chr(171) => 'e', 163 | chr(195).chr(172) => 'i', chr(195).chr(173) => 'i', 164 | chr(195).chr(174) => 'i', chr(195).chr(175) => 'i', 165 | chr(195).chr(177) => 'n', chr(195).chr(178) => 'o', 166 | chr(195).chr(179) => 'o', chr(195).chr(180) => 'o', 167 | chr(195).chr(181) => 'o', chr(195).chr(182) => 'o', 168 | chr(195).chr(182) => 'o', chr(195).chr(185) => 'u', 169 | chr(195).chr(186) => 'u', chr(195).chr(187) => 'u', 170 | chr(195).chr(188) => 'u', chr(195).chr(189) => 'y', 171 | chr(195).chr(191) => 'y', 172 | // Decompositions for Latin Extended-A 173 | chr(196).chr(128) => 'A', chr(196).chr(129) => 'a', 174 | chr(196).chr(130) => 'A', chr(196).chr(131) => 'a', 175 | chr(196).chr(132) => 'A', chr(196).chr(133) => 'a', 176 | chr(196).chr(134) => 'C', chr(196).chr(135) => 'c', 177 | chr(196).chr(136) => 'C', chr(196).chr(137) => 'c', 178 | chr(196).chr(138) => 'C', chr(196).chr(139) => 'c', 179 | chr(196).chr(140) => 'C', chr(196).chr(141) => 'c', 180 | chr(196).chr(142) => 'D', chr(196).chr(143) => 'd', 181 | chr(196).chr(144) => 'D', chr(196).chr(145) => 'd', 182 | chr(196).chr(146) => 'E', chr(196).chr(147) => 'e', 183 | chr(196).chr(148) => 'E', chr(196).chr(149) => 'e', 184 | chr(196).chr(150) => 'E', chr(196).chr(151) => 'e', 185 | chr(196).chr(152) => 'E', chr(196).chr(153) => 'e', 186 | chr(196).chr(154) => 'E', chr(196).chr(155) => 'e', 187 | chr(196).chr(156) => 'G', chr(196).chr(157) => 'g', 188 | chr(196).chr(158) => 'G', chr(196).chr(159) => 'g', 189 | chr(196).chr(160) => 'G', chr(196).chr(161) => 'g', 190 | chr(196).chr(162) => 'G', chr(196).chr(163) => 'g', 191 | chr(196).chr(164) => 'H', chr(196).chr(165) => 'h', 192 | chr(196).chr(166) => 'H', chr(196).chr(167) => 'h', 193 | chr(196).chr(168) => 'I', chr(196).chr(169) => 'i', 194 | chr(196).chr(170) => 'I', chr(196).chr(171) => 'i', 195 | chr(196).chr(172) => 'I', chr(196).chr(173) => 'i', 196 | chr(196).chr(174) => 'I', chr(196).chr(175) => 'i', 197 | chr(196).chr(176) => 'I', chr(196).chr(177) => 'i', 198 | chr(196).chr(178) => 'IJ',chr(196).chr(179) => 'ij', 199 | chr(196).chr(180) => 'J', chr(196).chr(181) => 'j', 200 | chr(196).chr(182) => 'K', chr(196).chr(183) => 'k', 201 | chr(196).chr(184) => 'k', chr(196).chr(185) => 'L', 202 | chr(196).chr(186) => 'l', chr(196).chr(187) => 'L', 203 | chr(196).chr(188) => 'l', chr(196).chr(189) => 'L', 204 | chr(196).chr(190) => 'l', chr(196).chr(191) => 'L', 205 | chr(197).chr(128) => 'l', chr(197).chr(129) => 'L', 206 | chr(197).chr(130) => 'l', chr(197).chr(131) => 'N', 207 | chr(197).chr(132) => 'n', chr(197).chr(133) => 'N', 208 | chr(197).chr(134) => 'n', chr(197).chr(135) => 'N', 209 | chr(197).chr(136) => 'n', chr(197).chr(137) => 'N', 210 | chr(197).chr(138) => 'n', chr(197).chr(139) => 'N', 211 | chr(197).chr(140) => 'O', chr(197).chr(141) => 'o', 212 | chr(197).chr(142) => 'O', chr(197).chr(143) => 'o', 213 | chr(197).chr(144) => 'O', chr(197).chr(145) => 'o', 214 | chr(197).chr(146) => 'OE',chr(197).chr(147) => 'oe', 215 | chr(197).chr(148) => 'R',chr(197).chr(149) => 'r', 216 | chr(197).chr(150) => 'R',chr(197).chr(151) => 'r', 217 | chr(197).chr(152) => 'R',chr(197).chr(153) => 'r', 218 | chr(197).chr(154) => 'S',chr(197).chr(155) => 's', 219 | chr(197).chr(156) => 'S',chr(197).chr(157) => 's', 220 | chr(197).chr(158) => 'S',chr(197).chr(159) => 's', 221 | chr(197).chr(160) => 'S', chr(197).chr(161) => 's', 222 | chr(197).chr(162) => 'T', chr(197).chr(163) => 't', 223 | chr(197).chr(164) => 'T', chr(197).chr(165) => 't', 224 | chr(197).chr(166) => 'T', chr(197).chr(167) => 't', 225 | chr(197).chr(168) => 'U', chr(197).chr(169) => 'u', 226 | chr(197).chr(170) => 'U', chr(197).chr(171) => 'u', 227 | chr(197).chr(172) => 'U', chr(197).chr(173) => 'u', 228 | chr(197).chr(174) => 'U', chr(197).chr(175) => 'u', 229 | chr(197).chr(176) => 'U', chr(197).chr(177) => 'u', 230 | chr(197).chr(178) => 'U', chr(197).chr(179) => 'u', 231 | chr(197).chr(180) => 'W', chr(197).chr(181) => 'w', 232 | chr(197).chr(182) => 'Y', chr(197).chr(183) => 'y', 233 | chr(197).chr(184) => 'Y', chr(197).chr(185) => 'Z', 234 | chr(197).chr(186) => 'z', chr(197).chr(187) => 'Z', 235 | chr(197).chr(188) => 'z', chr(197).chr(189) => 'Z', 236 | chr(197).chr(190) => 'z', chr(197).chr(191) => 's' 237 | ); 238 | 239 | $string = strtr($string, $chars); 240 | return $string; 241 | } 242 | } -------------------------------------------------------------------------------- /ost_wbs/classes/class.ticket.php: -------------------------------------------------------------------------------- 1 | $result->ticket_id, 9 | 'ticket_pid'=>$result->ticket_pid, 10 | 'number'=>$result->number, 11 | 'user_id'=>$result->user_id, 12 | 'user_email_id'=>$result->user_email_id, 13 | 'status_id'=>$result->status_id, 14 | 'dept_id'=>$result->dept_id, 15 | 'sla_id'=>$result->sla_id, 16 | 'topic_id'=>$result->topic_id, 17 | 'staff_id'=>$result->staff_id, 18 | 'team_id'=>$result->team_id, 19 | 'email_id'=>$result->email_id, 20 | 'lock_id'=>$result->lock_id, 21 | 'flags'=>$result->flags, 22 | 'sort'=>$result->sort, 23 | 'subject'=>utf8_encode($result->subject), 24 | 'title'=>utf8_encode($result->title), 25 | 'body'=>utf8_encode($result->body), 26 | 'ip_address'=>$result->ip_address, 27 | 'source'=>$result->source, 28 | 'source_extra'=>$result->source_extra, 29 | 'isoverdue'=>$result->isoverdue, 30 | 'isanswered'=>$result->isanswered, 31 | 'duedate'=>$result->duedate, 32 | 'est_duedate'=>$result->est_duedate, 33 | 'reopened'=>$result->reopened, 34 | 'closed'=>$result->closed, 35 | 'lastupdate'=>$result->lastupdate, 36 | 'created'=>$result->created, 37 | 'updated'=>$result->updated 38 | ); 39 | } 40 | 41 | public function all($parameters) 42 | { 43 | 44 | // Escape Parameters 45 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 46 | 47 | // Check Request method 48 | $validRequests = array("GET"); 49 | Helper::validRequest($validRequests); 50 | 51 | // Connect Database 52 | $Dbobj = new DBConnection(); 53 | $mysqli = $Dbobj->getDBConnect(); 54 | 55 | switch ($parameters["sort"]) { 56 | // Sorte by Date 57 | case "creationDate": 58 | 59 | // Get Start&End Date 60 | $startDate = $parameters['parameters']['start_date']; 61 | $endDate = $parameters['parameters']['end_date']; 62 | 63 | // Query 64 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id WHERE ".TABLE_PREFIX."ticket.created >= '$startDate' and ".TABLE_PREFIX."ticket.created <= '$endDate'"); 65 | 66 | break; 67 | // Sorte by Last Update Date 68 | case "lastUpdateDate": 69 | 70 | // Get Start&End Date 71 | $startDate = $parameters['parameters']['start_date']; 72 | $endDate = $parameters['parameters']['end_date']; 73 | 74 | // Query 75 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id WHERE ".TABLE_PREFIX."ticket.lastupdate >= '$startDate' and ".TABLE_PREFIX."ticket.lastupdate <= '$endDate'"); 76 | 77 | break; 78 | // Sorte by Status 79 | case "status": 80 | 81 | // Check if ticket status is available 82 | $tStatus = $parameters["parameters"]["status"]; 83 | Helper::checkTicketStatus($tStatus); 84 | 85 | // 0 value does not exist, so it is equal to "all records" 86 | switch ($tStatus) { 87 | case 0: 88 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id"); 89 | break; 90 | default: 91 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id WHERE ".TABLE_PREFIX."ticket.status_id = '$tStatus'"); 92 | break; 93 | } 94 | 95 | break; 96 | // Sort Status by Date 97 | case "statusByDate": 98 | 99 | // Get Start&End Date 100 | $startDate = $parameters['parameters']['start_date']; 101 | $endDate = $parameters['parameters']['end_date']; 102 | 103 | // Check valid ticket status 104 | $tStatus = $parameters["parameters"]["status"]; 105 | Helper::checkTicketStatus($tStatus); 106 | 107 | // Query 108 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id WHERE ".TABLE_PREFIX."ticket.created >= '$startDate' and ".TABLE_PREFIX."ticket.created <= '$endDate' AND ".TABLE_PREFIX."ticket.status_id = '$tStatus'"); 109 | 110 | break; 111 | default: 112 | throw new Exception("Unknown Parameter."); 113 | break; 114 | } 115 | 116 | // Array that stores all results 117 | $result = array(); 118 | $ownTicket = array(); 119 | 120 | // get num rows 121 | $numRows = $getTickets->num_rows; 122 | $countRows = 1; 123 | $sameTicket = false; 124 | 125 | // Fetch data 126 | while($PrintTickets = $getTickets->fetch_object()) 127 | { 128 | // get whatever ticket id it is 129 | if(!$sameTicket) { $sameTicket = $PrintTickets->ticket_id; } 130 | 131 | if($PrintTickets->ticket_id != $sameTicket) { 132 | array_push($result, $ownTicket); 133 | $sameTicket = $PrintTickets->ticket_id; 134 | $ownTicket = array(); 135 | } 136 | 137 | // Compile results 138 | array_push($ownTicket, self::compileResults($PrintTickets)); 139 | 140 | if($countRows == $numRows) 141 | array_push($result, $ownTicket); 142 | 143 | $countRows++; 144 | } 145 | 146 | // Check if there are some results in the array 147 | if(!$result){ 148 | throw new Exception("No items found."); 149 | } 150 | 151 | // build return array 152 | $returnArray = array('total' => $numRows, 'tickets' => $result); 153 | 154 | // Return values 155 | return $returnArray; 156 | } 157 | 158 | public function specific($parameters) 159 | { 160 | 161 | // Escape Parameters 162 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 163 | 164 | // Check Request method 165 | $validRequests = array("GET"); 166 | Helper::validRequest($validRequests); 167 | 168 | // Connect Database 169 | $Dbobj = new DBConnection(); 170 | $mysqli = $Dbobj->getDBConnect(); 171 | $tID = $parameters["parameters"]['id']; 172 | 173 | $getTickets = $mysqli->query("SELECT * FROM ".TABLE_PREFIX."ticket INNER JOIN ".TABLE_PREFIX."ticket__cdata ON ".TABLE_PREFIX."ticket.ticket_id = ".TABLE_PREFIX."ticket__cdata.ticket_id INNER JOIN ".TABLE_PREFIX."thread ON ".TABLE_PREFIX."thread.object_id = ".TABLE_PREFIX."ticket.ticket_id INNER JOIN ".TABLE_PREFIX."thread_entry ON ".TABLE_PREFIX."thread.id = ".TABLE_PREFIX."thread_entry.thread_id WHERE ".TABLE_PREFIX."ticket.ticket_id = '$tID' OR ".TABLE_PREFIX."ticket.number = '$tID'"); 174 | 175 | // Array that stores all results 176 | $result = array(); 177 | $numRows = $getTickets->num_rows; 178 | 179 | // Fetch data 180 | while($PrintTickets = $getTickets->fetch_object()){ array_push($result, self::compileResults($PrintTickets)); } 181 | 182 | // Check if there are some results in the array 183 | if(!$result){ 184 | throw new Exception("No items found."); 185 | } 186 | 187 | // build return array 188 | $returnArray = array('total' => $numRows, 'tickets' => $result); 189 | 190 | // Return values 191 | return $returnArray; 192 | } 193 | 194 | public function add($parameters) 195 | { 196 | // Escape Parameters 197 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 198 | 199 | // Check Permission 200 | Helper::checkPermission(); 201 | 202 | // Check Request method 203 | $validRequests = array("POST", "PUT"); 204 | Helper::validRequest($validRequests); 205 | 206 | // Expected parameters 207 | $expectedParameters = array("title", "subject", "user_id", "priority_id", "status_id", "dept_id", "sla_id", "topic_id"); 208 | 209 | // Check if all paremeters are correct 210 | Helper::checkRequest($parameters, $expectedParameters); 211 | 212 | // Prepare query 213 | 214 | $last_ticket_id = Helper::get_last_id("ticket", "ticket_id"); 215 | $ticket_number = $last_ticket_id+1; 216 | $ticker_number = "API".$ticket_number; 217 | 218 | // table - 'ticket' 219 | $ticket = 'insert into '.TABLE_PREFIX.'ticket ('; 220 | $ticket .= 'number,'; 221 | $ticket .= 'user_id,'; 222 | $ticket .= 'status_id,'; 223 | $ticket .= 'dept_id,'; 224 | $ticket .= 'sla_id,'; 225 | $ticket .= 'topic_id,'; 226 | $ticket .= 'source,'; 227 | $ticket .= 'isoverdue,'; 228 | $ticket .= 'isanswered,'; 229 | $ticket .= 'lastupdate,'; 230 | $ticket .= 'created,'; 231 | $ticket .= 'updated) VALUES ('; 232 | $ticket .= '"'.$ticker_number.'",'; 233 | $ticket .= ''.$parameters["parameters"]["user_id"].','; 234 | $ticket .= ''.$parameters["parameters"]["status_id"].','; 235 | $ticket .= ''.$parameters["parameters"]["dept_id"].','; 236 | $ticket .= ''.$parameters["parameters"]["sla_id"].','; 237 | $ticket .= ''.$parameters["parameters"]["topic_id"].','; 238 | $ticket .= '"API",'; 239 | $ticket .= '0,'; 240 | $ticket .= '0,'; 241 | $ticket .= 'now(),'; 242 | $ticket .= 'now(),'; 243 | $ticket .= 'now())'; 244 | 245 | // Send query to be executed 246 | $this->execQuery($ticket); 247 | 248 | // Get inserted ticket ID 249 | $last_ticket_id = Helper::get_last_id("ticket", "ticket_id"); 250 | 251 | // table - 'ticket__cdata' 252 | $ticket__cdata = 'insert into '.TABLE_PREFIX.'ticket__cdata ('; 253 | $ticket__cdata .= 'ticket_id,'; 254 | $ticket__cdata .= 'subject,'; 255 | $ticket__cdata .= 'priority) VALUES ('; 256 | $ticket__cdata .= ''.$last_ticket_id.','; 257 | $ticket__cdata .= '"'.utf8_decode($parameters["parameters"]["subject"]).'",'; 258 | $ticket__cdata .= ''.$parameters["parameters"]["priority_id"].')'; 259 | 260 | // Send query to be executed 261 | $this->execQuery($ticket__cdata); 262 | 263 | // table - 'thread' 264 | $thread = 'insert into '.TABLE_PREFIX.'thread ('; 265 | $thread .= 'object_id,'; 266 | $thread .= 'object_type,'; 267 | $thread .= 'created) VALUES ('; 268 | $thread .= ''.$last_ticket_id.','; 269 | $thread .= '"T",'; 270 | $thread .= 'now())'; 271 | 272 | // Send query to be executed 273 | $this->execQuery($thread); 274 | 275 | // Get inserted thread ID 276 | $last_thread_id = Helper::get_last_id("thread", "id"); 277 | 278 | // table - 'thread_entry' 279 | $thread_entry = 'insert into '.TABLE_PREFIX.'thread_entry ('; 280 | $thread_entry .= 'format,'; 281 | $thread_entry .= 'ip_address,'; 282 | $thread_entry .= 'pid,'; 283 | $thread_entry .= 'thread_id,'; 284 | $thread_entry .= 'staff_id,'; 285 | $thread_entry .= 'user_id,'; 286 | $thread_entry .= 'type,'; 287 | $thread_entry .= 'poster,'; 288 | $thread_entry .= 'flags,'; 289 | $thread_entry .= 'source,'; 290 | $thread_entry .= 'title,'; 291 | $thread_entry .= 'body,'; 292 | $thread_entry .= 'created,'; 293 | $thread_entry .= 'updated) VALUES ('; 294 | $thread_entry .= '"html",'; 295 | $thread_entry .= '0,'; 296 | $thread_entry .= '0,'; 297 | $thread_entry .= ''.$last_thread_id.','; 298 | $thread_entry .= '0,'; 299 | $thread_entry .= ''.$parameters["parameters"]["user_id"].','; 300 | $thread_entry .= '"M",'; 301 | $thread_entry .= '"osTicket Support",'; 302 | $thread_entry .= '65,'; 303 | $thread_entry .= '"API",'; 304 | $thread_entry .= '"'.utf8_decode($parameters["parameters"]["title"]).'",'; 305 | $thread_entry .= '"'.utf8_decode($parameters["parameters"]["subject"]).'
",'; 306 | $thread_entry .= 'now(),'; 307 | $thread_entry .= 'now())'; 308 | 309 | // Send query to be executed 310 | return $this->execQuery($thread_entry); 311 | } 312 | 313 | public function reply($parameters) 314 | { 315 | // Escape Parameters 316 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 317 | 318 | // Check Permission 319 | Helper::checkPermission(); 320 | 321 | // Check Request method 322 | $validRequests = array("POST", "PUT"); 323 | Helper::validRequest($validRequests); 324 | 325 | // Expected parameters 326 | $expectedParameters = array("ticket_id", "body", "staff_id"); 327 | 328 | // Check if all paremeters are correct 329 | Helper::checkRequest($parameters, $expectedParameters); 330 | 331 | // Check if ticket exists 332 | if($this->checkExists('ticket_id', $parameters["parameters"]['ticket_id'], "ticket") == 0) { throw new Exception("Ticket does not exist."); } 333 | // Check if staff exists 334 | if($this->checkExists('staff_id', $parameters["parameters"]['staff_id'], "staff") == 0) { throw new Exception("Staff does not exist."); } 335 | 336 | // Connect Database 337 | $Dbobj = new DBConnection(); 338 | $mysqli = $Dbobj->getDBConnect(); 339 | 340 | // Prepare query 341 | 342 | // Get thread ID from Ticket ID 343 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."thread WHERE object_id = ?"); 344 | $stmt->bind_param('s', $parameters["parameters"]['ticket_id']); 345 | $stmt->execute(); 346 | 347 | $result = $stmt->get_result(); 348 | $row = $result->fetch_object(); 349 | 350 | $thread_id = $row->id; 351 | 352 | // Add rows with thread ID 353 | $thread = 'insert into '.TABLE_PREFIX.'thread_entry ('; 354 | $thread .= 'thread_id,'; 355 | $thread .= 'staff_id,'; 356 | $thread .= 'body,'; 357 | $thread .= 'source,'; 358 | $thread .= 'type,'; 359 | $thread .= 'created,'; 360 | $thread .= 'updated) VALUES ('; 361 | $thread .= ''.$thread_id.','; 362 | $thread .= ''.$parameters["parameters"]["staff_id"].','; 363 | $thread .= '"'.utf8_decode($parameters["parameters"]["body"]).'
",'; 364 | $thread .= '"API",'; 365 | $thread .= '"R",'; 366 | $thread .= 'now(),'; 367 | $thread .= 'now())'; 368 | 369 | // Send query to be executed 370 | $this->execQuery($thread); 371 | 372 | // Update last response in thread_id 373 | $threadUpdate = 'update '.TABLE_PREFIX.'thread SET '; 374 | $threadUpdate .= 'lastresponse = now(), '; 375 | $threadUpdate .= 'lastmessage = now() WHERE '; 376 | $threadUpdate .= 'id = '.$thread_id.''; 377 | 378 | // Send query to be executed 379 | return $this->execQuery($threadUpdate);; 380 | } 381 | 382 | public function close($parameters) 383 | { 384 | 385 | // Escape Parameters 386 | $parameters['parameters'] = Helper::escapeParameters($parameters["parameters"]); 387 | 388 | // Check Permission 389 | Helper::checkPermission(); 390 | 391 | // Check Request method 392 | $validRequests = array("POST", "PUT"); 393 | Helper::validRequest($validRequests); 394 | 395 | // Expected parameters 396 | $expectedParameters = array("ticket_id", "body", "staff_id","status_id", "team_id", "dept_id", "topic_id", "username"); 397 | 398 | // Check if all paremeters are correct 399 | Helper::checkRequest($parameters, $expectedParameters); 400 | 401 | // Connect Database 402 | $Dbobj = new DBConnection(); 403 | $mysqli = $Dbobj->getDBConnect(); 404 | 405 | // Prepare date to send to reply function 406 | $sendParam["parameters"]["ticket_id"] = $parameters["parameters"]['ticket_id']; 407 | $sendParam["parameters"]["body"] = $parameters["parameters"]['body']; 408 | $sendParam["parameters"]["staff_id"] = $parameters["parameters"]['staff_id']; 409 | 410 | // Set Reply 411 | self::reply($sendParam); 412 | 413 | // Get thread ID from Ticket ID 414 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."thread WHERE object_id = ?"); 415 | $stmt->bind_param('s', $parameters["parameters"]['ticket_id']); 416 | $stmt->execute(); 417 | 418 | $result = $stmt->get_result(); 419 | $row = $result->fetch_object(); 420 | $thread_id = $row->id; 421 | 422 | // Update ticket status 423 | $ticketStatusUpdate = 'update '.TABLE_PREFIX.'ticket SET '; 424 | $ticketStatusUpdate .= 'status_id = '.$parameters["parameters"]["status_id"].', '; 425 | $ticketStatusUpdate .= 'updated = now() WHERE '; 426 | $ticketStatusUpdate .= 'ticket_id = '.$parameters["parameters"]["ticket_id"].''; 427 | 428 | // Insert into event thread 429 | $threadEvent = 'insert into '.TABLE_PREFIX.'thread_event ('; 430 | $threadEvent .= 'thread_id,'; 431 | $threadEvent .= 'thread_type,'; 432 | $threadEvent .= 'event_id,'; 433 | $threadEvent .= 'staff_id,'; 434 | $threadEvent .= 'team_id,'; 435 | $threadEvent .= 'dept_id,'; 436 | $threadEvent .= 'topic_id,'; 437 | $threadEvent .= 'username,'; 438 | $threadEvent .= 'timestamp) VALUES ('; 439 | $threadEvent .= ''.$thread_id.','; 440 | $threadEvent .= '"T",'; 441 | $threadEvent .= '2,'; 442 | $threadEvent .= ''.$parameters["parameters"]["staff_id"].','; 443 | $threadEvent .= ''.$parameters["parameters"]["team_id"].','; 444 | $threadEvent .= ''.$parameters["parameters"]["dept_id"].','; 445 | $threadEvent .= ''.$parameters["parameters"]["topic_id"].','; 446 | $threadEvent .= '"'.$parameters["parameters"]["username"].'",'; 447 | $threadEvent .= 'now())'; 448 | 449 | // Send query to be executed 450 | $this->execQuery($threadEvent); 451 | 452 | // Send query to be executed 453 | return $this->execQuery($ticketStatusUpdate);; 454 | } 455 | 456 | private function execQuery($string) 457 | { 458 | // Connect Database 459 | $Dbobj = new DBConnection(); 460 | $mysqli = $Dbobj->getDBConnect(); 461 | 462 | // Run query 463 | $insertRecord = $mysqli->query($string); 464 | 465 | if($insertRecord){ 466 | 467 | // Get inserted ticket ID 468 | $last_ticket_id = Helper::get_last_id("ticket", "ticket_id"); 469 | return $last_ticket_id; 470 | 471 | } else { 472 | throw new Exception("Something went wrong."); 473 | } 474 | } 475 | 476 | private function checkExists($field, $value, $table) 477 | { 478 | // Connect Database 479 | $Dbobj = new DBConnection(); 480 | $mysqli = $Dbobj->getDBConnect(); 481 | 482 | // Check if already exists 483 | $stmt = $mysqli->prepare("SELECT * FROM ".TABLE_PREFIX."".$table." WHERE ".$field." = ?"); 484 | $stmt->bind_param('s', $value); 485 | $stmt->execute(); 486 | 487 | $result = $stmt->get_result(); 488 | $numRows = $result->num_rows; 489 | 490 | return $numRows; 491 | } 492 | 493 | } 494 | ?> 495 | --------------------------------------------------------------------------------