maketank/Froxlor
2
0
Fork 0
Code Pull Requests Releases Activity

Migrated customer_mysql, customer_tickets, customer_traffic to new database class

Browse Source
This commit is contained in:
BNoiZe
2013-10-31 17:35:57 +01:00
parent 256a714d55
commit b4a2124d1b
3 changed files with 280 additions and 252 deletions
Download Patch File Download Diff File Expand all files Collapse all files

195
customer_mysql.php
View File

@@ -44,8 +44,13 @@ if ($page == 'overview') {
'description' => $lng['mysql']['databasedescription']
);
$paging = new paging($userinfo, $db, TABLE_PANEL_DATABASES, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$result = $db->query("SELECT * FROM `" . TABLE_PANEL_DATABASES . "` WHERE `customerid`='" . (int)$userinfo['customerid'] . "' " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
$paging->setEntries($db->num_rows($result));
$result_stmt = Database::prepare("SELECT * FROM `" . TABLE_PANEL_DATABASES . "`
WHERE `customerid`= :customerid " . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$mysqls_count = Database::num_rows();
$paging->setEntries($mysqls_count);
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
@@ -55,59 +60,81 @@ if ($page == 'overview') {
$mysqls = '';
// Begin root-session
$db_root = new db($sql_root[0]['host'], $sql_root[0]['user'], $sql_root[0]['password'], '');
while ($row = $db->fetch_array($result)) {
Database::needRoot(true);
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
if ($paging->checkDisplay($i)) {
$row = htmlentities_array($row);
$mbdata = $db_root->query_first("SELECT SUM( data_length + index_length) / 1024 / 1024 'MB' FROM information_schema.TABLES WHERE table_schema = '" . $db_root->escape($row['databasename']) . "' GROUP BY table_schema ;");
$mbdata_stmt = Database::prepare("SELECT SUM( data_length + index_length) / 1024 / 1024 'MB' FROM information_schema.TABLES
WHERE table_schema = :table_schema
GROUP BY table_schema"
);
Database::pexecute($mbdata_stmt, array("table_schema" => $row['databasename']));
$mbdata = $mbdata_stmt->fetch(PDO::FETCH_ASSOC);
$row['size'] = number_format($mbdata['MB'], 3, '.', '');
eval("\$mysqls.=\"" . getTemplate('mysql/mysqls_database') . "\";");
$count++;
}
$i++;
}
$db_root->close();
Database::needRoot(false);
// End root-session
$mysqls_count = $db->num_rows($result);
eval("echo \"" . getTemplate('mysql/mysqls') . "\";");
} elseif($action == 'delete' && $id != 0) {
$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
if (isset($result['databasename'])
&& $result['databasename'] != ''
) {
$result_stmt = Database::prepare('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '`
WHERE `customerid`="' . (int)$userinfo['customerid'] . '"
AND `id`="' . (int)$id . '"'
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['databasename']) && $result['databasename'] != '') {
if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
$result['dbserver'] = 0;
}
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// Begin root-session
$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
Database::needRoot(true);
$log->logAction(USR_ACTION, LOG_INFO, "deleted database '" . $result['databasename'] . "'");
if (mysql_get_server_info() < '5.0.2') {
if (Database::getAttribute(PDO::ATTR_SERVER_VERSION) < '5.0.2') {
// Revoke privileges (only required for MySQL 4.1.2 - 5.0.1)
$db_root->query('REVOKE ALL PRIVILEGES, GRANT OPTION FROM \'' . $db_root->escape($result['databasename']) .'\'',false,true);
$stmt = Database::prepare("REVOKE ALL PRIVILEGES, GRANT OPTION FROM :databasename");
Database::pexecute($stmt, array("databasename" => $result['databasename']));
}
$host_res = $db_root->query("SELECT `Host` FROM `mysql`.`user` WHERE `User`='" . $db_root->escape($result['databasename']) . "'");
while ($host = $db_root->fetch_array($host_res)) {
$host_res_stmt = Database::prepare("SELECT `Host` FROM `mysql`.`user`
WHERE `User`= :databasename"
);
Database::pexecute($host_res_stmt, array("databasename" => $result['databasename']));
while ($host = $host_res_stmt->fetch(PDO::FETCH_ASSOC)) {
// as of MySQL 5.0.2 this also revokes privileges. (requires MySQL 4.1.2+)
$db_root->query('DROP USER \'' . $db_root->escape($result['databasename']). '\'@\'' . $db_root->escape($host['Host']) . '\'', false, true);
$stmt = Database::prepare("DROP USER :databasename@:host");
Database::pexecute($stmt, array("databasename" => $result['databasename'], "host" => $host['Host']));
}
$db_root->query('DROP DATABASE IF EXISTS `' . $db_root->escape($result['databasename']) . '`');
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
$stmt = Database::prepare("DROP DATABASE IF EXISTS `" . $result['databasename'] . "`");
Database::pexecute($stmt);
$stmt = Database::prepare("FLUSH PRIVILEGES");
Database::pexecute($stmt);
Database::needRoot(false);
// End root-session
$db->query('DELETE FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
$stmt = Database::prepare("DELETE FROM `" . TABLE_PANEL_DATABASES . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$resetaccnumber = ($userinfo['mysqls_used'] == '1') ? " , `mysql_lastaccountnumber`='0' " : '';
$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`-1 ' . $resetaccnumber . 'WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
$resetaccnumber = ($userinfo['mysqls_used'] == '1') ? " , `mysql_lastaccountnumber` = '0' " : '';
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_CUSTOMERS . "`
SET `mysqls_used` = `mysqls_used` - 1 " . $resetaccnumber . "
WHERE `customerid` = :customerid"
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
redirectTo($filename, Array('page' => $page, 's' => $s));
} else {
$dbnamedesc = $result['databasename'];
@@ -118,12 +145,8 @@ if ($page == 'overview') {
}
}
} elseif ($action == 'add') {
if ($userinfo['mysqls_used'] < $userinfo['mysqls']
|| $userinfo['mysqls'] == '-1'
) {
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
if ($userinfo['mysqls_used'] < $userinfo['mysqls'] || $userinfo['mysqls'] == '-1') {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
$password = validate($_POST['mysql_password'], 'password');
$password = validatePassword($password);
@@ -147,11 +170,11 @@ if ($page == 'overview') {
$databasedescription = validate(trim($_POST['description']), 'description');
// Begin root-session
$db_root = new db($sql_root[$dbserver]['host'], $sql_root[$dbserver]['user'], $sql_root[$dbserver]['password'], '');
Database::needRoot(true);
if (strtoupper($settings['customer']['mysqlprefix']) == 'RANDOM') {
$result = $db_root->query('SELECT `User` FROM mysql.user');
while ($row = $db_root->fetch_array($result)) {
$result_stmt = Database::prepare('SELECT `User` FROM mysql.user');
Database::pexecute($result_stmt);
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$allsqlusers[] = $row[User];
}
$username = $userinfo['loginname'] . '-' . substr(md5(uniqid(microtime(), 1)), 20, 3);
@@ -161,22 +184,44 @@ if ($page == 'overview') {
} else {
$username = $userinfo['loginname'] . $settings['customer']['mysqlprefix'] . (intval($userinfo['mysql_lastaccountnumber']) + 1);
}
$db_root->query('CREATE DATABASE `' . $db_root->escape($username) . '`');
$stmt = Database::prepare("CREATE DATABASE `" . $username . "`");
Database::pexecute($stmt);
$log->logAction(USR_ACTION, LOG_INFO, "created database '" . $username . "'");
foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
$db_root->query('GRANT ALL PRIVILEGES ON `' . str_replace('_', '\_', $db_root->escape($username)) . '`.* TO `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` IDENTIFIED BY \'password\'');
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($username) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
$stmt = Database::prepare("GRANT ALL PRIVILEGES ON `" . $username . "`.*
TO :username@:host
IDENTIFIED BY 'password'"
);
Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host));
$stmt = Database::prepare("SET PASSWORD FOR :username@:host = PASSWORD(:password)");
Database::pexecute($stmt, array("username" => $username, "host" => $mysql_access_host, "password" => $password));
$log->logAction(USR_ACTION, LOG_NOTICE, "grant all privileges for '" . $username . "'@'" . $mysql_access_host . "'");
}
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
$stmt = Database::prepare("FLUSH PRIVILEGES");
Database::pexecute($stmt);
Database::needRoot(false);
// End root-session
// Statement modified for Database description -- PH 2004-11-29
$result = $db->query('INSERT INTO `' . TABLE_PANEL_DATABASES . '` (`customerid`, `databasename`, `description`, `dbserver`) VALUES ("' . (int)$userinfo['customerid'] . '", "' . $db->escape($username) . '", "' . $db->escape($databasedescription) . '", "' . $db->escape($dbserver) . '")');
$result = $db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '` SET `mysqls_used`=`mysqls_used`+1, `mysql_lastaccountnumber`=`mysql_lastaccountnumber`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
$stmt = Database::prepare('INSERT INTO `' . TABLE_PANEL_DATABASES . '`
(`customerid`, `databasename`, `description`, `dbserver`)
VALUES (:customerid, :databasename, :description, :dbserver)'
);
$params = array(
"customerid" => $userinfo['customerid'],
"username" => $username,
"description" => $databasedescription,
"dbserver" => $dbserver
);
Database::pexecute($stmt, $params);
$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
SET `mysqls_used` = `mysqls_used` + 1, `mysql_lastaccountnumber` = `mysql_lastaccountnumber` + 1
WHERE `customerid` = :customerid'
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
if ($sendinfomail == 1) {
$pma = $lng['admin']['notgiven'];
@@ -195,9 +240,24 @@ if ($page == 'overview') {
);
$def_language = $userinfo['def_language'];
$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_subject\'');
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid` = :adminid
AND `language` = :lang
AND `templategroup`='mails'
AND `varname`='new_database_by_customer_subject'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_subject = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_subject']), $replace_arr));
$result = $db->query_first('SELECT `value` FROM `' . TABLE_PANEL_TEMPLATES . '` WHERE `adminid`=\'' . (int)$userinfo['adminid'] . '\' AND `language`=\'' . $db->escape($def_language) . '\' AND `templategroup`=\'mails\' AND `varname`=\'new_database_by_customer_mailbody\'');
$result_stmt = Database::prepare("SELECT `value` FROM `" . TABLE_PANEL_TEMPLATES . "`
WHERE `adminid`= :adminid
AND `language`= :lang
AND `templategroup` = 'mails'
AND `varname` = 'new_database_by_customer_mailbody'"
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid'], "lang" => $def_language));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
$mail_body = html_entity_decode(replace_variables((($result['value'] != '') ? $result['value'] : $lng['customer']['mysql_add']['infomail_body']['main']), $replace_arr));
$_mailerror = false;
@@ -244,18 +304,19 @@ if ($page == 'overview') {
}
}
} elseif ($action == 'edit' && $id != 0) {
$result = $db->query_first('SELECT `id`, `databasename`, `description`, `dbserver` FROM `' . TABLE_PANEL_DATABASES . '` WHERE `customerid`="' . $userinfo['customerid'] . '" AND `id`="' . $id . '"');
$result_stmt = Database::prepare("SELECT `id`, `databasename`, `description`, `dbserver` FROM `" . TABLE_PANEL_DATABASES . "`
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid'], "id" => $id));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if (isset($result['databasename'])
&& $result['databasename'] != ''
) {
if (isset($result['databasename']) && $result['databasename'] != '') {
if (!isset($sql_root[$result['dbserver']]) || !is_array($sql_root[$result['dbserver']])) {
$result['dbserver'] = 0;
}
if (isset($_POST['send'])
&& $_POST['send'] == 'send'
) {
if (isset($_POST['send']) && $_POST['send'] == 'send') {
// Only change Password if it is set, do nothing if it is empty! -- PH 2004-11-29
$password = validate($_POST['mysql_password'], 'password');
if ($password != '') {
@@ -263,20 +324,32 @@ if ($page == 'overview') {
$password = validatePassword($password);
// Begin root-session
$db_root = new db($sql_root[$result['dbserver']]['host'], $sql_root[$result['dbserver']]['user'], $sql_root[$result['dbserver']]['password'], '');
Database::needRoot(true);
foreach (array_map('trim', explode(',', $settings['system']['mysql_access_host'])) as $mysql_access_host) {
$db_root->query('SET PASSWORD FOR `' . $db_root->escape($result['databasename']) . '`@`' . $db_root->escape($mysql_access_host) . '` = PASSWORD(\'' . $db_root->escape($password) . '\')');
$stmt = Database::prepare("SET PASSWORD FOR :dbname@:host = PASSWORD(:password)");
$params = array(
"dbname" => $result['databasename'],
"host" => $mysql_access_host,
"password" => $password
);
Database::pexecute($stmt, $params);
}
$db_root->query('FLUSH PRIVILEGES');
$db_root->close();
$stmt = Database::prepare("FLUSH PRIVILEGES");
Database::pexecute($stmt);
Database::needRoot(false);
// End root-session
}
// Update the Database description -- PH 2004-11-29
$log->logAction(USR_ACTION, LOG_INFO, "edited database '" . $result['databasename'] . "'");
$databasedescription = validate($_POST['description'], 'description');
$result = $db->query('UPDATE `' . TABLE_PANEL_DATABASES . '` SET `description`="' . $db->escape($databasedescription) . '" WHERE `customerid`="' . (int)$userinfo['customerid'] . '" AND `id`="' . (int)$id . '"');
$stmt = Database::prepare("UPDATE `" . TABLE_PANEL_DATABASES . "`
SET `description` = :desc
WHERE `customerid` = :customerid
AND `id` = :id"
);
Database::pexecute($stmt, array("desc" => $databasedescription, "customerid" => $userinfo['customerid'], "id" => $id));
redirectTo($filename, Array('page' => $page, 's' => $s));
} else {
$mysql_edit_data = include_once dirname(__FILE__).'/lib/formfields/customer/mysql/formfield.mysql_edit.php';

284
customer_tickets.php
View File

@@ -25,35 +25,28 @@ define('AREA', 'customer');
require ("./lib/init.php");
if(isset($_POST['id']))
{
if(isset($_POST['id'])) {
$id = intval($_POST['id']);
/*
* Check if the current user is allowed to see the current ticket.
*/
$sql = "SELECT `id` FROM `panel_tickets` WHERE `id` = '".$id."' AND `customerid` = '".$userinfo['customerid']."'";
$result = $db->query_first($sql);
$stmt = Database::prepare("SELECT `id` FROM `panel_tickets` WHERE `id` = :id AND `customerid` = :customerid");
Database::pexecute($stmt, array("id" => $id, "customerid" => $userinfo['customerid']));
$result = $stmt->fetch(PDO::FETCH_ASSOC);
if ($result == null) {
// no rights to see the requested ticket
standard_error(array('ticketnotaccessible'));
}
}
elseif(isset($_GET['id']))
{
} elseif(isset($_GET['id'])) {
$id = intval($_GET['id']);
}
if($page == 'overview')
{
if($page == 'overview') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets");
eval("echo \"" . getTemplate("tickets/ticket") . "\";");
}
elseif($page == 'tickets')
{
if($action == '')
{
} elseif($page == 'tickets') {
if($action == '') {
$log->logAction(USR_ACTION, LOG_NOTICE, "viewed customer_tickets::tickets");
$fields = array(
'status' => $lng['ticket']['status'],
@@ -66,8 +59,16 @@ elseif($page == 'tickets')
$paging = new paging($userinfo, $db, TABLE_PANEL_TICKETS, $fields, $settings['panel']['paging'], $settings['panel']['natsorting']);
$paging->sortfield = 'lastchange';
$paging->sortorder = 'desc';
$result = $db->query('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub` WHERE `sub`.`answerto` = `main`.`id`) as `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority` FROM `' . TABLE_PANEL_TICKETS . '` as `main` WHERE `main`.`answerto` = "0" AND `archived` = "0" AND `customerid`="' . (int)$userinfo['customerid'] . '" ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit());
$paging->setEntries($db->num_rows($result));
$stmt = Database::prepare('SELECT `main`.`id`, (SELECT COUNT(`sub`.`id`) FROM `' . TABLE_PANEL_TICKETS . '` `sub`
WHERE `sub`.`answerto` = `main`.`id`) AS `ticket_answers`, `main`.`lastchange`, `main`.`subject`, `main`.`status`, `main`.`lastreplier`, `main`.`priority`
FROM `' . TABLE_PANEL_TICKETS . '` as `main`
WHERE `main`.`answerto` = "0"
AND `archived` = "0"
AND `customerid`= :customerid ' . $paging->getSqlWhere(true) . " " . $paging->getSqlOrderBy() . " " . $paging->getSqlLimit()
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
$paging->setEntries(Database::num_rows());
$sortcode = $paging->getHtmlSortCode($lng);
$arrowcode = $paging->getHtmlArrowCode($filename . '?page=' . $page . '&s=' . $s);
$searchcode = $paging->getHtmlSearchCode($lng);
@@ -77,41 +78,31 @@ elseif($page == 'tickets')
$tickets = '';
$tickets_count = 0;
while($row = $db->fetch_array($result))
{
if($paging->checkDisplay($i))
{
while($row = $stmt->fetch(PDO::FETCH_ASSOC)) {
if($paging->checkDisplay($i)) {
$tickets_count++;
$row = htmlentities_array($row);
$row['lastchange'] = date("d.m.y H:i", $row['lastchange']);
if($row['status'] >= 0
&& $row['status'] <= 2)
{
if($row['status'] >= 0 && $row['status'] <= 2) {
$reopen = 0;
}
else
{
} else {
$reopen = 1;
}
$row['status'] = ticket::getStatusText($lng, $row['status']);
$row['priority'] = ticket::getPriorityText($lng, $row['priority']);
if($row['lastreplier'] == '1')
{
if($row['lastreplier'] == '1') {
$row['lastreplier'] = $lng['ticket']['staff'];
$cananswer = 1;
}
else
{
} else {
$row['lastreplier'] = $lng['ticket']['customer'];
$cananswer = 0;
}
$row['subject'] = html_entity_decode($row['subject']);
if(strlen($row['subject']) > 20)
{
if(strlen($row['subject']) > 20) {
$row['subject'] = substr($row['subject'], 0, 17) . '...';
}
@@ -128,56 +119,42 @@ elseif($page == 'tickets')
$start = substr($settings['ticket']['worktime_begin'], 0, 2) . substr($settings['ticket']['worktime_begin'], 3, 2);
$end = substr($settings['ticket']['worktime_end'], 0, 2) . substr($settings['ticket']['worktime_end'], 3, 2);
if($time >= $start
&& $time <= $end)
{
if($time >= $start && $time <= $end) {
$supportavailable = 1;
}
if($settings['ticket']['worktime_sat'] == "0"
&& $day == "6")
{
if($settings['ticket']['worktime_sat'] == "0" && $day == "6") {
$supportavailable = 0;
}
if($settings['ticket']['worktime_sun'] == "0"
&& $day == "0")
{
if($settings['ticket']['worktime_sun'] == "0" && $day == "0") {
$supportavailable = 0;
}
if($settings['ticket']['worktime_all'] == "1")
{
if($settings['ticket']['worktime_all'] == "1") {
$supportavailable = 1;
}
$ticketsopen = 0;
$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = "' . $userinfo['customerid'] . '"
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
$stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = :customerid
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $stmt->fetch(PDO::FETCH_ASSOC);
if($settings['ticket']['concurrently_open'] != - 1
&& $settings['ticket']['concurrently_open'] != '')
{
if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
}
else
{
} else {
$notmorethanxopentickets = '';
}
$ticketsopen = (int)$opentickets['count'];
eval("echo \"" . getTemplate("tickets/tickets") . "\";");
}
elseif($action == 'new')
{
if($userinfo['tickets_used'] < $userinfo['tickets']
|| $userinfo['tickets'] == '-1')
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif($action == 'new') {
if($userinfo['tickets_used'] < $userinfo['tickets'] || $userinfo['tickets'] == '-1') {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$newticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
$newticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$newticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
@@ -186,16 +163,11 @@ elseif($page == 'tickets')
$newticket->Set('admin', (int)$userinfo['adminid'], true, false);
$newticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
if($newticket->Get('subject') == null)
{
if($newticket->Get('subject') == null) {
standard_error(array('stringisempty', 'mysubject'));
}
elseif($newticket->Get('message') == null)
{
} elseif($newticket->Get('message') == null) {
standard_error(array('stringisempty', 'mymessage'));
}
else
{
} else {
$now = time();
$newticket->Set('dt', $now, true, true);
$newticket->Set('lastchange', $now, true, true);
@@ -205,8 +177,12 @@ elseif($page == 'tickets')
$newticket->Set('by', '0', true, true);
$newticket->Insert();
$log->logAction(USR_ACTION, LOG_NOTICE, "opened support-ticket '" . $newticket->Get('subject') . "'");
$db->query('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
SET `tickets_used`=`tickets_used`+1 WHERE `customerid`="' . (int)$userinfo['customerid'] . '"');
$stmt = Database::prepare('UPDATE `' . TABLE_PANEL_CUSTOMERS . '`
SET `tickets_used`=`tickets_used` + 1
WHERE `customerid`= :customerid'
);
Database::pexecute($stmt, array("customerid" => $userinfo['customerid']));
// Customer mail
@@ -217,24 +193,26 @@ elseif($page == 'tickets')
$newticket->sendMail(-1, 'new_ticket_by_customer_subject', $lng['mails']['new_ticket_by_customer']['subject'], 'new_ticket_by_customer_mailbody', $lng['mails']['new_ticket_by_customer']['mailbody']);
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
} else {
$categories = '';
$result = $db->query_first('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
$result_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `adminid` = :adminid
ORDER BY `logicalorder`, `name` ASC'
);
Database::pexecute($result_stmt, array("adminid" => $userinfo['adminid']));
$result = $result_stmt->fetch(PDO::FETCH_ASSOC);
if(isset($result['name']) && $result['name'] != '') {
$result2_stmt = Database::prepare('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `adminid` = :adminid
ORDER BY `logicalorder`, `name` ASC'
);
Database::pexecute($result2_stmt, array("adminid" => $userinfo['adminid']));
if(isset($result['name'])
&& $result['name'] != '')
{
$result2 = $db->query('SELECT `id`, `name` FROM `' . TABLE_PANEL_TICKET_CATS . '` WHERE `adminid` = "' . $userinfo['adminid'] . '" ORDER BY `logicalorder`, `name` ASC');
while($row = $db->fetch_array($result2))
{
while($row = $result2_stmt->fetch(PDO::FETCH_ASSOC)) {
$categories.= makeoption($row['name'], $row['id']);
}
}
else
{
} else {
$categories = makeoption($lng['ticket']['no_cat'], '0');
}
@@ -242,18 +220,17 @@ elseif($page == 'tickets')
$priorities.= makeoption($lng['ticket']['normal'], '2', $settings['ticket']['default_priority']);
$priorities.= makeoption($lng['ticket']['low'], '3', $settings['ticket']['default_priority']);
$ticketsopen = 0;
$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = "' . $userinfo['customerid'] . '"
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = :customerid
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
if($settings['ticket']['concurrently_open'] != - 1
&& $settings['ticket']['concurrently_open'] != '')
{
if($settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
$notmorethanxopentickets = strtr($lng['ticket']['notmorethanxopentickets'], array('%s' => $settings['ticket']['concurrently_open']));
}
else
{
} else {
$notmorethanxopentickets = '';
}
@@ -267,29 +244,19 @@ elseif($page == 'tickets')
eval("echo \"" . getTemplate("tickets/tickets_new") . "\";");
}
}
else
{
} else {
standard_error('nomoreticketsavailable');
}
}
elseif($action == 'answer'
&& $id != 0)
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif($action == 'answer' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$replyticket = ticket::getInstanceOf($userinfo, $db, $settings, -1);
$replyticket->Set('subject', validate($_POST['subject'], 'subject'), true, false);
$replyticket->Set('priority', validate($_POST['priority'], 'priority'), true, false);
$replyticket->Set('message', validate(str_replace("\r\n", "\n", $_POST['message']), 'message', '/^[^\0]*$/'), true, false);
if($replyticket->Get('message') == null)
{
if($replyticket->Get('message') == null) {
standard_error(array('stringisempty', 'mymessage'));
}
else
{
} else {
$now = time();
$replyticket->Set('customerid', (int)$userinfo['customerid'], true, true);
$replyticket->Set('lastchange', $now, true, true);
@@ -303,8 +270,7 @@ elseif($page == 'tickets')
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
if($replyticket->Get('priority') != $mainticket->Get('priority'))
{
if($replyticket->Get('priority') != $mainticket->Get('priority')) {
$mainticket->Set('priority', $replyticket->Get('priority'), true);
}
@@ -316,35 +282,28 @@ elseif($page == 'tickets')
$mainticket->sendMail(-1, 'new_reply_ticket_by_customer_subject', $lng['mails']['new_reply_ticket_by_customer']['subject'], 'new_reply_ticket_by_customer_mailbody', $lng['mails']['new_reply_ticket_by_customer']['mailbody']);
redirectTo($filename, Array('page' => $page, 's' => $s));
}
}
else
{
} else {
$ticket_replies = '';
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
$dt = date("d.m.Y H:i\h", $mainticket->Get('dt'));
$status = ticket::getStatusText($lng, $mainticket->Get('status'));
if($mainticket->Get('status') >= 0
&& $mainticket->Get('status') <= 2)
{
if($mainticket->Get('status') >= 0 && $mainticket->Get('status') <= 2) {
$isclosed = 0;
}
else
{
} else {
$isclosed = 1;
}
if($mainticket->Get('by') == '1')
{
if($mainticket->Get('by') == '1') {
$by = $lng['ticket']['staff'];
}
else
{
} else {
$cid = $mainticket->Get('customer');
$usr = $db->query_first('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = "' . (int)$cid . '"'
$usr_stmt = Database::prepare('SELECT `customerid`, `firstname`, `name`, `company`, `loginname`
FROM `' . TABLE_PANEL_CUSTOMERS . '`
WHERE `customerid` = :customerid '
);
Database::pexecute($usr_stmt, array("customerid" => $cid));
$usr = $usr_stmt->fetch(PDO::FETCH_ASSOC);
$by = getCorrectFullUserDetails($usr);
//$by = $lng['ticket']['customer'];
}
@@ -352,22 +311,25 @@ elseif($page == 'tickets')
$subject = $mainticket->Get('subject');
$message = $mainticket->Get('message');
eval("\$ticket_replies.=\"" . getTemplate("tickets/tickets_tickets_main") . "\";");
$result = $db->query('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `id`="' . (int)$mainticket->Get('category') . '"');
$row = $db->fetch_array($result);
$andere = $db->query('SELECT * FROM `' . TABLE_PANEL_TICKETS . '` WHERE `answerto`="' . (int)$id . '" ORDER BY `lastchange` ASC');
while($row2 = $db->fetch_array($andere))
{
$result_stmt = Database::prepare('SELECT `name` FROM `' . TABLE_PANEL_TICKET_CATS . '`
WHERE `id`= :id '
);
Database::pexecute($result_stmt, array("id" => $mainticket->Get('category')));
$row = $result_stmt->fetch(PDO::FETCH_ASSOC);
$andere_stmt = Database::prepare('SELECT * FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `answerto`= :answerto
ORDER BY `lastchange` ASC'
);
Database::pexecute($andere_stmt, array("answerto" => $id));
while($row2 = $andere_stmt->fetch(PDO::FETCH_ASSOC)) {
$subticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$row2['id']);
$lastchange = date("d.m.Y H:i\h", $subticket->Get('lastchange'));
if($subticket->Get('by') == '1')
{
if($subticket->Get('by') == '1') {
$by = $lng['ticket']['staff'];
}
else
{
} else {
$by = getCorrectFullUserDetails($usr);
//$by = $lng['ticket']['customer'];
}
@@ -393,13 +355,8 @@ elseif($page == 'tickets')
eval("echo \"" . getTemplate("tickets/tickets_reply") . "\";");
}
}
elseif($action == 'close'
&& $id != 0)
{
if(isset($_POST['send'])
&& $_POST['send'] == 'send')
{
} elseif($action == 'close' && $id != 0) {
if(isset($_POST['send']) && $_POST['send'] == 'send') {
$now = time();
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
$mainticket->Set('lastchange', $now, true, true);
@@ -408,27 +365,22 @@ elseif($page == 'tickets')
$mainticket->Update();
$log->logAction(USR_ACTION, LOG_NOTICE, "closed support-ticket '" . $mainticket->Get('subject') . "'");
redirectTo($filename, Array('page' => $page, 's' => $s));
}
else
{
} else {
$mainticket = ticket::getInstanceOf($userinfo, $db, $settings, (int)$id);
ask_yesno('ticket_reallyclose', $filename, array('id' => $id, 'page' => $page, 'action' => $action), $mainticket->Get('subject'));
}
}
elseif($action == 'reopen'
&& $id != 0)
{
} elseif($action == 'reopen' && $id != 0) {
$ticketsopen = 0;
$opentickets = $db->query_first('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = "' . $userinfo['customerid'] . '"
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")');
$opentickets_stmt = Database::prepare('SELECT COUNT(`id`) as `count` FROM `' . TABLE_PANEL_TICKETS . '`
WHERE `customerid` = :customerid
AND `answerto` = "0"
AND (`status` = "0" OR `status` = "1" OR `status` = "2")'
);
Database::pexecute($opentickets_stmt, array("customerid" => $userinfo['customerid']));
$opentickets = $opentickets_stmt->fetch(PDO::FETCH_ASSOC);
$ticketsopen = (int)$opentickets['count'];
if($ticketsopen > $settings['ticket']['concurrently_open']
&& $settings['ticket']['concurrently_open'] != - 1
&& $settings['ticket']['concurrently_open'] != '')
{
if($ticketsopen > $settings['ticket']['concurrently_open'] && $settings['ticket']['concurrently_open'] != - 1 && $settings['ticket']['concurrently_open'] != '') {
standard_error('notmorethanxopentickets', $settings['ticket']['concurrently_open']);
}

53
customer_traffic.php
View File

@@ -28,23 +28,15 @@ $traffic = '';
$month = null;
$year = null;
if (isset($_POST['month'])
&& isset($_POST['year'])
) {
if (isset($_POST['month']) && isset($_POST['year'])) {
$month = intval($_POST['month']);
$year = intval($_POST['year']);
} elseif (isset($_GET['month'])
&& isset($_GET['year'])
) {
} elseif (isset($_GET['month']) && isset($_GET['year'])) {
$month = intval($_GET['month']);
$year = intval($_GET['year']);
}
//BAM! $_GET???
elseif (isset($_GET['page'])
&& $_GET['page'] == 'current'
) {
elseif (isset($_GET['page']) && $_GET['page'] == 'current') {
if (date('d') != '01') {
$month = date('m');
$year = date('Y');
@@ -59,22 +51,28 @@ elseif (isset($_GET['page'])
}
}
if (!is_null($month)
&& !is_null($year)) {
if (!is_null($month) && !is_null($year)) {
$traf['byte'] = 0;
$result = $db->query("SELECT
SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail',
`day`, `month`, `year`
FROM `" . TABLE_PANEL_TRAFFIC . "`
WHERE `customerid`='" . $userinfo['customerid'] . "'
AND `month` = '" . $month . "' AND `year` = '" . $year . "'
GROUP BY `day` ORDER BY `day` ASC");
$result_stmt = Database::prepare("SELECT SUM(`http`) as 'http', SUM(`ftp_up`) AS 'ftp_up', SUM(`ftp_down`) as 'ftp_down', SUM(`mail`) as 'mail', `day`, `month`, `year`
FROM `" . TABLE_PANEL_TRAFFIC . "`
WHERE `customerid`= :customerid
AND `month` = :month
AND `year` = :year
GROUP BY `day`
ORDER BY `day` ASC"
);
$params = array(
"customerid" => $userinfo['customerid'],
"month" => $month,
"year" => $year
);
Database::pexecute($result_stmt, $params);
$traffic_complete['http'] = 0;
$traffic_complete['ftp'] = 0;
$traffic_complete['mail'] = 0;
$show = '';
while ($row = $db->fetch_array($result)) {
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$http = $row['http'];
$ftp = $row['ftp_up'] + $row['ftp_down'];
$mail = $row['mail'];
@@ -118,14 +116,19 @@ if (!is_null($month)
eval("echo \"" . getTemplate('traffic/traffic_details') . "\";");
} else {
$result = $db->query("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
FROM `" . TABLE_PANEL_TRAFFIC . "` WHERE `customerid` = '" . $userinfo['customerid'] . "'
GROUP BY CONCAT(`year`,`month`) ORDER BY CONCAT(`year`,`month`) DESC LIMIT 12");
$result_stmt = Database::prepare("SELECT `month`, `year`, SUM(`http`) AS http, SUM(`ftp_up`) AS ftp_up, SUM(`ftp_down`) AS ftp_down, SUM(`mail`) AS mail
FROM `" . TABLE_PANEL_TRAFFIC . "`
WHERE `customerid` = :customerid
GROUP BY CONCAT(`year`,`month`)
ORDER BY CONCAT(`year`,`month`) DESC
LIMIT 12"
);
Database::pexecute($result_stmt, array("customerid" => $userinfo['customerid']));
$traffic_complete['http'] = 0;
$traffic_complete['ftp'] = 0;
$traffic_complete['mail'] = 0;
while ($row = $db->fetch_array($result)) {
while ($row = $result_stmt->fetch(PDO::FETCH_ASSOC)) {
$http = $row['http'];
$ftp_up = $row['ftp_up'];
$ftp_down = $row['ftp_down'];