LotusGuild/tinker_tickets
4
0
Fork 0
Code Issues 1 Pull Requests Actions Packages Projects Releases Wiki Activity

Compare commits

base: LotusGuild/tinker_tickets:dad7c24bff876964d6ac85c3feeb6d863328185b
Branches Tags
LotusGuild/tinker_tickets:main LotusGuild/tinker_tickets:development
LotusGuild/tinker_tickets:deploy-2026.04.29-49 LotusGuild/tinker_tickets:deploy-2026.04.29-41 LotusGuild/tinker_tickets:deploy-2026.04.18-35 LotusGuild/tinker_tickets:deploy-2026.04.16-31 LotusGuild/tinker_tickets:deploy-2026.04.16-27 LotusGuild/tinker_tickets:deploy-2026.04.16-23 LotusGuild/tinker_tickets:deploy-2026.04.16-11 LotusGuild/tinker_tickets:deploy-2026.04.14-9
..
compare: LotusGuild/tinker_tickets:main
Branches Tags
LotusGuild/tinker_tickets:development LotusGuild/tinker_tickets:main
LotusGuild/tinker_tickets:deploy-2026.04.29-49 LotusGuild/tinker_tickets:deploy-2026.04.29-41 LotusGuild/tinker_tickets:deploy-2026.04.18-35 LotusGuild/tinker_tickets:deploy-2026.04.16-31 LotusGuild/tinker_tickets:deploy-2026.04.16-27 LotusGuild/tinker_tickets:deploy-2026.04.16-23 LotusGuild/tinker_tickets:deploy-2026.04.16-11 LotusGuild/tinker_tickets:deploy-2026.04.14-9

19 Commits
dad7c24bff .. main

Author SHA1 Message Date
jared 597e1b1eea fix: correct phpcs indentation on SLA banner conditional block
Lint / PHP (phpcs PSR-12) (push) Successful in 24s
Details
Lint / JS (eslint) (push) Successful in 11s
Details
Security / PHP Security (semgrep) (push) Successful in 1m13s
Details
Lint / Deploy (push) Successful in 3s
Details
Lint / Notify on failure (push) Has been skipped
Details 
PHP inline conditionals inside HTML context must use 4-space indentation
to satisfy PSR-12 Generic.WhiteSpace.ScopeIndent rule.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-29 17:43:49 -04:00
jared 35a2b66038 refactor: migrate P1/P2 SLA banner to lt-sla-p1/lt-sla-p2 component
Lint / PHP (phpcs PSR-12) (push) Failing after 24s
Details
Lint / JS (eslint) (push) Successful in 11s
Details
Lint / Deploy (push) Has been cancelled
Details
Lint / Notify on failure (push) Has been cancelled
Details
Security / PHP Security (semgrep) (push) Has been cancelled
Details 
Replaces the lt-alert workaround with the new purpose-built SLA banner
component now in base.css:
- lt-sla-p1 (pulsing red) / lt-sla-p2 (static amber) wrapper classes
- Structured subcomponents: lt-sla-icon, lt-sla-info, lt-sla-title,
  lt-sla-bar + lt-sla-fill (gradient fill), lt-sla-meta, lt-sla-dismiss
- Dismiss now uses banner.hidden + sessionStorage key lt_sla_dismissed_<id>
  (aligns with web_template pattern; previous code used classList 'dismissed')
- Elapsed/remaining/breach state driven by same tick() interval, now updating
  lt-sla-fill width instead of a separate lt-progress bar inside lt-alert-msg

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-29 17:40:15 -04:00
jared b7aea8c683 sync: pull progress gradient fills and SLA banner from web_template v1.2
Lint / PHP (phpcs PSR-12) (push) Successful in 26s
Details
Lint / JS (eslint) (push) Successful in 12s
Details
Security / PHP Security (semgrep) (push) Successful in 1m12s
Details
Lint / Deploy (push) Successful in 3s
Details
Lint / Notify on failure (push) Has been skipped
Details 
Progress bars now use linear-gradient fills for a more dramatic terminal
readout appearance (matches web_template 39862fa):
- Default (orange), --cyan, --green, --red variants all upgraded from flat
  accent colors to directional gradients with highlight endpoints

SLA banner component (lt-sla-p1 / lt-sla-p2) added to base.css, replacing
the lt-alert workaround previously used for P1/P2 SLA display:
- lt-sla-p1: pulsing red banner (animation: lt-sla-pulse 2s)
- lt-sla-p2: static amber banner
- Subcomponents: icon, info, title, bar, fill, meta, dismiss
- Both fills use gradients for visual consistency (P2 amber→#ffd740)
- lt-sla-dismiss includes transition + :focus-visible ring

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-29 17:29:57 -04:00
jared d23bbc4b26 docs: fix CI/CD section and add security badge
Lint / PHP (phpcs PSR-12) (push) Successful in 50s
Details
Lint / JS (eslint) (push) Successful in 14s
Details
Lint / Deploy (push) Successful in 3s
Details
Lint / Notify on failure (push) Has been skipped
Details
Security / PHP Security (semgrep) (push) Successful in 2m7s
Details 
- Add security.yml badge to header
- Replace stale 'npm audit' description with actual semgrep config
- Add deploy tagging and notify-failure rows that were missing
- Fix ESLint config location note

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-18 14:04:28 -04:00
jared 132098bee3 Exclude two more semgrep false-positive rules from security scan
Lint / PHP (phpcs PSR-12) (push) Successful in 30s
Details
Lint / JS (eslint) (push) Successful in 13s
Details
Security / PHP Security (semgrep) (push) Successful in 1m18s
Details
Lint / Deploy (push) Successful in 5s
Details
Lint / Notify on failure (push) Has been skipped
Details 
- tainted-filename: filenames in upload_attachment.php and user_avatar.php
  are derived exclusively from (int)-cast integers; no user string reaches
  the filesystem path. Semgrep's taint engine tracks all use-sites of the
  variable, producing findings on every file_exists/readfile/unlink call.
- tainted-callable: index.php audit-log query passes \$sql to prepare();
  \$sql is assembled from hardcoded SQL fragments with ? placeholders and
  explicit (int) LIMIT/OFFSET casts. User values are bound via bind_param,
  never interpolated. Semgrep cannot see through the WHERE-builder logic.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:51:02 -04:00
jared 3a4a13db7b Fix semgrep security findings to pass CI security scan
Lint / PHP (phpcs PSR-12) (push) Successful in 28s
Details
Lint / JS (eslint) (push) Successful in 14s
Details
Security / PHP Security (semgrep) (push) Failing after 1m27s
Details
Lint / Deploy (push) Successful in 3s
Details
Lint / Notify on failure (push) Has been skipped
Details 
- index.php: replace SQL string interpolation with concatenation + explicit
  (int) casts for LIMIT/OFFSET; add nosemgrep for tainted-sql false positive
  (WHERE clause built from hardcoded fragments with bound params only)
- api/upload_attachment.php: add realpath() path-traversal guard after mkdir
- api/user_avatar.php: make (int) cast explicit at cache-path construction;
  add nosemgrep for tainted-filename false positive (integer-only input)
- assets/js/ticket.js: add nosemgrep for insertAdjacentHTML — all dynamic
  content already escaped via lt.escHtml() before insertion
- .gitea/workflows/security.yml: exclude echoed-request rule globally —
  all echo in API context is json_encode() output, not HTML; htmlentities()
  fix semgrep suggests would corrupt JSON responses

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:42:47 -04:00
jared 6b2d8e4d03 Fix remaining spam issues and phpcs merge conflict marker
Lint / PHP (phpcs PSR-12) (push) Successful in 31s
Details
Lint / JS (eslint) (push) Successful in 13s
Details
Security / PHP Security (semgrep) (push) Failing after 1m41s
Details
Lint / Deploy (push) Successful in 4s
Details
Lint / Notify on failure (push) Has been skipped
Details 
Spam fixes:
- Add ZFS pool category to hash with subtypes (pool_state, pool_usage,
  pool_errors) so DEGRADED and usage-high on same pool get separate tickets
- Strip volatile percentages from LXC/ZFS usage titles ("usage high: 80.1%"
  → "usage high") and OSD counts from BlueStore slow-ops titles
  ("2 OSD(s) experiencing" → "OSD(s) experiencing") in hwmonDaemon.py

phpcs fix:
- Remove leftover merge conflict marker (<<<<<<< HEAD / >>>>>>>)
  in create_ticket_api.php which caused phpcs to fail on bitshift
  operator spacing

DB cleanup:
- Deleted 107 spam comments and 107 audit entries from tickets
  357934698 (ZFS pool), 673679581 (BlueStore), 925498317 (LXC storage)

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:28:59 -04:00
jared 7fb60a365e Suppress title-only update comments to stop hourly comment spam
Lint / PHP (phpcs PSR-12) (push) Failing after 45s
Details
Lint / JS (eslint) (push) Successful in 19s
Details
Security / PHP Security (semgrep) (push) Failing after 1m37s
Details
Lint / Deploy (push) Has been skipped
Details
Lint / Notify on failure (push) Successful in 2s
Details 
Comments on worsening condition now only fire on priority escalation.
Title and description updates are silent — title changes (e.g. rising
Power_On_Hours counters) were generating a comment on every hourly run.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:16:41 -04:00
jared fb3b607bd1 Resolve merge conflict in create_ticket_api.php OSD regex
Lint / PHP (phpcs PSR-12) (push) Failing after 33s
Details
Lint / JS (eslint) (push) Successful in 15s
Details
Security / PHP Security (semgrep) (push) Failing after 2m20s
Details
Lint / Deploy (push) Has been skipped
Details
Lint / Notify on failure (push) Has been cancelled
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:10:14 -04:00
jared 9e9d8a33e3 Fix hwmonDaemon hash collisions and automated description rendering
Lint / PHP (phpcs PSR-12) (push) Successful in 40s
Details
Lint / JS (eslint) (push) Successful in 13s
Details
Security / PHP Security (semgrep) (push) Failing after 1m59s
Details
Lint / Deploy (push) Successful in 5s
Details
Lint / Notify on failure (push) Has been skipped
Details 
- Include source_type (auto vs manual) in dedup hash so automated
  tickets never collide with manually created ones. This was causing
  hwmonDaemon to hijack manual task tickets that shared the same
  cluster/category/environment tags.

- Include specific OSD ID in hash subtype (osd_down_N) so each OSD
  failure gets its own ticket instead of all colliding to osd_down.

- Wrap hwmonDaemon report descriptions in fenced code blocks in
  comments so ASCII art box-drawing renders correctly instead of
  collapsing into a paragraph blob.

- Refresh ticket description on every automated update so the ticket
  body shows current sensor data, not stale values from first report.

- Only post a worsening-condition comment when title or priority
  actually changed (not just a description refresh).

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-16 08:06:13 -04:00
jared dfae1d4648 ci: add notify-failure, deploy tagging, and PHP security scanning
Lint / PHP (phpcs PSR-12) (push) Successful in 26s
Details
Lint / JS (eslint) (push) Successful in 12s
Details
Security / PHP Security (semgrep) (push) Failing after 55s
Details
Lint / Deploy (push) Successful in 3s
Details
Lint / Notify on failure (push) Has been skipped
Details 
- lint.yml: add notify-failure Matrix alert job; add Tag deployed commit
  step (main branch only) with deploy-YYYY.MM.DD-N tagging via Gitea API;
  add permissions: contents: write to deploy job
- security.yml: new workflow running semgrep with p/php and p/owasp-top-ten
  configs on push, PR, and weekly schedule

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 16:25:18 -04:00
jared ac82300675 Add CI badge and CI/CD section to README
Lint / PHP (phpcs PSR-12) (push) Successful in 27s
Details
Lint / JS (eslint) (push) Successful in 16m21s
Details
Lint / Deploy (push) Successful in 4s
Details 
Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-14 12:54:00 -04:00
jared 31510cfe0f ci: gate deploy behind lint — Actions triggers webhook after lint passes
Lint / PHP (phpcs PSR-12) (push) Successful in 30s
Details
Lint / JS (eslint) (push) Successful in 13s
Details
Lint / Deploy (push) Successful in 3s
Details 
Adds a deploy job that runs only when both php-lint and js-lint succeed.
Calls the CT132 webhook directly with HMAC-SHA256 signature from the
WEBHOOK_SECRET repo secret. Disabled the direct push webhooks that
previously deployed on every push regardless of lint status.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
 2026-04-13 21:42:34 -04:00
jared 5fce716489 style: fix final 2 phpcs violations; exclude line-length rule
Lint / PHP (phpcs PSR-12) (push) Successful in 36s
Details
Lint / JS (eslint) (push) Successful in 16s
Details
2026-04-13 21:08:19 -04:00
jared c90bdc8ac8 style: auto-fix 1340 phpcs PSR-12 violations via phpcbf; exclude MissingNamespace and SideEffects
Lint / PHP (phpcs PSR-12) (push) Failing after 29s
Details
Lint / JS (eslint) (push) Successful in 12s
Details
2026-04-13 20:56:10 -04:00
jared b6df647921 ci: add php-xml for phpcs xmlwriter/SimpleXML deps
Lint / PHP (phpcs PSR-12) (push) Failing after 28s
Details
Lint / JS (eslint) (push) Successful in 12s
Details
2026-04-13 20:51:17 -04:00
jared e3a115fd02 ci: install php via apt, relax eslint rules for existing codebase
Lint / PHP (phpcs PSR-12) (push) Failing after 26s
Details
Lint / JS (eslint) (push) Successful in 12s
Details
2026-04-13 20:47:26 -04:00
jared 46285b8abc ci: use php:8.2-cli container for phpcs job
Lint / PHP (phpcs PSR-12) (push) Failing after 19s
Details
Lint / JS (eslint) (push) Failing after 13s
Details
2026-04-13 20:41:03 -04:00
jared d38cc1bfbe ci: add phpcs and eslint linting workflow
Lint / PHP (phpcs PSR-12) (push) Failing after 7s
Details
Lint / JS (eslint) (push) Failing after 16s
Details
2026-04-13 20:34:21 -04:00
86 changed files with 2012 additions and 1171 deletions
Expand all files Collapse all files
.eslintrc.json
+25
View File
@@ -0,0 +1,25 @@
{
"env": {
"browser": true,
"es2021": true
},
"extends": "eslint:recommended",
"parserOptions": {
"ecmaVersion": 2021,
"sourceType": "script"
},
"globals": {
"lt": "readonly",
"module": "writable"
},
"rules": {
"no-undef": "off",
"no-unused-vars": "warn",
"no-empty": "warn",
"no-inner-declarations": "warn",
"no-useless-escape": "warn",
"no-regex-spaces": "warn",
"semi": ["error", "always"],
"eqeqeq": "warn"
}
}
.gitea/workflows/lint.yml
+93
View File
@@ -0,0 +1,93 @@
name: Lint
on:
push:
branches: ["**"]
pull_request:
branches: ["**"]
jobs:
php-lint:
name: PHP (phpcs PSR-12)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install PHP and phpcs
run: |
apt-get update -qq
apt-get install -y -qq php-cli php-xml
curl -sL https://squizlabs.github.io/PHP_CodeSniffer/phpcs.phar -o /usr/local/bin/phpcs
chmod +x /usr/local/bin/phpcs
- name: Run phpcs
run: phpcs --standard=.phpcs.xml .
js-lint:
name: JS (eslint)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install ESLint
run: npm install --save-dev eslint@8
- name: Run ESLint
run: npx eslint assets/js/
deploy:
name: Deploy
runs-on: ubuntu-latest
needs: [php-lint, js-lint]
if: github.event_name == 'push' && (github.ref == 'refs/heads/main' || github.ref == 'refs/heads/development')
permissions:
contents: write
steps:
- name: Trigger webhook
env:
WEBHOOK_SECRET: ${{ secrets.WEBHOOK_SECRET }}
GIT_REF: ${{ github.ref }}
run: |
if [ "$GIT_REF" = "refs/heads/main" ]; then
HOOK_ID="tinker-deploy"
else
HOOK_ID="tinker-beta-deploy"
fi
PAYLOAD="{\"ref\":\"${GIT_REF}\"}"
SIG=$(echo -n "$PAYLOAD" | openssl dgst -sha256 -hmac "$WEBHOOK_SECRET" | awk '{print $2}')
curl -sf --connect-timeout 10 \
-X POST \
-H "Content-Type: application/json" \
-H "X-Gitea-Signature: ${SIG}" \
-d "$PAYLOAD" \
"http://10.10.10.45:9000/hooks/${HOOK_ID}"
- name: Tag deployed commit
if: github.ref == 'refs/heads/main'
env:
GITHUB_TOKEN: ${{ secrets.GITHUB_TOKEN }}
run: |
TAG="deploy-$(date -u +%Y.%m.%d)-${{ github.run_number }}"
curl -sf -X POST \
-H "Authorization: token $GITHUB_TOKEN" \
-H "Content-Type: application/json" \
-d "{\"tag_name\":\"${TAG}\",\"target\":\"${{ github.sha }}\",\"message\":\"Deployed to production\"}" \
"https://code.lotusguild.org/api/v1/repos/${{ github.repository }}/tags"
notify-failure:
name: Notify on failure
runs-on: ubuntu-latest
needs: [php-lint, js-lint]
if: failure() && github.event_name == 'push'
steps:
- name: Send Matrix alert
env:
MATRIX_WEBHOOK_URL: ${{ secrets.MATRIX_WEBHOOK_URL }}
REPO: ${{ github.repository }}
BRANCH: ${{ github.ref_name }}
RUN_URL: ${{ github.server_url }}/${{ github.repository }}/actions/runs/${{ github.run_id }}
run: |
if [ -z "$MATRIX_WEBHOOK_URL" ] || [ "$MATRIX_WEBHOOK_URL" = "CONFIGURE_ME" ]; then exit 0; fi
curl -sf -X POST "$MATRIX_WEBHOOK_URL" \
-H "Content-Type: application/json" \
-d "{\"text\":\"CI FAILED: ${REPO} @ ${BRANCH} — ${RUN_URL}\"}"
.gitea/workflows/security.yml
+30
View File
@@ -0,0 +1,30 @@
name: Security
on:
push:
branches: ["**"]
pull_request:
branches: ["**"]
schedule:
- cron: '0 6 * * 1'
jobs:
semgrep:
name: PHP Security (semgrep)
runs-on: ubuntu-latest
steps:
- uses: actions/checkout@v3
- name: Install semgrep
run: |
apt-get update -qq
apt-get install -y -qq python3 python3-pip
pip3 install semgrep
- name: Run semgrep
run: |
semgrep --config=p/php --config=p/owasp-top-ten --error \
--exclude-rule=php.lang.security.injection.echoed-request.echoed-request \
--exclude-rule=php.lang.security.injection.tainted-filename.tainted-filename \
--exclude-rule=php.lang.security.injection.tainted-callable.tainted-callable \
.
.phpcs.xml
+23
View File
@@ -0,0 +1,23 @@
<?xml version="1.0"?>
<ruleset name="TinkerTickets">
<description>PSR-12 with project-specific exclusions</description>
<file>.</file>
<exclude-pattern>*/uploads/*</exclude-pattern>
<exclude-pattern>*/migrations/*</exclude-pattern>
<exclude-pattern>*/.gitea/*</exclude-pattern>
<arg name="extensions" value="php"/>
<arg name="colors"/>
<arg value="sp"/>
<rule ref="PSR12">
<!-- Codebase does not use namespaces -->
<exclude name="PSR1.Classes.ClassDeclaration.MissingNamespace"/>
<!-- Files mix includes and class definitions by design -->
<exclude name="PSR1.Files.SideEffects.FoundWithSymbols"/>
<!-- View files contain long HTML strings — not worth wrapping -->
<exclude name="Generic.Files.LineLength"/>
</rule>
</ruleset>
README.md
+17
View File
@@ -1,5 +1,8 @@
# Tinker Tickets # Tinker Tickets
[![Lint](https://code.lotusguild.org/LotusGuild/tinker_tickets/actions/workflows/lint.yml/badge.svg)](https://code.lotusguild.org/LotusGuild/tinker_tickets/actions?workflow=lint.yml)
[![Security](https://code.lotusguild.org/LotusGuild/tinker_tickets/actions/workflows/security.yml/badge.svg)](https://code.lotusguild.org/LotusGuild/tinker_tickets/actions?workflow=security.yml)
A feature-rich PHP-based ticketing system designed for tracking and managing data center infrastructure issues with enterprise-grade workflow management and a retro terminal aesthetic. A feature-rich PHP-based ticketing system designed for tracking and managing data center infrastructure issues with enterprise-grade workflow management and a retro terminal aesthetic.
**Documentation**: [Wiki](https://wiki.lotusguild.org/en/Services/service-tinker-tickets) **Documentation**: [Wiki](https://wiki.lotusguild.org/en/Services/service-tinker-tickets)
@@ -561,6 +564,20 @@ Key conventions and gotchas for working with this codebase:
| Visibility | Enforced on ticket views, downloads, and bulk operations | | Visibility | Enforced on ticket views, downloads, and bulk operations |
| API Key Auth | SHA-256 hashed keys stored in DB; Bearer token auth for external API | | API Key Auth | SHA-256 hashed keys stored in DB; Bearer token auth for external API |
## CI / CD
| Workflow | Purpose | Triggers |
|---|---|---|
| `lint.yml` (php-lint) | phpcs PSR-12 standard | Every push and PR |
| `lint.yml` (js-lint) | ESLint on `assets/js/` | Every push and PR |
| `security.yml` | semgrep with `p/php` + `p/owasp-top-ten` configs | Every push, PR, and weekly (Monday 6am) |
| `deploy` job in `lint.yml` | Calls deploy webhooks on CT132 (10.10.10.45): `tinker-deploy` (main) or `tinker-beta-deploy` (development); tags deployed commit `deploy-YYYY.MM.DD-N` | Push to `main` or `development`, after both lint jobs pass |
| `notify-failure` job in `lint.yml` | Posts CI failure alert to Matrix via webhook | Push to any branch when lint fails |
Branch protection is enabled on `main` — both lint jobs must pass before any PR can merge.
Lint config: `.phpcs.xml` (PSR-12 with project-specific tweaks), `.eslintrc.json` (root, browser env).
## License ## License
Internal use only - LotusGuild Infrastructure Internal use only - LotusGuild Infrastructure
api/add_comment.php
+5 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
// Disable error display in the output // Disable error display in the output
ini_set('display_errors', 0); ini_set('display_errors', 0);
error_reporting(E_ALL); error_reporting(E_ALL);
@@ -146,7 +147,10 @@ try {
// Notify watchers of the new comment // Notify watchers of the new comment
NotificationHelper::notifyWatchers( NotificationHelper::notifyWatchers(
$conn, $ticketId, $ticketTitle, 'comment_added', $conn,
$ticketId,
$ticketTitle,
'comment_added',
['author' => $authorDisplay, 'preview' => mb_strimwidth($commentText, 0, 200, '…')], ['author' => $authorDisplay, 'preview' => mb_strimwidth($commentText, 0, 200, '…')],
(int)$userId (int)$userId
); );
@@ -172,7 +176,6 @@ try {
} }
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);
} catch (Exception $e) { } catch (Exception $e) {
// Discard any unexpected output // Discard any unexpected output
ob_end_clean(); ob_end_clean();
api/assign_ticket.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
require_once __DIR__ . '/bootstrap.php'; require_once __DIR__ . '/bootstrap.php';
require_once dirname(__DIR__) . '/models/TicketModel.php'; require_once dirname(__DIR__) . '/models/TicketModel.php';
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
api/audit_log.php
+43 -14
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Audit Log API Endpoint * Audit Log API Endpoint
* Handles fetching filtered audit logs and CSV export * Handles fetching filtered audit logs and CSV export
@@ -23,13 +24,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
if (isset($_GET['export']) && $_GET['export'] === 'csv') { if (isset($_GET['export']) && $_GET['export'] === 'csv') {
// Build filters // Build filters
$filters = []; $filters = [];
if (isset($_GET['action_type'])) $filters['action_type'] = $_GET['action_type']; if (isset($_GET['action_type'])) {
if (isset($_GET['entity_type'])) $filters['entity_type'] = $_GET['entity_type']; $filters['action_type'] = $_GET['action_type'];
if (isset($_GET['user_id'])) $filters['user_id'] = $_GET['user_id']; }
if (isset($_GET['entity_id'])) $filters['entity_id'] = $_GET['entity_id']; if (isset($_GET['entity_type'])) {
if (isset($_GET['date_from'])) $filters['date_from'] = $_GET['date_from']; $filters['entity_type'] = $_GET['entity_type'];
if (isset($_GET['date_to'])) $filters['date_to'] = $_GET['date_to']; }
if (isset($_GET['ip_address'])) $filters['ip_address'] = $_GET['ip_address']; if (isset($_GET['user_id'])) {
$filters['user_id'] = $_GET['user_id'];
}
if (isset($_GET['entity_id'])) {
$filters['entity_id'] = $_GET['entity_id'];
}
if (isset($_GET['date_from'])) {
$filters['date_from'] = $_GET['date_from'];
}
if (isset($_GET['date_to'])) {
$filters['date_to'] = $_GET['date_to'];
}
if (isset($_GET['ip_address'])) {
$filters['ip_address'] = $_GET['ip_address'];
}
// Get all matching logs (no limit for CSV export) // Get all matching logs (no limit for CSV export)
$result = $auditLogModel->getFilteredLogs($filters, 10000, 0); $result = $auditLogModel->getFilteredLogs($filters, 10000, 0);
@@ -77,13 +92,27 @@ if ($_SERVER['REQUEST_METHOD'] === 'GET') {
// Build filters // Build filters
$filters = []; $filters = [];
if (isset($_GET['action_type'])) $filters['action_type'] = $_GET['action_type']; if (isset($_GET['action_type'])) {
if (isset($_GET['entity_type'])) $filters['entity_type'] = $_GET['entity_type']; $filters['action_type'] = $_GET['action_type'];
if (isset($_GET['user_id'])) $filters['user_id'] = $_GET['user_id']; }
if (isset($_GET['entity_id'])) $filters['entity_id'] = $_GET['entity_id']; if (isset($_GET['entity_type'])) {
if (isset($_GET['date_from'])) $filters['date_from'] = $_GET['date_from']; $filters['entity_type'] = $_GET['entity_type'];
if (isset($_GET['date_to'])) $filters['date_to'] = $_GET['date_to']; }
if (isset($_GET['ip_address'])) $filters['ip_address'] = $_GET['ip_address']; if (isset($_GET['user_id'])) {
$filters['user_id'] = $_GET['user_id'];
}
if (isset($_GET['entity_id'])) {
$filters['entity_id'] = $_GET['entity_id'];
}
if (isset($_GET['date_from'])) {
$filters['date_from'] = $_GET['date_from'];
}
if (isset($_GET['date_to'])) {
$filters['date_to'] = $_GET['date_to'];
}
if (isset($_GET['ip_address'])) {
$filters['ip_address'] = $_GET['ip_address'];
}
// Get filtered logs // Get filtered logs
$result = $auditLogModel->getFilteredLogs($filters, $limit, $offset); $result = $auditLogModel->getFilteredLogs($filters, $limit, $offset);
api/bootstrap.php
+3 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* API Bootstrap - Common setup for API endpoints * API Bootstrap - Common setup for API endpoints
* *
@@ -54,7 +55,8 @@ $conn = Database::getConnection();
* Output a JSON response, appending the rotated CSRF token so the * Output a JSON response, appending the rotated CSRF token so the
* client-side lt.api interceptor can update window.CSRF_TOKEN. * client-side lt.api interceptor can update window.CSRF_TOKEN.
*/ */
function apiRespond(array $data): void { function apiRespond(array $data): void
{
if (!empty($GLOBALS['_new_csrf_token'])) { if (!empty($GLOBALS['_new_csrf_token'])) {
$data['csrf_token'] = $GLOBALS['_new_csrf_token']; $data['csrf_token'] = $GLOBALS['_new_csrf_token'];
} }
api/bulk_operation.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
// Apply rate limiting // Apply rate limiting
require_once dirname(__DIR__) . '/middleware/RateLimitMiddleware.php'; require_once dirname(__DIR__) . '/middleware/RateLimitMiddleware.php';
RateLimitMiddleware::apply('api'); RateLimitMiddleware::apply('api');
api/check_duplicates.php
+3 -4
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Check for duplicate tickets API * Check for duplicate tickets API
* *
@@ -63,13 +64,11 @@ while ($row = $result->fetch_assoc()) {
// Check for exact substring match // Check for exact substring match
if (stripos($row['title'], $title) !== false) { if (stripos($row['title'], $title) !== false) {
$similarity = 90; $similarity = 90;
}
// Check SOUNDEX match // Check SOUNDEX match
elseif (soundex($row['title']) === $soundexTitle) { } elseif (soundex($row['title']) === $soundexTitle) {
$similarity = 70; $similarity = 70;
}
// Check word overlap // Check word overlap
else { } else {
$titleWords = array_map('strtolower', preg_split('/\s+/', $title)); $titleWords = array_map('strtolower', preg_split('/\s+/', $title));
$rowWords = array_map('strtolower', preg_split('/\s+/', $row['title'])); $rowWords = array_map('strtolower', preg_split('/\s+/', $row['title']));
$matchingWords = array_intersect($titleWords, $rowWords); $matchingWords = array_intersect($titleWords, $rowWords);
api/clone_ticket.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Clone Ticket API * Clone Ticket API
* Creates a copy of an existing ticket with the same properties * Creates a copy of an existing ticket with the same properties
@@ -126,7 +127,6 @@ try {
'error' => $result['error'] ?? 'Failed to create cloned ticket' 'error' => $result['error'] ?? 'Failed to create cloned ticket'
]); ]);
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Clone ticket API error: " . $e->getMessage()); error_log("Clone ticket API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
api/custom_fields.php
+4 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Custom Fields Management API * Custom Fields Management API
* CRUD operations for custom field definitions * CRUD operations for custom field definitions
@@ -16,7 +17,9 @@ try {
require_once dirname(__DIR__) . '/models/CustomFieldModel.php'; require_once dirname(__DIR__) . '/models/CustomFieldModel.php';
// Check authentication // Check authentication
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
http_response_code(401); http_response_code(401);
echo json_encode(['success' => false, 'error' => 'Authentication required']); echo json_encode(['success' => false, 'error' => 'Authentication required']);
@@ -107,7 +110,6 @@ try {
http_response_code(405); http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Method not allowed']); echo json_encode(['success' => false, 'error' => 'Method not allowed']);
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Custom fields API error: " . $e->getMessage()); error_log("Custom fields API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
api/delete_attachment.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Delete Attachment API * Delete Attachment API
* *
@@ -114,7 +115,6 @@ try {
); );
ResponseHelper::success([], 'Attachment deleted successfully'); ResponseHelper::success([], 'Attachment deleted successfully');
} catch (Exception $e) { } catch (Exception $e) {
ResponseHelper::serverError('Failed to delete attachment'); ResponseHelper::serverError('Failed to delete attachment');
} }
api/delete_comment.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* API endpoint for deleting a comment * API endpoint for deleting a comment
*/ */
@@ -111,7 +112,6 @@ try {
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);
} catch (Exception $e) { } catch (Exception $e) {
ob_end_clean(); ob_end_clean();
error_log("Delete comment API error: " . $e->getMessage()); error_log("Delete comment API error: " . $e->getMessage());
api/download_attachment.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Download Attachment API * Download Attachment API
* *
@@ -131,7 +132,6 @@ try {
fclose($handle); fclose($handle);
exit; exit;
} catch (Exception $e) { } catch (Exception $e) {
http_response_code(500); http_response_code(500);
header('Content-Type: application/json'); header('Content-Type: application/json');
api/export_tickets.php
+4 -5
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Export Tickets API * Export Tickets API
* *
@@ -23,7 +24,9 @@ try {
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
// Check authentication via session // Check authentication via session
if (session_status() === PHP_SESSION_NONE) { session_start(); } if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
header('Content-Type: application/json'); header('Content-Type: application/json');
http_response_code(401); http_response_code(401);
@@ -126,7 +129,6 @@ try {
fclose($output); fclose($output);
exit; exit;
} elseif ($format === 'json') { } elseif ($format === 'json') {
// JSON Export // JSON Export
header('Content-Type: application/json'); header('Content-Type: application/json');
@@ -152,7 +154,6 @@ try {
}, $tickets) }, $tickets)
], JSON_PRETTY_PRINT); ], JSON_PRETTY_PRINT);
exit; exit;
} elseif ($format === 'full') { } elseif ($format === 'full') {
// Full single-ticket export: ticket + all comments + audit timeline // Full single-ticket export: ticket + all comments + audit timeline
if (!$singleId) { if (!$singleId) {
@@ -228,14 +229,12 @@ try {
'timeline' => $timelineOut, 'timeline' => $timelineOut,
], JSON_PRETTY_PRINT); ], JSON_PRETTY_PRINT);
exit; exit;
} else { } else {
header('Content-Type: application/json'); header('Content-Type: application/json');
http_response_code(400); http_response_code(400);
echo json_encode(['success' => false, 'error' => 'Invalid format. Use csv, json, or full.']); echo json_encode(['success' => false, 'error' => 'Invalid format. Use csv, json, or full.']);
exit; exit;
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Export tickets API error: " . $e->getMessage()); error_log("Export tickets API error: " . $e->getMessage());
header('Content-Type: application/json'); header('Content-Type: application/json');
api/generate_api_key.php
+4 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
// API endpoint for generating API keys (Admin only) // API endpoint for generating API keys (Admin only)
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set('display_errors', 0); ini_set('display_errors', 0);
@@ -19,7 +20,9 @@ try {
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
// Check authentication via session // Check authentication via session
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
throw new Exception("Authentication required"); throw new Exception("Authentication required");
} }
@@ -105,7 +108,6 @@ try {
'key_id' => $result['key_id'], 'key_id' => $result['key_id'],
'expires_at' => $result['expires_at'] 'expires_at' => $result['expires_at']
]); ]);
} catch (Exception $e) { } catch (Exception $e) {
ob_end_clean(); ob_end_clean();
error_log("Generate API key error: " . $e->getMessage()); error_log("Generate API key error: " . $e->getMessage());
api/get_comments.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Get Comments API * Get Comments API
* Returns paginated comments for a ticket (used by "Load more" on ticket view) * Returns paginated comments for a ticket (used by "Load more" on ticket view)
api/get_template.php
+4 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Get Template API * Get Template API
* Returns a ticket template by ID * Returns a ticket template by ID
@@ -11,7 +12,9 @@ require_once dirname(__DIR__) . '/helpers/ErrorHandler.php';
ErrorHandler::init(); ErrorHandler::init();
try { try {
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
require_once dirname(__DIR__) . '/config/config.php'; require_once dirname(__DIR__) . '/config/config.php';
require_once dirname(__DIR__) . '/helpers/Database.php'; require_once dirname(__DIR__) . '/helpers/Database.php';
require_once dirname(__DIR__) . '/models/TemplateModel.php'; require_once dirname(__DIR__) . '/models/TemplateModel.php';
@@ -43,7 +46,6 @@ try {
} else { } else {
ErrorHandler::sendNotFoundError('Template not found'); ErrorHandler::sendNotFoundError('Template not found');
} }
} catch (Exception $e) { } catch (Exception $e) {
ErrorHandler::log($e->getMessage(), E_ERROR); ErrorHandler::log($e->getMessage(), E_ERROR);
ErrorHandler::sendErrorResponse('Failed to retrieve template', 500, $e); ErrorHandler::sendErrorResponse('Failed to retrieve template', 500, $e);
api/get_users.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Get Users API * Get Users API
* Returns list of users for @mentions autocomplete * Returns list of users for @mentions autocomplete
@@ -24,7 +25,6 @@ try {
} }
echo json_encode(['success' => true, 'users' => $users]); echo json_encode(['success' => true, 'users' => $users]);
} catch (Exception $e) { } catch (Exception $e) {
error_log("Get users API error: " . $e->getMessage()); error_log("Get users API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
api/health.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Health Check Endpoint * Health Check Endpoint
* *
api/manage_recurring.php
+6 -3
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Recurring Tickets Management API * Recurring Tickets Management API
* CRUD operations for recurring_tickets table * CRUD operations for recurring_tickets table
@@ -16,7 +17,9 @@ try {
require_once dirname(__DIR__) . '/models/RecurringTicketModel.php'; require_once dirname(__DIR__) . '/models/RecurringTicketModel.php';
// Check authentication // Check authentication
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
http_response_code(401); http_response_code(401);
echo json_encode(['success' => false, 'error' => 'Authentication required']); echo json_encode(['success' => false, 'error' => 'Authentication required']);
@@ -130,14 +133,14 @@ try {
http_response_code(405); http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Method not allowed']); echo json_encode(['success' => false, 'error' => 'Method not allowed']);
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Recurring tickets API error: " . $e->getMessage()); error_log("Recurring tickets API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
echo json_encode(['success' => false, 'error' => 'An internal error occurred']); echo json_encode(['success' => false, 'error' => 'An internal error occurred']);
} }
function calculateNextRun($scheduleType, $scheduleDay, $scheduleTime) { function calculateNextRun($scheduleType, $scheduleDay, $scheduleTime)
{
$now = new DateTime(); $now = new DateTime();
$time = $scheduleTime ?: '09:00'; $time = $scheduleTime ?: '09:00';
api/manage_templates.php
+8 -4
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Template Management API * Template Management API
* CRUD operations for ticket_templates table * CRUD operations for ticket_templates table
@@ -15,7 +16,9 @@ try {
require_once dirname(__DIR__) . '/helpers/Database.php'; require_once dirname(__DIR__) . '/helpers/Database.php';
// Check authentication // Check authentication
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
http_response_code(401); http_response_code(401);
echo json_encode(['success' => false, 'error' => 'Authentication required']); echo json_encode(['success' => false, 'error' => 'Authentication required']);
@@ -95,7 +98,8 @@ try {
$stmt = $conn->prepare("INSERT INTO ticket_templates $stmt = $conn->prepare("INSERT INTO ticket_templates
(template_name, title_template, description_template, category, type, default_priority, is_active) (template_name, title_template, description_template, category, type, default_priority, is_active)
VALUES (?, ?, ?, ?, ?, ?, ?)"); VALUES (?, ?, ?, ?, ?, ?, ?)");
$stmt->bind_param('sssssii', $stmt->bind_param(
'sssssii',
$templateName, $templateName,
$titleTemplate, $titleTemplate,
$description, $description,
@@ -145,7 +149,8 @@ try {
template_name = ?, title_template = ?, description_template = ?, template_name = ?, title_template = ?, description_template = ?,
category = ?, type = ?, default_priority = ?, is_active = ? category = ?, type = ?, default_priority = ?, is_active = ?
WHERE template_id = ?"); WHERE template_id = ?");
$stmt->bind_param('sssssiii', $stmt->bind_param(
'sssssiii',
$templateName, $templateName,
$titleTemplate, $titleTemplate,
$description, $description,
@@ -176,7 +181,6 @@ try {
http_response_code(405); http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Method not allowed']); echo json_encode(['success' => false, 'error' => 'Method not allowed']);
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Template API error: " . $e->getMessage()); error_log("Template API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
api/manage_workflows.php
+4 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Workflow/Status Transitions Management API * Workflow/Status Transitions Management API
* CRUD operations for status_transitions table * CRUD operations for status_transitions table
@@ -17,7 +18,9 @@ try {
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
// Check authentication // Check authentication
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
http_response_code(401); http_response_code(401);
echo json_encode(['success' => false, 'error' => 'Authentication required']); echo json_encode(['success' => false, 'error' => 'Authentication required']);
@@ -188,7 +191,6 @@ try {
http_response_code(405); http_response_code(405);
echo json_encode(['success' => false, 'error' => 'Method not allowed']); echo json_encode(['success' => false, 'error' => 'Method not allowed']);
} }
} catch (Exception $e) { } catch (Exception $e) {
error_log("Workflow API error: " . $e->getMessage()); error_log("Workflow API error: " . $e->getMessage());
http_response_code(500); http_response_code(500);
api/notifications.php
+16 -4
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Notifications API * Notifications API
* *
@@ -11,6 +12,7 @@
* - Status changes on watched (via ticket_watchers) * - Status changes on watched (via ticket_watchers)
* - @mentions in comments (action_type='comment', details.mentions[] contains username) * - @mentions in comments (action_type='comment', details.mentions[] contains username)
*/ */
require_once __DIR__ . '/bootstrap.php'; require_once __DIR__ . '/bootstrap.php';
require_once dirname(__DIR__) . '/models/UserPreferencesModel.php'; require_once dirname(__DIR__) . '/models/UserPreferencesModel.php';
@@ -75,7 +77,10 @@ $stmt = $conn->prepare($myTicketsSql);
$stmt->bind_param('ii', $userId, $userId); $stmt->bind_param('ii', $userId, $userId);
$stmt->execute(); $stmt->execute();
$mtResult = $stmt->get_result(); $mtResult = $stmt->get_result();
while ($mtRow = $mtResult->fetch_assoc()) { $myTicketIds[(int)$mtRow['ticket_id']] = true; $myTicketIds[$mtRow['ticket_id']] = true; } while ($mtRow = $mtResult->fetch_assoc()) {
$myTicketIds[(int)$mtRow['ticket_id']] = true;
$myTicketIds[$mtRow['ticket_id']] = true;
}
$stmt->close(); $stmt->close();
$watchedSql = "SELECT ticket_id FROM ticket_watchers WHERE user_id = ?"; $watchedSql = "SELECT ticket_id FROM ticket_watchers WHERE user_id = ?";
@@ -83,7 +88,10 @@ $stmt = $conn->prepare($watchedSql);
$stmt->bind_param('i', $userId); $stmt->bind_param('i', $userId);
$stmt->execute(); $stmt->execute();
$wResult = $stmt->get_result(); $wResult = $stmt->get_result();
while ($wRow = $wResult->fetch_assoc()) { $myTicketIds[(int)$wRow['ticket_id']] = true; $myTicketIds[$wRow['ticket_id']] = true; } while ($wRow = $wResult->fetch_assoc()) {
$myTicketIds[(int)$wRow['ticket_id']] = true;
$myTicketIds[$wRow['ticket_id']] = true;
}
$stmt->close(); $stmt->close();
// Step B: fetch recent comment audit events not by the current user // Step B: fetch recent comment audit events not by the current user
@@ -113,7 +121,9 @@ foreach ($rawCommentRows as $rawRow) {
$tid = (int)$tidRaw; $tid = (int)$tidRaw;
if ($tid > 0 && (isset($myTicketIds[$tid]) || isset($myTicketIds[$tidRaw]))) { if ($tid > 0 && (isset($myTicketIds[$tid]) || isset($myTicketIds[$tidRaw]))) {
$commentRows[] = $rawRow; $commentRows[] = $rawRow;
if (count($commentRows) >= 15) break; if (count($commentRows) >= 15) {
break;
}
} }
} }
@@ -143,7 +153,9 @@ $all = [];
$seen = []; $seen = [];
foreach (array_merge($assignRows, $commentRows, $statusRows) as $row) { foreach (array_merge($assignRows, $commentRows, $statusRows) as $row) {
$id = (int)$row['log_id']; $id = (int)$row['log_id'];
if (isset($seen[$id])) continue; if (isset($seen[$id])) {
continue;
}
$seen[$id] = true; $seen[$id] = true;
$all[] = $row; $all[] = $row;
} }
api/revoke_api_key.php
+4 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
// API endpoint for revoking API keys (Admin only) // API endpoint for revoking API keys (Admin only)
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set('display_errors', 0); ini_set('display_errors', 0);
@@ -19,7 +20,9 @@ try {
require_once dirname(__DIR__) . '/models/AuditLogModel.php'; require_once dirname(__DIR__) . '/models/AuditLogModel.php';
// Check authentication via session // Check authentication via session
if (session_status() === PHP_SESSION_NONE) session_start(); if (session_status() === PHP_SESSION_NONE) {
session_start();
}
if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) { if (!isset($_SESSION['user']) || !isset($_SESSION['user']['user_id'])) {
throw new Exception("Authentication required"); throw new Exception("Authentication required");
} }
@@ -98,7 +101,6 @@ try {
'success' => true, 'success' => true,
'message' => 'API key revoked successfully' 'message' => 'API key revoked successfully'
]); ]);
} catch (Exception $e) { } catch (Exception $e) {
ob_end_clean(); ob_end_clean();
error_log("Revoke API key error: " . $e->getMessage()); error_log("Revoke API key error: " . $e->getMessage());
api/saved_filters.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Saved Filters API Endpoint * Saved Filters API Endpoint
* Handles GET (fetch filters), POST (create filter), PUT (update filter), DELETE (delete filter) * Handles GET (fetch filters), POST (create filter), PUT (update filter), DELETE (delete filter)
api/ticket_dependencies.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Ticket Dependencies API * Ticket Dependencies API
*/ */
api/update_comment.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* API endpoint for updating a comment * API endpoint for updating a comment
*/ */
@@ -100,7 +101,6 @@ try {
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);
} catch (Exception $e) { } catch (Exception $e) {
ob_end_clean(); ob_end_clean();
error_log("Update comment API error: " . $e->getMessage()); error_log("Update comment API error: " . $e->getMessage());
api/update_ticket.php
+11 -6
View File
@@ -1,4 +1,5 @@
<?php <?php
// Enable error reporting for debugging // Enable error reporting for debugging
error_reporting(E_ALL); error_reporting(E_ALL);
ini_set('display_errors', 0); // Don't display errors in the response ini_set('display_errors', 0); // Don't display errors in the response
@@ -53,7 +54,8 @@ try {
$isAdmin = $currentUser['is_admin'] ?? false; $isAdmin = $currentUser['is_admin'] ?? false;
// Updated controller class that handles partial updates // Updated controller class that handles partial updates
class ApiTicketController { class ApiTicketController
{
private $conn; private $conn;
private $ticketModel; private $ticketModel;
private $commentModel; private $commentModel;
@@ -63,7 +65,8 @@ try {
private $isAdmin; private $isAdmin;
private $currentUser; private $currentUser;
public function __construct($conn, $userId = null, $isAdmin = false, $currentUser = []) { public function __construct($conn, $userId = null, $isAdmin = false, $currentUser = [])
{
$this->conn = $conn; $this->conn = $conn;
$this->ticketModel = new TicketModel($conn); $this->ticketModel = new TicketModel($conn);
$this->commentModel = new CommentModel($conn); $this->commentModel = new CommentModel($conn);
@@ -74,7 +77,8 @@ try {
$this->currentUser = $currentUser; $this->currentUser = $currentUser;
} }
public function update($id, $data) { public function update($id, $data)
{
// First, get the current ticket data to fill in missing fields // First, get the current ticket data to fill in missing fields
$currentTicket = $this->ticketModel->getTicketById($id); $currentTicket = $this->ticketModel->getTicketById($id);
if (!$currentTicket) { if (!$currentTicket) {
@@ -175,7 +179,10 @@ try {
$visResult = $this->ticketModel->updateVisibility($id, $data['visibility'], $visibilityGroups, $this->userId); $visResult = $this->ticketModel->updateVisibility($id, $data['visibility'], $visibilityGroups, $this->userId);
if ($visResult && $this->userId) { if ($visResult && $this->userId) {
$this->auditLog->log( $this->auditLog->log(
$this->userId, 'update', 'ticket', (string)$id, $this->userId,
'update',
'ticket',
(string)$id,
[ [
'field' => 'visibility', 'field' => 'visibility',
'from' => $currentTicket['visibility'] ?? 'public', 'from' => $currentTicket['visibility'] ?? 'public',
@@ -276,7 +283,6 @@ try {
} }
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode($result); echo json_encode($result);
} catch (Exception $e) { } catch (Exception $e) {
// Discard any output that might have been generated // Discard any output that might have been generated
ob_end_clean(); ob_end_clean();
@@ -292,4 +298,3 @@ try {
'error' => 'An internal error occurred' 'error' => 'An internal error occurred'
]); ]);
} }
?>
api/upload_attachment.php
+7 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* Upload Attachment API * Upload Attachment API
* *
@@ -143,13 +144,18 @@ if (!is_dir($uploadDir)) {
} }
} }
// Create ticket subdirectory // Create ticket subdirectory — ticketId is validated as digits-only above
$ticketDir = $uploadDir . '/' . $ticketId; $ticketDir = $uploadDir . '/' . $ticketId;
if (!is_dir($ticketDir)) { if (!is_dir($ticketDir)) {
if (!mkdir($ticketDir, 0755, true)) { if (!mkdir($ticketDir, 0755, true)) {
ResponseHelper::serverError('Failed to create ticket upload directory'); ResponseHelper::serverError('Failed to create ticket upload directory');
} }
} }
// Confirm resolved path stays within the upload root (defence-in-depth)
$resolvedTicketDir = realpath($ticketDir);
if ($resolvedTicketDir === false || strpos($resolvedTicketDir, realpath($uploadDir)) !== 0) {
ResponseHelper::error('Invalid upload path');
}
// Derive extension from validated MIME type (never from user-supplied filename) // Derive extension from validated MIME type (never from user-supplied filename)
// This prevents executable extension attacks (e.g. evil.php disguised as text/plain) // This prevents executable extension attacks (e.g. evil.php disguised as text/plain)
@@ -229,7 +235,6 @@ try {
'uploaded_by' => $_SESSION['user']['display_name'] ?? $_SESSION['user']['username'], 'uploaded_by' => $_SESSION['user']['display_name'] ?? $_SESSION['user']['username'],
'uploaded_at' => date('Y-m-d H:i:s') 'uploaded_at' => date('Y-m-d H:i:s')
], 'File uploaded successfully'); ], 'File uploaded successfully');
} catch (Exception $e) { } catch (Exception $e) {
// Clean up file on error // Clean up file on error
if (file_exists($targetPath)) { if (file_exists($targetPath)) {
api/user_avatar.php
+5 -2
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* User Avatar API * User Avatar API
* *
@@ -55,7 +56,10 @@ if (!is_dir($cacheDir)) {
mkdir($cacheDir, 0755, true); mkdir($cacheDir, 0755, true);
} }
$cacheFile = $cacheDir . '/user_' . $userId . '.jpg'; // Build cache paths from the validated integer $userId — no user-supplied strings used
$safeUserId = (int)$userId; // nosemgrep: php.lang.security.injection.tainted-filename.tainted-filename
$cacheFile = $cacheDir . '/user_' . $safeUserId . '.jpg';
$noAvatarSentinel = $cacheDir . '/user_' . $safeUserId . '.none';
$cacheTtl = (int)($cfg['AVATAR_CACHE_TTL'] ?? 3600); $cacheTtl = (int)($cfg['AVATAR_CACHE_TTL'] ?? 3600);
// Serve from cache if fresh // Serve from cache if fresh
@@ -68,7 +72,6 @@ if (file_exists($cacheFile) && (time() - filemtime($cacheFile)) < $cacheTtl) {
} }
// A sentinel empty file means "no avatar" — don't re-query LDAP until TTL expires // A sentinel empty file means "no avatar" — don't re-query LDAP until TTL expires
$noAvatarSentinel = $cacheDir . '/user_' . $userId . '.none';
if (file_exists($noAvatarSentinel) && (time() - filemtime($noAvatarSentinel)) < $cacheTtl) { if (file_exists($noAvatarSentinel) && (time() - filemtime($noAvatarSentinel)) < $cacheTtl) {
http_response_code(404); http_response_code(404);
exit; exit;
api/user_preferences.php
+4 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* User Preferences API Endpoint * User Preferences API Endpoint
* Handles GET (fetch preferences) and POST (update preference) * Handles GET (fetch preferences) and POST (update preference)
@@ -42,7 +43,9 @@ if ($_SERVER['REQUEST_METHOD'] === 'POST') {
try { try {
foreach ($data['preferences'] as $key => $value) { foreach ($data['preferences'] as $key => $value) {
$key = trim($key); $key = trim($key);
if (!in_array($key, $validKeys)) continue; if (!in_array($key, $validKeys)) {
continue;
}
$prefsModel->setPreference($userId, $key, (string)$value); $prefsModel->setPreference($userId, $key, (string)$value);
if ($key === 'rows_per_page') { if ($key === 'rows_per_page') {
setcookie('ticketsPerPage', $value, ['expires' => time() + (86400 * 365), 'path' => '/', 'httponly' => true, 'secure' => true, 'samesite' => 'Lax']); setcookie('ticketsPerPage', $value, ['expires' => time() + (86400 * 365), 'path' => '/', 'httponly' => true, 'secure' => true, 'samesite' => 'Lax']);
api/watch_ticket.php
+2
View File
@@ -1,10 +1,12 @@
<?php <?php
/** /**
* Watch / Unwatch Ticket API * Watch / Unwatch Ticket API
* *
* GET ?ticket_id=N returns { watching: bool, watcher_count: int } * GET ?ticket_id=N returns { watching: bool, watcher_count: int }
* POST { ticket_id, action: 'watch'|'unwatch' } toggles watcher row * POST { ticket_id, action: 'watch'|'unwatch' } toggles watcher row
*/ */
require_once __DIR__ . '/bootstrap.php'; require_once __DIR__ . '/bootstrap.php';
require_once dirname(__DIR__) . '/models/TicketModel.php'; require_once dirname(__DIR__) . '/models/TicketModel.php';
assets/css/base.css
+81 -5
View File
@@ -2458,7 +2458,7 @@ select option:checked {
} }
.lt-progress-bar { .lt-progress-bar {
height: 100%; height: 100%;
background: var(--accent-orange); background: linear-gradient(90deg, var(--accent-orange), #ff8c2b);
box-shadow: var(--glow-orange); box-shadow: var(--glow-orange);
transition: width 0.4s cubic-bezier(0.4, 0, 0.2, 1); transition: width 0.4s cubic-bezier(0.4, 0, 0.2, 1);
position: relative; position: relative;
@@ -2471,9 +2471,9 @@ select option:checked {
height: 100%; height: 100%;
background: linear-gradient(90deg, transparent, rgba(255,255,255,0.4)); background: linear-gradient(90deg, transparent, rgba(255,255,255,0.4));
} }
.lt-progress--cyan .lt-progress-bar { background: var(--accent-cyan); box-shadow: var(--glow-cyan); } .lt-progress--cyan .lt-progress-bar { background: linear-gradient(90deg, var(--accent-cyan), #33dfff); box-shadow: var(--glow-cyan); }
.lt-progress--green .lt-progress-bar { background: var(--accent-green); box-shadow: var(--glow-green); } .lt-progress--green .lt-progress-bar { background: linear-gradient(90deg, var(--accent-green), #33ffaa); box-shadow: var(--glow-green); }
.lt-progress--red .lt-progress-bar { background: var(--accent-red); box-shadow: var(--glow-red); } .lt-progress--red .lt-progress-bar { background: linear-gradient(90deg, var(--accent-red), #ff4466); box-shadow: var(--glow-red); }
.lt-progress--striped .lt-progress-bar { .lt-progress--striped .lt-progress-bar {
background-image: repeating-linear-gradient( background-image: repeating-linear-gradient(
45deg, transparent, transparent 4px, 45deg, transparent, transparent 4px,
@@ -4479,7 +4479,83 @@ body.lt-is-offline .lt-main { margin-top: 2rem; transition: margin-top 0.25s eas
/* ---------------------------------------------------------------- /* ----------------------------------------------------------------
61. TIMELINE / ACTIVITY FEED 61. SLA BANNER
----------------------------------------------------------------
lt-sla-p1 pulsing red banner for critical SLA breach
lt-sla-p2 static amber banner for high-priority SLA warning
---------------------------------------------------------------- */
.lt-sla-p1,
.lt-sla-p2 {
display: flex;
align-items: center;
gap: 0.75rem;
padding: 0.6rem 1rem;
border: 1px solid;
font-family: var(--font-mono);
}
.lt-sla-p1 {
border-color: rgba(255,45,85,0.4);
background: rgba(255,45,85,0.08);
animation: lt-sla-pulse 2s infinite;
}
.lt-sla-p2 {
border-color: rgba(255,179,0,0.4);
background: rgba(255,179,0,0.08);
}
@keyframes lt-sla-pulse {
0%, 100% { box-shadow: 0 0 8px rgba(255,45,85,0.20); }
50% { box-shadow: 0 0 20px rgba(255,45,85,0.45); }
}
.lt-sla-icon { font-size: 1rem; flex-shrink: 0; }
.lt-sla-info { flex: 1; min-width: 0; }
.lt-sla-title {
font-size: 0.68rem;
font-weight: 700;
text-transform: uppercase;
letter-spacing: 0.12em;
margin-bottom: 4px;
}
.lt-sla-p1 .lt-sla-title { color: var(--accent-red); text-shadow: var(--glow-red); }
.lt-sla-p2 .lt-sla-title { color: var(--accent-amber); text-shadow: var(--glow-amber); }
.lt-sla-bar {
height: 5px;
background: rgba(255,255,255,0.08);
position: relative;
overflow: hidden;
}
.lt-sla-fill {
height: 100%;
width: 0%;
transition: width 0.4s ease;
}
.lt-sla-p1 .lt-sla-fill { background: linear-gradient(90deg, var(--accent-red), var(--accent-orange)); box-shadow: 0 0 8px rgba(255,45,85,0.6); }
.lt-sla-p2 .lt-sla-fill { background: linear-gradient(90deg, var(--accent-amber), #ffd740); box-shadow: 0 0 8px rgba(255,179,0,0.6); }
.lt-sla-meta {
font-size: 0.60rem;
color: var(--text-dim);
text-transform: uppercase;
letter-spacing: 0.10em;
flex-shrink: 0;
}
.lt-sla-dismiss {
font-size: 0.70rem;
color: var(--text-dim);
cursor: pointer;
background: none;
border: none;
flex-shrink: 0;
padding: 0 0.25rem;
font-family: var(--font-mono);
transition: color 0.15s ease;
}
.lt-sla-dismiss:hover { color: var(--text-secondary); }
.lt-sla-dismiss:focus-visible { outline: 1px dashed var(--accent-cyan); outline-offset: 2px; }
html[data-theme="light"] .lt-sla-p1 { background: rgba(180,30,50,0.06); border-color: rgba(180,30,50,0.35); }
html[data-theme="light"] .lt-sla-p2 { background: rgba(138,90,0,0.06); border-color: rgba(138,90,0,0.35); }
/* ----------------------------------------------------------------
62. TIMELINE / ACTIVITY FEED
---------------------------------------------------------------- */ ---------------------------------------------------------------- */
.lt-timeline { .lt-timeline {
display: flex; display: flex;
assets/js/ticket.js
+1 -1
View File
@@ -735,7 +735,7 @@ function renderDependencies(dependencies) {
// Insert blocker alert above the frame if not already there // Insert blocker alert above the frame if not already there
const panel = document.getElementById('dependencies-panel'); const panel = document.getElementById('dependencies-panel');
if (panel && !panel.querySelector('#blockerAlert')) { if (panel && !panel.querySelector('#blockerAlert')) {
panel.insertAdjacentHTML('afterbegin', alertHtml); panel.insertAdjacentHTML('afterbegin', alertHtml); // nosemgrep: typescript.react.security.audit.react-unsanitized-method.react-unsanitized-method
} }
} }
config/config.php
+15 -6
View File
@@ -1,4 +1,5 @@
<?php <?php
// Load environment variables // Load environment variables
$envFile = __DIR__ . '/../.env'; $envFile = __DIR__ . '/../.env';
if (!file_exists($envFile)) { if (!file_exists($envFile)) {
@@ -10,8 +11,10 @@ $envVars = parse_ini_file($envFile, false, INI_SCANNER_TYPED);
if ($envVars) { if ($envVars) {
foreach ($envVars as $key => $value) { foreach ($envVars as $key => $value) {
if (is_string($value)) { if (is_string($value)) {
if ((substr($value, 0, 1) === '"' && substr($value, -1) === '"') || if (
(substr($value, 0, 1) === "'" && substr($value, -1) === "'")) { (substr($value, 0, 1) === '"' && substr($value, -1) === '"') ||
(substr($value, 0, 1) === "'" && substr($value, -1) === "'")
) {
$envVars[$key] = substr($value, 1, -1); $envVars[$key] = substr($value, 1, -1);
} }
} }
@@ -28,7 +31,9 @@ $GLOBALS['config'] = [
// Asset cache-busting version — auto-computed from key asset mtimes so // Asset cache-busting version — auto-computed from key asset mtimes so
// browsers always pick up changes on deploy. Override via ASSET_VERSION in .env. // browsers always pick up changes on deploy. Override via ASSET_VERSION in .env.
'ASSET_VERSION' => (function () use ($envVars) { 'ASSET_VERSION' => (function () use ($envVars) {
if (!empty($envVars['ASSET_VERSION'])) return $envVars['ASSET_VERSION']; if (!empty($envVars['ASSET_VERSION'])) {
return $envVars['ASSET_VERSION'];
}
$files = [ $files = [
__DIR__ . '/../assets/css/base.css', __DIR__ . '/../assets/css/base.css',
__DIR__ . '/../assets/css/dashboard.css', __DIR__ . '/../assets/css/dashboard.css',
@@ -38,7 +43,11 @@ $GLOBALS['config'] = [
__DIR__ . '/../assets/js/ticket.js', __DIR__ . '/../assets/js/ticket.js',
]; ];
$mtime = 0; $mtime = 0;
foreach ($files as $f) { if (file_exists($f)) $mtime = max($mtime, filemtime($f)); } foreach ($files as $f) {
if (file_exists($f)) {
$mtime = max($mtime, filemtime($f));
}
}
return $mtime ?: '20260329'; return $mtime ?: '20260329';
})(), })(),
@@ -75,7 +84,8 @@ $GLOBALS['config'] = [
// Set APP_DOMAIN in .env to override // Set APP_DOMAIN in .env to override
'APP_DOMAIN' => $envVars['APP_DOMAIN'] ?? null, 'APP_DOMAIN' => $envVars['APP_DOMAIN'] ?? null,
// Allowed hosts for HTTP_HOST validation (comma-separated in .env) // Allowed hosts for HTTP_HOST validation (comma-separated in .env)
'ALLOWED_HOSTS' => array_filter(array_map('trim', 'ALLOWED_HOSTS' => array_filter(array_map(
'trim',
explode(',', $envVars['ALLOWED_HOSTS'] ?? 'localhost,127.0.0.1') explode(',', $envVars['ALLOWED_HOSTS'] ?? 'localhost,127.0.0.1')
)), )),
@@ -143,4 +153,3 @@ date_default_timezone_set($GLOBALS['config']['TIMEZONE']);
$now = new DateTime('now', new DateTimeZone($GLOBALS['config']['TIMEZONE'])); $now = new DateTime('now', new DateTimeZone($GLOBALS['config']['TIMEZONE']));
$GLOBALS['config']['TIMEZONE_OFFSET'] = $now->getOffset() / 60; // Convert seconds to minutes $GLOBALS['config']['TIMEZONE_OFFSET'] = $now->getOffset() / 60; // Convert seconds to minutes
$GLOBALS['config']['TIMEZONE_ABBREV'] = $now->format('T'); // e.g., "EST", "EDT" $GLOBALS['config']['TIMEZONE_ABBREV'] = $now->format('T'); // e.g., "EST", "EDT"
?>
controllers/CommentController.php
+9 -4
View File
@@ -1,18 +1,23 @@
<?php <?php
require_once 'models/CommentModel.php'; require_once 'models/CommentModel.php';
class CommentController { class CommentController
{
private $commentModel; private $commentModel;
public function __construct($conn) { public function __construct($conn)
{
$this->commentModel = new CommentModel($conn); $this->commentModel = new CommentModel($conn);
} }
public function getCommentsByTicketId($ticketId) { public function getCommentsByTicketId($ticketId)
{
return $this->commentModel->getCommentsByTicketId($ticketId); return $this->commentModel->getCommentsByTicketId($ticketId);
} }
public function addComment($ticketId) { public function addComment($ticketId)
{
// Check if this is an AJAX request // Check if this is an AJAX request
if ($_SERVER['REQUEST_METHOD'] === 'POST') { if ($_SERVER['REQUEST_METHOD'] === 'POST') {
// Get JSON data // Get JSON data
controllers/DashboardController.php
+45 -19
View File
@@ -1,9 +1,11 @@
<?php <?php
require_once 'models/TicketModel.php'; require_once 'models/TicketModel.php';
require_once 'models/UserPreferencesModel.php'; require_once 'models/UserPreferencesModel.php';
require_once 'models/StatsModel.php'; require_once 'models/StatsModel.php';
class DashboardController { class DashboardController
{
private $ticketModel; private $ticketModel;
private $prefsModel; private $prefsModel;
private $statsModel; private $statsModel;
@@ -18,7 +20,8 @@ class DashboardController {
/** Valid statuses */ /** Valid statuses */
private const VALID_STATUSES = ['Open', 'Pending', 'In Progress', 'Closed']; private const VALID_STATUSES = ['Open', 'Pending', 'In Progress', 'Closed'];
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
$this->ticketModel = new TicketModel($conn); $this->ticketModel = new TicketModel($conn);
$this->prefsModel = new UserPreferencesModel($conn); $this->prefsModel = new UserPreferencesModel($conn);
@@ -28,7 +31,8 @@ class DashboardController {
/** /**
* Validate and sanitize a date string * Validate and sanitize a date string
*/ */
private function validateDate(?string $date): ?string { private function validateDate(?string $date): ?string
{
if (empty($date)) { if (empty($date)) {
return null; return null;
} }
@@ -42,7 +46,8 @@ class DashboardController {
/** /**
* Validate priority value (1-5) * Validate priority value (1-5)
*/ */
private function validatePriority($priority): ?int { private function validatePriority($priority): ?int
{
if ($priority === null || $priority === '') { if ($priority === null || $priority === '') {
return null; return null;
} }
@@ -53,7 +58,8 @@ class DashboardController {
/** /**
* Validate user ID * Validate user ID
*/ */
private function validateUserId($userId): ?int { private function validateUserId($userId): ?int
{
if ($userId === null || $userId === '') { if ($userId === null || $userId === '') {
return null; return null;
} }
@@ -61,7 +67,8 @@ class DashboardController {
return ($val > 0) ? $val : null; return ($val > 0) ? $val : null;
} }
public function index() { public function index()
{
// Get user ID for preferences // Get user ID for preferences
$userId = isset($_SESSION['user']['user_id']) ? $_SESSION['user']['user_id'] : null; $userId = isset($_SESSION['user']['user_id']) ? $_SESSION['user']['user_id'] : null;
@@ -124,24 +131,42 @@ class DashboardController {
$closedFrom = $this->validateDate($_GET['closed_from'] ?? null); $closedFrom = $this->validateDate($_GET['closed_from'] ?? null);
$closedTo = $this->validateDate($_GET['closed_to'] ?? null); $closedTo = $this->validateDate($_GET['closed_to'] ?? null);
if ($createdFrom) $filters['created_from'] = $createdFrom; if ($createdFrom) {
if ($createdTo) $filters['created_to'] = $createdTo; $filters['created_from'] = $createdFrom;
if ($updatedFrom) $filters['updated_from'] = $updatedFrom; }
if ($updatedTo) $filters['updated_to'] = $updatedTo; if ($createdTo) {
if ($closedFrom) $filters['closed_from'] = $closedFrom; $filters['created_to'] = $createdTo;
if ($closedTo) $filters['closed_to'] = $closedTo; }
if ($updatedFrom) {
$filters['updated_from'] = $updatedFrom;
}
if ($updatedTo) {
$filters['updated_to'] = $updatedTo;
}
if ($closedFrom) {
$filters['closed_from'] = $closedFrom;
}
if ($closedTo) {
$filters['closed_to'] = $closedTo;
}
// Validate priority filters; ?priority=N sets exact match (min=max=N) // Validate priority filters; ?priority=N sets exact match (min=max=N)
$prioritySingle = $this->validatePriority($_GET['priority'] ?? null); $prioritySingle = $this->validatePriority($_GET['priority'] ?? null);
$priorityMin = $prioritySingle ?? $this->validatePriority($_GET['priority_min'] ?? null); $priorityMin = $prioritySingle ?? $this->validatePriority($_GET['priority_min'] ?? null);
$priorityMax = $prioritySingle ?? $this->validatePriority($_GET['priority_max'] ?? null); $priorityMax = $prioritySingle ?? $this->validatePriority($_GET['priority_max'] ?? null);
if ($priorityMin !== null) $filters['priority_min'] = $priorityMin; if ($priorityMin !== null) {
if ($priorityMax !== null) $filters['priority_max'] = $priorityMax; $filters['priority_min'] = $priorityMin;
}
if ($priorityMax !== null) {
$filters['priority_max'] = $priorityMax;
}
// Validate user ID filters // Validate user ID filters
$createdBy = $this->validateUserId($_GET['created_by'] ?? null); $createdBy = $this->validateUserId($_GET['created_by'] ?? null);
if ($createdBy !== null) $filters['created_by'] = $createdBy; if ($createdBy !== null) {
$filters['created_by'] = $createdBy;
}
// assigned_to accepts a numeric user ID, 'unassigned', or the special string 'me' // assigned_to accepts a numeric user ID, 'unassigned', or the special string 'me'
$assignedToRaw = $_GET['assigned_to'] ?? null; $assignedToRaw = $_GET['assigned_to'] ?? null;
@@ -151,7 +176,9 @@ class DashboardController {
$filters['assigned_to'] = (int)$userId; $filters['assigned_to'] = (int)$userId;
} else { } else {
$assignedTo = $this->validateUserId($assignedToRaw); $assignedTo = $this->validateUserId($assignedToRaw);
if ($assignedTo !== null) $filters['assigned_to'] = $assignedTo; if ($assignedTo !== null) {
$filters['assigned_to'] = $assignedTo;
}
} }
// Get tickets with pagination, sorting, search, and advanced filters // Get tickets with pagination, sorting, search, and advanced filters
@@ -179,7 +206,8 @@ class DashboardController {
* *
* @return array ['categories' => [...], 'types' => [...]] * @return array ['categories' => [...], 'types' => [...]]
*/ */
private function getCategoriesAndTypes(): array { private function getCategoriesAndTypes(): array
{
$sql = "SELECT 'category' as field, category as value FROM tickets WHERE category IS NOT NULL $sql = "SELECT 'category' as field, category as value FROM tickets WHERE category IS NOT NULL
UNION UNION
SELECT 'type' as field, type as value FROM tickets WHERE type IS NOT NULL SELECT 'type' as field, type as value FROM tickets WHERE type IS NOT NULL
@@ -203,6 +231,4 @@ class DashboardController {
return ['categories' => $categories, 'types' => $types]; return ['categories' => $categories, 'types' => $types];
} }
} }
?>
controllers/TicketController.php
+9 -6
View File
@@ -1,4 +1,5 @@
<?php <?php
// Use absolute paths for model includes // Use absolute paths for model includes
require_once dirname(__DIR__) . '/models/TicketModel.php'; require_once dirname(__DIR__) . '/models/TicketModel.php';
require_once dirname(__DIR__) . '/models/CommentModel.php'; require_once dirname(__DIR__) . '/models/CommentModel.php';
@@ -9,7 +10,8 @@ require_once dirname(__DIR__) . '/models/TemplateModel.php';
require_once dirname(__DIR__) . '/helpers/UrlHelper.php'; require_once dirname(__DIR__) . '/helpers/UrlHelper.php';
require_once dirname(__DIR__) . '/helpers/NotificationHelper.php'; require_once dirname(__DIR__) . '/helpers/NotificationHelper.php';
class TicketController { class TicketController
{
private $ticketModel; private $ticketModel;
private $commentModel; private $commentModel;
private $auditLogModel; private $auditLogModel;
@@ -18,7 +20,8 @@ class TicketController {
private $templateModel; private $templateModel;
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
$this->ticketModel = new TicketModel($conn); $this->ticketModel = new TicketModel($conn);
$this->commentModel = new CommentModel($conn); $this->commentModel = new CommentModel($conn);
@@ -28,7 +31,8 @@ class TicketController {
$this->templateModel = new TemplateModel($conn); $this->templateModel = new TemplateModel($conn);
} }
public function view($id) { public function view($id)
{
// Get current user // Get current user
$currentUser = $GLOBALS['currentUser'] ?? null; $currentUser = $GLOBALS['currentUser'] ?? null;
$userId = $currentUser['user_id'] ?? null; $userId = $currentUser['user_id'] ?? null;
@@ -63,7 +67,8 @@ class TicketController {
include dirname(__DIR__) . '/views/TicketView.php'; include dirname(__DIR__) . '/views/TicketView.php';
} }
public function create() { public function create()
{
// Get current user // Get current user
$currentUser = $GLOBALS['currentUser'] ?? null; $currentUser = $GLOBALS['currentUser'] ?? null;
$userId = $currentUser['user_id'] ?? null; $userId = $currentUser['user_id'] ?? null;
@@ -154,6 +159,4 @@ class TicketController {
include dirname(__DIR__) . '/views/CreateTicketView.php'; include dirname(__DIR__) . '/views/CreateTicketView.php';
} }
} }
} }
?>
create_ticket_api.php
+40 -20
View File
@@ -1,4 +1,5 @@
<?php <?php
header('Content-Type: application/json'); header('Content-Type: application/json');
error_reporting(E_ALL); error_reporting(E_ALL);
@@ -26,8 +27,10 @@ if (!$envVars) {
// Strip quotes from values if present (parse_ini_file may include them) // Strip quotes from values if present (parse_ini_file may include them)
foreach ($envVars as $key => $value) { foreach ($envVars as $key => $value) {
if (is_string($value)) { if (is_string($value)) {
if ((substr($value, 0, 1) === '"' && substr($value, -1) === '"') || if (
(substr($value, 0, 1) === "'" && substr($value, -1) === "'")) { (substr($value, 0, 1) === '"' && substr($value, -1) === '"') ||
(substr($value, 0, 1) === "'" && substr($value, -1) === "'")
) {
$envVars[$key] = substr($value, 1, -1); $envVars[$key] = substr($value, 1, -1);
} }
} }
@@ -101,7 +104,8 @@ if (!is_array($data) || empty($data['title'])) {
} }
// Generate hash from stable components // Generate hash from stable components
function generateTicketHash($data) { function generateTicketHash($data)
{
$title = (string)($data['title'] ?? ''); $title = (string)($data['title'] ?? '');
// Prefer explicit serial from payload; fall back to extracting device path from title // Prefer explicit serial from payload; fall back to extracting device path from title
@@ -125,6 +129,21 @@ function generateTicketHash($data) {
if (stripos($title, 'SMART issues') !== false) { if (stripos($title, 'SMART issues') !== false) {
$issueCategory = 'smart'; $issueCategory = 'smart';
} elseif (stripos($title, 'ZFS pool') !== false) {
$issueCategory = 'zfs';
// Extract pool name so each pool gets its own ticket
if (preg_match("/ZFS pool '([^']+)'/i", $title, $poolMatch)) {
$poolName = strtolower(preg_replace('/[^a-z0-9_]/i', '_', $poolMatch[1]));
if (stripos($title, 'state:') !== false || preg_match('/DEGRADED|FAULTED|UNAVAIL|OFFLINE/i', $title)) {
$issueSubtype = 'pool_state_' . $poolName;
} elseif (stripos($title, 'usage') !== false) {
$issueSubtype = 'pool_usage_' . $poolName;
} elseif (stripos($title, 'errors') !== false) {
$issueSubtype = 'pool_errors_' . $poolName;
} else {
$issueSubtype = 'pool_' . $poolName;
}
}
} elseif (stripos($title, 'LXC') !== false || stripos($title, 'storage usage') !== false) { } elseif (stripos($title, 'LXC') !== false || stripos($title, 'storage usage') !== false) {
$issueCategory = 'storage'; $issueCategory = 'storage';
// Include the LXC container ID so each container gets its own ticket // Include the LXC container ID so each container gets its own ticket
@@ -139,10 +158,12 @@ function generateTicketHash($data) {
$issueCategory = 'network'; $issueCategory = 'network';
} elseif (stripos($title, 'Ceph') !== false || stripos($title, '[ceph]') !== false) { } elseif (stripos($title, 'Ceph') !== false || stripos($title, '[ceph]') !== false) {
$issueCategory = 'ceph'; $issueCategory = 'ceph';
if (stripos($title, '[cluster-wide]') !== false || if (
stripos($title, '[cluster-wide]') !== false ||
stripos($title, 'HEALTH_ERR') !== false || stripos($title, 'HEALTH_ERR') !== false ||
stripos($title, 'HEALTH_WARN') !== false || stripos($title, 'HEALTH_WARN') !== false ||
stripos($title, 'cluster usage') !== false) { stripos($title, 'cluster usage') !== false
) {
$isClusterWide = true; $isClusterWide = true;
} }
// Normalize the specific Ceph warning type so different warnings get distinct tickets // Normalize the specific Ceph warning type so different warnings get distinct tickets
@@ -260,20 +281,10 @@ if ($existing) {
$updStmt->execute(); $updStmt->execute();
$updStmt->close(); $updStmt->close();
// Only add a comment when something meaningful changed (not just a description refresh) // Only post a comment on priority escalation — title and description updates
$meaningfulChanges = array_diff_key($changes, ['description_refreshed' => true]); // are silent (title changes like rising counters would spam a comment every run)
if (!empty($meaningfulChanges)) {
$changeLines = [];
if (isset($changes['title'])) {
$changeLines[] = "- **Title updated** to reflect current issue";
}
if (isset($changes['priority'])) { if (isset($changes['priority'])) {
$changeLines[] = "- **Priority escalated** from P{$changes['priority']['from']} to P{$changes['priority']['to']}"; $commentText = "**hwmonDaemon escalated this ticket from P{$changes['priority']['from']} to P{$changes['priority']['to']}.**\n\n```\n" . $description . "\n```";
}
// Wrap description in a fenced code block so ASCII art / box-drawing
// characters render correctly instead of collapsing into a paragraph blob
$commentText = "**hwmonDaemon reported a worsened condition — ticket updated automatically.**\n\n" .
implode("\n", $changeLines) . "\n\nLatest report:\n\n```\n" . $description . "\n```";
$commentStmt = $conn->prepare( $commentStmt = $conn->prepare(
"INSERT INTO ticket_comments (ticket_id, user_id, user_name, comment_text, markdown_enabled) VALUES (?, ?, 'hwmonDaemon', ?, 1)" "INSERT INTO ticket_comments (ticket_id, user_id, user_name, comment_text, markdown_enabled) VALUES (?, ?, 'hwmonDaemon', ?, 1)"
); );
@@ -365,8 +376,17 @@ $insertStmt = $conn->prepare(
"INSERT INTO tickets (ticket_id, title, description, status, priority, category, type, hash, created_by) "INSERT INTO tickets (ticket_id, title, description, status, priority, category, type, hash, created_by)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)" VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?)"
); );
$insertStmt->bind_param("ssssssssi", $insertStmt->bind_param(
$ticket_id, $title, $description, $status, $priority, $category, $type, $ticketHash, $userId "ssssssssi",
$ticket_id,
$title,
$description,
$status,
$priority,
$category,
$type,
$ticketHash,
$userId
); );
try { try {
cron/cleanup_ratelimit.php
+4 -1
View File
@@ -1,11 +1,14 @@
#!/usr/bin/env php #!/usr/bin/env php
<?php <?php
/** /**
* Rate Limit Cleanup Cron Job * Rate Limit Cleanup Cron Job
* *
* Cleans up expired rate limit files from the temp directory. * Cleans up expired rate limit files from the temp directory.
* Should be run via cron every 5-10 minutes: * Should be run via cron every 5-10 minutes:
* */5 * * * * /usr/bin/php /path/to/cron/cleanup_ratelimit.php * */
5 * * * * / usr / bin / php / path / to / cron / cleanup_ratelimit . php
* *
* This script can also be run manually for immediate cleanup . * This script can also be run manually for immediate cleanup .
* / * /
cron/create_recurring_tickets.php
+8 -5
View File
@@ -1,5 +1,6 @@
#!/usr/bin/env php #!/usr/bin/env php
<?php <?php
/** /**
* Recurring Tickets Cron Job * Recurring Tickets Cron Job
* *
@@ -7,7 +8,9 @@
* Recommended: Run every 5-15 minutes * Recommended: Run every 5-15 minutes
* *
* Example crontab entry: * Example crontab entry:
* */10 * * * * /usr/bin/php /path/to/cron/create_recurring_tickets.php >> /var/log/recurring_tickets.log 2>&1 * */
10 * * * * / usr / bin / php / path / to / cron / create_recurring_tickets . php >> / var / log / recurring_tickets . log 2 > & 1
* / * /
// Change to project root directory // Change to project root directory
@@ -20,7 +23,8 @@ require_once 'models/TicketModel.php';
require_once 'models/AuditLogModel.php'; require_once 'models/AuditLogModel.php';
// Log function // Log function
function logMessage($message) { function logMessage($message)
{
echo "[" . date('Y-m-d H:i:s') . "] " . $message . "\n"; echo "[" . date('Y-m-d H:i:s') . "] " . $message . "\n";
} }
@@ -94,7 +98,6 @@ try {
logMessage("ERROR: Failed to create ticket - " . ($result['error'] ?? 'Unknown error')); logMessage("ERROR: Failed to create ticket - " . ($result['error'] ?? 'Unknown error'));
$errors++; $errors++;
} }
} catch (Exception $e) { } catch (Exception $e) {
logMessage("ERROR: Exception processing recurring ticket - " . $e->getMessage()); logMessage("ERROR: Exception processing recurring ticket - " . $e->getMessage());
$errors++; $errors++;
@@ -104,7 +107,6 @@ try {
logMessage("Completed: Created $created tickets, $errors errors"); logMessage("Completed: Created $created tickets, $errors errors");
$conn->close(); $conn->close();
} catch (Exception $e) { } catch (Exception $e) {
logMessage("FATAL ERROR: " . $e->getMessage()); logMessage("FATAL ERROR: " . $e->getMessage());
exit(1); exit(1);
@@ -113,7 +115,8 @@ try {
/** /**
* Process template variables * Process template variables
*/ */
function processTemplate($template) { function processTemplate($template)
{
if (empty($template)) { if (empty($template)) {
return $template; return $template;
} }
generate_api_key.php
+1 -1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* API Key Generator for hwmonDaemon * API Key Generator for hwmonDaemon
* Run this script once after migrations to generate the API key * Run this script once after migrations to generate the API key
@@ -104,4 +105,3 @@ $conn->close();
echo "Done! Delete this script after use:\n"; echo "Done! Delete this script after use:\n";
echo " rm " . __FILE__ . "\n\n"; echo " rm " . __FILE__ . "\n\n";
?>
helpers/CacheHelper.php
+19 -9
View File
@@ -1,11 +1,13 @@
<?php <?php
/** /**
* Simple File-Based Cache Helper * Simple File-Based Cache Helper
* *
* Provides caching for frequently accessed data that doesn't change often, * Provides caching for frequently accessed data that doesn't change often,
* such as workflow rules, user preferences, and configuration data. * such as workflow rules, user preferences, and configuration data.
*/ */
class CacheHelper { class CacheHelper
{
private static ?string $cacheDir = null; private static ?string $cacheDir = null;
private static array $memoryCache = []; private static array $memoryCache = [];
@@ -14,7 +16,8 @@ class CacheHelper {
* *
* @return string Cache directory path * @return string Cache directory path
*/ */
private static function getCacheDir(): string { private static function getCacheDir(): string
{
if (self::$cacheDir === null) { if (self::$cacheDir === null) {
self::$cacheDir = sys_get_temp_dir() . '/tinker_tickets_cache'; self::$cacheDir = sys_get_temp_dir() . '/tinker_tickets_cache';
if (!is_dir(self::$cacheDir)) { if (!is_dir(self::$cacheDir)) {
@@ -31,7 +34,8 @@ class CacheHelper {
* @param mixed $identifier Unique identifier * @param mixed $identifier Unique identifier
* @return string Cache key * @return string Cache key
*/ */
private static function makeKey(string $prefix, $identifier = null): string { private static function makeKey(string $prefix, $identifier = null): string
{
$key = $prefix; $key = $prefix;
if ($identifier !== null) { if ($identifier !== null) {
$key .= '_' . md5(serialize($identifier)); $key .= '_' . md5(serialize($identifier));
@@ -47,7 +51,8 @@ class CacheHelper {
* @param int $ttl Time-to-live in seconds (default 300 = 5 minutes) * @param int $ttl Time-to-live in seconds (default 300 = 5 minutes)
* @return mixed|null Cached data or null if not found/expired * @return mixed|null Cached data or null if not found/expired
*/ */
public static function get(string $prefix, $identifier = null, int $ttl = 300) { public static function get(string $prefix, $identifier = null, int $ttl = 300)
{
$key = self::makeKey($prefix, $identifier); $key = self::makeKey($prefix, $identifier);
// Check memory cache first (fastest) // Check memory cache first (fastest)
@@ -88,7 +93,8 @@ class CacheHelper {
* @param mixed $data Data to cache * @param mixed $data Data to cache
* @return bool Success * @return bool Success
*/ */
public static function set(string $prefix, $identifier, $data): bool { public static function set(string $prefix, $identifier, $data): bool
{
$key = self::makeKey($prefix, $identifier); $key = self::makeKey($prefix, $identifier);
$cached = [ $cached = [
'time' => time(), 'time' => time(),
@@ -110,7 +116,8 @@ class CacheHelper {
* @param mixed $identifier Unique identifier (null to delete all with prefix) * @param mixed $identifier Unique identifier (null to delete all with prefix)
* @return bool Success * @return bool Success
*/ */
public static function delete(string $prefix, $identifier = null): bool { public static function delete(string $prefix, $identifier = null): bool
{
if ($identifier !== null) { if ($identifier !== null) {
$key = self::makeKey($prefix, $identifier); $key = self::makeKey($prefix, $identifier);
unset(self::$memoryCache[$key]); unset(self::$memoryCache[$key]);
@@ -140,7 +147,8 @@ class CacheHelper {
* *
* @return bool Success * @return bool Success
*/ */
public static function clearAll(): bool { public static function clearAll(): bool
{
self::$memoryCache = []; self::$memoryCache = [];
$files = glob(self::getCacheDir() . '/*.json'); $files = glob(self::getCacheDir() . '/*.json');
@@ -160,7 +168,8 @@ class CacheHelper {
* @param int $ttl Time-to-live in seconds * @param int $ttl Time-to-live in seconds
* @return mixed Cached or freshly fetched data * @return mixed Cached or freshly fetched data
*/ */
public static function remember(string $prefix, $identifier, callable $callback, int $ttl = 300) { public static function remember(string $prefix, $identifier, callable $callback, int $ttl = 300)
{
$data = self::get($prefix, $identifier, $ttl); $data = self::get($prefix, $identifier, $ttl);
if ($data === null) { if ($data === null) {
@@ -178,7 +187,8 @@ class CacheHelper {
* *
* @param int $maxAge Maximum age in seconds (default 1 hour) * @param int $maxAge Maximum age in seconds (default 1 hour)
*/ */
public static function cleanup(int $maxAge = 3600): void { public static function cleanup(int $maxAge = 3600): void
{
$files = glob(self::getCacheDir() . '/*.json'); $files = glob(self::getCacheDir() . '/*.json');
$now = time(); $now = time();
helpers/Database.php
+21 -10
View File
@@ -1,11 +1,13 @@
<?php <?php
/** /**
* Database Connection Factory * Database Connection Factory
* *
* Centralizes database connection creation and management. * Centralizes database connection creation and management.
* Provides a singleton connection for the request lifecycle. * Provides a singleton connection for the request lifecycle.
*/ */
class Database { class Database
{
private static ?mysqli $connection = null; private static ?mysqli $connection = null;
/** /**
@@ -14,7 +16,8 @@ class Database {
* @return mysqli Database connection * @return mysqli Database connection
* @throws Exception If connection fails * @throws Exception If connection fails
*/ */
public static function getConnection(): mysqli { public static function getConnection(): mysqli
{
if (self::$connection === null) { if (self::$connection === null) {
self::$connection = self::createConnection(); self::$connection = self::createConnection();
} }
@@ -33,7 +36,8 @@ class Database {
* @return mysqli Database connection * @return mysqli Database connection
* @throws Exception If connection fails * @throws Exception If connection fails
*/ */
private static function createConnection(): mysqli { private static function createConnection(): mysqli
{
// Ensure config is loaded // Ensure config is loaded
if (!isset($GLOBALS['config'])) { if (!isset($GLOBALS['config'])) {
require_once dirname(__DIR__) . '/config/config.php'; require_once dirname(__DIR__) . '/config/config.php';
@@ -59,7 +63,8 @@ class Database {
/** /**
* Close the database connection * Close the database connection
*/ */
public static function close(): void { public static function close(): void
{
if (self::$connection !== null) { if (self::$connection !== null) {
self::$connection->close(); self::$connection->close();
self::$connection = null; self::$connection = null;
@@ -71,7 +76,8 @@ class Database {
* *
* @return bool Success * @return bool Success
*/ */
public static function beginTransaction(): bool { public static function beginTransaction(): bool
{
return self::getConnection()->begin_transaction(); return self::getConnection()->begin_transaction();
} }
@@ -80,7 +86,8 @@ class Database {
* *
* @return bool Success * @return bool Success
*/ */
public static function commit(): bool { public static function commit(): bool
{
return self::getConnection()->commit(); return self::getConnection()->commit();
} }
@@ -89,7 +96,8 @@ class Database {
* *
* @return bool Success * @return bool Success
*/ */
public static function rollback(): bool { public static function rollback(): bool
{
return self::getConnection()->rollback(); return self::getConnection()->rollback();
} }
@@ -101,7 +109,8 @@ class Database {
* @param array $params Parameters to bind * @param array $params Parameters to bind
* @return mysqli_result|bool Query result * @return mysqli_result|bool Query result
*/ */
public static function query(string $sql, string $types = '', array $params = []) { public static function query(string $sql, string $types = '', array $params = [])
{
$conn = self::getConnection(); $conn = self::getConnection();
if (empty($types) || empty($params)) { if (empty($types) || empty($params)) {
@@ -130,7 +139,8 @@ class Database {
* @param array $params Parameters to bind * @param array $params Parameters to bind
* @return int Affected rows (-1 on failure) * @return int Affected rows (-1 on failure)
*/ */
public static function execute(string $sql, string $types = '', array $params = []): int { public static function execute(string $sql, string $types = '', array $params = []): int
{
$conn = self::getConnection(); $conn = self::getConnection();
$stmt = $conn->prepare($sql); $stmt = $conn->prepare($sql);
@@ -158,7 +168,8 @@ class Database {
* *
* @return int Last insert ID * @return int Last insert ID
*/ */
public static function lastInsertId(): int { public static function lastInsertId(): int
{
return self::getConnection()->insert_id; return self::getConnection()->insert_id;
} }
helpers/ErrorHandler.php
+27 -13
View File
@@ -1,11 +1,13 @@
<?php <?php
/** /**
* Centralized Error Handler * Centralized Error Handler
* *
* Provides consistent error handling, logging, and response formatting * Provides consistent error handling, logging, and response formatting
* across the application. * across the application.
*/ */
class ErrorHandler { class ErrorHandler
{
private static ?string $logFile = null; private static ?string $logFile = null;
private static bool $initialized = false; private static bool $initialized = false;
@@ -14,7 +16,8 @@ class ErrorHandler {
* *
* @param bool $displayErrors Whether to display errors (false in production) * @param bool $displayErrors Whether to display errors (false in production)
*/ */
public static function init(bool $displayErrors = false): void { public static function init(bool $displayErrors = false): void
{
if (self::$initialized) { if (self::$initialized) {
return; return;
} }
@@ -45,7 +48,8 @@ class ErrorHandler {
* @param int $errline Line number * @param int $errline Line number
* @return bool * @return bool
*/ */
public static function handleError(int $errno, string $errstr, string $errfile, int $errline): bool { public static function handleError(int $errno, string $errstr, string $errfile, int $errline): bool
{
// Don't handle suppressed errors // Don't handle suppressed errors
if (!(error_reporting() & $errno)) { if (!(error_reporting() & $errno)) {
return false; return false;
@@ -69,7 +73,8 @@ class ErrorHandler {
* *
* @param Throwable $exception * @param Throwable $exception
*/ */
public static function handleException(Throwable $exception): void { public static function handleException(Throwable $exception): void
{
$message = sprintf( $message = sprintf(
"Uncaught %s: %s in %s on line %d\nStack trace:\n%s", "Uncaught %s: %s in %s on line %d\nStack trace:\n%s",
get_class($exception), get_class($exception),
@@ -94,7 +99,8 @@ class ErrorHandler {
/** /**
* Handle fatal errors on shutdown * Handle fatal errors on shutdown
*/ */
public static function handleShutdown(): void { public static function handleShutdown(): void
{
$error = error_get_last(); $error = error_get_last();
if ($error !== null && in_array($error['type'], [E_ERROR, E_PARSE, E_CORE_ERROR, E_COMPILE_ERROR])) { if ($error !== null && in_array($error['type'], [E_ERROR, E_PARSE, E_CORE_ERROR, E_COMPILE_ERROR])) {
@@ -120,7 +126,8 @@ class ErrorHandler {
* @param int $level Error level * @param int $level Error level
* @param array $context Additional context * @param array $context Additional context
*/ */
public static function log(string $message, int $level = E_USER_NOTICE, array $context = []): void { public static function log(string $message, int $level = E_USER_NOTICE, array $context = []): void
{
$timestamp = date('Y-m-d H:i:s'); $timestamp = date('Y-m-d H:i:s');
$levelName = self::getErrorTypeName($level); $levelName = self::getErrorTypeName($level);
@@ -140,7 +147,8 @@ class ErrorHandler {
* @param int $httpCode HTTP status code * @param int $httpCode HTTP status code
* @param Throwable|null $exception Original exception (for debug info) * @param Throwable|null $exception Original exception (for debug info)
*/ */
public static function sendErrorResponse(string $message, int $httpCode = 500, ?Throwable $exception = null): void { public static function sendErrorResponse(string $message, int $httpCode = 500, ?Throwable $exception = null): void
{
http_response_code($httpCode); http_response_code($httpCode);
if (!headers_sent()) { if (!headers_sent()) {
@@ -172,7 +180,8 @@ class ErrorHandler {
* @param array $errors Array of validation errors * @param array $errors Array of validation errors
* @param string $message Overall error message * @param string $message Overall error message
*/ */
public static function sendValidationError(array $errors, string $message = 'Validation failed'): void { public static function sendValidationError(array $errors, string $message = 'Validation failed'): void
{
http_response_code(422); http_response_code(422);
if (!headers_sent()) { if (!headers_sent()) {
@@ -192,7 +201,8 @@ class ErrorHandler {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function sendNotFoundError(string $message = 'Resource not found'): void { public static function sendNotFoundError(string $message = 'Resource not found'): void
{
self::sendErrorResponse($message, 404); self::sendErrorResponse($message, 404);
} }
@@ -201,7 +211,8 @@ class ErrorHandler {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function sendUnauthorizedError(string $message = 'Authentication required'): void { public static function sendUnauthorizedError(string $message = 'Authentication required'): void
{
self::sendErrorResponse($message, 401); self::sendErrorResponse($message, 401);
} }
@@ -210,7 +221,8 @@ class ErrorHandler {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function sendForbiddenError(string $message = 'Access denied'): void { public static function sendForbiddenError(string $message = 'Access denied'): void
{
self::sendErrorResponse($message, 403); self::sendErrorResponse($message, 403);
} }
@@ -220,7 +232,8 @@ class ErrorHandler {
* @param int $errno Error number * @param int $errno Error number
* @return string Error type name * @return string Error type name
*/ */
private static function getErrorTypeName(int $errno): string { private static function getErrorTypeName(int $errno): string
{
$types = [ $types = [
E_ERROR => 'ERROR', E_ERROR => 'ERROR',
E_WARNING => 'WARNING', E_WARNING => 'WARNING',
@@ -248,7 +261,8 @@ class ErrorHandler {
* @param int $lines Number of lines to return * @param int $lines Number of lines to return
* @return array Log entries * @return array Log entries
*/ */
public static function getRecentErrors(int $lines = 50): array { public static function getRecentErrors(int $lines = 50): array
{
if (self::$logFile === null || !file_exists(self::$logFile)) { if (self::$logFile === null || !file_exists(self::$logFile)) {
return []; return [];
} }
helpers/NotificationHelper.php
+19 -11
View File
@@ -1,12 +1,14 @@
<?php <?php
require_once dirname(__DIR__) . '/helpers/UrlHelper.php'; require_once dirname(__DIR__) . '/helpers/UrlHelper.php';
require_once dirname(__DIR__) . '/helpers/SynapseHelper.php'; require_once dirname(__DIR__) . '/helpers/SynapseHelper.php';
class NotificationHelper { class NotificationHelper
{
// ─── Internal: fire a webhook ───────────────────────────────────────────── // ─── Internal: fire a webhook ─────────────────────────────────────────────
private static function fire(array $payload): void { private static function fire(array $payload): void
{
$webhookUrl = $GLOBALS['config']['MATRIX_WEBHOOK_URL'] ?? null; $webhookUrl = $GLOBALS['config']['MATRIX_WEBHOOK_URL'] ?? null;
if (empty($webhookUrl)) { if (empty($webhookUrl)) {
return; return;
@@ -32,7 +34,8 @@ class NotificationHelper {
} }
} }
private static function notifyUsers(): array { private static function notifyUsers(): array
{
$raw = $GLOBALS['config']['MATRIX_NOTIFY_USERS'] ?? ''; $raw = $GLOBALS['config']['MATRIX_NOTIFY_USERS'] ?? '';
return array_values(array_filter(array_map('trim', explode(',', $raw)))); return array_values(array_filter(array_map('trim', explode(',', $raw))));
} }
@@ -42,7 +45,8 @@ class NotificationHelper {
/** /**
* New ticket created (manual or automated/API). * New ticket created (manual or automated/API).
*/ */
public static function sendTicketNotification($ticketId, array $ticketData, string $trigger = 'manual'): void { public static function sendTicketNotification($ticketId, array $ticketData, string $trigger = 'manual'): void
{
preg_match('/^\[([^\]]+)\]/', $ticketData['title'] ?? '', $m); preg_match('/^\[([^\]]+)\]/', $ticketData['title'] ?? '', $m);
$source = $m[1] ?? ($trigger === 'automated' ? 'Automated' : 'Manual'); $source = $m[1] ?? ($trigger === 'automated' ? 'Automated' : 'Manual');
@@ -70,7 +74,8 @@ class NotificationHelper {
* @param string $ticketTitle * @param string $ticketTitle
* @param string|null $changedByDisplay Display name of the user who changed status * @param string|null $changedByDisplay Display name of the user who changed status
*/ */
public static function sendStatusChangeNotification($ticketId, string $oldStatus, string $newStatus, string $ticketTitle, ?string $changedByDisplay = null): void { public static function sendStatusChangeNotification($ticketId, string $oldStatus, string $newStatus, string $ticketTitle, ?string $changedByDisplay = null): void
{
self::fire([ self::fire([
'event' => 'status_changed', 'event' => 'status_changed',
'ticket_id' => $ticketId, 'ticket_id' => $ticketId,
@@ -92,7 +97,8 @@ class NotificationHelper {
* @param string|null $authorDisplay Display name of commenter * @param string|null $authorDisplay Display name of commenter
* @param bool $isInternal True if the comment is internal-only * @param bool $isInternal True if the comment is internal-only
*/ */
public static function sendCommentNotification($ticketId, string $ticketTitle, string $commentText, ?string $authorDisplay = null, bool $isInternal = false): void { public static function sendCommentNotification($ticketId, string $ticketTitle, string $commentText, ?string $authorDisplay = null, bool $isInternal = false): void
{
// Skip if this is an internal-only comment — only the assignee/admin need to know // Skip if this is an internal-only comment — only the assignee/admin need to know
$notifyUsers = self::notifyUsers(); $notifyUsers = self::notifyUsers();
if (empty($notifyUsers)) { if (empty($notifyUsers)) {
@@ -120,7 +126,8 @@ class NotificationHelper {
* @param string|null $authorDisplay * @param string|null $authorDisplay
* @param array $mentionedMatrixIds Matrix user IDs derived from @usernames * @param array $mentionedMatrixIds Matrix user IDs derived from @usernames
*/ */
public static function sendMentionNotification($ticketId, string $ticketTitle, string $commentText, ?string $authorDisplay, array $mentionedMatrixIds): void { public static function sendMentionNotification($ticketId, string $ticketTitle, string $commentText, ?string $authorDisplay, array $mentionedMatrixIds): void
{
if (empty($mentionedMatrixIds)) { if (empty($mentionedMatrixIds)) {
return; return;
} }
@@ -149,7 +156,8 @@ class NotificationHelper {
* @param array $extraData Merged into the payload (old_status/new_status, author, etc.) * @param array $extraData Merged into the payload (old_status/new_status, author, etc.)
* @param int|null $excludeUserId Don't notify the actor themselves * @param int|null $excludeUserId Don't notify the actor themselves
*/ */
public static function notifyWatchers(\mysqli $conn, $ticketId, string $ticketTitle, string $event, array $extraData = [], ?int $excludeUserId = null): void { public static function notifyWatchers(\mysqli $conn, $ticketId, string $ticketTitle, string $event, array $extraData = [], ?int $excludeUserId = null): void
{
$webhookUrl = $GLOBALS['config']['MATRIX_WEBHOOK_URL'] ?? null; $webhookUrl = $GLOBALS['config']['MATRIX_WEBHOOK_URL'] ?? null;
$domain = $GLOBALS['config']['MATRIX_DOMAIN'] ?? null; $domain = $GLOBALS['config']['MATRIX_DOMAIN'] ?? null;
if (!$webhookUrl || !$domain) { if (!$webhookUrl || !$domain) {
@@ -208,7 +216,8 @@ class NotificationHelper {
* @param string|null $assigneeMatrix Matrix user ID of new assignee (to DM) * @param string|null $assigneeMatrix Matrix user ID of new assignee (to DM)
* @param string|null $changedByDisplay * @param string|null $changedByDisplay
*/ */
public static function sendAssignmentNotification($ticketId, string $ticketTitle, ?string $assigneeName, ?string $assigneeMatrix, ?string $changedByDisplay = null): void { public static function sendAssignmentNotification($ticketId, string $ticketTitle, ?string $assigneeName, ?string $assigneeMatrix, ?string $changedByDisplay = null): void
{
$notifyUsers = self::notifyUsers(); $notifyUsers = self::notifyUsers();
// Also notify the assignee directly if we know their Matrix ID // Also notify the assignee directly if we know their Matrix ID
if ($assigneeMatrix && !in_array($assigneeMatrix, $notifyUsers, true)) { if ($assigneeMatrix && !in_array($assigneeMatrix, $notifyUsers, true)) {
@@ -229,4 +238,3 @@ class NotificationHelper {
]); ]);
} }
} }
?>
helpers/OutputHelper.php
+27 -13
View File
@@ -1,11 +1,13 @@
<?php <?php
/** /**
* OutputHelper - Consistent output escaping utilities * OutputHelper - Consistent output escaping utilities
* *
* Provides secure HTML escaping functions to prevent XSS attacks. * Provides secure HTML escaping functions to prevent XSS attacks.
* Use these functions when outputting user-controlled data. * Use these functions when outputting user-controlled data.
*/ */
class OutputHelper { class OutputHelper
{
/** /**
* Escape string for HTML output * Escape string for HTML output
* *
@@ -16,7 +18,8 @@ class OutputHelper {
* @param int $flags htmlspecialchars flags (default: ENT_QUOTES | ENT_HTML5) * @param int $flags htmlspecialchars flags (default: ENT_QUOTES | ENT_HTML5)
* @return string Escaped string * @return string Escaped string
*/ */
public static function h(?string $string, int $flags = ENT_QUOTES | ENT_HTML5): string { public static function h(?string $string, int $flags = ENT_QUOTES | ENT_HTML5): string
{
if ($string === null) { if ($string === null) {
return ''; return '';
} }
@@ -32,7 +35,8 @@ class OutputHelper {
* @param string|null $string The string to escape * @param string|null $string The string to escape
* @return string Escaped string * @return string Escaped string
*/ */
public static function attr(?string $string): string { public static function attr(?string $string): string
{
if ($string === null) { if ($string === null) {
return ''; return '';
} }
@@ -50,7 +54,8 @@ class OutputHelper {
* @param int $flags json_encode flags * @param int $flags json_encode flags
* @return string JSON encoded string (safe for script context) * @return string JSON encoded string (safe for script context)
*/ */
public static function json($data, int $flags = 0): string { public static function json($data, int $flags = 0): string
{
// Use HEX encoding for safety in HTML context // Use HEX encoding for safety in HTML context
$safeFlags = JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | $flags; $safeFlags = JSON_HEX_TAG | JSON_HEX_APOS | JSON_HEX_QUOT | JSON_HEX_AMP | $flags;
return json_encode($data, $safeFlags); return json_encode($data, $safeFlags);
@@ -65,7 +70,8 @@ class OutputHelper {
* @param string|null $string The string to encode * @param string|null $string The string to encode
* @return string URL encoded string * @return string URL encoded string
*/ */
public static function url(?string $string): string { public static function url(?string $string): string
{
if ($string === null) { if ($string === null) {
return ''; return '';
} }
@@ -81,7 +87,8 @@ class OutputHelper {
* @param string|null $string The string to escape * @param string|null $string The string to escape
* @return string Escaped string (only allows safe characters) * @return string Escaped string (only allows safe characters)
*/ */
public static function css(?string $string): string { public static function css(?string $string): string
{
if ($string === null) { if ($string === null) {
return ''; return '';
} }
@@ -101,7 +108,8 @@ class OutputHelper {
* @param int $decimals Number of decimal places * @param int $decimals Number of decimal places
* @return string Formatted number * @return string Formatted number
*/ */
public static function number($number, int $decimals = 0): string { public static function number($number, int $decimals = 0): string
{
return number_format((float)$number, $decimals, '.', ','); return number_format((float)$number, $decimals, '.', ',');
} }
@@ -111,7 +119,8 @@ class OutputHelper {
* @param mixed $value The value to format * @param mixed $value The value to format
* @return int Integer value * @return int Integer value
*/ */
public static function int($value): int { public static function int($value): int
{
return (int)$value; return (int)$value;
} }
@@ -123,7 +132,8 @@ class OutputHelper {
* @param string $suffix Suffix to add if truncated * @param string $suffix Suffix to add if truncated
* @return string Truncated and escaped string * @return string Truncated and escaped string
*/ */
public static function truncate(?string $string, int $length = 100, string $suffix = '...'): string { public static function truncate(?string $string, int $length = 100, string $suffix = '...'): string
{
if ($string === null) { if ($string === null) {
return ''; return '';
} }
@@ -142,7 +152,8 @@ class OutputHelper {
* @param string $format PHP date format * @param string $format PHP date format
* @return string Formatted date * @return string Formatted date
*/ */
public static function date($date, string $format = 'Y-m-d H:i:s'): string { public static function date($date, string $format = 'Y-m-d H:i:s'): string
{
if ($date === null || $date === '') { if ($date === null || $date === '') {
return ''; return '';
} }
@@ -165,7 +176,8 @@ class OutputHelper {
* @param string $class The class name to validate * @param string $class The class name to validate
* @return bool True if safe * @return bool True if safe
*/ */
public static function isValidCssClass(string $class): bool { public static function isValidCssClass(string $class): bool
{
return preg_match('/^[a-zA-Z_][a-zA-Z0-9_-]*$/', $class) === 1; return preg_match('/^[a-zA-Z_][a-zA-Z0-9_-]*$/', $class) === 1;
} }
@@ -175,7 +187,8 @@ class OutputHelper {
* @param string|null $classes Space-separated class names * @param string|null $classes Space-separated class names
* @return string Sanitized class names * @return string Sanitized class names
*/ */
public static function cssClass(?string $classes): string { public static function cssClass(?string $classes): string
{
if ($classes === null || $classes === '') { if ($classes === null || $classes === '') {
return ''; return '';
} }
@@ -193,6 +206,7 @@ class OutputHelper {
* @param string|null $string The string to escape * @param string|null $string The string to escape
* @return string Escaped string * @return string Escaped string
*/ */
function h(?string $string): string { function h(?string $string): string
{
return OutputHelper::h($string); return OutputHelper::h($string);
} }
helpers/ResponseHelper.php
+23 -11
View File
@@ -1,10 +1,12 @@
<?php <?php
/** /**
* ResponseHelper - Standardized JSON response formatting * ResponseHelper - Standardized JSON response formatting
* *
* Provides consistent API response structure across all endpoints. * Provides consistent API response structure across all endpoints.
*/ */
class ResponseHelper { class ResponseHelper
{
/** /**
* Send a success response * Send a success response
* *
@@ -12,7 +14,8 @@ class ResponseHelper {
* @param string $message Success message * @param string $message Success message
* @param int $code HTTP status code * @param int $code HTTP status code
*/ */
public static function success($data = [], $message = 'Success', $code = 200) { public static function success($data = [], $message = 'Success', $code = 200)
{
http_response_code($code); http_response_code($code);
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode(array_merge([ echo json_encode(array_merge([
@@ -29,7 +32,8 @@ class ResponseHelper {
* @param int $code HTTP status code * @param int $code HTTP status code
* @param array $data Additional data to include * @param array $data Additional data to include
*/ */
public static function error($message, $code = 400, $data = []) { public static function error($message, $code = 400, $data = [])
{
http_response_code($code); http_response_code($code);
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode(array_merge([ echo json_encode(array_merge([
@@ -44,7 +48,8 @@ class ResponseHelper {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function unauthorized($message = 'Authentication required') { public static function unauthorized($message = 'Authentication required')
{
self::error($message, 401); self::error($message, 401);
} }
@@ -53,7 +58,8 @@ class ResponseHelper {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function forbidden($message = 'Access denied') { public static function forbidden($message = 'Access denied')
{
self::error($message, 403); self::error($message, 403);
} }
@@ -62,7 +68,8 @@ class ResponseHelper {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function notFound($message = 'Resource not found') { public static function notFound($message = 'Resource not found')
{
self::error($message, 404); self::error($message, 404);
} }
@@ -72,7 +79,8 @@ class ResponseHelper {
* @param array $errors Validation errors * @param array $errors Validation errors
* @param string $message Error message * @param string $message Error message
*/ */
public static function validationError($errors, $message = 'Validation failed') { public static function validationError($errors, $message = 'Validation failed')
{
self::error($message, 422, ['validation_errors' => $errors]); self::error($message, 422, ['validation_errors' => $errors]);
} }
@@ -81,7 +89,8 @@ class ResponseHelper {
* *
* @param string $message Error message * @param string $message Error message
*/ */
public static function serverError($message = 'Internal server error') { public static function serverError($message = 'Internal server error')
{
self::error($message, 500); self::error($message, 500);
} }
@@ -91,7 +100,8 @@ class ResponseHelper {
* @param int $retryAfter Seconds until retry is allowed * @param int $retryAfter Seconds until retry is allowed
* @param string $message Error message * @param string $message Error message
*/ */
public static function rateLimitExceeded($retryAfter = 60, $message = 'Rate limit exceeded') { public static function rateLimitExceeded($retryAfter = 60, $message = 'Rate limit exceeded')
{
header('Retry-After: ' . $retryAfter); header('Retry-After: ' . $retryAfter);
self::error($message, 429, ['retry_after' => $retryAfter]); self::error($message, 429, ['retry_after' => $retryAfter]);
} }
@@ -102,14 +112,16 @@ class ResponseHelper {
* @param array $data Resource data * @param array $data Resource data
* @param string $message Success message * @param string $message Success message
*/ */
public static function created($data = [], $message = 'Resource created') { public static function created($data = [], $message = 'Resource created')
{
self::success($data, $message, 201); self::success($data, $message, 201);
} }
/** /**
* Send a no content response (204) * Send a no content response (204)
*/ */
public static function noContent() { public static function noContent()
{
http_response_code(204); http_response_code(204);
exit; exit;
} }
helpers/SynapseHelper.php
+7 -5
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* SynapseHelper * SynapseHelper
* *
@@ -11,8 +12,8 @@
* SYNAPSE_ADMIN_URL e.g. http://10.10.10.29:8008 (internal client-API URL) * SYNAPSE_ADMIN_URL e.g. http://10.10.10.29:8008 (internal client-API URL)
* SYNAPSE_ADMIN_TOKEN a Synapse admin access token * SYNAPSE_ADMIN_TOKEN a Synapse admin access token
*/ */
class SynapseHelper { class SynapseHelper
{
/** /**
* Resolve a local SSO username to its Matrix user ID. * Resolve a local SSO username to its Matrix user ID.
* *
@@ -26,7 +27,8 @@ class SynapseHelper {
* @param string $username Local username (e.g. "jared") * @param string $username Local username (e.g. "jared")
* @return string|null Matrix user ID (e.g. "@jared:matrix.lotusguild.org") or null * @return string|null Matrix user ID (e.g. "@jared:matrix.lotusguild.org") or null
*/ */
public static function resolveUsername(string $username): ?string { public static function resolveUsername(string $username): ?string
{
$baseUrl = $GLOBALS['config']['SYNAPSE_ADMIN_URL'] ?? null; $baseUrl = $GLOBALS['config']['SYNAPSE_ADMIN_URL'] ?? null;
$token = $GLOBALS['config']['SYNAPSE_ADMIN_TOKEN'] ?? null; $token = $GLOBALS['config']['SYNAPSE_ADMIN_TOKEN'] ?? null;
$domain = $GLOBALS['config']['MATRIX_DOMAIN'] ?? null; $domain = $GLOBALS['config']['MATRIX_DOMAIN'] ?? null;
@@ -82,7 +84,8 @@ class SynapseHelper {
* @param string[] $usernames * @param string[] $usernames
* @return string[] Matrix user IDs * @return string[] Matrix user IDs
*/ */
public static function resolveUsernames(array $usernames): array { public static function resolveUsernames(array $usernames): array
{
$ids = []; $ids = [];
foreach ($usernames as $username) { foreach ($usernames as $username) {
$id = self::resolveUsername($username); $id = self::resolveUsername($username);
@@ -93,4 +96,3 @@ class SynapseHelper {
return $ids; return $ids;
} }
} }
?>
helpers/UrlHelper.php
+13 -6
View File
@@ -1,10 +1,12 @@
<?php <?php
/** /**
* UrlHelper - URL and domain utilities * UrlHelper - URL and domain utilities
* *
* Provides secure URL generation with host validation. * Provides secure URL generation with host validation.
*/ */
class UrlHelper { class UrlHelper
{
/** /**
* Get the application base URL with validated host * Get the application base URL with validated host
* *
@@ -13,7 +15,8 @@ class UrlHelper {
* *
* @return string Base URL (e.g., "https://example.com") * @return string Base URL (e.g., "https://example.com")
*/ */
public static function getBaseUrl(): string { public static function getBaseUrl(): string
{
$protocol = self::getProtocol(); $protocol = self::getProtocol();
$host = self::getValidatedHost(); $host = self::getValidatedHost();
@@ -25,7 +28,8 @@ class UrlHelper {
* *
* @return string 'https' or 'http' * @return string 'https' or 'http'
*/ */
public static function getProtocol(): string { public static function getProtocol(): string
{
if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') { if (!empty($_SERVER['HTTPS']) && $_SERVER['HTTPS'] !== 'off') {
return 'https'; return 'https';
} }
@@ -48,7 +52,8 @@ class UrlHelper {
* *
* @return string Validated hostname * @return string Validated hostname
*/ */
public static function getValidatedHost(): string { public static function getValidatedHost(): string
{
$config = $GLOBALS['config'] ?? []; $config = $GLOBALS['config'] ?? [];
// Use configured APP_DOMAIN if available // Use configured APP_DOMAIN if available
@@ -84,7 +89,8 @@ class UrlHelper {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return string Full ticket URL * @return string Full ticket URL
*/ */
public static function ticketUrl(string $ticketId): string { public static function ticketUrl(string $ticketId): string
{
return self::getBaseUrl() . '/ticket/' . urlencode($ticketId); return self::getBaseUrl() . '/ticket/' . urlencode($ticketId);
} }
@@ -93,7 +99,8 @@ class UrlHelper {
* *
* @return bool True if HTTPS * @return bool True if HTTPS
*/ */
public static function isSecure(): bool { public static function isSecure(): bool
{
return self::getProtocol() === 'https'; return self::getProtocol() === 'https';
} }
} }
index.php
+20 -10
View File
@@ -1,4 +1,5 @@
<?php <?php
// Main entry point for the application // Main entry point for the application
require_once 'config/config.php'; require_once 'config/config.php';
require_once 'middleware/SecurityHeadersMiddleware.php'; require_once 'middleware/SecurityHeadersMiddleware.php';
@@ -54,7 +55,8 @@ if (!str_starts_with($requestPath, '/api/')) {
} }
// Helper: require admin or render styled 403 and exit // Helper: require admin or render styled 403 and exit
function requireAdmin(?array $user): void { function requireAdmin(?array $user): void
{
if (!$user || empty($user['is_admin'])) { if (!$user || empty($user['is_admin'])) {
http_response_code(403); http_response_code(403);
include __DIR__ . '/views/error_403.php'; include __DIR__ . '/views/error_403.php';
@@ -276,7 +278,10 @@ switch (true) {
$where = !empty($whereConditions) ? 'WHERE ' . implode(' AND ', $whereConditions) : ''; $where = !empty($whereConditions) ? 'WHERE ' . implode(' AND ', $whereConditions) : '';
$countSql = "SELECT COUNT(*) as total FROM audit_log al $where"; // $where contains only hardcoded SQL fragments with ? placeholders — user values
// are bound via bind_param below, never interpolated. LIMIT/OFFSET are explicit ints.
// nosemgrep: php.lang.security.injection.tainted-sql-string.tainted-sql-string
$countSql = "SELECT COUNT(*) as total FROM audit_log al " . $where;
if (!empty($params)) { if (!empty($params)) {
$stmt = $conn->prepare($countSql); $stmt = $conn->prepare($countSql);
$stmt->bind_param($types, ...$params); $stmt->bind_param($types, ...$params);
@@ -288,12 +293,13 @@ switch (true) {
$totalLogs = $countResult->fetch_assoc()['total']; $totalLogs = $countResult->fetch_assoc()['total'];
$totalPages = ceil($totalLogs / $perPage); $totalPages = ceil($totalLogs / $perPage);
// nosemgrep: php.lang.security.injection.tainted-sql-string.tainted-sql-string
$sql = "SELECT al.*, u.display_name, u.username $sql = "SELECT al.*, u.display_name, u.username
FROM audit_log al FROM audit_log al
LEFT JOIN users u ON al.user_id = u.user_id LEFT JOIN users u ON al.user_id = u.user_id
$where " . $where . "
ORDER BY al.created_at DESC ORDER BY al.created_at DESC
LIMIT $perPage OFFSET $offset"; LIMIT " . (int)$perPage . " OFFSET " . (int)$offset;
if (!empty($params)) { if (!empty($params)) {
$stmt = $conn->prepare($sql); $stmt = $conn->prepare($sql);
@@ -376,11 +382,16 @@ switch (true) {
ORDER BY tickets_created DESC, tickets_resolved DESC"; ORDER BY tickets_created DESC, tickets_resolved DESC";
$stmt = $conn->prepare($sql); $stmt = $conn->prepare($sql);
$stmt->bind_param('ssssssss', $stmt->bind_param(
$dateRange['from'], $dateRange['to'], 'ssssssss',
$dateRange['from'], $dateRange['to'], $dateRange['from'],
$dateRange['from'], $dateRange['to'], $dateRange['to'],
$dateRange['from'], $dateRange['to'] $dateRange['from'],
$dateRange['to'],
$dateRange['from'],
$dateRange['to'],
$dateRange['from'],
$dateRange['to']
); );
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
@@ -418,4 +429,3 @@ switch (true) {
if (isset($conn)) { if (isset($conn)) {
$conn->close(); $conn->close();
} }
?>
middleware/ApiKeyAuth.php
+14 -6
View File
@@ -1,16 +1,20 @@
<?php <?php
/** /**
* ApiKeyAuth - Handles API key authentication for external services * ApiKeyAuth - Handles API key authentication for external services
*/ */
require_once dirname(__DIR__) . '/models/ApiKeyModel.php'; require_once dirname(__DIR__) . '/models/ApiKeyModel.php';
require_once dirname(__DIR__) . '/models/UserModel.php'; require_once dirname(__DIR__) . '/models/UserModel.php';
class ApiKeyAuth { class ApiKeyAuth
{
private $apiKeyModel; private $apiKeyModel;
private $userModel; private $userModel;
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
$this->apiKeyModel = new ApiKeyModel($conn); $this->apiKeyModel = new ApiKeyModel($conn);
$this->userModel = new UserModel($conn); $this->userModel = new UserModel($conn);
@@ -22,7 +26,8 @@ class ApiKeyAuth {
* @return array User data for system user * @return array User data for system user
* @throws Exception if authentication fails * @throws Exception if authentication fails
*/ */
public function authenticate() { public function authenticate()
{
// Get Authorization header // Get Authorization header
$authHeader = $this->getAuthorizationHeader(); $authHeader = $this->getAuthorizationHeader();
@@ -67,7 +72,8 @@ class ApiKeyAuth {
* *
* @return string|null Authorization header value * @return string|null Authorization header value
*/ */
private function getAuthorizationHeader() { private function getAuthorizationHeader()
{
// Try different header formats // Try different header formats
if (isset($_SERVER['HTTP_AUTHORIZATION'])) { if (isset($_SERVER['HTTP_AUTHORIZATION'])) {
return $_SERVER['HTTP_AUTHORIZATION']; return $_SERVER['HTTP_AUTHORIZATION'];
@@ -96,7 +102,8 @@ class ApiKeyAuth {
* *
* @param string $message Error message * @param string $message Error message
*/ */
private function sendUnauthorized($message) { private function sendUnauthorized($message)
{
header('HTTP/1.1 401 Unauthorized'); header('HTTP/1.1 401 Unauthorized');
header('Content-Type: application/json'); header('Content-Type: application/json');
echo json_encode([ echo json_encode([
@@ -111,7 +118,8 @@ class ApiKeyAuth {
* *
* @return array|null User data or null if not authenticated * @return array|null User data or null if not authenticated
*/ */
public function verifyOptional() { public function verifyOptional()
{
$authHeader = $this->getAuthorizationHeader(); $authHeader = $this->getAuthorizationHeader();
if (empty($authHeader)) { if (empty($authHeader)) {
middleware/AuthMiddleware.php
+25 -11
View File
@@ -1,14 +1,18 @@
<?php <?php
/** /**
* AuthMiddleware - Handles authentication via Authelia forward auth headers * AuthMiddleware - Handles authentication via Authelia forward auth headers
*/ */
require_once dirname(__DIR__) . '/models/UserModel.php'; require_once dirname(__DIR__) . '/models/UserModel.php';
class AuthMiddleware { class AuthMiddleware
{
private $userModel; private $userModel;
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
$this->userModel = new UserModel($conn); $this->userModel = new UserModel($conn);
} }
@@ -19,7 +23,8 @@ class AuthMiddleware {
* @param string $event Event type (e.g., 'auth_required', 'access_denied', 'session_expired') * @param string $event Event type (e.g., 'auth_required', 'access_denied', 'session_expired')
* @param array $context Additional context data * @param array $context Additional context data
*/ */
private function logSecurityEvent(string $event, array $context = []): void { private function logSecurityEvent(string $event, array $context = []): void
{
$logData = [ $logData = [
'event' => $event, 'event' => $event,
'ip' => $_SERVER['REMOTE_ADDR'] ?? 'unknown', 'ip' => $_SERVER['REMOTE_ADDR'] ?? 'unknown',
@@ -52,7 +57,8 @@ class AuthMiddleware {
* @return array User data array * @return array User data array
* @throws Exception if authentication fails * @throws Exception if authentication fails
*/ */
public function authenticate() { public function authenticate()
{
// Start session if not already started with secure settings // Start session if not already started with secure settings
if (session_status() === PHP_SESSION_NONE) { if (session_status() === PHP_SESSION_NONE) {
// Configure secure session settings // Configure secure session settings
@@ -136,7 +142,8 @@ class AuthMiddleware {
* @param string $header Header name * @param string $header Header name
* @return string|null Header value or null if not set * @return string|null Header value or null if not set
*/ */
private function getHeader($header) { private function getHeader($header)
{
if (isset($_SERVER[$header])) { if (isset($_SERVER[$header])) {
return $_SERVER[$header]; return $_SERVER[$header];
} }
@@ -149,7 +156,8 @@ class AuthMiddleware {
* @param string $groups Comma-separated group names * @param string $groups Comma-separated group names
* @return bool True if user has access * @return bool True if user has access
*/ */
private function checkGroupAccess($groups) { private function checkGroupAccess($groups)
{
if (empty($groups)) { if (empty($groups)) {
return false; return false;
} }
@@ -158,7 +166,9 @@ class AuthMiddleware {
// Filter to safe characters only to prevent header injection attacks // Filter to safe characters only to prevent header injection attacks
$userGroups = array_filter( $userGroups = array_filter(
array_map('trim', explode(',', strtolower($groups))), array_map('trim', explode(',', strtolower($groups))),
function($g) { return preg_match('/^[a-z0-9_\-]+$/', $g); } function ($g) {
return preg_match('/^[a-z0-9_\-]+$/', $g);
}
); );
$requiredGroups = ['admin', 'employee']; $requiredGroups = ['admin', 'employee'];
@@ -168,7 +178,8 @@ class AuthMiddleware {
/** /**
* Redirect to Authelia login * Redirect to Authelia login
*/ */
private function redirectToAuth() { private function redirectToAuth()
{
// Log unauthenticated access attempt // Log unauthenticated access attempt
$this->logSecurityEvent('auth_required', [ $this->logSecurityEvent('auth_required', [
'reason' => 'no_auth_headers' 'reason' => 'no_auth_headers'
@@ -237,7 +248,8 @@ class AuthMiddleware {
* @param string $username Username * @param string $username Username
* @param string $groups User groups * @param string $groups User groups
*/ */
private function showAccessDenied($username, $groups) { private function showAccessDenied($username, $groups)
{
// Log access denied event with user details // Log access denied event with user details
$this->logSecurityEvent('access_denied', [ $this->logSecurityEvent('access_denied', [
'username' => $username, 'username' => $username,
@@ -308,7 +320,8 @@ class AuthMiddleware {
* *
* @return array|null User data or null if not authenticated * @return array|null User data or null if not authenticated
*/ */
public static function getCurrentUser() { public static function getCurrentUser()
{
if (session_status() === PHP_SESSION_NONE) { if (session_status() === PHP_SESSION_NONE) {
session_start(); session_start();
} }
@@ -319,7 +332,8 @@ class AuthMiddleware {
/** /**
* Logout current user * Logout current user
*/ */
public static function logout() { public static function logout()
{
if (session_status() === PHP_SESSION_NONE) { if (session_status() === PHP_SESSION_NONE) {
session_start(); session_start();
} }
middleware/CsrfMiddleware.php
+13 -6
View File
@@ -1,9 +1,11 @@
<?php <?php
/** /**
* CSRF Protection Middleware * CSRF Protection Middleware
* Generates and validates CSRF tokens for all state-changing operations * Generates and validates CSRF tokens for all state-changing operations
*/ */
class CsrfMiddleware { class CsrfMiddleware
{
private static string $tokenName = 'csrf_token'; private static string $tokenName = 'csrf_token';
private static string $tokenTime = 'csrf_token_time'; private static string $tokenTime = 'csrf_token_time';
private static int $tokenLifetime = 3600; // 1 hour private static int $tokenLifetime = 3600; // 1 hour
@@ -11,7 +13,8 @@ class CsrfMiddleware {
/** /**
* Generate a new CSRF token * Generate a new CSRF token
*/ */
public static function generateToken(): string { public static function generateToken(): string
{
$_SESSION[self::$tokenName] = bin2hex(random_bytes(32)); $_SESSION[self::$tokenName] = bin2hex(random_bytes(32));
$_SESSION[self::$tokenTime] = time(); $_SESSION[self::$tokenTime] = time();
return $_SESSION[self::$tokenName]; return $_SESSION[self::$tokenName];
@@ -20,7 +23,8 @@ class CsrfMiddleware {
/** /**
* Get current CSRF token, regenerate if expired * Get current CSRF token, regenerate if expired
*/ */
public static function getToken(): string { public static function getToken(): string
{
if (!isset($_SESSION[self::$tokenName]) || self::isTokenExpired()) { if (!isset($_SESSION[self::$tokenName]) || self::isTokenExpired()) {
return self::generateToken(); return self::generateToken();
} }
@@ -30,7 +34,8 @@ class CsrfMiddleware {
/** /**
* Validate CSRF token (constant-time comparison) * Validate CSRF token (constant-time comparison)
*/ */
public static function validateToken(string $token): bool { public static function validateToken(string $token): bool
{
if (!isset($_SESSION[self::$tokenName])) { if (!isset($_SESSION[self::$tokenName])) {
return false; return false;
} }
@@ -52,14 +57,16 @@ class CsrfMiddleware {
* *
* @return string The new token * @return string The new token
*/ */
public static function rotateToken(): string { public static function rotateToken(): string
{
return self::generateToken(); return self::generateToken();
} }
/** /**
* Check if token is expired * Check if token is expired
*/ */
private static function isTokenExpired(): bool { private static function isTokenExpired(): bool
{
return !isset($_SESSION[self::$tokenTime]) || return !isset($_SESSION[self::$tokenTime]) ||
(time() - $_SESSION[self::$tokenTime]) > self::$tokenLifetime; (time() - $_SESSION[self::$tokenTime]) > self::$tokenLifetime;
} }
middleware/RateLimitMiddleware.php
+19 -9
View File
@@ -1,11 +1,13 @@
<?php <?php
/** /**
* Rate Limiting Middleware * Rate Limiting Middleware
* *
* Implements both session-based and IP-based rate limiting to prevent abuse. * Implements both session-based and IP-based rate limiting to prevent abuse.
* IP-based limiting prevents attackers from bypassing limits by creating new sessions. * IP-based limiting prevents attackers from bypassing limits by creating new sessions.
*/ */
class RateLimitMiddleware { class RateLimitMiddleware
{
// Default limits // Default limits
public const DEFAULT_LIMIT = 100; // requests per window (session) public const DEFAULT_LIMIT = 100; // requests per window (session)
public const API_LIMIT = 60; // API requests per window (session) public const API_LIMIT = 60; // API requests per window (session)
@@ -21,7 +23,8 @@ class RateLimitMiddleware {
* *
* @return string Path to rate limit storage directory * @return string Path to rate limit storage directory
*/ */
private static function getRateLimitDir(): string { private static function getRateLimitDir(): string
{
if (self::$rateLimitDir === null) { if (self::$rateLimitDir === null) {
self::$rateLimitDir = sys_get_temp_dir() . '/tinker_tickets_ratelimit'; self::$rateLimitDir = sys_get_temp_dir() . '/tinker_tickets_ratelimit';
if (!is_dir(self::$rateLimitDir)) { if (!is_dir(self::$rateLimitDir)) {
@@ -36,7 +39,8 @@ class RateLimitMiddleware {
* *
* @return string Client IP address * @return string Client IP address
*/ */
private static function getClientIp(): string { private static function getClientIp(): string
{
// Check for forwarded IP (behind proxy/load balancer) // Check for forwarded IP (behind proxy/load balancer)
$headers = ['HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP', 'HTTP_CLIENT_IP']; $headers = ['HTTP_X_FORWARDED_FOR', 'HTTP_X_REAL_IP', 'HTTP_CLIENT_IP'];
foreach ($headers as $header) { foreach ($headers as $header) {
@@ -58,7 +62,8 @@ class RateLimitMiddleware {
* @param string $type 'default' or 'api' * @param string $type 'default' or 'api'
* @return bool True if request is allowed, false if rate limited * @return bool True if request is allowed, false if rate limited
*/ */
private static function checkIpRateLimit(string $type = 'default'): bool { private static function checkIpRateLimit(string $type = 'default'): bool
{
$ip = self::getClientIp(); $ip = self::getClientIp();
$limit = $type === 'api' ? self::IP_API_LIMIT : self::IP_LIMIT; $limit = $type === 'api' ? self::IP_API_LIMIT : self::IP_LIMIT;
$now = time(); $now = time();
@@ -100,7 +105,8 @@ class RateLimitMiddleware {
* Uses DirectoryIterator instead of glob() for better memory efficiency. * Uses DirectoryIterator instead of glob() for better memory efficiency.
* A dedicated cron script (cron/cleanup_ratelimit.php) should also run for reliable cleanup. * A dedicated cron script (cron/cleanup_ratelimit.php) should also run for reliable cleanup.
*/ */
public static function cleanupOldFiles(): void { public static function cleanupOldFiles(): void
{
$dir = self::getRateLimitDir(); $dir = self::getRateLimitDir();
$lockFile = $dir . '/.cleanup.lock'; $lockFile = $dir . '/.cleanup.lock';
$now = time(); $now = time();
@@ -157,7 +163,8 @@ class RateLimitMiddleware {
* @param string $type 'default' or 'api' * @param string $type 'default' or 'api'
* @return bool True if request is allowed, false if rate limited * @return bool True if request is allowed, false if rate limited
*/ */
public static function check(string $type = 'default'): bool { public static function check(string $type = 'default'): bool
{
// First check IP-based rate limit (prevents session bypass) // First check IP-based rate limit (prevents session bypass)
if (!self::checkIpRateLimit($type)) { if (!self::checkIpRateLimit($type)) {
return false; return false;
@@ -206,7 +213,8 @@ class RateLimitMiddleware {
* @param string $type 'default' or 'api' * @param string $type 'default' or 'api'
* @param bool $addHeaders Whether to add rate limit headers to response * @param bool $addHeaders Whether to add rate limit headers to response
*/ */
public static function apply(string $type = 'default', bool $addHeaders = true): void { public static function apply(string $type = 'default', bool $addHeaders = true): void
{
// Periodically clean up old rate limit files (2% chance per request) // Periodically clean up old rate limit files (2% chance per request)
// Note: For production, use cron/cleanup_ratelimit.php for reliable cleanup // Note: For production, use cron/cleanup_ratelimit.php for reliable cleanup
if (mt_rand(1, 50) === 1) { if (mt_rand(1, 50) === 1) {
@@ -240,7 +248,8 @@ class RateLimitMiddleware {
* @param string $type 'default' or 'api' * @param string $type 'default' or 'api'
* @return array Rate limit status * @return array Rate limit status
*/ */
public static function getStatus(string $type = 'default'): array { public static function getStatus(string $type = 'default'): array
{
if (session_status() === PHP_SESSION_NONE) { if (session_status() === PHP_SESSION_NONE) {
session_start(); session_start();
} }
@@ -280,7 +289,8 @@ class RateLimitMiddleware {
* *
* @param string $type 'default' or 'api' * @param string $type 'default' or 'api'
*/ */
public static function addHeaders(string $type = 'default'): void { public static function addHeaders(string $type = 'default'): void
{
$status = self::getStatus($type); $status = self::getStatus($type);
header('X-RateLimit-Limit: ' . $status['limit']); header('X-RateLimit-Limit: ' . $status['limit']);
header('X-RateLimit-Remaining: ' . $status['remaining']); header('X-RateLimit-Remaining: ' . $status['remaining']);
middleware/SecurityHeadersMiddleware.php
+7 -3
View File
@@ -1,10 +1,12 @@
<?php <?php
/** /**
* Security Headers Middleware * Security Headers Middleware
* *
* Applies security-related HTTP headers to all responses. * Applies security-related HTTP headers to all responses.
*/ */
class SecurityHeadersMiddleware { class SecurityHeadersMiddleware
{
private static ?string $nonce = null; private static ?string $nonce = null;
/** /**
@@ -12,7 +14,8 @@ class SecurityHeadersMiddleware {
* *
* @return string The nonce value * @return string The nonce value
*/ */
public static function getNonce(): string { public static function getNonce(): string
{
if (self::$nonce === null) { if (self::$nonce === null) {
self::$nonce = base64_encode(random_bytes(16)); self::$nonce = base64_encode(random_bytes(16));
} }
@@ -22,7 +25,8 @@ class SecurityHeadersMiddleware {
/** /**
* Apply security headers to the response * Apply security headers to the response
*/ */
public static function apply(): void { public static function apply(): void
{
$nonce = self::getNonce(); $nonce = self::getNonce();
// Content Security Policy - restricts where resources can be loaded from // Content Security Policy - restricts where resources can be loaded from
models/ApiKeyModel.php
+21 -10
View File
@@ -1,11 +1,14 @@
<?php <?php
/** /**
* ApiKeyModel - Handles API key generation and validation * ApiKeyModel - Handles API key generation and validation
*/ */
class ApiKeyModel { class ApiKeyModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -17,7 +20,8 @@ class ApiKeyModel {
* @param int|null $expiresInDays Number of days until expiration (null for no expiration) * @param int|null $expiresInDays Number of days until expiration (null for no expiration)
* @return array Array with 'success', 'api_key' (plaintext), 'key_prefix', 'error' * @return array Array with 'success', 'api_key' (plaintext), 'key_prefix', 'error'
*/ */
public function createKey($keyName, $createdBy, $expiresInDays = null) { public function createKey($keyName, $createdBy, $expiresInDays = null)
{
// Generate random API key (32 bytes = 64 hex characters) // Generate random API key (32 bytes = 64 hex characters)
$apiKey = bin2hex(random_bytes(32)); $apiKey = bin2hex(random_bytes(32));
@@ -67,7 +71,8 @@ class ApiKeyModel {
* @param string $apiKey Plaintext API key to validate * @param string $apiKey Plaintext API key to validate
* @return array|null API key record if valid, null if invalid * @return array|null API key record if valid, null if invalid
*/ */
public function validateKey($apiKey) { public function validateKey($apiKey)
{
if (empty($apiKey)) { if (empty($apiKey)) {
return null; return null;
} }
@@ -111,7 +116,8 @@ class ApiKeyModel {
* @param int $keyId API key ID * @param int $keyId API key ID
* @return bool Success status * @return bool Success status
*/ */
private function updateLastUsed($keyId) { private function updateLastUsed($keyId)
{
$stmt = $this->conn->prepare("UPDATE api_keys SET last_used = NOW() WHERE api_key_id = ?"); $stmt = $this->conn->prepare("UPDATE api_keys SET last_used = NOW() WHERE api_key_id = ?");
$stmt->bind_param("i", $keyId); $stmt->bind_param("i", $keyId);
$success = $stmt->execute(); $success = $stmt->execute();
@@ -125,7 +131,8 @@ class ApiKeyModel {
* @param int $keyId API key ID * @param int $keyId API key ID
* @return bool Success status * @return bool Success status
*/ */
public function revokeKey($keyId) { public function revokeKey($keyId)
{
$stmt = $this->conn->prepare("UPDATE api_keys SET is_active = 0 WHERE api_key_id = ?"); $stmt = $this->conn->prepare("UPDATE api_keys SET is_active = 0 WHERE api_key_id = ?");
$stmt->bind_param("i", $keyId); $stmt->bind_param("i", $keyId);
$success = $stmt->execute(); $success = $stmt->execute();
@@ -139,7 +146,8 @@ class ApiKeyModel {
* @param int $keyId API key ID * @param int $keyId API key ID
* @return bool Success status * @return bool Success status
*/ */
public function deleteKey($keyId) { public function deleteKey($keyId)
{
$stmt = $this->conn->prepare("DELETE FROM api_keys WHERE api_key_id = ?"); $stmt = $this->conn->prepare("DELETE FROM api_keys WHERE api_key_id = ?");
$stmt->bind_param("i", $keyId); $stmt->bind_param("i", $keyId);
$success = $stmt->execute(); $success = $stmt->execute();
@@ -152,7 +160,8 @@ class ApiKeyModel {
* *
* @return array Array of API key records (without hashes) * @return array Array of API key records (without hashes)
*/ */
public function getAllKeys() { public function getAllKeys()
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"SELECT ak.*, u.username, u.display_name "SELECT ak.*, u.username, u.display_name
FROM api_keys ak FROM api_keys ak
@@ -179,7 +188,8 @@ class ApiKeyModel {
* @param int $keyId API key ID * @param int $keyId API key ID
* @return array|null API key record (without hash) or null if not found * @return array|null API key record (without hash) or null if not found
*/ */
public function getKeyById($keyId) { public function getKeyById($keyId)
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"SELECT ak.*, u.username, u.display_name "SELECT ak.*, u.username, u.display_name
FROM api_keys ak FROM api_keys ak
@@ -208,7 +218,8 @@ class ApiKeyModel {
* @param int $userId User ID * @param int $userId User ID
* @return array Array of API key records * @return array Array of API key records
*/ */
public function getKeysByUser($userId) { public function getKeysByUser($userId)
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"SELECT * FROM api_keys WHERE created_by = ? ORDER BY created_at DESC" "SELECT * FROM api_keys WHERE created_by = ? ORDER BY created_at DESC"
); );
models/AttachmentModel.php
+25 -13
View File
@@ -1,19 +1,23 @@
<?php <?php
/** /**
* AttachmentModel - Handles ticket file attachments * AttachmentModel - Handles ticket file attachments
*/ */
class AttachmentModel { class AttachmentModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
/** /**
* Get all attachments for a ticket * Get all attachments for a ticket
*/ */
public function getAttachments($ticketId) { public function getAttachments($ticketId)
{
$sql = "SELECT a.*, u.username, u.display_name $sql = "SELECT a.*, u.username, u.display_name
FROM ticket_attachments a FROM ticket_attachments a
LEFT JOIN users u ON a.uploaded_by = u.user_id LEFT JOIN users u ON a.uploaded_by = u.user_id
@@ -37,7 +41,8 @@ class AttachmentModel {
/** /**
* Get a single attachment by ID * Get a single attachment by ID
*/ */
public function getAttachment($attachmentId) { public function getAttachment($attachmentId)
{
$sql = "SELECT a.*, u.username, u.display_name $sql = "SELECT a.*, u.username, u.display_name
FROM ticket_attachments a FROM ticket_attachments a
LEFT JOIN users u ON a.uploaded_by = u.user_id LEFT JOIN users u ON a.uploaded_by = u.user_id
@@ -56,7 +61,8 @@ class AttachmentModel {
/** /**
* Add a new attachment record * Add a new attachment record
*/ */
public function addAttachment($ticketId, $filename, $originalFilename, $fileSize, $mimeType, $uploadedBy) { public function addAttachment($ticketId, $filename, $originalFilename, $fileSize, $mimeType, $uploadedBy)
{
$sql = "INSERT INTO ticket_attachments (ticket_id, filename, original_filename, file_size, mime_type, uploaded_by) $sql = "INSERT INTO ticket_attachments (ticket_id, filename, original_filename, file_size, mime_type, uploaded_by)
VALUES (?, ?, ?, ?, ?, ?)"; VALUES (?, ?, ?, ?, ?, ?)";
@@ -77,7 +83,8 @@ class AttachmentModel {
/** /**
* Delete an attachment record * Delete an attachment record
*/ */
public function deleteAttachment($attachmentId) { public function deleteAttachment($attachmentId)
{
$sql = "DELETE FROM ticket_attachments WHERE attachment_id = ?"; $sql = "DELETE FROM ticket_attachments WHERE attachment_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -91,7 +98,8 @@ class AttachmentModel {
/** /**
* Get total attachment size for a ticket * Get total attachment size for a ticket
*/ */
public function getTotalSizeForTicket($ticketId) { public function getTotalSizeForTicket($ticketId)
{
$sql = "SELECT COALESCE(SUM(file_size), 0) as total_size $sql = "SELECT COALESCE(SUM(file_size), 0) as total_size
FROM ticket_attachments FROM ticket_attachments
WHERE ticket_id = ?"; WHERE ticket_id = ?";
@@ -109,7 +117,8 @@ class AttachmentModel {
/** /**
* Get attachment count for a ticket * Get attachment count for a ticket
*/ */
public function getAttachmentCount($ticketId) { public function getAttachmentCount($ticketId)
{
$sql = "SELECT COUNT(*) as count FROM ticket_attachments WHERE ticket_id = ?"; $sql = "SELECT COUNT(*) as count FROM ticket_attachments WHERE ticket_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -125,7 +134,8 @@ class AttachmentModel {
/** /**
* Check if user can delete attachment (owner or admin) * Check if user can delete attachment (owner or admin)
*/ */
public function canUserDelete($attachmentId, $userId, $isAdmin = false) { public function canUserDelete($attachmentId, $userId, $isAdmin = false)
{
if ($isAdmin) { if ($isAdmin) {
return true; return true;
} }
@@ -137,7 +147,8 @@ class AttachmentModel {
/** /**
* Format file size for display * Format file size for display
*/ */
public static function formatFileSize($bytes) { public static function formatFileSize($bytes)
{
if ($bytes >= 1073741824) { if ($bytes >= 1073741824) {
return number_format($bytes / 1073741824, 2) . ' GB'; return number_format($bytes / 1073741824, 2) . ' GB';
} elseif ($bytes >= 1048576) { } elseif ($bytes >= 1048576) {
@@ -152,7 +163,8 @@ class AttachmentModel {
/** /**
* Get file icon based on mime type * Get file icon based on mime type
*/ */
public static function getFileIcon($mimeType) { public static function getFileIcon($mimeType)
{
if (strpos($mimeType, 'image/') === 0) { if (strpos($mimeType, 'image/') === 0) {
return '🖼️'; return '🖼️';
} elseif (strpos($mimeType, 'video/') === 0) { } elseif (strpos($mimeType, 'video/') === 0) {
@@ -177,7 +189,8 @@ class AttachmentModel {
/** /**
* Validate file type against allowed types * Validate file type against allowed types
*/ */
public static function isAllowedType($mimeType) { public static function isAllowedType($mimeType)
{
$allowedTypes = $GLOBALS['config']['ALLOWED_FILE_TYPES'] ?? [ $allowedTypes = $GLOBALS['config']['ALLOWED_FILE_TYPES'] ?? [
'image/jpeg', 'image/png', 'image/gif', 'image/webp', 'image/jpeg', 'image/png', 'image/gif', 'image/webp',
'application/pdf', 'application/pdf',
@@ -192,5 +205,4 @@ class AttachmentModel {
return in_array($mimeType, $allowedTypes); return in_array($mimeType, $allowedTypes);
} }
} }
models/AuditLogModel.php
+55 -27
View File
@@ -1,8 +1,10 @@
<?php <?php
/** /**
* AuditLogModel - Handles audit trail logging for all user actions * AuditLogModel - Handles audit trail logging for all user actions
*/ */
class AuditLogModel { class AuditLogModel
{
private $conn; private $conn;
/** @var int Maximum allowed limit for pagination */ /** @var int Maximum allowed limit for pagination */
@@ -23,7 +25,8 @@ class AuditLogModel {
'template', 'attachment', 'group' 'template', 'attachment', 'group'
]; ];
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -33,7 +36,8 @@ class AuditLogModel {
* @param int $limit Requested limit * @param int $limit Requested limit
* @return int Validated limit * @return int Validated limit
*/ */
private function validateLimit(int $limit): int { private function validateLimit(int $limit): int
{
if ($limit < 1) { if ($limit < 1) {
return self::DEFAULT_LIMIT; return self::DEFAULT_LIMIT;
} }
@@ -46,7 +50,8 @@ class AuditLogModel {
* @param int $offset Requested offset * @param int $offset Requested offset
* @return int Validated offset (non-negative) * @return int Validated offset (non-negative)
*/ */
private function validateOffset(int $offset): int { private function validateOffset(int $offset): int
{
return max(0, $offset); return max(0, $offset);
} }
@@ -56,7 +61,8 @@ class AuditLogModel {
* @param string $date Date string * @param string $date Date string
* @return string|null Validated date or null if invalid * @return string|null Validated date or null if invalid
*/ */
private function validateDate(string $date): ?string { private function validateDate(string $date): ?string
{
// Check format // Check format
if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $date)) { if (!preg_match('/^\d{4}-\d{2}-\d{2}$/', $date)) {
return null; return null;
@@ -77,7 +83,8 @@ class AuditLogModel {
* @param string $actionType Action type to validate * @param string $actionType Action type to validate
* @return bool True if valid * @return bool True if valid
*/ */
private function isValidActionType(string $actionType): bool { private function isValidActionType(string $actionType): bool
{
return in_array($actionType, self::VALID_ACTION_TYPES, true); return in_array($actionType, self::VALID_ACTION_TYPES, true);
} }
@@ -87,7 +94,8 @@ class AuditLogModel {
* @param string $entityType Entity type to validate * @param string $entityType Entity type to validate
* @return bool True if valid * @return bool True if valid
*/ */
private function isValidEntityType(string $entityType): bool { private function isValidEntityType(string $entityType): bool
{
return in_array($entityType, self::VALID_ENTITY_TYPES, true); return in_array($entityType, self::VALID_ENTITY_TYPES, true);
} }
@@ -102,7 +110,8 @@ class AuditLogModel {
* @param string|null $ipAddress IP address of the user * @param string|null $ipAddress IP address of the user
* @return bool Success status * @return bool Success status
*/ */
public function log($userId, $actionType, $entityType, $entityId = null, $details = null, $ipAddress = null) { public function log($userId, $actionType, $entityType, $entityId = null, $details = null, $ipAddress = null)
{
// Convert details array to JSON // Convert details array to JSON
$detailsJson = null; $detailsJson = null;
if ($details !== null) { if ($details !== null) {
@@ -134,7 +143,8 @@ class AuditLogModel {
* @param int $limit Maximum number of logs to return * @param int $limit Maximum number of logs to return
* @return array Array of audit log records * @return array Array of audit log records
*/ */
public function getLogsByEntity($entityType, $entityId, $limit = 100) { public function getLogsByEntity($entityType, $entityId, $limit = 100)
{
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
@@ -169,7 +179,8 @@ class AuditLogModel {
* @param int $limit Maximum number of logs to return * @param int $limit Maximum number of logs to return
* @return array Array of audit log records * @return array Array of audit log records
*/ */
public function getLogsByUser($userId, $limit = 100) { public function getLogsByUser($userId, $limit = 100)
{
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
$userId = max(0, (int)$userId); $userId = max(0, (int)$userId);
@@ -205,7 +216,8 @@ class AuditLogModel {
* @param int $offset Offset for pagination * @param int $offset Offset for pagination
* @return array Array of audit log records * @return array Array of audit log records
*/ */
public function getRecentLogs($limit = 50, $offset = 0) { public function getRecentLogs($limit = 50, $offset = 0)
{
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
$offset = $this->validateOffset((int)$offset); $offset = $this->validateOffset((int)$offset);
@@ -240,7 +252,8 @@ class AuditLogModel {
* @param int $limit Maximum number of logs to return * @param int $limit Maximum number of logs to return
* @return array Array of audit log records * @return array Array of audit log records
*/ */
public function getLogsByAction($actionType, $limit = 100) { public function getLogsByAction($actionType, $limit = 100)
{
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
// Validate action type to prevent unexpected queries // Validate action type to prevent unexpected queries
@@ -278,7 +291,8 @@ class AuditLogModel {
* *
* @return int Total count * @return int Total count
*/ */
public function getTotalCount() { public function getTotalCount()
{
$result = $this->conn->query("SELECT COUNT(*) as count FROM audit_log"); $result = $this->conn->query("SELECT COUNT(*) as count FROM audit_log");
$row = $result->fetch_assoc(); $row = $result->fetch_assoc();
return (int)$row['count']; return (int)$row['count'];
@@ -290,7 +304,8 @@ class AuditLogModel {
* @param int $daysToKeep Number of days of logs to keep * @param int $daysToKeep Number of days of logs to keep
* @return int Number of deleted records * @return int Number of deleted records
*/ */
public function deleteOldLogs($daysToKeep = 90) { public function deleteOldLogs($daysToKeep = 90)
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"DELETE FROM audit_log WHERE created_at < DATE_SUB(NOW(), INTERVAL ? DAY)" "DELETE FROM audit_log WHERE created_at < DATE_SUB(NOW(), INTERVAL ? DAY)"
); );
@@ -307,7 +322,8 @@ class AuditLogModel {
* *
* @return string Client IP address * @return string Client IP address
*/ */
private function getClientIP() { private function getClientIP()
{
$ipAddress = ''; $ipAddress = '';
// Check for proxy headers // Check for proxy headers
@@ -336,7 +352,8 @@ class AuditLogModel {
* @param array $ticketData Ticket data * @param array $ticketData Ticket data
* @return bool Success status * @return bool Success status
*/ */
public function logTicketCreate($userId, $ticketId, $ticketData) { public function logTicketCreate($userId, $ticketId, $ticketData)
{
return $this->log( return $this->log(
$userId, $userId,
'create', 'create',
@@ -354,7 +371,8 @@ class AuditLogModel {
* @param array $changes Array of changed fields * @param array $changes Array of changed fields
* @return bool Success status * @return bool Success status
*/ */
public function logTicketUpdate($userId, $ticketId, $changes) { public function logTicketUpdate($userId, $ticketId, $changes)
{
return $this->log($userId, 'update', 'ticket', $ticketId, $changes); return $this->log($userId, 'update', 'ticket', $ticketId, $changes);
} }
@@ -366,7 +384,8 @@ class AuditLogModel {
* @param string $ticketId Associated ticket ID * @param string $ticketId Associated ticket ID
* @return bool Success status * @return bool Success status
*/ */
public function logCommentCreate($userId, $commentId, $ticketId) { public function logCommentCreate($userId, $commentId, $ticketId)
{
return $this->log( return $this->log(
$userId, $userId,
'comment', 'comment',
@@ -383,7 +402,8 @@ class AuditLogModel {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return bool Success status * @return bool Success status
*/ */
public function logTicketView($userId, $ticketId) { public function logTicketView($userId, $ticketId)
{
return $this->log($userId, 'view', 'ticket', $ticketId); return $this->log($userId, 'view', 'ticket', $ticketId);
} }
@@ -399,7 +419,8 @@ class AuditLogModel {
* @param int|null $userId User ID if known * @param int|null $userId User ID if known
* @return bool Success status * @return bool Success status
*/ */
public function logSecurityEvent($eventType, $details = [], $userId = null) { public function logSecurityEvent($eventType, $details = [], $userId = null)
{
$details['event_type'] = $eventType; $details['event_type'] = $eventType;
$details['user_agent'] = $_SERVER['HTTP_USER_AGENT'] ?? 'Unknown'; $details['user_agent'] = $_SERVER['HTTP_USER_AGENT'] ?? 'Unknown';
return $this->log($userId, 'security_event', 'security', null, $details); return $this->log($userId, 'security_event', 'security', null, $details);
@@ -412,7 +433,8 @@ class AuditLogModel {
* @param string $reason Reason for failure * @param string $reason Reason for failure
* @return bool Success status * @return bool Success status
*/ */
public function logFailedAuth($username, $reason = 'Invalid credentials') { public function logFailedAuth($username, $reason = 'Invalid credentials')
{
return $this->logSecurityEvent('failed_auth', [ return $this->logSecurityEvent('failed_auth', [
'username' => $username, 'username' => $username,
'reason' => $reason 'reason' => $reason
@@ -426,7 +448,8 @@ class AuditLogModel {
* @param int|null $userId User ID if session exists * @param int|null $userId User ID if session exists
* @return bool Success status * @return bool Success status
*/ */
public function logCsrfFailure($endpoint, $userId = null) { public function logCsrfFailure($endpoint, $userId = null)
{
return $this->logSecurityEvent('csrf_failure', [ return $this->logSecurityEvent('csrf_failure', [
'endpoint' => $endpoint, 'endpoint' => $endpoint,
'method' => $_SERVER['REQUEST_METHOD'] ?? 'Unknown' 'method' => $_SERVER['REQUEST_METHOD'] ?? 'Unknown'
@@ -440,7 +463,8 @@ class AuditLogModel {
* @param int|null $userId User ID if session exists * @param int|null $userId User ID if session exists
* @return bool Success status * @return bool Success status
*/ */
public function logRateLimitExceeded($endpoint, $userId = null) { public function logRateLimitExceeded($endpoint, $userId = null)
{
return $this->logSecurityEvent('rate_limit_exceeded', [ return $this->logSecurityEvent('rate_limit_exceeded', [
'endpoint' => $endpoint 'endpoint' => $endpoint
], $userId); ], $userId);
@@ -453,7 +477,8 @@ class AuditLogModel {
* @param int|null $userId User ID if session exists * @param int|null $userId User ID if session exists
* @return bool Success status * @return bool Success status
*/ */
public function logUnauthorizedAccess($resource, $userId = null) { public function logUnauthorizedAccess($resource, $userId = null)
{
return $this->logSecurityEvent('unauthorized_access', [ return $this->logSecurityEvent('unauthorized_access', [
'resource' => $resource 'resource' => $resource
], $userId); ], $userId);
@@ -466,7 +491,8 @@ class AuditLogModel {
* @param int $offset Offset for pagination * @param int $offset Offset for pagination
* @return array Security events * @return array Security events
*/ */
public function getSecurityEvents($limit = 100, $offset = 0) { public function getSecurityEvents($limit = 100, $offset = 0)
{
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
$offset = $this->validateOffset((int)$offset); $offset = $this->validateOffset((int)$offset);
@@ -501,7 +527,8 @@ class AuditLogModel {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return array Timeline events * @return array Timeline events
*/ */
public function getTicketTimeline($ticketId) { public function getTicketTimeline($ticketId)
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"SELECT al.*, u.username, u.display_name "SELECT al.*, u.username, u.display_name
FROM audit_log al FROM audit_log al
@@ -534,7 +561,8 @@ class AuditLogModel {
* @param int $offset Offset for pagination * @param int $offset Offset for pagination
* @return array Array containing logs and total count * @return array Array containing logs and total count
*/ */
public function getFilteredLogs($filters = [], $limit = 50, $offset = 0) { public function getFilteredLogs($filters = [], $limit = 50, $offset = 0)
{
// Validate pagination parameters // Validate pagination parameters
$limit = $this->validateLimit((int)$limit); $limit = $this->validateLimit((int)$limit);
$offset = $this->validateOffset((int)$offset); $offset = $this->validateOffset((int)$offset);
models/BulkOperationsModel.php
+48 -17
View File
@@ -1,11 +1,14 @@
<?php <?php
/** /**
* BulkOperationsModel - Handles bulk ticket operations (Admin only) * BulkOperationsModel - Handles bulk ticket operations (Admin only)
*/ */
class BulkOperationsModel { class BulkOperationsModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -18,7 +21,8 @@ class BulkOperationsModel {
* @param array|null $parameters Operation parameters * @param array|null $parameters Operation parameters
* @return int|false Operation ID or false on failure * @return int|false Operation ID or false on failure
*/ */
public function createBulkOperation($type, $ticketIds, $userId, $parameters = null) { public function createBulkOperation($type, $ticketIds, $userId, $parameters = null)
{
// Validate ticket IDs to prevent injection via implode // Validate ticket IDs to prevent injection via implode
$ticketIds = array_values(array_filter( $ticketIds = array_values(array_filter(
array_map('strval', $ticketIds), array_map('strval', $ticketIds),
@@ -56,7 +60,8 @@ class BulkOperationsModel {
* @param bool $atomic If true, rollback all changes on any failure * @param bool $atomic If true, rollback all changes on any failure
* @return array Result with processed and failed counts * @return array Result with processed and failed counts
*/ */
public function processBulkOperation($operationId, bool $atomic = false) { public function processBulkOperation($operationId, bool $atomic = false)
{
// Get operation details // Get operation details
$sql = "SELECT * FROM bulk_operations WHERE operation_id = ?"; $sql = "SELECT * FROM bulk_operations WHERE operation_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -112,8 +117,13 @@ class BulkOperationsModel {
$success = $updateResult['success']; $success = $updateResult['success'];
if ($success) { if ($success) {
$auditLogModel->log($operation['performed_by'], 'update', 'ticket', $ticketId, $auditLogModel->log(
['status' => 'Closed', 'bulk_operation_id' => $operationId]); $operation['performed_by'],
'update',
'ticket',
$ticketId,
['status' => 'Closed', 'bulk_operation_id' => $operationId]
);
} }
} }
break; break;
@@ -122,8 +132,13 @@ class BulkOperationsModel {
if (isset($parameters['assigned_to'])) { if (isset($parameters['assigned_to'])) {
$success = $ticketModel->assignTicket($ticketId, $parameters['assigned_to'], $operation['performed_by']); $success = $ticketModel->assignTicket($ticketId, $parameters['assigned_to'], $operation['performed_by']);
if ($success) { if ($success) {
$auditLogModel->log($operation['performed_by'], 'assign', 'ticket', $ticketId, $auditLogModel->log(
['assigned_to' => $parameters['assigned_to'], 'bulk_operation_id' => $operationId]); $operation['performed_by'],
'assign',
'ticket',
$ticketId,
['assigned_to' => $parameters['assigned_to'], 'bulk_operation_id' => $operationId]
);
} }
} }
break; break;
@@ -144,8 +159,13 @@ class BulkOperationsModel {
$success = $updateResult['success']; $success = $updateResult['success'];
if ($success) { if ($success) {
$auditLogModel->log($operation['performed_by'], 'update', 'ticket', $ticketId, $auditLogModel->log(
['priority' => $parameters['priority'], 'bulk_operation_id' => $operationId]); $operation['performed_by'],
'update',
'ticket',
$ticketId,
['priority' => $parameters['priority'], 'bulk_operation_id' => $operationId]
);
} }
} }
} }
@@ -167,8 +187,13 @@ class BulkOperationsModel {
$success = $updateResult['success']; $success = $updateResult['success'];
if ($success) { if ($success) {
$auditLogModel->log($operation['performed_by'], 'update', 'ticket', $ticketId, $auditLogModel->log(
['status' => $parameters['status'], 'bulk_operation_id' => $operationId]); $operation['performed_by'],
'update',
'ticket',
$ticketId,
['status' => $parameters['status'], 'bulk_operation_id' => $operationId]
);
} }
} }
} }
@@ -177,8 +202,13 @@ class BulkOperationsModel {
case 'bulk_delete': case 'bulk_delete':
$success = $ticketModel->deleteTicket($ticketId); $success = $ticketModel->deleteTicket($ticketId);
if ($success) { if ($success) {
$auditLogModel->log($operation['performed_by'], 'delete', 'ticket', $ticketId, $auditLogModel->log(
['bulk_operation_id' => $operationId]); $operation['performed_by'],
'delete',
'ticket',
$ticketId,
['bulk_operation_id' => $operationId]
);
} }
break; break;
} }
@@ -219,7 +249,6 @@ class BulkOperationsModel {
// Commit the transaction // Commit the transaction
$this->conn->commit(); $this->conn->commit();
} catch (Exception $e) { } catch (Exception $e) {
// Rollback on any unexpected error // Rollback on any unexpected error
$this->conn->rollback(); $this->conn->rollback();
@@ -255,7 +284,8 @@ class BulkOperationsModel {
* @param int $operationId Operation ID * @param int $operationId Operation ID
* @return array|null Operation record or null * @return array|null Operation record or null
*/ */
public function getOperationById($operationId) { public function getOperationById($operationId)
{
$sql = "SELECT * FROM bulk_operations WHERE operation_id = ?"; $sql = "SELECT * FROM bulk_operations WHERE operation_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $operationId); $stmt->bind_param("i", $operationId);
@@ -273,7 +303,8 @@ class BulkOperationsModel {
* @param int $limit Result limit * @param int $limit Result limit
* @return array Array of operations * @return array Array of operations
*/ */
public function getOperationsByUser($userId, $limit = 50) { public function getOperationsByUser($userId, $limit = 50)
{
$sql = "SELECT * FROM bulk_operations WHERE performed_by = ? $sql = "SELECT * FROM bulk_operations WHERE performed_by = ?
ORDER BY created_at DESC LIMIT ?"; ORDER BY created_at DESC LIMIT ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
models/CommentModel.php
+33 -17
View File
@@ -1,8 +1,11 @@
<?php <?php
class CommentModel {
class CommentModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -12,7 +15,8 @@ class CommentModel {
* @param string $text Comment text * @param string $text Comment text
* @return array Array of mentioned usernames * @return array Array of mentioned usernames
*/ */
public function extractMentions($text) { public function extractMentions($text)
{
$mentions = []; $mentions = [];
// Match @username patterns (alphanumeric, underscores, hyphens) // Match @username patterns (alphanumeric, underscores, hyphens)
if (preg_match_all('/@([a-zA-Z0-9_-]+)/', $text, $matches)) { if (preg_match_all('/@([a-zA-Z0-9_-]+)/', $text, $matches)) {
@@ -27,7 +31,8 @@ class CommentModel {
* @param array $usernames Array of usernames * @param array $usernames Array of usernames
* @return array Array of user records with user_id, username, display_name * @return array Array of user records with user_id, username, display_name
*/ */
public function getMentionedUsers($usernames) { public function getMentionedUsers($usernames)
{
if (empty($usernames)) { if (empty($usernames)) {
return []; return [];
} }
@@ -53,7 +58,8 @@ class CommentModel {
/** /**
* Get total comment count for a ticket * Get total comment count for a ticket
*/ */
public function getCommentCount(int $ticketId): int { public function getCommentCount(int $ticketId): int
{
$stmt = $this->conn->prepare( $stmt = $this->conn->prepare(
"SELECT COUNT(*) as total FROM ticket_comments WHERE ticket_id = ?" "SELECT COUNT(*) as total FROM ticket_comments WHERE ticket_id = ?"
); );
@@ -70,7 +76,8 @@ class CommentModel {
* @param int $limit Max root-level comments to return (0 = all) * @param int $limit Max root-level comments to return (0 = all)
* @param int $offset Root-level comment offset for pagination * @param int $offset Root-level comment offset for pagination
*/ */
public function getCommentsByTicketId($ticketId, $threaded = true, int $limit = 0, int $offset = 0) { public function getCommentsByTicketId($ticketId, $threaded = true, int $limit = 0, int $offset = 0)
{
$hasThreading = $this->hasThreadingSupport(); $hasThreading = $this->hasThreadingSupport();
// When paginating with threading we fetch root comments page first, // When paginating with threading we fetch root comments page first,
@@ -139,7 +146,8 @@ class CommentModel {
/** /**
* Paginated threaded comments: fetch one page of root comments + all their replies. * Paginated threaded comments: fetch one page of root comments + all their replies.
*/ */
private function getThreadedCommentsPaged(int $ticketId, int $limit, int $offset): array { private function getThreadedCommentsPaged(int $ticketId, int $limit, int $offset): array
{
// Page of root comments // Page of root comments
$rootSql = "SELECT tc.*, u.display_name, u.username $rootSql = "SELECT tc.*, u.display_name, u.username
FROM ticket_comments tc FROM ticket_comments tc
@@ -203,7 +211,8 @@ class CommentModel {
/** /**
* Check if threading columns exist * Check if threading columns exist
*/ */
private function hasThreadingSupport() { private function hasThreadingSupport()
{
static $hasSupport = null; static $hasSupport = null;
if ($hasSupport !== null) { if ($hasSupport !== null) {
return $hasSupport; return $hasSupport;
@@ -217,11 +226,14 @@ class CommentModel {
/** /**
* Recursively build comment thread * Recursively build comment thread
*/ */
private function buildCommentThread($comment, &$allComments) { private function buildCommentThread($comment, &$allComments)
{
$comment['replies'] = []; $comment['replies'] = [];
foreach ($allComments as $c) { foreach ($allComments as $c) {
if ((int)$c['parent_comment_id'] === (int)$comment['comment_id'] if (
&& isset($allComments[$c['comment_id']])) { (int)$c['parent_comment_id'] === (int)$comment['comment_id']
&& isset($allComments[$c['comment_id']])
) {
$comment['replies'][] = $this->buildCommentThread($c, $allComments); $comment['replies'][] = $this->buildCommentThread($c, $allComments);
} }
} }
@@ -235,11 +247,13 @@ class CommentModel {
/** /**
* Get flat list of comments (for backward compatibility) * Get flat list of comments (for backward compatibility)
*/ */
public function getCommentsByTicketIdFlat($ticketId) { public function getCommentsByTicketIdFlat($ticketId)
{
return $this->getCommentsByTicketId($ticketId, false); return $this->getCommentsByTicketId($ticketId, false);
} }
public function addComment($ticketId, $commentData, $userId = null) { public function addComment($ticketId, $commentData, $userId = null)
{
// Check if threading is supported // Check if threading is supported
$hasThreading = $this->hasThreadingSupport(); $hasThreading = $this->hasThreadingSupport();
@@ -310,7 +324,8 @@ class CommentModel {
/** /**
* Get a single comment by ID * Get a single comment by ID
*/ */
public function getCommentById($commentId) { public function getCommentById($commentId)
{
$sql = "SELECT tc.*, u.display_name, u.username $sql = "SELECT tc.*, u.display_name, u.username
FROM ticket_comments tc FROM ticket_comments tc
LEFT JOIN users u ON tc.user_id = u.user_id LEFT JOIN users u ON tc.user_id = u.user_id
@@ -326,7 +341,8 @@ class CommentModel {
* Update an existing comment * Update an existing comment
* Only the comment owner or an admin can update * Only the comment owner or an admin can update
*/ */
public function updateComment($commentId, $commentText, $markdownEnabled, $userId, $isAdmin = false) { public function updateComment($commentId, $commentText, $markdownEnabled, $userId, $isAdmin = false)
{
// First check if user owns this comment or is admin // First check if user owns this comment or is admin
$comment = $this->getCommentById($commentId); $comment = $this->getCommentById($commentId);
@@ -372,7 +388,8 @@ class CommentModel {
* Delete a comment * Delete a comment
* Only the comment owner or an admin can delete * Only the comment owner or an admin can delete
*/ */
public function deleteComment($commentId, $userId, $isAdmin = false) { public function deleteComment($commentId, $userId, $isAdmin = false)
{
// First check if user owns this comment or is admin // First check if user owns this comment or is admin
$comment = $this->getCommentById($commentId); $comment = $this->getCommentById($commentId);
@@ -401,4 +418,3 @@ class CommentModel {
} }
} }
} }
?>
models/CustomFieldModel.php
+27 -14
View File
@@ -1,12 +1,15 @@
<?php <?php
/** /**
* CustomFieldModel - Manages custom field definitions and values * CustomFieldModel - Manages custom field definitions and values
*/ */
class CustomFieldModel { class CustomFieldModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -17,7 +20,8 @@ class CustomFieldModel {
/** /**
* Get all field definitions * Get all field definitions
*/ */
public function getAllDefinitions($category = null, $activeOnly = true) { public function getAllDefinitions($category = null, $activeOnly = true)
{
$sql = "SELECT * FROM custom_field_definitions WHERE 1=1"; $sql = "SELECT * FROM custom_field_definitions WHERE 1=1";
$params = []; $params = [];
$types = ''; $types = '';
@@ -61,7 +65,8 @@ class CustomFieldModel {
/** /**
* Get a single field definition * Get a single field definition
*/ */
public function getDefinition($fieldId) { public function getDefinition($fieldId)
{
$sql = "SELECT * FROM custom_field_definitions WHERE field_id = ?"; $sql = "SELECT * FROM custom_field_definitions WHERE field_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('i', $fieldId); $stmt->bind_param('i', $fieldId);
@@ -80,7 +85,8 @@ class CustomFieldModel {
/** /**
* Create a new field definition * Create a new field definition
*/ */
public function createDefinition($data) { public function createDefinition($data)
{
$options = null; $options = null;
if (isset($data['field_options']) && !empty($data['field_options'])) { if (isset($data['field_options']) && !empty($data['field_options'])) {
$options = json_encode($data['field_options']); $options = json_encode($data['field_options']);
@@ -91,7 +97,8 @@ class CustomFieldModel {
VALUES (?, ?, ?, ?, ?, ?, ?, ?)"; VALUES (?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('sssssiii', $stmt->bind_param(
'sssssiii',
$data['field_name'], $data['field_name'],
$data['field_label'], $data['field_label'],
$data['field_type'], $data['field_type'],
@@ -116,7 +123,8 @@ class CustomFieldModel {
/** /**
* Update a field definition * Update a field definition
*/ */
public function updateDefinition($fieldId, $data) { public function updateDefinition($fieldId, $data)
{
$options = null; $options = null;
if (isset($data['field_options']) && !empty($data['field_options'])) { if (isset($data['field_options']) && !empty($data['field_options'])) {
$options = json_encode($data['field_options']); $options = json_encode($data['field_options']);
@@ -128,7 +136,8 @@ class CustomFieldModel {
WHERE field_id = ?"; WHERE field_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('sssssiiii', $stmt->bind_param(
'sssssiiii',
$data['field_name'], $data['field_name'],
$data['field_label'], $data['field_label'],
$data['field_type'], $data['field_type'],
@@ -148,7 +157,8 @@ class CustomFieldModel {
/** /**
* Delete a field definition * Delete a field definition
*/ */
public function deleteDefinition($fieldId) { public function deleteDefinition($fieldId)
{
// This will cascade delete all values due to FK constraint // This will cascade delete all values due to FK constraint
$sql = "DELETE FROM custom_field_definitions WHERE field_id = ?"; $sql = "DELETE FROM custom_field_definitions WHERE field_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -165,7 +175,8 @@ class CustomFieldModel {
/** /**
* Get all field values for a ticket * Get all field values for a ticket
*/ */
public function getValuesForTicket($ticketId) { public function getValuesForTicket($ticketId)
{
$sql = "SELECT cfv.*, cfd.field_name, cfd.field_label, cfd.field_type, cfd.field_options $sql = "SELECT cfv.*, cfd.field_name, cfd.field_label, cfd.field_type, cfd.field_options
FROM custom_field_values cfv FROM custom_field_values cfv
JOIN custom_field_definitions cfd ON cfv.field_id = cfd.field_id JOIN custom_field_definitions cfd ON cfv.field_id = cfd.field_id
@@ -192,7 +203,8 @@ class CustomFieldModel {
/** /**
* Set a field value for a ticket (insert or update) * Set a field value for a ticket (insert or update)
*/ */
public function setValue($ticketId, $fieldId, $value) { public function setValue($ticketId, $fieldId, $value)
{
$sql = "INSERT INTO custom_field_values (ticket_id, field_id, field_value) $sql = "INSERT INTO custom_field_values (ticket_id, field_id, field_value)
VALUES (?, ?, ?) VALUES (?, ?, ?)
ON DUPLICATE KEY UPDATE field_value = VALUES(field_value), updated_at = CURRENT_TIMESTAMP"; ON DUPLICATE KEY UPDATE field_value = VALUES(field_value), updated_at = CURRENT_TIMESTAMP";
@@ -207,7 +219,8 @@ class CustomFieldModel {
/** /**
* Set multiple field values for a ticket * Set multiple field values for a ticket
*/ */
public function setValues($ticketId, $values) { public function setValues($ticketId, $values)
{
$results = []; $results = [];
foreach ($values as $fieldId => $value) { foreach ($values as $fieldId => $value) {
$results[$fieldId] = $this->setValue($ticketId, $fieldId, $value); $results[$fieldId] = $this->setValue($ticketId, $fieldId, $value);
@@ -218,7 +231,8 @@ class CustomFieldModel {
/** /**
* Delete all field values for a ticket * Delete all field values for a ticket
*/ */
public function deleteValuesForTicket($ticketId) { public function deleteValuesForTicket($ticketId)
{
$sql = "DELETE FROM custom_field_values WHERE ticket_id = ?"; $sql = "DELETE FROM custom_field_values WHERE ticket_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('s', $ticketId); $stmt->bind_param('s', $ticketId);
@@ -227,4 +241,3 @@ class CustomFieldModel {
return ['success' => $success]; return ['success' => $success];
} }
} }
?>
models/DependencyModel.php
+21 -10
View File
@@ -1,11 +1,14 @@
<?php <?php
/** /**
* DependencyModel - Manages ticket dependencies * DependencyModel - Manages ticket dependencies
*/ */
class DependencyModel { class DependencyModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -15,7 +18,8 @@ class DependencyModel {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return array Dependencies grouped by type * @return array Dependencies grouped by type
*/ */
public function getDependencies($ticketId) { public function getDependencies($ticketId)
{
$sql = "SELECT d.*, t.title, t.status, t.priority $sql = "SELECT d.*, t.title, t.status, t.priority
FROM ticket_dependencies d FROM ticket_dependencies d
LEFT JOIN tickets t ON d.depends_on_id = t.ticket_id LEFT JOIN tickets t ON d.depends_on_id = t.ticket_id
@@ -53,7 +57,8 @@ class DependencyModel {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return array Dependent tickets * @return array Dependent tickets
*/ */
public function getDependentTickets($ticketId) { public function getDependentTickets($ticketId)
{
$sql = "SELECT d.*, t.title, t.status, t.priority $sql = "SELECT d.*, t.title, t.status, t.priority
FROM ticket_dependencies d FROM ticket_dependencies d
LEFT JOIN tickets t ON d.ticket_id = t.ticket_id LEFT JOIN tickets t ON d.ticket_id = t.ticket_id
@@ -88,7 +93,8 @@ class DependencyModel {
* @param int $createdBy User ID who created the dependency * @param int $createdBy User ID who created the dependency
* @return array Result with success status * @return array Result with success status
*/ */
public function addDependency($ticketId, $dependsOnId, $type = 'blocks', $createdBy = null) { public function addDependency($ticketId, $dependsOnId, $type = 'blocks', $createdBy = null)
{
// Validate dependency type // Validate dependency type
$validTypes = ['blocks', 'blocked_by', 'relates_to', 'duplicates']; $validTypes = ['blocks', 'blocked_by', 'relates_to', 'duplicates'];
if (!in_array($type, $validTypes)) { if (!in_array($type, $validTypes)) {
@@ -142,7 +148,8 @@ class DependencyModel {
* @param int $dependencyId Dependency ID * @param int $dependencyId Dependency ID
* @return bool Success status * @return bool Success status
*/ */
public function removeDependency($dependencyId) { public function removeDependency($dependencyId)
{
$sql = "DELETE FROM ticket_dependencies WHERE dependency_id = ?"; $sql = "DELETE FROM ticket_dependencies WHERE dependency_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $dependencyId); $stmt->bind_param("i", $dependencyId);
@@ -159,7 +166,8 @@ class DependencyModel {
* @param string $type Dependency type * @param string $type Dependency type
* @return bool Success status * @return bool Success status
*/ */
public function removeDependencyByTickets($ticketId, $dependsOnId, $type) { public function removeDependencyByTickets($ticketId, $dependsOnId, $type)
{
$sql = "DELETE FROM ticket_dependencies $sql = "DELETE FROM ticket_dependencies
WHERE ticket_id = ? AND depends_on_id = ? AND dependency_type = ?"; WHERE ticket_id = ? AND depends_on_id = ? AND dependency_type = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -180,7 +188,8 @@ class DependencyModel {
* @param string $type Dependency type * @param string $type Dependency type
* @return bool True if it would create a cycle * @return bool True if it would create a cycle
*/ */
private function wouldCreateCycle($ticketId, $dependsOnId, $type): bool { private function wouldCreateCycle($ticketId, $dependsOnId, $type): bool
{
// Only check for cycles in blocking relationships // Only check for cycles in blocking relationships
if (!in_array($type, ['blocks', 'blocked_by'])) { if (!in_array($type, ['blocks', 'blocked_by'])) {
return false; return false;
@@ -203,7 +212,8 @@ class DependencyModel {
* @param int $depth Current recursion depth * @param int $depth Current recursion depth
* @return bool True if path exists * @return bool True if path exists
*/ */
private function hasDependencyPath($source, $target, array &$visited, int $depth): bool { private function hasDependencyPath($source, $target, array &$visited, int $depth): bool
{
// Depth limit to prevent DoS and stack overflow // Depth limit to prevent DoS and stack overflow
if ($depth >= self::MAX_DEPENDENCY_DEPTH) { if ($depth >= self::MAX_DEPENDENCY_DEPTH) {
error_log("Dependency cycle detection hit max depth ({$depth}) from {$source} to {$target}"); error_log("Dependency cycle detection hit max depth ({$depth}) from {$source} to {$target}");
@@ -250,7 +260,8 @@ class DependencyModel {
* @param array $ticketIds Array of ticket IDs * @param array $ticketIds Array of ticket IDs
* @return array Dependencies indexed by ticket ID * @return array Dependencies indexed by ticket ID
*/ */
public function getDependenciesBatch($ticketIds) { public function getDependenciesBatch($ticketIds)
{
if (empty($ticketIds)) { if (empty($ticketIds)) {
return []; return [];
} }
models/RecurringTicketModel.php
+27 -14
View File
@@ -1,19 +1,23 @@
<?php <?php
/** /**
* RecurringTicketModel - Manages recurring ticket schedules * RecurringTicketModel - Manages recurring ticket schedules
*/ */
class RecurringTicketModel { class RecurringTicketModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
/** /**
* Get all recurring tickets * Get all recurring tickets
*/ */
public function getAll($includeInactive = false) { public function getAll($includeInactive = false)
{
$sql = "SELECT rt.*, u1.display_name as assigned_name, u1.username as assigned_username, $sql = "SELECT rt.*, u1.display_name as assigned_name, u1.username as assigned_username,
u2.display_name as creator_name, u2.username as creator_username u2.display_name as creator_name, u2.username as creator_username
FROM recurring_tickets rt FROM recurring_tickets rt
@@ -37,7 +41,8 @@ class RecurringTicketModel {
/** /**
* Get a single recurring ticket by ID * Get a single recurring ticket by ID
*/ */
public function getById($recurringId) { public function getById($recurringId)
{
$sql = "SELECT * FROM recurring_tickets WHERE recurring_id = ?"; $sql = "SELECT * FROM recurring_tickets WHERE recurring_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('i', $recurringId); $stmt->bind_param('i', $recurringId);
@@ -51,14 +56,16 @@ class RecurringTicketModel {
/** /**
* Create a new recurring ticket * Create a new recurring ticket
*/ */
public function create($data) { public function create($data)
{
$sql = "INSERT INTO recurring_tickets $sql = "INSERT INTO recurring_tickets
(title_template, description_template, category, type, priority, assigned_to, (title_template, description_template, category, type, priority, assigned_to,
schedule_type, schedule_day, schedule_time, next_run_at, is_active, created_by) schedule_type, schedule_day, schedule_time, next_run_at, is_active, created_by)
VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)"; VALUES (?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?, ?)";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('ssssiiisssii', $stmt->bind_param(
'ssssiiisssii',
$data['title_template'], $data['title_template'],
$data['description_template'], $data['description_template'],
$data['category'], $data['category'],
@@ -87,7 +94,8 @@ class RecurringTicketModel {
/** /**
* Update a recurring ticket * Update a recurring ticket
*/ */
public function update($recurringId, $data) { public function update($recurringId, $data)
{
$sql = "UPDATE recurring_tickets SET $sql = "UPDATE recurring_tickets SET
title_template = ?, description_template = ?, category = ?, type = ?, title_template = ?, description_template = ?, category = ?, type = ?,
priority = ?, assigned_to = ?, schedule_type = ?, schedule_day = ?, priority = ?, assigned_to = ?, schedule_type = ?, schedule_day = ?,
@@ -95,7 +103,8 @@ class RecurringTicketModel {
WHERE recurring_id = ?"; WHERE recurring_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('ssssiissssii', $stmt->bind_param(
'ssssiissssii',
$data['title_template'], $data['title_template'],
$data['description_template'], $data['description_template'],
$data['category'], $data['category'],
@@ -118,7 +127,8 @@ class RecurringTicketModel {
/** /**
* Delete a recurring ticket * Delete a recurring ticket
*/ */
public function delete($recurringId) { public function delete($recurringId)
{
$sql = "DELETE FROM recurring_tickets WHERE recurring_id = ?"; $sql = "DELETE FROM recurring_tickets WHERE recurring_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('i', $recurringId); $stmt->bind_param('i', $recurringId);
@@ -130,7 +140,8 @@ class RecurringTicketModel {
/** /**
* Get recurring tickets due for execution * Get recurring tickets due for execution
*/ */
public function getDueRecurringTickets() { public function getDueRecurringTickets()
{
$sql = "SELECT * FROM recurring_tickets WHERE is_active = 1 AND next_run_at <= NOW()"; $sql = "SELECT * FROM recurring_tickets WHERE is_active = 1 AND next_run_at <= NOW()";
$result = $this->conn->query($sql); $result = $this->conn->query($sql);
$items = []; $items = [];
@@ -143,7 +154,8 @@ class RecurringTicketModel {
/** /**
* Update last run and calculate next run time * Update last run and calculate next run time
*/ */
public function updateAfterRun($recurringId) { public function updateAfterRun($recurringId)
{
$recurring = $this->getById($recurringId); $recurring = $this->getById($recurringId);
if (!$recurring) { if (!$recurring) {
return false; return false;
@@ -166,7 +178,8 @@ class RecurringTicketModel {
/** /**
* Calculate the next run time based on schedule * Calculate the next run time based on schedule
*/ */
private function calculateNextRunTime($scheduleType, $scheduleDay, $scheduleTime) { private function calculateNextRunTime($scheduleType, $scheduleDay, $scheduleTime)
{
$now = new DateTime(); $now = new DateTime();
$time = new DateTime($scheduleTime); $time = new DateTime($scheduleTime);
@@ -202,7 +215,8 @@ class RecurringTicketModel {
/** /**
* Toggle active status * Toggle active status
*/ */
public function toggleActive($recurringId) { public function toggleActive($recurringId)
{
$sql = "UPDATE recurring_tickets SET is_active = NOT is_active WHERE recurring_id = ?"; $sql = "UPDATE recurring_tickets SET is_active = NOT is_active WHERE recurring_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param('i', $recurringId); $stmt->bind_param('i', $recurringId);
@@ -211,4 +225,3 @@ class RecurringTicketModel {
return ['success' => $success]; return ['success' => $success];
} }
} }
?>
models/SavedFiltersModel.php
+23 -12
View File
@@ -1,19 +1,23 @@
<?php <?php
/** /**
* SavedFiltersModel * SavedFiltersModel
* Handles saving, loading, and managing user's custom search filters * Handles saving, loading, and managing user's custom search filters
*/ */
class SavedFiltersModel { class SavedFiltersModel
{
private $conn; private $conn;
public function __construct($conn) { public function __construct($conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
/** /**
* Get all saved filters for a user * Get all saved filters for a user
*/ */
public function getUserFilters($userId) { public function getUserFilters($userId)
{
$sql = "SELECT filter_id, filter_name, filter_criteria, is_default, created_at, updated_at $sql = "SELECT filter_id, filter_name, filter_criteria, is_default, created_at, updated_at
FROM saved_filters FROM saved_filters
WHERE user_id = ? WHERE user_id = ?
@@ -34,7 +38,8 @@ class SavedFiltersModel {
/** /**
* Get a specific saved filter * Get a specific saved filter
*/ */
public function getFilter($filterId, $userId) { public function getFilter($filterId, $userId)
{
$sql = "SELECT filter_id, filter_name, filter_criteria, is_default $sql = "SELECT filter_id, filter_name, filter_criteria, is_default
FROM saved_filters FROM saved_filters
WHERE filter_id = ? AND user_id = ?"; WHERE filter_id = ? AND user_id = ?";
@@ -53,7 +58,8 @@ class SavedFiltersModel {
/** /**
* Save a new filter * Save a new filter
*/ */
public function saveFilter($userId, $filterName, $filterCriteria, $isDefault = false) { public function saveFilter($userId, $filterName, $filterCriteria, $isDefault = false)
{
$this->conn->begin_transaction(); $this->conn->begin_transaction();
try { try {
// If this is set as default, unset all other defaults for this user // If this is set as default, unset all other defaults for this user
@@ -89,7 +95,8 @@ class SavedFiltersModel {
/** /**
* Update an existing filter * Update an existing filter
*/ */
public function updateFilter($filterId, $userId, $filterName, $filterCriteria, $isDefault = false) { public function updateFilter($filterId, $userId, $filterName, $filterCriteria, $isDefault = false)
{
// Verify ownership // Verify ownership
$existing = $this->getFilter($filterId, $userId); $existing = $this->getFilter($filterId, $userId);
if (!$existing) { if (!$existing) {
@@ -118,7 +125,8 @@ class SavedFiltersModel {
/** /**
* Delete a saved filter * Delete a saved filter
*/ */
public function deleteFilter($filterId, $userId) { public function deleteFilter($filterId, $userId)
{
$sql = "DELETE FROM saved_filters WHERE filter_id = ? AND user_id = ?"; $sql = "DELETE FROM saved_filters WHERE filter_id = ? AND user_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("ii", $filterId, $userId); $stmt->bind_param("ii", $filterId, $userId);
@@ -132,7 +140,8 @@ class SavedFiltersModel {
/** /**
* Set a filter as default * Set a filter as default
*/ */
public function setDefaultFilter($filterId, $userId) { public function setDefaultFilter($filterId, $userId)
{
$this->conn->begin_transaction(); $this->conn->begin_transaction();
try { try {
$this->clearDefaultFilters($userId); $this->clearDefaultFilters($userId);
@@ -157,7 +166,8 @@ class SavedFiltersModel {
/** /**
* Get the default filter for a user * Get the default filter for a user
*/ */
public function getDefaultFilter($userId) { public function getDefaultFilter($userId)
{
$sql = "SELECT filter_id, filter_name, filter_criteria $sql = "SELECT filter_id, filter_name, filter_criteria
FROM saved_filters FROM saved_filters
WHERE user_id = ? AND is_default = 1 WHERE user_id = ? AND is_default = 1
@@ -177,7 +187,8 @@ class SavedFiltersModel {
/** /**
* Clear all default filters for a user (helper method) * Clear all default filters for a user (helper method)
*/ */
private function clearDefaultFilters($userId) { private function clearDefaultFilters($userId)
{
$sql = "UPDATE saved_filters SET is_default = 0 WHERE user_id = ?"; $sql = "UPDATE saved_filters SET is_default = 0 WHERE user_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $userId); $stmt->bind_param("i", $userId);
@@ -187,7 +198,8 @@ class SavedFiltersModel {
/** /**
* Get filter ID by name (helper method) * Get filter ID by name (helper method)
*/ */
private function getFilterIdByName($userId, $filterName) { private function getFilterIdByName($userId, $filterName)
{
$sql = "SELECT filter_id FROM saved_filters WHERE user_id = ? AND filter_name = ?"; $sql = "SELECT filter_id FROM saved_filters WHERE user_id = ? AND filter_name = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("is", $userId, $filterName); $stmt->bind_param("is", $userId, $filterName);
@@ -200,4 +212,3 @@ class SavedFiltersModel {
return null; return null;
} }
} }
?>
models/StatsModel.php
+13 -6
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* StatsModel - Dashboard statistics and metrics * StatsModel - Dashboard statistics and metrics
* *
@@ -9,7 +10,8 @@
require_once dirname(__DIR__) . '/helpers/CacheHelper.php'; require_once dirname(__DIR__) . '/helpers/CacheHelper.php';
require_once dirname(__DIR__) . '/models/TicketModel.php'; require_once dirname(__DIR__) . '/models/TicketModel.php';
class StatsModel { class StatsModel
{
private mysqli $conn; private mysqli $conn;
/** Cache TTL for dashboard stats in seconds */ /** Cache TTL for dashboard stats in seconds */
@@ -18,14 +20,16 @@ class StatsModel {
/** Cache prefix for stats */ /** Cache prefix for stats */
private const CACHE_PREFIX = 'stats'; private const CACHE_PREFIX = 'stats';
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
/** /**
* Get tickets by assignee (top 5) * Get tickets by assignee (top 5)
*/ */
public function getTicketsByAssignee(int $limit = 8): array { public function getTicketsByAssignee(int $limit = 8): array
{
$sql = "SELECT $sql = "SELECT
u.user_id, u.user_id,
u.display_name, u.display_name,
@@ -64,7 +68,8 @@ class StatsModel {
* @param bool $forceRefresh Force a cache refresh * @param bool $forceRefresh Force a cache refresh
* @return array All dashboard statistics * @return array All dashboard statistics
*/ */
public function getAllStats(array $user = [], bool $forceRefresh = false): array { public function getAllStats(array $user = [], bool $forceRefresh = false): array
{
$isAdmin = !empty($user['is_admin']); $isAdmin = !empty($user['is_admin']);
// Admins share one cache entry; non-admins get a per-user cache entry // Admins share one cache entry; non-admins get a per-user cache entry
$cacheKey = $isAdmin ? 'dashboard_all' : 'dashboard_user_' . ($user['user_id'] ?? 'anon'); $cacheKey = $isAdmin ? 'dashboard_all' : 'dashboard_user_' . ($user['user_id'] ?? 'anon');
@@ -91,7 +96,8 @@ class StatsModel {
* @param array $user Current user array * @param array $user Current user array
* @return array All dashboard statistics * @return array All dashboard statistics
*/ */
private function fetchAllStats(array $user = []): array { private function fetchAllStats(array $user = []): array
{
$ticketModel = new TicketModel($this->conn); $ticketModel = new TicketModel($this->conn);
$visFilter = $ticketModel->getVisibilityFilter($user); $visFilter = $ticketModel->getVisibilityFilter($user);
$visSQL = $visFilter['sql']; $visSQL = $visFilter['sql'];
@@ -191,7 +197,8 @@ class StatsModel {
* *
* Call this method when ticket data changes to ensure fresh stats. * Call this method when ticket data changes to ensure fresh stats.
*/ */
public function invalidateCache(): void { public function invalidateCache(): void
{
CacheHelper::delete(self::CACHE_PREFIX, null); CacheHelper::delete(self::CACHE_PREFIX, null);
} }
} }
models/TemplateModel.php
+19 -9
View File
@@ -1,11 +1,14 @@
<?php <?php
/** /**
* TemplateModel - Handles ticket template operations * TemplateModel - Handles ticket template operations
*/ */
class TemplateModel { class TemplateModel
{
private mysqli $conn; private mysqli $conn;
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -14,7 +17,8 @@ class TemplateModel {
* *
* @return array Array of template records * @return array Array of template records
*/ */
public function getAllTemplates(): array { public function getAllTemplates(): array
{
$sql = "SELECT * FROM ticket_templates WHERE is_active = TRUE ORDER BY template_name"; $sql = "SELECT * FROM ticket_templates WHERE is_active = TRUE ORDER BY template_name";
$result = $this->conn->query($sql); $result = $this->conn->query($sql);
@@ -31,7 +35,8 @@ class TemplateModel {
* @param int $templateId Template ID * @param int $templateId Template ID
* @return array|null Template record or null if not found * @return array|null Template record or null if not found
*/ */
public function getTemplateById(int $templateId): ?array { public function getTemplateById(int $templateId): ?array
{
$sql = "SELECT * FROM ticket_templates WHERE template_id = ? AND is_active = TRUE"; $sql = "SELECT * FROM ticket_templates WHERE template_id = ? AND is_active = TRUE";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $templateId); $stmt->bind_param("i", $templateId);
@@ -50,12 +55,14 @@ class TemplateModel {
* @param int $createdBy User ID creating the template * @param int $createdBy User ID creating the template
* @return bool Success status * @return bool Success status
*/ */
public function createTemplate(array $data, int $createdBy): bool { public function createTemplate(array $data, int $createdBy): bool
{
$sql = "INSERT INTO ticket_templates (template_name, title_template, description_template, $sql = "INSERT INTO ticket_templates (template_name, title_template, description_template,
category, type, default_priority, created_by) category, type, default_priority, created_by)
VALUES (?, ?, ?, ?, ?, ?, ?)"; VALUES (?, ?, ?, ?, ?, ?, ?)";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("sssssii", $stmt->bind_param(
"sssssii",
$data['template_name'], $data['template_name'],
$data['title_template'], $data['title_template'],
$data['description_template'], $data['description_template'],
@@ -77,7 +84,8 @@ class TemplateModel {
* @param array $data Template data to update * @param array $data Template data to update
* @return bool Success status * @return bool Success status
*/ */
public function updateTemplate(int $templateId, array $data): bool { public function updateTemplate(int $templateId, array $data): bool
{
$sql = "UPDATE ticket_templates SET $sql = "UPDATE ticket_templates SET
template_name = ?, template_name = ?,
title_template = ?, title_template = ?,
@@ -87,7 +95,8 @@ class TemplateModel {
default_priority = ? default_priority = ?
WHERE template_id = ?"; WHERE template_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("sssssii", $stmt->bind_param(
"sssssii",
$data['template_name'], $data['template_name'],
$data['title_template'], $data['title_template'],
$data['description_template'], $data['description_template'],
@@ -108,7 +117,8 @@ class TemplateModel {
* @param int $templateId Template ID * @param int $templateId Template ID
* @return bool Success status * @return bool Success status
*/ */
public function deactivateTemplate(int $templateId): bool { public function deactivateTemplate(int $templateId): bool
{
$sql = "UPDATE ticket_templates SET is_active = FALSE WHERE template_id = ?"; $sql = "UPDATE ticket_templates SET is_active = FALSE WHERE template_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $templateId); $stmt->bind_param("i", $templateId);
models/TicketModel.php
+37 -17
View File
@@ -1,12 +1,16 @@
<?php <?php
class TicketModel {
class TicketModel
{
private mysqli $conn; private mysqli $conn;
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
public function getTicketById(int $id): ?array { public function getTicketById(int $id): ?array
{
$sql = "SELECT t.*, $sql = "SELECT t.*,
u_created.username as creator_username, u_created.username as creator_username,
u_created.display_name as creator_display_name, u_created.display_name as creator_display_name,
@@ -31,7 +35,8 @@ class TicketModel {
return $result->fetch_assoc(); return $result->fetch_assoc();
} }
public function getAllTickets(int $page = 1, int $limit = 15, ?string $status = 'Open', string $sortColumn = 'ticket_id', string $sortDirection = 'desc', ?string $category = null, ?string $type = null, ?string $search = null, array $filters = [], ?array $user = null): array { public function getAllTickets(int $page = 1, int $limit = 15, ?string $status = 'Open', string $sortColumn = 'ticket_id', string $sortDirection = 'desc', ?string $category = null, ?string $type = null, ?string $search = null, array $filters = [], ?array $user = null): array
{
// Calculate offset // Calculate offset
$offset = ($page - 1) * $limit; $offset = ($page - 1) * $limit;
@@ -239,7 +244,8 @@ class TicketModel {
* @param string|null $expectedUpdatedAt If provided, update will fail if ticket was modified since this timestamp * @param string|null $expectedUpdatedAt If provided, update will fail if ticket was modified since this timestamp
* @return array ['success' => bool, 'error' => string|null, 'conflict' => bool] * @return array ['success' => bool, 'error' => string|null, 'conflict' => bool]
*/ */
public function updateTicket(array $ticketData, ?int $updatedBy = null, ?string $expectedUpdatedAt = null): array { public function updateTicket(array $ticketData, ?int $updatedBy = null, ?string $expectedUpdatedAt = null): array
{
// closed_at: set on close (preserve if already set), clear on reopen // closed_at: set on close (preserve if already set), clear on reopen
$closedAtClause = "closed_at = CASE WHEN ? = 'Closed' THEN COALESCE(closed_at, NOW()) ELSE NULL END"; $closedAtClause = "closed_at = CASE WHEN ? = 'Closed' THEN COALESCE(closed_at, NOW()) ELSE NULL END";
@@ -333,7 +339,8 @@ class TicketModel {
return ['success' => true, 'error' => null, 'conflict' => false]; return ['success' => true, 'error' => null, 'conflict' => false];
} }
public function createTicket(array $ticketData, ?int $createdBy = null): array { public function createTicket(array $ticketData, ?int $createdBy = null): array
{
// Generate unique ticket ID (9-digit format with leading zeros) // Generate unique ticket ID (9-digit format with leading zeros)
// Uses cryptographically secure random numbers for better distribution // Uses cryptographically secure random numbers for better distribution
// Includes exponential backoff and fallback for reliability under high load // Includes exponential backoff and fallback for reliability under high load
@@ -486,7 +493,8 @@ class TicketModel {
} }
} }
public function addComment(int $ticketId, array $commentData): array { public function addComment(int $ticketId, array $commentData): array
{
$sql = "INSERT INTO ticket_comments (ticket_id, user_name, comment_text, markdown_enabled) $sql = "INSERT INTO ticket_comments (ticket_id, user_name, comment_text, markdown_enabled)
VALUES (?, ?, ?, ?)"; VALUES (?, ?, ?, ?)";
@@ -526,7 +534,8 @@ class TicketModel {
* @param int $assignedBy User ID performing the assignment * @param int $assignedBy User ID performing the assignment
* @return bool Success status * @return bool Success status
*/ */
public function assignTicket(int $ticketId, int $userId, int $assignedBy): bool { public function assignTicket(int $ticketId, int $userId, int $assignedBy): bool
{
$sql = "UPDATE tickets SET assigned_to = ?, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?"; $sql = "UPDATE tickets SET assigned_to = ?, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("iii", $userId, $assignedBy, $ticketId); $stmt->bind_param("iii", $userId, $assignedBy, $ticketId);
@@ -542,7 +551,8 @@ class TicketModel {
* @param int $updatedBy User ID performing the unassignment * @param int $updatedBy User ID performing the unassignment
* @return bool Success status * @return bool Success status
*/ */
public function unassignTicket(int $ticketId, int $updatedBy): bool { public function unassignTicket(int $ticketId, int $updatedBy): bool
{
$sql = "UPDATE tickets SET assigned_to = NULL, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?"; $sql = "UPDATE tickets SET assigned_to = NULL, updated_by = ?, updated_at = NOW() WHERE ticket_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("ii", $updatedBy, $ticketId); $stmt->bind_param("ii", $updatedBy, $ticketId);
@@ -558,7 +568,8 @@ class TicketModel {
* @param array $ticketIds Array of ticket IDs * @param array $ticketIds Array of ticket IDs
* @return array Associative array keyed by ticket_id * @return array Associative array keyed by ticket_id
*/ */
public function getTicketsByIds(array $ticketIds): array { public function getTicketsByIds(array $ticketIds): array
{
if (empty($ticketIds)) { if (empty($ticketIds)) {
return []; return [];
} }
@@ -604,7 +615,8 @@ class TicketModel {
* @param array $user The user data (must include user_id, is_admin, groups) * @param array $user The user data (must include user_id, is_admin, groups)
* @return bool True if user can access the ticket * @return bool True if user can access the ticket
*/ */
public function canUserAccessTicket(array $ticket, array $user): bool { public function canUserAccessTicket(array $ticket, array $user): bool
{
// Admins can access all tickets // Admins can access all tickets
if (!empty($user['is_admin'])) { if (!empty($user['is_admin'])) {
return true; return true;
@@ -644,7 +656,8 @@ class TicketModel {
* @param array $user The current user * @param array $user The current user
* @return array ['sql' => string, 'params' => array, 'types' => string] * @return array ['sql' => string, 'params' => array, 'types' => string]
*/ */
public function getVisibilityFilter(array $user): array { public function getVisibilityFilter(array $user): array
{
// Admins see all tickets // Admins see all tickets
if (!empty($user['is_admin'])) { if (!empty($user['is_admin'])) {
return ['sql' => '1=1', 'params' => [], 'types' => '']; return ['sql' => '1=1', 'params' => [], 'types' => ''];
@@ -697,7 +710,8 @@ class TicketModel {
* @param int $updatedBy User ID * @param int $updatedBy User ID
* @return bool * @return bool
*/ */
public function updateVisibility(int $ticketId, string $visibility, ?string $visibilityGroups, int $updatedBy): bool { public function updateVisibility(int $ticketId, string $visibility, ?string $visibilityGroups, int $updatedBy): bool
{
$allowedVisibilities = ['public', 'internal', 'confidential']; $allowedVisibilities = ['public', 'internal', 'confidential'];
if (!in_array($visibility, $allowedVisibilities)) { if (!in_array($visibility, $allowedVisibilities)) {
$visibility = 'public'; $visibility = 'public';
@@ -728,7 +742,8 @@ class TicketModel {
* @param string $ticketId Ticket ID * @param string $ticketId Ticket ID
* @return bool Success status * @return bool Success status
*/ */
public function deleteTicket(string $ticketId): bool { public function deleteTicket(string $ticketId): bool
{
// Collect attachment filenames before deleting DB rows // Collect attachment filenames before deleting DB rows
$attachmentFiles = []; $attachmentFiles = [];
$attStmt = $this->conn->prepare("SELECT filename FROM ticket_attachments WHERE ticket_id = ?"); $attStmt = $this->conn->prepare("SELECT filename FROM ticket_attachments WHERE ticket_id = ?");
@@ -754,7 +769,9 @@ class TicketModel {
foreach ($children as $sql) { foreach ($children as $sql) {
try { try {
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
if (!$stmt) continue; if (!$stmt) {
continue;
}
// ticket_dependencies uses two placeholders // ticket_dependencies uses two placeholders
if (strpos($sql, 'depends_on_id') !== false) { if (strpos($sql, 'depends_on_id') !== false) {
$stmt->bind_param('ss', $ticketId, $ticketId); $stmt->bind_param('ss', $ticketId, $ticketId);
@@ -772,7 +789,9 @@ class TicketModel {
} }
$stmt = $this->conn->prepare("DELETE FROM tickets WHERE ticket_id = ?"); $stmt = $this->conn->prepare("DELETE FROM tickets WHERE ticket_id = ?");
if (!$stmt) return false; if (!$stmt) {
return false;
}
$stmt->bind_param('s', $ticketId); $stmt->bind_param('s', $ticketId);
$result = $stmt->execute(); $result = $stmt->execute();
$affected = $stmt->affected_rows; $affected = $stmt->affected_rows;
@@ -802,7 +821,8 @@ class TicketModel {
* Check whether the FULLTEXT index on tickets(title, description) exists. * Check whether the FULLTEXT index on tickets(title, description) exists.
* Result is cached for the process lifetime (static). * Result is cached for the process lifetime (static).
*/ */
private function hasFulltextIndex(): bool { private function hasFulltextIndex(): bool
{
static $result = null; static $result = null;
if ($result !== null) { if ($result !== null) {
return $result; return $result;
models/UserModel.php
+31 -15
View File
@@ -1,20 +1,24 @@
<?php <?php
/** /**
* UserModel - Handles user authentication and management * UserModel - Handles user authentication and management
*/ */
class UserModel { class UserModel
{
private mysqli $conn; private mysqli $conn;
private static array $userCache = []; // ['key' => ['data' => ..., 'expires' => timestamp]] private static array $userCache = []; // ['key' => ['data' => ..., 'expires' => timestamp]]
private static int $cacheTTL = 300; // 5 minutes private static int $cacheTTL = 300; // 5 minutes
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
/** /**
* Get cached user data if not expired * Get cached user data if not expired
*/ */
private static function getCached(string $key): ?array { private static function getCached(string $key): ?array
{
if (isset(self::$userCache[$key])) { if (isset(self::$userCache[$key])) {
$cached = self::$userCache[$key]; $cached = self::$userCache[$key];
if ($cached['expires'] > time()) { if ($cached['expires'] > time()) {
@@ -29,7 +33,8 @@ class UserModel {
/** /**
* Store user data in cache with expiration * Store user data in cache with expiration
*/ */
private static function setCached(string $key, array $data): void { private static function setCached(string $key, array $data): void
{
self::$userCache[$key] = [ self::$userCache[$key] = [
'data' => $data, 'data' => $data,
'expires' => time() + self::$cacheTTL 'expires' => time() + self::$cacheTTL
@@ -39,7 +44,8 @@ class UserModel {
/** /**
* Invalidate specific user cache entry * Invalidate specific user cache entry
*/ */
public static function invalidateCache(?int $userId = null, ?string $username = null): void { public static function invalidateCache(?int $userId = null, ?string $username = null): void
{
if ($userId !== null) { if ($userId !== null) {
unset(self::$userCache["user_id_$userId"]); unset(self::$userCache["user_id_$userId"]);
} }
@@ -57,7 +63,8 @@ class UserModel {
* @param string $groups Comma-separated groups from Remote-Groups header * @param string $groups Comma-separated groups from Remote-Groups header
* @return array User data array * @return array User data array
*/ */
public function syncUserFromAuthelia(string $username, string $displayName = '', string $email = '', string $groups = ''): array { public function syncUserFromAuthelia(string $username, string $displayName = '', string $email = '', string $groups = ''): array
{
// Check cache first // Check cache first
$cacheKey = "user_$username"; $cacheKey = "user_$username";
$cached = self::getCached($cacheKey); $cached = self::getCached($cacheKey);
@@ -122,7 +129,8 @@ class UserModel {
* *
* @return array|null System user data or null if not found * @return array|null System user data or null if not found
*/ */
public function getSystemUser(): ?array { public function getSystemUser(): ?array
{
// Check cache first // Check cache first
$cached = self::getCached('system'); $cached = self::getCached('system');
if ($cached !== null) { if ($cached !== null) {
@@ -150,7 +158,8 @@ class UserModel {
* @param int $userId User ID * @param int $userId User ID
* @return array|null User data or null if not found * @return array|null User data or null if not found
*/ */
public function getUserById(int $userId): ?array { public function getUserById(int $userId): ?array
{
// Check cache first // Check cache first
$cacheKey = "user_id_$userId"; $cacheKey = "user_id_$userId";
$cached = self::getCached($cacheKey); $cached = self::getCached($cacheKey);
@@ -180,7 +189,8 @@ class UserModel {
* @param string $username Username * @param string $username Username
* @return array|null User data or null if not found * @return array|null User data or null if not found
*/ */
public function getUserByUsername(string $username): ?array { public function getUserByUsername(string $username): ?array
{
// Check cache first // Check cache first
$cacheKey = "user_$username"; $cacheKey = "user_$username";
$cached = self::getCached($cacheKey); $cached = self::getCached($cacheKey);
@@ -210,7 +220,8 @@ class UserModel {
* @param string $groups Comma-separated group names * @param string $groups Comma-separated group names
* @return bool True if user is in admin group * @return bool True if user is in admin group
*/ */
private function checkAdminStatus(string $groups): bool { private function checkAdminStatus(string $groups): bool
{
if (empty($groups)) { if (empty($groups)) {
return false; return false;
} }
@@ -226,7 +237,8 @@ class UserModel {
* @param array $user User data array * @param array $user User data array
* @return bool True if user is admin * @return bool True if user is admin
*/ */
public function isAdmin(array $user): bool { public function isAdmin(array $user): bool
{
return isset($user['is_admin']) && (int)$user['is_admin'] === 1; return isset($user['is_admin']) && (int)$user['is_admin'] === 1;
} }
@@ -237,7 +249,8 @@ class UserModel {
* @param array $requiredGroups Array of required group names * @param array $requiredGroups Array of required group names
* @return bool True if user is in at least one required group * @return bool True if user is in at least one required group
*/ */
public function hasGroupAccess(array $user, array $requiredGroups = ['admin', 'employee']): bool { public function hasGroupAccess(array $user, array $requiredGroups = ['admin', 'employee']): bool
{
if (empty($user['groups'])) { if (empty($user['groups'])) {
return false; return false;
} }
@@ -253,7 +266,8 @@ class UserModel {
* *
* @return array Array of user records * @return array Array of user records
*/ */
public function getAllUsers(): array { public function getAllUsers(): array
{
$stmt = $this->conn->prepare("SELECT * FROM users ORDER BY created_at DESC"); $stmt = $this->conn->prepare("SELECT * FROM users ORDER BY created_at DESC");
$stmt->execute(); $stmt->execute();
$result = $stmt->get_result(); $result = $stmt->get_result();
@@ -276,7 +290,8 @@ class UserModel {
* *
* @return array Array of unique group names * @return array Array of unique group names
*/ */
public function getAllGroups(): array { public function getAllGroups(): array
{
$cacheKey = 'all_groups'; $cacheKey = 'all_groups';
// Check cache first // Check cache first
@@ -311,7 +326,8 @@ class UserModel {
* Invalidate the groups cache * Invalidate the groups cache
* Call this when user groups are modified * Call this when user groups are modified
*/ */
public static function invalidateGroupsCache(): void { public static function invalidateGroupsCache(): void
{
unset(self::$userCache['all_groups']); unset(self::$userCache['all_groups']);
} }
} }
models/UserPreferencesModel.php
+18 -8
View File
@@ -1,16 +1,20 @@
<?php <?php
/** /**
* UserPreferencesModel * UserPreferencesModel
* Handles user-specific preferences and settings with caching * Handles user-specific preferences and settings with caching
*/ */
require_once dirname(__DIR__) . '/helpers/CacheHelper.php'; require_once dirname(__DIR__) . '/helpers/CacheHelper.php';
class UserPreferencesModel { class UserPreferencesModel
{
private mysqli $conn; private mysqli $conn;
private static string $CACHE_PREFIX = 'user_prefs'; private static string $CACHE_PREFIX = 'user_prefs';
private static int $CACHE_TTL = 300; // 5 minutes private static int $CACHE_TTL = 300; // 5 minutes
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -19,7 +23,8 @@ class UserPreferencesModel {
* @param int $userId User ID * @param int $userId User ID
* @return array Associative array of preference_key => preference_value * @return array Associative array of preference_key => preference_value
*/ */
public function getUserPreferences(int $userId): array { public function getUserPreferences(int $userId): array
{
return CacheHelper::remember(self::$CACHE_PREFIX, $userId, function () use ($userId) { return CacheHelper::remember(self::$CACHE_PREFIX, $userId, function () use ($userId) {
$sql = "SELECT preference_key, preference_value $sql = "SELECT preference_key, preference_value
FROM user_preferences FROM user_preferences
@@ -45,7 +50,8 @@ class UserPreferencesModel {
* @param string $value Preference value * @param string $value Preference value
* @return bool Success status * @return bool Success status
*/ */
public function setPreference(int $userId, string $key, string $value): bool { public function setPreference(int $userId, string $key, string $value): bool
{
$sql = "INSERT INTO user_preferences (user_id, preference_key, preference_value) $sql = "INSERT INTO user_preferences (user_id, preference_key, preference_value)
VALUES (?, ?, ?) VALUES (?, ?, ?)
ON DUPLICATE KEY UPDATE preference_value = VALUES(preference_value)"; ON DUPLICATE KEY UPDATE preference_value = VALUES(preference_value)";
@@ -69,7 +75,8 @@ class UserPreferencesModel {
* @param mixed $default Default value if preference doesn't exist * @param mixed $default Default value if preference doesn't exist
* @return mixed Preference value or default * @return mixed Preference value or default
*/ */
public function getPreference(int $userId, string $key, $default = null) { public function getPreference(int $userId, string $key, $default = null)
{
$prefs = $this->getUserPreferences($userId); $prefs = $this->getUserPreferences($userId);
return $prefs[$key] ?? $default; return $prefs[$key] ?? $default;
} }
@@ -80,7 +87,8 @@ class UserPreferencesModel {
* @param string $key Preference key * @param string $key Preference key
* @return bool Success status * @return bool Success status
*/ */
public function deletePreference(int $userId, string $key): bool { public function deletePreference(int $userId, string $key): bool
{
$sql = "DELETE FROM user_preferences $sql = "DELETE FROM user_preferences
WHERE user_id = ? AND preference_key = ?"; WHERE user_id = ? AND preference_key = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
@@ -101,7 +109,8 @@ class UserPreferencesModel {
* @param int $userId User ID * @param int $userId User ID
* @return bool Success status * @return bool Success status
*/ */
public function deleteAllPreferences(int $userId): bool { public function deleteAllPreferences(int $userId): bool
{
$sql = "DELETE FROM user_preferences WHERE user_id = ?"; $sql = "DELETE FROM user_preferences WHERE user_id = ?";
$stmt = $this->conn->prepare($sql); $stmt = $this->conn->prepare($sql);
$stmt->bind_param("i", $userId); $stmt->bind_param("i", $userId);
@@ -119,7 +128,8 @@ class UserPreferencesModel {
/** /**
* Clear all user preferences cache * Clear all user preferences cache
*/ */
public static function clearCache(): void { public static function clearCache(): void
{
CacheHelper::delete(self::$CACHE_PREFIX); CacheHelper::delete(self::$CACHE_PREFIX);
} }
} }
models/WorkflowModel.php
+18 -8
View File
@@ -1,17 +1,21 @@
<?php <?php
/** /**
* WorkflowModel - Handles status transition workflows and validation * WorkflowModel - Handles status transition workflows and validation
* *
* Uses caching for frequently accessed transition rules since they rarely change. * Uses caching for frequently accessed transition rules since they rarely change.
*/ */
require_once dirname(__DIR__) . '/helpers/CacheHelper.php'; require_once dirname(__DIR__) . '/helpers/CacheHelper.php';
class WorkflowModel { class WorkflowModel
{
private mysqli $conn; private mysqli $conn;
private static string $CACHE_PREFIX = 'workflow'; private static string $CACHE_PREFIX = 'workflow';
private static int $CACHE_TTL = 600; // 10 minutes private static int $CACHE_TTL = 600; // 10 minutes
public function __construct(mysqli $conn) { public function __construct(mysqli $conn)
{
$this->conn = $conn; $this->conn = $conn;
} }
@@ -20,7 +24,8 @@ class WorkflowModel {
* *
* @return array All active transitions indexed by from_status * @return array All active transitions indexed by from_status
*/ */
private function getAllTransitions(): array { private function getAllTransitions(): array
{
return CacheHelper::remember(self::$CACHE_PREFIX, 'all_transitions', function () { return CacheHelper::remember(self::$CACHE_PREFIX, 'all_transitions', function () {
$sql = "SELECT from_status, to_status, requires_comment, requires_admin $sql = "SELECT from_status, to_status, requires_comment, requires_admin
FROM status_transitions FROM status_transitions
@@ -54,7 +59,8 @@ class WorkflowModel {
* @param string $currentStatus Current ticket status * @param string $currentStatus Current ticket status
* @return array Array of allowed transitions with requirements * @return array Array of allowed transitions with requirements
*/ */
public function getAllowedTransitions(string $currentStatus): array { public function getAllowedTransitions(string $currentStatus): array
{
$allTransitions = $this->getAllTransitions(); $allTransitions = $this->getAllTransitions();
if (!isset($allTransitions[$currentStatus])) { if (!isset($allTransitions[$currentStatus])) {
@@ -72,7 +78,8 @@ class WorkflowModel {
* @param bool $isAdmin Whether user is admin * @param bool $isAdmin Whether user is admin
* @return bool True if transition is allowed * @return bool True if transition is allowed
*/ */
public function isTransitionAllowed(string $fromStatus, string $toStatus, bool $isAdmin = false): bool { public function isTransitionAllowed(string $fromStatus, string $toStatus, bool $isAdmin = false): bool
{
// Allow same status (no change) // Allow same status (no change)
if ($fromStatus === $toStatus) { if ($fromStatus === $toStatus) {
return true; return true;
@@ -98,7 +105,8 @@ class WorkflowModel {
* *
* @return array Array of unique status values * @return array Array of unique status values
*/ */
public function getAllStatuses(): array { public function getAllStatuses(): array
{
return CacheHelper::remember(self::$CACHE_PREFIX, 'all_statuses', function () { return CacheHelper::remember(self::$CACHE_PREFIX, 'all_statuses', function () {
$sql = "SELECT DISTINCT from_status as status FROM status_transitions $sql = "SELECT DISTINCT from_status as status FROM status_transitions
UNION UNION
@@ -126,7 +134,8 @@ class WorkflowModel {
* @param string $toStatus Desired status * @param string $toStatus Desired status
* @return array|null Transition requirements or null if not found * @return array|null Transition requirements or null if not found
*/ */
public function getTransitionRequirements(string $fromStatus, string $toStatus): ?array { public function getTransitionRequirements(string $fromStatus, string $toStatus): ?array
{
$allTransitions = $this->getAllTransitions(); $allTransitions = $this->getAllTransitions();
if (!isset($allTransitions[$fromStatus][$toStatus])) { if (!isset($allTransitions[$fromStatus][$toStatus])) {
@@ -143,7 +152,8 @@ class WorkflowModel {
/** /**
* Clear workflow cache (call when transitions are modified) * Clear workflow cache (call when transitions are modified)
*/ */
public static function clearCache(): void { public static function clearCache(): void
{
CacheHelper::delete(self::$CACHE_PREFIX); CacheHelper::delete(self::$CACHE_PREFIX);
} }
} }
views/CreateTicketView.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* CreateTicketView.php New ticket creation form, redesigned for TDS v1.2 * CreateTicketView.php New ticket creation form, redesigned for TDS v1.2
* Variables: $templates (array), $allUsers (array), $error (string|null) * Variables: $templates (array), $allUsers (array), $error (string|null)
views/DashboardView.php
+35 -14
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* DashboardView.php Main ticket dashboard, redesigned for TDS v1.2. * DashboardView.php Main ticket dashboard, redesigned for TDS v1.2.
* *
@@ -53,21 +54,26 @@ if (!empty($_GET['type'])) {
$activeFilters[] = ['type' => 'type', 'value' => $_GET['type'], 'label' => 'Type: ' . htmlspecialchars($_GET['type'])]; $activeFilters[] = ['type' => 'type', 'value' => $_GET['type'], 'label' => 'Type: ' . htmlspecialchars($_GET['type'])];
} }
if (!empty($_GET['assigned_to'])) { if (!empty($_GET['assigned_to'])) {
$label = match($_GET['assigned_to']) { 'unassigned' => 'Unassigned', 'me' => 'Me', default => 'User #' . htmlspecialchars($_GET['assigned_to']) }; $label = match ($_GET['assigned_to']) {
'unassigned' => 'Unassigned', 'me' => 'Me', default => 'User #' . htmlspecialchars($_GET['assigned_to'])
};
$activeFilters[] = ['type' => 'assigned_to', 'value' => $_GET['assigned_to'], 'label' => 'Assigned: ' . $label]; $activeFilters[] = ['type' => 'assigned_to', 'value' => $_GET['assigned_to'], 'label' => 'Assigned: ' . $label];
} }
if (!empty($_GET['created_from']) || !empty($_GET['created_to'])) { if (!empty($_GET['created_from']) || !empty($_GET['created_to'])) {
$from = $_GET['created_from'] ?? ''; $to = $_GET['created_to'] ?? ''; $from = $_GET['created_from'] ?? '';
$to = $_GET['created_to'] ?? '';
$label = $from === $to && $from ? 'Created: ' . $from : 'Created: ' . ($from ?: '…') . ' ' . ($to ?: '…'); $label = $from === $to && $from ? 'Created: ' . $from : 'Created: ' . ($from ?: '…') . ' ' . ($to ?: '…');
$activeFilters[] = ['type' => 'created_from', 'value' => $from, 'label' => $label]; $activeFilters[] = ['type' => 'created_from', 'value' => $from, 'label' => $label];
} }
if (!empty($_GET['updated_from']) || !empty($_GET['updated_to'])) { if (!empty($_GET['updated_from']) || !empty($_GET['updated_to'])) {
$from = $_GET['updated_from'] ?? ''; $to = $_GET['updated_to'] ?? ''; $from = $_GET['updated_from'] ?? '';
$to = $_GET['updated_to'] ?? '';
$label = $from === $to && $from ? 'Updated: ' . $from : 'Updated: ' . ($from ?: '…') . ' ' . ($to ?: '…'); $label = $from === $to && $from ? 'Updated: ' . $from : 'Updated: ' . ($from ?: '…') . ' ' . ($to ?: '…');
$activeFilters[] = ['type' => 'updated_from', 'value' => $from, 'label' => $label]; $activeFilters[] = ['type' => 'updated_from', 'value' => $from, 'label' => $label];
} }
if (!empty($_GET['closed_from']) || !empty($_GET['closed_to'])) { if (!empty($_GET['closed_from']) || !empty($_GET['closed_to'])) {
$from = $_GET['closed_from'] ?? ''; $to = $_GET['closed_to'] ?? ''; $from = $_GET['closed_from'] ?? '';
$to = $_GET['closed_to'] ?? '';
$label = $from === $to && $from ? 'Closed: ' . $from : 'Closed: ' . ($from ?: '…') . ' ' . ($to ?: '…'); $label = $from === $to && $from ? 'Closed: ' . $from : 'Closed: ' . ($from ?: '…') . ' ' . ($to ?: '…');
$activeFilters[] = ['type' => 'closed_from', 'value' => $from, 'label' => $label]; $activeFilters[] = ['type' => 'closed_from', 'value' => $from, 'label' => $label];
} }
@@ -180,15 +186,20 @@ include __DIR__ . '/layout_header.php';
<?php <?php
$avgHours = $stats['avg_resolution_hours'] ?? 0; $avgHours = $stats['avg_resolution_hours'] ?? 0;
if ($avgHours <= 0) { if ($avgHours <= 0) {
$avgDisplay = '—'; $avgUnit = ''; $avgDisplay = '—';
$avgUnit = '';
} elseif ($avgHours < 1) { } elseif ($avgHours < 1) {
$avgDisplay = (string)max(1, (int)round($avgHours * 60)); $avgUnit = 'min'; $avgDisplay = (string)max(1, (int)round($avgHours * 60));
$avgUnit = 'min';
} elseif ($avgHours < 48) { } elseif ($avgHours < 48) {
$avgDisplay = (string)(int)round($avgHours); $avgUnit = 'hr'; $avgDisplay = (string)(int)round($avgHours);
$avgUnit = 'hr';
} elseif ($avgHours < 336) { // <14 days } elseif ($avgHours < 336) { // <14 days
$avgDisplay = number_format($avgHours / 24, 1); $avgUnit = 'days'; $avgDisplay = number_format($avgHours / 24, 1);
$avgUnit = 'days';
} else { } else {
$avgDisplay = number_format($avgHours / 168, 1); $avgUnit = 'wks'; $avgDisplay = number_format($avgHours / 168, 1);
$avgUnit = 'wks';
} }
$avgTitle = $avgHours > 0 ? number_format($avgHours, 1) . ' hours' : 'No data'; $avgTitle = $avgHours > 0 ? number_format($avgHours, 1) . ' hours' : 'No data';
?> ?>
@@ -720,7 +731,9 @@ include __DIR__ . '/layout_header.php';
class="ticket-link"><?= htmlspecialchars($row['ticket_id']) ?></a> class="ticket-link"><?= htmlspecialchars($row['ticket_id']) ?></a>
</td> </td>
<td data-label="Priority" data-col="priority"> <td data-label="Priority" data-col="priority">
<?php $badgeClass = match($pNum) { 1 => 'lt-badge-p1', 2 => 'lt-badge-p2', 3 => 'lt-badge-p3', default => 'lt-badge-p4' }; ?> <?php $badgeClass = match ($pNum) {
1 => 'lt-badge-p1', 2 => 'lt-badge-p2', 3 => 'lt-badge-p3', default => 'lt-badge-p4'
}; ?>
<span class="lt-badge <?= $badgeClass ?>">P<?= $pNum ?></span> <span class="lt-badge <?= $badgeClass ?>">P<?= $pNum ?></span>
</td> </td>
<td data-label="Title" data-col="title" class="col-title"> <td data-label="Title" data-col="title" class="col-title">
@@ -794,7 +807,9 @@ include __DIR__ . '/layout_header.php';
$currentParams['page'] = 1; $currentParams['page'] = 1;
$url1 = htmlspecialchars('?' . http_build_query($currentParams), ENT_QUOTES, 'UTF-8'); $url1 = htmlspecialchars('?' . http_build_query($currentParams), ENT_QUOTES, 'UTF-8');
echo '<button class="lt-btn lt-btn-sm" data-action="navigate" data-url="' . $url1 . '">1</button>'; echo '<button class="lt-btn lt-btn-sm" data-action="navigate" data-url="' . $url1 . '">1</button>';
if ($range[0] > 2) echo '<span class="lt-text-muted lt-text-xs" style="padding:0 0.25rem">&hellip;</span>'; if ($range[0] > 2) {
echo '<span class="lt-text-muted lt-text-xs" style="padding:0 0.25rem">&hellip;</span>';
}
} }
foreach ($range as $i) { foreach ($range as $i) {
$currentParams['page'] = $i; $currentParams['page'] = $i;
@@ -803,7 +818,9 @@ include __DIR__ . '/layout_header.php';
echo '<button class="lt-btn lt-btn-sm' . $activeClass . '" data-action="navigate" data-url="' . $iUrl . '" ' . ($i === $page ? 'aria-current="page"' : '') . '>' . $i . '</button>'; echo '<button class="lt-btn lt-btn-sm' . $activeClass . '" data-action="navigate" data-url="' . $iUrl . '" ' . ($i === $page ? 'aria-current="page"' : '') . '>' . $i . '</button>';
} }
if (!in_array($totalPages, $range)) { if (!in_array($totalPages, $range)) {
if ($range[count($range)-1] < $totalPages - 1) echo '<span class="lt-text-muted lt-text-xs" style="padding:0 0.25rem">&hellip;</span>'; if ($range[count($range) - 1] < $totalPages - 1) {
echo '<span class="lt-text-muted lt-text-xs" style="padding:0 0.25rem">&hellip;</span>';
}
$currentParams['page'] = $totalPages; $currentParams['page'] = $totalPages;
$urlLast = htmlspecialchars('?' . http_build_query($currentParams), ENT_QUOTES, 'UTF-8'); $urlLast = htmlspecialchars('?' . http_build_query($currentParams), ENT_QUOTES, 'UTF-8');
echo '<button class="lt-btn lt-btn-sm" data-action="navigate" data-url="' . $urlLast . '">' . $totalPages . '</button>'; echo '<button class="lt-btn lt-btn-sm" data-action="navigate" data-url="' . $urlLast . '">' . $totalPages . '</button>';
@@ -1086,12 +1103,16 @@ include __DIR__ . '/layout_header.php';
<span class="lt-kv-value lt-flex lt-flex-gap-sm lt-flex-align-center"> <span class="lt-kv-value lt-flex lt-flex-gap-sm lt-flex-align-center">
<select id="adv-priority-min" class="lt-select lt-select-sm"> <select id="adv-priority-min" class="lt-select lt-select-sm">
<option value="">Any</option> <option value="">Any</option>
<?php foreach (range(1,5) as $p): ?><option value="<?= $p ?>">P<?= $p ?></option><?php endforeach ?> <?php foreach (range(1, 5) as $p) :
?><option value="<?= $p ?>">P<?= $p ?></option><?php
endforeach ?>
</select> </select>
<span class="lt-text-xs lt-text-muted">to</span> <span class="lt-text-xs lt-text-muted">to</span>
<select id="adv-priority-max" class="lt-select lt-select-sm"> <select id="adv-priority-max" class="lt-select lt-select-sm">
<option value="">Any</option> <option value="">Any</option>
<?php foreach (range(1,5) as $p): ?><option value="<?= $p ?>">P<?= $p ?></option><?php endforeach ?> <?php foreach (range(1, 5) as $p) :
?><option value="<?= $p ?>">P<?= $p ?></option><?php
endforeach ?>
</select> </select>
</span> </span>
</div> </div>
views/TicketView.php
+88 -69
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* TicketView.php Individual ticket view, redesigned for TDS v1.2 * TicketView.php Individual ticket view, redesigned for TDS v1.2
* Variables: $ticket, $comments (threaded), $timeline, $allUsers, $allowedTransitions * Variables: $ticket, $comments (threaded), $timeline, $allUsers, $allowedTransitions
@@ -20,7 +21,8 @@ $pageScripts = [
]; ];
// Helper functions // Helper functions
function getEventIcon(string $actionType): string { function getEventIcon(string $actionType): string
{
return match ($actionType) { return match ($actionType) {
'create' => '[+]', 'create' => '[+]',
'update' => '[~]', 'update' => '[~]',
@@ -34,16 +36,23 @@ function getEventIcon(string $actionType): string {
}; };
} }
function formatAction(array $event): string { function formatAction(array $event): string
{
$det = $event['details'] ?? []; $det = $event['details'] ?? [];
switch ($event['action_type']) { switch ($event['action_type']) {
case 'create': case 'create':
if (($event['entity_type'] ?? '') === 'comment') return 'posted a comment'; if (($event['entity_type'] ?? '') === 'comment') {
return 'posted a comment';
}
return 'created this ticket'; return 'created this ticket';
case 'comment': return 'posted a comment'; case 'comment':
case 'view': return 'viewed this ticket'; return 'posted a comment';
case 'attachment': return 'uploaded a file'; case 'view':
case 'delete': return 'deleted a comment'; return 'viewed this ticket';
case 'attachment':
return 'uploaded a file';
case 'delete':
return 'deleted a comment';
case 'assign': case 'assign':
if (is_array($det) && isset($det['assigned_to']['to'])) { if (is_array($det) && isset($det['assigned_to']['to'])) {
$to = $det['assigned_to']['to'] ?: 'Unassigned'; $to = $det['assigned_to']['to'] ?: 'Unassigned';
@@ -58,7 +67,9 @@ function formatAction(array $event): string {
case 'update': case 'update':
if (is_array($det)) { if (is_array($det)) {
$fields = array_keys(array_filter($det, fn($v) => is_array($v) && isset($v['from'], $v['to']))); $fields = array_keys(array_filter($det, fn($v) => is_array($v) && isset($v['from'], $v['to'])));
if ($fields) return 'updated ' . implode(', ', array_map(fn($f) => str_replace('_', ' ', $f), $fields)); if ($fields) {
return 'updated ' . implode(', ', array_map(fn($f) => str_replace('_', ' ', $f), $fields));
}
} }
return 'updated this ticket'; return 'updated this ticket';
default: default:
@@ -72,8 +83,11 @@ $ageDays = floor($ageSeconds / 86400);
$ageHours = floor(($ageSeconds % 86400) / 3600); $ageHours = floor(($ageSeconds % 86400) / 3600);
$ageClass = 'lt-text-muted'; $ageClass = 'lt-text-muted';
if ($ticket['status'] !== 'Closed') { if ($ticket['status'] !== 'Closed') {
if ($ageDays >= 10) $ageClass = 'lt-text-danger'; if ($ageDays >= 10) {
elseif ($ageDays >= 5) $ageClass = 'lt-text-amber'; $ageClass = 'lt-text-danger';
} elseif ($ageDays >= 5) {
$ageClass = 'lt-text-amber';
}
} }
$ageStr = $ageDays > 0 $ageStr = $ageDays > 0
? $ageDays . ' day' . ($ageDays !== 1 ? 's' : '') ? $ageDays . ' day' . ($ageDays !== 1 ? 's' : '')
@@ -173,8 +187,12 @@ include __DIR__ . '/layout_header.php';
data-requires-comment="<?= $t['requires_comment'] ? '1' : '0' ?>" data-requires-comment="<?= $t['requires_comment'] ? '1' : '0' ?>"
data-requires-admin="<?= $t['requires_admin'] ? '1' : '0' ?>"> data-requires-admin="<?= $t['requires_admin'] ? '1' : '0' ?>">
<?= htmlspecialchars($t['to_status']) ?> <?= htmlspecialchars($t['to_status']) ?>
<?php if ($t['requires_comment']): ?> *<?php endif ?> <?php if ($t['requires_comment']) :
<?php if ($t['requires_admin']): ?> (Admin)<?php endif ?> ?> *<?php
endif ?>
<?php if ($t['requires_admin']) :
?> (Admin)<?php
endif ?>
</option> </option>
<?php endforeach ?> <?php endforeach ?>
</select> </select>
@@ -193,58 +211,62 @@ include __DIR__ . '/layout_header.php';
<?php if ($priorityNum <= 2 && $ticket['status'] !== 'Closed') : ?> <?php if ($priorityNum <= 2 && $ticket['status'] !== 'Closed') : ?>
<?php <?php
$slaTargetHours = match($priorityNum) { 1 => 8, 2 => 24, default => 72 }; $slaTargetHours = match ($priorityNum) {
1 => 8, 2 => 24, default => 72
};
$elapsedSeconds = time() - strtotime($ticket['created_at']); $elapsedSeconds = time() - strtotime($ticket['created_at']);
$elapsedHours = round($elapsedSeconds / 3600, 1);
$slaPct = min(100, round(($elapsedSeconds / ($slaTargetHours * 3600)) * 100)); $slaPct = min(100, round(($elapsedSeconds / ($slaTargetHours * 3600)) * 100));
$slaBreached = $elapsedSeconds >= ($slaTargetHours * 3600); $slaBreached = $elapsedSeconds >= ($slaTargetHours * 3600);
$alertClass = $priorityNum === 1 ? 'lt-alert--error' : 'lt-alert--warning'; $slaClass = $priorityNum === 1 ? 'lt-sla-p1' : 'lt-sla-p2';
$alertIcon = $priorityNum === 1 ? '[ ! ]' : '[ ~ ]'; $slaIcon = $priorityNum === 1 ? '[ ! ]' : '[ ~ ]';
$alertLabel = $priorityNum === 1 ? 'CRITICAL — P1 Ticket' : 'HIGH PRIORITY — P2 Ticket'; $slaLabel = $priorityNum === 1 ? 'P1 Critical' : 'P2 High';
$progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progress--red' : 'lt-progress--green'); $slaId = 'sla-' . htmlspecialchars($ticket['ticket_id'], ENT_QUOTES, 'UTF-8');
?> ?>
<!-- Priority alert banner P1/P2 only, dismissible per session --> <!-- SLA banner P1/P2 only, dismissible per session -->
<div class="lt-alert <?= $alertClass ?>" id="priorityAlertBanner" <div class="<?= $slaClass ?>" id="priorityAlertBanner" role="alert" aria-live="polite"
role="alert" aria-live="polite" data-sla-id="<?= $slaId ?>"
data-alert-id="priority-banner-<?= htmlspecialchars($ticket['ticket_id']) ?>"
data-created-at="<?= (int)strtotime($ticket['created_at']) ?>" data-created-at="<?= (int)strtotime($ticket['created_at']) ?>"
data-sla-hours="<?= $slaTargetHours ?>" data-sla-hours="<?= $slaTargetHours ?>"
style="margin-bottom:0.75rem"> style="margin-bottom:0.75rem">
<span class="lt-alert-icon" aria-hidden="true"><?= $alertIcon ?></span> <span class="lt-sla-icon" aria-hidden="true"><?= $slaIcon ?></span>
<div class="lt-alert-body"> <div class="lt-sla-info">
<div class="lt-alert-title"><?= $alertLabel ?></div> <div class="lt-sla-title">
<div class="lt-alert-msg"> <?= $slaLabel ?> — SLA: <span id="slaElapsedTimer"></span> elapsed of <?= $slaTargetHours ?>h limit
SLA target: <strong><?= $slaTargetHours ?>h</strong> &mdash; <?php if ($slaBreached) : ?>
Elapsed: <strong id="slaElapsedTimer"><?= $elapsedHours ?>h</strong> &nbsp;<span class="lt-text-danger" id="slaBreachLabel">BREACHED</span>
<?php if (!$slaBreached): ?>
&mdash; Remaining: <strong id="slaCountdownTimer" class="lt-text-cyan"></strong>
<?php else: ?>
&mdash; <span class="lt-text-danger" id="slaCountdownTimer">SLA BREACHED (+<strong id="slaOverrunTimer"><?= round(($elapsedSeconds - $slaTargetHours * 3600) / 3600, 1) ?>h</strong>)</span>
<?php endif ?> <?php endif ?>
<div class="lt-progress lt-progress--sm <?= $progressClass ?>" id="slaProgress" style="margin-top:0.35rem" </div>
aria-label="SLA progress <?= $slaPct ?>%"> <div class="lt-sla-bar" aria-label="SLA progress <?= $slaPct ?>%" id="slaProgress">
<div class="lt-progress-bar" id="slaProgressBar" style="width:<?= $slaPct ?>%"></div> <div class="lt-sla-fill" id="slaProgressBar" style="width:<?= $slaPct ?>%"></div>
</div> </div>
</div> </div>
</div> <?php if (!$slaBreached) : ?>
<button type="button" class="lt-alert-close" data-action="dismiss-priority-banner" aria-label="Dismiss">&#x2715;</button> <div class="lt-sla-meta" id="slaCountdownTimer"></div>
<?php else : ?>
<div class="lt-sla-meta lt-text-danger" id="slaCountdownTimer">+<span id="slaOverrunTimer"><?= round(($elapsedSeconds - $slaTargetHours * 3600) / 3600, 1) ?>h</span> over</div>
<?php endif ?>
<button type="button" class="lt-sla-dismiss" aria-label="Dismiss">&#x2715;</button>
</div> </div>
<script nonce="<?= htmlspecialchars($nonce, ENT_QUOTES, 'UTF-8') ?>"> <script nonce="<?= htmlspecialchars($nonce, ENT_QUOTES, 'UTF-8') ?>">
(function(){ (function(){
var banner = document.getElementById('priorityAlertBanner'); var banner = document.getElementById('priorityAlertBanner');
var id = 'priority-banner-<?= htmlspecialchars($ticket['ticket_id']) ?>'; var id = banner.dataset.slaId;
try { if(sessionStorage.getItem('lt_dismissed_'+id)) banner.classList.add('dismissed'); } catch(e) {} try { if (id && sessionStorage.getItem('lt_sla_dismissed_' + id)) banner.hidden = true; } catch(e) {}
banner.querySelector('.lt-sla-dismiss').addEventListener('click', function() {
banner.hidden = true;
try { if (id) sessionStorage.setItem('lt_sla_dismissed_' + id, '1'); } catch(e) {}
});
// Live SLA timers — start after base.js initialises lt
document.addEventListener('DOMContentLoaded', function() { document.addEventListener('DOMContentLoaded', function() {
if (!banner || banner.classList.contains('dismissed')) return; if (banner.hidden) return;
var createdAt = parseInt(banner.dataset.createdAt, 10) * 1000; var createdAt = parseInt(banner.dataset.createdAt, 10) * 1000;
var slaMs = parseInt(banner.dataset.slaHours, 10) * 3600 * 1000; var slaMs = parseInt(banner.dataset.slaHours, 10) * 3600 * 1000;
var deadline = new Date(createdAt + slaMs); var deadline = new Date(createdAt + slaMs);
var elapsedEl = document.getElementById('slaElapsedTimer'); var elapsedEl = document.getElementById('slaElapsedTimer');
var countdownEl = document.getElementById('slaCountdownTimer'); var countdownEl = document.getElementById('slaCountdownTimer');
var overrunEl = document.getElementById('slaOverrunTimer'); var overrunEl = document.getElementById('slaOverrunTimer');
var progressBar = document.getElementById('slaProgressBar'); var fillBar = document.getElementById('slaProgressBar');
var progressWrap = document.getElementById('slaProgress'); var progressWrap = document.getElementById('slaProgress');
function fmtHMS(ms) { function fmtHMS(ms) {
@@ -260,29 +282,13 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
var pct = Math.min(100, Math.round((elapsed / slaMs) * 100)); var pct = Math.min(100, Math.round((elapsed / slaMs) * 100));
if (elapsedEl) elapsedEl.textContent = fmtHMS(elapsed); if (elapsedEl) elapsedEl.textContent = fmtHMS(elapsed);
if (progressBar) progressBar.style.width = pct + '%'; if (fillBar) fillBar.style.width = pct + '%';
if (progressWrap) progressWrap.setAttribute('aria-label', 'SLA progress ' + pct + '%'); if (progressWrap) progressWrap.setAttribute('aria-label', 'SLA progress ' + pct + '%');
if (remaining > 0) { if (remaining > 0) {
// SLA not yet breached if (countdownEl) countdownEl.textContent = fmtHMS(remaining) + ' remaining';
if (countdownEl) {
countdownEl.textContent = fmtHMS(remaining) + ' remaining';
countdownEl.className = pct >= 75 ? 'lt-text-danger' : 'lt-text-cyan';
}
if (progressWrap && pct >= 75) {
progressWrap.className = progressWrap.className.replace('lt-progress--green','lt-progress--red');
}
} else { } else {
// Breached if (overrunEl) overrunEl.textContent = fmtHMS(-remaining);
if (countdownEl && !overrunEl) {
countdownEl.innerHTML = 'SLA BREACHED (+' + fmtHMS(-remaining) + ')';
countdownEl.className = 'lt-text-danger';
} else if (overrunEl) {
overrunEl.textContent = fmtHMS(-remaining);
}
if (progressWrap && !progressWrap.classList.contains('lt-progress--red')) {
progressWrap.className = progressWrap.className.replace('lt-progress--green','').replace('lt-progress--red','') + ' lt-progress--red';
}
} }
} }
@@ -326,7 +332,9 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
<div class="lt-kv-row"> <div class="lt-kv-row">
<span class="lt-kv-label">Category</span> <span class="lt-kv-label">Category</span>
<span class="lt-kv-value"> <span class="lt-kv-value">
<?php $catColor = match($ticket['category']) { 'Hardware'=>'lt-tag--orange','Software'=>'lt-tag--cyan','Network'=>'lt-tag--purple','Security'=>'lt-tag--red',default=>'' }; ?> <?php $catColor = match ($ticket['category']) {
'Hardware'=>'lt-tag--orange','Software'=>'lt-tag--cyan','Network'=>'lt-tag--purple','Security'=>'lt-tag--red',default=>''
}; ?>
<!-- Read mode tag hidden in edit mode via CSS --> <!-- Read mode tag hidden in edit mode via CSS -->
<span class="lt-tag <?= $catColor ?> read-mode-tag" id="categoryTag" <span class="lt-tag <?= $catColor ?> read-mode-tag" id="categoryTag"
aria-label="Category: <?= htmlspecialchars($ticket['category']) ?>"><?= htmlspecialchars($ticket['category']) ?></span> aria-label="Category: <?= htmlspecialchars($ticket['category']) ?>"><?= htmlspecialchars($ticket['category']) ?></span>
@@ -341,7 +349,9 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
<div class="lt-kv-row"> <div class="lt-kv-row">
<span class="lt-kv-label">Type</span> <span class="lt-kv-label">Type</span>
<span class="lt-kv-value"> <span class="lt-kv-value">
<?php $typeColor = match($ticket['type']) { 'Maintenance'=>'lt-tag--orange','Issue'=>'lt-tag--red','Problem'=>'lt-tag--red','Upgrade'=>'lt-tag--purple','Install'=>'lt-tag--cyan',default=>'' }; ?> <?php $typeColor = match ($ticket['type']) {
'Maintenance'=>'lt-tag--orange','Issue'=>'lt-tag--red','Problem'=>'lt-tag--red','Upgrade'=>'lt-tag--purple','Install'=>'lt-tag--cyan',default=>''
}; ?>
<!-- Read mode tag hidden in edit mode via CSS --> <!-- Read mode tag hidden in edit mode via CSS -->
<span class="lt-tag <?= $typeColor ?> read-mode-tag" id="typeTag" <span class="lt-tag <?= $typeColor ?> read-mode-tag" id="typeTag"
aria-label="Type: <?= htmlspecialchars($ticket['type']) ?>"><?= htmlspecialchars($ticket['type']) ?></span> aria-label="Type: <?= htmlspecialchars($ticket['type']) ?>"><?= htmlspecialchars($ticket['type']) ?></span>
@@ -545,7 +555,8 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
<div class="lt-empty">No comments yet. Be the first to comment.</div> <div class="lt-empty">No comments yet. Be the first to comment.</div>
<?php else : ?> <?php else : ?>
<?php <?php
function renderComment(array $comment, ?int $currentUserId, bool $isAdmin, int $depth = 0): void { function renderComment(array $comment, ?int $currentUserId, bool $isAdmin, int $depth = 0): void
{
$displayName = $comment['display_name_formatted'] ?? $comment['user_name'] ?? 'Unknown User'; $displayName = $comment['display_name_formatted'] ?? $comment['user_name'] ?? 'Unknown User';
$commentId = (int)$comment['comment_id']; $commentId = (int)$comment['comment_id'];
$isOwner = ((int)$comment['user_id'] === (int)$currentUserId); $isOwner = ((int)$comment['user_id'] === (int)$currentUserId);
@@ -569,7 +580,9 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
data-markdown-enabled="<?= $markdownEnabled ? '1' : '0' ?>" data-markdown-enabled="<?= $markdownEnabled ? '1' : '0' ?>"
data-thread-depth="<?= $threadDepth ?>" data-thread-depth="<?= $threadDepth ?>"
data-parent-id="<?= htmlspecialchars((string)($parentId ?? ''), ENT_QUOTES, 'UTF-8') ?>"> data-parent-id="<?= htmlspecialchars((string)($parentId ?? ''), ENT_QUOTES, 'UTF-8') ?>">
<?php if ($parentId): ?><div class="thread-line" aria-hidden="true"></div><?php endif ?> <?php if ($parentId) :
?><div class="thread-line" aria-hidden="true"></div><?php
endif ?>
<div class="comment-content"> <div class="comment-content">
<div class="comment-header lt-flex lt-flex-gap-sm lt-flex-align-center"> <div class="comment-header lt-flex lt-flex-gap-sm lt-flex-align-center">
<div class="lt-avatar lt-avatar--xs <?= $avatarColor ?>" aria-hidden="true"> <div class="lt-avatar lt-avatar--xs <?= $avatarColor ?>" aria-hidden="true">
@@ -627,7 +640,9 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
</div> </div>
<?php <?php
} }
foreach ($comments as $comment): renderComment($comment, $currentUserId, $isAdmin); endforeach; foreach ($comments as $comment) :
renderComment($comment, $currentUserId, $isAdmin);
endforeach;
?> ?>
<?php if ($totalComments > $commentPageSize) : ?> <?php if ($totalComments > $commentPageSize) : ?>
<div id="loadMoreComments" class="lt-flex lt-flex-center lt-mt-md"> <div id="loadMoreComments" class="lt-flex lt-flex-center lt-mt-md">
@@ -801,7 +816,9 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
$parts[] = '<strong>' . htmlspecialchars($k) . ':</strong> ' . htmlspecialchars((string)$v); $parts[] = '<strong>' . htmlspecialchars($k) . ':</strong> ' . htmlspecialchars((string)$v);
} }
} }
if ($parts) echo implode('<br>', $parts); if ($parts) {
echo implode('<br>', $parts);
}
} }
?> ?>
</div> </div>
@@ -897,9 +914,11 @@ $progressClass = $slaBreached ? 'lt-progress--red' : ($slaPct >= 75 ? 'lt-progr
<span class="lt-kv-value"> <span class="lt-kv-value">
<?php <?php
$groups = array_filter(array_map('trim', explode(',', $GLOBALS['currentUser']['groups'] ?? ''))); $groups = array_filter(array_map('trim', explode(',', $GLOBALS['currentUser']['groups'] ?? '')));
if ($groups): foreach ($groups as $g): ?> if ($groups) :
foreach ($groups as $g) : ?>
<span class="lt-badge lt-badge-sm"><?= htmlspecialchars($g) ?></span> <span class="lt-badge lt-badge-sm"><?= htmlspecialchars($g) ?></span>
<?php endforeach; else: ?> <?php endforeach;
else : ?>
<span class="lt-text-muted">None</span> <span class="lt-text-muted">None</span>
<?php endif ?> <?php endif ?>
</span> </span>
views/admin/ApiKeysView.php
+4 -2
View File
@@ -74,7 +74,8 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($apiKeys)) : ?> <?php if (empty($apiKeys)) : ?>
<tr><td colspan="8" class="lt-empty">No API keys found. Generate one above.</td></tr> <tr><td colspan="8" class="lt-empty">No API keys found. Generate one above.</td></tr>
<?php else: foreach ($apiKeys as $key): ?> <?php else :
foreach ($apiKeys as $key) : ?>
<?php $expired = $key['expires_at'] && strtotime($key['expires_at']) < time(); ?> <?php $expired = $key['expires_at'] && strtotime($key['expires_at']) < time(); ?>
<tr id="key-row-<?= (int)$key['api_key_id'] ?>"> <tr id="key-row-<?= (int)$key['api_key_id'] ?>">
<td data-label="Name"><strong><?= htmlspecialchars($key['key_name']) ?></strong></td> <td data-label="Name"><strong><?= htmlspecialchars($key['key_name']) ?></strong></td>
@@ -103,7 +104,8 @@ include __DIR__ . '/../../views/layout_header.php';
<?php endif ?> <?php endif ?>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/admin/AuditLogView.php
+14 -6
View File
@@ -38,11 +38,13 @@ include __DIR__ . '/../../views/layout_header.php';
<label class="lt-label" for="user_id">User</label> <label class="lt-label" for="user_id">User</label>
<select name="user_id" id="user_id" class="lt-select lt-select-sm"> <select name="user_id" id="user_id" class="lt-select lt-select-sm">
<option value="">All Users</option> <option value="">All Users</option>
<?php if (isset($users)): foreach ($users as $u): ?> <?php if (isset($users)) :
foreach ($users as $u) : ?>
<option value="<?= (int)$u['user_id'] ?>" <?= ($filters['user_id'] ?? '') == $u['user_id'] ? 'selected' : '' ?>> <option value="<?= (int)$u['user_id'] ?>" <?= ($filters['user_id'] ?? '') == $u['user_id'] ? 'selected' : '' ?>>
<?= htmlspecialchars($u['display_name'] ?? $u['username']) ?> <?= htmlspecialchars($u['display_name'] ?? $u['username']) ?>
</option> </option>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</select> </select>
</div> </div>
<div class="lt-form-group" style="margin:0"> <div class="lt-form-group" style="margin:0">
@@ -78,7 +80,8 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($auditLogs)) : ?> <?php if (empty($auditLogs)) : ?>
<tr><td colspan="7" class="lt-empty">No audit log entries found.</td></tr> <tr><td colspan="7" class="lt-empty">No audit log entries found.</td></tr>
<?php else: foreach ($auditLogs as $log): ?> <?php else :
foreach ($auditLogs as $log) : ?>
<tr> <tr>
<td data-label="Timestamp" class="lt-text-xs"><?= date('Y-m-d H:i:s', strtotime($log['created_at'])) ?></td> <td data-label="Timestamp" class="lt-text-xs"><?= date('Y-m-d H:i:s', strtotime($log['created_at'])) ?></td>
<td data-label="User"><?= htmlspecialchars($log['display_name'] ?? $log['username'] ?? 'System') ?></td> <td data-label="User"><?= htmlspecialchars($log['display_name'] ?? $log['username'] ?? 'System') ?></td>
@@ -103,7 +106,8 @@ include __DIR__ . '/../../views/layout_header.php';
</td> </td>
<td data-label="IP" class="lt-text-xs lt-text-muted"><?= htmlspecialchars($log['ip_address'] ?? '-') ?></td> <td data-label="IP" class="lt-text-xs lt-text-muted"><?= htmlspecialchars($log['ip_address'] ?? '-') ?></td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
@@ -123,7 +127,9 @@ include __DIR__ . '/../../views/layout_header.php';
if ($start > 1) { if ($start > 1) {
$params['page'] = 1; $params['page'] = 1;
echo '<a href="' . htmlspecialchars('?' . http_build_query($params), ENT_QUOTES, 'UTF-8') . '" class="lt-btn lt-btn-sm">1</a> '; echo '<a href="' . htmlspecialchars('?' . http_build_query($params), ENT_QUOTES, 'UTF-8') . '" class="lt-btn lt-btn-sm">1</a> ';
if ($start > 2) echo '<span class="lt-text-muted lt-text-xs">&hellip;</span>'; if ($start > 2) {
echo '<span class="lt-text-muted lt-text-xs">&hellip;</span>';
}
} }
for ($i = $start; $i <= $end; $i++) { for ($i = $start; $i <= $end; $i++) {
$params['page'] = $i; $params['page'] = $i;
@@ -133,7 +139,9 @@ include __DIR__ . '/../../views/layout_header.php';
echo '<a href="' . $url . '" class="lt-btn lt-btn-sm' . $class . '"' . $curr . '>' . $i . '</a> '; echo '<a href="' . $url . '" class="lt-btn lt-btn-sm' . $class . '"' . $curr . '>' . $i . '</a> ';
} }
if ($end < $totalPages) { if ($end < $totalPages) {
if ($end < $totalPages - 1) echo '<span class="lt-text-muted lt-text-xs">&hellip;</span>'; if ($end < $totalPages - 1) {
echo '<span class="lt-text-muted lt-text-xs">&hellip;</span>';
}
$params['page'] = $totalPages; $params['page'] = $totalPages;
echo '<a href="' . htmlspecialchars('?' . http_build_query($params), ENT_QUOTES, 'UTF-8') . '" class="lt-btn lt-btn-sm">' . $totalPages . '</a> '; echo '<a href="' . htmlspecialchars('?' . http_build_query($params), ENT_QUOTES, 'UTF-8') . '" class="lt-btn lt-btn-sm">' . $totalPages . '</a> ';
} }
views/admin/CustomFieldsView.php
+4 -2
View File
@@ -43,7 +43,8 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($customFields)) : ?> <?php if (empty($customFields)) : ?>
<tr><td colspan="8" class="lt-empty">No custom fields defined. Create fields to extend ticket metadata.</td></tr> <tr><td colspan="8" class="lt-empty">No custom fields defined. Create fields to extend ticket metadata.</td></tr>
<?php else: foreach ($customFields as $field): ?> <?php else :
foreach ($customFields as $field) : ?>
<tr> <tr>
<td data-label="Order" class="lt-text-xs lt-text-muted"><?= (int)$field['display_order'] ?></td> <td data-label="Order" class="lt-text-xs lt-text-muted"><?= (int)$field['display_order'] ?></td>
<td data-label="Field Name"><code class="lt-text-cyan lt-text-xs"><?= htmlspecialchars($field['field_name']) ?></code></td> <td data-label="Field Name"><code class="lt-text-cyan lt-text-xs"><?= htmlspecialchars($field['field_name']) ?></code></td>
@@ -67,7 +68,8 @@ include __DIR__ . '/../../views/layout_header.php';
</div> </div>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/admin/RecurringTicketsView.php
+4 -2
View File
@@ -42,7 +42,8 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($recurringTickets)) : ?> <?php if (empty($recurringTickets)) : ?>
<tr><td colspan="7" class="lt-empty">No recurring tickets configured. Create schedules to auto-generate tickets.</td></tr> <tr><td colspan="7" class="lt-empty">No recurring tickets configured. Create schedules to auto-generate tickets.</td></tr>
<?php else: foreach ($recurringTickets as $rt): ?> <?php else :
foreach ($recurringTickets as $rt) : ?>
<?php <?php
$schedule = ucfirst($rt['schedule_type']); $schedule = ucfirst($rt['schedule_type']);
if ($rt['schedule_type'] === 'weekly') { if ($rt['schedule_type'] === 'weekly') {
@@ -81,7 +82,8 @@ include __DIR__ . '/../../views/layout_header.php';
</div> </div>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/admin/TemplatesView.php
+8 -3
View File
@@ -41,12 +41,16 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($templates)) : ?> <?php if (empty($templates)) : ?>
<tr><td colspan="6" class="lt-empty">No templates defined. Create templates to speed up ticket creation.</td></tr> <tr><td colspan="6" class="lt-empty">No templates defined. Create templates to speed up ticket creation.</td></tr>
<?php else: foreach ($templates as $tpl): ?> <?php else :
foreach ($templates as $tpl) : ?>
<tr> <tr>
<td data-label="Name"><strong><?= htmlspecialchars($tpl['template_name']) ?></strong></td> <td data-label="Name"><strong><?= htmlspecialchars($tpl['template_name']) ?></strong></td>
<td data-label="Category" class="lt-text-xs"><?= htmlspecialchars($tpl['category'] ?? 'Any') ?></td> <td data-label="Category" class="lt-text-xs"><?= htmlspecialchars($tpl['category'] ?? 'Any') ?></td>
<td data-label="Type" class="lt-text-xs"><?= htmlspecialchars($tpl['type'] ?? 'Any') ?></td> <td data-label="Type" class="lt-text-xs"><?= htmlspecialchars($tpl['type'] ?? 'Any') ?></td>
<?php $tp = (int)($tpl['default_priority'] ?? 4); $tBadge = match($tp) { 1 => 'lt-badge-p1', 2 => 'lt-badge-p2', 3 => 'lt-badge-p3', default => 'lt-badge-p4' }; ?> <?php $tp = (int)($tpl['default_priority'] ?? 4);
$tBadge = match ($tp) {
1 => 'lt-badge-p1', 2 => 'lt-badge-p2', 3 => 'lt-badge-p3', default => 'lt-badge-p4'
}; ?>
<td data-label="Priority"><span class="lt-badge <?= $tBadge ?>">P<?= $tp ?></span></td> <td data-label="Priority"><span class="lt-badge <?= $tBadge ?>">P<?= $tp ?></span></td>
<td data-label="Status"> <td data-label="Status">
<span class="lt-status <?= ($tpl['is_active'] ?? 1) ? 'lt-status-open' : 'lt-status-closed' ?>"> <span class="lt-status <?= ($tpl['is_active'] ?? 1) ? 'lt-status-open' : 'lt-status-closed' ?>">
@@ -62,7 +66,8 @@ include __DIR__ . '/../../views/layout_header.php';
</div> </div>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/admin/UserActivityView.php
+4 -2
View File
@@ -91,7 +91,8 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($userStats)) : ?> <?php if (empty($userStats)) : ?>
<tr><td colspan="6" class="lt-empty">No user activity data available.</td></tr> <tr><td colspan="6" class="lt-empty">No user activity data available.</td></tr>
<?php else: foreach ($userStats as $u): ?> <?php else :
foreach ($userStats as $u) : ?>
<tr> <tr>
<td data-label="User"> <td data-label="User">
<strong><?= htmlspecialchars($u['display_name'] ?? $u['username']) ?></strong> <strong><?= htmlspecialchars($u['display_name'] ?? $u['username']) ?></strong>
@@ -107,7 +108,8 @@ include __DIR__ . '/../../views/layout_header.php';
<?= $u['last_activity'] ? date('M d, Y H:i', strtotime($u['last_activity'])) : 'Never' ?> <?= $u['last_activity'] ? date('M d, Y H:i', strtotime($u['last_activity'])) : 'Never' ?>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/admin/WorkflowDesignerView.php
+13 -4
View File
@@ -29,7 +29,13 @@ include __DIR__ . '/../../views/layout_header.php';
foreach ($statuses as $status) : foreach ($statuses as $status) :
$slug = strtolower(str_replace(' ', '-', $status)); $slug = strtolower(str_replace(' ', '-', $status));
$toCount = 0; $toCount = 0;
if (isset($workflows)) { foreach ($workflows as $w) { if ($w['from_status'] === $status) $toCount++; } } if (isset($workflows)) {
foreach ($workflows as $w) {
if ($w['from_status'] === $status) {
$toCount++;
}
}
}
?> ?>
<div class="lt-card lt-text-center"> <div class="lt-card lt-text-center">
<span class="lt-status lt-status-<?= $slug ?>"><?= $status ?></span> <span class="lt-status lt-status-<?= $slug ?>"><?= $status ?></span>
@@ -63,8 +69,10 @@ include __DIR__ . '/../../views/layout_header.php';
<tbody> <tbody>
<?php if (empty($workflows)) : ?> <?php if (empty($workflows)) : ?>
<tr><td colspan="7" class="lt-empty">No transitions defined. Add transitions to enable status changes.</td></tr> <tr><td colspan="7" class="lt-empty">No transitions defined. Add transitions to enable status changes.</td></tr>
<?php else: foreach ($workflows as $wf): ?> <?php else :
<?php $fromSlug = preg_replace('/[^a-z-]/', '', strtolower(str_replace(' ', '-', $wf['from_status']))); $toSlug = preg_replace('/[^a-z-]/', '', strtolower(str_replace(' ', '-', $wf['to_status']))); ?> foreach ($workflows as $wf) : ?>
<?php $fromSlug = preg_replace('/[^a-z-]/', '', strtolower(str_replace(' ', '-', $wf['from_status'])));
$toSlug = preg_replace('/[^a-z-]/', '', strtolower(str_replace(' ', '-', $wf['to_status']))); ?>
<tr> <tr>
<td data-label="From"> <td data-label="From">
<span class="lt-status lt-status-<?= $fromSlug ?>"><?= htmlspecialchars($wf['from_status']) ?></span> <span class="lt-status lt-status-<?= $fromSlug ?>"><?= htmlspecialchars($wf['from_status']) ?></span>
@@ -93,7 +101,8 @@ include __DIR__ . '/../../views/layout_header.php';
</div> </div>
</td> </td>
</tr> </tr>
<?php endforeach; endif ?> <?php endforeach;
endif ?>
</tbody> </tbody>
</table> </table>
</div> </div>
views/layout_footer.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* layout_footer.php Shared bottom-of-page partial for all views. * layout_footer.php Shared bottom-of-page partial for all views.
* *
views/layout_header.php
+1
View File
@@ -1,4 +1,5 @@
<?php <?php
/** /**
* layout_header.php Shared top-of-page partial for all views. * layout_header.php Shared top-of-page partial for all views.
* *