VeruA/help.verua.ch
4
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions
help.verua.ch/include/class.staff.php

340 lines
10 KiB
PHP
Raw Normal View History

init
2026-01-05 08:46:20 +01:00
<?php
/*********************************************************************
class.staff.php
Everything about staff.
Peter Rotich <peter@osticket.com>
Copyright (c) 2006-2010 osTicket
http://www.osticket.com
Released under the GNU General Public License WITHOUT ANY WARRANTY.
See LICENSE.TXT for details.
vim: expandtab sw=4 ts=4 sts=4:
$Id: $
**********************************************************************/
class Staff {
var $udata;
var $group_id;
var $dept_id;
var $passwd;
var $id;
var $fullname;
var $username;
var $email;
var $firstname;
var $lastname;
var $signature;
var $dept;
function Staff($var){
$this->id =0;
return ($this->lookup($var));
}
function lookup($var){
$sql=sprintf("SELECT * FROM ".STAFF_TABLE." LEFT JOIN ".GROUP_TABLE." USING(group_id) WHERE %s=%s ",
is_numeric($var)?'staff_id':'username',db_input($var));
$res=db_query($sql);
if(!$res || !db_num_rows($res))
return NULL;
$row=db_fetch_array($res);
$this->udata=$row;
$this->id = $row['staff_id'];
$this->group_id = $row['group_id'];
$this->dept_id = $row['dept_id'];
$this->firstname = ucfirst($row['firstname']);
$this->lastname = ucfirst($row['lastname']);
$this->fullname = ucfirst($row['firstname'].' '.$row['lastname']);
$this->passwd = $row['passwd'];
$this->username = $row['username'];
$this->email = $row['email'];
$this->signature = $row['signature'];
return($this->id);
}
function reload(){
$this->lookup($this->id);
}
function getInfo() {
return $this->udata;
}
/*compares user password*/
function check_passwd($password){
return (strlen($this->passwd) && strcmp($this->passwd, MD5($password))==0)?(TRUE):(FALSE);
}
function getTZoffset(){
global $cfg;
$offset=$this->udata['timezone_offset'];
return $offset?$offset:$cfg->getTZoffset();
}
function observeDaylight() {
return $this->udata['daylight_saving']?true:false;
}
function getRefreshRate(){
return $this->udata['auto_refresh_rate'];
}
function getPageLimit() {
global $cfg;
$limit=$this->udata['max_page_size'];
return $limit?$limit:$cfg->getPageSize();
}
function getData(){
return($this->udata);
}
function getId(){
return $this->id;
}
function getEmail(){
return($this->email);
}
function getUserName(){
return($this->username);
}
function getName(){
return($this->fullname);
}
function getFirstName(){
return $this->firstname;
}
function getLastName(){
return $this->lastname;
}
function getDeptId(){
return $this->dept_id;
}
function getGroupId(){
return $this->group_id;
}
function getSignature(){
return($this->signature);
}
function appendMySignature(){
return $this->signature?true:false;
}
function forcePasswdChange(){
return $this->udata['change_passwd']?true:false;
}
function getDepts(){
//Departments the user is allowed to access...based on the group they belong to + user's dept.
return array_filter(array_unique(array_merge(explode(',',$this->udata['dept_access']),array($this->dept_id)))); //Neptune help us
}
function getDept(){
if(!$this->dept && $this->dept_id)
$this->dept= new Dept($this->dept_id);
return $this->dept;
}
function isManager() {
return (($dept=$this->getDept()) && $dept->getManagerId()==$this->getId())?true:false;
}
function isStaff(){
return TRUE;
}
function isGroupActive() {
return ($this->udata['group_enabled'])?true:false;
}
function isactive(){
return ($this->udata['isactive'])?true:false;
}
function isVisible(){
return ($this->udata['isvisible'])?true:false;
}
function onVacation(){
return ($this->udata['onvacation'])?true:false;
}
function isAvailable() {
return (!$this->isactive() || !$this->isGroupActive() || $this->onVacation())?false:true;
}
function isadmin(){
return ($this->udata['isadmin'])?true:false;
}
/* canDos' logic explained
1) First check id the user is super admin...if yes...super..allow
2) Check if the user is allowed to do the Do...or a manager in some cases -- if yes...allow
3) Check if he user's group is allowed...if yes...allow
5) If I-2-3 fails...it is a NO.. you can cry yourself to sleep.
*/
function canAccessDept($deptid){
return ($this->isadmin() ||in_array($deptid,$this->getDepts()))?true:false;
}
function canCreateTickets(){
return ($this->isadmin() || $this->udata['can_create_tickets'])?true:false;
}
function canEditTickets(){
return ($this->isadmin() || $this->udata['can_edit_tickets'])?true:false;
}
function canDeleteTickets(){
return ($this->isadmin() || $this->udata['can_delete_tickets'])?true:false;
}
function canCloseTickets(){
return ($this->isadmin() || $this->udata['can_close_tickets'])?true:false;
}
function canTransferTickets() {
return ($this->isadmin() || $this->isManager() || $this->udata['can_transfer_tickets'])?true:false;
}
function canManageBanList() {
return ($this->isadmin() || $this->isManager() || $this->udata['can_ban_emails'])?true:false;
}
function canManageTickets() {
return ($this->isadmin()
|| $this->canDeleteTickets()
|| $this->canManageBanList()
|| $this->canCloseTickets())?true:false;
}
function canManageKb() { //kb = knowledge base.
return ($this->isadmin() || $this->udata['can_manage_kb'])?true:false;
}
function update($vars,&$errors) {
if($this->save($this->getId(),$vars,$errors)){
$this->reload();
return true;
}
return false;
}
function create($vars,&$errors) {
return Staff::save(0,$vars,$errors);
}
function save($id,$vars,&$errors) {
include_once(INCLUDE_DIR.'class.dept.php');
if($id && $id!=$vars['staff_id'])
$errors['err']='Interner Fehler';
if(!$vars['firstname'] || !$vars['lastname'])
$errors['name']='Vor- und Nachname erforderlich';
if(!$vars['username'] || strlen($vars['username'])<3)
$errors['username']='Nutzername erforderlich';
else{
//check if the username is already in-use.
$sql='SELECT staff_id FROM '.STAFF_TABLE.' WHERE username='.db_input($vars['username']);
if($id)
$sql.=' AND staff_id!='.db_input($id);
if(db_num_rows(db_query($sql)))
$errors['username']='Nutzername wird bereits verwendet';
}
if(!$vars['email'] || !Validator::is_email($vars['email']))
$errors['email']='G&uuml;ltige Email erforderlich';
elseif(Email::getIdByEmail($vars['email']))
$errors['email']='Bereits als Systememail verwendet';
if($vars['phone'] && !Validator::is_phone($vars['phone']))
$errors['phone']='G&uuml;ltige Telefonnummer erforderlich';
if($vars['mobile'] && !Validator::is_phone($vars['mobile']))
$errors['mobile']='G&uuml;ltige Mobilnummer erforderlich';
if($vars['npassword'] || $vars['vpassword'] || !$id){
if(!$vars['npassword'] && !$id)
$errors['npassword']='Temp. Passwort erforderlich';
elseif($vars['npassword'] && strcmp($vars['npassword'],$vars['vpassword']))
$errors['vpassword']='Passw&ouml;rter stimmen nicht &uuml;berein';
elseif($vars['npassword'] && strlen($vars['npassword'])<6)
$errors['npassword']='Muss mindestens 6 Zeichen lang sein.';
}
if(!$vars['dept_id'])
$errors['dept']='Abteilung erforderlich';
if(!$vars['group_id'])
$errors['group']='Gruppe erforderlich';
if(!$errors){
$sql=' SET updated=NOW() '.
',isadmin='.db_input($vars['isadmin']).
',isactive='.db_input($vars['isactive']).
',isvisible='.db_input(isset($vars['isvisible'])?1:0).
',onvacation='.db_input(isset($vars['onvacation'])?1:0).
',dept_id='.db_input($vars['dept_id']).
',group_id='.db_input($vars['group_id']).
',username='.db_input(Format::striptags($vars['username'])).
',firstname='.db_input(Format::striptags($vars['firstname'])).
',lastname='.db_input(Format::striptags($vars['lastname'])).
',email='.db_input($vars['email']).
',phone="'.db_input($vars['phone'],false).'"'.
',phone_ext='.db_input($vars['phone_ext']).
',mobile="'.db_input($vars['mobile'],false).'"'.
',signature='.db_input(Format::striptags($vars['signature']));
if($vars['npassword'])
$sql.=',passwd='.db_input(md5($vars['npassword']));
if(isset($vars['resetpasswd']))
$sql.=',change_passwd=1';
if($id) {
$sql='UPDATE '.STAFF_TABLE.' '.$sql.' WHERE staff_id='.db_input($id);
if(!db_query($sql) || !db_affected_rows())
$errors['err']='Aktualisierung des Nutzers nicht m&ouml;glich. Interner Fehler aufgetreten';
}else{
$sql='INSERT INTO '.STAFF_TABLE.' '.$sql.',created=NOW()';
if(db_query($sql) && ($uID=db_insert_id()))
return $uID;
$errors['err']='Erstellen des Nutzers nicht m&ouml;glich. Interner Fehler';
}
}
return $errors?false:true;
}
}
?>
Reference in a new issue Copy permalink