0byt3m1n1
Path:
/
data
/
applications
/
aps.bak
/
osticket
/
1.6.r0-1
/
standard
/
htdocs
/
include
/
staff
/
[
Home
]
File: api.inc.php
<?php if(!defined('OSTADMININC') || !$thisuser->isadmin()) die('Access Denied'); $info['phrase']=($errors && $_POST['phrase'])?Format::htmlchars($_POST['phrase']):$cfg->getAPIPassphrase(); $select='SELECT * '; $from='FROM '.API_KEY_TABLE; $where=''; $sortOptions=array('date'=>'created','ip'=>'ipaddr'); $orderWays=array('DESC'=>'DESC','ASC'=>'ASC'); //Sorting options... if($_REQUEST['sort']) { $order_column =$sortOptions[$_REQUEST['sort']]; } if($_REQUEST['order']) { $order=$orderWays[$_REQUEST['order']]; } $order_column=$order_column?$order_column:'ipaddr'; $order=$order?$order:'ASC'; $order_by=" ORDER BY $order_column $order "; $total=db_count('SELECT count(*) '.$from.' '.$where); $pagelimit=1000;//No limit. $page=($_GET['p'] && is_numeric($_GET['p']))?$_GET['p']:1; $pageNav=new Pagenate($total,$page,$pagelimit); $pageNav->setURL('admin.php',$qstr.'&sort='.urlencode($_REQUEST['sort']).'&order='.urlencode($_REQUEST['order'])); $query="$select $from $where $order_by"; //echo $query; $result = db_query($query); $showing=db_num_rows($result)?$pageNav->showing():''; $negorder=$order=='DESC'?'ASC':'DESC'; //Negate the sorting.. $deletable=0; ?> <div class="msg">API Keys</div> <hr> <div><b><?=$showing?></b></div> <table width="100%" border="0" cellspacing=1 cellpadding=2> <form action="admin.php?t=api" method="POST" name="api" onSubmit="return checkbox_checker(document.forms['api'],1,0);"> <input type=hidden name='t' value='api'> <input type=hidden name='do' value='mass_process'> <tr><td> <table border="0" cellspacing=0 cellpadding=2 class="dtable" align="center" width="100%"> <tr> <th width="7px"> </th> <th>API Key</th> <th width="10" nowrap>Active</th> <th width="100" nowrap> IP Address</th> <th width="150" nowrap> <a href="admin.php?t=api&sort=date&order=<?=$negorder?><?=$qstr?>" title="Sort By Create Date <?=$negorder?>">Created</a></th> </tr> <? $class = 'row1'; $total=0; $active=$inactive=0; $sids=($errors && is_array($_POST['ids']))?$_POST['ids']:null; if($result && db_num_rows($result)): $dtpl=$cfg->getDefaultTemplateId(); while ($row = db_fetch_array($result)) { $sel=false; $disabled=''; if($row['isactive']) $active++; else $inactive++; if($sids && in_array($row['id'],$sids)){ $class="$class highlight"; $sel=true; } ?> <tr class="<?=$class?>" id="<?=$row['id']?>"> <td width=7px> <input type="checkbox" name="ids[]" value="<?=$row['id']?>" <?=$sel?'checked':''?> onClick="highLight(this.value,this.checked);"> <td> <?=$row['apikey']?></td> <td><?=$row['isactive']?'<b>Yes</b>':'No'?></td> <td> <?=$row['ipaddr']?></td> <td> <?=Format::db_datetime($row['created'])?></td> </tr> <? $class = ($class =='row2') ?'row1':'row2'; } //end of while. else: //nothin' found!! ?> <tr class="<?=$class?>"><td colspan=5><b>Query returned 0 results</b> <a href="admin.php?t=templates">Index list</a></td></tr> <? endif; ?> </table> </td></tr> <? if(db_num_rows($result)>0): //Show options.. ?> <tr> <td align="center"> <?php if($inactive) {?> <input class="button" type="submit" name="enable" value="Enable" onClick='return confirm("Are you sure you want to ENABLE selected keys?");'> <?php } if($active){?> <input class="button" type="submit" name="disable" value="Disable" onClick='return confirm("Are you sure you want to DISABLE selected keys?");'> <?}?> <input class="button" type="submit" name="delete" value="Delete" onClick='return confirm("Are you sure you want to DELETE selected keys?");'> </td> </tr> <? endif; ?> </form> </table> <br/> <div class="msg">Add New IP</div> <hr> <div> Add a new IP address. <font class="error"><?=$errors['ip']?></font> <form action="admin.php?t=api" method="POST" > <input type=hidden name='t' value='api'> <input type=hidden name='do' value='add'> New IP: <input name="ip" size=30 value="<?=($errors['ip'])?Format::htmlchars($_REQUEST['ip']):''?>" /> <font class="error">* </font> <input class="button" type="submit" name="add" value="Add"> </form> </div> <br/> <div class="msg">API Passphrase</div> <hr> <div> Passphrase must be at least 3 words. Required to generate the api keys.<br/> <form action="admin.php?t=api" method="POST" > <input type=hidden name='t' value='api'> <input type=hidden name='do' value='update_phrase'> Phrase: <input name="phrase" size=50 value="<?=Format::htmlchars($info['phrase'])?>" /> <font class="error">* <?=$errors['phrase']?></font> <input class="button" type="submit" name="update" value="Submit"> </form> <br/><br/> <div><i>Please note that changing the passprase does NOT invalidate existing keys. To regerate a key you need to delete and readd it.</i></div> </div>