Add user search support to AJAX interface

include/ajax.users.php

+<?php
+/*********************************************************************
+    ajax.users.php
+
+    AJAX interface for  users (based on submitted tickets)
+    XXX: osTicket doesn't support user accounts at the moment.
+
+    Peter Rotich <peter@osticket.com>
+    Copyright (c)  2006-2012 osTicket
+    http://www.osticket.com
+
+    Released under the GNU General Public License WITHOUT ANY WARRANTY.
+    See LICENSE.TXT for details.
+
+    vim: expandtab sw=4 ts=4 sts=4:
+**********************************************************************/
+
+if(!defined('INCLUDE_DIR')) die('403');
+
+include_once(INCLUDE_DIR.'class.ticket.php');
+
+class UsersAjaxAPI extends AjaxController {
+   
+    /* Assumes search by emal for now */
+    function search() {
+
+        if(!isset($_REQUEST['q'])) {
+            Http::response(400, 'Query argument is required');
+        }
+
+        $limit = isset($_REQUEST['limit']) ? (int) $_REQUEST['limit']:25;
+        $users=array();
+
+        $sql='SELECT DISTINCT email, name '
+            .' FROM '.TICKET_TABLE
+            .' WHERE email LIKE \'%'.db_input(strtolower($_REQUEST['q']), false).'%\' '
+            .' ORDER BY created '
+            .' LIMIT '.$limit;
+           
+        if(($res=db_query($sql)) && db_num_rows($res)){
+            while(list($email,$name)=db_fetch_row($res)) {
+                $users[] = array('email'=>$email, 'name'=>$name, 'info'=>"$email - $name");
+            }                    
+        }  
+        
+        return $this->encode($users);
+
+    }
+}
+?>

scp/ajax.php

@@ -30,27 +30,28 @@ ini_set('display_startup_errors','0');
 //TODO: disable direct access via the browser? i,e All request must have REFER? 
 if(!defined('INCLUDE_DIR'))	Http::response(500,'config error');
 
-require_once INCLUDE_DIR."/class.dispatcher.php";
-require_once INCLUDE_DIR."/class.ajax.php";
-$dispatcher = patterns("",
-    url("^/kb/", patterns("ajax.kbase.php:KbaseAjaxAPI",
+require_once INCLUDE_DIR.'/class.dispatcher.php';
+require_once INCLUDE_DIR.'/class.ajax.php';
+$dispatcher = patterns('',
+    url('^/kb/', patterns('ajax.kbase.php:KbaseAjaxAPI',
         # Send ticket-id as a query arg => canned-response/33?ticket=83
-        url_get("^canned-response/(?P<id>\d+).(?P<format>json|txt)", "cannedResp"),
-        url_get("^faq/(?P<id>\d+)","faq")
+        url_get('^canned-response/(?P<id>\d+).(?P<format>json|txt)', 'cannedResp'),
+        url_get('^faq/(?P<id>\d+)', 'faq')
     )),
-    url("^/content/", patterns("ajax.content.php:ContentAjaxAPI",
-        url_get("^log/(?P<id>\d+)", 'log'),
-        url_get("^ticket_variables",'ticket_variables')
+    url('^/content/', patterns('ajax.content.php:ContentAjaxAPI',
+        url_get('^log/(?P<id>\d+)', 'log'),
+        url_get('^ticket_variables', 'ticket_variables')
     )),
-    url("^/config/", patterns("ajax.config.php:ConfigAjaxAPI",
-        url_get("^ui",'ui')
+    url('^/config/', patterns('ajax.config.php:ConfigAjaxAPI',
+        url_get('^ui', 'ui')
     )),
-    url_get("^/tickets$", array("ajax.tickets.php:TicketsAjaxAPI", "search")),
-    url("^/ticket/", patterns("ajax.tickets.php:TicketsAjaxAPI",
-        url_get("^(?P<tid>\d+)/preview", "previewTicket"),
-        url_get("^(?P<tid>\d+)/lock", "acquireLock"),
-        url_post("^(?P<tid>\d+)/lock/(?P<id>\d+)/renew", "renewLock"),
-        url_post("^(?P<tid>\d+)/lock/(?P<id>\d+)/release", "releaseLock")
+    url_get('^/users$', array('ajax.users.php:UsersAjaxAPI', 'search')),
+    url_get('^/tickets$', array('ajax.tickets.php:TicketsAjaxAPI', 'search')),
+    url('^/ticket/', patterns('ajax.tickets.php:TicketsAjaxAPI',
+        url_get('^(?P<tid>\d+)/preview', 'previewTicket'),
+        url_get('^(?P<tid>\d+)/lock', 'acquireLock'),
+        url_post('^(?P<tid>\d+)/lock/(?P<id>\d+)/renew', 'renewLock'),
+        url_post('^(?P<tid>\d+)/lock/(?P<id>\d+)/release', 'releaseLock')
     ))
 );