forked from itflow-org/itflow
-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathajax.php
242 lines (202 loc) · 9.05 KB
/
ajax.php
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
<?php
/*
* ajax.php
* Similar to post.php, but for requests using Asynchronous JavaScript
* Always returns data in JSON format, unless otherwise specified
*/
include("config.php");
include("functions.php");
include("check_login.php");
/*
* Fetches SSL certificates from remote hosts & returns the relevant info (issuer, expiry, public key)
*/
if(isset($_GET['certificate_fetch_parse_json_details'])){
// PHP doesn't appreciate attempting SSL sockets to non-existent domains
if(empty($_GET['domain'])){
exit();
}
$domain = $_GET['domain'];
// FQDNs in database shouldn't have a URL scheme, adding one
$domain = "https://".$domain;
// Parse host and port
$url = parse_url($domain, PHP_URL_HOST);
$port = parse_url($domain, PHP_URL_PORT);
// Default port
if(!$port){
$port = "443";
}
// Get certificate (using verify peer false to allow for self-signed certs)
$socket = "ssl://$url:$port";
$get = stream_context_create(array("ssl" => array("capture_peer_cert" => TRUE, "verify_peer" => FALSE,)));
$read = stream_socket_client($socket, $errno, $errstr, 30, STREAM_CLIENT_CONNECT, $get);
$cert = stream_context_get_params($read);
$cert_public_key_obj = openssl_x509_parse($cert['options']['ssl']['peer_certificate']);
openssl_x509_export($cert['options']['ssl']['peer_certificate'], $export);
// Process data
if($cert_public_key_obj){
$response['success'] = "TRUE";
$response['expire'] = date('Y-m-d', $cert_public_key_obj['validTo_time_t']);
$response['issued_by'] = strip_tags($cert_public_key_obj['issuer']['O']);
$response['public_key'] = $export; //nl2br
}
else{
$response['success'] = "FALSE";
}
echo json_encode($response);
}
/*
* Looks up info for a given certificate ID from the database, used to dynamically populate modal fields
*/
if(isset($_GET['certificate_get_json_details'])){
$certificate_id = intval($_GET['certificate_id']);
$client_id = intval($_GET['client_id']);
// Individual certificate lookup
$cert_sql = mysqli_query($mysqli,"SELECT * FROM certificates WHERE certificate_id = $certificate_id AND certificate_client_id = $client_id");
while($row = mysqli_fetch_array($cert_sql)){
$response['certificate'][] = $row;
}
// Get all domains for this client that could be linked to this certificate
$domains_sql = mysqli_query($mysqli, "SELECT domain_id, domain_name FROM domains WHERE domain_client_id = '$client_id' AND company_id = '$session_company_id'");
while($row = mysqli_fetch_array($domains_sql)){
$response['domains'][] = $row;
}
echo json_encode($response);
}
/*
* Looks up info for a given domain ID from the database, used to dynamically populate modal fields
*/
if(isset($_GET['domain_get_json_details'])){
$domain_id = intval($_GET['domain_id']);
$client_id = intval($_GET['client_id']);
// Individual domain lookup
$cert_sql = mysqli_query($mysqli,"SELECT * FROM domains WHERE domain_id = $domain_id AND domain_client_id = $client_id");
while($row = mysqli_fetch_array($cert_sql)){
$response['domain'][] = $row;
}
// Get all registrars/webhosts (vendors) for this client that could be linked to this domain
$vendor_sql = mysqli_query($mysqli, "SELECT vendor_id, vendor_name FROM vendors WHERE vendor_client_id = $client_id");
while($row = mysqli_fetch_array($vendor_sql)){
$response['vendors'][] = $row;
}
echo json_encode($response);
}
/*
* Looks up info on the ticket number provided, used to populate the ticket merge modal
*/
if(isset($_GET['merge_ticket_get_json_details'])){
$merge_into_ticket_number = intval($_GET['merge_into_ticket_number']);
$sql = mysqli_query($mysqli,"SELECT * FROM tickets
LEFT JOIN clients ON ticket_client_id = client_id
LEFT JOIN contacts ON ticket_contact_id = contact_id
WHERE ticket_number = '$merge_into_ticket_number' AND tickets.company_id = '$session_company_id'");
if(mysqli_num_rows($sql) == 0){
//Do nothing.
}
else {
//Return ticket, client and contact details for the given ticket number
$response = mysqli_fetch_array($sql);
echo json_encode($response);
}
}
/*
* Looks up info for a given network ID from the database, used to dynamically populate modal fields
*/
if(isset($_GET['network_get_json_details'])){
$network_id = intval($_GET['network_id']);
$client_id = intval($_GET['client_id']);
// Individual network lookup
$network_sql = mysqli_query($mysqli,"SELECT * FROM networks WHERE network_id = $network_id AND network_client_id = $client_id");
while($row = mysqli_fetch_array($network_sql)){
$response['network'][] = $row;
}
// Lookup all client locations, as networks can be associated with any client location
$locations_sql = mysqli_query($mysqli, "SELECT location_id, location_name FROM locations
WHERE location_client_id = '$client_id' AND company_id = '$session_company_id'"
);
while($row = mysqli_fetch_array($locations_sql)){
$response['locations'][] = $row;
}
echo json_encode($response);
}
if(isset($_POST['client_set_notes'])){
$client_id = intval($_POST['client_id']);
$notes = trim(strip_tags(mysqli_real_escape_string($mysqli, $_POST['notes'])));
// Update notes
mysqli_query($mysqli, "UPDATE clients SET client_notes = '$notes' WHERE client_id = '$client_id'");
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Client', log_action = 'Modify', log_description = '$session_name modified client notes', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_client_id = $client_id, log_user_id = $session_user_id, company_id = $session_company_id");
}
/*
* Collision Detection/Avoidance
* Called upon loading a ticket, and every 2 mins thereafter
* Is used in conjunction with ticket_query_views to show who is currently viewing a ticket
*/
if(isset($_GET['ticket_add_view'])){
$ticket_id = intval($_GET['ticket_id']);
mysqli_query($mysqli, "INSERT INTO ticket_views SET view_ticket_id = '$ticket_id', view_user_id = '$session_user_id', view_timestamp = NOW()");
}
/*
* Collision Detection/Avoidance
* Returns formatted text of the agents currently viewing a ticket
* Called upon loading a ticket, and every 2 mins thereafter
*/
if(isset($_GET['ticket_query_views'])){
$ticket_id = intval($_GET['ticket_id']);
$query = mysqli_query($mysqli, "SELECT user_name FROM ticket_views LEFT JOIN users ON view_user_id = user_id WHERE view_ticket_id = '$ticket_id' AND view_user_id != '$session_user_id' AND view_timestamp > DATE_SUB(NOW(), INTERVAL 2 MINUTE)");
while($row = mysqli_fetch_array($query)){
$users[] = $row['user_name'];
}
if(!empty($users)){
$users = array_unique($users);
if(count($users) > 1){
// Multiple viewers
$response['message'] = implode(", ", $users) . " are viewing this ticket.";
}
else{
// Single viewer
$response['message'] = implode("", $users) . " is viewing this ticket.";
}
}
else{
// No viewers
$response['message'] = "";
}
echo json_encode($response);
}
/*
* Generates public/guest links for sharing logins/docs
*/
if(isset($_GET['share_generate_link'])){
$client_id = intval($_GET['client_id']);
$item_type = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['type'])));
$item_id = intval($_GET['id']);
$item_note = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['note'])));
$item_view_limit = intval($_GET['views']);
$item_expires = trim(strip_tags(mysqli_real_escape_string($mysqli,$_GET['expires'])));
$item_key = keygen();
if($item_type == "Login"){
$login = mysqli_query($mysqli, "SELECT login_password FROM logins WHERE login_id = '$item_id' AND login_client_id = '$client_id' LIMIT 1");
$row = mysqli_fetch_array($login);
$login_password_cleartext = decryptLoginEntry($row['login_password']);
$login_encryption_key = keygen();
$iv = keygen();
$ciphertext = openssl_encrypt($login_password_cleartext, 'aes-128-cbc', $login_encryption_key, 0, $iv);
$item_encrypted_credential = $iv . $ciphertext;
}
else{
$item_encrypted_credential = '';
}
// Insert entry into DB
$sql = mysqli_query($mysqli, "INSERT INTO shared_items SET item_active = '1', item_key = '$item_key', item_type = '$item_type', item_related_id = '$item_id', item_encrypted_credential = '$item_encrypted_credential', item_note = '$item_note', item_views = 0, item_view_limit = '$item_view_limit', item_created_at = NOW(), item_expire_at = '$item_expires', item_client_id = '$client_id'");
$share_id = $mysqli->insert_id;
// Return URL
if($item_type == "Login"){
$url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key&ek=$login_encryption_key";
}
else{
$url = "$config_base_url/guest_view_item.php?id=$share_id&key=$item_key";
}
echo json_encode($url);
// Logging
mysqli_query($mysqli,"INSERT INTO logs SET log_type = 'Sharing', log_action = 'Create', log_description = '$session_name created shared link for $item_type - Item ID: $item_id', log_client_id = '$client_id', log_ip = '$session_ip', log_user_agent = '$session_user_agent', log_created_at = NOW(), log_user_id = $session_user_id, company_id = $session_company_id");
}