Can now enable/disable public API
Mike Koch
9 years ago
parent
82877aff8b
commit
b289325276
@ -0,0 +1,28 @@
|
||||
<?php
|
||||
define('IN_SCRIPT', 1);
|
||||
define('HESK_PATH', '../../../');
|
||||
define('INTERNAL_API_PATH', '../../');
|
||||
require_once(HESK_PATH . 'hesk_settings.inc.php');
|
||||
require_once(HESK_PATH . 'inc/common.inc.php');
|
||||
require_once(INTERNAL_API_PATH . 'core/output.php');
|
||||
require_once(INTERNAL_API_PATH . 'dao/settings_dao.php');
|
||||
|
||||
hesk_load_internal_api_database_functions();
|
||||
hesk_dbConnect();
|
||||
|
||||
// Routing
|
||||
$request_method = $_SERVER['REQUEST_METHOD'];
|
||||
if ($request_method == 'POST') {
|
||||
$key = $_POST['key'];
|
||||
$value = $_POST['value'];
|
||||
|
||||
if ($key == NULL || $value == NULL) {
|
||||
return http_response_code(400);
|
||||
}
|
||||
|
||||
update_setting($key, $value, $hesk_settings);
|
||||
|
||||
return http_response_code(204);
|
||||
}
|
||||
|
||||
return http_response_code(405);
|
||||
@ -0,0 +1,250 @@
|
||||
<?php
|
||||
/*******************************************************************************
|
||||
* Title: Help Desk Software HESK
|
||||
* Version: 2.6.1 from 26th February 2015
|
||||
* Author: Klemen Stirn
|
||||
* Website: http://www.hesk.com
|
||||
********************************************************************************
|
||||
* COPYRIGHT AND TRADEMARK NOTICE
|
||||
* Copyright 2005-2015 Klemen Stirn. All Rights Reserved.
|
||||
* HESK is a registered trademark of Klemen Stirn.
|
||||
|
||||
* The HESK may be used and modified free of charge by anyone
|
||||
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
|
||||
* By using this code you agree to indemnify Klemen Stirn from any
|
||||
* liability that might arise from it's use.
|
||||
|
||||
* Selling the code for this program, in part or full, without prior
|
||||
* written consent is expressly forbidden.
|
||||
|
||||
* Using this code, in part or full, to create derivate work,
|
||||
* new scripts or products is expressly forbidden. Obtain permission
|
||||
* before redistributing this software over the Internet or in
|
||||
* any other medium. In all cases copyright and header must remain intact.
|
||||
* This Copyright is in full effect in any country that has International
|
||||
* Trade Agreements with the United States of America or
|
||||
* with the European Union.
|
||||
|
||||
* Removing any of the copyright notices without purchasing a license
|
||||
* is expressly forbidden. To remove HESK copyright notice you must purchase
|
||||
* a license for this script. For more information on how to obtain
|
||||
* a license please visit the page below:
|
||||
* https://www.hesk.com/buy.php
|
||||
*******************************************************************************/
|
||||
|
||||
/* Check if this is a valid include */
|
||||
if (!defined('IN_SCRIPT')) {die('Invalid attempt');}
|
||||
|
||||
|
||||
function hesk_dbSetNames()
|
||||
{
|
||||
global $hesk_settings, $hesk_db_link;
|
||||
|
||||
if ($hesk_settings['db_vrsn'])
|
||||
{
|
||||
mysql_set_charset('utf8', $hesk_db_link);
|
||||
}
|
||||
else
|
||||
{
|
||||
hesk_dbQuery("SET NAMES 'utf8'");
|
||||
}
|
||||
|
||||
} // END hesk_dbSetNames()
|
||||
|
||||
|
||||
function hesk_dbFormatEmail($email, $field = 'email')
|
||||
{
|
||||
global $hesk_settings;
|
||||
|
||||
$email = hesk_dbLike($email);
|
||||
|
||||
if ($hesk_settings['multi_eml'])
|
||||
{
|
||||
return " (`".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email)."' OR `".hesk_dbEscape($field)."` LIKE '%,".hesk_dbEscape($email)."' OR `".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email).",%' OR `".hesk_dbEscape($field)."` LIKE '%,".hesk_dbEscape($email).",%') ";
|
||||
}
|
||||
else
|
||||
{
|
||||
return " `".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email)."' ";
|
||||
}
|
||||
|
||||
} // END hesk_dbFormatEmail()
|
||||
|
||||
|
||||
function hesk_dbTime()
|
||||
{
|
||||
$res = hesk_dbQuery("SELECT NOW()");
|
||||
return strtotime(hesk_dbResult($res,0,0));
|
||||
} // END hesk_dbTime()
|
||||
|
||||
|
||||
function hesk_dbEscape($in)
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
$in = mysql_real_escape_string(stripslashes($in), $hesk_db_link);
|
||||
$in = str_replace('`','`',$in);
|
||||
|
||||
return $in;
|
||||
} // END hesk_dbEscape()
|
||||
|
||||
|
||||
function hesk_dbLike($in)
|
||||
{
|
||||
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
|
||||
} // END hesk_dbLike()
|
||||
|
||||
|
||||
function hesk_dbConnect()
|
||||
{
|
||||
global $hesk_settings;
|
||||
global $hesk_db_link;
|
||||
global $hesklang;
|
||||
|
||||
// Is mysql supported?
|
||||
if ( ! function_exists('mysql_connect') )
|
||||
{
|
||||
die($hesklang['emp']);
|
||||
}
|
||||
|
||||
// Connect to the database
|
||||
$hesk_db_link = @mysql_connect($hesk_settings['db_host'], $hesk_settings['db_user'], $hesk_settings['db_pass']);
|
||||
|
||||
// Errors?
|
||||
if ( ! $hesk_db_link)
|
||||
{
|
||||
if ($hesk_settings['debug_mode'])
|
||||
{
|
||||
$message = $hesklang['mysql_said'] . ': ' . mysql_error();
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = $hesklang['contact_webmaster'] . $hesk_settings['webmaster_email'];
|
||||
}
|
||||
header('Content-Type: application/json');
|
||||
print_error($hesklang['cant_connect_db'], $message);
|
||||
return http_response_code(500);
|
||||
}
|
||||
|
||||
if ( ! @mysql_select_db($hesk_settings['db_name'], $hesk_db_link))
|
||||
{
|
||||
if ($hesk_settings['debug_mode'])
|
||||
{
|
||||
$message = $hesklang['mysql_said'] . ': ' . mysql_error();
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = $hesklang['contact_webmaster'] . $hesk_settings['webmaster_email'];
|
||||
}
|
||||
header('Content-Type: application/json');
|
||||
print_error($hesklang['cant_connect_db'], $message);
|
||||
die();
|
||||
}
|
||||
|
||||
// Check MySQL/PHP version and set encoding to utf8
|
||||
hesk_dbSetNames();
|
||||
|
||||
return $hesk_db_link;
|
||||
|
||||
} // END hesk_dbConnect()
|
||||
|
||||
|
||||
function hesk_dbClose()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
return @mysql_close($hesk_db_link);
|
||||
|
||||
} // END hesk_dbClose()
|
||||
|
||||
|
||||
function hesk_dbQuery($query)
|
||||
{
|
||||
global $hesk_last_query;
|
||||
global $hesk_db_link;
|
||||
global $hesklang, $hesk_settings;
|
||||
|
||||
if ( ! $hesk_db_link && ! hesk_dbConnect())
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
$hesk_last_query = $query;
|
||||
|
||||
if ($res = @mysql_query($query, $hesk_db_link))
|
||||
{
|
||||
return $res;
|
||||
}
|
||||
elseif ($hesk_settings['debug_mode'])
|
||||
{
|
||||
$message = $hesklang['mysql_said'] . mysql_error();
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = $hesklang['contact_webmaster'] . $hesk_settings['webmaster_email'];
|
||||
}
|
||||
header('Content-Type: application/json');
|
||||
print_error($hesklang['cant_sql'], $message);
|
||||
die();
|
||||
|
||||
} // END hesk_dbQuery()
|
||||
|
||||
|
||||
function hesk_dbFetchAssoc($res)
|
||||
{
|
||||
|
||||
return @mysql_fetch_assoc($res);
|
||||
|
||||
} // END hesk_FetchAssoc()
|
||||
|
||||
|
||||
function hesk_dbFetchRow($res)
|
||||
{
|
||||
|
||||
return @mysql_fetch_row($res);
|
||||
|
||||
} // END hesk_FetchRow()
|
||||
|
||||
|
||||
function hesk_dbResult($res, $row = 0, $column = 0)
|
||||
{
|
||||
|
||||
return @mysql_result($res, $row, $column);
|
||||
|
||||
} // END hesk_dbResult()
|
||||
|
||||
|
||||
function hesk_dbInsertID()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
if ($lastid = @mysql_insert_id($hesk_db_link))
|
||||
{
|
||||
return $lastid;
|
||||
}
|
||||
|
||||
} // END hesk_dbInsertID()
|
||||
|
||||
|
||||
function hesk_dbFreeResult($res)
|
||||
{
|
||||
|
||||
return mysql_free_result($res);
|
||||
|
||||
} // END hesk_dbFreeResult()
|
||||
|
||||
|
||||
function hesk_dbNumRows($res)
|
||||
{
|
||||
|
||||
return @mysql_num_rows($res);
|
||||
|
||||
} // END hesk_dbNumRows()
|
||||
|
||||
|
||||
function hesk_dbAffectedRows()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
return @mysql_affected_rows($hesk_db_link);
|
||||
|
||||
} // END hesk_dbAffectedRows()
|
||||
@ -0,0 +1,255 @@
|
||||
<?php
|
||||
/*******************************************************************************
|
||||
* Title: Help Desk Software HESK
|
||||
* Version: 2.6.1 from 26th February 2015
|
||||
* Author: Klemen Stirn
|
||||
* Website: http://www.hesk.com
|
||||
********************************************************************************
|
||||
* COPYRIGHT AND TRADEMARK NOTICE
|
||||
* Copyright 2005-2015 Klemen Stirn. All Rights Reserved.
|
||||
* HESK is a registered trademark of Klemen Stirn.
|
||||
|
||||
* The HESK may be used and modified free of charge by anyone
|
||||
* AS LONG AS COPYRIGHT NOTICES AND ALL THE COMMENTS REMAIN INTACT.
|
||||
* By using this code you agree to indemnify Klemen Stirn from any
|
||||
* liability that might arise from it's use.
|
||||
|
||||
* Selling the code for this program, in part or full, without prior
|
||||
* written consent is expressly forbidden.
|
||||
|
||||
* Using this code, in part or full, to create derivate work,
|
||||
* new scripts or products is expressly forbidden. Obtain permission
|
||||
* before redistributing this software over the Internet or in
|
||||
* any other medium. In all cases copyright and header must remain intact.
|
||||
* This Copyright is in full effect in any country that has International
|
||||
* Trade Agreements with the United States of America or
|
||||
* with the European Union.
|
||||
|
||||
* Removing any of the copyright notices without purchasing a license
|
||||
* is expressly forbidden. To remove HESK copyright notice you must purchase
|
||||
* a license for this script. For more information on how to obtain
|
||||
* a license please visit the page below:
|
||||
* https://www.hesk.com/buy.php
|
||||
*******************************************************************************/
|
||||
|
||||
/* Check if this is a valid include */
|
||||
if (!defined('IN_SCRIPT')) {die('Invalid attempt');}
|
||||
|
||||
|
||||
function hesk_dbSetNames()
|
||||
{
|
||||
global $hesk_settings, $hesk_db_link;
|
||||
|
||||
if ($hesk_settings['db_vrsn'])
|
||||
{
|
||||
mysqli_set_charset($hesk_db_link, 'utf8');
|
||||
}
|
||||
else
|
||||
{
|
||||
hesk_dbQuery("SET NAMES 'utf8'");
|
||||
}
|
||||
|
||||
} // END hesk_dbSetNames()
|
||||
|
||||
|
||||
function hesk_dbFormatEmail($email, $field = 'email')
|
||||
{
|
||||
global $hesk_settings;
|
||||
|
||||
$email = hesk_dbLike($email);
|
||||
|
||||
if ($hesk_settings['multi_eml'])
|
||||
{
|
||||
return " (`".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email)."' OR `".hesk_dbEscape($field)."` LIKE '%,".hesk_dbEscape($email)."' OR `".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email).",%' OR `".hesk_dbEscape($field)."` LIKE '%,".hesk_dbEscape($email).",%') ";
|
||||
}
|
||||
else
|
||||
{
|
||||
return " `".hesk_dbEscape($field)."` LIKE '".hesk_dbEscape($email)."' ";
|
||||
}
|
||||
|
||||
} // END hesk_dbFormatEmail()
|
||||
|
||||
|
||||
function hesk_dbTime()
|
||||
{
|
||||
$res = hesk_dbQuery("SELECT NOW()");
|
||||
return strtotime(hesk_dbResult($res,0,0));
|
||||
} // END hesk_dbTime()
|
||||
|
||||
|
||||
function hesk_dbEscape($in)
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
$in = mysqli_real_escape_string($hesk_db_link, stripslashes($in));
|
||||
$in = str_replace('`','`',$in);
|
||||
|
||||
return $in;
|
||||
} // END hesk_dbEscape()
|
||||
|
||||
|
||||
function hesk_dbLike($in)
|
||||
{
|
||||
return str_replace( array('_', '%'), array('\\\\_', '\\\\%'), $in);
|
||||
} // END hesk_dbLike()
|
||||
|
||||
|
||||
function hesk_dbConnect()
|
||||
{
|
||||
global $hesk_settings;
|
||||
global $hesk_db_link;
|
||||
global $hesklang;
|
||||
|
||||
// Is mysqli supported?
|
||||
if ( ! function_exists('mysqli_connect') )
|
||||
{
|
||||
die($hesklang['emp']);
|
||||
}
|
||||
|
||||
// Do we need a special port? Check and connect to the database
|
||||
if ( strpos($hesk_settings['db_host'], ':') )
|
||||
{
|
||||
list($hesk_settings['db_host'], $hesk_settings['db_port']) = explode(':', $hesk_settings['db_host']);
|
||||
$hesk_db_link = @mysqli_connect($hesk_settings['db_host'], $hesk_settings['db_user'], $hesk_settings['db_pass'], $hesk_settings['db_name'], intval($hesk_settings['db_port']) );
|
||||
}
|
||||
else
|
||||
{
|
||||
$hesk_db_link = @mysqli_connect($hesk_settings['db_host'], $hesk_settings['db_user'], $hesk_settings['db_pass'], $hesk_settings['db_name']);
|
||||
}
|
||||
|
||||
// Errors?
|
||||
if ( ! $hesk_db_link)
|
||||
{
|
||||
if ($hesk_settings['debug_mode'])
|
||||
{
|
||||
$message = $hesklang['mysql_said'] . ': (' . mysqli_connect_errno() . ') ' . mysqli_connect_error();
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = $hesklang['contact_webmaster'] . $hesk_settings['webmaster_email'];
|
||||
}
|
||||
header('Content-Type: application/json');
|
||||
print_error($hesklang['cant_connect_db'], $message);
|
||||
http_response_code(500);
|
||||
}
|
||||
|
||||
// Check MySQL/PHP version and set encoding to utf8
|
||||
hesk_dbSetNames();
|
||||
|
||||
return $hesk_db_link;
|
||||
|
||||
} // END hesk_dbConnect()
|
||||
|
||||
|
||||
function hesk_dbClose()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
return @mysqli_close($hesk_db_link);
|
||||
|
||||
} // END hesk_dbClose()
|
||||
|
||||
|
||||
function hesk_dbQuery($query)
|
||||
{
|
||||
global $hesk_last_query;
|
||||
global $hesk_db_link;
|
||||
global $hesklang, $hesk_settings;
|
||||
|
||||
if ( ! $hesk_db_link && ! hesk_dbConnect())
|
||||
{
|
||||
return false;
|
||||
}
|
||||
|
||||
$hesk_last_query = $query;
|
||||
|
||||
#echo "<p>EXPLAIN $query</p>\n";
|
||||
|
||||
if ($res = @mysqli_query($hesk_db_link, $query))
|
||||
{
|
||||
return $res;
|
||||
}
|
||||
elseif ($hesk_settings['debug_mode'])
|
||||
{
|
||||
$message = $hesklang['mysql_said'] . ': ' . mysqli_error($hesk_db_link);
|
||||
}
|
||||
else
|
||||
{
|
||||
$message = $hesklang['contact_webmaster'] . $hesk_settings['webmaster_email'];
|
||||
}
|
||||
header('Content-Type: application/json');
|
||||
print_error($hesklang['cant_sql'], $message);
|
||||
die(http_response_code(500));
|
||||
} // END hesk_dbQuery()
|
||||
|
||||
|
||||
function hesk_dbFetchAssoc($res)
|
||||
{
|
||||
|
||||
return @mysqli_fetch_assoc($res);
|
||||
|
||||
} // END hesk_FetchAssoc()
|
||||
|
||||
|
||||
function hesk_dbFetchRow($res)
|
||||
{
|
||||
|
||||
return @mysqli_fetch_row($res);
|
||||
|
||||
} // END hesk_FetchRow()
|
||||
|
||||
|
||||
function hesk_dbResult($res, $row = 0, $column = 0)
|
||||
{
|
||||
$i=0;
|
||||
$res->data_seek(0);
|
||||
|
||||
while ($tmp = @mysqli_fetch_array($res, MYSQLI_NUM))
|
||||
{
|
||||
if ($i==$row)
|
||||
{
|
||||
return $tmp[$column];
|
||||
}
|
||||
$i++;
|
||||
}
|
||||
|
||||
return '';
|
||||
|
||||
} // END hesk_dbResult()
|
||||
|
||||
|
||||
function hesk_dbInsertID()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
if ($lastid = @mysqli_insert_id($hesk_db_link))
|
||||
{
|
||||
return $lastid;
|
||||
}
|
||||
|
||||
} // END hesk_dbInsertID()
|
||||
|
||||
|
||||
function hesk_dbFreeResult($res)
|
||||
{
|
||||
|
||||
return @mysqli_free_result($res);
|
||||
|
||||
} // END hesk_dbFreeResult()
|
||||
|
||||
|
||||
function hesk_dbNumRows($res)
|
||||
{
|
||||
|
||||
return @mysqli_num_rows($res);
|
||||
|
||||
} // END hesk_dbNumRows()
|
||||
|
||||
|
||||
function hesk_dbAffectedRows()
|
||||
{
|
||||
global $hesk_db_link;
|
||||
|
||||
return @mysqli_affected_rows($hesk_db_link);
|
||||
|
||||
} // END hesk_dbAffectedRows()
|
||||
@ -0,0 +1,11 @@
|
||||
<?php
|
||||
|
||||
function print_error($title, $message) {
|
||||
$error = array();
|
||||
$error['type'] = 'ERROR';
|
||||
$error['title'] = $title;
|
||||
$error['message'] = $message;
|
||||
|
||||
print json_encode($error);
|
||||
return;
|
||||
}
|
||||
@ -0,0 +1,7 @@
|
||||
<?php
|
||||
|
||||
function output($data, $status_code = 200) {
|
||||
header('Content-Type: application/json');
|
||||
print json_encode($data);
|
||||
return http_response_code($status_code);
|
||||
}
|
||||
@ -0,0 +1,8 @@
|
||||
<?php
|
||||
|
||||
function update_setting($key, $value, $hesk_settings) {
|
||||
$sql = "UPDATE `" . hesk_dbEscape($hesk_settings['db_pfix']) . "settings` SET
|
||||
`Value` = '" . hesk_dbEscape($value) . "' WHERE `Key` = '" . hesk_dbEscape($key) . "'";
|
||||
|
||||
hesk_dbQuery($sql);
|
||||
}
|
||||
@ -0,0 +1,52 @@
|
||||
$(document).ready(function() {
|
||||
$('#enable-api-button').click(function() {
|
||||
updatePublicApi('1', '#enable-api-button');
|
||||
});
|
||||
$('#disable-api-button').click(function() {
|
||||
updatePublicApi('0', '#disable-api-button');
|
||||
});
|
||||
});
|
||||
|
||||
function updatePublicApi(enable) {
|
||||
var endpoint = getHelpdeskUrl();
|
||||
endpoint += '/internal-api/admin/api-settings/';
|
||||
var data = {
|
||||
key: 'public_api',
|
||||
value: enable
|
||||
};
|
||||
$('#enable-api-button').addClass('disabled');
|
||||
$('#disable-api-button').addClass('disabled');
|
||||
$('#public-api-saving').removeClass('hide');
|
||||
$('#public-api-success').addClass('hide');
|
||||
$('#public-api-failure').addClass('hide');
|
||||
$.ajax({
|
||||
url: endpoint,
|
||||
data: data,
|
||||
method: 'POST',
|
||||
success: function() {
|
||||
$('#enable-api-button').removeClass('disabled');
|
||||
$('#disable-api-button').removeClass('disabled');
|
||||
$('#public-api-saving').addClass('hide');
|
||||
$('#public-api-success').removeClass('hide');
|
||||
|
||||
if (enable == '1') {
|
||||
$('#public-api-sidebar').addClass('success')
|
||||
.removeClass('danger');
|
||||
$('#public-api-sidebar-enabled').removeClass('hide');
|
||||
$('#public-api-sidebar-disabled').addClass('hide');
|
||||
} else {
|
||||
$('#public-api-sidebar').addClass('danger')
|
||||
.removeClass('success');
|
||||
$('#public-api-sidebar-disabled').removeClass('hide');
|
||||
$('#public-api-sidebar-enabled').addClass('hide');
|
||||
}
|
||||
},
|
||||
error: function(data) {
|
||||
console.error(data);
|
||||
$('#enable-api-button').removeClass('disabled');
|
||||
$('#disable-api-button').removeClass('disabled');
|
||||
$('#public-api-saving').addClass('hide');
|
||||
$('#public-api-failure').removeClass('hide');
|
||||
}
|
||||
});
|
||||
}
|
||||
@ -0,0 +1,9 @@
|
||||
<?php
|
||||
define('IN_SCRIPT', 1);
|
||||
require_once('../../hesk_settings.inc.php');
|
||||
header('Content-Type: application/javascript');
|
||||
echo "
|
||||
function getHelpdeskUrl() {
|
||||
return '".$hesk_settings['hesk_url']."';
|
||||
}
|
||||
";
|
||||
Loading…
Reference in New Issue