add capability to upload files in ticket creation and update on Integria integration system

2021-10-19 15:32:22 +02:00 · 2021-10-19 15:32:22 +02:00 · 0b033dae74
parent 9d813b729e
commit 0b033dae74
3 changed files with 76 additions and 45 deletions
--- a/pandora_console/include/functions_integriaims.php
+++ b/pandora_console/include/functions_integriaims.php
@ -454,3 +454,49 @@ function get_tickets_integriaims($tickets_filters)

    return $array_get_incidents;
 }
+
+
+function integriaims_upload_file($filename, $incident_id, $file_description)
+{
+    hd('aqui0', true);
+    hd($_FILES, true);
+    if ($_FILES[$filename]['name'] != '') {
+        $filename = io_safe_input($_FILES[$filename]['name']);
+        $filesize = io_safe_input($_FILES[$filename]['size']);
+
+        $extension = pathinfo($filename, PATHINFO_EXTENSION);
+        $invalid_extensions = '/^(bat|exe|cmd|sh|php|php1|php2|php3|php4|php5|pl|cgi|386|dll|com|torrent|js|app|jar|iso|
+            pif|vb|vbscript|wsf|asp|cer|csr|jsp|drv|sys|ade|adp|bas|chm|cpl|crt|csh|fxp|hlp|hta|inf|ins|isp|jse|htaccess|
+            htpasswd|ksh|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|ops|pcd|prg|reg|scr|sct|shb|shs|url|vbe|vbs|wsc|wsf|wsh)$/i';
+        hd('aqui1', true);
+        if (!preg_match($invalid_extensions, $extension)) {
+            hd('aqui2', true);
+            // The following is if you have clamavlib installed.
+            // (php5-clamavlib) and enabled in php.ini
+            // http://www.howtoforge.com/scan_viruses_with_php_clamavlib
+            if (extension_loaded('clamav')) {
+                cl_setlimits(5, 1000, 200, 0, 10485760);
+                $malware = cl_scanfile($_FILES['file']['tmp_name']);
+                if ($malware) {
+                    $error = 'Malware detected: '.$malware.'<br>ClamAV version: '.clam_get_version();
+                    die($error);
+                }
+            }
+
+            $filecontent = base64_encode(file_get_contents($_FILES[$filename]['tmp_name']));
+            hd($filecontent, true);
+            $result_api_call = integria_api_call(null, null, null, null, 'attach_file', [$incident_id, $filename, $filesize, $file_description, $filecontent], false, '', '|;|');
+
+            // API method returns '0' string if success.
+            $file_added = ($result_api_call === '0') ? true : false;
+
+            ui_print_result_message(
+                $file_added,
+                __('File successfully added'),
+                __('File could not be added')
+            );
+        } else {
+            ui_print_error_message(__('File has an invalid extension'));
+        }
+    }
+}
--- a/pandora_console/operation/incidents/configure_integriaims_incident.php
+++ b/pandora_console/operation/incidents/configure_integriaims_incident.php
@ -90,6 +90,7 @@ $incident_creator = get_parameter('creator');
 $incident_status = (int) get_parameter('status');
 $incident_title = events_get_field_value_by_event_id($event_id, get_parameter('incident_title'));
 $incident_content = events_get_field_value_by_event_id($event_id, get_parameter('incident_content'));
+$file_description = get_parameter('file_description');

 // Separator conversions.
 $incident_title = str_replace(',', ':::', $incident_title);
@ -100,7 +101,11 @@ if ($create_incident === true) {
    // Call Integria IMS API method to create an incident.
    $result_api_call = integria_api_call(null, null, null, null, 'create_incident', [$incident_title, $incident_group_id, $incident_criticity_id, $incident_content, '', $incident_type, '', $incident_owner, '0', $incident_status], false, '', ',');

-    // Necessary to explicitly set true if not false because function returns api call result in case of success instead of true value.
+    if ($userfile !== '' && $result_api_call !== false) {
+        integriaims_upload_file('userfile', $result_api_call, $file_description);
+    }
+
+    // Necessary to explicitly set true if not false because function returns result of api call in case of success instead of true value.
    $incident_created_ok = ($result_api_call != false) ? true : false;

    ui_print_result_message(
@ -112,6 +117,10 @@ if ($create_incident === true) {
    // Call Integria IMS API method to update an incident.
    $result_api_call = integria_api_call(null, null, null, null, 'update_incident', [$incident_id_edit, $incident_title, $incident_content, '', $incident_group_id, $incident_criticity_id, 0, $incident_status, $incident_owner, 0, $incident_type], false, '', ',');

+    if ($userfile !== '') {
+        integriaims_upload_file('userfile', $incident_id_edit, $file_description);
+    }
+
    // Necessary to explicitly set true if not false because function returns api call result in case of success instead of true value.
    $incident_updated_ok = ($result_api_call != false) ? true : false;

@ -153,6 +162,7 @@ $table->style[1] = 'width: 33%; padding-right: 50px; padding-left: 50px;';
 $table->style[2] = 'width: 33%; padding-right: 100px; padding-left: 50px;';
 $table->colspan[0][0] = 2;
 $table->colspan[3][0] = 3;
+$table->colspan[5][0] = 3;

 $help_macros = isset($_GET['from_event']) ? ui_print_help_icon('response_macros', true) : '';

@ -303,8 +313,20 @@ $table->data[3][0] .= '<div class="label_select_parent">'.html_print_textarea(
    true
 ).'</div>';

+$table->data[4][0] = '<div class="label_select"><p class="input_label">'.__('File name').':</p>';
+$table->data[4][0] .= html_print_input_file('userfile', true);
+$table->data[5][0] = '<div class="label_select"><p class="input_label">'.__('Description').':</p>';
+$table->data[5][0] .= html_print_textarea(
+    'file_description',
+    3,
+    20,
+    '',
+    '',
+    true
+);
+
 // Print forms and stuff.
-echo '<form id="create_integria_incident_form" name="create_integria_incident_form" method="POST">';
+echo '<form id="create_integria_incident_form" name="create_integria_incident_form" method="POST" enctype="multipart/form-data">';
 html_print_table($table);

 if (!$update) {
--- a/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
+++ b/pandora_console/operation/incidents/dashboard_detail_integriaims_incident.php
@ -90,7 +90,7 @@ $resolution_text = integriaims_get_details('resolution', $resolution);
 $type_text = integriaims_get_details('type', $type);

 // Incident file management.
-$upload_file = get_parameter('upload_file');
+$upload_file = (bool) get_parameter('upload_file');
 $delete_file_id = get_parameter('delete_file');
 $download_file_id = get_parameter('download_file');
 $download_file_name = get_parameter('download_file_name');
@ -121,47 +121,10 @@ $table_files->head[5] = __('Delete');

 $table_files->data = [];

-// Upload file.
-if ($upload_file && ($_FILES['userfile']['name'] != '')) {
-    $filedescription = get_parameter('file_description', __('No description available'));
+$filedescription = get_parameter('file_description', __('No description available'));

-    $filename = io_safe_input($_FILES['userfile']['name']);
-    $filesize = io_safe_input($_FILES['userfile']['size']);
-
-    $extension = pathinfo($filename, PATHINFO_EXTENSION);
-    $invalid_extensions = '/^(bat|exe|cmd|sh|php|php1|php2|php3|php4|php5|pl|cgi|386|dll|com|torrent|js|app|jar|iso|
-        pif|vb|vbscript|wsf|asp|cer|csr|jsp|drv|sys|ade|adp|bas|chm|cpl|crt|csh|fxp|hlp|hta|inf|ins|isp|jse|htaccess|
-        htpasswd|ksh|lnk|mdb|mde|mdt|mdw|msc|msi|msp|mst|ops|pcd|prg|reg|scr|sct|shb|shs|url|vbe|vbs|wsc|wsf|wsh)$/i';
-
-    if (!preg_match($invalid_extensions, $extension)) {
-        // The following is if you have clamavlib installed.
-        // (php5-clamavlib) and enabled in php.ini
-        // http://www.howtoforge.com/scan_viruses_with_php_clamavlib
-        if (extension_loaded('clamav')) {
-            cl_setlimits(5, 1000, 200, 0, 10485760);
-            $malware = cl_scanfile($_FILES['file']['tmp_name']);
-            if ($malware) {
-                $error = 'Malware detected: '.$malware.'<br>ClamAV version: '.clam_get_version();
-                die($error);
-                // On malware, we die because it's not good to handle it
-            }
-        }
-
-        $filecontent = base64_encode(file_get_contents($_FILES['userfile']['tmp_name']));
-
-        $result_api_call = integria_api_call(null, null, null, null, 'attach_file', [$incident_id, $filename, $filesize, $filedescription, $filecontent], false, '', '|;|');
-
-        // API method returns '0' string if success.
-        $file_added = ($result_api_call === '0') ? true : false;
-
-        ui_print_result_message(
-            $file_added,
-            __('File successfully added'),
-            __('File could not be added')
-        );
-    } else {
-        ui_print_error_message(__('File has an invalid extension'));
-    }
+if ($upload_file === true) {
+    integriaims_upload_file('userfile', $incident_id, $filedescription);
 }

 // Delete file.
@ -252,11 +215,11 @@ $table_files_section->data[1][0] .= html_print_textarea(
    true
 );

-$table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submit_button(__('Upload'), 'accion', false, 'class="sub wand"', true).'</div>';
+$table_files_section->data[2][0] .= '<div class="w100p right">'.html_print_submit_button(__('Upload2'), 'accion', false, 'class="sub wand"', true).'</div>';

 $upload_file_form = '<div class="w100p">';

-$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', 1, true);
+$upload_file_form .= '<form method="post" id="file_control" enctype="multipart/form-data">'.'<h4>'.__('Add attachment1').'</h4>'.html_print_table($table_files_section, true).html_print_input_hidden('upload_file', true, true);

 $upload_file_form .= '<h4>'.__('Attached files').'</h4>'.html_print_table($table_files, true).'</form></div>';